Showing papers in "arXiv: Cryptography and Security in 2005"
TL;DR: A ring signature is a simplified group signature without any manager. as mentioned in this paper proposed a ring signature scheme based on RSA cryptosystem and certificate based public key setting, which is more efficient than existing ring signature schemes.
Abstract: In 2001, Rivest et al. firstly introduced the concept of ring signatures. A ring signature is a simplified group signature without any manager. It protects the anonymity of a signer. The first scheme proposed by Rivest et al. was based on RSA cryptosystem and certificate based public key setting. The first ring signature scheme based on DLP was proposed by Abe, Ohkubo, and Suzuki. Their scheme is also based on the general certificate-based public key setting too. In 2002, Zhang and Kim proposed a new ID-based ring signature scheme using pairings. Later Lin and Wu proposed a more efficient ID-based ring signature scheme. Both these schemes have some inconsistency in computational aspect.
In this paper we propose a new ID-based ring signature scheme and a proxy ring signature scheme. Both the schemes are more efficient than existing one. These schemes also take care of the inconsistencies in above two schemes.
68 citations
Posted Content•
TL;DR: This paper defines a Diffie-Hellman key exchange in this setting and illustrates how to build interesting semigroup actions using finite (simple) semirings.
Abstract: A generalization of the original Diffie-Hellman key exchange in $(\Z/p\Z)^*$ found a new depth when Miller and Koblitz suggested that such a protocol could be used with the group over an elliptic curve. In this paper, we propose a further vast generalization where abelian semigroups act on finite sets. We define a Diffie-Hellman key exchange in this setting and we illustrate how to build interesting semigroup actions using finite (simple) semirings. The practicality of the proposed extensions rely on the orbit sizes of the semigroup actions and at this point it is an open question how to compute the sizes of these orbits in general and also if there exists a square root attack in general. In Section 2 a concrete practical semigroup action built from simple semirings is presented. It will require further research to analyse this system.
54 citations
Posted Content•
TL;DR: It is shown that for any feasible general access structure, a strong ramps SS scheme can be constructed from a partially decryptable ramp SS scheme, which can be considered as a kind of SS scheme with plural secrets.
Abstract: Ramp secret sharing (SS) schemes can be classified into strong ramp SS schemes and weak ramp SS schemes. The strong ramp SS schemes do not leak out any part of a secret explicitly even in the case where some information about the secret leaks from a non-qualified set of shares, and hence, they are more desirable than weak ramp SS schemes. However, it is not known how to construct the strong ramp SS schemes in the case of general access structures. In this paper, it is shown that a strong ramp SS scheme can always be constructed from a SS scheme with plural secrets for any feasible general access structure. As a byproduct, it is pointed out that threshold ramp SS schemes based on Shamir's polynomial interpolation method are {\em not} always strong.
38 citations
TL;DR: In this paper, the authors describe and implement a policy language that allows agents to distribute data along with usage policies in a decentralized architecture, where agents are accountable for their actions and may be audited by an authority requiring justifications.
Abstract: We describe and implement a policy language. In our system, agents can distribute data along with usage policies in a decentralized architecture. Our language supports the specification of conditions and obligations, and also the possibility to refine policies. In our framework, the compliance with usage policies is not actively enforced. However, agents are accountable for their actions, and may be audited by an authority requiring justifications.
37 citations
Posted Content•
TL;DR: In this article, a low-cost solution for symmetric key exchange using the synchronisation of Tree Parity Machines is proposed, which enables a key exchange within a few milliseconds, given realistic communication channels with a limited bandwidth.
Abstract: The necessity to secure the communication between hardware components in embedded systems becomes increasingly important with regard to the secrecy of data and particularly its commercial use. We suggest a low-cost (i.e. small logic-area) solution for flexible security levels and short key lifetimes. The basis is an approach for symmetric key exchange using the synchronisation of Tree Parity Machines. Fast successive key generation enables a key exchange within a few milliseconds, given realistic communication channels with a limited bandwidth. For demonstration we evaluate characteristics of a standard-cell ASIC design realisation as IP-core in 0.18-micrometer CMOS-technology.
32 citations
Posted Content•
TL;DR: In this article, a new family of one-way candidate functions is defined and constructed based on quasigroup string transformations, with the property that for achieving the security level of $2^n$ computations in order to invert them, only $n$ bits of input are needed.
