SIGNCRYPTION ANALYZE

The aim of this paper is to provide an overview for the research that has been done so far in signcryption area. The paper also presents the extensions for the signcryption scheme and discusses the security in signcryption. The main contribution to this paper represents the implementation of the signcryption algorithm with the examples provided.ElGamal, elliptic curves, encryption, identity-based, proxy-signcryption, public key, ring-signcryption, RSA, signcryption

Research on security and privacy in vehicular ad hoc networks

Los sistemas de redes ad hoc vehiculares (VANET) tienen como objetivo proporcionar una plataforma para diversas aplicaciones que pueden mejorar la seguridad vial, la eficiencia del tráfico, la asistencia a la conducción, la regulación del transporte, etc. o que pueden proveer de una mejor información y entretenimiento a los usuarios de los vehículos. Actualmente se está llevando a cabo un gran esfuerzo industrial y de investigación para desarrollar un mercado que se estima alcance en un futuro varios miles de millones de euros. Mientras que los enormes beneficios que se esperan de las comunicaciones vehiculares y el gran número de vehículos son los puntos fuertes de las VANET, su principal debilidad es la vulnerabilidad a los ataques contra la seguridad y la privacidad.En esta tesis proponemos cuatro protocolos para conseguir comunicaciones seguras entre vehículos. En nuestra primera propuesta empleamos a todas las unidades en carretera (RSU) para mantener y gestionar un grupo en tiempo real dentro de su rango de comunicación. Los vehículos que entren al grupo de forma anónima pueden emitir mensajes vehículo a vehículo (V2V) que inmediatamente pueden ser verificados por los vehículos del mismo grupo (y grupos de vecinos). Sin embargo, en la primera fase del despliegue de este sistema las RSU pueden no estar bien distribuídas. Consecuentemente, se propone un conjunto de mecanismos para hacer frente a la seguridad, privacidad y los requisitos de gestión de una VANET a gran escala sin la suposición de que las RSU estén densamente distribuidas. La tercera propuesta se centra principalmente en la compresión de las evidencias criptográficas que nos permitirán demostrar, por ejemplo, quien era el culpable en caso de accidente. Por último, investigamos los requisitos de seguridad de los sistemas basados en localización (LBS) sobre VANETs y proponemos un nuevo esquema para la preservación de la privacidad de la localización en estos sistemas sobre dichas redes.Vehicular ad hoc network (VANET) systems aim at providing a platform for various applications that can improve traffic safety and efficiency, driver assistance, transportation regulation, infotainment, etc. There is substantial research and industrial effort to develop this market. It is estimated that the market for vehicular communications will reach several billion euros. While the tremendous benefits expected from vehicular communications and the huge number of vehicles are strong points of VANETs, their weakness is vulnerability to attacks against security and privacy.In this thesis, we propose four protocols for secure vehicle communications. In our first proposal, we employ each road-side unit (RSU) to maintain and manage an on-the-fly group within its communication range. Vehicles entering the group can anonymously broadcast vehicle-to-vehicle (V2V) messages, which can be instantly verified by the vehicles in the same group (and neighbor groups). However, at the early stage of VANET deployment, the RSUs may not be well distributed. We then propose a set of mechanisms to address the security, privacy, and management requirements of a large-scale VANET without the assumption of densely distributed RSUs. The third proposal is mainly focused on compressing cryptographic witnesses in VANETs. Finally, we investigate the security requirements of LBS in VANETs and propose a new privacy-preserving LBS scheme for those networks

An Approach to Guide Users Towards Less Revealing Internet Browsers

When browsing the Internet, HTTP headers enable both clients and servers send extra data in their requests or responses such as the User-Agent string. This string contains information related to the sender’s device, browser, and operating system. Previous research has shown that there are numerous privacy and security risks result from exposing sensitive information in the User-Agent string. For example, it enables device and browser fingerprinting and user tracking and identification. Our large analysis of thousands of User-Agent strings shows that browsers differ tremendously in the amount of information they include in their User-Agent strings. As such, our work aims at guiding users towards using less exposing browsers. In doing so, we propose to assign an exposure score to browsers based on the information they expose and vulnerability records. Thus, our contribution in this work is as follows: first, provide a full implementation that is ready to be deployed and used by users. Second, conduct a user study to identify the effectiveness and limitations of our proposed approach. Our implementation is based on using more than 52 thousand unique browsers. Our performance and validation analysis show that our solution is accurate and efficient. The source code and data set are publicly available and the solution has been deployed

