Showing papers in "International Journal of Network Security in 2005"

Research on intrusion detection and response: a survey

Abstract: With recent advances in network based technology and increased dependability of our every day life on this technology, assuring reliable operation of network based systems is very important. During recent years, number of attacks on networks has dramatically increased and consequently interest in network intrusion detection has increased among the researchers. This paper provides a review on current trends in intrusion detection together with a study on technologies implemented by some researchers in this research area. Honey pots are effective detection tools to sense attacks such as port or email scanning activities in the network. Some features and applications of honey pots are explained in this paper.

Authenticated Encryption Schemes: Current Status and Key Issues

Abstract: Nyberg and Ruppel first proposed a signature scheme with message recovery based on DSA in 1993, and the authenticated encryption scheme is a special application of their scheme. Afterward, there are many papers proposed about the authenticated encryption schemes. The signature scheme can reduce the transmitted cost, because the message has been contained in the signature of the message and the signer does not necessary to send the receiver the message and the signature. The scheme is very suitable for the key agreement application, because a key is a small amount of a message. In order to comprehend and interpret the authenticated encryption schemes overall, we discuss the evolution and the existed problems of authenticated encryption schemes.

The Wireless Application Protocol

Abstract: The Wireless Application Protocol (WAP) is a protocol stack for wireless communication networks. WAP uses WTLS, a wireless variant of the SSL/TLS protocol, to secure the communication between the mobile phone and other parts of the WAP architecture. This paper describes the security architecture of WAP and some important properties of the WTLS protocol. There are however some security problems with WAP and the WTLS protocol. Privacy, data protection and integrity are not always provided. Users and developers of WAP-applications should be aware of this. In this paper, we address the security weaknesses of WAP and WTLS and propose some countermeasures and good practices when using WAP. We conclude with advising when to use WAP and when not.

Privacy Preserving K-nearest Neighbor Classification

Abstract: This paper considers how to conduct k-nearest neighbor classification in the following scenario: multiple parties, each having a private data set, want to collaboratively build a k-nearest neighbor classifier without disclosing their private data to each other or any other parties. Specifically, the data are vertically partitioned in that all parties have data about all the instances involved, but each party has its own view of the instances - each party works with its own attribute set. Because of privacy constraints, developing a secure framework to achieve such a computation is both challenging and desirable. In this paper, we develop a secure protocol for multiple parties to conduct the desired computation. All the parties participate in the encryption and in the computation involved in learning the k-nearest neighbor classifiers 1 .

Research Issues and Challenges for Multiple Digital Signatures

Abstract: In this paper, we surveyed several well-known batch veriflcation multiple digital signatures. These schemes can batch verify multiple digital signatures which need only one veriflcation instead of t veriflcations. However, a number of weaknesses of these schemes are pointed out. According to our proposed issues and challenges, we compared and analyzed them. To sum up these schemes, a secure and e‐cient multiple digital signatures scheme which needs only one veriflcation remains an open problem.

Revisit of McCullagh-Barreto Two-Party ID-Based Authenticated Key Agreement Protocols

Abstract: We revisit the two-party identity-based authenticated key agreement protocol (2P-IDAKA) and its variant resistant to key-compromise impersonation due to McCullagh & Barreto (2005). Protocol 2P-IDAKA carries a proof of security in the Bellare & Rogaway (1993) model. In this paper, we demonstrated why both the protocol and its variant are not secure if the adversary is allowed to send a Reveal query to reveal non-partner players who had accepted the same session key (i.e., termed key-replicating attack in recent work of Krawczyk (2005)). We also demonstrate that both protocols do not achieve the key integrity property, first discussed by Janson & Tsudik (1995).

Using Threshold Attribute-Based Encryption for Practical Biometric-Based Access Control

Abstract: Threshold attribute-based encryption (thABE) is a variant of identity-based encryption which views identities as sets of descriptive attributes. If a thABE ciphertext c is computed for a set ω of attributes, then, to decrypt c, a user must have keys associated with a sufficiently large subset of ω. One application of thABE is biometric-based access control (BBAC). Practical BBAC applications impose the following constraints on the design of thABE schemes: first, a suitable thABE scheme must have an efficient decryption procedure; second, the proposed scheme must prevent colluding users from being able to decrypt ciphertexts which none of them could decrypt; third, the designed scheme must provide a mechanism whereby encryptors can, at encryption time, specify multiples sets of attributes with their corresponding threshold values. To the best of our knowledge, no scheme is known that simultaneously satisfies the aforementioned requirements. This paper describes an efficient and collusion-resistant thABE scheme featuring dynamically-specifiable threshold values. The proposed scheme is proven secure in the random oracle model, and its efficiency and flexibility are compared with Sahai and Waters'thABE scheme.

Man-in-the-Middle Attack on the Authentication of the User from the Remote Autonomous Object

Abstract: In 2003, Novikov and Kiselev proposed an authentication of the user from the remote autonomous object. In this article, we shall show that the Novikov-Kiselev scheme cannot against a man-in-the-middle attack.

