• Title/Summary/Keyword: Key message

Search Result 496, Processing Time 0.021 seconds

An Identity-Based Key-Insulated Encryption with Message Linkages for Peer-to-Peer Communication Network

  • Hsu, Chien-Lung;Lin, Han-Yu
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.7 no.11
    • /
    • pp.2928-2940
    • /
    • 2013
  • Key exposure is a major threat to secure cryptosystems. To mitigate the impact caused by key-compromise attacks, a key-insulated cryptographic mechanism is a better alternative. For securing the large message communication in peer-to-peer networks, in this paper, we propose the first novel identity-based key-insulated encryption (IB-KIE) scheme with message linkages. Our scheme has the properties of unbounded time periods and random-access key-updates. In the proposed scheme, each client can periodically update his private key while the corresponding public one remains unchanged. The essential security assumption of our proposed scheme is based on the well-known bilinear Diffie-Hellman problem (BDHP). To ensure the practical feasibility, we also formally prove that the proposed scheme achieves the security requirement of confidentiality against indistinguishability under adaptive chosen-ciphertext attacks (IND-CCA2) in the random oracle model.

A New Sender-Side Public-Key Deniable Encryption Scheme with Fast Decryption

  • Barakat, Tamer Mohamed
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.8 no.9
    • /
    • pp.3231-3249
    • /
    • 2014
  • Deniable encryption, introduced in 1997 by Canetti, Dwork, Naor, and Ostrovsky, guarantees that the sender or the receiver of a secret message is able to "fake" the message encrypted in a specific ciphertext in the presence of a coercing adversary, without the adversary detecting that he was not given the real message. Sender - side deniable encryption scheme is considered to be one of the classification of deniable encryption technique which defined as resilient against coercing the sender. M. H. Ibrahim presented a sender - side deniable encryption scheme which based on public key and uncertainty of Jacobi Symbol [6]. This scheme has several problems; (1) it can't be able to derive the fake message $M_f$ that belongs to a valid message set, (2) it is not secure against Quadratic Residue Problem (QRP), and (3) the decryption process is very slow because it is based dramatically on square root computation until reach the message as a Quadratic Non Residue (QNR). The first problem is solved by J. Howlader and S. Basu's scheme [7]; they presented a sender side encryption scheme that allows the sender to present a fake message $M_f$ from a valid message set, but it still suffers from the last two mentioned problems. In this paper we present a new sender-side deniable public-key encryption scheme with fast decryption by which the sender is able to lie about the encrypted message to a coercer and hence escape coercion. While the receiver is able to decrypt for the true message, the sender has the ability to open a fake message of his choice to the coercer which, when verified, gives the same ciphertext as the true message. Compared with both Ibrahim's scheme and J. Howlader and S. Basu's scheme, our scheme enjoys nice two features which solved the mentioned problems: (1) It is semantically secure against Quadratic Residue Problem; (2) It is as fast, in the decryption process, as other schemes. Finally, applying the proposed deniable encryption, we originally give a coercion resistant internet voting model without physical assumptions.

CRYPTANALYSIS AND IMPROVEMENT OF A PROXY SIGNATURE WITH MESSAGE RECOVERY USING SELF-CERTIFIED PUBLIC KEY

  • Chande, Manoj Kumar;Lee, Cheng-Chi
    • Bulletin of the Korean Mathematical Society
    • /
    • v.53 no.4
    • /
    • pp.1051-1069
    • /
    • 2016
  • Combining the concept of self-certified public key and message recovery, Li-Zhang-Zhu (LZZ) gives the proxy signature scheme with message recovery using self-certified public key. The security of the proposed scheme is based on the discrete logarithm problem (DLP) and one-way hash function (OWHF). Their scheme accomplishes the tasks of public key verification, proxy signature verification, and message recovery in a logically single step. In addition, their scheme satisfies all properties of strong proxy signature and does not use secure channel in the communication between the original signer and the proxy signer. In this paper, it is shown that in their signature scheme a malicious signer can cheat the system authority (SA), by obtaining a proxy signature key without the permission of the original signer. At the same time malicious original signer can also cheat the SA, he can also obtain a proxy signature key without the permission of the proxy signer. An improved signature scheme is being proposed, which involves the remedial measures to get rid of security flaws of the LZZ et al.'s. The security and performance analysis shows that the proposed signature scheme is maintaining higher level of security, with little bit of computational complexity.

