Authenticated Key Agreement Protocol Based on a Matrix Group and Polynomial Ring over a Finite Field

Alongside encryption and signatures, key agreement is one of the fundamental issues in modern cryptography and its security is the main concern in cloud computing and World Wide Web-based applications. In this paper, a novel type of more secure 3-pass key agreement protocol is proposed based on a recently proposed matrix-based key agreement protocol of Romańczuk and Ustimenko. By the hash-and-sign approach and immediate use of new session key, explicit key authentication, forward secrecy and bit security are achieved simultaneously. Cryptanalysis also shows that it is immune to the man-in-the-middle attack while matrix entries from a commutative ring provide an advantageous hiding mechanism

Analysis of BCNS and Newhope Key-exchange Protocols

Lattice-based cryptographic primitives are believed to offer resilience against attacks by quantum computers. Following increasing interest from both companies and government agencies in building quantum computers, a number of works have proposed instantiations of practical post-quantum key-exchange protocols based on hard problems in lattices, mainly based on the Ring Learning With Errors (R-LWE) problem. In this work we present an analysis of Ring-LWE based key-exchange mechanisms and compare two implementations of Ring-LWE based key-exchange protocol: BCNS and NewHope. This is important as NewHope protocol implementation outperforms state-of-the art elliptic curve based Diffie-Hellman key-exchange X25519, thus showing that using quantum safe key-exchange is not only a viable option but also a faster one. Specifically, this thesis compares different reconciliation methods, parameter choices, noise sampling algorithms and performance

Isogeny-based post-quantum key exchange protocols

The goal of this project is to understand and analyze the supersingular isogeny Diffie Hellman (SIDH), a post-quantum key exchange protocol which security lies on the isogeny-finding problem between supersingular elliptic curves. In order to do so, we first introduce the reader to cryptography focusing on key agreement protocols and motivate the rise of post-quantum cryptography as a necessity with the existence of the model of quantum computation. We review some of the known attacks on the SIDH and finally study some algorithmic aspects to understand how the protocol can be implemented

A Survey on Wireless Sensor Network Security

Wireless sensor networks (WSNs) have recently attracted a lot of interest in the research community due their wide range of applications. Due to distributed nature of these networks and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. This problem is more critical if the network is deployed for some mission-critical applications such as in a tactical battlefield. Random failure of nodes is also very likely in real-life deployment scenarios. Due to resource constraints in the sensor nodes, traditional security mechanisms with large overhead of computation and communication are infeasible in WSNs. Security in sensor networks is, therefore, a particularly challenging task. This paper discusses the current state of the art in security mechanisms for WSNs. Various types of attacks are discussed and their countermeasures presented. A brief discussion on the future direction of research in WSN security is also included.Comment: 24 pages, 4 figures, 2 table

Cross-layer key establishment protocols for wireless devices

There are some problems in existing key establishment protocols. To alleviate these problems, in our thesis, we designed a few cross-layer key establishment protocols by cooperatively using the characteristics of higher layers and physical layer. Additionally, the security and performance analyses show that our protocols perform better than others.<br /

Simple and Efficient Group Key Distribution Protocol using Matrices

Group Key Distribution (GKD) protocols are designed to distribute a group key to several users for establishing a secure communication over a public network. The central trusted authority, called the key distribution center (KDC) is in charge of distributing the group keys. For securing the communication, all the users share a common secret key in advance with KDC. In this paper, we propose a secure and efficient Group Authenticated Key Distribution (GAKD) protocol based on the simple idea of encryption in matrix rings. In this protocol, each user registers in private with the KDC, while all the other information can be transferred publicly. The scheme also supports authentication of group keys without assuming computational hard problems such as Integer Factorization Problem (IFP).The analysis of our GAKD protocol shows that the proposed protocol is resistant to reply, passive and impersonation attacks. Our construction leads to a secure, cost and computation- effective GAKD protocol

Frodo: Take off the ring! Practical, quantum-secure key exchange from LWE

Lattice-based cryptography offers some of the most attractive primitives believed to be resistant to quantum computers. Following increasing interest from both companies and government agencies in building quantum computers, a number of works have proposed instantiations of practical post-quantum key exchange protocols based on hard problems in ideal lattices, mainly based on the Ring Learning With Errors (R-LWE) problem. While ideal lattices facilitate major efficiency and storage benefits over their nonideal counterparts, the additional ring structure that enables these advantages also raises concerns about the assumed difficulty of the underlying problems. Thus, a question of significant interest to cryptographers, and especially to those currently placing bets on primitives that will withstand quantum adversaries, is how much of an advantage the additional ring structure actually gives in practice. Despite conventional wisdom that generic lattices might be too slow and unwieldy, we demonstrate that LWE-based key exchange is quite practical: our constant time implementation requires around 1.3ms computation time for each party; compared to the recent NewHope R-LWE scheme, communication sizes increase by a factor of 4.7×, but remain under 12 KiB in each direction. Our protocol is competitive when used for serving web pages over TLS; when partnered with ECDSA signatures, latencies increase by less than a factor of 1.6×, and (even under heavy load) server throughput only decreases by factors of 1.5× and 1.2× when serving typical 1 KiB and 100 KiB pages, respectively. To achieve these practical results, our protocol takes advantage of several innovations. These include techniques to optimize communication bandwidth, dynamic generation of public parameters (which also offers additional security against backdoors), carefully chosen error distributions, and tight security parameters

Key agreement protocols for distributed secure multicast over the ring Ep(m)

Protocols for authenticated key exchange allow parties within an insecure network to establish a common session key which can then be used to secure their future communication. In this paper we introduce a protocol for distributed key agreement over a noncommutative ring with a large number of noninvertible elements. This protocol uses polynomials with coefficients in the center of the ring. We also present the necessary steps for recalculating the shared secret key when a new user joins the system, or when a user leaves the system.The work of the first author was partially supported by Spanish grant MTM2011-24858 of the Ministerio de Economía y Competitividad of the Gobierno de España. The work of the second author was partially supported by the grant FQM 0211 of the Junta de Andalucía

Post-Quantum Elliptic Curve Cryptography

We propose and develop new schemes for post-quantum cryptography based on isogenies over elliptic curves. First we show that ordinary elliptic curves are have less than exponential security against quantum computers. These results were used as the motivation for De Feo, Jao and Pl\^ut's construction of public key cryptosystems using supersingular elliptic curve isogenies. We extend their construction and show that isogenies between supersingular elliptic curves can be used as the underlying hard mathematical problem for other quantum-resistant schemes. For our second contribution, we propose is an undeniable signature scheme based on elliptic curve isogenies. We prove its security under certain reasonable number-theoretic computational assumptions for which no efficient quantum algorithms are known. This proposal represents only the second known quantum-resistant undeniable signature scheme, and the first such scheme secure under a number-theoretic complexity assumption. Finally, we also propose a security model for evaluating the security of authenticated encryption schemes in the post-quantum setting. Our model is based on a combination of the classical Bellare-Namprempre security model for authenticated encryption together with modifications from Boneh and Zhandry to handle message authentication against quantum adversaries. We give a generic construction based on Bellare-Namprempre for producing an authenticated encryption protocol from any quantum-resistant symmetric-key encryption scheme together with any digital signature scheme or MAC admitting any classical security reduction to a quantum-computationally hard problem. We apply the results and show how we can explicitly construct authenticated encryption schemes based on isogenies