Efficient and Robust Secure Aggregation of Encrypted Data in Wireless Sensor Networks


 Ashley Young
 3 years ago
 Views:
Transcription
1 Efficient and Robust Secure Aggregation of Encrypted Data in Wireless Sensor Networks J. M. BAHI, C. GUYEUX, and A. MAKHOUL Computer Science Laboratory LIFC University of FrancheComté Journée thématique PHC/ResCom June 25th 2010, Bayonne, France J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 1 / 28
2 Synopsis Introduction 1 Introduction J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 2 / 28
3 Synopsis Introduction Secure Data Aggregation in WSN The Problem : Requirements, and Solutions 1 Introduction Secure Data Aggregation in WSN The Problem : Requirements, and Solutions J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 3 / 28
4 Introduction Secure Data Aggregation in WSN The Problem : Requirements, and Solutions Wireless Sensor Networks (WSN) WSN are used to monitor regions, detect events, acquire information... Illustrating Example Sink Sensor nodes J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 4 / 28
5 Introduction Secure Data Aggregation in WSN The Problem : Requirements, and Solutions Wireless Sensor Networks (WSN) WSN are used to monitor regions, detect events, acquire information... An aggregation approach can be applied. Illustrating Example Aggregation Sink (base station) Aggregation Aggregators Aggregation Aggregators Collecting data Normal Sensors J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 4 / 28
6 Introduction Secure Data Aggregation in WSN The Problem : Requirements, and Solutions Wireless Sensor Networks (WSN) Usually the carried information contains confidential data. An endtoend secure aggregation approach is then required. Possible solution : endtoend encryption schemes that support operations over ciphertext. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 5 / 28
7 Secure data aggregation in WSN Secure Data Aggregation in WSN The Problem : Requirements, and Solutions Decryption & Aggregation Sink (base station) Aggregation over cypher text Aggregators Aggregation over cypher text Aggregators Collecting data & Encryption Normal Sensors J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 6 / 28
8 The Problem : requirements Secure Data Aggregation in WSN The Problem : Requirements, and Solutions The Problem : reasonable needs 1 Security and privacy are required during communications. 2 These security and privacy must be guaranteed (proven). 3 A wide range of aggregation functions should be offered. 4 The aggregation must not raise any security issues. 5 Computation and communication costs must be low. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 7 / 28
9 The Problem : our solution Secure Data Aggregation in WSN The Problem : Requirements, and Solutions A possible solution 1 Encryption security and privacy for communications. 2 Encryption over elliptic curves (ECC) low costs for computations and communications. 3 Homomorphic encryption over elliptic curves secure aggregation. 4 Fully homomorphic encryption over elliptic curves wide range of aggregation functions. 5 Fully homomorphic ECC with a proven security (and which has not been cryptanalyzed) a solution. Until now, the sole candidate is the cryptosystem of Boneh et al. [1]. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 8 / 28
10 The Problem : our solution Secure Data Aggregation in WSN The Problem : Requirements, and Solutions A possible solution 1 Encryption security and privacy for communications. 2 Encryption over elliptic curves (ECC) low costs for computations and communications. 3 Homomorphic encryption over elliptic curves secure aggregation. 4 Fully homomorphic encryption over elliptic curves wide range of aggregation functions. 5 Fully homomorphic ECC with a proven security (and which has not been cryptanalyzed) a solution. Until now, the sole candidate is the cryptosystem of Boneh et al. [1]. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 8 / 28
11 The Problem : our solution Secure Data Aggregation in WSN The Problem : Requirements, and Solutions A possible solution 1 Encryption security and privacy for communications. 2 Encryption over elliptic curves (ECC) low costs for computations and communications. 3 Homomorphic encryption over elliptic curves secure aggregation. 4 Fully homomorphic encryption over elliptic curves wide range of aggregation functions. 5 Fully homomorphic ECC with a proven security (and which has not been cryptanalyzed) a solution. Until now, the sole candidate is the cryptosystem of Boneh et al. [1]. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 8 / 28
12 The Problem : our solution Secure Data Aggregation in WSN The Problem : Requirements, and Solutions A possible solution 1 Encryption security and privacy for communications. 2 Encryption over elliptic curves (ECC) low costs for computations and communications. 3 Homomorphic encryption over elliptic curves secure aggregation. 4 Fully homomorphic encryption over elliptic curves wide range of aggregation functions. 5 Fully homomorphic ECC with a proven security (and which has not been cryptanalyzed) a solution. Until now, the sole candidate is the cryptosystem of Boneh et al. [1]. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 8 / 28
