Secure Anonymous Routing for MANETs Using Distributed Dynamic Random Path Selection

Most of the MANET security research has so far focused on providing routing security and confidentiality to the data packets, but less has been done to ensure privacy and anonymity of the communicating entities. In this paper, we propose a routing protocol which ensures anonymity, privacy of the user. This is achieved by randomly selecting next hop at each intermediate. This protocol also provides data security using public key ciphers. The protocol is simulated using in-house simulator written in C with OpenSSL crypto APIs. The robustness of our protocol is evaluated against known security attacks

Structure-Preserving Signatures on Equivalence Classes and Constant-Size Anonymous Credentials

Structure-preserving signatures (SPS) are a powerful building block for cryptographic protocols. We introduce SPS on equivalence classes (SPS-EQ), which allow joint randomization of messages and signatures. Messages are projective equivalence classes defined on group element vectors, so multiplying a vector by a scalar yields a different representative of the same class. Our scheme lets one adapt a signature for one representative to a signature for another representative without knowledge of any secret. Moreover, given a signature, an adapted signature for a different representative is indistinguishable from a fresh signature on a random message. We propose a definitional framework for SPS-EQ and an efficient construction in Type-3 bilinear groups, which we prove secure against generic forgers. We also introduce set-commitment schemes that let one open subsets of the committed set. From this and SPS-EQ we then build an efficient multi-show attribute-based anonymous credential system for an arbitrary number of attributes. Our ABC system avoids costly zero-knowledge proofs and only requires a short interactive proof to thwart replay attacks. It is the first credential system whose bandwidth required for credential showing is independent of the number of its attributes, i.e., constant-size. We propose strengthened game-based security definitions for ABC and prove our scheme anonymous against malicious organizations in the standard model; finally, we discuss a concurrently secure variant in the CRS model

Fast Authentication in Multi-Hop Infrastructure-based Communication

Multi-hop infrastructure-based communication is expected to play a vital role in supporting high data-rate multimedia access to mobile devices. The advantages are significant in highly mobile scenarios such as intra-vehicular networks. However, mobile nodes in these networks suffer from long authentication delays, which adversely affect the goodput. In this work, we propose two techniques to shorten the initial authentication delay without compromising the authentication process and overall security. One of the techniques, called fast authentication, admits data traffic temporarily through the network to the gateway and the immediate parent node of the joining node presents network-side authentication. The other technique, called prefetch-assisted authentication, allows the authenticated wireless nodes to prefetch and store the authentication vectors of the potential mobile clients. We investigate several unique features of our proposed schemes and find their performance to be suitable for infrastructure-based multi-hop wireless communications

A Novel Authentication and Key Agreement Scheme for Countering MITM and Impersonation Attack in Medical Facilities

Authentication is used to enfold the privacy of the patient to implement security onto the communication between patients and service providers. Several types of research have proposed support for anonymity for contextual privacy in medical systems that are still vulnerable to impersonation attack and Man-in-the-middle attack. By using powerful technology that is used in medical facilities, it can help in building an advanced system. However, the same powerful tools can also be used by the attackers to gain personal profits and to cause chaos. The proposed countermeasure that is to be taken to prevent this kind of attacks is by implementing mutual authentication between users, their devices/mobile devices, and the system’s cloud server, and also a key agreement scheme together with the help of Elliptic Curve Cryptography (ECC). A novel authentication scheme which consists of two phases, a signature generation, and authentication process. The ECC implementation is to ensure that the keys are thoroughly secured and is not copy- able, together with a Key generation scheme that shields the system against impersonation attacks. The usage of Elliptic Curve Digital Signature Algorithm (ECDSA), in a signature generation, on the other hand, provides users more secure way to hide the user private key and bring additional security layer before proceeding to authentication phase due to the existence of extra elements of domain parameters. Authentication is still considered as a crucial component in maintaining the security of any critical facilities that require the CIA tried and non- repudiation as a need to maintain their data. It does not only apply to medical centers, but any organizations that possess valuable data that is needed to be protected also requires strong authentication protocols. Thus, the trend for the need of novel authentication protocols will keep on rising as technology gets fancier and fancier

Still Wrong Use of Pairings in Cryptography

Several pairing-based cryptographic protocols are recently proposed with a wide variety of new novel applications including the ones in emerging technologies like cloud computing, internet of things (IoT), e-health systems and wearable technologies. There have been however a wide range of incorrect use of these primitives. The paper of Galbraith, Paterson, and Smart (2006) pointed out most of the issues related to the incorrect use of pairing-based cryptography. However, we noticed that some recently proposed applications still do not use these primitives correctly. This leads to unrealizable, insecure or too inefficient designs of pairing-based protocols. We observed that one reason is not being aware of the recent advancements on solving the discrete logarithm problems in some groups. The main purpose of this article is to give an understandable, informative, and the most up-to-date criteria for the correct use of pairing-based cryptography. We thereby deliberately avoid most of the technical details and rather give special emphasis on the importance of the correct use of bilinear maps by realizing secure cryptographic protocols. We list a collection of some recent papers having wrong security assumptions or realizability/efficiency issues. Finally, we give a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page