9,549 research outputs found
The Shannon Cipher System with a Guessing Wiretapper: General Sources
The Shannon cipher system is studied in the context of general sources using
a notion of computational secrecy introduced by Merhav & Arikan. Bounds are
derived on limiting exponents of guessing moments for general sources. The
bounds are shown to be tight for iid, Markov, and unifilar sources, thus
recovering some known results. A close relationship between error exponents and
correct decoding exponents for fixed rate source compression on the one hand
and exponents for guessing moments on the other hand is established.Comment: 24 pages, Submitted to IEEE Transactions on Information Theor
Symbolic Abstractions for Quantum Protocol Verification
Quantum protocols such as the BB84 Quantum Key Distribution protocol exchange
qubits to achieve information-theoretic security guarantees. Many variants
thereof were proposed, some of them being already deployed. Existing security
proofs in that field are mostly tedious, error-prone pen-and-paper proofs of
the core protocol only that rarely account for other crucial components such as
authentication. This calls for formal and automated verification techniques
that exhaustively explore all possible intruder behaviors and that scale well.
The symbolic approach offers rigorous, mathematical frameworks and automated
tools to analyze security protocols. Based on well-designed abstractions, it
has allowed for large-scale formal analyses of real-life protocols such as TLS
1.3 and mobile telephony protocols. Hence a natural question is: Can we use
this successful line of work to analyze quantum protocols? This paper proposes
a first positive answer and motivates further research on this unexplored path
SECURE COMMUNICATION USING PFS IN A DISTRIBUTED ENVIRONMENT
Today millions of ordinary citizens are using networks for banking, shopping and filing their tax return. Network security has become a massive problem. All this requires network to identify its legal users for providing services. An authentication protocol used is Kerberos which uses strong secret key for user authentication but it is vulnerable in case of weak passwords. Authentication & key distribution protocols requires sharing secret key(s) with a view that only the concerned users know to derive the information from it. These protocols are vulnerable to key guessing attacks. Another important consideration is perfect forward secrecy in which our proposed scheme cover cases with application servers, authentication servers or clients key are revealed & their combination. In this paper our proposed scheme deal with key guessing attacks, perfect forward secrecy and protocols for few combinations of keys. All these protocols are based on the fact that the keys are weak & can be exploited easily
Cryptanalysis of Sun and Cao's Remote Authentication Scheme with User Anonymity
Dynamic ID-based remote user authentication schemes ensure efficient and
anonymous mutual authentication between entities. In 2013, Khan et al. proposed
an improved dynamic ID-based authentication scheme to overcome the security
flaws of Wang et al.'s authentication scheme. Recently, Sun and Cao showed that
Khan et al. does not satisfies the claim of the user's privacy and proposed an
efficient authentication scheme with user anonymity. The Sun and Cao's scheme
achieve improvement over Khan et al.'s scheme in both privacy and performance
point of view. Unfortunately, we identify that Sun and Cao's scheme does not
resist password guessing attack. Additionally, Sun and Cao's scheme does not
achieve forward secrecy
Guessing a password over a wireless channel (on the effect of noise non-uniformity)
A string is sent over a noisy channel that erases some of its characters.
Knowing the statistical properties of the string's source and which characters
were erased, a listener that is equipped with an ability to test the veracity
of a string, one string at a time, wishes to fill in the missing pieces. Here
we characterize the influence of the stochastic properties of both the string's
source and the noise on the channel on the distribution of the number of
attempts required to identify the string, its guesswork. In particular, we
establish that the average noise on the channel is not a determining factor for
the average guesswork and illustrate simple settings where one recipient with,
on average, a better channel than another recipient, has higher average
guesswork. These results stand in contrast to those for the capacity of wiretap
channels and suggest the use of techniques such as friendly jamming with
pseudo-random sequences to exploit this guesswork behavior.Comment: Asilomar Conference on Signals, Systems & Computers, 201
- …