Efficient Unlinkable Secret Handshakes for Anonymous Communications

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Efficient Unlinkable Secret Handshakes for Anonymous Communications"

Transcription

1 보안공학연구논문지 (Journal of Security Engineering), 제 7권 제 6호 2010년 12월 Efficient Unlinkable Secret Handshakes for Anonymous Communications Eun-Kyung Ryu 1), Kee-Young Yoo 2), Keum-Sook Ha 3) Abstract The technique of secret handshake is used as a fundamental building block for anonymous peer-to-peer communications over untrusted networks. However, the fact that most existing schemes fail to meet unlinkability causes the use of schemes to limit for practical use. In this paper, we provide new constructions for unlinkable secret handshake, allowing arbitrary two communication parties with the same role in either one single group or multiple groups to privately authenticate each other. Compared to previous works, our techniques have much better performance in terms of both computational and communication cost, while they obtain good security results. Keywords : Privacy, Security, Secret Handshake, Anonymous Communication, Unlinkability 1. Introduction A secret handshake is a cryptographic mechanism that enables anonymous and secure communication over untrusted networks by allowing arbitrary two members in a same group to privately authenticate to each other, as well as to agree on a shared key for further communication. More specifically, the secret handshake guarantees the following properties [1]. Let party A be a member of group G 1 with the role r A, and party B be a member of group G 2, respectively. 1) Neither A nor B learns anything about the other party if G 1 does not equal G 2. 2) Both A and B learn their respective group memberships only if G 1 equals G 2. 3) A third party observing the exchange between A and B does not learn anything, including whether A and B belong to the same group, the specific identities of the groups, or the roles of either A or B. For such reasons, the techniques for secret handshake are used as fundamental building blocks for anonymous peer-to-peer communications in a diverse range of applications, including military secret service, Received(October 10, 2010), Review request(october 11, 2010), Review Result(1st:October 25, 2010, 2nd:November 07, 2010) Accepted(December 31, 2010) 1 Graduate School of Electrical Engineering and Computer Science, Kyungpook National University, Daegu School of Computer Science and Engineering, Kyungpook National University, Daegu (Corresponding author) Division of Computer Information and Electronics, Kumi College, Kumi

2 Efficient Unlinkable Secret Handshakes for Anonymous Communications high-bandwidth digital content protection systems and anonymous routing in ad-hoc networks [2]. The first scheme for secret handshakes was introduced by Balfanz et al in [1], which adopts the concept of non-interactive key agreement in pairings-based cryptography. After that, many interesting results [2]-[6] have been shown in the literature in recent years, using various cryptographic primitives such as RSA, identity-based encryption, CA-oblivious encryption, group signature and etc. However, the fact that most existing schemes fail to meet unlinkability causes the use of schemes to limit for practical use. The unlinkability means that multiple handshake sessions involving the same party cannot be linked by a third party, which is required as a primary security property in the design of any privacy-preserving security protocol. In this paper, we describe efficient constructions for secret handshake in two-party settings and provide the security analysis of the resulting schemes. Our schemes have a number of crucial advantages. They provide the unlinkability, but do not require one-time credentials. They are also capable of preserving all desired security properties, including impersonation resistance and detection resistance. Moreover, compared to previous works, our constructions have much better performance in terms of both computational and communication cost, while they obtain good security results. The rest of this paper is organized as follows. In Section 2, we briefly review some cryptographic tools used in our solutions which include the concept of bilinear pairings and the underlying computational assumption. In Section 3, we describe our solution and provide its security analysis. We then discuss efficiency and other attributes in Section 4. We further discuss about the support for multiple-groups in Section 5. Finally, we conclude in Section Cryptographic Tools Here we briefly introduce the underlying cryptographic tools for our schemes, which include bilinear pairings and the well-known Bilinear Diffie-Hellman assumption [7]. Let G and G' be two cyclic additive groups and G T be a cyclic multiplicative group of the same prime order q. Let P be a generator of G and P' be a generator of G'. The symbol ^ denotes the exponentiation operation. A bilinear pairing is a function e : G G' G T with the following properties: Bilinear: For all P 1 G, Q 1 G' and a, b Z q, then e(ap 1, bq 1) = e(p 1, Q 1)^{ab}. Non-degenerate: There exist P 1 G and Q 1 G' such that e(p 1, Q 1 ) 1. Computable: There exists an efficient algorithm to compute e(p 1, Q 1) for any P 1 G and Q 1 G'. The above bilinear pairing is called "Type 3"[8], asymmetric pairings, which is usually implemented using the Weil or Tate pairings over elliptic curve groups G and G', with good performance and flexibility for high security parameters. The elements in G, in general, allow more compact representation than those in G'. The 620

3 보안공학연구논문지 (Journal of Security Engineering), 제 7권 제 6호 2010년 12월 bilinear pairings, in recent years, have been widely used to construct various cryptographic primitives, due to the advantages of its high security assurance with small-size keys and less bandwidth consumption. Definition 1. (BDH assumption) The Bilinear Diffie-Hellman (BDH) problem is defined as follows: given P, ap, bp G and P', cp' G', compute e(p, P')^{abc}, where a,b,c are randomly chosen from Z q and P, P' are generators in G, G', respectively. We say that the BDH assumption holds if no probabilistic polynomial-time algorithm can solve the BDH problem with non-negligible probability. 3. Unlinkable Secret Handshake In this section, we describe our solution for the problem of unlinkable secrete handshake. We first provide our construction with full-fledged security features and then discuss its security results. 3.1 The Construction Let H 0: {0, 1} * G' maps arbitrary strings to points in G', and H 1, H 2 be collision-resistant hash functions, taking arbitrary strings as input, such as SHA-1. Let Gen be a parameter generator that takes a security parameter k as input and outputs the bilinear parameters (q, G, G', G T, e, P, P'). We assume that a group authority for each group is associated with a unique pair (pk, sk) of keys, such that pk = sp and sk = s, where s is the group master secret. Also, each group member in the group is assumed to be associated with a group secret key S = s H 0 (gid role) G', corresponding to the group identity gid and the given role role to the party. The protocol is a 3-round interactive communication algorithm executed by arbitrary two communication parties. In what follows, we denote by the concatenation of two strings and by A, B two communication parties. ini and res are predefined constant values, representing initiator and responder, respectively. The protocol works as below. Round 1. A B: R A 1.1) Choose a random k-bit value r A 1.2) Compute R A = r A P 1.3) Send R A to B Round 2. B A: R B, resp B 2.1) Choose a random k-bit value r B 621

