• Title/Summary/Keyword: Forward secrecy

Search Result 139, Processing Time 0.026 seconds

Signcryption Schemes with Forward Secrecy (Forward Secrecy를 제공하는 Signcryption 기법들)

  • 정희윤;이동훈;임종인
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.11 no.5
    • /
    • pp.43-52
    • /
    • 2001
  • Y. Zheng introduced a new type of cryptograghic primitive as \"signcryption\", which combines a function of digital signature scheme with a symmetric key encryption algorithm. Signcryption doesn\`t only provide authenticity and confidentiality in a single step, but also give more efficient computation than the traditional \"signature-then-encryption\". And C. Gamage proposed a proxy-signcryption that efficiently combines a proxy signature with the signcryption. But, in the proposed signcryption schemes, one who obtains the sender\`s private key can recover the original message of a signcrypted text. That is, forward secrecy is not offered by the signcryption scheme with respect to the sender\`s private key. In this paper, we will propose a modified signcryption of Zheng\`s signcryption and a variant of proxy-signcryption with forward secrecy.ith forward secrecy.

An Efficient Group Key Management using Hash Chain (해쉬체인을 이용한 효율적인 그룹키 관리 프로토콜)

  • Lee, Kwang-Sik;Han, Seung Chul
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2014.04a
    • /
    • pp.357-359
    • /
    • 2014
  • 그룹키란 그룹 내의 사용자들이 암호화와 복호화를 위하여 공유하는 비밀키를 의미하며, 그룹키는 Backward secrecy와 Forward secrecy를 모두 제공하여야 한다. Backward secrecy는 새로운 그룹 사용자가 과거의 데이터를 읽지 못하도록 하는 것이고, Forward secrecy는 탈퇴한 사용자가 이후의 데이터를 읽지 못하도록 하는 것이다. 본 연구에서는 해쉬체인을 사용하여 네트워크 환경에서 Backward secrecy와 Forward secrecy를 효율적으로 제공하는 기법을 제안한다.

An enhanced signcryption protocol for providing for providing forward secrecy (전방 비밀성을 제공하는 개선된 Signcryption 프로토콜)

  • 이경현;조현호;이준석
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.27 no.7C
    • /
    • pp.653-663
    • /
    • 2002
  • The signature-then-encryption based on RSA scheme provides forward secrecy, but requires 4 modulo exponentiation operations in total, and the signcryption scheme proposed by Zheng simultaneously fulfills both the functions of digital signature and symmetric key encryption in a logically single step, and with a computational cost significantly smaller than that required by the current standard signature-then-encryption, but it can not provide forward secrecy. In this paper, we propose an enhanced signcryption scheme which can provide forward secrecy with lower computational cost and lower communication overhead comparing with those of the signature-then-encryption based on RSA, and with a similar communication overhead of Zheng's scheme. The proposed scheme can be also easily modified to the direct signature verification scheme by the recipient without using the recipient's private key. Additionally, we suggest a new design protocol with server-supported signatures which solves the CRLs(Certificate Revocation Lists) burden and provides non-repudiation of origin. This protocol with server-supported signatures also can be applied to the original signcryption scheme proposed by Zheng in order to improve security.

Secrecy Performances of Multicast Underlay Cognitive Protocols with Partial Relay Selection and without Eavesdropper's Information

  • Duy, Tran Trung;Son, Pham Ngoc
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.9 no.11
    • /
    • pp.4623-4643
    • /
    • 2015
  • This paper considers physical-layer security protocols in multicast cognitive radio (CR) networks. In particular, we propose dual-hop cooperative decode-and-forward (DF) and randomize-and-forward (RF) schemes using partial relay selection method to enhance secrecy performance for secondary networks. In the DF protocol, the secondary relay would use same codebook with the secondary source to forward the source's signals to the secondary destination. Hence, the secondary eavesdropper can employ either maximal-ratio combining (MRC) or selection combining (SC) to combine signals received from the source and the selected relay. In RF protocol, different codebooks are used by the source and the relay to forward the source message secretly. For each scheme, we derive exact and asymptotic closed-form expressions of secrecy outage probability (SOP), non-zero secrecy capacity probability (NzSCP) in both independent and identically distributed (i.i.d.) and independent but non-identically distributed (i.n.i.d.) networks. Moreover, we also give a unified formula in an integral form for average secrecy capacity (ASC). Finally, our derivations are then validated by Monte-Carlo simulations.

One-round Secure Key Exchange Protocol With Strong Forward Secrecy

  • Li, Xiaowei;Yang, Dengqi;Chen, Benhui;Zhang, Yuqing
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.11
    • /
    • pp.5639-5653
    • /
    • 2016
  • Security models for key exchange protocols have been researched for years, however, lots of them only focus on what secret can be compromised but they do not differentiate the timing of secrets compromise, such as the extended Canetti-Krawczyk (eCK) model. In this paper, we propose a new security model for key exchange protocols which can not only consider what keys can be compromised as well as when they are compromised. The proposed security model is important to the security proof of the key exchange protocols with forward secrecy (either weak forward secrecy (wFS) or strong forward secrecy (sFS)). In addition, a new kind of key compromise impersonation (KCI) attacks which is called strong key compromise impersonation (sKCI) attack is proposed. Finally, we provide a new one-round key exchange protocol called mOT+ based on mOT protocol. The security of the mOT+ is given in the new model. It can provide the properties of sKCI-resilience and sFS and it is secure even if the ephemeral key reveal query is considered.