13 The Problem : our solution Secure Data Aggregation in WSN The Problem : Requirements, and Solutions A possible solution 1 Encryption security and privacy for communications. 2 Encryption over elliptic curves (ECC) low costs for computations and communications. 3 Homomorphic encryption over elliptic curves secure aggregation. 4 Fully homomorphic encryption over elliptic curves wide range of aggregation functions. 5 Fully homomorphic ECC with a proven security (and which has not been cryptanalyzed) a solution. Until now, the sole candidate is the cryptosystem of Boneh et al. [1]. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 8 / 28
14 The Problem : our solution Secure Data Aggregation in WSN The Problem : Requirements, and Solutions A possible solution 1 Encryption security and privacy for communications. 2 Encryption over elliptic curves (ECC) low costs for computations and communications. 3 Homomorphic encryption over elliptic curves secure aggregation. 4 Fully homomorphic encryption over elliptic curves wide range of aggregation functions. 5 Fully homomorphic ECC with a proven security (and which has not been cryptanalyzed) a solution. Until now, the sole candidate is the cryptosystem of Boneh et al. [1]. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 8 / 28
15 Synopsis Introduction Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) 1 Introduction 2 Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) 3 4 J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 9 / 28
16 Preliminaries (sink level) Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) Offline operations For each aggregator, public and private keys are generated by the sink. Each aggregator node embeds its public key. Thus, sensor nodes and aggregators are deployed. Various clustering methods are possible : homogeneous, by using a distance, etc. Sensor nodes take their public key from their aggregator. Public keys can be updated online. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 10 / 28
17 Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) Generating the private key (sink level) Generation stages Let τ > 0 be an integer called security parameter. Generate two τbits prime numbers : q 1 and q 2. Let n = q 1 q 2 and l denotes the smallest positive integer such that : p = l n 1 is prime, p = 2 (mod 3). Private key The private key is q 1. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 11 / 28
18 Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) Generating the public key (sink level) Generation stages Let H be the group of points of the supersingular elliptic curve y 2 = x defined over F p. H consists of p + 1 = n l points, and thus has a subgroup of order n, we call it G. Let g and u denote two generators of G and h = q 2 u. Public key The public key is the tuple : (n, G, g, h). J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 12 / 28
19 Key size Introduction Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) Comparison of the key sizes For being secure until 2020, a cryptosystem [3] : must have p 2 161, for EC systems over F p, must satisfy p for classical asymmetric systems, such as RSA or ElGamal on F p. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 13 / 28
20 Encryption of a data (sensor level) Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) The encryption of a value The message space is the set M = {0, 1,..., T }, where T < q 2. To encrypt m M : 1 Pick an integer r into [0, n 1]. 2 Compute the ciphertext : C = m g + r h G. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 14 / 28
21 Size of the cryptograms Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) How to reduce the size of the cryptograms We suppose that messages are constituted by 40 bits. The cryptogram is an element (x, y) of E, so it has an average of 160 bits. y 2 = x 3 + 1, so the cryptogram (x, y) can be compressed to (x, y mod 2)). We obtain cryptograms with an average of 81 bits long. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 15 / 28
22 Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) Additions over ciphertexts (aggregator level) The addition over ciphertexts let m 1 and m 2 be two messages and C 1, C 2 their ciphertexts. The sum C of C 1 and C 2, is equal to C 1 + C 2 + r h where : Decryption stage r is an integer randomly chosen in [0, n 1], h = q 2 u as presented in the previous section. The decryption of C is equal to m 1 + m 2. The addition operation can be done several times over ciphertexts. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 16 / 28
23 Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) Multiplication of two ciphertexts (aggregator level) The multiplication of two ciphertexts Let : g, h be the points of G as defined previously, E denotes the wellknown Weil pairing (Miller s algorithm), e(p, Q) = E(x P, Q) the modified Weil pairing, where x is a root of X 3 1 on F p 2. The multiplication C m of two encrypted messages C 1, C 2 is equal to e(c 1, C 2 ) + r h 1, where : h 1 = e(g, h), r is a random integer pick in [1, n]. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 17 / 28
24 Examples of use Introduction Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) Examples of aggregation functions through ciphertexts Arithmetic and weighted mean. Variance. Multiplication weighting. etc. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 18 / 28
