Efficient and Robust Secure Aggregation of Encrypted Data in Wireless Sensor Networks
|
|
- Ashley Young
- 8 years ago
- Views:
Transcription
1 Efficient and Robust Secure Aggregation of Encrypted Data in Wireless Sensor Networks J. M. BAHI, C. GUYEUX, and A. MAKHOUL Computer Science Laboratory LIFC University of Franche-Comté Journée thématique PHC/ResCom June 25th 2010, Bayonne, France J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 1 / 28
2 Synopsis Introduction 1 Introduction J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 2 / 28
3 Synopsis Introduction Secure Data Aggregation in WSN The Problem : Requirements, and Solutions 1 Introduction Secure Data Aggregation in WSN The Problem : Requirements, and Solutions J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 3 / 28
4 Introduction Secure Data Aggregation in WSN The Problem : Requirements, and Solutions Wireless Sensor Networks (WSN) WSN are used to monitor regions, detect events, acquire information... Illustrating Example Sink Sensor nodes J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 4 / 28
5 Introduction Secure Data Aggregation in WSN The Problem : Requirements, and Solutions Wireless Sensor Networks (WSN) WSN are used to monitor regions, detect events, acquire information... An aggregation approach can be applied. Illustrating Example Aggregation Sink (base station) Aggregation Aggregators Aggregation Aggregators Collecting data Normal Sensors J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 4 / 28
6 Introduction Secure Data Aggregation in WSN The Problem : Requirements, and Solutions Wireless Sensor Networks (WSN) Usually the carried information contains confidential data. An end-to-end secure aggregation approach is then required. Possible solution : end-to-end encryption schemes that support operations over cipher-text. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 5 / 28
7 Secure data aggregation in WSN Secure Data Aggregation in WSN The Problem : Requirements, and Solutions Decryption & Aggregation Sink (base station) Aggregation over cypher text Aggregators Aggregation over cypher text Aggregators Collecting data & Encryption Normal Sensors J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 6 / 28
8 The Problem : requirements Secure Data Aggregation in WSN The Problem : Requirements, and Solutions The Problem : reasonable needs 1 Security and privacy are required during communications. 2 These security and privacy must be guaranteed (proven). 3 A wide range of aggregation functions should be offered. 4 The aggregation must not raise any security issues. 5 Computation and communication costs must be low. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 7 / 28
9 The Problem : our solution Secure Data Aggregation in WSN The Problem : Requirements, and Solutions A possible solution 1 Encryption security and privacy for communications. 2 Encryption over elliptic curves (ECC) low costs for computations and communications. 3 Homomorphic encryption over elliptic curves secure aggregation. 4 Fully homomorphic encryption over elliptic curves wide range of aggregation functions. 5 Fully homomorphic ECC with a proven security (and which has not been cryptanalyzed) a solution. Until now, the sole candidate is the cryptosystem of Boneh et al. [1]. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 8 / 28
10 The Problem : our solution Secure Data Aggregation in WSN The Problem : Requirements, and Solutions A possible solution 1 Encryption security and privacy for communications. 2 Encryption over elliptic curves (ECC) low costs for computations and communications. 3 Homomorphic encryption over elliptic curves secure aggregation. 4 Fully homomorphic encryption over elliptic curves wide range of aggregation functions. 5 Fully homomorphic ECC with a proven security (and which has not been cryptanalyzed) a solution. Until now, the sole candidate is the cryptosystem of Boneh et al. [1]. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 8 / 28
11 The Problem : our solution Secure Data Aggregation in WSN The Problem : Requirements, and Solutions A possible solution 1 Encryption security and privacy for communications. 2 Encryption over elliptic curves (ECC) low costs for computations and communications. 3 Homomorphic encryption over elliptic curves secure aggregation. 4 Fully homomorphic encryption over elliptic curves wide range of aggregation functions. 5 Fully homomorphic ECC with a proven security (and which has not been cryptanalyzed) a solution. Until now, the sole candidate is the cryptosystem of Boneh et al. [1]. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 8 / 28
12 The Problem : our solution Secure Data Aggregation in WSN The Problem : Requirements, and Solutions A possible solution 1 Encryption security and privacy for communications. 2 Encryption over elliptic curves (ECC) low costs for computations and communications. 3 Homomorphic encryption over elliptic curves secure aggregation. 4 Fully homomorphic encryption over elliptic curves wide range of aggregation functions. 5 Fully homomorphic ECC with a proven security (and which has not been cryptanalyzed) a solution. Until now, the sole candidate is the cryptosystem of Boneh et al. [1]. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 8 / 28
13 The Problem : our solution Secure Data Aggregation in WSN The Problem : Requirements, and Solutions A possible solution 1 Encryption security and privacy for communications. 2 Encryption over elliptic curves (ECC) low costs for computations and communications. 3 Homomorphic encryption over elliptic curves secure aggregation. 4 Fully homomorphic encryption over elliptic curves wide range of aggregation functions. 5 Fully homomorphic ECC with a proven security (and which has not been cryptanalyzed) a solution. Until now, the sole candidate is the cryptosystem of Boneh et al. [1]. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 8 / 28