4 Efficient Unlinkable Secret Handshakes for Anonymous Communications 2.2) Compute R B = r BP, K B = e(r A, S B)^{r B}, and resp B = H 1(K B R A R B res) 2.3) Send R B, resp B to A Round 3. A B: resp A 3.1) Compute K A = e(r B, S A)^{r A} and verify if resp B = H 1(K A R A R B res) 3.2) If it holds, compute resp A = H 1 (K A R A R B ini) 3.3) Send resp A to B 3.4) Upon receiving resp A, B verifies it using its own key K B, in the exactly same way as A. Note that if A and B are in the same group with the same role, i.e. S A = s A H 0(gid A role A) = s B H 0(gid B role B) = S B, they will successfully authenticate their respective memberships, due to the fact that K A = e(r B, S A )^{r A } = e(p, S A )^{r A r B } = e(p, S B )^{r A r B } = e(r A, S B )^{r B } = K B. After the verifications succeeds, A and B can compute the shared key for future communication as SK A = H 2(K A R A R B resp A resp B) and SK B = H 2(K B R A R B resp A resp B), respectively. 3.2 Security We now discuss the security of our constuction, where unlinkability (UL) is examined in detail. Below our scheme is denoted by SH-RYH. Recall the BDH assumption is that it is computationally intractable to compute e(p, P')^{abc}, given (P, ap, bp G, P', cp' G' ) where a, b and c are random numbers in Z q. The security of the SH-RYH scheme relies on the BDH assumption. Theorem 1. The SH-RYH described above is an unlinkable secret handshake scheme under the BDH assumption. Proof. The property of unlinkability requires that it should be computationally hard for an adversary to link transmitted messages by the same party. Given a pair of transmitted messages, R A, R B, resp A, resp B and R A' R B' resp A', resp B' for secret handshake, the only way for an adversary to distinguish the messages by the same or different parties is to compute a type of shared secrets K A = e(r B, S A)^{r A} and K A' = e(r B', S A)^{r A'}. Suppose that there exists such an adversary E who breaks the unlinkability of the scheme. We then show a 622

5 보안공학연구논문지 (Journal of Security Engineering), 제 7권 제 6호 2010년 12월 simulator S that uses E to solve the BDH problem. Let {P, P', u 1 = ap, u 2 = bp, u 3 = cp'} be an instance of the BDH problem. The challenge of the simulator S is to compute e(p, P')^{abc}, as described above. The S first sets the pair of keys for the group authority as {pk = vp, s = v}, where v is a random value in Z q. Then, S gives {R A = u 1, R B = u 2, resp A = t 1, resp B = t 2} to E as a challenge, where t 1, t 2 are k-length random values. Note that this challenge defines H 0(gid A role A) = w u 3, where w is a random value in Z q. That is, t 1 = H 1 (K A u 1 u 2 ini), where K A = e(u 2, vwu 3 )^{a} = e(bp, vwcp')^{a} = e(p, P')^{abcvw}. If E replies e(p, P')^{abcvw} as the answer to its own challenge, S is able to recover e(p, P')^{abc} by raising it to the power of (v w)^{-1}. The security properties, which are required for the secret handshake scheme to be used in practice, also include impersonation resistance (IR) and detection resistance (DR). The proof of such properties for our scheme can be similarly done to that given for above Theorem 1. We omitted here. 4. Efficiency and Other Attributes We now compare our construction with some previous ones, which are built on bilinear pairings, in terms of computation and communication cost with other attributes in Table 1. For each scheme we show the computational cost per party, the size of all exchanged messages, the underlying assumptions and the security properties achieved. We denote by "pm" a point multiplication over an elliptic curve, by "pr" a pairing and by "exp" an exponentiation. [Table 1] Secret handshaking scheme comparisons Schemes Computation Message Assumptions Security Properties SH-ABK [2] 2pm + 2pr + 1exp BDH, SXDH UL, IR, DR SH-HC [6] 1pm + 1pr + 1exp broken SH-RYH 1pm + 1pr + 1exp BDH UL, IR, DR The message size is in bits. BDH and SXDH stand for the Bilinear Diffie-Hellman and the Symmetric External Diffie-Hellman assumptions, respectively. The computational cost is much cheaper in SH-HC and SH-RYH than in SH-ABK. Also, the size of all messages in SH-HC and SH-RYH is shorter than in SH-ABK. Both SH-ABK and SH-RYH support the all fundamental security properties, but the SH-HC scheme is broken, as described in [9]. For the underlying security assumption, the SH-RYH scheme requires only the BDH, while the SH-ABK scheme does an additional assumption, the SXDH. 623

6 Efficient Unlinkable Secret Handshakes for Anonymous Communications 5. The Support for Multiple Groups The scheme we presented earlier supports only for a single group. Here we show how the scheme can be applied to implement the more general case at the almost same cost, where each party is a member of multiple groups. Suppose two communication parties A and B are members of n groups with specific roles, where we assume each party is associated with n secrets S 1,..., S n corresponding one to each group. The party A wants to communicate only the party B, who is a member in the same multiple-groups with the same roles as A, in an anonymous and unlinkable manner. We obtain an extension with multiple groups by changing the SH-RYH scheme as below. Round 2. B A: R B, resp' B 2.1) Choose a random k-bit value r B 2.2) Compute R B = r BP, K' B = ^{r B}, and resp' B = H 1(K' B R A R B res) 2.3) Send R B, resp' B to A Round 3. A B: resp' A 3.1) Compute K' A = ^{r A} and verify if resp' B = H 1(K' A R A R B res) 3.2) Compute resp' A = H 1(K' A R A R B ini) if it holds 3.3) Send resp' A to B 3.4) Upon receiving resp' A, B verifies resp' A using its own key K' B, as before. Note that if A and B match on both group and role for all groups, it means for all 1 i n. This allows the two parties, A and B, to successfully identify their respective memberships in multiple groups. It is not difficult to see that this extended scheme satisfies the unlinkability property assuming the hardness of the underlying BDH problem. More specifically, an adversary, not possessing the corresponding group secret keys for the member with the specific roles in multiple groups, is not feasible to distinguish whether two executions of the protocol were performed by the same party or not, due to the exactly same reason as that in a single group. That is, in order to break the property of unlinkability for the scheme, the adversary is again 624