25 Decryption of ciphertexts Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) Decryption stages (sink level) To decrypt C : Compute log q1 g q 1 C, to obtain m. (q 1 is the private key, log the discrete logarithm). Decryption complexity Decryption takes expected time T using Pollard s lambda method. This can be speedup by precomputing a table of powers of q 1 g. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 19 / 28
26 Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) Decryption of an encrypted product (sink level) Decryption stage The ciphertext of a product does not live on the same space than other ciphertexts. So the sink can determine whether a product has been achieved, or not. The decryption of C m is equal to the discrete logarithm of q 1 C m to the base q 1 g 1 : where g 1 = e(g, g). m 1 m 2 = log q1 g 1 (q 1 C m.) J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 20 / 28
27 Synopsis Introduction Experimental Protocol Experimental Results 1 Introduction 2 3 Experimental Protocol Experimental Results 4 J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 21 / 28
28 Experimental configuration Experimental Protocol Experimental Results Experimental protocol The SAGE library has been used for elliptic curve. The cryptosystem has been computed with Python 2.6. The sensor network has been implemented with Python : A first layer of 500 sensors, a second one of 50 aggregators. Sensors are randomly associated with aggregators. Each sensor has a battery of 100 units, each aggregator of 1000 units. Energy consumption is supposed to be proportional to time computation. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 22 / 28
29 Experimental Protocol Experimental Results Energy consumption of sensors to encrypt data Encryption in our approach Security level Size of the key E = λt (battery units) % % % Encryption in RSA based approach Security level Size of the key E = λt (battery units) % % % J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 23 / 28
30 Experimental Protocol Experimental Results Energy consumption at the aggregation stage Aggregation in our approach Security level Size p of the key E = λt (battery units) % % % Aggregation in RSA based approach Security level Size of the key E = λt (battery units) % % % J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 24 / 28
31 Experimental Protocol Experimental Results Comparison of energy consumption Agregator's energy evolution EC 46 EC 85 RSA 472 RSA Energy Time J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 25 / 28
32 Synopsis Introduction and future work Bibliography 1 Introduction and future work Bibliography J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 26 / 28
33 and future work and future work Bibliography High level of security (ciphertexts are never decrypted). Public key encryption. Various aggregation capabilities. Low computation coast. Future work Authentication through ciphertexts. Compression (aggregation). More simulation results. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 27 / 28
34 Bibliography Introduction and future work Bibliography References 1 D. Boneh, E.J. Goh, and K. Nissim. Evaluating 2dnf formulas on ciphertexts. Theory of Cryptography, LNCS, pages , J. DomingoFerrer. A provably secure additive and multiplicative privacy homomorphism. 6th ISC conference, pages , A.K. Lenstra and E.R. Verheul. Selecting cryptographic key sizes. Jour. of the International Association for Cryptologic Research, 14(4) : , J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 28 / 28
Efficient and Robust Secure Aggregation of Encrypted Data in Sensor Networks
Efficient and Robust Secure Aggregation of Encrypted Data in Sensor Networks Jacques Bahi, Christophe Guyeux, Abdallah Makhoul To cite this version: Jacques Bahi, Christophe Guyeux, Abdallah Makhoul. Efficient
More informationPUBLIC KEY ENCRYPTION
PUBLIC KEY ENCRYPTION http://www.tutorialspoint.com/cryptography/public_key_encryption.htm Copyright tutorialspoint.com Public Key Cryptography Unlike symmetric key cryptography, we do not find historical
More informationA chosen text attack on the RSA cryptosystem and some discrete logarithm schemes
A chosen text attack on the RSA cryptosystem and some discrete logarithm schemes Y. Desmedt Aangesteld Navorser NFWO Katholieke Universiteit Leuven Laboratorium ESAT B3030 Heverlee, Belgium A. M. Odlyzko
More informationElements of Applied Cryptography Public key encryption
Network Security Elements of Applied Cryptography Public key encryption Public key cryptosystem RSA and the factorization problem RSA in practice Other asymmetric ciphers Asymmetric Encryption Scheme Let
More informationElliptic Curve Cryptography Methods Debbie Roser Math\CS 4890
Elliptic Curve Cryptography Methods Debbie Roser Math\CS 4890 Why are Elliptic Curves used in Cryptography? The answer to this question is the following: 1) Elliptic Curves provide security equivalent
More informationConstructing PairingFriendly Elliptic Curves with Embedding Degree 10
with Embedding Degree 10 University of California, Berkeley, USA ANTSVII, 2006 Outline 1 Introduction 2 The CM Method: The Basic Construction The CM Method: Generating Families of Curves 3 Outline 1 Introduction
More informationSignature Schemes. CSG 252 Fall 2006. Riccardo Pucella
Signature Schemes CSG 252 Fall 2006 Riccardo Pucella Signatures Signatures in real life have a number of properties They specify the person responsible for a document E.g. that it has been produced by
More informationRSA Question 2. Bob thinks that p and q are primes but p isn t. Then, Bob thinks Φ Bob :=(p1)(q1) = φ(n). Is this true?