Abstract: In this paper we propose a definition and construction of a new family of one-way candidate functions ${\cal R}_N:Q^N \to Q^N$, where $Q=\{0,1,...,s-1\}$ is an alphabet with $s$ elements. Special instances of these functions can have the additional property to be permutations (i.e. one-way permutations). These one-way functions have the property that for achieving the security level of $2^n$ computations in order to invert them, only $n$ bits of input are needed. The construction is based on quasigroup string transformations. Since quasigroups in general do not have algebraic properties such as associativity, commutativity, neutral elements, inverting these functions seems to require exponentially many readings from the lookup table that defines them (a Latin Square) in order to check the satisfiability for the initial conditions, thus making them natural candidates for one-way functions.
23 citations
Posted Content•
TL;DR: The BB84 protocol for quantum key distribution is examined using the PRISM model-checker to show that, as the number of qubits transmitted in BB84 is increased, the equivocation of the eavesdropper with respect to the channel decreases exponentially and the probability of detecting the presence of an eavesdroppers increases exponentially.
Abstract: This paper discusses the use of computer-aided verification as a practical means for analysing quantum information systems; specifically, the BB84 protocol for quantum key distribution is examined using this method. This protocol has been shown to be unconditionally secure against all attacks in an information-theoretic setting, but the relevant security proof requires a thorough understanding of the formalism of quantum mechanics and is not easily adaptable to practical scenarios. Our approach is based on probabilistic model-checking; we have used the PRISM model-checker to show that, as the number of qubits transmitted in BB84 is increased, the equivocation of the eavesdropper with respect to the channel decreases exponentially. We have also shown that the probability of detecting the presence of an eavesdropper increases exponentially with the number of qubits. The results presented here are a testament to the effectiveness of the model-checking approach for systems where analytical solutions may not be possible or plausible.
23 citations
Posted Content•
TL;DR: In this paper, integer programming is used to distribute optimally the shares of a (t,m)-threshold scheme to each participant of the general access structure, which achieves lower coding rate than the cumulative maps except the cases that they give the optimal distribution.
Abstract: It is known that for any general access structure, a secret sharing scheme (SSS) can be constructed from an (m,m)-threshold scheme by using the so-called cumulative map or from a (t,m)-threshold SSS by a modified cumulative map. However, such constructed SSSs are not efficient generally. In this paper, we propose a new method to construct a SSS from a $(t,m)$-threshold scheme for any given general access structure. In the proposed method, integer programming is used to distribute optimally the shares of (t,m)-threshold scheme to each participant of the general access structure. From the optimality, it can always attain lower coding rate than the cumulative maps except the cases that they give the optimal distribution. The same method is also applied to construct SSSs for incomplete access structures and/or ramp access structures.
22 citations
Posted Content•
TL;DR: In 2003, Ma and Chen proposed a scheme with public verifiability as discussed by the authors, in which the receiver can efficiently prove to a third party that a message is indeed originated from a specific sender.
Abstract: An authenticated encryption scheme allows messages to be encrypted and authenticated simultaneously. In 2003, Ma and Chen proposed such a scheme with public verifiability. That is, in their scheme the receiver can efficiently prove to a third party that a message is indeed originated from a specific sender. In this paper, we first identify two security weaknesses in the Ma-Chen authenticated encryption scheme. Then, based on the Schnorr signature, we proposed an efficient and secure improved scheme such that all the desired security requirements are satisfied.
21 citations
Posted Content•
TL;DR: A generic framework in the Alloy modelling language is presented, and instantiated for two standard protocols, and a new key management scheme.
Abstract: Knowledge flow analysis offers a simple and flexible way to find flaws in security protocols. A protocol is described by a collection of rules constraining the propagation of knowledge amongst principals. Because this characterization corresponds closely to informal descriptions of protocols, it allows a succinct and natural formalization; because it abstracts away message ordering, and handles communications between principals and applications of cryptographic primitives uniformly, it is readily represented in a standard logic. A generic framework in the Alloy modelling language is presented, and instantiated for two standard protocols, and a new key management scheme.
17 citations
Posted Content•
TL;DR: Two identification schemes based on the root problem are proposed that are secure against passive attacks assuming that theRootProblem is hard in braid groups.
Abstract: In this paper we proposed two identification schemes based on the root problem. The proposed schemes are secure against passive attacks assuming that the root problem (RP) is hard in braid groups.
Posted Content•
TL;DR: A new spam detection algorithm that uses structural relationships between senders and recipients of email as the basis for spam detection and is able to reduce false positives, produced by the auxiliary classification algorithm, up to about 60%.