7 보안공학연구논문지 (Journal of Security Engineering), 제 7권 제 6호 2010년 12월 faced with the BDH problem. The security proof can be done in a similar way as before. 6. Concluding Remarks We have described two new schemes for secret handshake which allow arbitrary two communication parties in either a single group or multiple groups to authenticate each other in an anonymous and unlinkable manner. Our schemes have crucial advantages. They preserve all the required security properties, including unlinkability, impersonation resistance and the property of detection resistance. Furthermore, compared to previous works, they have much better performance in terms of both computation and computational cost. We believe that our schemes would provide a new building block for the construction of secure and anonymous communication services over untrusted networks. Acknowledgment This research was supported by the Research Project of Kumi College in 2008 and by the Brain Korea 21 Project in References [1] D. Balfanz, G. Durfee, N. Shankar, D. Smetters, J. Staddon, and H. Wong, "Secret Handshakes from Pairing-based Key Agreements," In Proc. IEEE Symposium on Security and Privacy, pp , [2] G. Ateniese, M. Blanton, and J. Kirschm, "Secret Handshakes with Dynamic and Fuzzy Matching," In Proc. Network and Distributed System Security Symposuim (NDSS2007), pp , [3] C. Castelluccia, S. Jarecki, and G. Tsudik, "Secret Handshakes from CA-Oblivious Encryption," In Proc. Advances in Cryptlogy (ASIACRYPT'04)}, LNCS 3329, pp , [4] S. Jarecki and X. Liu, "Unlinkable Secret Handshakes and Key-Private Group Key management Schemes," In Proc. Applied Cryptography and Network Security (ACNS'07), LNCS 4521, pp , [5] S. Jarecki, J. Kim, and G. Tsudik, "Beyond Secret Handshakes: Affiliation-Hiding Authenticated Key Exchange," In Proc. Topics in Cryptology (CT-RSA2008)}, LNCS 4964, pp , [6] H. Huang and Z. Cao, "A Novel and Efficient Unlinkable Secret Handshakes Scheme," IEEE Commun. Lett., vol. 13 (5), pp , [7] D. Boneh and M. Franklin, "Identity-Based Encryption from the Weil Pairing," In Proc. Advances Cryptology (CRYPTO2001), LNCS 2139, pp , [8] D. Page, N. Smart, and F. Vercauteren, "Comparison of MNT Curves and Supersingular Curves," Applicable Algebra in Engineering, Communication and Computing, Vol. 17(5), pp ,

8 Efficient Unlinkable Secret Handshakes for Anonymous Communications [9] R. Su, "On the Security of a Novel and Efficient Unlinkable Secret Handshakes Scheme," IEEE Commun. Lett., vol. 13(9), pp , Authors Eun-Kyung Ryu She received the Ph.D. degree in Computer Engineering from Kyungpook National University (KNU) in She worked as a visiting professor in the Depart. of Mobile Content, Daegu Haany University in In 2007, she worked as a research fellow at School of Systems Information Science, Future University Hakodate, Japan. From 2008 to 2009 she worked as a visiting professor at School of Electrical Engineering and Computer Science (EECS) in KNU. She is currently a post-doc research fellow at KNU EECS. Research Interests: Applied Cryptography, Security Protocols, and Network Security Kee-Young Yoo He received the B.Sc. degree in Education of Mathematics from Kyungpook National University in 1976 and the M.Sc. degree in Computer Engineering from Korea Advanced Institute of Science and Technology in 1978, South Korea. He received the Ph.D. degree in Computer Science from Rensselaer Polytechnic Institute, New York, USA in He is currently a professor at School of Computer Science and Engineering, Kyungpook National University. Research Interests: Cryptography, Smart Card Security, Network security, DRM Security, and Steganography Keum-Sook Ha She received the B.S. degree in Electronics Engineering at Kyungpook National University in 1983 and M.S. and Ph.D. degrees in Computer Engineering at Kyungpook National University in 1990 and 2003, respectively. She had been a researcher at KIPS corporation and worked as a research assistant at the Department of Electronics Engineering, Kyungpook National University. Currently, she is an associate professor in the Division of Computer Information and Electronics, Kumi College. Research interests: Parallel Processing and Information Security 626

New Efficient Searchable Encryption Schemes from Bilinear Pairings

New Efficient Searchable Encryption Schemes from Bilinear Pairings International Journal of Network Security, Vol.10, No.1, PP.25 31, Jan. 2010 25 New Efficient Searchable Encryption Schemes from Bilinear Pairings Chunxiang Gu and Yuefei Zhu (Corresponding author: Chunxiang

More information

Lecture 25: Pairing-Based Cryptography

Lecture 25: Pairing-Based Cryptography 6.897 Special Topics in Cryptography Instructors: Ran Canetti and Ron Rivest May 5, 2004 Lecture 25: Pairing-Based Cryptography Scribe: Ben Adida 1 Introduction The field of Pairing-Based Cryptography

More information

A New and Efficient Signature on Commitment Values

A New and Efficient Signature on Commitment Values International Journal of Network Security, Vol.7, No., PP.0 06, July 2008 0 A New and Efficient Signature on Commitment Values Fangguo Zhang,3, Xiaofeng Chen 2,3, Yi Mu 4, and Willy Susilo 4 (Corresponding

More information

An Introduction to Identity-based Cryptography CSEP 590TU March 2005 Carl Youngblood

An Introduction to Identity-based Cryptography CSEP 590TU March 2005 Carl Youngblood An Introduction to Identity-based Cryptography CSEP 590TU March 2005 Carl Youngblood One significant impediment to the widespread adoption of public-key cryptography is its dependence on a public-key infrastructure

More information

ID-based Cryptography and Smart-Cards

ID-based Cryptography and Smart-Cards ID-based Cryptography and Smart-Cards Survol des techniques cryptographiques basées sur l identité et implémentation sur carte à puce The Need for Cryptography Encryption! Transform a message so that only

More information

Cryptography. Identity-based Encryption. Jean-Sébastien Coron and David Galindo. May 15, 2014. Université du Luxembourg

Cryptography. Identity-based Encryption. Jean-Sébastien Coron and David Galindo. May 15, 2014. Université du Luxembourg Identity-based Encryption Université du Luxembourg May 15, 2014 Summary Identity-Based Encryption (IBE) What is Identity-Based Encryption? Difference with conventional PK cryptography. Applications of

More information

LEARNING TOWARDS RELIABLE DATA AUTHENTICATION IN MULTI-CLOUD ENVIRONMENT

LEARNING TOWARDS RELIABLE DATA AUTHENTICATION IN MULTI-CLOUD ENVIRONMENT INTERNATIONAL JOURNAL OF ADVANCED RESEARCH IN ENGINEERING AND SCIENCE LEARNING TOWARDS RELIABLE DATA AUTHENTICATION IN MULTI-CLOUD ENVIRONMENT B.Chitra 1, J.V.Krishna 2 1 M.Tech Student, Dept of CSE, Holy

More information

MESSAGE AUTHENTICATION IN AN IDENTITY-BASED ENCRYPTION SCHEME: 1-KEY-ENCRYPT-THEN-MAC

MESSAGE AUTHENTICATION IN AN IDENTITY-BASED ENCRYPTION SCHEME: 1-KEY-ENCRYPT-THEN-MAC MESSAGE AUTHENTICATION IN AN IDENTITY-BASED ENCRYPTION SCHEME: 1-KEY-ENCRYPT-THEN-MAC by Brittanney Jaclyn Amento A Thesis Submitted to the Faculty of The Charles E. Schmidt College of Science in Partial

More information

Breaking Generalized Diffie-Hellman Modulo a Composite is no Easier than Factoring

Breaking Generalized Diffie-Hellman Modulo a Composite is no Easier than Factoring Breaking Generalized Diffie-Hellman Modulo a Composite is no Easier than Factoring Eli Biham Dan Boneh Omer Reingold Abstract The Diffie-Hellman key-exchange protocol may naturally be extended to k > 2

