Batch Decryption of Encrypted Short Messages and Its Application on Concurrent SSL Handshakes
|
|
- Hilda Sutton
- 8 years ago
- Views:
Transcription
1 Batch Decryption of ncrypted Short Messages and Its Application on Concurrent SSL Handshakes Yongdong Wu and Feng Bao System and Security Department Institute for Infocomm Research 21, Heng Mui Keng Terrace, Singapore, {wydong, Abstract. A public-key cryptosystem is usually used for key management, in particular to session key management. The paper presents a method for handling a batch of concurrent keys with homomorphic publickey cryptosystems such as RSA, Paillier and lgamal. Theorematically, regardless Shacham and Boneh proved that it is impossible to provide batch RSA encryption of messages with a single certificate, the present result is positive when the messages are small. Practically, the present method is compliant to the de facto standard SSL/TLS handshake and increases the SSL system performance. 1 Introduction As a most successful application (e.g., online banking and e-commerce) of public key cryptosystem, SSL/TLS runs at the reliable layer above existing protocols so as to build a session between a server and a client; while DTLS, a datagram capable version of TLS, provides secure transmission over unreliable datagram. At the basic level, SSL/TLS/DTLS protects communications by encrypting messages with a secret key-a large random number known only to the server and client. However, it is time-consuming to share the secret key, especially for the server when there are a lot of concurrent SSL connections. For example, a typical Pentium server (running Linux and Apache) can handle about 322 HTTP connections per second at full capacity but only 24 SSL connections per second; and a Sun 450 (running Solaris and Apache) fell from 500 to 3 connections per second. Therefore, it is in desire to speed up the server s performance. Obviously, a dedicated cryptographic accelerator chip can improve the server performance. Although cryptographic accelerators are becoming inexpensive (e.g., US$1400 for XM2000 from users should certainly not be expected to purchase additional hardware. Naturally, it is preferable to design an algorithm for high volume SSL/TLS Internet servers that offload the processing and bulk ciphering to dedicated servers. Fiat [1] presented an algorithmic approach for speeding up SSL s performance on a heavily-loaded web server by batching the SSL handshake protocol. The algorithm decrypts several ciphertexts in a batch way so as to handle
2 many concurrent SSL sessions. Shacham and Boneh [2] improved the batching performance with the techniques such as CRT and simultaneous multiple exponentiation. Furthermore, they proved that it is impossible to provide batch RSA encryption with a single certificate. However, their batching methods are only valid for RSA algorithm, and are not compatible with the present SSL/TLS protocol because the server must have several certificates. Additionally, the batching methods require very small RSA public exponent e (e = 3, 5, 7, 11,..., 17) for the sake of optimal performance. Despite there are no known theoretical attacks on the cryptosystems with small exponente, it is recommended that e should be sufficiently large 1. In order to provide friendly usage according to the number of concurrent connections, Qi et al. [3] enabled to select the batch size by modelling the user connection request with Markov model. This paper proposes a general method for quickly decrypting encryption of small messages with homomorphic ciphers (i.e., a cipher which has homomorphic property) in an SSL server/client model. It enables that the clients send encrypted messages independently to the server concurrently, and the server will merge the ciphertexts into a new ciphertext. With only one decryption operation, the server can decrypt the new ciphertext into a batched message which will be split into each message. This method is suitable for SSL/TLS server to efficiently process handshake. That is to say, it enables to keep the plain text (mostly the session key) from disclosing. This paper is organized as follows. Section 2 introduces the definitions of batch decryption. Section 3 describes the general construction of batch decryption based on the additive and multiplicative homomorphic cryptosystems. Section 4 shows the example implementations based on RSA-Paillier, Okamoto- Uchiyama, RSA, and lgamal cryptosystems. Section 5 describes the batch method application in SSL handshakes and the performance analysis. A concluding mark is drawn in Section 6. 2 Batch Decryption 2.1 Definitions Definition 1: A cryptosystem S(Setup,, D) is a tuple of PPT (Probabilistic Polynomial Time) algorithms such that: Setup takes as input a security parameter 1 k. It outputs a public key P K and a private key SK. ncrypt takes as input the public key P K, and a message M; it outputs a ciphertext C. Decrypt D takes as input the private key SK and the ciphertext C; it outputs a message M. 1 Recently, Fouque et al. proposed a power analysis attack on small RSA public exponent scheme[4].
