SIGNCRYPTION ANALYZE

The aim of this paper is to provide an overview for the research that has been done so far in signcryption area. The paper also presents the extensions for the signcryption scheme and discusses the security in signcryption. The main contribution to this paper represents the implementation of the signcryption algorithm with the examples provided.ElGamal, elliptic curves, encryption, identity-based, proxy-signcryption, public key, ring-signcryption, RSA, signcryption

Identity-based threshold group signature scheme based on multiple hard number theoretic problems

We introduce in this paper a new identity-based threshold signature (IBTHS) technique, which is based on a pair of intractable problems, residuosity and discrete logarithm. This technique relies on two difficult problems and offers an improved level of security relative to an individual hard problem. The majority of the denoted IBTHS techniques are established on an individual difficult problem. Despite the fact that these methods are secure, however, a prospective solution of this sole problem by an adversary will enable him/her to recover the entire private data together with secret keys and configuration values of the associated scheme. Our technique is immune to the four most familiar attack types in relation to the signature schemes. Enhanced performance of our proposed technique is verified in terms of minimum cost of computations required by both of the signing algorithm and the verifying algorithm in addition to immunity to attacks

Efficient Revocable ID-Based Signature With Cloud Revocation Server

Over the last few years, identity-based cryptosystem (IBC) has attracted widespread attention because it avoids the high overheads associated with public key certificate management. However, an unsolved but critical issue about IBC is how to revoke a misbehaving user. There are some revocable identity-based encryption schemes that have been proposed recently, but little work on the revocation problem of identity-based signature has been undertaken so far. One approach for revocation in identity-based settings is to update users\u27 private keys periodically, which is usually done by the key generation center (KGC). But with this approach, the load on the KGC will increase quickly when the number of users increases. In this paper, we propose an efficient revocable identity-based signature (RIBS) scheme in which the revocation functionality is outsourced to a cloud revocation server (CRS). In our proposed approach, most of the computations needed during key-updates are offloaded to the CRS. We describe the new framework and the security model for the RIBS scheme with CRS and we prove that the proposed scheme is existentially unforgeable against adaptively chosen messages and identity attacks in the random oracle model. Furthermore, we monstrate that our scheme outperforms previous IBS schemes in terms of lower computation and communication costs

Detailed Concept of Network Security

Computer world security management is essential resource for all the latest news, analysis, case studies and reviews on authentication, business continuity and disaster recovery, data control, security infrastructure, intellectual property, privacy standards, law, threats cyber crime and hacking and identity fraud and theft. This section covers secrecy, reliable storage and encryption. security, protecting data from unauthorized access, protecting data from damage and ROM either an external or an internal source, and a disgruntled employee could easily do much harm

Design and Analysis of Opaque Signatures

Digital signatures were introduced to guarantee the authenticity and integrity of the underlying messages. A digital signature scheme comprises the key generation, the signature, and the verification algorithms. The key generation algorithm creates the signing and the verifying keys, called also the signer’s private and public keys respectively. The signature algorithm, which is run by the signer, produces a signature on the input message. Finally, the verification algorithm, run by anyone who knows the signer’s public key, checks whether a purported signature on some message is valid or not. The last property, namely the universal verification of digital signatures is undesirable in situations where the signed data is commercially or personally sensitive. Therefore, mechanisms which share most properties with digital signatures except for the universal verification were invented to respond to the aforementioned need; we call such mechanisms “opaque signatures”. In this thesis, we study the signatures where the verification cannot be achieved without the cooperation of a specific entity, namely the signer in case of undeniable signatures, or the confirmer in case of confirmer signatures; we make three main contributions. We first study the relationship between two security properties important for public key encryption, namely data privacy and key privacy. Our study is motivated by the fact that opaque signatures involve always an encryption layer that ensures their opacity. The properties required for this encryption vary according to whether we want to protect the identity (i.e. the key) of the signer or hide the validity of the signature. Therefore, it would be convenient to use existing work about the encryption scheme in order to derive one notion from the other. Next, we delve into the generic constructions of confirmer signatures from basic cryptographic primitives, e.g. digital signatures, encryption, or commitment schemes. In fact, generic constructions give easy-to-understand and easy-to-prove schemes, however, this convenience is often achieved at the expense of efficiency. In this contribution, which constitutes the core of this thesis, we first analyze the already existing constructions; our study concludes that the popular generic constructions of confirmer signatures necessitate strong security assumptions on the building blocks, which impacts negatively the efficiency of the resulting signatures. Next, we show that a small change in these constructionsmakes these assumptions drop drastically, allowing as a result constructions with instantiations that compete with the dedicated realizations of these signatures. Finally, we revisit two early undeniable signatures which were proposed with a conjectural security. We disprove the claimed security of the first scheme, and we provide a fix to it in order to achieve strong security properties. Next, we upgrade the second scheme so that it supports a iii desirable feature, and we provide a formal security treatment of the new scheme: we prove that it is secure assuming new reasonable assumptions on the underlying constituents