Abstract: We propose a new detection algorithm that uses structural relationships between senders and recipients of email as the basis for the identification of spam messages. Users and receivers are represented as vectors in their reciprocal spaces. A measure of similarity between vectors is constructed and used to group users into clusters. Knowledge of their classification as past senders/receivers of spam or legitimate mail, comming from an auxiliary detection algorithm, is then used to label these clusters probabilistically. This knowledge comes from an auxiliary algorithm. The measure of similarity between the sender and receiver sets of a new message to the center vector of clusters is then used to asses the possibility of that message being legitimate or spam. We show that the proposed algorithm is able to correct part of the false positives (legitimate messages classified as spam) using a testbed of one week smtp log.
Posted Content•
TL;DR: Poseidon as mentioned in this paper is a payload-based intrusion detection system that uses a self-organizing map (SOM) and a modified PAYL system to detect anomalous data.
Abstract: We present Poseidon, a new anomaly based intrusion detection system. Poseidon is payload-based, and presents a two-tier architecture: the first stage consists of a Self-Organizing Map, while the second one is a modified PAYL system. Our benchmarks on the 1999 DARPA data set show a higher detection rate and lower number of false positives than PAYL and PHAD.
Posted Content•
TL;DR: A blind signcryption scheme that combines the functionality of blind signature and signc encryption that is useful for applications that are based on anonymity untracebility and unlinkability is presented.
Abstract: Blind signature schemes enable a useful protocol that guarantee the anonymity of the participants while Signcryption offers authentication of message and confidentiality of messages at the same time and more efficiently. In this paper, we present a blind signcryption scheme that combines the functionality of blind signature and signcryption. This blind Signcryption is useful for applications that are based on anonymity untracebility and unlinkability.
Posted Content•
TL;DR: Analyzes existing authentication methods based on the Public Key Infrastructure, and finds that they have several drawbacks in ad-hoc networks, and a new authentication protocol, basing on established cryptographic primitives (Merkle's puzzles and zero-knowledge proofs) is proposed.
Abstract: This paper describes a new protocol for authentication in ad-hoc networks. The protocol has been designed to meet specialized requirements of ad-hoc networks, such as lack of direct communication between nodes or requirements for revocable anonymity. At the same time, a ad-hoc authentication protocol must be resistant to spoofing, eavesdropping and playback, and man-in-the-middle attacks. The article analyzes existing authentication methods based on the Public Key Infrastructure, and finds that they have several drawbacks in ad-hoc networks. Therefore, a new authentication protocol, basing on established cryptographic primitives (Merkle's puzzles and zero-knowledge proofs) is proposed. The protocol is studied for a model ad-hoc chat application that provides private conversations.
Posted Content•
TL;DR: This paper proposes firstly, a protocol to authenticate a proxy user remotely using smartcards, and secondly, a method to login a valid user to a remote server and access the services provided by the remote server.
Abstract: Since 1981, when Lamport introduced the remote user authentication scheme using table, a plenty of schemes had been proposed with table and without table using. In 1993, Chang and Wu [5] introduced Remote password authentication scheme with smart cards. A number of remote authentication schemes with smart cards have been proposed since then. These schemes allow a valid user to login a remote server and access the services provided by the remote server. But still there is no scheme to authenticate the remote proxy user. In this paper we propose firstly, a protocol to authenticate a proxy user remotely using smartcards.
Posted Content•
TL;DR: The various approaches that have been developed to share and analyze data in distributed intrustion detection systems are described, and some issues that must be addressed are discussed before fully decentralized distributed intrusion detection systems can be made viable.
Abstract: Distributed intrustion detection systems detect attacks on computer systems by analyzing data aggregated from distributed sources. The distributed nature of the data sources allows patterns in the data to be seen that might not be detectable if each of the sources were examined individually. This paper describes the various approaches that have been developed to share and analyze data in such systems, and discusses some issues that must be addressed before fully decentralized distributed intrusion detection systems can be made viable.
Posted Content•
TL;DR: In this paper, a client-based access control manager exploiting hardware security elements on client devices is proposed to evaluate dynamic and personalized access control rules on a ciphered XML input document with the benefit of dissociating access rights from encryption.
Abstract: The erosion of trust put in traditional database servers, the growing interest for different forms of data dissemination and the concern for protecting children from suspicious Internet content are different factors that lead to move the access control from servers to clients. Several encryption schemes can be used to serve this purpose but all suffer from a static way of sharing data. In a precedent paper, we devised smarter client-based access control managers exploiting hardware security elements on client devices. The goal pursued is being able to evaluate dynamic and personalized access control rules on a ciphered XML input document, with the benefit of dissociating access rights from encryption. In this demonstration, we validate our solution using a real smart card platform and explain how we deal with the constraints usually met on hardware security elements (small memory and low throughput). Finally, we illustrate the generality of the approach and the easiness of its deployment through two different applications: a collaborative application and a parental control application on video streams.
