706 research outputs found

    An Elliptic Curve-based Signcryption Scheme with Forward Secrecy

    Full text link
    An elliptic curve-based signcryption scheme is introduced in this paper that effectively combines the functionalities of digital signature and encryption, and decreases the computational costs and communication overheads in comparison with the traditional signature-then-encryption schemes. It simultaneously provides the attributes of message confidentiality, authentication, integrity, unforgeability, non-repudiation, public verifiability, and forward secrecy of message confidentiality. Since it is based on elliptic curves and can use any fast and secure symmetric algorithm for encrypting messages, it has great advantages to be used for security establishments in store-and-forward applications and when dealing with resource-constrained devices.Comment: 13 Pages, 5 Figures, 2 Table

    Quantum e-commerce: A comparative study of possible protocols for online shopping and other tasks related to e-commerce

    Full text link
    A set of quantum protocols for online shopping is proposed and analyzed to establish that it is possible to perform secure online shopping using different types of quantum resources. Specifically, a single photon based, a Bell state based and two 3-qubit entangled state based quantum online shopping schemes are proposed. The Bell state based scheme, being a completely orthogonal state based protocol, is fundamentally different from the earlier proposed schemes which were based on conjugate coding. One of the 3-qubit entangled state based scheme is build on the principle of entanglement swapping which enables us to accomplish the task without transmission of the message encoded qubits through the channel. Possible ways of generalizing the entangled state based schemes proposed here to the schemes which use multiqubit entangled states is also discussed. Further, all the proposed protocols are shown to be free from the limitations of the recently proposed protocol of Huang et al. (Quantum Inf. Process. 14, 2211-2225, 2015) which allows the buyer (Alice) to change her order at a later time (after initially placing the order and getting it authenticated by the controller). The proposed schemes are also compared with the existing schemes using qubit efficiency.Comment: It's shown that quantum e-commerce is not a difficult task, and it can be done in various way

    Cryptanalysis and improvement of password-authenticated key agreement for session initiation protocol using smart cards

    Get PDF
    Session Initiation Protocol (SIP) is one of the most commonly used protocols for handling sessions for Voice over Internet Protocol (VoIP)-based communications, and the security of SIP is becoming increasingly important. Recently, Zhang et al. proposed a password authenticated key agreement protocol for SIP by using smart cards to protect the VoIP communications between users. Their protocol provided some unique features, such as mutual authentication, no password table needed, and password updating freely. In this study, we performed cryptanalysis of Zhang et al.'s protocol and found that their protocol was vulnerable to the impersonation attack although the protocol could withstand several other attacks. A malicious attacker could compute other users’ privacy keys and then impersonated the users to cheat the SIP server. Furthermore, we proposed an improved password authentication key agreement protocol for SIP, which overcame the weakness of Zhang et al.’s protocol and was more suitable for VoIP communications

    Semi-quantum communication: Protocols for key agreement, controlled secure direct communication and dialogue

    Full text link
    Semi-quantum protocols that allow some of the users to remain classical are proposed for a large class of problems associated with secure communication and secure multiparty computation. Specifically, first time semi-quantum protocols are proposed for key agreement, controlled deterministic secure communication and dialogue, and it is shown that the semi-quantum protocols for controlled deterministic secure communication and dialogue can be reduced to semi-quantum protocols for e-commerce and private comparison (socialist millionaire problem), respectively. Complementing with the earlier proposed semi-quantum schemes for key distribution, secret sharing and deterministic secure communication, set of schemes proposed here and subsequent discussions have established that almost every secure communication and computation tasks that can be performed using fully quantum protocols can also be performed in semi-quantum manner. Further, it addresses a fundamental question in context of a large number problems- how much quantumness is (how many quantum parties are) required to perform a specific secure communication task? Some of the proposed schemes are completely orthogonal-state-based, and thus, fundamentally different from the existing semi-quantum schemes that are conjugate-coding-based. Security, efficiency and applicability of the proposed schemes have been discussed with appropriate importance.Comment: 19 pages 1 figur

    Authentic-caller : self-enforcing authentication in a next generation network

    Get PDF
    The Internet of Things (IoT) or the Cyber-Physical System (CPS) is the network of connected devices, things and people which collect and exchange information using the emerging telecommunication networks (4G, 5G IP-based LTE). These emerging telecommunication networks can also be used to transfer critical information between the source and destination, informing the control system about the outage in the electrical grid, or providing information about the emergency at the national express highway. This sensitive information requires authorization and authentication of source and destination involved in the communication. To protect the network from unauthorized access and to provide authentication, the telecommunication operators have to adopt the mechanism for seamless verification and authorization of parties involved in the communication. Currently, the next-generation telecommunication networks use a digest-based authentication mechanism, where the call-processing engine of the telecommunication operator initiates the challenge to the request-initiating client or caller, which is being solved by the client to prove his credentials. However, the digest-based authentication mechanisms are vulnerable to many forms of known attacks e.g., the Man-In-The-Middle (MITM) attack and the password guessing attack. Furthermore, the digest-based systems require extensive processing overheads. Several Public-Key Infrastructure (PKI) based and identity-based schemes have been proposed for the authentication and key agreements. However, these schemes generally require smart-card to hold long-term private keys and authentication credentials. In this paper, we propose a novel self-enforcing authentication protocol for the SIPbased next-generation network based on a low-entropy shared password without relying on any PKI or trusted third party system. The proposed system shows effective resistance against various attacks e.g., MITM, replay attack, password guessing attack, etc. We a..
    • …
    corecore