A New Credit Card Payment Scheme Using Mobile Phones Based on Visual Cryptography

Size: px
Start display at page:

Download "A New Credit Card Payment Scheme Using Mobile Phones Based on Visual Cryptography"

Transcription

1 A New Credit Card Payment Scheme Using Mobile Phones Based on Visual Cryptography Chao-Wen Chan and Chih-Hao Lin Graduate School of Computer Science and Information Technology, National Taichung Institute of Technology, 404 Taichung, Taiwan Abstract. With the increasing usage of credit cards, secure requirements for handling credit card payment have become more critical. Today, it is being deployed for a wide application services in mobile commerce over public networks. Based on the security of Naor-Shamir's visual cryptography, Diffie- Hellman key agreement scheme and symmetric cryptosystems, we propose a new credit card payment scheme using mobile phones based on visual cryptography. Compared with traditional credit card payment methods, the proposed scheme can provide more secure communication for many electronic commerce transactions. Keywords: payment, secret sharing, visual cryptography, key agreement. 1 Introduction In the last decade, many advances have been made in the technology of mobile commerce, such as hardware of mobile devices, qualities of application services, etc. With the increasing usage of mobile commerce applications over public networks, it is more and more important to have reliable security. In recent years, identity theft has surged and led to serious damage for both cardholders and payment companies. Traditional credit card payment schemes in Taiwan require cardholders show credit card information to merchants, allowing strangers access to private business operations. The issuer only provides verification for a payment request from a credible requester, for instance a phone call or an SMS (Short Message Service) is needed to check the cardholder s credit limit and currently charged amount. This method does not ensure a secure credit card payment. The verification process is only performed according to the parameters of a cardholder s available credit. In the past, the above security problem has attracted little attention from researchers [2]. Observe that leakage of private information stored in a credit card is the attraction. To prevent the leakage of cardholder s information, a new secure credit card payment scheme should satisfy the following requirements. C.C. Yang et al. (Eds.): ISI 2008 Workshops, LNCS 5075, pp , Springer-Verlag Berlin Heidelberg 2008

2 468 C.-W. Chan and C.-H. Lin 1. The merchant learns nothing about the private information stored in a credit card during a credit card payment. 2. No one else can use the secret information about a credit card payment to perform any other credit card payments. 3. Both cardholder and issuer bank need to authenticate each other at beginning of a credit card payment. 4. The credit card payment scheme may support the electronic cash or coin-like application. Owing to it is being deployed for a wide application services in mobile commerce over public networks. Based on Diffie-Hellman key agreement method [5], Naor- Shamir's Visual Cryptography [9], and symmetric cryptosystems, we propose a novel secure credit card payment scheme which could provide the above requirements. The proposed scheme is different from traditional credit card payment methods. We briefly describe the new idea of our method. In general, credit cards include private information about users, such as card numbers, validity dates, expiration dates and identifications etc. To prevent a card user from sharing the credit card with others, the user must get an authorization code from the bank before making purchases. The bank checks the quota of the cardholder and confirms the identification of the user from the database. If the information of the user is correct, the bank generates an authorization code and transfers it to the user over mobile communication networks. The user must input the authorization code to accomplish the payment without giving his credit card to the merchant. Compared with traditional credit card payment methods, the proposed scheme can provide more secure communication for many electronic commerce transactions. The rest of the paper is organized as follows. In the next section, we present the necessary related works of our scheme. In Section 3, a new credit card payment scheme is proposed. Discussions are presented in Section 4. Finally, we give some conclusions in Section 5. 2 Preliminaries Before a new credit card payment scheme is proposed, we first introduce the properties of Diffie-Hellman key agreement method [5], Naor-Shamir's Visual Cryptography [9], and symmetric cryptosystems that will allow us to discuss our scheme s security in Section Diffie-Hellman Key Agreement Scheme The famous key agreement scheme was proposed by Diffie and Hellman in If Alice and Bob want to transfer a secret by Diffie-Hellman key agreement scheme, then Alice selects a random secret and sends to Bob, where is a large prime number. Then, Bob selects another random secret and sends to

3 A New Credit Card Payment Scheme Using Mobile Phones 469 Alice. Finally, Alice and Bob compute a common session key. Thus, Alice and Bob can use the common key for encryption and decryption in the session. No one can derive the session key from the public information and. The security is based on the computational Diffie-Hellman problem. In addition, neither of these two parties computes anything about the random secret value selected by another provided Discrete Logarithm Problem [1,8]. 2.2 Visual Cryptography (VC) In 1995, Naor and Shamir [9] proposed a secret sharing scheme in which secrets and shadows are represented in binary image format. This scheme opened the research on Visual Cryptography (VC); in fact it was the first paper about VC. Visual cryptography is a secret sharing method for digital images without cryptographic computations for decryption. In their scheme, a dealer wants to break a secret image into shared images and sends shared images to other participants, such that any or more participants can recover the secret image by stacking or more shared images. However, the secret image cannot be recovered by shadows. The above method is defined as -threshold visual cryptography. For example, a -threshold VC is depicted below. We set up three pairs of pixel blocks as shown in Fig. 1. The pixel block consists of four sub-pixels. If a pixel of the secret image is black, we can randomly select a pair of pixel blocks, then, randomly assign one of the pair to the corresponding pixel block of share 1, and the other of the pair is assigned the corresponding pixel block of share 2. If the pixel of the secret image is white, we randomly select one of the three pairs, and randomly assign one of the pair to the corresponding pixel block of share 1. And, randomly select one pixel block of the other two pairs to the corresponding pixel block of share 2. As shown in Fig. 2, the pixel is white when stacked with one horizontal share and the other vertical share. In addition, the pixel is black when stacked with two horizontal shares. Now, taking a digital image as another example, as shown in Fig. 3, we break a secret image into two shares, share 1 and share 2, respectively. Based on -threshold VC, we can recover the secret image by stacking share 1 and share 2. Still today, much research of visual cryptography for gray-level images is proposed in [3,6,7]. Fig. 1. Three Pairs of 2 2 Pixel Blocks

