Showing papers on "40-bit encryption published in 2004"

Order preserving encryption for numeric data

Abstract: Encryption is a well established technology for protecting sensitive data. However, once encrypted, data can no longer be easily queried aside from exact matches. We present an order-preserving encryption scheme for numeric data that allows any comparison operation to be directly applied on encrypted data. Query results produced are sound (no false hits) and complete (no false drops). Our scheme handles updates gracefully and new values can be added without requiring changes in the encryption of other values. It allows standard databse indexes to be built over encrypted tables and can easily be integrated with existing database systems. The proposed scheme has been designed to be deployed in application environments in which the intruder can get access to the encrypted database, but does not have prior domain information such as the distribution of values and annot encrypt or decrypt arbitrary values of his choice. The encryption is robust against estimation of the true value in such environments.

Nonce-based symmetric encryption

Abstract: Symmetric encryption schemes are usually formalized so as to make the encryption operation a probabilistic or state-dependent function e of the message M and the key K: the user supplies M and K and the encryption process does the rest, flipping coins or modifying internal state in order to produce a ciphertext C. Here we investigate an alternative syntax for an encryption scheme, where the encryption process e is a deterministic function that surfaces an initialization vector (IV). The user supplies a message M, key K, and initialization vector N, getting back the (one and only) associated ciphertext \(C=\cal E_K^N(M)\). We concentrate on the case where the IV is guaranteed to be a nonce—something that takes on a new value with every message one encrypts. We explore definitions, constructions, and properties for nonce-based encryption. Symmetric encryption with a surfaced IV more directly captures real-word constructions like CBC mode, and encryption schemes constructed to be secure under nonce-based security notions may be less prone to misuse.

Nonce-based symmetric encryption

Abstract: Symmetric encryption schemes are usually formalized so as to make the encryption operation a probabilistic or state-dependent function e of the message M and the key K: the user supplies M and K and the encryption process does the rest, flipping coins or modifying internal state in order to produce a ciphertext C. Here we investigate an alternative syntax for an encryption scheme, where the encryption process e is a deterministic function that surfaces an initialization vector (IV). The user supplies a message M, key K, and initialization vector N, getting back the (one and only) associated ciphertext C = e N K(M). We concentrate on the case where the IV is guaranteed to be a nonce-something that takes on a new value with every message one encrypts. We explore definitions, constructions, and properties for nonce-based encryption. Symmetric encryption with a surfaced IV more directly captures real-word constructions like CBC mode, and encryption schemes constructed to be secure under nonce-based security notions may be less prone to misuse.

ID-based encryption for complex hierarchies with applications to forward security and broadcast encryption

Abstract: A forward-secure encryption scheme protects secret keys from exposure by evolving the keys with time. Forward security has several unique requirements in hierarchical identity-based encryption (HIBE) scheme: (1) users join dynamically; (2) encryption is joining-time-oblivious; (3) users evolve secret keys autonomously.We present a scalable forward-secure HIBE (fs-HIBE) scheme satisfying the above properties. We also show how our fs-HIBE scheme can be used to construct a forward-secure public-key broadcast encryption scheme, which protects the secrecy of prior transmissions in the broadcast encryption setting. We further generalize fs-HIBE into a collusion-resistant multiple hierarchical ID-based encryption scheme, which can be used for secure communications with entities having multiple roles in role-based access control. The security of our schemes is based on the bilinear Diffie-Hellman assumption in the random oracle model.

Encryption key setting system, access point, encryption key setting method, and authentication code setting system

Abstract: Access point 20 starts the WEP key setting process by working registration button 127 A of remote controller 30 . The range reached by the electric waves transmitted from access point 20 is changed from wireless communication area AR 1 which is the normal range to security communication area MR 1 which is a narrower range. After that, access point 20 delivers the used WEP key to terminal 50 , and after confirming delivery, registers the MAC address of terminal 50 . Terminal 50 sets the delivered WEP key itself. As a result, it is possible to realize with a simple method the new addition of terminals used for a wireless LAN while preventing leaking of data that represents the encryption key.

