Applied cryptography in network systems security for cyberattack prevention

Application of cryptography and how various encryption algorithms methods are used to encrypt and decrypt data that traverse the network is relevant in securing information flows. Implementing cryptography in a secure network environment requires the application of secret keys, public keys, and hash functions to ensure data confidentiality, integrity, authentication, and non-repudiation. However, providing secure communications to prevent interception, interruption, modification, and fabrication on network systems has been challenging. Cyberattacks are deploying various methods and techniques to break into network systems to exploit digital signatures, VPNs, and others. Thus, it has become imperative to consider applying techniques to provide secure and trustworthy communication and computing using cryptography methods. The paper explores applied cryptography concepts in information and network systems security to prevent cyberattacks and improve secure communications. The contribution of the paper is threefold: First, we consider the various cyberattacks on the different cryptography algorithms in symmetric, asymmetric, and hashing functions. Secondly, we apply the various RSA methods on a network system environment to determine how the cyberattack could intercept, interrupt, modify, and fabricate information. Finally, we discuss the secure implementations methods and recommendations to improve security controls. Our results show that we could apply cryptography methods to identify vulnerabilities in the RSA algorithm in secure computing and communications networks

Black-Box Constructions of Signature Schemes in the Bounded Leakage Setting

To simplify the certificate management procedures, Shamir introduced the concept of identity-based cryptography (IBC). However, the key escrow problem is inherent in IBC. To get rid of it, Al-Riyami and Paterson introduced in 2003 the notion of certificateless cryptography (CLC). However, if a cryptosystem is not perfectly implemented, adversaries would be able to obtain part of the system\u27s secret state via side-channel attacks, and thus may break the system. This is not considered in the security model of traditional cryptographic primitives. Leakage-resilient cryptography was then proposed to prevent adversaries from doing so. There are fruitful works on leakage-resilient encryption schemes, while there are not many on signature schemes in the leakage setting. In this work, we review the folklore generic constructions of identity-based signature and certificateless signature, and show that if the underlying primitives are leakage-resilient, so are the resulting identity-based signature scheme and certificateless signature scheme. The leakage rate follows the minimum one of the underlying primitives. We also show some instantiations of these generic constructions

Stronger Security for Sanitizable Signatures

Sanitizable signature schemes (SSS) enable a designated party (called the sanitizer ) to alter admissible blocks of a signed message. This primitive can be used to remove or alter sensitive data from already signed messages without involvement of the original signer. Current state-of-the-art security definitions of SSSs only dene a \weak form of security. Namely, the unforgeability, accountability and transparency definitions are not strong enough to be meaningful in certain use-cases. We identify some of these use-cases, close this gap by introducing stronger definitions, and show how to alter an existing construction to meet our desired security level. Moreover, we clarify a small yet important detail in the state-of-the-art privacy definition. Our work allows to deploy this primitive in more and different scenarios

Preserving transparency and accountability in optimistic fair exchange of digital signatures

Optimistic fair exchange (OFE) protocols are useful tools for two participants to fairly exchange items with the aid of a third party who is only involved if needed. A widely accepted requirement is that the third party\u27s involvement in the exchange must be transparent, to protect privacy and avoid bad publicity. At the same time, a dishonest third party would compromise the fairness of the exchange and the third party thus must be responsible for its behaviors. This is achieved in OFE protocols with another property called accountability. It is unfortunate that the accountability has never been formally studied in OFE since its introduction ten years ago. In this paper, we fill these gaps by giving the first complete definition of accountability in OFE where one of the exchanged items is a digital signature and a generic (also the first) design of OFE where transparency and accountability coexist

Signature Schemes in the Quantum Random-Oracle Model

A signature scheme is a fundamental component in modern digital communication. It allows for authenticated messages, without which it would be nearly impossible to ensure security when using most modern technologies. However, there is a growing threat to this fundamental piece of electronic infrastructure. Universal quantum computers, which were originally envisioned by Richard Feynman, have moved from being a theoretical future technology into one that could realistically be available in a matter of decades. In 1994, Peter Shor devised an algorithm that would run on a quantum computer that could be used to solve mathematical problems that formed the foundation of public-key cryptography. While Shor's algorithm clearly establishes that new mathematical problems must be found and studied that can admit efficient cryptographic protocols, it is equally important that the models in which we consider security are also updated to consider the possibility of a malicious adversary having a quantum computer. In the random-oracle model, a hash function is replaced by a truly random function that any relevant party is able to query. This model can enable security reductions where otherwise none are known. However, it has been noted that this model does not properly consider the possibility of a quantum computer. For this, we must instead consider the quantum random-oracle model. In this thesis, we explain the basics of quantum physics and quantum computation in order to give a complete motivation for the quantum random-oracle model. We explain many of the difficulties that may be encountered in the quantum random-oracle model, and how some of these problems may be solved. We then show prove three signature schemes secure in the quantum random-oracle model: the LMS hash-based scheme, TESLA, a lattice-based scheme, and the TOO transformation using chameleon hashes. The first two schemes are strong candidates for post-quantum standardization

Generic Transformation to Strongly Unforgeable Signatures

Recently, there are two generic transformation techniques proposed for converting unforgeable signature schemes (the message in the forgery has not been signed yet) into strongly unforgeable ones (the message in the forgery could have been signed previously). Both techniques are based on trapdoor hash functions and require to add supplementary components onto the original key pair of the signature scheme