Posted Content•
TL;DR: This paper presents new concept for providing mobile agents with integrity protection, based on a zero-knowledge proof system, and proposes mechanisms to secure the compiled program, but also the data, that can be gathered during its “journey”.
Abstract: The recent developments in the mobile technology (mobile phones, middleware) created a need for new methods of protecting the code transmitted through the network. The proposed mechanisms not only secure the compiled program, but also the data, that can be gathered during its “journey”. The oldest and the simplest methods are more concentrated on integrity of the code itself and on the detection of unauthorized manipulation. Other, more advanced proposals protect not only the code but also the execution state and the collected data. The paper is divided into two parts. The first one is mostly devoted to different methods of securing the code and protecting its integrity; starting from watermarking and fingerprinting, up to methods designed specially for mobile agent systems: encrypted function, cryptographic traces, time limited black-box security, chained-MAC protocol, publicly-verifiable chained digital signatures The second part presents new concept for providing mobile agents with integrity protection, based on a zero-knowledge proof system.
Posted Content•
TL;DR: In this paper, techniques based on Kolmogorov complexity can help in the analysis of internet worms and network traffic, using compression, different species of worms can be clustered by type, which allows to determine whether an unknown worm binary could in fact be a later version of an existing worm in an extremely simple, automated, manner.
Abstract: Internet worms have become a widespread threat to system and network operations. In order to fight them more efficiently, it is necessary to analyze newly discovered worms and attack patterns. This paper shows how techniques based on Kolmogorov Complexity can help in the analysis of internet worms and network traffic. Using compression, different species of worms can be clustered by type. This allows us to determine whether an unknown worm binary could in fact be a later version of an existing worm in an extremely simple, automated, manner. This may become a useful tool in the initial analysis of malicious binaries. Furthermore, compression can also be useful to distinguish different types of network traffic and can thus help to detect traffic anomalies: Certain anomalies may be detected by looking at the compressibility of a network session alone. We furthermore show how to use compression to detect malicious network sessions that are very similar to known intrusion attempts. This technique could become a useful tool to detect new variations of an attack and thus help to prevent IDS evasion. We provide two new plugins for Snort which demonstrate both approaches.
Posted Content•
TL;DR: It is proved that for each odd $n$, there is exactly one trivial balanced $n$-variable symmetric Boolean function achieving the algebraic immunity $\lceil \frac{n}{2}\rceil $.
Abstract: To resist algebraic attack, a Boolean function should possess good algebraic immunity (AI). Several papers constructed symmetric functions with the maximum algebraic immunity $\lceil \frac{n}{2}\rceil $. In this correspondence we prove that for each odd $n$, there is exactly one trivial balanced $n$-variable symmetric Boolean function achieving the algebraic immunity $\lceil \frac{n}{2}\rceil $. And we also obtain a necessary condition for the algebraic normal form of a symmetric Boolean function with maximum algebraic immunity.
Posted Content•
TL;DR: In this article, the authors point out that the first scheme is not really as secure as the Root Problem, and describe an efficient way to crack it, which works for any group.
Abstract: Lal and Chaturvedi proposed two authentication schemes based on the difficulty of the Root Problem in the braid group. We point out that the first scheme is not really as secure as the Root Problem, and describe an efficient way to crack it. The attack works for any group.
Posted Content•
TL;DR: A first multi-proxy multi-signcryption scheme from pairings, which efficiently combines a multi- proxy multi-Signature scheme with a signcryption, is proposed and its security is analyzed in detail.
Abstract: A first multi-proxy multi-signcryption scheme from pairings, which efficiently combines a multi-proxy multi-signature scheme with a signcryption, is proposed. Its security is analyzed in detail. In our scheme, a proxy signcrypter group could be authorized as a proxy agent by the cooperation of all members in the original signcrypter group. Then the proxy signcryptions can be generated by the cooperation of all the signcrypters in the authorized proxy signcrypter group on behalf of the original signcrypter group. The correctness and the security of this scheme are proved.
Posted Content•
TL;DR: In this document, a formal approach to encrypt, decrypt, transmit and receive information using colors is explored and a formal notion on hybrid cryptography is introduced as the algorithm lies on the boundary of symmetry and asymmetric cryptography.
Abstract: In this document, a formal approach to encrypt, decrypt, transmit and receive information using colors is explored. A piece of information consists of set of symbols with a definite property imposed on the generating set. The symbols are usually encoded using ascii scheme. A linear to 3d transformation is presented. The change of axis from traditional xyz to rgb is highlighted and its effect are studied. A point in this new axis is then represented as a unique color and a vector or matrix is associated with it, making it amenable to standard vector or matrix operations. A formal notion on hybrid cryptography is introduced as the algorithm lies on the boundary of symmetric and asymmetric cryptography. No discussion is complete, without mentioning reference to communication aspects of secure information in a channel. Transmission scheme pertaining to light as carrier is introduced and studied. Key-exchanges do not come under the scope of current frame of document.