3 Definition 2: A batch cryptosystem B b (Setup,, D, Merge, Split) of batch size b over a cryptosystem S(Setup,, D) is a tuple of PPT algorithms which handle several messages simultaneously such that: Setup takes as input a security parameter 1 k. It outputs a public key P K and a private key SK. ncrypt takes as input the public key P K, messages m i, i = 1,..., b b, and an optional public key P K; it outputs ciphertexts c i, i = 1,..., b. Merge takes as input ciphertexts c i, i = 1, 2,..., b b and an optional public key P K; it outputs a batched ciphertext C. Denote as x y a Merge operation between two operands x and y. Decrypt D takes as input the private key SK and the batched ciphertext C; it outputs a batched message M. Split takes as input the batched message M and an optional public key P K; it outputs the plaintexts m i, i = 1, 2,..., b b. For simplicity, we omit P K from the PPT algorithms in the following. Fig.1 illustrates the diagram of server/client model. In the model, a client will encrypt a short message and send the ciphertext to a server. The server will merge the ciphertext to generate a batched ciphertext. With the underlying decryption algorithm, the server will obtain the batched plaintext, and split the batch plaintext to get all the short messages. m 1 m 2 c 1 c 2 merge C D M split m 1 m 2 m b c b m b Fig. 1. Diagram of batch encryption/decryption. Definition 3: Cryptosystem quivalence means that several cryptosystems have the comparative security strength. Strictly speaking, for two equivalent cryptosystems B and S, if an adversary A can break B at a non-negligible probability, A can break S at a non-negligible probability too; and vice versa. Denote as B S two equivalent cryptosystems B and S. 2.2 Attack model Since this paper aims to securely deliver short messages in a server/client model, especially in SSL/TLS handshake session, it targets for CPA (Chosen Plaintext
4 message x (i.e., called as master key in SSL protocol) is 384 which is greater than t = 128, we will select a random m with m = t, and encrypt x with key m according to a symmetric cipher such as AS, then we encrypt m with the public key cipher S( ). The server will batch the encryption of all the keys m, and decrypt m in a batch. Afterwards, the server will recover x with symmetric decryption. 5.3 Batch strategy In normal SSL, the server can start decrypt as soon as ClientKeyxchange message is received. However, in the batch decryption, the server has to wait for b ClientKeyxchange messages. When there are few SSL connection requests (i.e., the server is not busy), both server and client may waste a lot of time. Hence, it is preferable to be flexible in batch size. Concretely, the server creates a queue for the waiting requests. If the server is ready for decryption but the size of waiting queue is smaller than the maximum batch size b, the server will perform batch decryption immediately with the ciphertexts in the queue. 5.4 xperimental result Theoretically, the decryption speed with the present paper is about as k times fast as the conventional one when k ciphertexts are used for batching. For instance, Lemstra et al. [10] pointed out that RSA1024 is at risk after MD5. if we select RSA 1280 and AS 128, and the batch size b = 5, the batch decryption speed is as 5 times fast as direct decryption. In order to test the practical performance, a simulation is executed in Windows XP platform. In the experiment, one computer is used to simulate many clients by sending many requests to a server, and the server will decrypt the ciphertext with the present batch scheme with the maximum batch size. Fig.4 is our experiment result for evaluating performance gain 2. 6 Conclusion As a most successful application of public key crypto-cryptosystem, SSL protocol builds a session between the server and client. The paper enables to decrypt a batch of session keys with only one descrption operation,and hence increases the server performance. In addition to the performance improvement, batch technology also increases the barrier of the remote timing attack [11] since the independent messages from different clients make it hard to estimate the computational time. The present method can be implemented with additive cryptosysem and multiplicative crypto-system with a single certificate. However, the present scheme is not a general counterexample to [2] since it is only applicable for short messages. 2 The simulation and Figure 4 are provided by Shiqun Li, Zhiguo Wang and Fang Qi.