4 470 C.-W. Chan and C.-H. Lin Fig. 2. Example 1 of -Threshold VC (a)secret image (b)share 1 (c)share 2 (d)recovered image Fig. 3. Example 2 of -Threshold VC 2.3 Symmetric Cryptosystems Symmetric cryptosystems are used to encrypt or decrypt messages by the same secret key to provide authorized securities. It can provide more efficient than asymmetric cryptosystem for message encrypting and decrypting. One of the most popular symmetric cryptosystems is the Advanced Encryption Standard (AES) [10]. AES is an encryption standard provided by National Institute of Standards and Technology in However, the encryption method of images may be different from text. In 2001, Chang et al. [4] proposed an encryption algorithm for image cryptosystems based on vector quantization. It reduces the computational complexity of the encryption and decryption schemes. 3 The Proposed Scheme In this section, we elaborate on our proposed credit card payment scheme. Our method is based on DH key agreement scheme and -threshold VC scheme to generate the authorization code. In order to confirm data integrity of the shared image, we use technologies of symmetric cryptosystems to transform the shared image. The proposed scheme consists of three parties: a user, a bank, and merchants. 1. : The uer who makes a purchase with his credit card. 2. : The bank issues credit cards for the user. To easily present the method, we assume that the bank is the issuer and acquirer, and the bank is a trusted third party. 3. : Merchants which sell commodities to users.

5 A New Credit Card Payment Scheme Using Mobile Phones 471 Table 1. Notations A user s identification number is defined as. A user s password is defined as. A purchase order is a commercial document issued by a buyer to a seller, including information for products or services. is a large prime integer. is a public primitive integer in modular, where is not equal to 1. are meaningful words or signs made by stacking two shared images for making a purchase, called authorization code. A party sends a message to a party. A message is encrypted by the symmetric key. A message is decrypted by the symmetric key. A cryptographic pseudo random number generator is defined as. The formula denotes using -threshold VC to generate the other shared image by a shared image and, where. The formula denotes using -threshold VC to get by stacking two shared images and according to human visual system, where. The basic notations are used in the description which is defined as Tab.1. When makes a purchase with his credit card, must get the authorization code for accomplishing a transaction. Hence, the proposed scheme consists of registration phase and transaction phase. The details of two phases will be described as follows: 3.1 Registration Phase 1. sends his identification number and password to the bank through a secure channel. 2. Upon receiving the messages and, generates the shared image and stores the information in the database. Next, computes and stores into the user s mobile phone through a secure channel. 3.2 Transaction Phase 1. User(mobile phone) Bank: selects and computes. Then, sends the payment request,, and to.

6 472 C.-W. Chan and C.-H. Lin 2. Bank User(mobile phone): Upon receiving the request messages,, and, can find out the user information according to in the database. Then, selects and computes and. Next, can use the integer to get the initial coordinate for displacing vectors of the shared image. Using as a seed in a function, we can get a set of random integers. Then, two parties negotiate for two integers to be the initial coordinate. We define this formula as, where is the initial coordinate vector (point). Thus, displaces vectors of from to to get the small shared image, after getting the initial coordinate. The schematic diagram is shown as Fig. 4. Next, generates a secret image for the user making a purchase, called authorization code. According to - threshold VC, another shared image can be computed by and as shown below.. (1) Finally, computes, where is used as a session key, and sends and to the user. 3. User(mobile phone) Merchant: When receives the messages, computes and. Then, inputs the random integer into a function to get the initial coordinate vector. Next, is required to input his password for decryption of the shared image by computing. Therefore, can use the initial coordinate to displace vectors of the shared image and get the smaller shared image. Hence, can recover the secret image by stacking the shared images and to get the authorization code. The recovered formula is defined as follows:. (2) In the above steps, sends and for payment without giving his credit card to the merchant. Then, forwards the messages to. verifies the messages in the database. If the records are valid, then responses with a message of acceptance to and updates the financial information in their system. Fig. 4. Displace coordinates of S 1 to get the shared image S 2

7 A New Credit Card Payment Scheme Using Mobile Phones 473 User Bank Merchant (1) Select R and compute a g mod p 1 PWU 1 * p (5) Compute r b g mod p S3 Dr ( R) PRNG() r ( X, Y ) S D ( S ) Displace vectors of S to get S 1 2 VC (2,2) S2 AuthC D ( S ) (2) PO, UID, a 3 (4) br, (3) Select VC (2,2) S2 * p and compute b g mod p r a g mod p PRNG() r ( X, Y ) Displace vectors of S to get S Generate AuthC and compute S E ( AuthC) R Er ( S3) (6) PO, UID, AuthC R (7) PO, UID, AuthC (8)accept/reject Fig. 5. The proposed scheme of the transaction procedure Moreover, if performs a new transaction in the next session, and can use the shared image to generate the other small shared image by implementing the DH key agreement scheme repeatedly. Then, and accomplish each payment according to our transaction phase. The above transaction procedure is briefly illustrated in Fig Discussions In this section, we are going to analyze the securities and performances of the proposed scheme. 4.1 Security Analysis In the proposed scheme, the security is based on DH scheme, VC, and symmetric cryptosystems. Therefore, we consider some possible attacks. Suppose that an adversary attempts to impersonate the user. Without knowing the random integer generated by DH key agreement scheme, the adversary cannot get to perform a transaction. The adversary only knows and on insecure public networks, and he learns nothing about the random integer to get the initial coordinate. The adversary must achieve the computational DH problem. However, an adversary may