More information

Lecture 17: Re-encryption

Lecture 17: Re-encryption 600.641 Special Topics in Theoretical Cryptography April 2, 2007 Instructor: Susan Hohenberger Lecture 17: Re-encryption Scribe: Zachary Scott Today s lecture was given by Matt Green. 1 Motivation Proxy

More information

Identity-Based Encryption from the Weil Pairing

Identity-Based Encryption from the Weil Pairing Appears in SIAM J. of Computing, Vol. 32, No. 3, pp. 586-615, 2003. An extended abstract of this paper appears in the Proceedings of Crypto 2001, volume 2139 of Lecture Notes in Computer Science, pages

More information

Enhanced Privacy ID (EPID) Ernie Brickell and Jiangtao Li Intel Corporation

Enhanced Privacy ID (EPID) Ernie Brickell and Jiangtao Li Intel Corporation Enhanced Privacy ID (EPID) Ernie Brickell and Jiangtao Li Intel Corporation 1 Agenda EPID overview EPID usages Device Authentication Government Issued ID EPID performance and standardization efforts 2

More information

An Improved Authentication Protocol for Session Initiation Protocol Using Smart Card and Elliptic Curve Cryptography

An Improved Authentication Protocol for Session Initiation Protocol Using Smart Card and Elliptic Curve Cryptography ROMANIAN JOURNAL OF INFORMATION SCIENCE AND TECHNOLOGY Volume 16, Number 4, 2013, 324 335 An Improved Authentication Protocol for Session Initiation Protocol Using Smart Card and Elliptic Curve Cryptography

More information

Metered Signatures - How to restrict the Signing Capability -

Metered Signatures - How to restrict the Signing Capability - JOURNAL OF COMMUNICATIONS AND NETWORKS, VOL.?, NO.?, 1 Metered Signatures - How to restrict the Signing Capability - Woo-Hwan Kim, HyoJin Yoon, and Jung Hee Cheon Abstract: We propose a new notion of metered

More information

Simplified Security Notions of Direct Anonymous Attestation and a Concrete Scheme from Pairings

Simplified Security Notions of Direct Anonymous Attestation and a Concrete Scheme from Pairings Simplified Security Notions of Direct Anonymous Attestation and a Concrete Scheme from Pairings Ernie Brickell Intel Corporation ernie.brickell@intel.com Liqun Chen HP Laboratories liqun.chen@hp.com March

More information

International Journal of Information Technology, Modeling and Computing (IJITMC) Vol.1, No.3,August 2013

International Journal of Information Technology, Modeling and Computing (IJITMC) Vol.1, No.3,August 2013 FACTORING CRYPTOSYSTEM MODULI WHEN THE CO-FACTORS DIFFERENCE IS BOUNDED Omar Akchiche 1 and Omar Khadir 2 1,2 Laboratory of Mathematics, Cryptography and Mechanics, Fstm, University of Hassan II Mohammedia-Casablanca,

More information

Key Privacy for Identity Based Encryption

Key Privacy for Identity Based Encryption Key Privacy for Identity Based Encryption Internet Security Research Lab Technical Report 2006-2 Jason E. Holt Internet Security Research Lab Brigham Young University c 2006 Brigham Young University March

More information

Introduction. Digital Signature

Introduction. Digital Signature Introduction Electronic transactions and activities taken place over Internet need to be protected against all kinds of interference, accidental or malicious. The general task of the information technology

More information

A Factoring and Discrete Logarithm based Cryptosystem

A Factoring and Discrete Logarithm based Cryptosystem Int. J. Contemp. Math. Sciences, Vol. 8, 2013, no. 11, 511-517 HIKARI Ltd, www.m-hikari.com A Factoring and Discrete Logarithm based Cryptosystem Abdoul Aziz Ciss and Ahmed Youssef Ecole doctorale de Mathematiques

More information

Some Identity Based Strong Bi-Designated Verifier Signature Schemes

Some Identity Based Strong Bi-Designated Verifier Signature Schemes Some Identity Based Strong Bi-Designated Verifier Signature Schemes Sunder Lal and Vandani Verma Department of Mathematics, Dr. B.R.A. (Agra), University, Agra-282002 (UP), India. E-mail- sunder_lal2@rediffmail.com,

More information

NEW DIGITAL SIGNATURE PROTOCOL BASED ON ELLIPTIC CURVES

NEW DIGITAL SIGNATURE PROTOCOL BASED ON ELLIPTIC CURVES NEW DIGITAL SIGNATURE PROTOCOL BASED ON ELLIPTIC CURVES Ounasser Abid 1, Jaouad Ettanfouhi 2 and Omar Khadir 3 1,2,3 Laboratory of Mathematics, Cryptography and Mechanics, Department of Mathematics, Fstm,

More information

Anonymous ID-based Group Key Agreement for Wireless Networks

Anonymous ID-based Group Key Agreement for Wireless Networks Anonymous ID-based Group Key Agreement for Wireless Networks Zhiguo Wan,KuiRen, Wenjing Lou and Bart Preneel K.U.Leuven, ESAT/SCD, Kasteelpark Arenberg 10, B-3001 Leuven-Heverlee, Belgium Email: {zhiguo.wan,bart.preneel}@esat.kuleuven.be

More information

SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES

SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES www.arpapress.com/volumes/vol8issue1/ijrras_8_1_10.pdf SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES Malek Jakob Kakish Amman Arab University, Department of Computer Information Systems, P.O.Box 2234,

More information

Secure Key Issuing in ID-based Cryptography

Secure Key Issuing in ID-based Cryptography Secure Key Issuing in ID-based Cryptography Byoungcheon Lee 1,2 Colin Boyd 1 Ed Dawson 1 Kwangjo Kim 3 Jeongmo Yang 2 Seungjae Yoo 2 1 Information Security Research Centre, Queensland University of Technology,

More information

CSC 774 Advanced Network Security

CSC 774 Advanced Network Security CSC 774 Advanced Network Security 1. Instructor: Dr. Peng Ning, Office: 3258 EB II, Centennial Campus Phone: (919) 513-4457 Email: pning@ncsu.edu URL: http://www.csc.ncsu.edu/faculty/ning Office hours:

More information

SECURE AND EFFICIENT PRIVACY-PRESERVING PUBLIC AUDITING SCHEME FOR CLOUD STORAGE

SECURE AND EFFICIENT PRIVACY-PRESERVING PUBLIC AUDITING SCHEME FOR CLOUD STORAGE International Journal of Computer Network and Security(IJCNS) Vol 7. No.1 2015 Pp. 1-8 gopalax Journals, Singapore available at : www.ijcns.com ISSN: 0975-8283 ----------------------------------------------------------------------------------------------------------------------------------------------------------