Threshold Signatures: Current Status and Key Issues

Abstract: In this paper, we survey all related threshold signature schemes and classify them with different properties. In order to compare them with different properties, we image there is an ideal threshold signature scheme which satisfies all requirements of threshold signature schemes. Based on this ideal threshold signature, readers can easily to understand what the next generation of threshold signature schemes is and attempt to propose it.

A Simple Attack on a Recently Introduced Hash-Based Strong-Password Authentication Scheme

Abstract: The user authentication is an important part of network security. Several strong-password authentication protocols have been introduced, but a secure scheme, which probably withstands to several known attacks, is not yet available. Recently, a hash-based strong-password authentication scheme was described in [2], which withstands to the several attacks, including replay, passwordflle compromise, denial-of-service, and insider attacks. However, we show that this protocol is still vulnerable to stolen-verifler, denial-of-service, replay, and impersonation attacks.

Self-Healing Group Key Distribution

Abstract: In this paper we propose the self-healing feature for group key distribution through Subset Difference (SD) method proposed by D. Naor et al. The subset difference method is one of the efficient proposals for group key distribution, however, recently a polynomial based solution for key distribution was proposed by D. Liu et al., which has the similar message size but also provides self-healing feature. We compare the two schemes and show that, SD has better performance in key recovery operation and is secure against the collusion of any number of revoked users. By incorporating the feature for self-healing to SD, it will be a more practical solution for the networks where packet loss is common. In addition to the self-healing feature, we also present some optimization techniques to reduce the overhead caused by the self-healing capability. Finally, we discuss the idea of mutual healing and mention certain requirements for that method for key recovery.

A Secure Mobile IP Registration Protocol.

Abstract: The wireless network develop is support mobility within the Internet at presently. The mobile Internet use Mobile IP technologies in the wireless Internet. This paper is concerned with the security aspect of the registration protocol in Mobile IP. In this paper we publish a new method use the secure-key combine minimal public-key besides produce the communication session key in mobile node registration protocol. The all communication message are encrypt in our propose method. An easy and fast authentication method for establishing a mobile node’s identity that can also prevent replay, TCP spicing and guessing attack is proposed.

On the Authentication of the User from the Remote Autonomous Object

Abstract: In 2003, Novikov and Kislev proposed a scheme for an authentication of the user from the remote autonomous object. Recently Yang et al. pointed out an evidence of man-in-middle attack. In this paper we show another evidence of man-in-middle-attack. We also pointed out that reflection attack can also be framed successfully on the scheme.

Two Attacks on the Wu-Hsu User Identification Scheme

Abstract: In 2000, Lee and Chang proposed a user identification scheme with key distribution preserving anonymity for distributed computer networks. Recently, Wu and Hsu pointed out that there are two weaknesses in the Lee-Chang scheme. They further not only proposed a new scheme to remedy the security leaks of the Lee-Chang scheme, but also reduced computation complexities and communication cost as compared with the Lee-Chang scheme. However, in this article we show that there are two attacks in their scheme.

Co-operative Private Equality Test

Abstract: We study the following problem: party A's secret input is a, party B's secret input is b, and party C's input is empty; they want to know if a = b with restriction that A and B should not learn anything more than what is implied by their secret inputs and the comparison result, and C should not learn anything about a or b except if a = b. This problem can be seen as a variant of the socialist millionaires' problem. We propose a simple and efficient protocol for this problem from a semantically homomorphic encryption scheme. The protocol is fair if party C is semi-honest.

The PYRAMIDS Block Cipher.

Abstract: The ”PYRAMIDS” Block Cipher is a symmetric encryption algorithm of a 64, 128, 256-bit plaintext block, that accepts a variable key length of 128, 192, 256 bits. The algorithm is an iterated cipher consisting of repeated applications of simple round transformations with different operations and different sequences in each round.

An Efficient Authentication Scheme between MANET and WLAN Based on Mobile IPv6

Abstract: One of the major challenges for a wireless network design is the efficient authentication scheme. A mobile node (MN) attached to a WLAN and then moved into an area where the radio signal coverage from the access point (AP) does not exist. The mobile node may reconfigure itself into ad hoc mode and connect to this network. Before the mobile node using the resource, it must be verified whether legally or not. But in Mobile IP protocol, every mobile node must perform the home registration to register with HA every second. If the foreign network is far from the home network, the authentication time delay will be long. To reduce the time delay of authentication and home registration, we provide an efficient registration scheme. We use local authentication to achieve efficiency, and use Mobile IPv6 to support the mobility.

Access Control in Networks Hierarchy: Implementation of Key Management Protocol

Abstract: The special needs for cryptography, of both wired and wireless networks, have attracted the researchers’ major interest in the design of new security schemes. This work deals with the access control in network hierarchy. More analytically, an efficient architecture and the implementation of a key management protocol are proposed in this paper. This protocol main philosophy is centered in the usage of hash functions. Alternative hash functions have been implemented and studied, in order to select between the most efficient proposed architecture, concerning both performance and allocated resources. Finally the dynamic access of the system is presented. The proposed system could be applied efficiently in networks with multi-nodes and multi-users authentication demands, providing high speed performance and high level security strength.