14 The Problem : our solution Secure Data Aggregation in WSN The Problem : Requirements, and Solutions A possible solution 1 Encryption security and privacy for communications. 2 Encryption over elliptic curves (ECC) low costs for computations and communications. 3 Homomorphic encryption over elliptic curves secure aggregation. 4 Fully homomorphic encryption over elliptic curves wide range of aggregation functions. 5 Fully homomorphic ECC with a proven security (and which has not been cryptanalyzed) a solution. Until now, the sole candidate is the cryptosystem of Boneh et al. [1]. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 8 / 28
15 Synopsis Introduction Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) 1 Introduction 2 Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) 3 4 J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 9 / 28
16 Preliminaries (sink level) Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) Offline operations For each aggregator, public and private keys are generated by the sink. Each aggregator node embeds its public key. Thus, sensor nodes and aggregators are deployed. Various clustering methods are possible : homogeneous, by using a distance, etc. Sensor nodes take their public key from their aggregator. Public keys can be updated online. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 10 / 28
17 Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) Generating the private key (sink level) Generation stages Let τ > 0 be an integer called security parameter. Generate two τ-bits prime numbers : q 1 and q 2. Let n = q 1 q 2 and l denotes the smallest positive integer such that : p = l n 1 is prime, p = 2 (mod 3). Private key The private key is q 1. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 11 / 28
18 Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) Generating the public key (sink level) Generation stages Let H be the group of points of the super-singular elliptic curve y 2 = x defined over F p. H consists of p + 1 = n l points, and thus has a subgroup of order n, we call it G. Let g and u denote two generators of G and h = q 2 u. Public key The public key is the tuple : (n, G, g, h). J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 12 / 28
19 Key size Introduction Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) Comparison of the key sizes For being secure until 2020, a cryptosystem [3] : must have p 2 161, for EC systems over F p, must satisfy p for classical asymmetric systems, such as RSA or ElGamal on F p. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 13 / 28
20 Encryption of a data (sensor level) Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) The encryption of a value The message space is the set M = {0, 1,..., T }, where T < q 2. To encrypt m M : 1 Pick an integer r into [0, n 1]. 2 Compute the cipher-text : C = m g + r h G. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 14 / 28
21 Size of the cryptograms Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) How to reduce the size of the cryptograms We suppose that messages are constituted by 40 bits. The cryptogram is an element (x, y) of E, so it has an average of 160 bits. y 2 = x 3 + 1, so the cryptogram (x, y) can be compressed to (x, y mod 2)). We obtain cryptograms with an average of 81 bits long. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 15 / 28
22 Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) Additions over cipher-texts (aggregator level) The addition over cipher-texts let m 1 and m 2 be two messages and C 1, C 2 their cipher-texts. The sum C of C 1 and C 2, is equal to C 1 + C 2 + r h where : Decryption stage r is an integer randomly chosen in [0, n 1], h = q 2 u as presented in the previous section. The decryption of C is equal to m 1 + m 2. The addition operation can be done several times over cipher-texts. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 16 / 28
23 Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) Multiplication of two cipher-texts (aggregator level) The multiplication of two cipher-texts Let : g, h be the points of G as defined previously, E denotes the well-known Weil pairing (Miller s algorithm), e(p, Q) = E(x P, Q) the modified Weil pairing, where x is a root of X 3 1 on F p 2. The multiplication C m of two encrypted messages C 1, C 2 is equal to e(c 1, C 2 ) + r h 1, where : h 1 = e(g, h), r is a random integer pick in [1, n]. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 17 / 28
24 Examples of use Introduction Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) Examples of aggregation functions through cipher-texts Arithmetic and weighted mean. Variance. Multiplication weighting. etc. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 18 / 28
25 Decryption of cipher-texts Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) Decryption stages (sink level) To decrypt C : Compute log q1 g q 1 C, to obtain m. (q 1 is the private key, log the discrete logarithm). Decryption complexity Decryption takes expected time T using Pollard s lambda method. This can be speed-up by precomputing a table of powers of q 1 g. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 19 / 28
26 Offline (sink level) Encryption (sensor nodes level) Secure Aggregation (aggregator level) Decryption (sink level) Decryption of an encrypted product (sink level) Decryption stage The cipher-text of a product does not live on the same space than other cipher-texts. So the sink can determine whether a product has been achieved, or not. The decryption of C m is equal to the discrete logarithm of q 1 C m to the base q 1 g 1 : where g 1 = e(g, g). m 1 m 2 = log q1 g 1 (q 1 C m.) J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 20 / 28