Anonymous trust: digital rights management using broadcast encryption

Abstract: Broadcast encryption is an active area of cryptographic research. Originally defined by Fiat and Naor, broadcast encryption refers to key management schemes that operate when the participating parties do not have a two-way communication path. We contrast that with public-key cryptography: all known public-key protocols require a handshake to establish a common key. We extend the use of broadcast encryption to solve problems that have been traditionally addressed by public-key cryptography: we discuss the xCP cluster protocol, a proposed digital rights management (DRM) system for the home entertainment network, and we illustrate a broadcast-encryption-based content distribution system, which can work without requiring any secrets in the DRM client.

Symmetric encryption in a simulatable Dolev-Yao style cryptographic library

Abstract: Recently we showed how to justify a Dolev-Yao type model of cryptography as used in virtually all automated protocol provers under active attacks and in arbitrary protocol environments. The justification was done by defining an ideal system handling Dolev-Yao-style terms and a cryptographic realization with the same user interface, and by showing that the realization is as secure as the ideal system in the sense of reactive simulatability. This definition encompasses arbitrary active attacks and enjoys general composition and property-preservation properties. Security holds in the standard model of cryptography and under standard assumptions of adaptively secure primitives. A major primitive missing in that library so far is symmetric encryption. We show why symmetric encryption is harder to idealize in a way that allows general composition than existing primitives in this library. We discuss several approaches to overcome these problems. For our favorite approach we provide a detailed provably secure idealization of symmetric encryption within the given framework for constructing nested terms.

Data-image-video encryption

Abstract: This paper describes the most representative algorithms and standards for the encryption of data, digital images and MPEG video. The general model a typical encryption/decryption system about the security principle is discussed. Data encryption mainly is the scrambling of the content of data, text, image, audio, and video and to make the data unreadable, invisible or incomprehensible during ciphertext transmission. The goal is to protect the content of the data against the attackers. The reverse of data encryption is data decryption, which recovers the original data. There are two types of encryption/decryption key: the public-key system and the private-key system. The most promising features are joint lossless compression, joint encryption and hiding based on SCAN language which analyses the unique properties of digital image and video and search for high security algorithms to reduce the overall computational cost.

Small Pseudo-Random Families of Matrices: Derandomizing Approximate Quantum Encryption

Abstract: A quantum encryption scheme (also called private quantum channel, or state randomization protocol) is a one-time pad for quantum messages. If two parties share a classical random string, one of them can transmit a quantum state to the other so that an eavesdropper gets little or no information about the state being transmitted. Perfect encryption schemes leak no information at all about the message. Approximate encryption schemes leak a non-zero (though small) amount of information but require a shorter shared random key. Approximate schemes with short keys have been shown to have a number of applications in quantum cryptography and information theory [8].

Encryption against Storage-Bounded Adversaries from On-Line Strong Extractors

Abstract: We study the problem of information-theoretically secure encryption in the bounded-storage model introduced by Maurer. The sole assumption of this model is a limited storage bound on an eavesdropper Eve, who is even allowed to be computationally unbounded. Suppose a sender Alice and a receiver Bob agreed on a short private key beforehand, and there is a long public random string accessible by all parties, say broadcast from a satellite or sent by Alice. Eve can only store some partial information of this long random string due to her limited storage. Alice and Bob read the public random string using the shared private key, and produce a one-time pad for encryption or decryption. In this setting, Aumann et al. proposed protocols with a nice property called everlasting security, which says that the security holds even if Eve later manages to obtain that private key. Ding and Rabin gave a better analysis showing that the same private key can be securely reused for an exponential number of times, against some adaptive attacks.We show that an encryption scheme with such nice properties can be derived immediately from any strong randomness extractor, a function which extracts randomness from a slightly random source, so that its output and its seed together are almost random. To have an efficient encryption scheme, one needs a strong extractor that can be evaluated in an on-line and efficient way. We give one such construction, which yields an encryption scheme that has the nice security properties as before but now can encrypt longer messages using shorter private keys.