RSA Question 2 Bob thinks that p and q are primes but p isn t. Then, Bob thinks Φ Bob :=(p1)(q1) = φ(n). Is this true? Bob chooses a random e (1 < e < Φ Bob ) such that gcd(e,φ Bob )=1. Then, d = e 1
More informationCHAPTER 3 THE NEW MMP CRYPTO SYSTEM. mathematical problems Hidden Root Problem, Discrete Logarithm Problem and
79 CHAPTER 3 THE NEW MMP CRYPTO SYSTEM In this chapter an overview of the new Mixed Mode Paired cipher text Cryptographic System (MMPCS) is given, its three hard mathematical problems are explained, and
More informationA Factoring and Discrete Logarithm based Cryptosystem
Int. J. Contemp. Math. Sciences, Vol. 8, 2013, no. 11, 511517 HIKARI Ltd, www.mhikari.com A Factoring and Discrete Logarithm based Cryptosystem Abdoul Aziz Ciss and Ahmed Youssef Ecole doctorale de Mathematiques
More informationImplementation and Comparison of Various Digital Signature Algorithms. Nazia Sarang Boise State University
Implementation and Comparison of Various Digital Signature Algorithms Nazia Sarang Boise State University What is a Digital Signature? A digital signature is used as a tool to authenticate the information
More informationUNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering. Introduction to Cryptography ECE 597XX/697XX
UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Introduction to Cryptography ECE 597XX/697XX Part 6 Introduction to PublicKey Cryptography Israel Koren ECE597/697 Koren Part.6.1
More informationA New Approach for Algebraically Homomorphic Encryption
A New Approach for Algebraically Homomorphic Encryption Joint work with Ahmad Reza Sadeghi, supported by the EU project SPEED Frederik Armknecht Group for Cryptographic Mechanisms and Security Models Horst
More informationCryptographic mechanisms
General Secretariat for National Defence Central Directorate for Information Systems Security PRIME MINISTER Paris, 2007 september 14 No. 1904/SGDN/DCSSI/SDS/LCR Cryptographic mechanisms Rules and recommendations
More informationLukasz Pater CMMS Administrator and Developer
Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? Oneway functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign
More informationTable of Contents. Bibliografische Informationen http://dnb.info/996514864. digitalisiert durch
1 Introduction to Cryptography and Data Security 1 1.1 Overview of Cryptology (and This Book) 2 1.2 Symmetric Cryptography 4 1.2.1 Basics 4 1.2.2 Simple Symmetric Encryption: The Substitution Cipher...
More information1720  Forward Secrecy: How to Secure SSL from Attacks by Government Agencies
1720  Forward Secrecy: How to Secure SSL from Attacks by Government Agencies Dave Corbett Technical Product Manager Implementing Forward Secrecy 1 Agenda Part 1: Introduction Why is Forward Secrecy important?
More informationSECURITY IMPROVMENTS TO THE DIFFIEHELLMAN SCHEMES
www.arpapress.com/volumes/vol8issue1/ijrras_8_1_10.pdf SECURITY IMPROVMENTS TO THE DIFFIEHELLMAN SCHEMES Malek Jakob Kakish Amman Arab University, Department of Computer Information Systems, P.O.Box 2234,
More informationAdvanced Maths Lecture 3
Advanced Maths Lecture 3 Next generation cryptography and the discrete logarithm problem for elliptic curves Richard A. Hayden rh@doc.ic.ac.uk EC crypto p. 1 Public key cryptography Asymmetric cryptography
More informationCryptography: RSA and the discrete logarithm problem
Cryptography: and the discrete logarithm problem R. Hayden Advanced Maths Lectures Department of Computing Imperial College London February 2010 Public key cryptography Assymmetric cryptography two keys:
More informationDigital Signatures. Good properties of handwritten signatures:
Digital Signatures Good properties of handwritten signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it is a part of the document) 4. Signed document is
More informationThe Mathematics of the RSA PublicKey Cryptosystem
The Mathematics of the RSA PublicKey Cryptosystem Burt Kaliski RSA Laboratories ABOUT THE AUTHOR: Dr Burt Kaliski is a computer scientist whose involvement with the security industry has been through
More informationCryptography and Network Security Chapter 10
Cryptography and Network Security Chapter 10 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 10 Other Public Key Cryptosystems Amongst the tribes of Central
More informationA Study on Asymmetric Key Cryptography Algorithms
A Study on Asymmetric Key Cryptography Algorithms ASAITHAMBI.N School of Computer Science and Engineering, Bharathidasan University, Trichy, asaicarrier@gmail.com Abstract Asymmetric key algorithms use
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 20 PublicKey Cryptography and Message Authentication First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown PublicKey Cryptography
More informationSecure and Efficient Data Transmission for Clusterbased Wireless Sensor Networks
JOURNAL PAPER, ACCEPTED 1 Secure and Efficient Data Transmission for Clusterbased Wireless Sensor Networks Huang Lu, Student Member, IEEE, Jie Li, Senior Member, IEEE, Mohsen Guizani, Fellow, IEEE Abstract
More informationCIS 5371 Cryptography. 8. Encryption 
CIS 5371 Cryptography p y 8. Encryption  Asymmetric Techniques Textbook encryption algorithms In this chapter, security (confidentiality) is considered in the following sense: Allornothing secrecy.