27 Synopsis Introduction Experimental Protocol Experimental Results 1 Introduction 2 3 Experimental Protocol Experimental Results 4 J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 21 / 28
28 Experimental configuration Experimental Protocol Experimental Results Experimental protocol The SAGE library has been used for elliptic curve. The cryptosystem has been computed with Python 2.6. The sensor network has been implemented with Python : A first layer of 500 sensors, a second one of 50 aggregators. Sensors are randomly associated with aggregators. Each sensor has a battery of 100 units, each aggregator of 1000 units. Energy consumption is supposed to be proportional to time computation. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 22 / 28
29 Experimental Protocol Experimental Results Energy consumption of sensors to encrypt data Encryption in our approach Security level Size of the key E = λt (battery units) % % % Encryption in RSA based approach Security level Size of the key E = λt (battery units) % % % J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 23 / 28
30 Experimental Protocol Experimental Results Energy consumption at the aggregation stage Aggregation in our approach Security level Size p of the key E = λt (battery units) % % % Aggregation in RSA based approach Security level Size of the key E = λt (battery units) % % % J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 24 / 28
31 Experimental Protocol Experimental Results Comparison of energy consumption Agregator's energy evolution EC 46 EC 85 RSA 472 RSA Energy Time J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 25 / 28
32 Synopsis Introduction and future work Bibliography 1 Introduction and future work Bibliography J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 26 / 28
33 and future work and future work Bibliography High level of security (cipher-texts are never decrypted). Public key encryption. Various aggregation capabilities. Low computation coast. Future work Authentication through cipher-texts. Compression (aggregation). More simulation results. J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 27 / 28
34 Bibliography Introduction and future work Bibliography References 1 D. Boneh, E.-J. Goh, and K. Nissim. Evaluating 2-dnf formulas on ciphertexts. Theory of Cryptography, LNCS, pages , J. Domingo-Ferrer. A provably secure additive and multiplicative privacy homomorphism. 6th ISC conference, pages , A.K. Lenstra and E.R. Verheul. Selecting cryptographic key sizes. Jour. of the International Association for Cryptologic Research, 14(4) : , J. M. BAHI, C. GUYEUX, and A. MAKHOUL Secure Aggregation in WSN 28 / 28
Efficient and Robust Secure Aggregation of Encrypted Data in Sensor Networks
Efficient and Robust Secure Aggregation of Encrypted Data in Sensor Networks Jacques Bahi, Christophe Guyeux, Abdallah Makhoul To cite this version: Jacques Bahi, Christophe Guyeux, Abdallah Makhoul. Efficient
More informationElements of Applied Cryptography Public key encryption
Network Security Elements of Applied Cryptography Public key encryption Public key cryptosystem RSA and the factorization problem RSA in practice Other asymmetric ciphers Asymmetric Encryption Scheme Let
More informationElliptic Curve Cryptography Methods Debbie Roser Math\CS 4890
Elliptic Curve Cryptography Methods Debbie Roser Math\CS 4890 Why are Elliptic Curves used in Cryptography? The answer to this question is the following: 1) Elliptic Curves provide security equivalent
More informationConstructing Pairing-Friendly Elliptic Curves with Embedding Degree 10
with Embedding Degree 10 University of California, Berkeley, USA ANTS-VII, 2006 Outline 1 Introduction 2 The CM Method: The Basic Construction The CM Method: Generating Families of Curves 3 Outline 1 Introduction
More informationSignature Schemes. CSG 252 Fall 2006. Riccardo Pucella
Signature Schemes CSG 252 Fall 2006 Riccardo Pucella Signatures Signatures in real life have a number of properties They specify the person responsible for a document E.g. that it has been produced by
More informationImplementation and Comparison of Various Digital Signature Algorithms. -Nazia Sarang Boise State University
Implementation and Comparison of Various Digital Signature Algorithms -Nazia Sarang Boise State University What is a Digital Signature? A digital signature is used as a tool to authenticate the information
More informationRSA Question 2. Bob thinks that p and q are primes but p isn t. Then, Bob thinks Φ Bob :=(p-1)(q-1) = φ(n). Is this true?
RSA Question 2 Bob thinks that p and q are primes but p isn t. Then, Bob thinks Φ Bob :=(p-1)(q-1) = φ(n). Is this true? Bob chooses a random e (1 < e < Φ Bob ) such that gcd(e,φ Bob )=1. Then, d = e -1
More informationA Factoring and Discrete Logarithm based Cryptosystem
Int. J. Contemp. Math. Sciences, Vol. 8, 2013, no. 11, 511-517 HIKARI Ltd, www.m-hikari.com A Factoring and Discrete Logarithm based Cryptosystem Abdoul Aziz Ciss and Ahmed Youssef Ecole doctorale de Mathematiques
More informationLukasz Pater CMMS Administrator and Developer
Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? One-way functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign
More informationTable of Contents. Bibliografische Informationen http://d-nb.info/996514864. digitalisiert durch
1 Introduction to Cryptography and Data Security 1 1.1 Overview of Cryptology (and This Book) 2 1.2 Symmetric Cryptography 4 1.2.1 Basics 4 1.2.2 Simple Symmetric Encryption: The Substitution Cipher...