Research on ID-based Proxy Blind Signature Scheme

信息安全是信息社会急需解决的最重要问题之一，它已成为信息科学领域的一个重要的新兴学科。数字签名技术是提供认证性、完整性和不可否认性的重要技术，因而是信息安全的核心技术之一。随着对数字签名研究的不断深入，随着电子商务、电子政务的快速发展，简单模拟手写签名的一般数字签名已不能完全满足需要，研究具有特殊性质的数字签名成为数字签名的主要研究方向。 本文的主要内容是代理盲签名方案的研究。代理盲签名作为一种新型的数字签名方案，首先是由Lin等人在2000年提出。代理盲签名兼具了代理签名和盲签名的优点，正是这一特性，使得代理盲签名可以应用到电子商务、电子货币等应用领域，具有很高的实际应用价值。 基于身份...Information security is one of the most important problems in modern information society and becomes a new important subject in the information science. Digital signature, which can prove authentication, integrity and non-repudiation, is one of the key techniques of information security. As the deepening of digital signature research and the rapid development of E-commerce and E-governance, the st...学位：工学硕士院系专业：信息科学与技术学院自动化系_控制理论与控制工程学号：X200522300

A publicly verifiable quantum signature scheme based on asymmetric quantum cryptography

In 2018, Shi et al. \u27s showed that Kaushik et al.\u27s quantum signature scheme is defective. It suffers from the forgery attack. They further proposed an improvement, trying to avoid the attack. However, after examining we found their improved quantum signature is deniable, because the verifier can impersonate the signer to sign a message. After that, when a dispute occurs, he can argue that the signature was not signed by him. It was from the signer. To overcome the drawback, in this paper, we raise an improvement to make it publicly verifiable and hence more suitable to be applied in real life. After cryptanalysis, we confirm that our improvement not only resist the forgery attack but also is undeniable

On the Application of Identity-Based Cryptography in Grid Security

This thesis examines the application of identity-based cryptography (IBC) in designing security infrastructures for grid applications. In this thesis, we propose a fully identity-based key infrastructure for grid (IKIG). Our proposal exploits some interesting properties of hierarchical identity-based cryptography (HIBC) to replicate security services provided by the grid security infrastructure (GSI) in the Globus Toolkit. The GSI is based on public key infrastructure (PKI) that supports standard X.509 certificates and proxy certificates. Since our proposal is certificate-free and has small key sizes, it offers a more lightweight approach to key management than the GSI. We also develop a one-pass delegation protocol that makes use of HIBC properties. This combination of lightweight key management and efficient delegation protocol has better scalability than the existing PKI-based approach to grid security. Despite the advantages that IKIG offers, key escrow remains an issue which may not be desirable for certain grid applications. Therefore, we present an alternative identity-based approach called dynamic key infrastructure for grid (DKIG). Our DKIG proposal combines both identity-based techniques and the conventional PKI approach. In this hybrid setting, each user publishes a fixed parameter set through a standard X.509 certificate. Although X.509 certificates are involved in DKIG, it is still more lightweight than the GSI as it enables the derivation of both long-term and proxy credentials on-the-fly based only on a fixed certificate. We also revisit the notion of secret public keys which was originally used as a cryptographic technique for designing secure password-based authenticated key establishment protocols. We introduce new password-based protocols using identity-based secret public keys. Our identity-based techniques can be integrated naturally with the standard TLS handshake protocol. We then discuss how this TLS-like identity-based secret public key protocol can be applied to securing interactions between users and credential storage systems, such as MyProxy, within grid environments