More informationA New Efficient Digital Signature Scheme Algorithm based on Block cipher
IOSR Journal of Computer Engineering (IOSRJCE) ISSN: 22780661, ISBN: 22788727Volume 7, Issue 1 (Nov.  Dec. 2012), PP 4752 A New Efficient Digital Signature Scheme Algorithm based on Block cipher 1
More informationEXAM questions for the course TTM4135  Information Security May 2013. Part 1
EXAM questions for the course TTM4135  Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question
More informationOverview of PublicKey Cryptography
CS 361S Overview of PublicKey Cryptography Vitaly Shmatikov slide 1 Reading Assignment Kaufman 6.16 slide 2 PublicKey Cryptography public key public key? private key Alice Bob Given: Everybody knows
More informationPublicKey Cryptanalysis 1: Introduction and Factoring
PublicKey Cryptanalysis 1: Introduction and Factoring Nadia Heninger University of Pennsylvania July 21, 2013 Adventures in Cryptanalysis Part 1: Introduction and Factoring. What is publickey crypto
More informationCIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives
CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; DH key exchange; Hash functions; Application of hash
More informationInternational Journal of Information Technology, Modeling and Computing (IJITMC) Vol.1, No.3,August 2013
FACTORING CRYPTOSYSTEM MODULI WHEN THE COFACTORS DIFFERENCE IS BOUNDED Omar Akchiche 1 and Omar Khadir 2 1,2 Laboratory of Mathematics, Cryptography and Mechanics, Fstm, University of Hassan II MohammediaCasablanca,
More informationLecture Note 5 PUBLICKEY CRYPTOGRAPHY. Sourav Mukhopadhyay
Lecture Note 5 PUBLICKEY CRYPTOGRAPHY Sourav Mukhopadhyay Cryptography and Network Security  MA61027 Modern/Publickey cryptography started in 1976 with the publication of the following paper. W. Diffie
More informationChapter 10 AsymmetricKey Cryptography
Chapter 10 AsymmetricKey Cryptography Copyright The McGrawHill Companies, Inc. Permission required for reproduction or display. 10.1 Chapter 10 Objectives To distinguish between two cryptosystems: symmetrickey
More informationAnalysis of PrivacyPreserving Element Reduction of Multiset
Analysis of PrivacyPreserving Element Reduction of Multiset Jae Hong Seo 1, HyoJin Yoon 2, Seongan Lim 3, Jung Hee Cheon 4 and Dowon Hong 5 1,4 Department of Mathematical Sciences and ISaCRIM, Seoul
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA DiffieHellman Key Exchange Public key and
More informationCRYPTOGRAPHY IN NETWORK SECURITY
ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIENCHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can
More informationQUANTUM COMPUTERS AND CRYPTOGRAPHY. Mark Zhandry Stanford University
QUANTUM COMPUTERS AND CRYPTOGRAPHY Mark Zhandry Stanford University Classical Encryption pk m c = E(pk,m) sk m = D(sk,c) m??? Quantum Computing Attack pk m aka Postquantum Crypto c = E(pk,m) sk m = D(sk,c)
More informationIMPLEMENTATION OF ELLIPTIC CURVE CRYPTOGRAPHY ON TEXT AND IMAGE
IMPLEMENTATION OF ELLIPTIC CURVE CRYPTOGRAPHY ON TEXT AND IMAGE Mrs. Megha Kolhekar Assistant Professor, Department of Electronics and Telecommunication Engineering Fr. C. Rodrigues Institute of Technology,
More informationAdvanced Cryptography
Family Name:... First Name:... Section:... Advanced Cryptography Final Exam July 18 th, 2006 Start at 9:15, End at 12:00 This document consists of 12 pages. Instructions Electronic devices are not allowed.
More informationOutline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures
Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike
More information36 Toward Realizing PrivacyPreserving IPTraceback
36 Toward Realizing PrivacyPreserving IPTraceback The IPtraceback technology enables us to trace widely spread illegal users on Internet. However, to deploy this attractive technology, some problems
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationPublic Key Cryptography. c Eli Biham  March 30, 2011 258 Public Key Cryptography
Public Key Cryptography c Eli Biham  March 30, 2011 258 Public Key Cryptography Key Exchange All the ciphers mentioned previously require keys known apriori to all the users, before they can encrypt
More informationA SECURE DATA TRANSMISSION FOR CLUSTER BASED WIRELESS SENSOR NETWORKS IS INTRODUCED
A SECURE DATA TRANSMISSION FOR CLUSTER BASED WIRELESS SENSOR NETWORKS IS INTRODUCED J Karunamayi 1, Annapurna V K 2 1 Student, Computer Network and Engineering,The National Institute of Engineering, Mysuru,
More informationCryptographic Algorithms and Key Size Issues. Çetin Kaya Koç Oregon State University, Professor http://islab.oregonstate.edu/koc koc@ece.orst.
Cryptographic Algorithms and Key Size Issues Çetin Kaya Koç Oregon State University, Professor http://islab.oregonstate.edu/koc koc@ece.orst.edu Overview Cryptanalysis Challenge Encryption: DES AES Message
More informationNEW DIGITAL SIGNATURE PROTOCOL BASED ON ELLIPTIC CURVES
NEW DIGITAL SIGNATURE PROTOCOL BASED ON ELLIPTIC CURVES Ounasser Abid 1, Jaouad Ettanfouhi 2 and Omar Khadir 3 1,2,3 Laboratory of Mathematics, Cryptography and Mechanics, Department of Mathematics, Fstm,
More informationComputer Science 308547A Cryptography and Data Security. Claude Crépeau
Computer Science 308547A Cryptography and Data Security Claude Crépeau These notes are, largely, transcriptions by Anton Stiglic of class notes from the former course Cryptography and Data Security (308647A)
More informationDigital Signatures. (Note that authentication of sender is also achieved by MACs.) Scan your handwritten signature and append it to the document?