Specification and Analysis of Key Recovery System using ECTPN (ECTPN을 이용한 키복구 시스템의 명세 및 분석)

  • Go, Jeong-Ho;Gang, Sang-Seung;Jeon, Eun-A;Lee, Gang-Su
    • The Transactions of the Korea Information Processing Society
    • /
    • v.7 no.6
    • /
    • pp.1874-1885
    • /
    • 2000
  • When a receiver of ciphertext message can not decrypt a message because he has lost his private-key, the private-key of receiver and session-key of the message should be recovered. In this paper, we developed an Encapsulation based Key Recovery System (EKRS). EKRS is a new key encapsulation based key recovery system which is characterized by secretly choice of KRA, randomized target keys. n-way recovery type, and useful for commercial key recovery. EKRS is formally specified by a pictorial model, an Extended Cryptographic Timed Petri Net (ECTPN). Secure information flow and reachability of a session-key are verified by using reachability graph of ECTPN. EKRS, executing over a Public Key Infrastructure, can be used as a security solution in Web based applications such as CALS, EC an EDI.

  • PDF

Analysis and Enhancement of Zhou-Gollmann's Non-repudiation Protocol (Zhou-Gollmann 부인봉쇄 프로토콜 분석 및 개선)

  • 박상준;김광조;원동호
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.7 no.3
    • /
    • pp.41-52
    • /
    • 1997
  • In this paper, we analyze two claws of Zhou-Gollmann's protocol. The protocol divide the message into a key K and a ciphertext C. The ciphertext C is delivered to the recipient, but the key K is submitted to the TTP, after the message originator receive the recipient's receipt for the ciphertext. TTP puts the key in the directory which is accesaible to the public. So, the recipient's obtaining the message dependson whether the originator submits the key or not. We will show that the originator. which is in such an advantageous position, could make the protocol be unfair and present how to improve the protocol. On the other hand, Zhou-Gollmann's protocol doesn't provide the secrecy of the message, since the key K is published. This means that, to send a secret message, additional mechanism is required. In this paper, we will present an improvement of Zhou-Gollmann's protocol to keep the message secret. The key distribution of the proposed protocol is based on the Diffie-Hellman's one.

Design and Verification of Applied Public Information Based Authentication Protocol in the Message Security System (공개정보를 이용한 메시지 보안 시스템의 인증 프로토콜 설계 및 검증)

  • 김영수;신승중;최흥식
    • Journal of Korea Society of Industrial Information Systems
    • /
    • v.8 no.1
    • /
    • pp.43-54
    • /
    • 2003
  • E-Commerce, characterized by the exchange of message, occurs between individuals, organizations, or both. A critical promotion factor of e-Commerce is message authentication, the procedure that allows communicating parties to verify the received messages are authentic. It consists of message unforgery, message non-repudiation, message unalteration, and origin authentication. It is possible to perform message authentication by the use of public key encryption. PGP(Pretty Good Privacy) based on X.400 MHS(Message Handling System) and PKC(Public Key Cryptosystem) makes extensive use of message exchange. In this paper we propose, design and implement NMAP(New Message Authentication Protocol), an applied public information based encryption system to solve the message authentication problem inherent in public key encryption such as X.400 protocol and PGP protocol and were to cope with the verification of NMAP using fuzzy integral. This system is expected to be use in the promotion of the e-Commerce and can perform a non-interactive authentication service.

