• Title/Summary/Keyword: secret key cryptography

Search Result 70, Processing Time 0.023 seconds

A Forward-Secure Certificate-Based Signature Scheme with Enhanced Security in the Standard Model

  • Lu, Yang;Li, Jiguo
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.3
    • /
    • pp.1502-1522
    • /
    • 2019
  • Leakage of secret keys may be the most devastating problem in public key cryptosystems because it means that all security guarantees are missing. The forward security mechanism allows users to update secret keys frequently without updating public keys. Meanwhile, it ensures that an attacker is unable to derive a user's secret keys for any past time, even if it compromises the user's current secret key. Therefore, it offers an effective cryptographic approach to address the private key leakage problem. As an extension of the forward security mechanism in certificate-based public key cryptography, forward-secure certificate-based signature (FS-CBS) has many appealing merits, such as no key escrow, no secure channel and implicit authentication. Until now, there is only one FS-CBS scheme that does not employ the random oracles. Unfortunately, our cryptanalysis indicates that the scheme is subject to the security vulnerability due to the existential forgery attack from the malicious CA. Our attack demonstrates that a CA can destroy its existential unforgeability by implanting trapdoors in system parameters without knowing the target user's secret key. Therefore, it is fair to say that to design a FS-CBS scheme secure against malicious CAs without lying random oracles is still an unsolved issue. To address this problem, we put forward an enhanced FS-CBS scheme without random oracles. Our FS-CBS scheme not only fixes the security weakness in the original scheme, but also significantly optimizes the scheme efficiency. In the standard model, we formally prove its security under the complexity assumption of the square computational Diffie-Hellman problem. In addition, the comparison with the original FS-CBS scheme shows that our scheme offers stronger security guarantee and enjoys better performance.

Improving the Efficiency and Scalability of Standard Methods for Data Cryptography

  • Abu-Faraj, Mua'ad M.;Alqadi, Ziad A.
    • International Journal of Computer Science & Network Security
    • /
    • v.21 no.12spc
    • /
    • pp.451-458
    • /
    • 2021
  • Providing a secure and effective way to protect confidential and private data is an urgent process, and accordingly, we will present in this research paper a new method, which is called multiple rounds variable block method (MRVB) which depends on the use of a colored image that is kept secret to generate needed work and round keys. This method can be used to encrypt-decrypt data using various lengths private key and data blocks with various sizes. The number of rounds also will be variable starting from one round. MRVB will be implemented and compared with the encryption-decryption standards DES and AES to show the improvements provided by the proposed method in increasing the security level and in increasing the throughput of the process of data cryptography. The generated private key contents will depend on the used image_key and on the selected number of rounds and the selected number of bytes in each block of data.

A Study on the Certification System in Electromic Commerce (전자상거래(電子商去來)의 인증체계(認證體系)에 관한 고찰(考察))

  • Ha, Kang Hun
    • Journal of Arbitration Studies
    • /
    • v.9 no.1
    • /
    • pp.367-390
    • /
    • 1999
  • The basic requirements for conducting electronic commerce include confidentiality, integrity, authentication and authorization. Cryptographic algorithms, make possible use of powerful authentication and encryption methods. Cryptographic techniques offer essential types of services for electronic commerce : authentication, non-repudiation. The oldest form of key-based cryptography is called secret-key or symmetric encryption. Public-key systems offer some advantages. The public key pair can be rapidly distributed. We don't have to send a copy of your public key to all the respondents. Fast cryptographic algorithms for generating message digests are known as one-way hash function. In order to use public-key cryptography, we need to generate a public key and a private key. We could use e-mail to send public key to all the correspondents. A better, trusted way of distributing public keys is to use a certification authority. A certification authority will accept our public key, along with some proof of identity, and serve as a repository of digital certificates. The digital certificate acts like an electronic driver's license. The Korea government is trying to set up the Public Key Infrastructure for certificate authorities. Both governments and the international business community must involve archiving keys with trusted third parties within a key management infrastructure. The archived keys would be managed, secured by governments under due process of law and strict accountability. It is important that all the nations continue efforts to develop an escrowed key in frastructure based on voluntary use and international standards and agreements.

  • PDF

A S/KEY Based Secure Authentication Protocol Using Public Key Cryptography (공개키를 적용한 S/KEY 기반의 안전한 사용자 인증 프로토콜)

  • You, Il-Sun;Cho, Kyung-San
    • The KIPS Transactions:PartC
    • /
    • v.10C no.6
    • /
    • pp.763-768
    • /
    • 2003
  • In this paper, we propose a S/KEY based authentication protocol using smart cards to address the vulnerebilities of both the S/KEY authentication protocol and the secure one-time password protpcol which YEH, SHEN and HWANG proposed [1]. Because out protpcel is based on public key, it can authenticate the server and distribute a session key without any pre-shared secret. Also, it can prevent off-line dictionary attacks by using the randomly generated user is stored in the users smart card. More importantly, it can truly achieve the strength of the S/KEY scheme that no secret information need be stored on the server.

Efficient Key Management Protocol for Secure RTMP Video Streaming toward Trusted Quantum Network

  • Pattaranantakul, Montida;Sanguannam, Kittichai;Sangwongngam, Paramin;Vorakulpipat, Chalee
    • ETRI Journal
    • /
    • v.37 no.4
    • /
    • pp.696-706
    • /
    • 2015
  • This paper presents an achievable secure videoconferencing system based on quantum key encryption in which key management can be directly applied and embedded in a server/client videoconferencing model using, for example, OpenMeeting. A secure key management methodology is proposed to ensure both a trusted quantum network and a secure videoconferencing system. The proposed methodology presents architecture on how to share secret keys between key management servers and distant parties in a secure domain without transmitting any secrets over insecure channels. The advantages of the proposed secure key management methodology overcome the limitations of quantum point-to-point key sharing by simultaneously distributing keys to multiple users; thus, it makes quantum cryptography a more practical and secure solution. The time required for the encryption and decryption may cause a few seconds delay in video transmission, but this proposed method protects against adversary attacks.