8 474 C.-W. Chan and C.-H. Lin try to compute from or from to get the integer. This means that the adversary still has to solve the discrete logarithm problem. The discrete logarithm problem is hard to solve in polynomial time. Hence, the proposed scheme can resist an illegal transaction by an impersonation attack. Even if an adversary knows the random integer by man-inthe-middle attacks, he still cannot get without the shared image which is shared by and. The shared image is protected by symmetric cryptosystems with the user s password. Therefore, our scheme can prevent an illegal transaction by man-in-the-middle attacks. Next, we consider a replaying attack. A replaying attack is a method where an active adversary stores old intercepted messages and retransmits them at a later time. In our scheme, the authorization code is generated by a trusted third party. Suppose that an adversary will attempt to impersonate a legal user by replaying old messages and, he still cannot get without knowing the shared image. Hence, the proposed scheme can withstand an illegal transaction from replaying attacks. For each transaction, the bank records the information which is used in the database. When a new transaction request is performed, the user will get a new different from the above session. Therefore, the proposed scheme can prevent a double spending problem. In addition, both and need to authenticate each other by using -threshold visual cryptography. A valid can only be recovered through the shared image which is shared by and. Hence, our scheme can provide the mutual authentication property. Moreover, the proposed method is based on -threshold visual cryptography. The user (mobile phone) must stack two shared images and and use the human visual system to obtain the authorization code. According to decryption by human visual system, it is difficult to design a malicious program to get for an adversary, such as brute force attacks. In the worst situation, suppose that a user s mobile phone is lost, the important information is still protected by a secure symmetric cryptosystem with the user s password. This reduces the threat of a lost or stolen mobile phone for the user before the emergency event happens. 4.2 Performance Analysis To the best of our knowledge, the traditional -threshold VC scheme can only be used once. It is similar to a one-time pad (OTP). When the secret image is recovered by stacking any shares, the shared images cannot reuse the information in the next session. A dealer has to break a secret image into shared images and retransfers shared images to other participants. Therefore, with regard to efficiency, we generate a random seed into a by using DH scheme to reuse the shared image which is stored in the user s mobile phone. The user does not need to update the shared image in each session. Next, we consider the proposed scheme s computations to accomplish a transaction. For convenience, we define related notations to analyze the computational complexity. The notation means the time for one multiplication over a prime

9 A New Credit Card Payment Scheme Using Mobile Phones 475 integer, denotes the time for one symmetric encryption or decryption, and denotes the time for stacking two shares by -threshold VC scheme. We summarize the computational complexity and communication in Tab. 2. As shown in Tab. 2, the proposed scheme only requires one symmetric encryption computation for the bank in the registration phase. In the transaction phase, our scheme performs two multiplication operations over a prime integer, two symmetric decryption computation, and one stacking shares operation for a user in the transaction phase. For a bank, our scheme performs two multiplication operations over a prime integer, one symmetric decryption computation, and one stacking shares operation. Therefore, in the fast progress of wireless communication, the proposed new credit card payment scheme using mobile phones based on visual cryptography would easily be implemented for electronic commerce transactions. Table 2. Computational complexity and communication of the proposed scheme User Bank Number of communications 6 3 Number of rounds Computation of the registration phase 2 No 2 Computation of the transaction phase Conclusions In this article, we propose a new credit card payment scheme by using DH scheme, VC, and symmetric cryptosystems for transferring secrets in insecure mobile communication networks. The security analyses show that the proposed scheme is more secure than traditional credit card payment methods. Our scheme can prevent impersonation attacks, man-in-the-middle attacks, replaying attacks, double spending problems, malicious program attacks and provides a mutual authentication property. In the future, our scheme has potential for application services in mobile commerce. We can perform similar application services, such as an electronic ticket system or an electronic auction market, etc. References 1. Blake-Wilson, S., Menezes, A.: Authenticated Diffie-Hellman Key Agreement Schemes. In: Tavares, S., Meijer, H. (eds.) SAC LNCS, vol. 1556, pp Springer, Heidelberg (1999) 2. Bottoni, A., Dini, G.: Improving Authentication of Remote Card Transactions with Mobile Personal Trusted Devices. Computer Communications 30, (2007) 3. Blundo, C., De Santis, A., Naor, M.: Visual Cryptography for Grey Level Images. Information Processing Letters 75(6), (2000) 4. Chang, C.C., Hwang, M.S., Cheng, T.S.: A New Encryption Algorithm for Image Cryptosystems. The Journal of Systems and Software 58, (2001)

10 476 C.-W. Chan and C.-H. Lin 5. Diffie, W., Hellman, M.E.: New Directions in Cryptography. IEEE Transactions on Information Theory 22(6), (1976) 6. Lin, C.C., Tsai, W.H.: Visual Cryptography for Gray-level Images by Dithering Techniques. Pattern Recognition Letters 24(1-3), (2003) 7. Lukac, R., Plataniotis, K.N.: Bit-level Based Secret Sharing for Image Encryption. Pattern Recognition 38(5), (2005) 8. Maurer, U.: Towards the Equivalence of Breaking the Diffie-Hellman Scheme and Computing Discrete Logarithms. In: Desmedt, Y.G. (ed.) CRYPTO LNCS, vol. 839, pp Springer, Heidelberg (1994) 9. Naor, M., Shamir, A.: Visual Cryptography. In: De Santis, A. (ed.) EUROCRYPT LNCS, vol. 950, pp Springer, Heidelberg (1995) 10. National Institute of Standards and Technology: Advanced Encryption Standard, FIPS 197 (2001)

CSCE 465 Computer & Network Security

CSCE 465 Computer & Network Security CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and

More information

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash

More information

SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES

SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES www.arpapress.com/volumes/vol8issue1/ijrras_8_1_10.pdf SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES Malek Jakob Kakish Amman Arab University, Department of Computer Information Systems, P.O.Box 2234,

More information

Public Key Cryptography. c Eli Biham - March 30, 2011 258 Public Key Cryptography

Public Key Cryptography. c Eli Biham - March 30, 2011 258 Public Key Cryptography Public Key Cryptography c Eli Biham - March 30, 2011 258 Public Key Cryptography Key Exchange All the ciphers mentioned previously require keys known a-priori to all the users, before they can encrypt

More information

A More Robust Authentication Scheme for Roaming Service in Global Mobility Networks Using ECC

A More Robust Authentication Scheme for Roaming Service in Global Mobility Networks Using ECC International Journal of Network Security, Vol.18, No.2, PP.217-223, Mar. 2016 217 A More Robust Authentication Scheme for Roaming Service in Global Mobility Networks Using ECC Dianli Guo and Fengtong