  • PDF

Key Establishment Scheme for Multicast CoAP Security (멀티캐스트 CoAP 보안을 위한 키 설정 기법)

  • Cho, Jung mo;Han, Sang woo;Park, Chang seop
    • Convergence Security Journal
    • /
    • v.17 no.5
    • /
    • pp.77-85
    • /
    • 2017
  • In this paper, we propose a key establishment scheme for multicast CoAP security. For multicast CoAP applications, a CoAP Request message from a CoAP client is sent to a group of CoAP servers while each CoAP server responds with a unicast CoAP Response message. In this case, the CoAP Request message should be secured with a group key common to both the CoAP client and servers, while a pairwise key(unicast key) should be employed to secure each CoAP Response message. In the proposed protocol, the CoAP client and the CoAP server establish the group key and the pairwise key using the ECDH in the initial CoAP message exchange process. The proposed protocol, which is highly efficient and scalable, can replace DTLS Handshake and it can support end-to-end security by setting pairwise keys.

Certificate-Based Signcryption Scheme without Pairing: Directly Verifying Signcrypted Messages Using a Public Key

  • Le, Minh-Ha;Hwang, Seong Oun
    • ETRI Journal
    • /
    • v.38 no.4
    • /
    • pp.724-734
    • /
    • 2016
  • To achieve confidentiality, integrity, authentication, and non-repudiation simultaneously, the concept of signcryption was introduced by combining encryption and a signature in a single scheme. Certificate-based encryption schemes are designed to resolve the key escrow problem of identity-based encryption, as well as to simplify the certificate management problem in traditional public key cryptosystems. In this paper, we propose a new certificate-based signcryption scheme that has been proved to be secure against adaptive chosen ciphertext attacks and existentially unforgeable against chosen-message attacks in the random oracle model. Our scheme is not based on pairing and thus is efficient and practical. Furthermore, it allows a signcrypted message to be immediately verified by the public key of the sender. This means that verification and decryption of the signcrypted message are decoupled. To the best of our knowledge, this is the first signcryption scheme without pairing to have this feature.

A FAST ASYMMETRIC KEY ENCRYPTION ALGORITHM FOR BULK DATA

  • Shin, Sang-Uk;Rhee, Kyung-Hyune
    • Journal of applied mathematics & informatics
    • /
    • v.8 no.3
    • /
    • pp.943-957
    • /
    • 2001
  • In this paper, we propose an efficient encryption algorithm, without exchanging session keys of a symmetric cryptosystem. The proposed scheme, called as the FAKE(Fast Asymmetric Key Encryption), first scrambles an entire input message and then encrypts small parts of the scrambled message using an asymmetric key encryption scheme. We use the all-or-nothing transform based on the hash function as a scrambling function, which was proposed by Shin, et al. Furthermore, the proposed scheme can additionally provide a digital signature service with only small overhead.

Enhanced Message Authentication Encryption Scheme Based on Physical-Layer Key Generation in Resource-Limited Internet of Things

  • Zeng Xing;Bo Zhao;Bo Xu;Guangliang Ren;Zhiqiang Liu
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.18 no.9
    • /
    • pp.2546-2563
    • /
    • 2024
  • The Internet of Things (IoT) is facing growing security challenges due to its vulnerability. It is imperative to address the security issues using lightweight and efficient encryption schemes in resource-limited IoT. In this paper, we propose an enhanced message authentication encryption (MAE) scheme based on physical-layer key generation (PKG), which uses the random nature of wireless channels to generate and negotiate keys, and simultaneously encrypts the messages and authenticates the source. The proposed enhanced MAE scheme can greatly improve the security performance via dynamic keyed primitives construction while consuming very few resources. The enhanced MAE scheme is an efficient and lightweight secure communication solution, which is very suitable for resource-limited IoT. Theoretical analysis and simulations are carried out to confirm the security of the enhanced MAE scheme and evaluate its performance. A one-bit flipping in the session key or plain texts will result in a 50%-bit change in the ciphertext or message authentication code. The numerical results demonstrate the good performance of the proposed scheme in terms of diffusion and confusion. With respect to the typical advanced encryption standard (AES)-based scheme, the performance of the proposed scheme improves by 80.5% in terms of algorithm execution efficiency.