Time-multiplexed multi-program encryption system

Abstract: A system and method are described for greatly increasing the number of services that can be encrypted with existing conditional access equipment (130). The method is most useful when many digitally compressed programs are encrypted at the same time. Only the most critical components of each compressed video, audio, or data stream are selected and then sequenced into a single stream (215). Additional formatting causes this sequence of segments from multiple sources to appear as a single continuous stream to the conditional access system (130). Once this sequenced into their respective programs. Messages such as the Entitlement Control Messages that are inserted into the stream by the encryption system (120), are also adjusted and included with each of the reconstructed programs. The technique not only allows encryption systems to be designed using less encryption hardware, but also simplifies the management of encryption sessions, particularly in on-demand programming applications.

About the security of ciphers (semantic security and pseudo-random permutations)

Abstract: Probabilistic symmetric encryption have already been widely studied, from a theoretical point of view. Nevertheless, many applications require length-preserving encryption, to be patched at a minimal cost to include privacy without modifying the format (e.g. encrypted filesystems). In this paper, we thus consider the security notions for length-preserving, deterministic and symmetric encryption schemes, also termed ciphers: semantic security under lunchtime and challenge-adaptive adversaries. We furthermore provide some relations for this notion between different models of adversaries, and the more classical security notions for ciphers: pseudo-random permutations (PRP) and super pseudo-random permutations (SPRP).

Immunizing Encryption Schemes from Decryption Errors

Abstract: We provide methods for transforming an encryption scheme susceptible to decryption errors into one that is immune to these errors. Immunity to decryption errors is vital when constructing non-malleable and chosen ciphertext secure encryption schemes via current techniques; in addition, it may help defend against certain cryptanalytic techniques, such as the attack of Proos [33] on the NTRU scheme.

Immunizing encryption schemes from decryption errors

Abstract: We provide methods for transforming an encryption scheme susceptible to decryption errors into one that is immune to these errors. Immunity to decryption errors is vital when constructing non-malleable and chosen ciphertext secure encryption schemes via current techniques; in addition, it may help defend against certain cryptanalytic techniques, such as the attack of Proos [33] on the NTRU scheme. When decryption errors are very infrequent, our transformation is extremely simple and efficient, almost free. To deal with significant error probabilities, we apply amplification techniques translated from a related information theoretic setting. These techniques allow us to correct even very weak encryption schemes where in addition to decryption errors, an adversary has substantial probability of breaking the scheme by decrypting random messages (without knowledge of the secret key). In other words, under these weak encryption schemes, the only guaranteed difference between the legitimate recipient and the adversary is in the frequency of decryption errors. All the above transformations work in a standard cryptographic model; specifically, they do not rely on a random oracle. We also consider the random oracle model, where we give a simple transformation from a one-way encryption scheme which is error-prone into one that is immune to errors. We conclude that error-prone cryptosystems can be used in order to create more secure cryptosystems.

Hierarchical encryption key system for securing digital media

Abstract: The hierarchical encryption key system uses multiple encryption processes for encrypting digital media content in a manner that supports both broadcast and delayed or time-shifted modes of content delivery. The hierarchical encryption key system uses a hierarchical series of encryption keys wherein each subsequent key in the hierarchy encrypts successively increasing time periods of the content that is transmitted from the Cable Modem Termination System to the consumer device. In addition, at one of the layers, the keys are aggregated into a collection or table of keys. The aggregation of keys facilitates the playback of recorded digital content (as opposed to broadcast or streaming digital content) by aggregating keys required for the duration of the content separately. The different layers are linked in a manner to make it difficult to use a brute force attack in an attempt to determine the keys.

A generic construction for intrusion-resilient public-key encryption

Abstract: In an intrusion-resilient cryptosystem [10], two entities (a user and a base) jointly evolve a secret decryption key; this provides very strong protection against an active attacker who can break into the user and base repeatedly and even simultaneously. Recently, a construction of an intrusion-resilient public-key encryption scheme based on specific algebraic assumptions has been shown [6]. We generalize this previous work and present a more generic construction for intrusion-resilient public-key encryption from any forward-secure public-key encryption scheme satisfying a certain homomorphic property.