More information

MANAGING OF AUTHENTICATING PASSWORD BY MEANS OF NUMEROUS SERVERS

MANAGING OF AUTHENTICATING PASSWORD BY MEANS OF NUMEROUS SERVERS INTERNATIONAL JOURNAL OF ADVANCED RESEARCH IN ENGINEERING AND SCIENCE MANAGING OF AUTHENTICATING PASSWORD BY MEANS OF NUMEROUS SERVERS Kanchupati Kondaiah 1, B.Sudhakar 2 1 M.Tech Student, Dept of CSE,

More information

Cryptography and Network Security Chapter 10

Cryptography and Network Security Chapter 10 Cryptography and Network Security Chapter 10 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 10 Other Public Key Cryptosystems Amongst the tribes of Central

More information

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the

More information

Embedding more security in digital signature system by using combination of public key cryptography and secret sharing scheme

Embedding more security in digital signature system by using combination of public key cryptography and secret sharing scheme International Journal of Computer Sciences and Engineering Open Access Research Paper Volume-4, Issue-3 E-ISSN: 2347-2693 Embedding more security in digital signature system by using combination of public

More information

A Study on Asymmetric Key Cryptography Algorithms

A Study on Asymmetric Key Cryptography Algorithms A Study on Asymmetric Key Cryptography Algorithms ASAITHAMBI.N School of Computer Science and Engineering, Bharathidasan University, Trichy, asaicarrier@gmail.com Abstract Asymmetric key algorithms use

More information

Computer Security: Principles and Practice

Computer Security: Principles and Practice Computer Security: Principles and Practice Chapter 20 Public-Key Cryptography and Message Authentication First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Public-Key Cryptography

More information

Software Tool for Implementing RSA Algorithm

Software Tool for Implementing RSA Algorithm Software Tool for Implementing RSA Algorithm Adriana Borodzhieva, Plamen Manoilov Rousse University Angel Kanchev, Rousse, Bulgaria Abstract: RSA is one of the most-common used algorithms for public-key

More information

Two Step Share Synthesized Image Stamper Algorithm for Secure Visual Sharing

Two Step Share Synthesized Image Stamper Algorithm for Secure Visual Sharing International Journal of Information & Computation Technology. ISSN 0974-2239 Volume 4, Number 7 (2014), pp. 727-732 International Research Publications House http://www. irphouse.com Two Step Share Synthesized

More information

Midterm Exam Solutions CS161 Computer Security, Spring 2008

Midterm Exam Solutions CS161 Computer Security, Spring 2008 Midterm Exam Solutions CS161 Computer Security, Spring 2008 1. To encrypt a series of plaintext blocks p 1, p 2,... p n using a block cipher E operating in electronic code book (ECB) mode, each ciphertext

More information

Efficient Nonce-based Authentication Scheme for. session initiation protocol

Efficient Nonce-based Authentication Scheme for. session initiation protocol International Journal of Network Security, Vol.9, No.1, PP.12 16, July 2009 12 Efficient Nonce-based Authentication for Session Initiation Protocol Jia Lun Tsai Degree Program for E-learning, Department

More information

Comparative Analysis for Performance acceleration of Modern Asymmetric Crypto Systems

Comparative Analysis for Performance acceleration of Modern Asymmetric Crypto Systems J. of Comp. and I.T. Vol. 3(1&2), 1-6 (2012). Comparative Analysis for Performance acceleration of Modern Asymmetric Crypto Systems RAJ KUMAR 1 and V.K. SARASWAT 2 1,2 Department of Computer Science, ICIS

More information

Secure File Transfer Using USB

Secure File Transfer Using USB International Journal of Scientific and Research Publications, Volume 2, Issue 4, April 2012 1 Secure File Transfer Using USB Prof. R. M. Goudar, Tushar Jagdale, Ketan Kakade, Amol Kargal, Darshan Marode

More information

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike

More information

An Efficient and Secure Key Management Scheme for Hierarchical Access Control Based on ECC

An Efficient and Secure Key Management Scheme for Hierarchical Access Control Based on ECC An Efficient and Secure Key Management Scheme for Hierarchical Access Control Based on ECC Laxminath Tripathy 1 Nayan Ranjan Paul 2 1Department of Information technology, Eastern Academy of Science and

More information

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23 Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

More information

Efficient on-line electronic checks

Efficient on-line electronic checks Applied Mathematics and Computation 162 (2005) 1259 1263 www.elsevier.com/locate/amc Efficient on-line electronic checks Wei-Kuei Chen Department of Computer Science and Information Engineering, Ching-Yun

More information

SFWR ENG 4C03 - Computer Networks & Computer Security

SFWR ENG 4C03 - Computer Networks & Computer Security KEY MANAGEMENT SFWR ENG 4C03 - Computer Networks & Computer Security Researcher: Jayesh Patel Student No. 9909040 Revised: April 4, 2005 Introduction Key management deals with the secure generation, distribution,

More information

Security usually depends on the secrecy of the key, not the secrecy of the algorithm (i.e., the open design model!)

Security usually depends on the secrecy of the key, not the secrecy of the algorithm (i.e., the open design model!) 1 A cryptosystem has (at least) five ingredients: 1. 2. 3. 4. 5. Plaintext Secret Key Ciphertext Encryption algorithm Decryption algorithm Security usually depends on the secrecy of the key, not the secrecy

More information

A secure email login system using virtual password

A secure email login system using virtual password A secure email login system using virtual password Bhavin Tanti 1,Nishant Doshi 2 1 9seriesSoftwares, Ahmedabad,Gujarat,India 1 {bhavintanti@gmail.com} 2 SVNIT, Surat,Gujarat,India 2 {doshinikki2004@gmail.com}

More information

Notes on Network Security Prof. Hemant K. Soni

Notes on Network Security Prof. Hemant K. Soni Chapter 9 Public Key Cryptography and RSA Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications

More information

NEW DIGITAL SIGNATURE PROTOCOL BASED ON ELLIPTIC CURVES

NEW DIGITAL SIGNATURE PROTOCOL BASED ON ELLIPTIC CURVES NEW DIGITAL SIGNATURE PROTOCOL BASED ON ELLIPTIC CURVES Ounasser Abid 1, Jaouad Ettanfouhi 2 and Omar Khadir 3 1,2,3 Laboratory of Mathematics, Cryptography and Mechanics, Department of Mathematics, Fstm,

