706 research outputs found
An Elliptic Curve-based Signcryption Scheme with Forward Secrecy
An elliptic curve-based signcryption scheme is introduced in this paper that
effectively combines the functionalities of digital signature and encryption,
and decreases the computational costs and communication overheads in comparison
with the traditional signature-then-encryption schemes. It simultaneously
provides the attributes of message confidentiality, authentication, integrity,
unforgeability, non-repudiation, public verifiability, and forward secrecy of
message confidentiality. Since it is based on elliptic curves and can use any
fast and secure symmetric algorithm for encrypting messages, it has great
advantages to be used for security establishments in store-and-forward
applications and when dealing with resource-constrained devices.Comment: 13 Pages, 5 Figures, 2 Table
Quantum e-commerce: A comparative study of possible protocols for online shopping and other tasks related to e-commerce
A set of quantum protocols for online shopping is proposed and analyzed to
establish that it is possible to perform secure online shopping using different
types of quantum resources. Specifically, a single photon based, a Bell state
based and two 3-qubit entangled state based quantum online shopping schemes are
proposed. The Bell state based scheme, being a completely orthogonal state
based protocol, is fundamentally different from the earlier proposed schemes
which were based on conjugate coding. One of the 3-qubit entangled state based
scheme is build on the principle of entanglement swapping which enables us to
accomplish the task without transmission of the message encoded qubits through
the channel. Possible ways of generalizing the entangled state based schemes
proposed here to the schemes which use multiqubit entangled states is also
discussed. Further, all the proposed protocols are shown to be free from the
limitations of the recently proposed protocol of Huang et al. (Quantum Inf.
Process. 14, 2211-2225, 2015) which allows the buyer (Alice) to change her
order at a later time (after initially placing the order and getting it
authenticated by the controller). The proposed schemes are also compared with
the existing schemes using qubit efficiency.Comment: It's shown that quantum e-commerce is not a difficult task, and it
can be done in various way
Cryptanalysis and improvement of password-authenticated key agreement for session initiation protocol using smart cards
Session Initiation Protocol (SIP) is one of the most commonly used protocols for handling sessions for Voice over Internet Protocol (VoIP)-based communications, and the security of SIP is becoming increasingly important. Recently, Zhang et al. proposed a password authenticated key agreement protocol for SIP by using smart cards to protect the VoIP communications between users. Their protocol provided some unique features, such as mutual authentication, no password table needed, and password updating freely. In this study, we performed cryptanalysis of Zhang et al.'s protocol and found that their protocol was vulnerable to the impersonation attack although the protocol could withstand several other attacks. A malicious attacker could compute other users’ privacy keys and then impersonated the users to cheat the SIP server. Furthermore, we proposed an improved password authentication key agreement protocol for SIP, which overcame the weakness of Zhang et al.’s protocol and was more suitable for VoIP communications
Semi-quantum communication: Protocols for key agreement, controlled secure direct communication and dialogue
Semi-quantum protocols that allow some of the users to remain classical are
proposed for a large class of problems associated with secure communication and
secure multiparty computation. Specifically, first time semi-quantum protocols
are proposed for key agreement, controlled deterministic secure communication
and dialogue, and it is shown that the semi-quantum protocols for controlled
deterministic secure communication and dialogue can be reduced to semi-quantum
protocols for e-commerce and private comparison (socialist millionaire
problem), respectively. Complementing with the earlier proposed semi-quantum
schemes for key distribution, secret sharing and deterministic secure
communication, set of schemes proposed here and subsequent discussions have
established that almost every secure communication and computation tasks that
can be performed using fully quantum protocols can also be performed in
semi-quantum manner. Further, it addresses a fundamental question in context of
a large number problems- how much quantumness is (how many quantum parties are)
required to perform a specific secure communication task? Some of the proposed
schemes are completely orthogonal-state-based, and thus, fundamentally
different from the existing semi-quantum schemes that are
conjugate-coding-based. Security, efficiency and applicability of the proposed
schemes have been discussed with appropriate importance.Comment: 19 pages 1 figur
Authentic-caller : self-enforcing authentication in a next generation network
The Internet of Things (IoT) or the Cyber-Physical System (CPS) is the network of connected devices, things and people which collect and exchange information using the emerging telecommunication networks (4G, 5G IP-based LTE). These emerging telecommunication networks can also be used to transfer critical information between the source and destination, informing the control system about the outage in the electrical grid, or providing information about the emergency at the national express highway. This sensitive information requires authorization and authentication of source and destination involved in the communication. To protect the network from unauthorized access and to provide authentication, the telecommunication operators have to adopt the mechanism for seamless verification and authorization of parties involved in the communication. Currently, the next-generation telecommunication networks use a digest-based authentication mechanism, where the call-processing engine of the telecommunication operator initiates the challenge to the request-initiating client or caller, which is being solved by the client to prove his credentials. However, the digest-based authentication mechanisms are vulnerable to many forms of known attacks e.g., the Man-In-The-Middle (MITM) attack and the password guessing attack. Furthermore, the digest-based systems require extensive processing overheads. Several Public-Key Infrastructure (PKI) based and identity-based schemes have been proposed for the authentication and key agreements. However, these schemes generally require smart-card to hold long-term private keys and authentication credentials. In this paper, we propose a novel self-enforcing authentication protocol for the SIPbased next-generation network based on a low-entropy shared password without relying on any PKI or trusted third party system. The proposed system shows effective resistance against various attacks e.g., MITM, replay attack, password guessing attack, etc. We a..
- …