Design of protocol for RFID/USN security (RFID/USN 보안을 위한 프로토콜 설계)

  • Park, Sang-Hyun;Park, Sang-Min;Shin, Seung-Ho
    • Journal of the Korea Safety Management & Science
    • /
    • v.9 no.3
    • /
    • pp.103-109
    • /
    • 2007
  • Payment and security requirement are playing an increasingly critical role in RFID system, allegedly the core of the ubiquitous, especially in logistics. Therefore, security technology has been playing essential role gradually unlike the past when only the perception of equipment was considered important technology. The current encoding system allows the access only to the user who has the secret key. Many encoding algorithm has been studied to ensure the security of secret key. Security protocol is the most typical way to authorize appropriate user perception by using the data and secret key to proceed the encoding and transmit it to the system in order to confirm the user. However, RFID system which transmits more than dozens of data per second cannot be used if the algorithm and protocol of the existing wired system are used because the performance will degrade as a consequence. Security protocol needs to be designed in consideration of property of RFID and hardware. In this paper, a protocol was designed using SNEP(Sensor Network Encryption Protocol), the security protocol used for the sensor similar to RFID- not the current system used in wired environment- and ECC (Elliptic Curve Cryptography: oval curve encoding), the encoding algorithm.

Quantum Authentication and Key Distribution protocol based on one-time ID (일회용 ID 기반 양자 인증 및 키 분배 프로토롤)

  • Lee Hwa-Yean;Hong Chang-Ho;Lim Jong-in;Yang Hyung-Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.15 no.2
    • /
    • pp.73-80
    • /
    • 2005
  • We propose a Quantum Authentication and Key distribution protocol based on one-time n using one-way Hash function. The designated users can authenticate each other and the arbitrator using their one-time ID and distribute a quantum secret key using remained GHZ states after authentication procedure. Though the help of the arbitrator is needed in the process of authentication and key distribution, our protocol prevents the arbitrator from finding out the shared secret key even if the arbitrator becomes an active attacker. Unconditional security can be proved in our protocol as the other QKD protocols.

Improvement of Security Cryptography Algorithm in Transport Layer (전달 계층의 보안 암호화 알고리즘 개선)

  • Choi Seung-Kwon;Kim Song-Young;Shin Dong-Hwa;Lee Byong-Rok;Cho Yong-Hwan
    • Proceedings of the Korea Contents Association Conference
    • /
    • 2005.05a
    • /
    • pp.107-111
    • /
    • 2005
  • As Internet grows rapidly and next electronic commerce applications increase, the security is getting more important. Information security to provide secure and reliable information transfer is based on cryptography technique. The proposed ISEED(Improved SEED) algorithm based on block cryptography algorithm which belongs to secret-key algorithm. In terms of efficiency, the round key generation algorithm has been proposed to reduces the time required in encryption and decryption. The algorithm has been implemented as follow. 128-bit key is divided into two 64-bit group to rotate each of them 8-bit on the left side and right side, and then basic arithmetic operation and G function have been applied to 4-word outputs. In the process of converting encryption key which is required in decryption and encryption of key generation algorithm into sub key type, the conversion algorithm is analyzed. As a result, the time consumed to encryption and decryption is reduced by minimizing the number of plain text required differential analysis.

  • PDF

Group Key Exchange over Combined Wired and Wireless Networks

  • Nam, Jung-Hyun;Won, Dong-Ho
    • Journal of Communications and Networks
    • /
    • v.8 no.4
    • /
    • pp.461-474
    • /
    • 2006
  • A group key exchange protocol is a cryptographic primitive that describes how a group of parties communicating over a public network can come up with a common secret key. Due to its significance both in network security and cryptography, the design of secure and efficient group key exchange protocols has attracted many researchers' attention over the years. However, despite all the efforts undertaken, there seems to have been no previous systematic look at the growing problem of key exchange over combined wired and wireless networks which consist of both stationary computers with sufficient computational capabilities and mobile devices with relatively restricted computing resources. In this paper, we present the first group key exchange protocol that is specifically designed to be well suited for this rapidly expanding network environment. Our construction meets simplicity, efficiency, and strong notions of security.

Secure Routing with Time-Space Cryptography for Mobile Ad-Hoc Networks (이동 애드혹 망을 위한 시공간 방식의 보안 라우팅 프로토콜)

  • Joe, In-Whee
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.32 no.1B
    • /
    • pp.11-16
    • /
    • 2007
  • This paper describes the design and performance of a secure routing protocol with time-space cryptography for mobile ad-hoc networks. The proposed time-space scheme works in the time domain for key distribution between source and destination as well as in the space domain for intrusion detection along the route between them. For data authentication, it relies on the symmetric key cryptography due to high efficiency and a secret key is distributed using a time difference from the source to the destination. Also, a one-way hash chain is formed on a hop-by-hop basis to prevent a compromised node or an intruder from manipulating the routing information. In order to evaluate the performance of our routing protocol, we compare it with the existing AODV protocol by simulation under the same conditions. The proposed protocol has been validated using the ns-2 network simulator with wireless and mobility extensions.