More information

MANAGING OF AUTHENTICATING PASSWORD BY MEANS OF NUMEROUS SERVERS

MANAGING OF AUTHENTICATING PASSWORD BY MEANS OF NUMEROUS SERVERS INTERNATIONAL JOURNAL OF ADVANCED RESEARCH IN ENGINEERING AND SCIENCE MANAGING OF AUTHENTICATING PASSWORD BY MEANS OF NUMEROUS SERVERS Kanchupati Kondaiah 1, B.Sudhakar 2 1 M.Tech Student, Dept of CSE,

More information

Experiments in Encrypted and Searchable Network Audit Logs

Experiments in Encrypted and Searchable Network Audit Logs Experiments in Encrypted and Searchable Network Audit Logs Bhanu Prakash Gopularam Cisco Systems India Pvt. Ltd Nitte Meenakshi Institute of Technology Email: bhanprak@cisco.com Sashank Dara Cisco Systems

More information

Secure Group Oriented Data Access Model with Keyword Search Property in Cloud Computing Environment

Secure Group Oriented Data Access Model with Keyword Search Property in Cloud Computing Environment Secure Group Oriented Data Access Model with Keyword Search Property in Cloud Computing Environment Chih Hung Wang Computer Science and Information Engineering National Chiayi University Chiayi City 60004,

More information

Victor Shoup Avi Rubin. fshoup,rubing@bellcore.com. Abstract

Victor Shoup Avi Rubin. fshoup,rubing@bellcore.com. Abstract Session Key Distribution Using Smart Cards Victor Shoup Avi Rubin Bellcore, 445 South St., Morristown, NJ 07960 fshoup,rubing@bellcore.com Abstract In this paper, we investigate a method by which smart

More information

Title Security Related Issues for Cloud Computing

Title Security Related Issues for Cloud Computing Title Security Related Issues for Cloud Computing Ashwini Singh Abstract: The term CLOUD implies Common Location Independent Online Utility on Demand. It's a rising innovation in IT commercial ventures.

More information

AN EFFECTIVE STUDY ON IMPROVED DATA AUTHENTICATION IN CLOUD SYSTEM

AN EFFECTIVE STUDY ON IMPROVED DATA AUTHENTICATION IN CLOUD SYSTEM INTERNATIONAL JOURNAL OF ADVANCED RESEARCH IN ENGINEERING AND SCIENCE AN EFFECTIVE STUDY ON IMPROVED DATA AUTHENTICATION IN CLOUD SYSTEM Bairu Ravi 1, B.Ramya 2 1 M.Tech Student, Dept of CSE, Arjun College

More information

IEEE Draft P1363.3. Identity Based Public Key Cryptography Based On Pairings. Daniel Schliebner. 14. Dezember 2009

IEEE Draft P1363.3. Identity Based Public Key Cryptography Based On Pairings. Daniel Schliebner. 14. Dezember 2009 Identity Based Public Key Cryptography Based On Pairings 14. Dezember 2009 Gliederung Introduction Identity Based Encryption The Protocol Security Of The Protocol Discussion About The Headline Identity

More information

1 Digital Signatures. 1.1 The RSA Function: The eth Power Map on Z n. Crypto: Primitives and Protocols Lecture 6.

1 Digital Signatures. 1.1 The RSA Function: The eth Power Map on Z n. Crypto: Primitives and Protocols Lecture 6. 1 Digital Signatures A digital signature is a fundamental cryptographic primitive, technologically equivalent to a handwritten signature. In many applications, digital signatures are used as building blocks

More information

A novel deniable authentication protocol using generalized ElGamal signature scheme

A novel deniable authentication protocol using generalized ElGamal signature scheme Information Sciences 177 (2007) 1376 1381 www.elsevier.com/locate/ins A novel deniable authentication protocol using generalized ElGamal signature scheme Wei-Bin Lee a, Chia-Chun Wu a, Woei-Jiunn Tsaur

More information

Enhancing Data Security in Cloud Storage Auditing With Key Abstraction

Enhancing Data Security in Cloud Storage Auditing With Key Abstraction Enhancing Data Security in Cloud Storage Auditing With Key Abstraction 1 Priyadharshni.A, 2 Geo Jenefer.G 1 Master of engineering in computer science, Ponjesly College of Engineering 2 Assistant Professor,

More information

Signature Amortization Technique for Authenticating Delay Sensitive Stream

Signature Amortization Technique for Authenticating Delay Sensitive Stream Signature Amortization Technique for Authenticating Delay Sensitive Stream M Bruntha 1, Dr J. Premalatha Ph.D. 2 1 M.E., 2 Professor, Department of Information Technology, Kongu Engineering College, Perundurai,

More information

Threshold Identity Based Encryption Scheme without Random Oracles

Threshold Identity Based Encryption Scheme without Random Oracles WCAN 2006 Threshold Identity Based Encryption Scheme without Random Oracles Jin Li School of Mathematics and Computational Science Sun Yat-sen University Guangzhou, P.R. China Yanming Wang Lingnan College

More information

An Efficient and Provably-secure Digital signature Scheme based on Elliptic Curve Bilinear Pairings

An Efficient and Provably-secure Digital signature Scheme based on Elliptic Curve Bilinear Pairings Theoretical and Applied Informatics ISSN 896 5334 Vol.24 (202), no. 2 pp. 09 8 DOI: 0.2478/v079-02-0009-0 An Efficient and Provably-secure Digital signature Scheme based on Elliptic Curve Bilinear Pairings

More information

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike

More information

Keyword Search over Shared Cloud Data without Secure Channel or Authority

Keyword Search over Shared Cloud Data without Secure Channel or Authority Keyword Search over Shared Cloud Data without Secure Channel or Authority Yilun Wu, Jinshu Su, and Baochun Li College of Computer, National University of Defense Technology, Changsha, Hunan, China Department

More information

Constructing Pairing-Friendly Elliptic Curves with Embedding Degree 10

Constructing Pairing-Friendly Elliptic Curves with Embedding Degree 10 with Embedding Degree 10 University of California, Berkeley, USA ANTS-VII, 2006 Outline 1 Introduction 2 The CM Method: The Basic Construction The CM Method: Generating Families of Curves 3 Outline 1 Introduction

More information

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the

More information

Strengthen RFID Tags Security Using New Data Structure

Strengthen RFID Tags Security Using New Data Structure International Journal of Control and Automation 51 Strengthen RFID Tags Security Using New Data Structure Yan Liang and Chunming Rong Department of Electrical Engineering and Computer Science, University

More information

Breaking The Code. Ryan Lowe. Ryan Lowe is currently a Ball State senior with a double major in Computer Science and Mathematics and

Breaking The Code. Ryan Lowe. Ryan Lowe is currently a Ball State senior with a double major in Computer Science and Mathematics and Breaking The Code Ryan Lowe Ryan Lowe is currently a Ball State senior with a double major in Computer Science and Mathematics and a minor in Applied Physics. As a sophomore, he took an independent study

More information

Efficient and Robust Secure Aggregation of Encrypted Data in Wireless Sensor Networks