5 Fig. 4. Performance gain in terms of batch size, where accelerate rate is the ratio between conventional decryption time and batch decryption time. References 1. A. Fiat, Batch RSA, Crypto 89, pp , 1989, See also Journal of Cryptology, 10(2):75-88, H. Shacham, and D. Boneh, Improving SSL Handshake Performance via Batching, RSA 2001, Lecture Notes in Computer Science (LNCS), Vol. 2020, pp.28-43, Fang Qi, Weijia Jia, Feng Bao, and Yongdong Wu, Batching SSL/TLS Handshake Improved, ICICS, LNCS 3783, pp , Pierre-Alain Fouque, Sebastien Kunz-Jacques, Gwenaelle Martinet, Frederic Muller and Frederic Valette, Power Attack on Small RSA Public xponent, Workshop on Cryptographic Hardware and mbedded Systems (CHS) Dario Catalano, Rosario Gennaro, Nick Howgrave-Graham, and Phong Q. Nguyen, Paillier s Cryptosystem Revisited, ACM CCS, pp , Tatsuaki Okamoto, and Shigenori Uchiyama, A New Public-Key Cryptosystem as Secure as Factoring, UROCRYPT, LNCS1403, pp , D. Boneh, A. Joux, and P. Nguyen, Why Textbook lgamal and RSA ncryption are Insecure. AsiaCrypt, LNCS 1976, pp , D.Boneh, C. Gentry, B. Lynn, and H. Shacham, Aggregate and verifiably encrypted signatures from bilinear maps, UROCRYPT, LNCS 2656, pp , Feng Bao, Robert Deng, Peirong Feng, Yan Guo, and Hongjun Wu, Secure and Private Distribution of Online Video and several Related cryptographic Issues, the 6th Australasia Conference on Information Security and Privacy (ACISP 2001), LNCS 2119, pp , A. K. Lemstra, and.r. Verheul, Selecting Cryptographic Key Sizes, J. Cryptology, 14(4): , David Brumley, and Dan Boneh, Remote Timing Attacks are Practical, the 12th Usenix Security Symposium, pp.1-13, 2003.
Hey! Cross Check on Computation in Cloud
Hey! Cross Check on Computation in Cloud Ajeet Singh Rajput Computer Science and Engineering Department S.D.B.C.T, Mhow Road,Indore,(M.P), India ajeetsinghrajput@gmail.com M.E.(CSE), S.D.B.C.T, Indore
More informationBatching SSL/TLS Handshake Improved
Batching SSL/TLS Handshake Improved Fang Qi 1,2, Weijia Jia 1,3, Feng Bao 2, and Yongdong Wu 2 1 School of Information Science and Engineering Central South University,Changsha 4183,China csqifang@mail.csu.edu.cn
More informationAnalysis of Privacy-Preserving Element Reduction of Multiset
Analysis of Privacy-Preserving Element Reduction of Multiset Jae Hong Seo 1, HyoJin Yoon 2, Seongan Lim 3, Jung Hee Cheon 4 and Dowon Hong 5 1,4 Department of Mathematical Sciences and ISaC-RIM, Seoul
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationSECURITY ENHANCEMENT OF GROUP SHARING AND PUBLIC AUDITING FOR DATA STORAGE IN CLOUD
SECURITY ENHANCEMENT OF GROUP SHARING AND PUBLIC AUDITING FOR DATA STORAGE IN CLOUD S.REVATHI B.HASEENA M.NOORUL IZZATH PG Student PG Student PG Student II- ME CSE II- ME CSE II- ME CSE Al-Ameen Engineering
More information3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol
Chapter 2: Security Techniques Background Chapter 3: Security on Network and Transport Layer Network Layer: IPSec Transport Layer: SSL/TLS Chapter 4: Security on the Application Layer Chapter 5: Security
More informationA Secure RFID Ticket System For Public Transport
A Secure RFID Ticket System For Public Transport Kun Peng and Feng Bao Institute for Infocomm Research, Singapore Abstract. A secure RFID ticket system for public transport is proposed in this paper. It
More informationAn Efficient Data Security in Cloud Computing Using the RSA Encryption Process Algorithm
An Efficient Data Security in Cloud Computing Using the RSA Encryption Process Algorithm V.Masthanamma 1,G.Lakshmi Preya 2 UG Scholar, Department of Information Technology, Saveetha School of Engineering
More informationChapter 17. Transport-Level Security
Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics
More informationAN EFFICIENT AUDIT SERVICE OUTSOURCING FOR DATA IN TEGRITY IN CLOUDS
AN EFFICIENT AUDIT SERVICE OUTSOURCING FOR DATA IN TEGRITY IN CLOUDS Mrs.K.Saranya, M.E.,(CSE), Jay Shriram Group of Institutions, Tirupur. Saranya17113@gmail.com Dr.S.Rajalakshmi, Associate Professor/CSE,
More informationCRYPTOGRAPHY IN NETWORK SECURITY
ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can
More informationFully homomorphic encryption equating to cloud security: An approach
IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661, p- ISSN: 2278-8727Volume 9, Issue 2 (Jan. - Feb. 2013), PP 46-50 Fully homomorphic encryption equating to cloud security: An approach
More information1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies
1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies Dave Corbett Technical Product Manager Implementing Forward Secrecy 1 Agenda Part 1: Introduction Why is Forward Secrecy important?