Security evaluation for communication-friendly encryption of multimedia

Abstract: This paper addresses the access control issues unique to multimedia, by using a joint signal processing and cryptographic approach to multimedia encryption. Based on three atomic encryption primitives, we present a systematic study on how to strategically integrate different atomic operations to build a video encryption system. We also propose a set of multimedia-specific security metrics to quantify the security against approximation attacks and to complement the existing notion of generic data security. The resulting system can provide superior performance to both generic encryption and its simple adaptation to video in terms of a joint consideration of security, bitrate overhead, and communication friendliness.

Encryption security in a network system

Abstract: A system and method for enhancing the security of signal exchanges in a network system. The system and method include a process and means for generating one or more replacement encryption key sets based on information and events. The information that may cause the generation of a replacement encryption key set includes, but is not limited to, a specified period of time, the level and/or type of signal traffic, and the signal transmission protocol and the amount of data sent. A key manager function initiates the replacement encryption key process based on the information. The replacement encryption key set may be randomly or pseudo-randomly generated. Functions attached to the network system required to employ encryption key sets may have encryption key sets unique to them or shared with one or more other attached functions. The system and method may be employed in a wireless, wired, or mixed transmission medium environment.

Systems and methods for compression of key sets having multiple keys

Abstract: Systems, methods and modulated data signals are described herein that provide an efficient way to derive a single key from which a user can extract virtually any number of data encryption keys. A database is logically divided into segments and a small prime number is associated with each segment. An encryption key is derived for each segment in the database and a key set is determined for distributing a data subset to a user. Each segment is encrypted with the corresponding encryption key. A single key is derived using the prime numbers associated with the data segments and the single key, the encrypted database, and a small amount of public information is provided to the user. The user utilizes this information to extract the encryption key set from the single key. One implementation utilizes a tree structure to significantly reduce the number of modular exponentiations that must be calculated when extracting the encryption keys. This, in turn, dramatically decreases the processing overhead that must be allocated to the processing associated with deriving the encryption keys.

A selective image encryption scheme based on JPEG2000 codec

Abstract: In this paper, a novel image encryption scheme based on JPEG2000 is proposed, which encrypts some sensitive frequency subbands, bit-planes or encoding-passes selectively and partially It is secure against such attack as known-plaintext attack or replacement attack It is of low cost, keeps file format and compression ratio unchanged, supports direct bit-rate control, and does not degrade the original error-robustness These properties make it suitable for real-time applications with direct bit-rate control requirement, such as web imaging, image communication, mobile or wireless multimedia, and so on

Broadcast encryption key distribution system

Abstract: Each terminal in a radio ad hoc communication system includes an encryption key management list table (660). The encryption key management list table (660) holds a unicast encryption key (662) correlated with a terminal identifier (661) such as a MAC address and used for unicast communication to/from the terminal identified by the terminal identifier (661) and a broadcast encryption key (663) used when the terminal identified by the terminal identifier (661) performs a broadcast communication. Thus, a broadcast encryption key is provided for each of the terminals performing the broadcast communication and management of the broadcast encryption key is performed autonomously and dispersedly by each terminal. Thus, in the radio ad hoc communication system, management of the broadcast encryption key is performed autonomously and dispersedly.

The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model

Abstract: This document describes a symmetric encryption protocol that supplements the protocols described in the User-based Security Model (USM), which is a Security Subsystem for version 3 of the Simple Network Management Protocol for use in the SNMP Architecture. The symmetric encryption protocol described in this document is based on the Advanced Encryption Standard (AES) cipher algorithm used in Cipher FeedBack Mode (CFB), with a key size of 128 bits. [STANDARDS-TRACK]

Attacking and repairing the winZip encryption scheme

Abstract: WinZip is a popular compression utility for Microsoft Windows computers, the latest version of which is advertised as having "easy-to-use AES encryption to protect your sensitive data." We exhibit several attacks against WinZip's new encryption method, dubbed "AE-2" or "Advanced Encryption, version two." We then discuss secure alternatives. Since at a high level the underlying WinZip encryption method appears secure (the core is exactly Encrypt-then-Authenticate using AES-CTR and HMAC-SHA1), and since one of our attacks was made possible because of the way that WinZip Computing, Inc. decided to fix a different security problem with its previous encryption method AE-1, our attacks further underscore the subtlety of designing cryptographically secure software.