More information1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies
1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies Dave Corbett Technical Product Manager Implementing Forward Secrecy 1 Agenda Part 1: Introduction Why is Forward Secrecy important?
More informationSECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES
www.arpapress.com/volumes/vol8issue1/ijrras_8_1_10.pdf SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES Malek Jakob Kakish Amman Arab University, Department of Computer Information Systems, P.O.Box 2234,
More informationSecure and Efficient Data Transmission for Cluster-based Wireless Sensor Networks
JOURNAL PAPER, ACCEPTED 1 Secure and Efficient Data Transmission for Cluster-based Wireless Sensor Networks Huang Lu, Student Member, IEEE, Jie Li, Senior Member, IEEE, Mohsen Guizani, Fellow, IEEE Abstract
More informationCryptographic mechanisms
General Secretariat for National Defence Central Directorate for Information Systems Security PRIME MINISTER Paris, 2007 september 14 No. 1904/SGDN/DCSSI/SDS/LCR Cryptographic mechanisms Rules and recommendations
More informationThe Mathematics of the RSA Public-Key Cryptosystem
The Mathematics of the RSA Public-Key Cryptosystem Burt Kaliski RSA Laboratories ABOUT THE AUTHOR: Dr Burt Kaliski is a computer scientist whose involvement with the security industry has been through
More informationCryptography and Network Security Chapter 10
Cryptography and Network Security Chapter 10 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 10 Other Public Key Cryptosystems Amongst the tribes of Central
More informationA New Efficient Digital Signature Scheme Algorithm based on Block cipher
IOSR Journal of Computer Engineering (IOSRJCE) ISSN: 2278-0661, ISBN: 2278-8727Volume 7, Issue 1 (Nov. - Dec. 2012), PP 47-52 A New Efficient Digital Signature Scheme Algorithm based on Block cipher 1
More informationCIS 5371 Cryptography. 8. Encryption --
CIS 5371 Cryptography p y 8. Encryption -- Asymmetric Techniques Textbook encryption algorithms In this chapter, security (confidentiality) is considered in the following sense: All-or-nothing secrecy.
More informationEXAM questions for the course TTM4135 - Information Security May 2013. Part 1
EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question
More informationInternational Journal of Information Technology, Modeling and Computing (IJITMC) Vol.1, No.3,August 2013
FACTORING CRYPTOSYSTEM MODULI WHEN THE CO-FACTORS DIFFERENCE IS BOUNDED Omar Akchiche 1 and Omar Khadir 2 1,2 Laboratory of Mathematics, Cryptography and Mechanics, Fstm, University of Hassan II Mohammedia-Casablanca,
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 20 Public-Key Cryptography and Message Authentication First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Public-Key Cryptography
More informationPublic-Key Cryptanalysis 1: Introduction and Factoring
Public-Key Cryptanalysis 1: Introduction and Factoring Nadia Heninger University of Pennsylvania July 21, 2013 Adventures in Cryptanalysis Part 1: Introduction and Factoring. What is public-key crypto
More informationLecture Note 5 PUBLIC-KEY CRYPTOGRAPHY. Sourav Mukhopadhyay
Lecture Note 5 PUBLIC-KEY CRYPTOGRAPHY Sourav Mukhopadhyay Cryptography and Network Security - MA61027 Modern/Public-key cryptography started in 1976 with the publication of the following paper. W. Diffie
More informationOverview of Public-Key Cryptography
CS 361S Overview of Public-Key Cryptography Vitaly Shmatikov slide 1 Reading Assignment Kaufman 6.1-6 slide 2 Public-Key Cryptography public key public key? private key Alice Bob Given: Everybody knows
More informationCIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives
CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash
More informationAnalysis of Privacy-Preserving Element Reduction of Multiset
Analysis of Privacy-Preserving Element Reduction of Multiset Jae Hong Seo 1, HyoJin Yoon 2, Seongan Lim 3, Jung Hee Cheon 4 and Dowon Hong 5 1,4 Department of Mathematical Sciences and ISaC-RIM, Seoul
More informationCRYPTOGRAPHY IN NETWORK SECURITY
ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and
More informationCRYPTOGRAPHIC LONG-TERM SECURITY PERSPECTIVES FOR
By JOHANNES BUCHMANN, ALEXANDER MAY, and ULRICH VOLLMER PERSPECTIVES FOR CRYPTOGRAPHIC LONG-TERM SECURITY Cryptographic long-term security is needed, but difficult to achieve. Use flexible cryptographic
More informationQUANTUM COMPUTERS AND CRYPTOGRAPHY. Mark Zhandry Stanford University
QUANTUM COMPUTERS AND CRYPTOGRAPHY Mark Zhandry Stanford University Classical Encryption pk m c = E(pk,m) sk m = D(sk,c) m??? Quantum Computing Attack pk m aka Post-quantum Crypto c = E(pk,m) sk m = D(sk,c)
More informationCryptographic Algorithms and Key Size Issues. Çetin Kaya Koç Oregon State University, Professor http://islab.oregonstate.edu/koc koc@ece.orst.