More informationSavitribai Phule Pune University
Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter
More informationThe Misuse of RC4 in Microsoft Word and Excel
The Misuse of RC4 in Microsoft Word and Excel Hongjun Wu Institute for Infocomm Research, Singapore hongjun@i2r.a-star.edu.sg Abstract. In this report, we point out a serious security flaw in Microsoft
More informationCloud Data Storage Security and Public Auditing
A Meticulous Description of Applying Watermarking Technique for Secure Cloud Storage 1 M. Guresh, 2 R. Suresh 1 M.Tech 2 nd Year, Department of CSE, CREC Tirupati, AP, India 2 Professor & HOD, Department
More informationAssociate Prof. Dr. Victor Onomza Waziri
BIG DATA ANALYTICS AND DATA SECURITY IN THE CLOUD VIA FULLY HOMOMORPHIC ENCRYPTION Associate Prof. Dr. Victor Onomza Waziri Department of Cyber Security Science, School of ICT, Federal University of Technology,
More information3-6 Toward Realizing Privacy-Preserving IP-Traceback
3-6 Toward Realizing Privacy-Preserving IP-Traceback The IP-traceback technology enables us to trace widely spread illegal users on Internet. However, to deploy this attractive technology, some problems
More informationChapter 7 Transport-Level Security
Cryptography and Network Security Chapter 7 Transport-Level Security Lectured by Nguyễn Đức Thái Outline Web Security Issues Security Socket Layer (SSL) Transport Layer Security (TLS) HTTPS Secure Shell
More informationISSN 2278-3091. Index Terms Cloud computing, outsourcing data, cloud storage security, public auditability
Outsourcing and Discovering Storage Inconsistencies in Cloud Through TPA Sumathi Karanam 1, GL Varaprasad 2 Student, Department of CSE, QIS College of Engineering and Technology, Ongole, AndhraPradesh,India
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure
More informationVoteID 2011 Internet Voting System with Cast as Intended Verification
VoteID 2011 Internet Voting System with Cast as Intended Verification September 2011 VP R&D Jordi Puiggali@scytl.com Index Introduction Proposal Security Conclusions 2. Introduction Client computers could
More informationSECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES
www.arpapress.com/volumes/vol8issue1/ijrras_8_1_10.pdf SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES Malek Jakob Kakish Amman Arab University, Department of Computer Information Systems, P.O.Box 2234,
More informationOverview of CSS SSL. SSL Cryptography Overview CHAPTER
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers
More informationAdvanced Cryptography
Family Name:... First Name:... Section:... Advanced Cryptography Final Exam July 18 th, 2006 Start at 9:15, End at 12:00 This document consists of 12 pages. Instructions Electronic devices are not allowed.
More informationLecture 25: Pairing-Based Cryptography
6.897 Special Topics in Cryptography Instructors: Ran Canetti and Ron Rivest May 5, 2004 Lecture 25: Pairing-Based Cryptography Scribe: Ben Adida 1 Introduction The field of Pairing-Based Cryptography
More informationCryptography and Network Security Chapter 9
Cryptography and Network Security Chapter 9 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 9 Public Key Cryptography and RSA Every Egyptian received two names,
More informationEfficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms
Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms Radhika G #1, K.V.V. Satyanarayana *2, Tejaswi A #3 1,2,3 Dept of CSE, K L University, Vaddeswaram-522502,
More informationAs enterprises conduct more and more
Efficiently handling SSL transactions is one cornerstone of your IT security infrastructure. Do you know how the protocol actually works? Wesley Chou Inside SSL: The Secure Sockets Layer Protocol Inside
More informationIntroduction to Cryptography
Introduction to Cryptography Part 3: real world applications Jean-Sébastien Coron January 2007 Public-key encryption BOB ALICE Insecure M E C C D channel M Alice s public-key Alice s private-key Authentication
More informationPrivacy in Encrypted Content Distribution Using Private Broadcast Encryption
Privacy in Encrypted Content Distribution Using Private Broadcast Encryption Adam Barth 1, Dan Boneh 1, and Brent Waters 2 1 Stanford University, Stanford, CA 94305 {abarth, dabo}@cs.stanford.edu 2 SRI
More informationInternational Journal of Information Technology, Modeling and Computing (IJITMC) Vol.1, No.3,August 2013
FACTORING CRYPTOSYSTEM MODULI WHEN THE CO-FACTORS DIFFERENCE IS BOUNDED Omar Akchiche 1 and Omar Khadir 2 1,2 Laboratory of Mathematics, Cryptography and Mechanics, Fstm, University of Hassan II Mohammedia-Casablanca,
More informationA low-cost Alternative for OAEP
A low-cost Alternative for OAEP Peter Schartner University of Klagenfurt Computer Science System Security peter.schartner@aau.at Technical Report TR-syssec-11-02 Abstract When encryption messages by use
More informationReusable Anonymous Return Channels
Reusable Anonymous Return Channels Philippe Golle Stanford University Stanford, CA 94305, USA pgolle@cs.stanford.edu Markus Jakobsson RSA Laboratories Bedford, MA 01730, USA mjakobsson@rsasecurity.com
More informationComputer System Management: Hosting Servers, Miscellaneous