More information

Friendly Medical Image Sharing Scheme

Friendly Medical Image Sharing Scheme Journal of Information Hiding and Multimedia Signal Processing 2014 ISSN 2073-4212 Ubiquitous International Volume 5, Number 3, July 2014 Frily Medical Image Sharing Scheme Hao-Kuan Tso Department of Computer

More information

Efficient nonce-based authentication scheme for Session Initiation Protocol

Efficient nonce-based authentication scheme for Session Initiation Protocol Efficient nonce-based authentication scheme for Session Initiation Protocol Jia Lun Tsai National Chiao Tung University, Taiwan, R.O.C. crousekimo@yahoo.com.tw Abstract: In recent years, Session Initiation

More information

CS Computer and Network Security: Applied Cryptography

CS Computer and Network Security: Applied Cryptography CS 5410 - Computer and Network Security: Applied Cryptography Professor Patrick Traynor Spring 2016 Reminders Project Ideas are due on Tuesday. Where are we with these? Assignment #2 is posted. Let s get

More information

PUBLIC KEY ENCRYPTION

PUBLIC KEY ENCRYPTION PUBLIC KEY ENCRYPTION http://www.tutorialspoint.com/cryptography/public_key_encryption.htm Copyright tutorialspoint.com Public Key Cryptography Unlike symmetric key cryptography, we do not find historical

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Fifth Edition by William Stallings Chapter 9 Public Key Cryptography and RSA Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared

More information

Lukasz Pater CMMS Administrator and Developer

Lukasz Pater CMMS Administrator and Developer Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? One-way functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign

More information

The Mathematics of the RSA Public-Key Cryptosystem

The Mathematics of the RSA Public-Key Cryptosystem The Mathematics of the RSA Public-Key Cryptosystem Burt Kaliski RSA Laboratories ABOUT THE AUTHOR: Dr Burt Kaliski is a computer scientist whose involvement with the security industry has been through

More information

CUNSHENG DING HKUST, Hong Kong. Computer Security. Computer Security. Cunsheng DING, HKUST COMP4631

CUNSHENG DING HKUST, Hong Kong. Computer Security. Computer Security. Cunsheng DING, HKUST COMP4631 Cunsheng DING, HKUST Lecture 08: Key Management for One-key Ciphers Topics of this Lecture 1. The generation and distribution of secret keys. 2. A key distribution protocol with a key distribution center.

More information

Overview of Public-Key Cryptography

Overview of Public-Key Cryptography CS 361S Overview of Public-Key Cryptography Vitaly Shmatikov slide 1 Reading Assignment Kaufman 6.1-6 slide 2 Public-Key Cryptography public key public key? private key Alice Bob Given: Everybody knows

More information

Session Initiation Protocol Attacks and Challenges

Session Initiation Protocol Attacks and Challenges 2012 IACSIT Hong Kong Conferences IPCSIT vol. 29 (2012) (2012) IACSIT Press, Singapore Session Initiation Protocol Attacks and Challenges Hassan Keshavarz +, Mohammad Reza Jabbarpour Sattari and Rafidah

More information

An Improved Authentication Protocol for Session Initiation Protocol Using Smart Card and Elliptic Curve Cryptography

An Improved Authentication Protocol for Session Initiation Protocol Using Smart Card and Elliptic Curve Cryptography ROMANIAN JOURNAL OF INFORMATION SCIENCE AND TECHNOLOGY Volume 16, Number 4, 2013, 324 335 An Improved Authentication Protocol for Session Initiation Protocol Using Smart Card and Elliptic Curve Cryptography

More information

CS 161 Computer Security

CS 161 Computer Security Song Spring 2015 CS 161 Computer Security Discussion 11 April 7 & April 8, 2015 Question 1 RSA (10 min) (a) Describe how to find a pair of public key and private key for RSA encryption system. Find two

More information

Monitoring Data Integrity while using TPA in Cloud Environment

Monitoring Data Integrity while using TPA in Cloud Environment Monitoring Data Integrity while using TPA in Cloud Environment Jaspreet Kaur, Jasmeet Singh Abstract Cloud Computing is the arising technology that delivers software, platform and infrastructure as a service

More information

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket IT 4823 Information Security Administration Public Key Encryption Revisited April 5 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles

More information

Data Encryption A B C D E F G H I J K L M N O P Q R S T U V W X Y Z. we would encrypt the string IDESOFMARCH as follows:

Data Encryption A B C D E F G H I J K L M N O P Q R S T U V W X Y Z. we would encrypt the string IDESOFMARCH as follows: Data Encryption Encryption refers to the coding of information in order to keep it secret. Encryption is accomplished by transforming the string of characters comprising the information to produce a new

More information

3-6 Toward Realizing Privacy-Preserving IP-Traceback

3-6 Toward Realizing Privacy-Preserving IP-Traceback 3-6 Toward Realizing Privacy-Preserving IP-Traceback The IP-traceback technology enables us to trace widely spread illegal users on Internet. However, to deploy this attractive technology, some problems

More information

IMPROVED SECURITY MEASURES FOR DATA IN KEY EXCHANGES IN CLOUD ENVIRONMENT

IMPROVED SECURITY MEASURES FOR DATA IN KEY EXCHANGES IN CLOUD ENVIRONMENT INTERNATIONAL JOURNAL OF RESEARCH IN COMPUTER APPLICATIONS AND ROBOTICS ISSN 2320-7345 IMPROVED SECURITY MEASURES FOR DATA IN KEY EXCHANGES IN CLOUD ENVIRONMENT Merlin Shirly T 1, Margret Johnson 2 1 PG

More information

Lecture 17: Re-encryption

Lecture 17: Re-encryption 600.641 Special Topics in Theoretical Cryptography April 2, 2007 Instructor: Susan Hohenberger Lecture 17: Re-encryption Scribe: Zachary Scott Today s lecture was given by Matt Green. 1 Motivation Proxy