Cryptography Digital Signatures Professor: Marius Zimand Digital signatures are meant to realize authentication of the sender nonrepudiation (Note that authentication of sender is also achieved by MACs.)
More informationENCRYPTION OF DATA USING ELLIPTIC CURVE OVER FINITE FIELDS
ENCRYPTION OF DATA USING ELLIPTIC CURVE OVER FINITE FIELDS D. Sravana Kumar 1 CH. Suneetha 2 A. ChandrasekhAR 3 1 Reader in Physics, SVLNS Government College, Bheemunipatnam, Visakhapatnam Dt., India skdharanikota@gmail.com
More informationOutline. CSc 466/566. Computer Security. 8 : Cryptography Digital Signatures. Digital Signatures. Digital Signatures... Christian Collberg
Outline CSc 466/566 Computer Security 8 : Cryptography Digital Signatures Version: 2012/02/27 16:07:05 Department of Computer Science University of Arizona collberg@gmail.com Copyright c 2012 Christian
More informationROBUST AND PRIVACY PROTECTION AUTHENTICATION IN CLOUD COMPUTING
International Journal of Innovative Computing, Information and Control ICIC International c 2013 ISSN 13494198 Volume 9, Number 11, November 2013 pp. 4247 4261 ROBUST AND PRIVACY PROTECTION AUTHENTICATION
More informationA SOFTWARE COMPARISON OF RSA AND ECC
International Journal Of Computer Science And Applications Vol. 2, No. 1, April / May 29 ISSN: 97413 A SOFTWARE COMPARISON OF RSA AND ECC Vivek B. Kute Lecturer. CSE Department, SVPCET, Nagpur 9975549138
More informationShor s algorithm and secret sharing
Shor s algorithm and secret sharing Libor Nentvich: QC 23 April 2007: Shor s algorithm and secret sharing 1/41 Goals: 1 To explain why the factoring is important. 2 To describe the oldest and most successful
More informationSecure Data Aggregation and Data Recovery in Wireless Sensor Networks
International Journal of Engineering and Advanced Technology (IJEAT) ISSN: 49 8958, Volume, Issue3, February 3 Secure Data Aggregation and Data Recovery in Wireless Sensor Networks John Major. J, Shajin
More informationCryptography and Network Security: Summary
Cryptography and Network Security: Summary Timo Karvi 12.2013 Timo Karvi () Cryptography and Network Security: Summary 12.2013 1 / 17 Summary of the Requirements for the exam The advices are valid for
More informationCRYPTOGRAPHIC LONGTERM SECURITY PERSPECTIVES FOR
By JOHANNES BUCHMANN, ALEXANDER MAY, and ULRICH VOLLMER PERSPECTIVES FOR CRYPTOGRAPHIC LONGTERM SECURITY Cryptographic longterm security is needed, but difficult to achieve. Use flexible cryptographic
More informationA SecureEnhanced Data Aggregation Based on ECC in Wireless Sensor Networks
Sensors 2014, 14, 67016721; doi:10.3390/s140406701 Article OPEN ACCESS sensors ISSN 14248220 www.mdpi.com/journal/sensors A SecureEnhanced Data Aggregation Based on ECC in Wireless Sensor Networks Qiang
More informationLecture 25: PairingBased Cryptography
6.897 Special Topics in Cryptography Instructors: Ran Canetti and Ron Rivest May 5, 2004 Lecture 25: PairingBased Cryptography Scribe: Ben Adida 1 Introduction The field of PairingBased Cryptography
More informationNew Efficient Searchable Encryption Schemes from Bilinear Pairings
International Journal of Network Security, Vol.10, No.1, PP.25 31, Jan. 2010 25 New Efficient Searchable Encryption Schemes from Bilinear Pairings Chunxiang Gu and Yuefei Zhu (Corresponding author: Chunxiang
More informationPublicKey Cryptography. Oregon State University
PublicKey Cryptography Çetin Kaya Koç Oregon State University 1 Sender M Receiver Adversary Objective: Secure communication over an insecure channel 2 Solution: Secretkey cryptography Exchange the key
More informationBlinding SelfCertified Key Issuing Protocols Using Elliptic Curves
Blinding SelfCertified Key Issuing Protocols Using Elliptic Curves Billy Bob Brumley Helsinki University of Technology Laboratory for Theoretical Computer Science billy.brumley@hut.fi Abstract SelfCertified
More informationMATH 168: FINAL PROJECT Troels Eriksen. 1 Introduction
MATH 168: FINAL PROJECT Troels Eriksen 1 Introduction In the later years cryptosystems using elliptic curves have shown up and are claimed to be just as secure as a system like RSA with much smaller key
More informationVoteID 2011 Internet Voting System with Cast as Intended Verification
VoteID 2011 Internet Voting System with Cast as Intended Verification September 2011 VP R&D Jordi Puiggali@scytl.com Index Introduction Proposal Security Conclusions 2. Introduction Client computers could
More informationElliptic Curve Cryptography
Elliptic Curve Cryptography Elaine Brow, December 2010 Math 189A: Algebraic Geometry 1. Introduction to Public Key Cryptography To understand the motivation for elliptic curve cryptography, we must first
More informationCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITY PRINCIPLES AND PRACTICE SIXTH EDITION William Stallings International Edition contributions by Mohit P Tahiliani NITK Surathkal PEARSON Boston Columbus Indianapolis New
More informationNetwork Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 035742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室
Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 035742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination
More informationTransitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths
NIST Special Publication 800131A Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths Elaine Barker and Allen Roginsky Computer Security Division Information
More informationModular arithmetic. x ymodn if x = y +mn for some integer m. p. 1/??