Cryptographic Algorithms and Key Size Issues Çetin Kaya Koç Oregon State University, Professor http://islab.oregonstate.edu/koc koc@ece.orst.edu Overview Cryptanalysis Challenge Encryption: DES AES Message
More information3-6 Toward Realizing Privacy-Preserving IP-Traceback
3-6 Toward Realizing Privacy-Preserving IP-Traceback The IP-traceback technology enables us to trace widely spread illegal users on Internet. However, to deploy this attractive technology, some problems
More informationAdvanced Cryptography
Family Name:... First Name:... Section:... Advanced Cryptography Final Exam July 18 th, 2006 Start at 9:15, End at 12:00 This document consists of 12 pages. Instructions Electronic devices are not allowed.
More informationOutline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures
Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike
More informationPublic Key Cryptography. c Eli Biham - March 30, 2011 258 Public Key Cryptography
Public Key Cryptography c Eli Biham - March 30, 2011 258 Public Key Cryptography Key Exchange All the ciphers mentioned previously require keys known a-priori to all the users, before they can encrypt
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationNEW DIGITAL SIGNATURE PROTOCOL BASED ON ELLIPTIC CURVES
NEW DIGITAL SIGNATURE PROTOCOL BASED ON ELLIPTIC CURVES Ounasser Abid 1, Jaouad Ettanfouhi 2 and Omar Khadir 3 1,2,3 Laboratory of Mathematics, Cryptography and Mechanics, Department of Mathematics, Fstm,
More informationDigital Signatures. (Note that authentication of sender is also achieved by MACs.) Scan your handwritten signature and append it to the document?
Cryptography Digital Signatures Professor: Marius Zimand Digital signatures are meant to realize authentication of the sender nonrepudiation (Note that authentication of sender is also achieved by MACs.)
More informationA SOFTWARE COMPARISON OF RSA AND ECC
International Journal Of Computer Science And Applications Vol. 2, No. 1, April / May 29 ISSN: 974-13 A SOFTWARE COMPARISON OF RSA AND ECC Vivek B. Kute Lecturer. CSE Department, SVPCET, Nagpur 9975549138
More informationComputer Science 308-547A Cryptography and Data Security. Claude Crépeau
Computer Science 308-547A Cryptography and Data Security Claude Crépeau These notes are, largely, transcriptions by Anton Stiglic of class notes from the former course Cryptography and Data Security (308-647A)
More informationOutline. CSc 466/566. Computer Security. 8 : Cryptography Digital Signatures. Digital Signatures. Digital Signatures... Christian Collberg
Outline CSc 466/566 Computer Security 8 : Cryptography Digital Signatures Version: 2012/02/27 16:07:05 Department of Computer Science University of Arizona collberg@gmail.com Copyright c 2012 Christian
More informationROBUST AND PRIVACY PROTECTION AUTHENTICATION IN CLOUD COMPUTING
International Journal of Innovative Computing, Information and Control ICIC International c 2013 ISSN 1349-4198 Volume 9, Number 11, November 2013 pp. 4247 4261 ROBUST AND PRIVACY PROTECTION AUTHENTICATION
More informationSecure Data Aggregation and Data Recovery in Wireless Sensor Networks
International Journal of Engineering and Advanced Technology (IJEAT) ISSN: 49 8958, Volume-, Issue-3, February 3 Secure Data Aggregation and Data Recovery in Wireless Sensor Networks John Major. J, Shajin
More informationShor s algorithm and secret sharing
Shor s algorithm and secret sharing Libor Nentvich: QC 23 April 2007: Shor s algorithm and secret sharing 1/41 Goals: 1 To explain why the factoring is important. 2 To describe the oldest and most successful
More informationBlinding Self-Certified Key Issuing Protocols Using Elliptic Curves
Blinding Self-Certified Key Issuing Protocols Using Elliptic Curves Billy Bob Brumley Helsinki University of Technology Laboratory for Theoretical Computer Science billy.brumley@hut.fi Abstract Self-Certified
More informationCryptography and Network Security: Summary
Cryptography and Network Security: Summary Timo Karvi 12.2013 Timo Karvi () Cryptography and Network Security: Summary 12.2013 1 / 17 Summary of the Requirements for the exam The advices are valid for
More informationMATH 168: FINAL PROJECT Troels Eriksen. 1 Introduction
MATH 168: FINAL PROJECT Troels Eriksen 1 Introduction In the later years cryptosystems using elliptic curves have shown up and are claimed to be just as secure as a system like RSA with much smaller key
More informationA SECURE DATA TRANSMISSION FOR CLUSTER- BASED WIRELESS SENSOR NETWORKS IS INTRODUCED
A SECURE DATA TRANSMISSION FOR CLUSTER- BASED WIRELESS SENSOR NETWORKS IS INTRODUCED J Karunamayi 1, Annapurna V K 2 1 Student, Computer Network and Engineering,The National Institute of Engineering, Mysuru,
More informationTransitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths
NIST Special Publication 800-131A Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths Elaine Barker and Allen Roginsky Computer Security Division Information
More informationVoteID 2011 Internet Voting System with Cast as Intended Verification