More information

Security in Electronic Payment Systems

Security in Electronic Payment Systems Security in Electronic Payment Systems Jan L. Camenisch, Jean-Marc Piveteau, Markus A. Stadler Institute for Theoretical Computer Science, ETH Zurich, CH-8092 Zurich e-mail: {camenisch, stadler}@inf.ethz.ch

More information

CS 758: Cryptography / Network Security

CS 758: Cryptography / Network Security CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html

More information

UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering. Introduction to Cryptography ECE 597XX/697XX

UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering. Introduction to Cryptography ECE 597XX/697XX UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Introduction to Cryptography ECE 597XX/697XX Part 6 Introduction to Public-Key Cryptography Israel Koren ECE597/697 Koren Part.6.1

More information

6 Introduction to Cryptography

6 Introduction to Cryptography 6 Introduction to Cryptography This section gives a short introduction to cryptography. It is based on the recent tutorial by Jörg Rothe. For an in-depth treatment of cryptography, please consult the Handbook

More information

International Journal of Information Technology, Modeling and Computing (IJITMC) Vol.1, No.3,August 2013

International Journal of Information Technology, Modeling and Computing (IJITMC) Vol.1, No.3,August 2013 FACTORING CRYPTOSYSTEM MODULI WHEN THE CO-FACTORS DIFFERENCE IS BOUNDED Omar Akchiche 1 and Omar Khadir 2 1,2 Laboratory of Mathematics, Cryptography and Mechanics, Fstm, University of Hassan II Mohammedia-Casablanca,

More information

Introduction to Cryptography

Introduction to Cryptography Introduction to Cryptography Part 2: public-key cryptography Jean-Sébastien Coron January 2007 Public-key cryptography Invented by Diffie and Hellman in 1976. Revolutionized the field. Each user now has

More information

1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies 1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies Dave Corbett Technical Product Manager Implementing Forward Secrecy 1 Agenda Part 1: Introduction Why is Forward Secrecy important?

More information

CRYPTOGRAPHY IN NETWORK SECURITY

CRYPTOGRAPHY IN NETWORK SECURITY ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can

More information

Authentication Protocols Using Hoover-Kausik s Software Token *

Authentication Protocols Using Hoover-Kausik s Software Token * JOURNAL OF INFORMATION SCIENCE AND ENGINEERING 22, 691-699 (2006) Short Paper Authentication Protocols Using Hoover-Kausik s Software Token * WEI-CHI KU AND HUI-LUNG LEE + Department of Computer Science

More information

Analysis on Secure Data sharing using ELGamal s Cryptosystem in Cloud

Analysis on Secure Data sharing using ELGamal s Cryptosystem in Cloud Analysis on Secure Data sharing using ELGamal s Cryptosystem in Cloud M.Jayanthi, Assistant Professor, Hod of MCA.E mail: badini_jayanthi@yahoo.co.in MahatmaGandhi University,Nalgonda, INDIA. B.Ranganatha

More information

Lecture 25: Pairing-Based Cryptography

Lecture 25: Pairing-Based Cryptography 6.897 Special Topics in Cryptography Instructors: Ran Canetti and Ron Rivest May 5, 2004 Lecture 25: Pairing-Based Cryptography Scribe: Ben Adida 1 Introduction The field of Pairing-Based Cryptography

More information

Masao KASAHARA. Public Key Cryptosystem, Error-Correcting Code, Reed-Solomon code, CBPKC, McEliece PKC.

Masao KASAHARA. Public Key Cryptosystem, Error-Correcting Code, Reed-Solomon code, CBPKC, McEliece PKC. A New Class of Public Key Cryptosystems Constructed Based on Reed-Solomon Codes, K(XII)SEPKC. Along with a presentation of K(XII)SEPKC over the extension field F 2 8 extensively used for present day various

More information

The Role of Cryptography in Cyberscurity. International Colloquium on ICT 19 November 2014, Brussels

The Role of Cryptography in Cyberscurity. International Colloquium on ICT 19 November 2014, Brussels The Role of Cryptography in Cyberscurity International Colloquium on ICT 19 November 2014, Brussels Cybersecurity Cyberspace Cyberspace is becoming the real space Hackers of the 1980 s, 1990 s Advanced

More information

Chapter 10 Asymmetric-Key Cryptography

Chapter 10 Asymmetric-Key Cryptography Chapter 10 Asymmetric-Key Cryptography Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 10.1 Chapter 10 Objectives To distinguish between two cryptosystems: symmetric-key

More information

Lecture 6 - Cryptography

Lecture 6 - Cryptography Lecture 6 - Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07 Question 2 Setup: Assume you and I don t know anything about

More information

Network Security Protocols

Network Security Protocols Network Security Protocols EE657 Parallel Processing Fall 2000 Peachawat Peachavanish Level of Implementation Internet Layer Security Ex. IP Security Protocol (IPSEC) Host-to-Host Basis, No Packets Discrimination

More information

Public Key (asymmetric) Cryptography

Public Key (asymmetric) Cryptography Public-Key Cryptography UNIVERSITA DEGLI STUDI DI PARMA Dipartimento di Ingegneria dell Informazione Public Key (asymmetric) Cryptography Luca Veltri (mail.to: luca.veltri@unipr.it) Course of Network Security,

More information

Elements of Applied Cryptography. Key Distribution. Trusted third party: KDC, KTC Diffie-Helmann protocol The man-in-the-middle attack

Elements of Applied Cryptography. Key Distribution. Trusted third party: KDC, KTC Diffie-Helmann protocol The man-in-the-middle attack Elements of Applied Cryptography Key Distribution Trusted third party: KDC, KTC Diffie-Helmann protocol The man-in-the-middle attack Point-to-point key establishment Alice Bob Each pair of users must share

More information

Introduction. Digital Signature

Introduction. Digital Signature Introduction Electronic transactions and activities taken place over Internet need to be protected against all kinds of interference, accidental or malicious. The general task of the information technology

More information

Network Security. Chapter 2 Basics 2.2 Public Key Cryptography. Public Key Cryptography. Public Key Cryptography