Computer System Management: Hosting Servers, Miscellaneous Amarjeet Singh October 22, 2012 Partly adopted from Computer System Management Slides by Navpreet Singh Logistics Any doubts on project/hypo explanation
More informationLecture 3: One-Way Encryption, RSA Example
ICS 180: Introduction to Cryptography April 13, 2004 Lecturer: Stanislaw Jarecki Lecture 3: One-Way Encryption, RSA Example 1 LECTURE SUMMARY We look at a different security property one might require
More informationAn Introduction to Identity-based Cryptography CSEP 590TU March 2005 Carl Youngblood
An Introduction to Identity-based Cryptography CSEP 590TU March 2005 Carl Youngblood One significant impediment to the widespread adoption of public-key cryptography is its dependence on a public-key infrastructure
More informationSecurity over Cloud Data through Encryption Standards
Security over Cloud Data through Encryption Standards Santhi Baskaran 1, Surya A 2, Stephen Pius C 3, Sudesh Goud G 4 1 Professor, 2,3,4 Student, Department of Information Technology, Pondicherry Engineering
More informationA Secure Decentralized Access Control Scheme for Data stored in Clouds
A Secure Decentralized Access Control Scheme for Data stored in Clouds Priyanka Palekar 1, Abhijeet Bharate 2, Nisar Anjum 3 1 SKNSITS, University of Pune 2 SKNSITS, University of Pune 3 SKNSITS, University
More informationA Fully Homomorphic Encryption Implementation on Cloud Computing
International Journal of Information & Computation Technology. ISSN 0974-2239 Volume 4, Number 8 (2014), pp. 811-816 International Research Publications House http://www. irphouse.com A Fully Homomorphic
More informationCS 758: Cryptography / Network Security
CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html
More informationSECURE AND EFFICIENT PRIVACY-PRESERVING PUBLIC AUDITING SCHEME FOR CLOUD STORAGE
International Journal of Computer Network and Security(IJCNS) Vol 7. No.1 2015 Pp. 1-8 gopalax Journals, Singapore available at : www.ijcns.com ISSN: 0975-8283 ----------------------------------------------------------------------------------------------------------------------------------------------------------
More informationSECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS
SECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS Abstract: The Single sign-on (SSO) is a new authentication mechanism that enables a legal user with a single credential
More informationPaillier Threshold Encryption Toolbox
Paillier Threshold Encryption Toolbox October 23, 2010 1 Introduction Following a desire for secure (encrypted) multiparty computation, the University of Texas at Dallas Data Security and Privacy Lab created
More informationA Survey on Optimistic Fair Digital Signature Exchange Protocols
A Survey on Optimistic Fair Digital Signature Exchange s Alfin Abraham Vinodh Ewards Harlay Maria Mathew Abstract Security services become crucial to many applications such as e-commerce payment protocols,
More informationTransport Level Security
Transport Level Security Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/
More informationHomomorphic Encryption Method Applied to Cloud Computing
International Journal of Information & Computation Technology. ISSN 0974-2239 Volume 4, Number 15 (2014), pp. 1519-1530 International Research Publications House http://www. irphouse.com Homomorphic Encryption
More informationSecure Socket Layer (SSL) and Transport Layer Security (TLS)
Secure Socket Layer (SSL) and Transport Layer Security (TLS) Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available
More informationSheltered Multi-Owner Data distribution For vibrant Groups in the Cloud
Sheltered Multi-Owner Data distribution For vibrant Groups in the Cloud I.sriram murthy 1 N.Jagajeevan 2 II M-Tech student Assistant.Professor Department of computer science & Engineering Department of
More informationSecure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213
Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213 UNCLASSIFIED Example http ://www. greatstuf f. com Wants credit card number ^ Look at lock on browser Use https
More informationThree attacks in SSL protocol and their solutions
Three attacks in SSL protocol and their solutions Hong lei Zhang Department of Computer Science The University of Auckland zhon003@ec.auckland.ac.nz Abstract Secure Socket Layer (SSL) and Transport Layer
More informationHighly Secure Data Sharing in Cloud Storage using Key-Pair Cryptosystem
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 4, Issue. 10, October 2015,
More informationA Proposal for Authenticated Key Recovery System 1
A Proposal for Authenticated Key Recovery System 1 Tsuyoshi Nishioka a, Kanta Matsuura a, Yuliang Zheng b,c, and Hideki Imai b a Information & Communication Business Div. ADVANCE Co., Ltd. 5-7 Nihombashi
More informationSecure Group Oriented Data Access Model with Keyword Search Property in Cloud Computing Environment
Secure Group Oriented Data Access Model with Keyword Search Property in Cloud Computing Environment Chih Hung Wang Computer Science and Information Engineering National Chiayi University Chiayi City 60004,
More informationKeywords: Authentication, Third party audit, cloud storage, cloud service provider, Access control.