VoteID 2011 Internet Voting System with Cast as Intended Verification September 2011 VP R&D Jordi Puiggali@scytl.com Index Introduction Proposal Security Conclusions 2. Introduction Client computers could
More informationNew Efficient Searchable Encryption Schemes from Bilinear Pairings
International Journal of Network Security, Vol.10, No.1, PP.25 31, Jan. 2010 25 New Efficient Searchable Encryption Schemes from Bilinear Pairings Chunxiang Gu and Yuefei Zhu (Corresponding author: Chunxiang
More informationNetwork Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室
Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination
More informationElliptic Curve Cryptography
Elliptic Curve Cryptography Elaine Brow, December 2010 Math 189A: Algebraic Geometry 1. Introduction to Public Key Cryptography To understand the motivation for elliptic curve cryptography, we must first
More informationLecture 25: Pairing-Based Cryptography
6.897 Special Topics in Cryptography Instructors: Ran Canetti and Ron Rivest May 5, 2004 Lecture 25: Pairing-Based Cryptography Scribe: Ben Adida 1 Introduction The field of Pairing-Based Cryptography
More informationImplementation of Elliptic Curve Digital Signature Algorithm
Implementation of Elliptic Curve Digital Signature Algorithm Aqeel Khalique Kuldip Singh Sandeep Sood Department of Electronics & Computer Engineering, Indian Institute of Technology Roorkee Roorkee, India
More informationAn Approach to Shorten Digital Signature Length
Computer Science Journal of Moldova, vol.14, no.342, 2006 An Approach to Shorten Digital Signature Length Nikolay A. Moldovyan Abstract A new method is proposed to design short signature schemes based
More informationAn Overview of Integer Factoring Algorithms. The Problem
An Overview of Integer Factoring Algorithms Manindra Agrawal IITK / NUS The Problem Given an integer n, find all its prime divisors as efficiently as possible. 1 A Difficult Problem No efficient algorithm
More informationA Secure-Enhanced Data Aggregation Based on ECC in Wireless Sensor Networks
Sensors 2014, 14, 6701-6721; doi:10.3390/s140406701 Article OPEN ACCESS sensors ISSN 1424-8220 www.mdpi.com/journal/sensors A Secure-Enhanced Data Aggregation Based on ECC in Wireless Sensor Networks Qiang
More informationAn Efficient Data Security in Cloud Computing Using the RSA Encryption Process Algorithm
An Efficient Data Security in Cloud Computing Using the RSA Encryption Process Algorithm V.Masthanamma 1,G.Lakshmi Preya 2 UG Scholar, Department of Information Technology, Saveetha School of Engineering
More informationCS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay
CS 348: Computer Networks - Security; 30 th - 31 st Oct 2012 Instructor: Sridhar Iyer IIT Bombay Network security Security Plan (RFC 2196) Identify assets Determine threats Perform risk analysis Implement
More informationFigure 1: Application scheme of public key mechanisms. (a) pure RSA approach; (b) pure EC approach; (c) RSA on the infrastructure
A Low Power Security Architecture for Mobile Commerce Peter Langendoerfer +, Zoya Dyka +, Oliver Maye + and Rolf Kraemer + Abstract: Mobile devices have limited resources in terms of computational power
More informationBreaking The Code. Ryan Lowe. Ryan Lowe is currently a Ball State senior with a double major in Computer Science and Mathematics and
Breaking The Code Ryan Lowe Ryan Lowe is currently a Ball State senior with a double major in Computer Science and Mathematics and a minor in Applied Physics. As a sophomore, he took an independent study
More informationAWIRELESS sensor network (WSN) is a network system
750 IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 25, NO. 3, MARCH 2014 Secure and Efficient Data Transmission for Cluster-Based Wireless Sensor Networks Huang Lu, Student Member, IEEE, JieLi,Senior
More informationSoftware Implementation of Gong-Harn Public-key Cryptosystem and Analysis
Software Implementation of Gong-Harn Public-key Cryptosystem and Analysis by Susana Sin A thesis presented to the University of Waterloo in fulfilment of the thesis requirement for the degree of Master
More informationKleptography: The unbearable lightness of being mistrustful
Kleptography: The unbearable lightness of being mistrustful MOTI YUNG Google Inc. / Columbia University Joint work with Adam Young Background: -The time is the Mid 90 s: Cryptography is the big Equalizer
More informationIdentity-Based Encryption from the Weil Pairing
Appears in SIAM J. of Computing, Vol. 32, No. 3, pp. 586-615, 2003. An extended abstract of this paper appears in the Proceedings of Crypto 2001, volume 2139 of Lecture Notes in Computer Science, pages
More informationCUNSHENG DING HKUST, Hong Kong. Computer Security. Computer Security. Cunsheng DING, HKUST COMP4631
Cunsheng DING, HKUST Lecture 08: Key Management for One-key Ciphers Topics of this Lecture 1. The generation and distribution of secret keys. 2. A key distribution protocol with a key distribution center.