Network Security. Chapter 2 Basics 2.2 Public Key Cryptography. Public Key Cryptography. Public Key Cryptography Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Encryption/Decryption using Public Key Cryptography Network Security Chapter 2 Basics 2.2 Public Key Cryptography

More information

Applied Cryptology. Ed Crowley

Applied Cryptology. Ed Crowley Applied Cryptology Ed Crowley 1 Basics Topics Basic Services and Operations Symmetric Cryptography Encryption and Symmetric Algorithms Asymmetric Cryptography Authentication, Nonrepudiation, and Asymmetric

More information

A chosen text attack on the RSA cryptosystem and some discrete logarithm schemes

A chosen text attack on the RSA cryptosystem and some discrete logarithm schemes A chosen text attack on the RSA cryptosystem and some discrete logarithm schemes Y. Desmedt Aangesteld Navorser NFWO Katholieke Universiteit Leuven Laboratorium ESAT B-3030 Heverlee, Belgium A. M. Odlyzko

More information

Public-Key Cryptography. Oregon State University

Public-Key Cryptography. Oregon State University Public-Key Cryptography Çetin Kaya Koç Oregon State University 1 Sender M Receiver Adversary Objective: Secure communication over an insecure channel 2 Solution: Secret-key cryptography Exchange the key

More information

RSA Attacks. By Abdulaziz Alrasheed and Fatima

RSA Attacks. By Abdulaziz Alrasheed and Fatima RSA Attacks By Abdulaziz Alrasheed and Fatima 1 Introduction Invented by Ron Rivest, Adi Shamir, and Len Adleman [1], the RSA cryptosystem was first revealed in the August 1977 issue of Scientific American.

More information

A Factoring and Discrete Logarithm based Cryptosystem

A Factoring and Discrete Logarithm based Cryptosystem Int. J. Contemp. Math. Sciences, Vol. 8, 2013, no. 11, 511-517 HIKARI Ltd, www.m-hikari.com A Factoring and Discrete Logarithm based Cryptosystem Abdoul Aziz Ciss and Ahmed Youssef Ecole doctorale de Mathematiques

More information

IT Networks & Security CERT Luncheon Series: Cryptography

IT Networks & Security CERT Luncheon Series: Cryptography IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI

More information

A Layered Signcryption Model for Secure Cloud System Communication

A Layered Signcryption Model for Secure Cloud System Communication Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 4, Issue. 6, June 2015, pg.1086

More information

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/ Common Pitfalls in Cryptography for Software Developers OWASP AppSec Israel July 2006 Shay Zalalichin, CISSP AppSec Division Manager, Comsec Consulting shayz@comsecglobal.com Copyright 2006 - The OWASP

More information

SECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER

SECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER SECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER Mrs. P.Venkateswari Assistant Professor / CSE Erode Sengunthar Engineering College, Thudupathi ABSTRACT Nowadays Communication

More information

Digital Signatures. Good properties of hand-written signatures:

Digital Signatures. Good properties of hand-written signatures: Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it is a part of the document) 4. Signed document is

More information

Breaking Generalized Diffie-Hellman Modulo a Composite is no Easier than Factoring

Breaking Generalized Diffie-Hellman Modulo a Composite is no Easier than Factoring Breaking Generalized Diffie-Hellman Modulo a Composite is no Easier than Factoring Eli Biham Dan Boneh Omer Reingold Abstract The Diffie-Hellman key-exchange protocol may naturally be extended to k > 2

More information

Application of Automatic Variable Password Technique in Das s Remote System Authentication Scheme Using Smart Card

Application of Automatic Variable Password Technique in Das s Remote System Authentication Scheme Using Smart Card Application of Automatic Variable Password Technique in Das s Remote System Authentication Scheme Using Smart Card C. Koner, Member, IACSIT, C. T. Bhunia, Sr. Member, IEEE and U. Maulik, Sr. Member, IEEE

More information

Today ENCRYPTION. Cryptography example. Basic principles of cryptography

Today ENCRYPTION. Cryptography example. Basic principles of cryptography Today ENCRYPTION The last class described a number of problems in ensuring your security and privacy when using a computer on-line. This lecture discusses one of the main technological solutions. The use

More information

Security and Cryptography 1. Stefan Köpsell, Thorsten Strufe. Module 4: Basic Crypto, Stream Ciphers

Security and Cryptography 1. Stefan Köpsell, Thorsten Strufe. Module 4: Basic Crypto, Stream Ciphers Security and Cryptography 1 Stefan Köpsell, Thorsten Strufe Module 4: Basic Crypto, Stream Ciphers Disclaimer: Günter Schäfer, Mark Manulis, large parts from Dan Boneh Dresden, WS 16/17 Reprise from the

More information

Public Key Cryptography Overview

Public Key Cryptography Overview Ch.20 Public-Key Cryptography and Message Authentication I will talk about it later in this class Final: Wen (5/13) 1630-1830 HOLM 248» give you a sample exam» Mostly similar to homeworks» no electronic

More information

Capture Resilient ElGamal Signature Protocols

Capture Resilient ElGamal Signature Protocols Capture Resilient ElGamal Signature Protocols Hüseyin Acan 1, Kamer Kaya 2,, and Ali Aydın Selçuk 2 1 Bilkent University, Department of Mathematics acan@fen.bilkent.edu.tr 2 Bilkent University, Department

More information

The Misuse of RC4 in Microsoft Word and Excel

The Misuse of RC4 in Microsoft Word and Excel The Misuse of RC4 in Microsoft Word and Excel Hongjun Wu Institute for Infocomm Research, Singapore hongjun@i2r.a-star.edu.sg Abstract. In this report, we point out a serious security flaw in Microsoft

More information

Module 7 Security CS655! 7-1!

