A lightweight privacy preserving authenticated key agreement protocol for SIP-based VoIP

Session Initiation Protocol (SIP) is an essential part of most Voice over Internet Protocol (VoIP) architecture. Although SIP provides attractive features, it is exposed to various security threats, and so an efficient and secure authentication scheme is sought to enhance the security of SIP. Several attempts have been made to address the tradeoff problem between security and efficiency, but designing a successful authenticated key agreement protocol for SIP is still a challenging task from the viewpoint of both performance and security, because performance and security as two critical factors affecting SIP applications always seem contradictory. In this study, we employ biometrics to design a lightweight privacy preserving authentication protocol for SIP based on symmetric encryption, achieving a delicate balance between performance and security. In addition, the proposed authentication protocol can fully protect the privacy of biometric characteristics and data identity, which has not been considered in previous work. The completeness of the proposed protocol is demonstrated by Gong, Needham, and Yahalom (GNY) logic. Performance analysis shows that our proposed protocol increases efficiency significantly in comparison with other related protocols

A Certificateless One-Way Group Key Agreement Protocol for Point-to-Point Email Encryption

Over the years, email has evolved and grown to one of the most widely used form of communication between individuals and organizations. Nonetheless, the current information technology standards do not value the significance of email security in today\u27s technologically advanced world. Not until recently, email services such as Yahoo and Google started to encrypt emails for privacy protection. Despite that, the encrypted emails will be decrypted and stored in the email service provider\u27s servers as backup. If the server is hacked or compromised, it can lead to leakage and modification of one\u27s email. Therefore, there is a strong need for point-to-point (P2P) email encryption to protect email user\u27s privacy. P2P email encryption schemes strongly rely on the underlying Public Key Cryptosystems (PKC). The evolution of the public key cryptography from the traditional PKC to the Identity-based PKC (ID-PKC) and then to the Certificateless PKC (CL-PKC) provides a better and more suitable cryptosystem to implement P2P email encryption. Many current public-key based cryptographic protocols either suffer from the expensive public-key certificate infrastructure (in traditional PKC) or the key escrow problem (in ID-PKC). CL-PKC is a relatively new cryptosystem that was designed to overcome both problems. In this thesis, we present a CL-PKC group key agreement protocol, which is, as the author\u27s knowledge, the first one with all the following features in one protocol: (1) certificateless and thus there is no key escrow problem and no public key certificate infrastructure is required. (2) one-way group key agreement and thus no back-and-forth message exchange is required; (3) n-party group key agreement (not just 2- or 3-party); and (4) no secret channel is required for key distribution. With the above features, P2P email encryption can be implemented securely and efficiently. This thesis provides a security proof for the proposed protocol using ``proof by simulation\u27\u27. Efficiency analysis of the protocol is also presented in this thesis. In addition, we have implemented the prototypes (email encryption systems) in two different scenarios in this thesis

Crytographic applications of bilinear maps

Bilinear maps have become an important new item in the cryptographer’s toolkit. They first came to prominence when they were used by Menezes, Okamoto and Vanstone to help solve the elliptic curve discrete logarithm problem on elliptic curves of small embedding degree. In 1984, Shamir developed the first identity based signature scheme, and posed the construction of an identity based encryption scheme as an open problem [118]. Subsequently identity based identification and identity based key agreement schemes were proposed. However, identity based encryption remained an open problem. In 2000, Sakai, Ohgishi and Kasahara used bilinear maps to implement an efficient identity based non-interactive key agreement and identity based digital signature [111]. In 2001, some 17 years after it was suggested, Boneh and Franklin proposed the first efficient identity based encryption scheme, constructed using bilinear maps [31]. In this thesis we review some of the numerous cryptographic protocols that have been constructed using bilinear maps. We first give a review of public key cryptography. We then review the mathematics behind the two known bilinear maps, the Weil and Tate pairings, including several improvements suggested m [67, 14]. We develop a Java library to implement pairing based cryptography. In Ch 4 we look at some of the cryptographically hard problems that arise from bilinear maps. In Ch 5 we review identity based signature schemes and present the fastest known scheme. In Ch 6 we review some encryption schemes, make some observations that help improve the performance of many identity based cryptosystems, and propose the fastest scheme for public key encryption with keyword search. In Ch 7 we review identity based key agreements and propose the fastest scheme secure in a modified Bellare-Rogaway model [19]. In Ch 8 we review identity based signcryption schemes and present the fastest known scheme