Cryptanalysis of a Secure One-time Password Authentication Scheme with Low-communication for Mobile Communications.

Abstract: User authentication is a most important protocol in a distribution network. Those authentication schemes have been proposed for many years, and a one-time password authentication scheme is one of them. In 2004, Lin and Chang proposed a one-time password authentication scheme which is free from replay attacks, server spoofing attacks, off-line dictionary attacks, active attacks, and revelation of message contents. However, their scheme will suffer from guessing attacks which is proposed by us in this paper.

The Utility of Partial Knowledge in Behavior Models: an Evaluation for Intrusion Detection

Abstract: To enlarge the detection capability of an incomplete behavior model, model generalization is necessary to make every behavior signature identify more behavior instances. In this paper, based on a general intrusion detection framework, M out of N features in a behavior signature are utilized to detect the behaviors (M ≤ N) instead of using all N features. This is because M of N features in a signature can generalize the behavior model to incorporate unknown behaviors, which are useful to detect novel intrusions outside the known behavior model. However, the preliminary experimental results show that all features of any signature should be fully utilized for intrusion detection instead of M features in it. This is because the M of N features scheme will make the behavior identification capability of the behavior model lost by detecting most behaviors as 'anomalies' or 'alarms'.

Cryptanalysis of a New Efficient MAKEP for Wireless Communications

Abstract: In 2001, Wong and Chan proposed two mutual authentication and key exchange protocols (MAKEP) for low power wireless communications, which were suitable for establishing secure communications between a low-power wireless device and a powerful base station. Unfortunately, Shim pointed out Wong and Chan’s schemes were incurred the unknown key-shared attack, then he proposed an improved scheme to overcome this weakness. Later, Jan and Chen found that the improved scheme was vulnerable to the man-in-the-middle attack. Then, they also proposed a new efficient MAKEP in spirit of Girault’s method to withstand the above weakness. However, in this paper, we shall show that Jan and Chen’s scheme suffered from the forgery attack and the man-inthe-middle attack.

A Lightweight Security Mechanism for ATM Networks

Abstract: The IP converge the multi-applications over Internet, and ATM will construct global networks for IP development. It is a signiflcant research to associate those projects. The vision is that company or enterprise will have ATM switches on their own site to transfer bulk data across Internet. In this paper, we propose a lightweight security mechanism to support secure communications for ATM Networks. The mostly threats and attacks could be protected through authentication and confldentiality practiced in ATM networks. In our scheme, security parameter exchanges and session key generations are the engine that deployed under security module with in-band control. The security policy will process uncontrollable state with default criteria. We utilize an embed-policy as con∞ict resolution to promote the reliability of lightweight security system.

Improvement of Threshold Signature Using Self-certified Public Keys.

Abstract: A (t, n) threshold signature scheme allows any t or more signers to cooperatively sign messages on behalf of a group, but t − 1 or fewer signers cannot. Wu and Hsu recently proposed a new (t, n) threshold signature scheme using self-certified public keys. In their scheme, the authentication of the self-certified individual/group public keys can be confirmed simultaneously in the procedure of verifying the individual/group signatures. Compared with threshold signature schemes based on the certifiedbased public key systems, their scheme is more efficient. However, the author of this paper points out that there are some problems in the Wu-Hsu scheme. The registration stage cannot work since there is a deadlock in the computation of the self-certified individual public keys. Moreover, some t or more malicious signers can conspire together against the group, and the system authority SA can also conspire with a malicious user to forge the group public key without being detected. Finally, we propose an improvement to counter the two attacks. Its signature computation and verification are more efficient than that of the Wu-Hsu scheme. The system authority SA can identify the actual signers, while they are anonymous to outsiders.

A Scheme for Key Management on Alternate Temporal Key Hash

Abstract: Wired equivalent privacy encryption of IEEE 80211 standard is based on the RC4 stream cipher, but the weakness in its Initialization Vector (IV) derivation causes the Key Scheduling Algorithm (KSA) of RC4 to leak out the information about the secret key It is shared among the particular participants in the Wireless LAN (WLAN) Housley et al proposed an Alternate Temporal Key Hash (ATKH) to solve the weakness of the KSA; they defeated the particular IV may make the KSA to leak out the information about the shared secret key However, the ATKH did not solve the key management in WLAN Since a robust key management is a critical factor to prevent the eavesdropping from attackers Therefore, in this paper, we shall propose a scheme to make key management feasible in their solution without changing the framework of the ATKH and the existing 80211 standards

Comment on the Public Key Substitution Attacks

Abstract: In this paper we present a comment on some previous works about the Public Key Substitution Attacks (PKSA in brief). Though there exist some security flaws for the schemes being attacked, we point out that these attacks on them are either trivial or avoidable after a little modification.