Module 7 Security CS655! 7-1! Module 7 Security CS655! 7-1! Issues Separation of! Security policies! Precise definition of which entities in the system can take what actions! Security mechanism! Means of enforcing that policy! Distributed

More information

UOSEC Week 2: Asymmetric Cryptography. Frank IRC kee Adam IRC xe0 IRC: irc.freenode.net #0x4f

UOSEC Week 2: Asymmetric Cryptography. Frank IRC kee Adam IRC xe0 IRC: irc.freenode.net #0x4f UOSEC Week 2: Asymmetric Cryptography Frank farana@uoregon.edu IRC kee Adam pond2@uoregon.edu IRC xe0 IRC: irc.freenode.net #0x4f Agenda HackIM CTF Results GITSC CTF this Saturday 10:00am Basics of Asymmetric

More information

A Novel Approach to combine Public-key encryption with Symmetric-key encryption

A Novel Approach to combine Public-key encryption with Symmetric-key encryption Volume 1, No. 4, June 2012 ISSN 2278-1080 The International Journal of Computer Science & Applications (TIJCSA) RESEARCH PAPER Available Online at http://www.journalofcomputerscience.com/ A Novel Approach

More information

CMSS An Improved Merkle Signature Scheme

CMSS An Improved Merkle Signature Scheme CMSS An Improved Merkle Signature Scheme Johannes Buchmann 1, Luis Carlos Coronado García 2, Erik Dahmen 1, Martin Döring 1, and Elena Klintsevich 1 1 Technische Universität Darmstadt Department of Computer

More information

On the Difficulty of Software Key Escrow

On the Difficulty of Software Key Escrow On the Difficulty of Software Key Escrow Lars R. Knudsen and Torben P. Pedersen Katholieke Universiteit Leuven, Belgium, email: knudsen@esat.kuleuven.ac.be Cryptomathic, Denmark, email: tpp@cryptomathic.aau.dk

More information

General about the course. Course assignment. Outline. T Cryptosystems. Summary and review of lectures

General about the course. Course assignment. Outline. T Cryptosystems. Summary and review of lectures General about the course T 110.5211 Cryptosystems Summary and review of lectures 4.12.2008 This is the fifth time the course was arranged We need a course covering practical cryptographic topics Security

More information

encrypts blocks of 64 bits using a 64 bit key outputs 64 bits of ciphertext A product cipher basic unit is the bit

encrypts blocks of 64 bits using a 64 bit key outputs 64 bits of ciphertext A product cipher basic unit is the bit Overview of the DES Introduction to Computer Security Lecture 6 Cryptography October 2, 2003 A block cipher: encrypts blocks of 64 bits using a 64 bit key outputs 64 bits of ciphertext A product cipher

More information

Design an efficient three-party authenticated key exchange protocol in the cloud environment

Design an efficient three-party authenticated key exchange protocol in the cloud environment Design an efficient three-party authenticated key exchange protocol in the cloud environment Chung-Yi Lin a, *, Yuh-Min Chen a, Shu-Yi Liaw b, Chen-Hua Fu c a Institute of Manufacturing Information Systems,

More information

Single Sign-On Secure Authentication Password Mechanism

Single Sign-On Secure Authentication Password Mechanism Single Sign-On Secure Authentication Password Mechanism Deepali M. Devkate, N.D.Kale ME Student, Department of CE, PVPIT, Bavdhan, SavitribaiPhule University Pune, Maharashtra,India. Assistant Professor,

More information

A Multifactor Hash Digest Challenge-Response

A Multifactor Hash Digest Challenge-Response A Multifactor Hash Digest Challenge-Response Authentication for Session Initiation Protocol S. Santhosh Baboo Reader in Computer Science, D.G. Vaishnav College Arumbakkam, Chennai-600 106, Tamilnadu. India.

More information

Mathematical Model Based Total Security System with Qualitative and Quantitative Data of Human

Mathematical Model Based Total Security System with Qualitative and Quantitative Data of Human Int Jr of Mathematics Sciences & Applications Vol3, No1, January-June 2013 Copyright Mind Reader Publications ISSN No: 2230-9888 wwwjournalshubcom Mathematical Model Based Total Security System with Qualitative

More information

9/17/2015. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

9/17/2015. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers Cryptography Basics IT443 Network Security Administration Instructor: Bo Sheng Outline Basic concepts in cryptography system Secret cryptography Public cryptography Hash functions 1 2 Encryption/Decryption

More information

Secure Group Oriented Data Access Model with Keyword Search Property in Cloud Computing Environment

Secure Group Oriented Data Access Model with Keyword Search Property in Cloud Computing Environment Secure Group Oriented Data Access Model with Keyword Search Property in Cloud Computing Environment Chih Hung Wang Computer Science and Information Engineering National Chiayi University Chiayi City 60004,

More information

CRYPTOGRAPHIC ALGORITHMS (AES, RSA)

CRYPTOGRAPHIC ALGORITHMS (AES, RSA) CALIFORNIA STATE POLYTECHNIC UNIVERSITY, POMONA CRYPTOGRAPHIC ALGORITHMS (AES, RSA) A PAPER SUBMITTED TO PROFESSOR GILBERT S. YOUNG IN PARTIAL FULFILLMENT OF THE REQUIREMENT FOR THE COURSE CS530 : ADVANCED

More information

Chapter 10 Asymmetric-Key Cryptography

Chapter 10 Asymmetric-Key Cryptography Chapter 10 Asymmetric-Key Cryptography Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 10.1 Chapter 10 Objectives Present asymmetric-key cryptography. Distinguish

More information

A Proposal for Authenticated Key Recovery System 1

A Proposal for Authenticated Key Recovery System 1 A Proposal for Authenticated Key Recovery System 1 Tsuyoshi Nishioka a, Kanta Matsuura a, Yuliang Zheng b,c, and Hideki Imai b a Information & Communication Business Div. ADVANCE Co., Ltd. 5-7 Nihombashi

More information

Lecture 9 - Message Authentication Codes

Lecture 9 - Message Authentication Codes Lecture 9 - Message Authentication Codes Boaz Barak March 1, 2010 Reading: Boneh-Shoup chapter 6, Sections 9.1 9.3. Data integrity Until now we ve only been interested in protecting secrecy of data. However,

More information

Public Key Cryptography: RSA and Lots of Number Theory

Public Key Cryptography: RSA and Lots of Number Theory Public Key Cryptography: RSA and Lots of Number Theory Public vs. Private-Key Cryptography We have just discussed traditional symmetric cryptography: Uses a single key shared between sender and receiver

More information

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate

More information