Rekeying in secure mobile multicast communications

Abstract: A method of inter-area rekeying of encryption keys in secure mobile multicast communications, in which a Domain Group Controller Key Server (Domain GCKS) distributes Traffic Encryption Keys (TEK) to a plurality of local Group Controller Key Servers (local GCKS), and said local Group Controller Key Servers forward said Traffic Encryption Keys, encrypted using Key Encryption Keys (KEKi, KEKj) that are specific to the respective local Group Controller Key Server (local GCKSi, GCKSj), to group members, said local Group Controller Key Servers (GCKSi, GCKSj) constituting Extra Key Owner Lists (EKOLi, EKOLj) for group key management areas (areai, areaj) that distinguish group members (MMi, MMj) possessing Key Encryption Keys (KEKi, KEKj) and situated in the corresponding group key management area (areai, areaj) from group members (MMij) possessing Key Encryption Keys (KEKi) that were situated in the corresponding group key management area (areai) but are visiting another area (areaj).

Method and apparatus for increasing the speed of cryptographic processing

Abstract: Encrypting data in as cascaded block cipher system may be accomplished by applying a first encryption algorithm using a secret shared between first and second parties as a key to generate a secret inner key; applying a second encryption algorithm for a predetermined number of rounds using the secret inner key to generate a plurality of blocks of ciphertext data from a plurality of blocks of plaintext data; and repeating the applying the first encryption algorithm and the applying the second encryption algorithm steps.

Efficient and secure encryption schemes for JPEG2000

Abstract: The JPEG2000 syntax requires that any two consecutive bytes in the encrypted packet body should not be larger than 0xFF8F. This stringent requirement has plagued researchers for a few years and no satisfactory solution has been proposed. In this paper, we successfully developed efficient, secure and format-compliant encryption schemes for JPEG 2000. Any secure encryption algorithm (stream cipher or block cipher) can be used in our schemes. The new schemes are remarkably efficient and introduce only an extremely small amount of extra computation. The new schemes are highly secure and it is proved that they perfectly protect 99.15% of the information of an image. The encryption tools described in this paper have been proposed to the JPSEC (JPEG 2000 Security) standardization group.

Physical encryption key system

Abstract: A physical encryption key system binds an encryption key to a physical key and denies decryption of secured information if the physical key is not present to a particular computing device. In one implementation, the physical key comprises a convenient removable pen drive on which a .NET isolated storage space is created to store the encryption key. The .NET isolated storage space can only be accessed by concurrence of the same user, domain, computing device, application, and physical key that participated in creating the isolated storage space. The user enjoys the security of knowing that protected information cannot be decrypted without the physical key; cannot be decrypted without the user's credentials even if the physical key is stolen; and cannot be decrypted if the protected information is pirated to a different computing device.

A Structure Preserving Database Encryption Scheme

Abstract: A new simple and efficient database encryption scheme is presented. The new scheme enables encrypting the entire content of the database without changing its structure. In addition, the scheme suggests how to convert the conventional database index to a secure index on the encrypted database so that the time complexity of all queries is maintained. No one with access to the encrypted database can learn anything about its content without having the encryption key.

Encryption/decryption unit and storage medium

Abstract: An encryption/decryption unit includes a first data encryption/decryption section for performing an encryption or decryption process, a first data substitution section for performing data substitution of an output from the first encryption/decryption section according to a predetermined permutation table, a second data encryption/decryption section for performing an encryption or decryption process for an output from the first data substitution section, a second data substitution section for performing data substitution of an output from the second data encryption/decryption section according to a predetermined permutation table, and a third data encryption/decryption section for performing an encryption or decryption process for an output from the second data substitution section.