Symmetric Key-Based Remote User Authentication Scheme With Forward Secrecy (순방향 안전성을 제공하는 대칭키 기반의 원격 사용자 인증 방식)

  • Lee, SungYup;Park, KiSung;Park, YoHan;Park, YoungHo
    • Journal of Korea Multimedia Society
    • /
    • v.19 no.3
    • /
    • pp.585-594
    • /
    • 2016
  • Recently because of development of remote network technology, users are able to access the network freely without constraints of time and space. As users are getting more frequent to access the remote server in a computing environment, they are increasingly being exposed to various risk factors such as forward secrecy and server impersonation attack. Therefore, researches for remote user authentication scheme have been studying actively. This paper overcomes the weaknesses of many authentication schemes proposed recently. This paper suggests an improved authentication scheme that protects user's anonymity with preserving variable more safe and also provides forward secrecy.

Certificateless Non-Interactive Key Exchange Protocol with Forward Secrecy (전방향 안전성을 만족하며 인증서 기반이 아닌 비대화형 키 교환 프로토콜)

  • Lee, Young Kyung;Eom, Ji Eun;Seo, Seung-Hyun;Lee, Dong Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.3
    • /
    • pp.531-546
    • /
    • 2015
  • A non-interactive key exchange protocol provides an efficiency of overall system by eliminating additional communication. However, traditional non-interactive key exchange protocols without updating a private key fail to provide forward secrecy, since there is no usage of ephemeral key for randomness of session key. In 2012, Sang et al. proposed a certificateless non-interactive key exchange(CL-NIKE) protocol, but they do not prove the security of the protocol and it does not provide forward secrecy. In this paper, we propose a new CL-NIKE protocol and it's security model. Then we prove the proposed protocol is secure under the security model based on DBDH(Decision Bilinear Diffie-Hellman) assumption. Moreover, we propose a CL-NIKE protocol with forward secrecy which updates user's private key by using multilinear map and prove it's security.

Practical Secure E-mail Protocols Providing Perfect Forward Secrecy (완전한 전방향 안전성을 제공하는 실용적인 전자우편 프로토콜)

  • Lee, Chang-Yong;Kim, Dae-Young;Shim, Dong-Ho;Kim, Sang-Jin;Oh, Hee-Kuck
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.17 no.5
    • /
    • pp.27-38
    • /
    • 2007
  • One of the most important security issues of e-mail service is user privacy. Currently, various security protocols, like PGP(pretty Good Privacy), S/MIME(Secure/Multipurpose Internet Mail Extension), have been proposed. These protocols, however, do not provide forward secrecy. Recently, some security protocols that provide forward secrecy were proposed. But all of them require changes to the current e-mail infrastructure. Moreover, contrary to authors' intention, some of them do not actually provide perfect forward secrecy. In this paper, we propose a new practical e-mail security protocol. The proposed protocol provides perfect forward secrecy and uses a practical e-mail model that dose not require any changes to existing e-mail servers. It encrypts and authenticates messages efficiently using elliptic curve based signcryption scheme. In addition, we provide a way to send secure group e-mails.

Secrecy Analysis of Amplify-and-Forward Relay Networks with Beamforming

  • Chen, Pu;Ouyang, Jian;Zhu, Wei-Ping
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.10
    • /
    • pp.5049-5062
    • /
    • 2016
  • This paper analyzes the secrecy performance of an amplify-and-forward (AF) relay network, where a multi-antenna eavesdropper attempts to overhear the transmitted message from a multi-antenna source to a multi-antenna destination with a single antenna relay. Firstly, we derive the approximate analytical expressions for the secrecy outage probability (SOP) and average secrecy rate (ASR) of the relay network. Then, asymptotic expressions of SOP and ASR at high main-to-eavesdropper ratio (MER) are also provided to reveal the diversity gain of the secure communication. Finally, numerical results are given to verify the theoretical analysis and show the effect of the number of antennas in the considered relay network.

An E-Mail Protocol Providing Forward Secrecy without Using Certificated Public Keys (공개키 인증서를 사용하지 않는 전방향 안전성을 보장하는 E-mail 프로토콜)

  • Kwon, Jeong-Ok;Koo, Young-Ju;Jeong, Ik-Rae;Lee, Dong-Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.19 no.1
    • /
    • pp.3-11
    • /
    • 2009
  • Forward secrecy in an e-mail system means that the compromising of the long-term secret keys of the mail users and mail servers does not affect the confidentiality of the previous e-mail messages. Previous forward-secure e-mail protocols used the certified public keys of the users and thus needed PKI(Public Key Infrastructure). In this paper, we propose a password-based authenticated e-mail protocol providing forward secrecy. The proposed protocol does not require certified public keys and is sufficiently efficient to be executed on resource-restricted mobile devices.