Volume 5, Issue 3, March 2015 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Identity Based
More informationAttribute Based Encryption with Privacy Preserving In Clouds
Attribute Based Encryption with Privacy Preserving In Clouds M. Suriyapriya 1, A. Joicy 2 PG Scholar 1 Assistant Professor CSE Department 2 St.Joseph College of Engineering Sriperumbudur, Chennai-602105
More informationSecurity Policy for Oracle Advanced Security Option Cryptographic Module
Security Policy for Oracle Advanced Security Option Cryptographic Module Version 1.0 September 1999 Prepared by Oracle Corporation A. Scope of Document This document describes the security policy for the
More informationExperimental Analysis of Privacy-Preserving Statistics Computation
Experimental Analysis of Privacy-Preserving Statistics Computation Hiranmayee Subramaniam 1, Rebecca N. Wright 2, and Zhiqiang Yang 2 1 Stevens Institute of Technology graduate, hiran@polypaths.com. 2
More informationFAREY FRACTION BASED VECTOR PROCESSING FOR SECURE DATA TRANSMISSION
FAREY FRACTION BASED VECTOR PROCESSING FOR SECURE DATA TRANSMISSION INTRODUCTION GANESH ESWAR KUMAR. P Dr. M.G.R University, Maduravoyal, Chennai. Email: geswarkumar@gmail.com Every day, millions of people
More informationCIS 5371 Cryptography. 8. Encryption --
CIS 5371 Cryptography p y 8. Encryption -- Asymmetric Techniques Textbook encryption algorithms In this chapter, security (confidentiality) is considered in the following sense: All-or-nothing secrecy.
More informationNetwork Security Essentials Chapter 5
Network Security Essentials Chapter 5 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 5 Transport-Level Security Use your mentality Wake up to reality From the song, "I've Got
More informationEfficient and Robust Secure Aggregation of Encrypted Data in Wireless Sensor Networks
Efficient and Robust Secure Aggregation of Encrypted Data in Wireless Sensor Networks J. M. BAHI, C. GUYEUX, and A. MAKHOUL Computer Science Laboratory LIFC University of Franche-Comté Journée thématique
More informationAn Efficient and Light weight Secure Framework for Applications of Cloud Environment using Identity Encryption Method
An Efficient and Light weight Secure Framework for Applications of Cloud Environment using Identity Encryption Method E.Sathiyamoorthy 1, S.S.Manivannan 2 1&2 School of Information Technology and Engineering
More informationSecurity Protocols/Standards
Security Protocols/Standards Security Protocols/Standards Security Protocols/Standards How do we actually communicate securely across a hostile network? Provide integrity, confidentiality, authenticity
More informationStrengthen RFID Tags Security Using New Data Structure
International Journal of Control and Automation 51 Strengthen RFID Tags Security Using New Data Structure Yan Liang and Chunming Rong Department of Electrical Engineering and Computer Science, University
More informationVictor Shoup Avi Rubin. fshoup,rubing@bellcore.com. Abstract
Session Key Distribution Using Smart Cards Victor Shoup Avi Rubin Bellcore, 445 South St., Morristown, NJ 07960 fshoup,rubing@bellcore.com Abstract In this paper, we investigate a method by which smart
More informationAN EFFECTIVE STUDY ON IMPROVED DATA AUTHENTICATION IN CLOUD SYSTEM
INTERNATIONAL JOURNAL OF ADVANCED RESEARCH IN ENGINEERING AND SCIENCE AN EFFECTIVE STUDY ON IMPROVED DATA AUTHENTICATION IN CLOUD SYSTEM Bairu Ravi 1, B.Ramya 2 1 M.Tech Student, Dept of CSE, Arjun College
More informationKeyword Search over Shared Cloud Data without Secure Channel or Authority
Keyword Search over Shared Cloud Data without Secure Channel or Authority Yilun Wu, Jinshu Su, and Baochun Li College of Computer, National University of Defense Technology, Changsha, Hunan, China Department
More informationImproving data integrity on cloud storage services
International Journal of Engineering Science Invention ISSN (Online): 2319 6734, ISSN (Print): 2319 6726 Volume 2 Issue 2 ǁ February. 2013 ǁ PP.49-55 Improving data integrity on cloud storage services