Efficient and Robust Secure Aggregation of Encrypted Data in Wireless Sensor Networks Efficient and Robust Secure Aggregation of Encrypted Data in Wireless Sensor Networks J. M. BAHI, C. GUYEUX, and A. MAKHOUL Computer Science Laboratory LIFC University of Franche-Comté Journée thématique

More information

Proficient Audit Services Outsourced for Data Availability in Clouds

Proficient Audit Services Outsourced for Data Availability in Clouds Proficient Audit Services Outsourced for Data Availability in Clouds N Praveen Kumar Reddy #1, Dr Subhash Chandra *2 N Praveen Kumar Reddy, pursuing M.Tech from Holy Mary Institute of Technology and Science,,

More information

CCLAS: A Practical and Compact Certificateless Aggregate Signature with Share Extraction

CCLAS: A Practical and Compact Certificateless Aggregate Signature with Share Extraction International Journal of Network Security, Vol.16, No.3, PP.174-181, May 2014 174 CCLAS: A Practical and Compact Certificateless Aggregate Signature with Share Extraction Min Zhou 1, Mingwu Zhang 2, Chunzhi

More information

Building an Encrypted and Searchable Audit Log

Building an Encrypted and Searchable Audit Log Building an Encrypted and Searchable Audit Log Brent R. Waters 1, Dirk Balfanz 2, Glenn Durfee 2, and D. K. Smetters 2 1 Princeton University Computer Science Department Princeton, NJ 08544 bwaters@cs.princeton.edu

More information

AN EFFICIENT STRATEGY OF THE DATA INTEGRATION BASED CLOUD

AN EFFICIENT STRATEGY OF THE DATA INTEGRATION BASED CLOUD INTERNATIONAL JOURNAL OF REVIEWS ON RECENT ELECTRONICS AND COMPUTER SCIENCE AN EFFICIENT STRATEGY OF THE DATA INTEGRATION BASED CLOUD Koncha Anantha Laxmi Prasad 1, M.Yaseen Pasha 2, V.Hari Prasad 3 1

More information

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23 Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

More information

Improved Online/Offline Signature Schemes

Improved Online/Offline Signature Schemes Improved Online/Offline Signature Schemes Adi Shamir and Yael Tauman Applied Math. Dept. The Weizmann Institute of Science Rehovot 76100, Israel {shamir,tauman}@wisdom.weizmann.ac.il Abstract. The notion

More information

Lecture 9 - Message Authentication Codes

Lecture 9 - Message Authentication Codes Lecture 9 - Message Authentication Codes Boaz Barak March 1, 2010 Reading: Boneh-Shoup chapter 6, Sections 9.1 9.3. Data integrity Until now we ve only been interested in protecting secrecy of data. However,

More information

Secure Attribute Based Mechanism through Access cipher policy in Outsourced Cloud Data

Secure Attribute Based Mechanism through Access cipher policy in Outsourced Cloud Data Secure Attribute Based Mechanism through Access cipher policy in Outsourced Cloud Data V.Abinaya PG Scholar Kalasalingam Institute of Technology Krishnankoil. V.Ramesh Assistant professor Kalasalingam

More information

Enabling Public Auditing for Secured Data Storage in Cloud Computing

Enabling Public Auditing for Secured Data Storage in Cloud Computing IOSR Journal of Engineering (IOSRJEN) e-issn: 2250-3021, p-issn: 2278-8719 Vol. 3, Issue 5 (May. 2013), V3 PP 01-05 Enabling Public Auditing for Secured Data Storage in Cloud Computing 1 Er.Amandeep Kaur,

More information

Security Analysis of DRBG Using HMAC in NIST SP 800-90

Security Analysis of DRBG Using HMAC in NIST SP 800-90 Security Analysis of DRBG Using MAC in NIST SP 800-90 Shoichi irose Graduate School of Engineering, University of Fukui hrs shch@u-fukui.ac.jp Abstract. MAC DRBG is a deterministic random bit generator

More information

IMPLEMENTATION OF RESPONSIBLE DATA STORAGE IN CONSISTENT CLOUD ENVIRONMENT

IMPLEMENTATION OF RESPONSIBLE DATA STORAGE IN CONSISTENT CLOUD ENVIRONMENT IJRRECS/November 2014/Volume-2/Issue-11/3699-3703 ISSN 2321-5461 INTERNATIONAL JOURNAL OF REVIEWS ON RECENT ELECTRONICS AND COMPUTER SCIENCE IMPLEMENTATION OF RESPONSIBLE DATA STORAGE IN CONSISTENT CLOUD

More information

Secure Conjunctive Keyword Search Over Encrypted Data

Secure Conjunctive Keyword Search Over Encrypted Data Secure Conjunctive Keyword Search Over Encrypted Data Philippe Golle 1 and Jessica Staddon 1 and Brent Waters 2 1 Palo Alto Research Center 3333 Coyote Hill Road Palo Alto, CA 94304, USA E-mail: {pgolle,staddon}@parc.com

More information

A More Robust Authentication Scheme for Roaming Service in Global Mobility Networks Using ECC

A More Robust Authentication Scheme for Roaming Service in Global Mobility Networks Using ECC International Journal of Network Security, Vol.18, No.2, PP.217-223, Mar. 2016 217 A More Robust Authentication Scheme for Roaming Service in Global Mobility Networks Using ECC Dianli Guo and Fengtong

More information

Lecture 1: Introduction. CS 6903: Modern Cryptography Spring 2009. Nitesh Saxena Polytechnic University

Lecture 1: Introduction. CS 6903: Modern Cryptography Spring 2009. Nitesh Saxena Polytechnic University Lecture 1: Introduction CS 6903: Modern Cryptography Spring 2009 Nitesh Saxena Polytechnic University Outline Administrative Stuff Introductory Technical Stuff Some Pointers Course Web Page http://isis.poly.edu/courses/cs6903-s10

More information

PUBLIC KEY ENCRYPTION

PUBLIC KEY ENCRYPTION PUBLIC KEY ENCRYPTION http://www.tutorialspoint.com/cryptography/public_key_encryption.htm Copyright tutorialspoint.com Public Key Cryptography Unlike symmetric key cryptography, we do not find historical

More information

Capture Resilient ElGamal Signature Protocols

Capture Resilient ElGamal Signature Protocols Capture Resilient ElGamal Signature Protocols Hüseyin Acan 1, Kamer Kaya 2,, and Ali Aydın Selçuk 2 1 Bilkent University, Department of Mathematics acan@fen.bilkent.edu.tr 2 Bilkent University, Department

More information

A New Credit Card Payment Scheme Using Mobile Phones Based on Visual Cryptography

A New Credit Card Payment Scheme Using Mobile Phones Based on Visual Cryptography A New Credit Card Payment Scheme Using Mobile Phones Based on Visual Cryptography Chao-Wen Chan and Chih-Hao Lin Graduate School of Computer Science and Information Technology, National Taichung Institute