p. 1/?? Modular arithmetic Much of modern number theory, and many practical problems (including problems in cryptography and computer science), are concerned with modular arithmetic. While this is probably
More informationChapter 10 AsymmetricKey Cryptography
Chapter 10 AsymmetricKey Cryptography Copyright The McGrawHill Companies, Inc. Permission required for reproduction or display. 10.1 Chapter 10 Objectives Present asymmetrickey cryptography. Distinguish
More informationAn Approach to Shorten Digital Signature Length
Computer Science Journal of Moldova, vol.14, no.342, 2006 An Approach to Shorten Digital Signature Length Nikolay A. Moldovyan Abstract A new method is proposed to design short signature schemes based
More informationAn Overview of Integer Factoring Algorithms. The Problem
An Overview of Integer Factoring Algorithms Manindra Agrawal IITK / NUS The Problem Given an integer n, find all its prime divisors as efficiently as possible. 1 A Difficult Problem No efficient algorithm
More informationMA2C03 Mathematics School of Mathematics, Trinity College Hilary Term 2016 Lecture 59 (April 1, 2016) David R. Wilkins
MA2C03 Mathematics School of Mathematics, Trinity College Hilary Term 2016 Lecture 59 (April 1, 2016) David R. Wilkins The RSA encryption scheme works as follows. In order to establish the necessary public
More informationImplementation of Elliptic Curve Digital Signature Algorithm
Implementation of Elliptic Curve Digital Signature Algorithm Aqeel Khalique Kuldip Singh Sandeep Sood Department of Electronics & Computer Engineering, Indian Institute of Technology Roorkee Roorkee, India
More informationAn Efficient Data Security in Cloud Computing Using the RSA Encryption Process Algorithm
An Efficient Data Security in Cloud Computing Using the RSA Encryption Process Algorithm V.Masthanamma 1,G.Lakshmi Preya 2 UG Scholar, Department of Information Technology, Saveetha School of Engineering
More informationThe New Approach of Quantum Cryptography in Network Security
The New Approach of Quantum Cryptography in Network Security Avanindra Kumar Lal 1, Anju Rani 2, Dr. Shalini Sharma 3 (Avanindra kumar) Abstract There are multiple encryption techniques at present time
More informationPrinciples of Public Key Cryptography. Applications of Public Key Cryptography. Security in Public Key Algorithms
Principles of Public Key Cryptography Chapter : Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter : Security on Network and Transport
More informationSecurity usually depends on the secrecy of the key, not the secrecy of the algorithm (i.e., the open design model!)
1 A cryptosystem has (at least) five ingredients: 1. 2. 3. 4. 5. Plaintext Secret Key Ciphertext Encryption algorithm Decryption algorithm Security usually depends on the secrecy of the key, not the secrecy
More informationBreaking The Code. Ryan Lowe. Ryan Lowe is currently a Ball State senior with a double major in Computer Science and Mathematics and
Breaking The Code Ryan Lowe Ryan Lowe is currently a Ball State senior with a double major in Computer Science and Mathematics and a minor in Applied Physics. As a sophomore, he took an independent study
More informationCS 348: Computer Networks.  Security; 30 th  31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay
CS 348: Computer Networks  Security; 30 th  31 st Oct 2012 Instructor: Sridhar Iyer IIT Bombay Network security Security Plan (RFC 2196) Identify assets Determine threats Perform risk analysis Implement
More informationAWIRELESS sensor network (WSN) is a network system
750 IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 25, NO. 3, MARCH 2014 Secure and Efficient Data Transmission for ClusterBased Wireless Sensor Networks Huang Lu, Student Member, IEEE, JieLi,Senior
More informationKleptography: The unbearable lightness of being mistrustful
Kleptography: The unbearable lightness of being mistrustful MOTI YUNG Google Inc. / Columbia University Joint work with Adam Young Background: The time is the Mid 90 s: Cryptography is the big Equalizer
More informationThe mathematics of cryptology
The mathematics of cryptology Paul E. Gunnells Department of Mathematics and Statistics University of Massachusetts, Amherst Amherst, MA 01003 www.math.umass.edu/ gunnells April 27, 2004 What is Cryptology?