Posted Content•
TL;DR: A new coding problem -- steganographic codes (abbreviated stego-codes) -- is presented in this paper and it is shown that there is a corresponding relation between MLE codes and perfect error-correcting codes.
Abstract: To study how to design steganographic algorithm more efficiently, a new coding problem -- steganographic codes (abbreviated stego-codes) -- is presented in this paper. The stego-codes are defined over the field with $q(q\ge2)$ elements. Firstly a method of constructing linear stego-codes is proposed by using the direct sum of vector subspaces. And then the problem of linear stego-codes is converted to an algebraic problem by introducing the concept of $t$th dimension of vector space. And some bounds on the length of stego-codes are obtained, from which the maximum length embeddable (MLE) code is brought up. It is shown that there is a corresponding relation between MLE codes and perfect error-correcting codes. Furthermore the classification of all MLE codes and a lower bound on the number of binary MLE codes are obtained based on the corresponding results on perfect codes. Finally hiding redundancy is defined to value the performance of stego-codes.
Posted Content•
TL;DR: The security aspects during the design process of the proposed directed digital signature schemes are discussed and the applications of these schemes in different situations are discussed.
Abstract: In this thesis, we propose some directed signature schemes. In addition, we have discussed their applications in different situations. In this thesis, we would like to discuss the security aspects during the design process of the proposed directed digital signature schemes. The security of the most digital signature schemes widely use in practice is based on the two difficult problems, viz; the problem of factoring integers (The RSA scheme) and the problem of finding discrete logarithms over finite fields (The ElGamal scheme). The proposed works in this thesis is divided into seven chapters.
Posted Content•
TL;DR: The structure of the Wei-Xiao-Chen algorithm is optimized for the linear complexity of sequences over GF(q) with period N = 2pn, where p and q are odd primes, and q is a primitive root of modulo p2.
Abstract: The union cost is used, so that an efficient algorithm for computing the k-error linear complexity of a sequence with period 2pn over GF(q) is presented, where p and q are odd primes, and q is a primitive root of modulo p2.
Posted Content•
TL;DR: It is shown that the proposed secure key issuing protocol suffers from impersonation, insider attacks and incompetency of the key privacy authorities, and is cryptanalyze Sui et al.
Abstract: To remove key escrow problem and avoid the need of secure channel in ID based cryptosystem Lee et al.[1] proposed a secure key issuing protocol. However we show that it suffers from impersonation, insider attacks and incompetency of the key privacy authorities. We also cryptanalyze Sui et al.’s[2] separable and anonymous key issuing protocol.
Posted Content•
TL;DR: This paper explores the unique challenges of securing HPCs and proposes a threat model based on the classical Confidentiality, Integrity and Availability security principles.
Abstract: Over the past decade, high performance computational (HPC) clusters have become mainstream in academic and industrial settings as accessible means of computation. Throughout their proliferation, HPC security has been a secondary concern to performance. It is evident, however, that ensuring HPC security presents different challenges than the ones faced when dealing with traditional networks. To design suitable security measures for high performance computing, it is necessary to first realize the threats faced by such an environment. This task can be accomplished by the means of constructing a comprehensive threat model. To our knowledge, no such threat model exists with regards to Cluster Computing. In this paper, we explore the unique challenges of securing HPCs and propose a threat model based on the classical Confidentiality, Integrity and Availability security principles.
Posted Content•
TL;DR: This report presents a taxonomy of vulnerabilities created as a part of an effort to develop a framework for deriving verification and validation strategies to assess software security.
Abstract: This report presents a taxonomy of vulnerabilities created as a part of an effort to develop a framework for deriving verification and validation strategies to assess software security This taxonomy is grounded in a theoretical model of computing, which establishes the relationship between vulnerabilities, software applications and the computer system resources This relationship illustrates that a software application is exploited by violating constraints imposed by computer system resources and assumptions made about their usage In other words, a vulnerability exists in the software application if it allows violation of these constraints and assumptions The taxonomy classifies these constraints and assumptions The model also serves as a basis for the classification scheme the taxonomy uses, in which the computer system resources such as, memory, input/output, and cryptographic resources serve as categories and subcategories Vulnerabilities, which are expressed in the form of constraints and assumptions, are classified according to these categories and subcategories This taxonomy is both novel and distinctively different from other taxonomies found in the literature