More information

15-2394-3696 RIGOROUS PUBLIC AUDITING SUPPORT ON SHARED DATA STORED IN THE CLOUD BY PRIVACY-PRESERVING MECHANISM

15-2394-3696 RIGOROUS PUBLIC AUDITING SUPPORT ON SHARED DATA STORED IN THE CLOUD BY PRIVACY-PRESERVING MECHANISM RIGOROUS PUBLIC AUDITING SUPPORT ON SHARED DATA STORED IN THE CLOUD BY PRIVACY-PRESERVING MECHANISM Dhanashri Bamane Vinayak Pottigar Subhash Pingale Department of Computer Science and Engineering SKN

More information

Analysis on Secure Data sharing using ELGamal s Cryptosystem in Cloud

Analysis on Secure Data sharing using ELGamal s Cryptosystem in Cloud Analysis on Secure Data sharing using ELGamal s Cryptosystem in Cloud M.Jayanthi, Assistant Professor, Hod of MCA.E mail: badini_jayanthi@yahoo.co.in MahatmaGandhi University,Nalgonda, INDIA. B.Ranganatha

More information

SAFE: A Social Based Updatable Filtering Protocol with Privacy-preserving in Mobile Social Networks

SAFE: A Social Based Updatable Filtering Protocol with Privacy-preserving in Mobile Social Networks IEEE ICC 23 - Wireless Networking Symposium SAFE: A Social Based Updatable Filtering Protocol with Privacy-preserving in Mobile Social Networks Kuan Zhang, Xiaohui Liang, Rongxing Lu, and Xuemin (Sherman)

More information

Secure Data Management Scheme using One-Time Trapdoor on Cloud Storage Environment

Secure Data Management Scheme using One-Time Trapdoor on Cloud Storage Environment , pp.257-272 http://dx.doi.org/10.14257/ijsia.2014.8.1.24 Secure Data Management Scheme using One-Time Trapdoor on Cloud Storage Environment Sun-Ho Lee and Im-Yeong Lee 1 Department of Computer Software

More information

Certificate Based Signature Schemes without Pairings or Random Oracles

Certificate Based Signature Schemes without Pairings or Random Oracles Certificate Based Signature Schemes without Pairings or Random Oracles p. 1/2 Certificate Based Signature Schemes without Pairings or Random Oracles Joseph K. Liu, Joonsang Baek, Willy Susilo and Jianying

More information

Efficient Certificate-Based Encryption Scheme Secure Against Key Replacement Attacks in the Standard Model *

Efficient Certificate-Based Encryption Scheme Secure Against Key Replacement Attacks in the Standard Model * JOURNAL OF INFORMATION SCIENCE AND ENGINEERING 0, 55-568 (04) Efficient Certificate-Based Encryption Scheme Secure Against Key Replacement Attacks in the Standard Model * College of Computer and Information

More information

A Certificateless Signature Scheme for Mobile Wireless Cyber-Physical Systems

A Certificateless Signature Scheme for Mobile Wireless Cyber-Physical Systems The 28th International Conference on Distributed Computing Systems Workshops A Certificateless Signature Scheme for Mobile Wireless Cyber-Physical Systems Zhong Xu Xue Liu School of Computer Science McGill

More information

CS 758: Cryptography / Network Security

CS 758: Cryptography / Network Security CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html

More information

CUNSHENG DING HKUST, Hong Kong. Computer Security. Computer Security. Cunsheng DING, HKUST COMP4631

CUNSHENG DING HKUST, Hong Kong. Computer Security. Computer Security. Cunsheng DING, HKUST COMP4631 Cunsheng DING, HKUST Lecture 08: Key Management for One-key Ciphers Topics of this Lecture 1. The generation and distribution of secret keys. 2. A key distribution protocol with a key distribution center.

More information

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure) Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.

More information

Authentication Protocols Using Hoover-Kausik s Software Token *

Authentication Protocols Using Hoover-Kausik s Software Token * JOURNAL OF INFORMATION SCIENCE AND ENGINEERING 22, 691-699 (2006) Short Paper Authentication Protocols Using Hoover-Kausik s Software Token * WEI-CHI KU AND HUI-LUNG LEE + Department of Computer Science

More information

Randomized Hashing for Digital Signatures

Randomized Hashing for Digital Signatures NIST Special Publication 800-106 Randomized Hashing for Digital Signatures Quynh Dang Computer Security Division Information Technology Laboratory C O M P U T E R S E C U R I T Y February 2009 U.S. Department

More information

A Secure Index Management Scheme for Providing Data Sharing in Cloud Storage

A Secure Index Management Scheme for Providing Data Sharing in Cloud Storage J Inf Process Syst, Vol.9, No.2, June 2013 pissn 1976-913X eissn 2092-805X http://dx.doi.org/10.3745/jips.2013.9.2.287 A Secure Index Management Scheme for Providing Data Sharing in Cloud Storage Sun-Ho

More information

Group Security Model in Wireless Sensor Network using Identity Based Cryptographic Scheme

Group Security Model in Wireless Sensor Network using Identity Based Cryptographic Scheme Group Security Model in Wireless Sensor Network using Identity Based Cryptographic Scheme Asha A 1, Hussana Johar 2, Dr B R Sujatha 3 1 M.Tech Student, Department of ECE, GSSSIETW, Mysuru, Karnataka, India

More information

1 Message Authentication

1 Message Authentication Theoretical Foundations of Cryptography Lecture Georgia Tech, Spring 200 Message Authentication Message Authentication Instructor: Chris Peikert Scribe: Daniel Dadush We start with some simple questions

More information

Lecture 15 - Digital Signatures

Lecture 15 - Digital Signatures Lecture 15 - Digital Signatures Boaz Barak March 29, 2010 Reading KL Book Chapter 12. Review Trapdoor permutations - easy to compute, hard to invert, easy to invert with trapdoor. RSA and Rabin signatures.

More information

Non-Black-Box Techniques In Crytpography. Thesis for the Ph.D degree Boaz Barak

Non-Black-Box Techniques In Crytpography. Thesis for the Ph.D degree Boaz Barak Non-Black-Box Techniques In Crytpography Introduction Thesis for the Ph.D degree Boaz Barak A computer program (or equivalently, an algorithm) is a list of symbols a finite string. When we interpret a

More information

Secure Index Management Scheme on Cloud Storage Environment

Secure Index Management Scheme on Cloud Storage Environment Secure Index Management Scheme on Cloud Storage Environment Sun-Ho Lee and Im-Yeong Lee 1 Dept. of Computer Software Engineering, Soonchunhyang University, Korea 1 Dept. of Computer Software Engineering,

More information

3-6 Toward Realizing Privacy-Preserving IP-Traceback

3-6 Toward Realizing Privacy-Preserving IP-Traceback 3-6 Toward Realizing Privacy-Preserving IP-Traceback The IP-traceback technology enables us to trace widely spread illegal users on Internet. However, to deploy this attractive technology, some problems