More informationComputer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University
Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two
More informationEfficient Unlinkable Secret Handshakes for Anonymous Communications
보안공학연구논문지 (Journal of Security Engineering), 제 7권 제 6호 2010년 12월 Efficient Unlinkable Secret Handshakes for Anonymous Communications EunKyung Ryu 1), KeeYoung Yoo 2), KeumSook Ha 3) Abstract The technique
More informationApplied Cryptology. Ed Crowley
Applied Cryptology Ed Crowley 1 Basics Topics Basic Services and Operations Symmetric Cryptography Encryption and Symmetric Algorithms Asymmetric Cryptography Authentication, Nonrepudiation, and Asymmetric
More informationImplementing Network Security Protocols
Implementing Network Security Protocols based on Elliptic Curve Cryptography M. Aydos, E. Savaş, and Ç. K. Koç Electrical & Computer Engineering Oregon State University Corvallis, Oregon 97331, USA {aydos,savas,koc}@ece.orst.edu
More informationSecure Key Issuing in IDbased Cryptography
Secure Key Issuing in IDbased Cryptography Byoungcheon Lee 1,2 Colin Boyd 1 Ed Dawson 1 Kwangjo Kim 3 Jeongmo Yang 2 Seungjae Yoo 2 1 Information Security Research Centre, Queensland University of Technology,
More informationNotes on Network Security Prof. Hemant K. Soni
Chapter 9 Public Key Cryptography and RSA PrivateKey Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications
More informationCUNSHENG DING HKUST, Hong Kong. Computer Security. Computer Security. Cunsheng DING, HKUST COMP4631
Cunsheng DING, HKUST Lecture 08: Key Management for Onekey Ciphers Topics of this Lecture 1. The generation and distribution of secret keys. 2. A key distribution protocol with a key distribution center.
More informationA New Security Protocol Using Hybrid Cryptography Algorithms
International Journal of Computer Sciences and Engineering Open Access Review Paper Volume4, Special Issue2, April 2016 EISSN: 23472693 A New Security Protocol Using Hybrid Cryptography Algorithms
More informationCryptography. Identitybased Encryption. JeanSébastien Coron and David Galindo. May 15, 2014. Université du Luxembourg
Identitybased Encryption Université du Luxembourg May 15, 2014 Summary IdentityBased Encryption (IBE) What is IdentityBased Encryption? Difference with conventional PK cryptography. Applications of
More informationAn Introduction to Cryptography as Applied to the Smart Grid
An Introduction to Cryptography as Applied to the Smart Grid Jacques Benoit, Cooper Power Systems Western Power Delivery Automation Conference Spokane, Washington March 2011 Agenda > Introduction > Symmetric
More informationRSA Cryptosystem. Yufei Tao. Department of Computer Science and Engineering Chinese University of Hong Kong. RSA Cryptosystem
Yufei Tao Department of Computer Science and Engineering Chinese University of Hong Kong In this lecture, we will discuss the RSA cryptosystem, which is widely adopted as a way to encrypt a message, or
More informationData Grid Privacy and Secure Storage Service in Cloud Computing
Data Grid Privacy and Secure Storage Service in Cloud Computing L.Revathi 1, S.Karthikeyan 2 1 Research Scholar, Department of Computer Applications, Dr. M.G.R. Educational and Research Institute University,
More informationFinal Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket
IT 4823 Information Security Administration Public Key Encryption Revisited April 5 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles
More informationCapture Resilient ElGamal Signature Protocols
Capture Resilient ElGamal Signature Protocols Hüseyin Acan 1, Kamer Kaya 2,, and Ali Aydın Selçuk 2 1 Bilkent University, Department of Mathematics acan@fen.bilkent.edu.tr 2 Bilkent University, Department
More informationLibrary (versus Language) Based Parallelism in Factoring: Experiments in MPI. Dr. Michael Alexander Dr. Sonja Sewera.
Library (versus Language) Based Parallelism in Factoring: Experiments in MPI Dr. Michael Alexander Dr. Sonja Sewera Talk 20071019 Slide 1 of 20 Primes Definitions Prime: A whole number n is a prime number
More informationFigure 1: Application scheme of public key mechanisms. (a) pure RSA approach; (b) pure EC approach; (c) RSA on the infrastructure
A Low Power Security Architecture for Mobile Commerce Peter Langendoerfer +, Zoya Dyka +, Oliver Maye + and Rolf Kraemer + Abstract: Mobile devices have limited resources in terms of computational power
More information