More informationComputer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University
Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two
More informationCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITY PRINCIPLES AND PRACTICE SIXTH EDITION William Stallings International Edition contributions by Mohit P Tahiliani NITK Surathkal PEARSON Boston Columbus Indianapolis New
More informationEfficient Unlinkable Secret Handshakes for Anonymous Communications
보안공학연구논문지 (Journal of Security Engineering), 제 7권 제 6호 2010년 12월 Efficient Unlinkable Secret Handshakes for Anonymous Communications Eun-Kyung Ryu 1), Kee-Young Yoo 2), Keum-Sook Ha 3) Abstract The technique
More informationNotes on Network Security Prof. Hemant K. Soni
Chapter 9 Public Key Cryptography and RSA Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications
More informationA New Security Protocol Using Hybrid Cryptography Algorithms
International Journal of Computer Sciences and Engineering Open Access Review Paper Volume-4, Special Issue-2, April 2016 E-ISSN: 2347-2693 A New Security Protocol Using Hybrid Cryptography Algorithms
More informationData Grid Privacy and Secure Storage Service in Cloud Computing
Data Grid Privacy and Secure Storage Service in Cloud Computing L.Revathi 1, S.Karthikeyan 2 1 Research Scholar, Department of Computer Applications, Dr. M.G.R. Educational and Research Institute University,
More informationFinal Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket
IT 4823 Information Security Administration Public Key Encryption Revisited April 5 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles
More informationAn Introduction to Cryptography as Applied to the Smart Grid
An Introduction to Cryptography as Applied to the Smart Grid Jacques Benoit, Cooper Power Systems Western Power Delivery Automation Conference Spokane, Washington March 2011 Agenda > Introduction > Symmetric
More informationHey! Cross Check on Computation in Cloud
Hey! Cross Check on Computation in Cloud Ajeet Singh Rajput Computer Science and Engineering Department S.D.B.C.T, Mhow Road,Indore,(M.P), India ajeetsinghrajput@gmail.com M.E.(CSE), S.D.B.C.T, Indore
More informationLibrary (versus Language) Based Parallelism in Factoring: Experiments in MPI. Dr. Michael Alexander Dr. Sonja Sewera.
Library (versus Language) Based Parallelism in Factoring: Experiments in MPI Dr. Michael Alexander Dr. Sonja Sewera Talk 2007-10-19 Slide 1 of 20 Primes Definitions Prime: A whole number n is a prime number
More informationCapture Resilient ElGamal Signature Protocols
Capture Resilient ElGamal Signature Protocols Hüseyin Acan 1, Kamer Kaya 2,, and Ali Aydın Selçuk 2 1 Bilkent University, Department of Mathematics acan@fen.bilkent.edu.tr 2 Bilkent University, Department
More informationThe New Approach of Quantum Cryptography in Network Security
The New Approach of Quantum Cryptography in Network Security Avanindra Kumar Lal 1, Anju Rani 2, Dr. Shalini Sharma 3 (Avanindra kumar) Abstract There are multiple encryption techniques at present time
More informationAn Efficient and Light weight Secure Framework for Applications of Cloud Environment using Identity Encryption Method
An Efficient and Light weight Secure Framework for Applications of Cloud Environment using Identity Encryption Method E.Sathiyamoorthy 1, S.S.Manivannan 2 1&2 School of Information Technology and Engineering
More informationStudy of algorithms for factoring integers and computing discrete logarithms
Study of algorithms for factoring integers and computing discrete logarithms First Indo-French Workshop on Cryptography and Related Topics (IFW 2007) June 11 13, 2007 Paris, France Dr. Abhijit Das Department
More informationApproaches for privacy-friendly Smart Metering: Architecture using homomorphic encryption and homomorphic MACs
Approaches for privacy-friendly Smart Metering: Architecture using homomorphic encryption and homomorphic MACs Seminar Trustworthy and Energy-Efficient Smart Grids Overview on Approach Introduced in: [B.