More information

Formal Modelling of Network Security Properties (Extended Abstract)

Formal Modelling of Network Security Properties (Extended Abstract) Vol.29 (SecTech 2013), pp.25-29 http://dx.doi.org/10.14257/astl.2013.29.05 Formal Modelling of Network Security Properties (Extended Abstract) Gyesik Lee Hankyong National University, Dept. of Computer

More information

THE ADVANTAGES OF ELLIPTIC CURVE CRYPTOGRAPHY FOR WIRELESS SECURITY KRISTIN LAUTER, MICROSOFT CORPORATION

THE ADVANTAGES OF ELLIPTIC CURVE CRYPTOGRAPHY FOR WIRELESS SECURITY KRISTIN LAUTER, MICROSOFT CORPORATION T OPICS IN WIRELESS SECURITY THE ADVANTAGES OF ELLIPTIC CURVE CRYPTOGRAPHY FOR WIRELESS SECURITY KRISTIN LAUTER, MICROSOFT CORPORATION Q 2 = R 1 Q 2 R 1 R 1 As the wireless industry explodes, it faces

More information

Security Strength of RSA and Attribute Based Encryption for Data Security in Cloud Computing

Security Strength of RSA and Attribute Based Encryption for Data Security in Cloud Computing Security Strength of RSA and Attribute Based Encryption for Data Security in Cloud Computing S.Hemalatha, Dr.R.Manickachezian Ph.D Research Scholar, Department of Computer Science, N.G.M College, Pollachi,

More information

A Proposal for Authenticated Key Recovery System 1

A Proposal for Authenticated Key Recovery System 1 A Proposal for Authenticated Key Recovery System 1 Tsuyoshi Nishioka a, Kanta Matsuura a, Yuliang Zheng b,c, and Hideki Imai b a Information & Communication Business Div. ADVANCE Co., Ltd. 5-7 Nihombashi

More information

Digital Signatures. What are Signature Schemes?

Digital Signatures. What are Signature Schemes? Digital Signatures Debdeep Mukhopadhyay IIT Kharagpur What are Signature Schemes? Provides message integrity in the public key setting Counter-parts of the message authentication schemes in the public

More information

Key Agreement from Close Secrets over Unsecured Channels Winter 2010

Key Agreement from Close Secrets over Unsecured Channels Winter 2010 Key Agreement from Close Secrets over Unsecured Channels Winter 2010 Andreas Keller Contens 1. Motivation 2. Introduction 3. Building Blocks 4. Protocol Extractor Secure Sketches (MAC) message authentication

More information

Comments on "public integrity auditing for dynamic data sharing with multi-user modification"

Comments on public integrity auditing for dynamic data sharing with multi-user modification University of Wollongong Research Online Faculty of Engineering and Information Sciences - Papers Faculty of Engineering and Information Sciences 2016 Comments on "public integrity auditing for dynamic

More information

Hybrid Signcryption Schemes with Insider Security (Extended Abstract)

Hybrid Signcryption Schemes with Insider Security (Extended Abstract) Hybrid Signcryption Schemes with Insider Security (Extended Abstract) Alexander W. Dent Royal Holloway, University of London Egham Hill, Egham, Surrey, TW20 0EX, U.K. a.dent@rhul.ac.uk http://www.isg.rhul.ac.uk/~alex/

More information

Security Aspects of. Database Outsourcing. Vahid Khodabakhshi Hadi Halvachi. Dec, 2012

Security Aspects of. Database Outsourcing. Vahid Khodabakhshi Hadi Halvachi. Dec, 2012 Security Aspects of Database Outsourcing Dec, 2012 Vahid Khodabakhshi Hadi Halvachi Security Aspects of Database Outsourcing Security Aspects of Database Outsourcing 2 Outline Introduction to Database

More information

Keywords: - Ring Signature, Homomorphic Authenticable Ring Signature (HARS), Privacy Preserving, Public Auditing, Cloud Computing.

Keywords: - Ring Signature, Homomorphic Authenticable Ring Signature (HARS), Privacy Preserving, Public Auditing, Cloud Computing. Survey on Privacy Preserving Public Auditing Techniques for Shared Data in the Cloud Kedar Jayesh Rasal 1, Dr. S.V.Gumaste 2, Sandip A. Kahate 3 Computer Engineering, Pune University, SPCOE, Otur, Pune,

More information

Software Tool for Implementing RSA Algorithm

Software Tool for Implementing RSA Algorithm Software Tool for Implementing RSA Algorithm Adriana Borodzhieva, Plamen Manoilov Rousse University Angel Kanchev, Rousse, Bulgaria Abstract: RSA is one of the most-common used algorithms for public-key

More information

CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure Email

CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure Email CS 393 Network Security Nasir Memon Polytechnic University Module 11 Secure Email Course Logistics HW 5 due Thursday Graded exams returned and discussed. Read Chapter 5 of text 4/2/02 Module 11 - Secure

More information

Cryptanalysis and security enhancement on the generation of Mu-Varadharajan electronic voting protocol. Vahid Jahandideh and Amir S.

Cryptanalysis and security enhancement on the generation of Mu-Varadharajan electronic voting protocol. Vahid Jahandideh and Amir S. 72 Int. J. Electronic Governance, Vol. 3, No. 1, 2010 Cryptanalysis and security enhancement on the generation of Mu-Varadharajan electronic voting protocol Vahid Jahandideh and Amir S. Mortazavi Department

More information

A Secure Decentralized Access Control Scheme for Data stored in Clouds

A Secure Decentralized Access Control Scheme for Data stored in Clouds A Secure Decentralized Access Control Scheme for Data stored in Clouds Priyanka Palekar 1, Abhijeet Bharate 2, Nisar Anjum 3 1 SKNSITS, University of Pune 2 SKNSITS, University of Pune 3 SKNSITS, University

More information

Fuzzy Identity-Based Encryption

Fuzzy Identity-Based Encryption Fuzzy Identity-Based Encryption Janek Jochheim June 20th 2013 Overview Overview Motivation (Fuzzy) Identity-Based Encryption Formal definition Security Idea Ingredients Construction Security Extensions

More information

Time-Based Proxy Re-encryption Scheme for Secure Data Sharing in a Cloud Environment

Time-Based Proxy Re-encryption Scheme for Secure Data Sharing in a Cloud Environment Time-Based Proxy Re-encryption Scheme for Secure Data Sharing in a Cloud Environment Qin Liu a,b, Guojun Wang a,, Jie Wu b a School of Information Science and Engineering Central South Uversity Changsha,

More information

Modular Security Proofs for Key Agreement Protocols

Modular Security Proofs for Key Agreement Protocols Modular Security Proofs for Key Agreement Protocols Caroline Kudla and Kenneth G. Paterson Information Security Group Royal Holloway, niversity of London, K {c.j.kudla,kenny.paterson}@rhul.ac.uk Abstract.

More information