Security of a biometric identity-based encryption scheme

Biometric identity-based encryption (Bio-IBE) is a kind of fuzzy identity-based encryption (fuzzy IBE) where a ciphertext encrypted under an identity w' can be decrypted using a secret key corresponding to the identity w which is close to w' as measured by some metric. Recently, Yang et al. proposed a constant-size Bio-IBE scheme and proved that it is secure against adaptive chosen-ciphertext attack (CCA2) in the random oracle model. Unfortunately, in this paper, we will show that their Bio-IBE scheme is even not chosen-plaintext secure. Specifically, user w using his secret key is able to decrypt any ciphertext encrypted under an identity w' even though w is not close to w'.Comment: Journal version of the paper will be appearing in International Journal of Network Securit

A Comprehensive Study on Crypto-Algorithms

In the field of computer network and security, cryptography plays a vital role for secure data transmission as it follows the principle of data confidentiality, integrity, non-repudiation, authentication. By using several cryptographic algorithms, a user can deliver and receive the message in more convenient way. In this paper, we have collaborated on various cryptographic algorithms, several types of cryptographic techniques along with different types of security attacks prevailing in case of cryptography. During the exchanging of any sort of information, the key generation, encryption and decryption processes are examined in more details in the current paper. We have discussed regarding RSA (Ron Rives, Adi Shamir and Len Adelman), which is one of the most secure algorithm in the context of data and information sharing, that has been analysed clearly in our work along with the basic concepts of DES(Data Encryption Standard) , conventional encryption model, ECC(Elliptic curve cryptography), Digital signature, ABE(Attribute based Encryption), KP-ABE(Key policy Attribute based encryption), CP-ABE(Ciphertext policy attribute based encryption), IBE(Identity based Encryption). We have elaborated various cryptograhic concepts for keeping the message confidential and secure while considering secured data communication in case of networks

07381 Abstracts Collection -- Cryptography

From 16.09.2007 to 21.09.2007 the Dagstuhl Seminar 07381 ``Cryptography\u27\u27 was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available

Roadmap on optical security

Postprint (author's final draft

Cryptanalysis of an online/offline certificateless signature scheme for Internet of Health Things

Recently, Khan et al. [An online-offline certificateless signature scheme for internet of health things,” Journal of Healthcare Engineering, vol. 2020] presented a new certificateless offline/online signature scheme for Internet of Health Things (IoHT) to fulfill the authenticity requirements of the resource-constrained environment of (IoHT) devices. The authors claimed that the newly proposed scheme is formally secured against Type-I adversary under the Random Oracle Model (ROM). Unfortunately, their scheme is insecure against adaptive chosen message attacks. It is demonstrated that an adversary can forge a valid signature on a message by replacing the public key. Furthermore, we performed a comparative analysis of the selective parameters including computation time, communication overhead, security, and formal proof by employing Evaluation based on Distance from Average Solution (EDAS). The analysis shows that the designed scheme of Khan et al. doesn’t have any sort of advantage over the previous schemes. Though, the authors utilized a lightweight hyperelliptic curve cryptosystem with a smaller key size of 80-bits. Finally, we give some suggestions on the construction of a concrete security scheme under ROM

Measuring Performances of a White-Box Approach in the IoT Context

The internet of things (IoT) refers to all the smart objects that are connected to other objects, devices or servers and that are able to collect and share data, in order to "learn" and improve their functionalities. Smart objects suffer from lack of memory and computational power, since they are usually lightweight. Moreover, their security is weakened by the fact that smart objects can be placed in unprotected environments, where adversaries are able to play with the symmetric-key algorithm used and the device on which the cryptographic operations are executed. In this paper, we focus on a family of white-box symmetric ciphers substitution-permutation network (SPN)box, extending and improving our previous paper on the topic presented at WIDECOM2019. We highlight the importance of white-box cryptography in the IoT context, but also the need to have a fast black-box implementation (server-side) of the cipher. We show that, modifying an internal layer of SPNbox, we are able to increase the key length and to improve the performance of the implementation. We measure these improvements (a) on 32/64-bit architectures and (b) in the IoT context by encrypting/decrypting 10,000 payloads of lightweight messaging protocol Message Queuing Telemetry Transport (MQTT)

SURVEY : CRYPTOGRAPHY OPTIMIZATION ALGORITHMS

With the advent of e-commerce, it has become extremely essential to tackle the sensitive issues of affording data security, especially in the ever-blooming open network environment of the modern era. The encrypting technologies of the time-honored cryptography are generally employed to shelter data safety extensively. The term ‘cryptography’ refers to the process of safeguarding the secret data against access by unscrupulous persons in scenarios where it is humanly impossible to furnish physical protection. It deals with the methods which convert the data between intelligible and unintelligible forms by encryption/decryption functions with the management of key(s). Nowadays cryptographic key management issues that arise due to the distributed nature of IT resources, as well the distributed nature of their control. Recently these issues are solved by optimization algorithms utilized in the cryptographic algorithms. The purpose of this paper is to give a survey of optimal cryptographic keys that can be developed with the help of optimization algorithms, and to address their merits to the real-worldscenarios.AbstractWith the advent of e-commerce, it has become extremely essential to tackle the sensitive issues of affording data security, especially in the ever-blooming open network environment of the modern era. The encrypting technologies of the time-honored cryptography are generally employed to shelter data safety extensively. The term ‘cryptography’ refers to the process of safeguarding the secret data against access by unscrupulous persons in scenarios where it is humanly impossible to furnish physical protection. It deals with the methods which convert the data between intelligible and unintelligible forms by encryption/decryption functions with the management of key(s). Nowadays cryptographic key management issues that arise due to the distributed nature of IT resources, as well the distributed nature of their control. Recently these issues are solved by optimization algorithms utilized in the cryptographic algorithms. The purpose of this paper is to give a survey of optimal cryptographic keys that can be developed with the help of optimization algorithms, and to address their merits to the real-worldscenarios. Keywords:Cryptography; Encryption; Decryption; Key Management; Optimization algorithm