More informationChapter 10. Network Security
Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce
More informationEDA385 Embedded Systems Design. Advanced Course
EDA385 Embedded Systems Design. Advanced Course Encryption for Embedded Systems Supervised by Flavius Gruian Submitted by Ahmed Mohammed Youssef (aso10ayo) Mohammed Shaaban Ibraheem Ali (aso10mib) Orges
More informationMathematical Model Based Total Security System with Qualitative and Quantitative Data of Human
Int Jr of Mathematics Sciences & Applications Vol3, No1, January-June 2013 Copyright Mind Reader Publications ISSN No: 2230-9888 wwwjournalshubcom Mathematical Model Based Total Security System with Qualitative
More informationCSE/EE 461 Lecture 23
CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data
More informationSecure Large-Scale Bingo
Secure Large-Scale Bingo Antoni Martínez-Ballesté, Francesc Sebé and Josep Domingo-Ferrer Universitat Rovira i Virgili, Dept. of Computer Engineering and Maths, Av. Països Catalans 26, E-43007 Tarragona,
More informationLecture 9: Application of Cryptography
Lecture topics Cryptography basics Using SSL to secure communication links in J2EE programs Programmatic use of cryptography in Java Cryptography basics Encryption Transformation of data into a form that
More informationProtocol Rollback and Network Security
CSE 484 / CSE M 584 (Spring 2012) Protocol Rollback and Network Security Tadayoshi Kohno Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee,
More informationSSL A discussion of the Secure Socket Layer
www.harmonysecurity.com info@harmonysecurity.com SSL A discussion of the Secure Socket Layer By Stephen Fewer Contents 1 Introduction 2 2 Encryption Techniques 3 3 Protocol Overview 3 3.1 The SSL Record
More informationNew Efficient Searchable Encryption Schemes from Bilinear Pairings
International Journal of Network Security, Vol.10, No.1, PP.25 31, Jan. 2010 25 New Efficient Searchable Encryption Schemes from Bilinear Pairings Chunxiang Gu and Yuefei Zhu (Corresponding author: Chunxiang
More informationA COMPARATIVE STUDY OF SECURE SEARCH PROTOCOLS IN PAY- AS-YOU-GO CLOUDS
A COMPARATIVE STUDY OF SECURE SEARCH PROTOCOLS IN PAY- AS-YOU-GO CLOUDS V. Anand 1, Ahmed Abdul Moiz Qyser 2 1 Muffakham Jah College of Engineering and Technology, Hyderabad, India 2 Muffakham Jah College
More informationSecurity. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key
Friends and Enemies Security Outline Encryption lgorithms Protocols Message Integrity Protocols Key Distribution Firewalls Figure 7.1 goes here ob, lice want to communicate securely Trudy, the intruder
More informationNEW CRYPTOGRAPHIC CHALLENGES IN CLOUD COMPUTING ERA
THE PUBLISHING HOUSE PROCEEDINGS OF THE ROMANIAN ACADEMY, Series A, OF THE ROMANIAN ACADEMY Volume 14, Number 1/2013, pp. 72 77 NEW CRYPTOGRAPHIC CHALLENGES IN CLOUD COMPUTING ERA Laurenţiu BURDUŞEL Politehnica
More informationEFFICIENT AND SECURE ATTRIBUTE REVOCATION OF DATA IN MULTI-AUTHORITY CLOUD STORAGE
EFFICIENT AND SECURE ATTRIBUTE REVOCATION OF DATA IN MULTI-AUTHORITY CLOUD STORAGE Reshma Mary Abraham and P. Sriramya Computer Science Engineering, Saveetha University, Chennai, India E-Mail: reshmamaryabraham@gmail.com
More informationTLS handshake method based on SIP
Proceedings of the International Multiconference on ISSN 1896-7094 Computer Science and Information Technology, pp. 467 475 2006 PIPS TLS handshake method based on SIP Tadashi Kaji 1, Kazuyoshi Hoshino
More informationDealing Cards in Poker Games
1 Dealing Cards in Poker Games Philippe Golle Palo Alto Research Center pgolle@parc.com Abstract This paper proposes a new protocol for shuffling and dealing cards, that is designed specifically for games
More informationALGORITHM DESIGN OF SECURE DATA MESSAGE TRANSMISSION BASED ON OPENSSL AND VPN
ALGORITHM DESIGN OF SECURE DATA MESSAGE TRANSMISSION BASED ON OPENSSL AND VPN SHI-HAI ZHU Department of Computer and Information Engineering, Zhejiang Water Conservancy and Hydropower College Hangzhou,