Virtualized Reconfigurable Resources and Their Secured Provision in an Untrusted Cloud Environment

The cloud computing business grows year after year. To keep up with increasing demand and to offer more services, data center providers are always searching for novel architectures. One of them are FPGAs, reconfigurable hardware with high compute power and energy efficiency. But some clients cannot make use of the remote processing capabilities. Not every involved party is trustworthy and the complex management software has potential security flaws. Hence, clients’ sensitive data or algorithms cannot be sufficiently protected. In this thesis state-of-the-art hardware, cloud and security concepts are analyzed and com- bined. On one side are reconfigurable virtual FPGAs. They are a flexible resource and fulfill the cloud characteristics at the price of security. But on the other side is a strong requirement for said security. To provide it, an immutable controller is embedded enabling a direct, confidential and secure transfer of clients’ configurations. This establishes a trustworthy compute space inside an untrusted cloud environment. Clients can securely transfer their sensitive data and algorithms without involving vulnerable software or a data center provider. This concept is implemented as a prototype. Based on it, necessary changes to current FPGAs are analyzed. To fully enable reconfigurable yet secure hardware in the cloud, a new hybrid architecture is required.Das Geschäft mit dem Cloud Computing wächst Jahr für Jahr. Um mit der steigenden Nachfrage mitzuhalten und neue Angebote zu bieten, sind Betreiber von Rechenzentren immer auf der Suche nach neuen Architekturen. Eine davon sind FPGAs, rekonfigurierbare Hardware mit hoher Rechenleistung und Energieeffizienz. Aber manche Kunden können die ausgelagerten Rechenkapazitäten nicht nutzen. Nicht alle Beteiligten sind vertrauenswürdig und die komplexe Verwaltungssoftware ist anfällig für Sicherheitslücken. Daher können die sensiblen Daten dieser Kunden nicht ausreichend geschützt werden. In dieser Arbeit werden modernste Hardware, Cloud und Sicherheitskonzept analysiert und kombiniert. Auf der einen Seite sind virtuelle FPGAs. Sie sind eine flexible Ressource und haben Cloud Charakteristiken zum Preis der Sicherheit. Aber auf der anderen Seite steht ein hohes Sicherheitsbedürfnis. Um dieses zu bieten ist ein unveränderlicher Controller eingebettet und ermöglicht eine direkte, vertrauliche und sichere Übertragung der Konfigurationen der Kunden. Das etabliert eine vertrauenswürdige Rechenumgebung in einer nicht vertrauenswürdigen Cloud Umgebung. Kunden können sicher ihre sensiblen Daten und Algorithmen übertragen ohne verwundbare Software zu nutzen oder den Betreiber des Rechenzentrums einzubeziehen. Dieses Konzept ist als Prototyp implementiert. Darauf basierend werden nötige Änderungen von modernen FPGAs analysiert. Um in vollem Umfang eine rekonfigurierbare aber dennoch sichere Hardware in der Cloud zu ermöglichen, wird eine neue hybride Architektur benötigt

An implementation of accountable anonymity

Complex well developed and established Anonymity systems lack Accountability. These systems offer unconditional anonymity to their users which can stimulate abusive behavior. Controlling abuse should be equally important as protecting the anonymity of legitimate users when designing anonymous applications. Current anonymity systems are promoted to family and friends, businesses, activists and the media. However, these same systems could potentially be used for: sending offensive email, spam, copyrighted material, cyber warfare, child pornography, pedophiles chatting with kids online or any other illegal activity performed on the Internet. Freedom of speech and the First Amendment allows people to express their opinions and choose any anonymity service and by no means will people be forced to use this system. In this thesis, a model that allows an anonymous yet accountable method of communication on the Internet is introduced. The design and implementation is based on a new proxy-re-encryption scheme and a modifed onion routing scheme. Techniques for Accountable Anonymity are demonstrated by building a lightweight prototype. In this system, users are registered in the system\u27s database in order to use it. In this research, the total network latency is signifcantly smaller when sending data over the network compared to The onion router (Tor) system which makes it deployable to use at a larger scale system. Also, the Accountable Anonymity system\u27s digital forensic mode makes it easier to track the perpetrators