32,486 research outputs found
Development of a certificate less digital signature scheme & implementation in e-cash system
Today’s wireless communication systems having limited computational resources and communication bandwidth find certificate less public-key cryptosystems very attractive and vital to their operations in the sense that they help in reducing a significant amount of data load on the network. To eliminate the need of public key digital certificates Shamir proposed ID based cryptosystems in which the user’s identity (e.g. name or email id) is used as the public key. However this method had a major drawback of the key escrow problem as a result of which certificate less digital signature (CDS) came into light. The main idea behind CDS is that there’s a private key generator (PKG) which generates a partial private key for the user .Then using that key and some of its own private information the user computes its actual private key. PKG’s public parameters and the user’s private key together calculate the user’s public key. Harn, Ren and Lin in 2008 proposed a CDS model which consisted of four generic modules namely PKG, user key generation, signature generation and verification. In this paper, we propose an improvement of the aforesaid CDS scheme in terms of time complexity and signature length and implement the new scheme in an e-cash model proposed by Popescu and Oros. Performance analysis of both the schemes has been carried out in details
On the security of the Blockchain Bix Protocol and Certificates
The BIX protocol is a blockchain-based protocol that allows distribution of
certificates linking a subject with his public key, hence providing a service
similar to that of a PKI but without the need of a CA. In this paper we analyze
the security of the BIX protocol in a formal way, in four steps. First, we
identify formal security assumptions which are well-suited to this protocol.
Second, we present some attack scenarios against the BIX protocol. Third, we
provide a formal security proof that some of these attacks are not feasible
under our previously established assumptions. Finally, we show how another
attack may be carried on.Comment: 16 pages, 1 figur
An Elliptic Curve-based Signcryption Scheme with Forward Secrecy
An elliptic curve-based signcryption scheme is introduced in this paper that
effectively combines the functionalities of digital signature and encryption,
and decreases the computational costs and communication overheads in comparison
with the traditional signature-then-encryption schemes. It simultaneously
provides the attributes of message confidentiality, authentication, integrity,
unforgeability, non-repudiation, public verifiability, and forward secrecy of
message confidentiality. Since it is based on elliptic curves and can use any
fast and secure symmetric algorithm for encrypting messages, it has great
advantages to be used for security establishments in store-and-forward
applications and when dealing with resource-constrained devices.Comment: 13 Pages, 5 Figures, 2 Table
Cryptanalysis of an Efficient Signcryption Scheme with Forward Secrecy Based on Elliptic Curve
The signcryption is a relatively new cryptographic technique that is supposed
to fulfill the functionalities of encryption and digital signature in a single
logical step. Several signcryption schemes are proposed throughout the years,
each of them having its own problems and limitations. In this paper, the
security of a recent signcryption scheme, i.e. Hwang et al.'s scheme is
analyzed, and it is proved that it involves several security flaws and
shortcomings. Several devastating attacks are also introduced to the mentioned
scheme whereby it fails all the desired and essential security attributes of a
signcryption scheme.Comment: 5 Pages, 2 Figure
LPKI - A Lightweight Public Key Infrastructure for the Mobile Environments
The non-repudiation as an essential requirement of many applications can be
provided by the asymmetric key model. With the evolution of new applications
such as mobile commerce, it is essential to provide secure and efficient
solutions for the mobile environments. The traditional public key cryptography
involves huge computational costs and is not so suitable for the
resource-constrained platforms. The elliptic curve-based approaches as the
newer solutions require certain considerations that are not taken into account
in the traditional public key infrastructures. The main contribution of this
paper is to introduce a Lightweight Public Key Infrastructure (LPKI) for the
constrained platforms such as mobile phones. It takes advantages of elliptic
curve cryptography and signcryption to decrease the computational costs and
communication overheads, and adapting to the constraints. All the computational
costs of required validations can be eliminated from end-entities by
introduction of a validation authority to the introduced infrastructure and
delegating validations to such a component. LPKI is so suitable for mobile
environments and for applications such as mobile commerce where the security is
the great concern.Comment: 6 Pages, 6 Figure
XML security in XML data integrity, authentication, and confidentiality
The widely application of XML has increasingly required high security. XML security confronts some challenges that are strong relating to its features. XML data integrity needs to protect element location information and contextreferential meaning as well as data content integrity under fine-grained security situations. XML data authentication must satisfy a signing process under a dependent and independent multi-signature generation scenario. When several different sections are encrypted within the XML data, it cannot query the encrypted contents without decrypting the encrypted portions. The technologies relating to XML security demand further development. This thesis aims to improve XML security relative technologies, and make them more practicable and secure. A novel revocation information validation approach for X.509 certificate is proposed based on the XML digital signature technology. This approach reduces the complexity of XKMS or PKI systems because it eliminates the requirement for additional revocation checking from XKMS or CA. The communication burden between server and client could be alleviated. The thesis presents the context-referential integrity for XML data. An integrity solution for XML data is also proposed based on the concatenated hash function. The integrity model proposed not only ensures XML data content integrity, but also protects the structure integrity and elements’ context relationship within an XML data. If this model is integrated into XML signature technology, the signature cannot be copied to another document still keeping valid. A new series-parallel XML multi-signature scheme is proposed. The presented scheme is a mixed order specified XML multi-signature scheme according to a dependent and independent signing process. Using presented XML data integrity-checking pool to provide integrity-checking for decomposed XML data, it makes signing XPath expression practicable, rather than signing XML data itself. A new labeling scheme for encrypted XML data is presented to improve the efficiency of index information maintenance which is applied to support encrypted XML data query processing. The proposed labelling scheme makes maintenance index information more efficient, and it is easy to update XML data with decreasing the number of affected nodes to the lowest. In order to protect structural information for encrypted XML data, the encrypted nodes are removed from original XML data, and structural information is hidden. A case study is carried out to demonstrate how the proposed XML security relative approaches and schemes can be applied to satisfy fine-grained XML security in calibration certificate management.EThOS - Electronic Theses Online ServiceGBUnited Kingdo
WalnutDSA(TM): A Quantum-Resistant Digital Signature Algorithm
In 2005 I. Anshel, M. Anshel, D. Goldfeld, and S. Lemieux introduced E-Multiplication(TM), a quantum-resistant, group-theoretic, one-way function which can be used as a basis for many different cryptographic applications. This one-way function was specifically designed for constrained devices, running extremely quickly and requiring very little code.
This paper introduces WalnutDSA, a new E-Multiplication-based public-key method which provides efficient verification, allowing low-power and constrained devices to quickly and inexpensively validate digital signatures (e.g., a certificate or authentication). It presents an in-depth discussion of the construction of the digital signature algorithm, analyzes the security of the scheme, provides a proof of security under EUF-CMA, and discusses the practical results from implementations on several constrained devices
- …