More informationSoftware Tool for Implementing RSA Algorithm
Software Tool for Implementing RSA Algorithm Adriana Borodzhieva, Plamen Manoilov Rousse University Angel Kanchev, Rousse, Bulgaria Abstract: RSA is one of the most-common used algorithms for public-key
More informationComputer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt
Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt 1 Lecture 11: Network Security Reference: Chapter 8 - Computer Networks, Andrew S. Tanenbaum, 4th Edition, Prentice
More informationNetwork Security Technology Network Management
COMPUTER NETWORKS Network Security Technology Network Management Source Encryption E(K,P) Decryption D(K,C) Destination The author of these slides is Dr. Mark Pullen of George Mason University. Permission
More informationData Grid Privacy and Secure Storage Service in Cloud Computing
Data Grid Privacy and Secure Storage Service in Cloud Computing L.Revathi 1, S.Karthikeyan 2 1 Research Scholar, Department of Computer Applications, Dr. M.G.R. Educational and Research Institute University,
More informationEnd-to-End Security in Wireless Sensor Networks (WSNs) Talk by Claudio Anliker Supervised by Dr. Corinna Schmitt CSG@IFI, University of Zurich
End-to-End Security in Wireless Sensor (WSNs) Talk by Supervised by Dr. Corinna Schmitt CSG@IFI, University of Zurich Content 1. Motivation 2. Security Issues and Principles 3. Internet-of-Things and Wireless
More informationOOo Digital Signatures. Malte Timmermann Technical Architect Sun Microsystems GmbH
OOo Digital Signatures Malte Timmermann Technical Architect Sun Microsystems GmbH About the Speaker Technical Architect in OpenOffice.org/StarOffice development OOo/StarOffice developer since 1991/94 Main
More informationLecture 17: Re-encryption
600.641 Special Topics in Theoretical Cryptography April 2, 2007 Instructor: Susan Hohenberger Lecture 17: Re-encryption Scribe: Zachary Scott Today s lecture was given by Matt Green. 1 Motivation Proxy
More informationIntroduction. Digital Signature
Introduction Electronic transactions and activities taken place over Internet need to be protected against all kinds of interference, accidental or malicious. The general task of the information technology
More informationSECURE CLOUD STORAGE PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD
Volume 1, Issue 7, PP:, JAN JUL 2015. SECURE CLOUD STORAGE PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD B ANNAPURNA 1*, G RAVI 2*, 1. II-M.Tech Student, MRCET 2. Assoc. Prof, Dept.
More informationMessage Authentication Code
Message Authentication Code Ali El Kaafarani Mathematical Institute Oxford University 1 of 44 Outline 1 CBC-MAC 2 Authenticated Encryption 3 Padding Oracle Attacks 4 Information Theoretic MACs 2 of 44
More informationEfficient Unlinkable Secret Handshakes for Anonymous Communications
보안공학연구논문지 (Journal of Security Engineering), 제 7권 제 6호 2010년 12월 Efficient Unlinkable Secret Handshakes for Anonymous Communications Eun-Kyung Ryu 1), Kee-Young Yoo 2), Keum-Sook Ha 3) Abstract The technique
More informationSurvey on Efficient Information Retrieval for Ranked Query in Cost-Efficient Clouds
Survey on Efficient Information Retrieval for Ranked Query in Cost-Efficient Clouds Ms. Jyotsna T. Kumbhar 1 ME Student, Department of Computer Engineering, TSSM S, P.V.P.I.T., Bavdhan, Pune University,
More informationDATA SECURITY IN CLOUD USING ADVANCED SECURE DE-DUPLICATION
DATA SECURITY IN CLOUD USING ADVANCED SECURE DE-DUPLICATION Hasna.R 1, S.Sangeetha 2 1 PG Scholar, Dhanalakshmi Srinivasan College of Engineering, Coimbatore. 2 Assistant Professor, Dhanalakshmi Srinivasan
More informationA New and Efficient Signature on Commitment Values
International Journal of Network Security, Vol.7, No., PP.0 06, July 2008 0 A New and Efficient Signature on Commitment Values Fangguo Zhang,3, Xiaofeng Chen 2,3, Yi Mu 4, and Willy Susilo 4 (Corresponding
More information