Two secure non-symmetric role Key-Agreement protocols

Recently, some two-party Authenticated Key Agreement protocols over elliptic curve based algebraic groups, in the context of Identity-Based cryptography have been proposed. The main contribution of this category of protocols is to reduce the complexity of performing algebraic operations through eliminating the need to using Bilinear Pairings. In this paper, we proposed two novel Identity-Based Authenticated Key Agreement protocols over non-symmetric role participants without using Bilinear Pairings. The results show that our proposed schemes beside of supporting security requirements of Key Agreement protocols, require a subset of operations with low complexity in compare with related protocols in this scientific area

Pairing-based cryptosystems and key agreement protocols.

For a long time, pairings on elliptic curves have been considered to be destructive in elliptic curve cryptography. Only recently after some pioneering works, particularly the well-known Boneh-Franklin identity-based encryption (IBE), pairings have quickly become an important tool to construct novel cryptographic schemes. In this thesis, several new cryptographic schemes with pairings are proposed, which are both efficient and secure with respect to a properly defined security model, and some relevant previous schemes are revisited. IBE provides a public key encryption mechanism where a public key can be an arbitrary string such as an entity identifier and unwieldy certificates are unnecessary. Based on the Sakai-Kasahara key construction, an IBE scheme which is secure in the Boneh-Franklin IBE model is constructed, and two identity-based key encapsulation mechanisms are proposed. These schemes achieve the best efficiency among the existing schemes to date. Recently Al-Riyami and Paterson introduced the certificateless public key encryption (CL-PKE) paradigm, which eliminates the need of certificates and at the same time retains the desirable properties of IBE without the key escrow problem. The security formulation of CL-PKE is revisited and a strong security model for this type of mechanism is defined. Following a heuristic approach, three efficient CL-PKE schemes which are secure in the defined strong security model are proposed. Identity-based two-party key agreement protocols from pairings are also investigated. The Bellare-Rogaway key agreement model is enhanced and within the model several previously unproven protocols in the literature are formally analysed. In considering that the user identity may be sensitive information in many environments, an identity-based key agreement protocol with unilateral identity privacy is proposed

LiSA: A Lightweight and Secure Authentication Mechanism for Smart Metering Infrastructure

Smart metering infrastructure (SMI) is the core component of the smart grid (SG) which enables two-way communication between consumers and utility companies to control, monitor, and manage the energy consumption data. Despite their salient features, SMIs equipped with information and communication technology are associated with new threats due to their dependency on public communication networks. Therefore, the security of SMI communications raises the need for robust authentication and key agreement primitives that can satisfy the security requirements of the SG. Thus, in order to realize the aforementioned issues, this paper introduces a lightweight and secure authentication protocol, "LiSA", primarily to secure SMIs in SG setups. The protocol employs Elliptic Curve Cryptography at its core to provide various security features such as mutual authentication, anonymity, replay protection, session key security, and resistance against various attacks. Precisely, LiSA exploits the hardness of the Elliptic Curve Qu Vanstone (EVQV) certificate mechanism along with Elliptic Curve Diffie Hellman Problem (ECDHP) and Elliptic Curve Discrete Logarithm Problem (ECDLP). Additionally, LiSA is designed to provide the highest level of security relative to the existing schemes with least computational and communicational overheads. For instance, LiSA incurred barely 11.826 ms and 0.992 ms for executing different passes across the smart meter and the service providers. Further, it required a total of 544 bits for message transmission during each session.Comment: To appear in IEEE Globecom 201

On Security Analysis of Recent Password Authentication and Key Agreement Schemes Based on Elliptic Curve Cryptography

Secure and efficient mutual authentication and key agreement schemes form the basis for any robust network communication system. Elliptic Curve Cryptography (ECC) has emerged as one of the most successful Public Key Cryptosystem that efficiently meets all the security challenges. Comparison of ECC with other Public Key Cryptosystems (RSA, Rabin, ElGamal) shows that it provides equal level of security for a far smaller bit size, thereby substantially reducing the processing overhead. This makes it suitable for constrained environments like wireless networks and mobile devices as well as for security sensitive applications like electronic banking, financial transactions and smart grids. With the successful implementation of ECC in security applications (e-passports, e-IDs, embedded systems), it is getting widely commercialized. ECC is simple and faster and is therefore emerging as an attractive alternative for providing security in lightweight device, which contributes to its popularity in the present scenario. In this paper, we have analyzed some of the recent password based authentication and key agreement schemes using ECC for various environments. Furthermore, we have carried out security, functionality and performance comparisons of these schemes and found that they are unable to satisfy their claimed security goals

Weakness of two ID-based remote mutual authentication with key agreement protocols for mobile devices

Recently, Yoon et al. and Wu proposed two improved remote mutual authentication and key agreement schemes for mobile devices on elliptic curve cryptosystem. In this paper, we show that Yoon et al.’s protocol fails to provide explicit key perfect forward secrecy and fails to achieve explicit key confirmation. We also point out Wu’s scheme decreases efficiency by using the double secret keys and private/public pair, and is vulnerable to the password guessing attack and the forgery attack

An Elliptic Curve-based Signcryption Scheme with Forward Secrecy

An elliptic curve-based signcryption scheme is introduced in this paper that effectively combines the functionalities of digital signature and encryption, and decreases the computational costs and communication overheads in comparison with the traditional signature-then-encryption schemes. It simultaneously provides the attributes of message confidentiality, authentication, integrity, unforgeability, non-repudiation, public verifiability, and forward secrecy of message confidentiality. Since it is based on elliptic curves and can use any fast and secure symmetric algorithm for encrypting messages, it has great advantages to be used for security establishments in store-and-forward applications and when dealing with resource-constrained devices.Comment: 13 Pages, 5 Figures, 2 Table

Isogeny-based post-quantum key exchange protocols

The goal of this project is to understand and analyze the supersingular isogeny Diffie Hellman (SIDH), a post-quantum key exchange protocol which security lies on the isogeny-finding problem between supersingular elliptic curves. In order to do so, we first introduce the reader to cryptography focusing on key agreement protocols and motivate the rise of post-quantum cryptography as a necessity with the existence of the model of quantum computation. We review some of the known attacks on the SIDH and finally study some algorithmic aspects to understand how the protocol can be implemented