19,269 research outputs found
Efficient Authenticated Encryption Schemes with Public Verifiability
An authenticated encryption scheme allows messages to be encrypted and
authenticated simultaneously. In 2003, Ma and Chen proposed such a scheme with
public verifiability. That is, in their scheme the receiver can efficiently
prove to a third party that a message is indeed originated from a specific
sender. In this paper, we first identify two security weaknesses in the Ma-Chen
authenticated encryption scheme. Then, based on the Schnorr signature, we
proposed an efficient and secure improved scheme such that all the desired
security requirements are satisfied.Comment: Early version appears in the Proc. of The 60th IEEE Vehicular
Technology Conference (VTC 2004-Fall) - Wireless Technologies for Global
Security. IEEE, 200
Combining message encryption and authentication
The first part of the paper explains the need for combining message encryption and authentication. We begin with the example to emphasize the fact that privacy‡ does not imply authenticity. Then we prove, one needs both privacy and authenticity, even if one's aim is just getting privacy. In the second part we present an overview of different methods for providing authenticated encryption (AE) i.e. generic compositions, single-pass modes and two-pass combined modes. We analyze what are the advantages and disadvantages of different AE constructions. In the third part of the paper we focus on nonce§ based authenticated encryption modes. Our motivation is the wish to know the methodology of designing authenticated encryption mode of operation. We take into consideration a few most important properties, e.g. parallelizability, memory requirements and pre-processing capability. We analyze possibilities of choice of underlying encryption and authentication components and their order in a message we also try to answer. What does single-key mode really mean? Finally we mention the importance of provable security theory in the security of authenticated encryption modes
Building Secure and Anonymous Communication Channel: Formal Model and its Prototype Implementation
Various techniques need to be combined to realize anonymously authenticated
communication. Cryptographic tools enable anonymous user authentication while
anonymous communication protocols hide users' IP addresses from service
providers. One simple approach for realizing anonymously authenticated
communication is their simple combination, but this gives rise to another
issue; how to build a secure channel. The current public key infrastructure
cannot be used since the user's public key identifies the user. To cope with
this issue, we propose a protocol that uses identity-based encryption for
packet encryption without sacrificing anonymity, and group signature for
anonymous user authentication. Communications in the protocol take place
through proxy entities that conceal users' IP addresses from service providers.
The underlying group signature is customized to meet our objective and improve
its efficiency. We also introduce a proof-of-concept implementation to
demonstrate the protocol's feasibility. We compare its performance to SSL
communication and demonstrate its practicality, and conclude that the protocol
realizes secure, anonymous, and authenticated communication between users and
service providers with practical performance.Comment: This is a preprint version of our paper presented in SAC'14, March
24-28, 2014, Gyeongju, Korea. ACMSAC 201
Customizable Sponge-Based Authenticated Encryption Using 16-bit S-boxes
Authenticated encryption (AE) is a symmetric key cryptographic scheme that aims to provide both confidentiality and data integrity. There are many AE algorithms in existence today. However, they are often far from ideal in terms of efficiency and ease of use. For this reason, there is ongoing effort to develop new AE algorithms that are secure, efficient, and easy to use. The sponge construction is a relatively new cryptographic primitive that has gained popularity since the sponge-based K ECCAK algorithm won the SHA-3 hashing competition. The duplex construction, which is closely related to the sponge, pro- vides promising potential for secure and efficient authenticated encryption. In this paper we introduce a novel authenticated encryption algorithm based on the duplex construction that is targeted for hardware implementation. We provide explicit customization guidelines for users who desire unique authenticated encryption solutions within our security margins. Our substitution step uses 16 × 16 AES-like S-boxes which are novel because they are the largest bijective S-boxes to be used by an encryption scheme in the literature and are still efficiently implementable in both hardware and software
Real-time encryption and authentication of medical video streams on FPGA
This work presents an FPGA-based solution for the
encryption and authentication of video streams of surgeries. The
most important is minimal latency. To achieve this, a block cipher
with an authenticated mode of operation is used. We choose
to use AES128 with Galois/Counter Mode (GCM), because the
this mode of operation is patent-free and it allows for random
read access. This solution minimizes the overhead on the existing
critical path to a single XOR operation.
Our solution supports the broadcasting of the video stream.
When a new receiver announces itself, it should receive the active
keys of the sender. Therefore, a key transport protocol is used to
establish a key between the sender and the announcing receiver.
A proof-of-concept implementation of the proposed solution
has been implemented and tested. While the complete video
stream is encrypted and authenticated, the demonstrator confirms
that the added latency, which is around 23 s, could not
be noticed by the human eye. Random read access and the key
establishment protocol provide a flexible solution
Revisiting Deniability in Quantum Key Exchange via Covert Communication and Entanglement Distillation
We revisit the notion of deniability in quantum key exchange (QKE), a topic
that remains largely unexplored. In the only work on this subject by Donald
Beaver, it is argued that QKE is not necessarily deniable due to an
eavesdropping attack that limits key equivocation. We provide more insight into
the nature of this attack and how it extends to other constructions such as QKE
obtained from uncloneable encryption. We then adopt the framework for quantum
authenticated key exchange, developed by Mosca et al., and extend it to
introduce the notion of coercer-deniable QKE, formalized in terms of the
indistinguishability of real and fake coercer views. Next, we apply results
from a recent work by Arrazola and Scarani on covert quantum communication to
establish a connection between covert QKE and deniability. We propose DC-QKE, a
simple deniable covert QKE protocol, and prove its deniability via a reduction
to the security of covert QKE. Finally, we consider how entanglement
distillation can be used to enable information-theoretically deniable protocols
for QKE and tasks beyond key exchange.Comment: 16 pages, published in the proceedings of NordSec 201
- …