More informationModule: Applied Cryptography. Professor Patrick McDaniel Fall 2010. CSE543 - Introduction to Computer and Network Security
CSE543 - Introduction to Computer and Network Security Module: Applied Cryptography Professor Patrick McDaniel Fall 2010 Page 1 Key Distribution/Agreement Key Distribution is the process where we assign
More informationPrinciples of Public Key Cryptography. Applications of Public Key Cryptography. Security in Public Key Algorithms
Principles of Public Key Cryptography Chapter : Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter : Security on Network and Transport
More informationIT Networks & Security CERT Luncheon Series: Cryptography
IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI
More informationSecurity Solutions for Wireless Sensor Networks
Dirk WESTHOFF, Joao GIRAO, Amardeo SARMA Abstract This paper describes security solutions for collecting and processing data in Wireless Sensor Networks (WSNs). Adequate security capabilities for medium
More informationImplementing Network Security Protocols
Implementing Network Security Protocols based on Elliptic Curve Cryptography M. Aydos, E. Savaş, and Ç. K. Koç Electrical & Computer Engineering Oregon State University Corvallis, Oregon 97331, USA {aydos,savas,koc}@ece.orst.edu
More informationSFWR ENG 4C03 - Computer Networks & Computer Security
KEY MANAGEMENT SFWR ENG 4C03 - Computer Networks & Computer Security Researcher: Jayesh Patel Student No. 9909040 Revised: April 4, 2005 Introduction Key management deals with the secure generation, distribution,
More informationVALLIAMMAI ENGINEERING COLLEGE
VALLIAMMAI ENGINEERING COLLEGE (A member of SRM Institution) SRM Nagar, Kattankulathur 603203. DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING Year and Semester : I / II Section : 1 Subject Code : NE7202
More informationFoundation University, Islamabad, Pakistan qasim_1987@hotmail.com
Kerberos Authentication in Wireless Sensor Networks Qasim Siddique Foundation University, Islamabad, Pakistan qasim_1987@hotmail.com ABSTRACT We proposed an authentication mechanism in the wireless sensor
More informationEvaluation of Digital Signature Process
Evaluation of Digital Signature Process Emil SIMION, Ph. D. email: esimion@fmi.unibuc.ro Agenda Evaluation of digital signatures schemes: evaluation criteria; security evaluation; security of hash functions;
More informationA blind digital signature scheme using elliptic curve digital signature algorithm
A blind digital signature scheme using elliptic curve digital signature algorithm İsmail BÜTÜN * and Mehmet DEMİRER *Department of Electrical Engineering, University of South Florida, Tampa, FL, USA Department
More informationDealing Cards in Poker Games
1 Dealing Cards in Poker Games Philippe Golle Palo Alto Research Center pgolle@parc.com Abstract This paper proposes a new protocol for shuffling and dealing cards, that is designed specifically for games
More informationIntroduction. Digital Signature
Introduction Electronic transactions and activities taken place over Internet need to be protected against all kinds of interference, accidental or malicious. The general task of the information technology
More informationCRYPTOG NETWORK SECURITY
CRYPTOG NETWORK SECURITY PRINCIPLES AND PRACTICES FOURTH EDITION William Stallings Prentice Hall Upper Saddle River, NJ 07458 'jkfetmhki^^rij^jibwfcmf «MMr""'-^.;
More informationEnd-to-end Secure Data Aggregation in Wireless Sensor Networks
End-to-end Secure Data Aggregation in Wireless Sensor Networks Keyur Parmar 1 Devesh Jinwala 2 1 Ph.D Scholar & Senior Research Fellow Department of Computer Engineering SVNIT, Surat, India 2 Professor
More informationSecure Data Aggregation with Multiple Encryption
Secure Data Aggregation with Multiple Encryption Melek Önen and Refik Molva Institut Eurécom Sophia-Antipolis, France {melek.onen,refik.molva}@eurecom.fr Abstract. Data aggregation has been put forward
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationThe Feasibility of SET-IBS and SET-IBOOS Protocols in Cluster-Based Wireless Sensor Network
The Feasibility of SET-IBS and SET-IBOOS Protocols in Cluster-Based Wireless Sensor Network R.Anbarasi 1, S.Gunasekaran 2 P.G. Student, Department of Computer Engineering, V.S.B Engineering College, Karur,
More informationDATA SECURITY ANALYSIS AND SECURITY EXTENSION FOR SMART CARDS USING JAVA CARD
DATA SECURITY ANALYSIS AND SECURITY EXTENSION FOR SMART CARDS USING JAVA CARD Ms. A A Deshmukh 1, Ms. Manali Dubal 2, Dr. Mahesh TR 3, Mr. C R Chauhan 1 Professor, Department of Computer Engineering, Sinhgad
More information