Proposal and evaluation of authentication protocols for Smart Grid networks

Dissertação (mestrado)—Universidade de Brasília, Faculdade de Tecnologia, Departamento de Engenharia Elétrica, 2018.Uma rede Smart Grid (ou rede elétrica inteligente) representa a evolução das redes elétricas tradicionais, tornada possível graças à integração das tecnologias da informação e das comunicações com a infraestrutura elétrica. Esta integração propicia o surgimento de novos serviços, tornando a rede elétrica mais eficiente, gerando também novos desafios a serem atendidos, dentre eles a segurança do sistema. A rede SG deve garantir a confiabilidade, a integridade e a privacidade dos dados armazenados ou em transito pelo sistema, o que leva à necessidade de autenticação e controle de acesso, obrigando a todo usuário ou dispositivo a se autenticar e a realizar somente operações autorizadas. A autenticação de usuários e dispositivos é um processo muito importante para a rede SG, e os protocolos usados para esse fim devem ser capazes de proteção contra possiveis ataques (por exemplo, Man-in-the-Middle - MITM, repetição, Denegação de Serviço - DoS). Por outro lado, a autorização é tratada em conjunto com a autenticação e relacionada com as politicas de controle de acesso do sistema. Uma parte essencial para criar os protocolos de autenticação seguros envolve os esquemas de ciframento. O uso de um ou a combinação de vários esquemas afeta diretamente o desempenho do protocolo. Cada dia novos esquemas são propostos, e seu emprego nos protocolos de autenticação melhora o desempenho do sistema em comparação aos protocolos já propostos no mesmo cenário. Neste trabalho são propostos 3 (três) protocolos de autenticação seguros e de custo adequado para os cenários descritos a seguir: - Autenticação dos empregados das empresas de fornecimento de energia que procuram acesso ao sistema de forma remota; - Autenticação de Smart Meters numa Infraestrutura de medição avançada (AMI, do inglês Advanced Metering Infrastructure) baseada em nuvem computacional; e - Autenticação de veículos elétricos em uma rede V2G (do inglês, Vehicle-to-Grid). Cada um dos cenários tem caraterísticas particulares que são refletidas no projeto dos protocolos propostos. Além disso, todos os protocolos propostos neste trabalho garantem a autenticação mutua entre todas as entidades e a proteção da privacidade, confidencialidade e integridade dos dados do sistema. Uma comparação dos custos de comunicação e computação é apresentada entre os protocolos propostos neste trabalho e protocolos desenvolvidos por outros autores para cada um dos cenários. Os resultados das comparações mostram que os protocolos propostos neste trabalho têm, na maioria dos casos, o melhor desempenho computacional e de comunicações, sendo assim uma ótima escolha para a sua implementação nas redes SG. A validação formal dos protocolos propostos por meio da ferramenta AVISPA é realizada, permitindo verificar o atendimento a requisitos de segurança.Coordenação de Aperfeiçoamento de Pessoal de Nível Superior (CAPES).A Smart Grid network (or inteligent electrical network) represents the evolution of traditional electrical networks, made possible due to the integration of information and communication technologies with the electrical power grid. This integration generates new services and improves the efficiency of the electrical power grid, while new challenges appear and must be solved, including the security of the system. The SG network must assure reliability, integrity and privacy of the data stored or in trnsit in the system, leading to the need for authentication and access control, thus all users and devices must authenticate and accomplish only authorized operations. The authentication of users and devices is a very important process for the SG network, and the protocols used for this task must be able to protect against possible attacks (for example, Man- in-the-Middle - MITM, repetição, Denegação de Serviço – DoS). On the other hand, authorization is treated jointly with authentication and related to policies of access control to the system. An essential part of creating secure authentication protocols involves encryption schemes. The use of one or the combination of several schemes directly affects protocol performance. Each day new schemas are proposed, and their utilization in the authentication protocols improves the performance of the system compared to the protocols already proposed in the same scenario. In this work 3 (three) secure and cost-effective authentication protocols are proposed, for the following scenarios: - Authentication of employees of energy suply enterprises, looking for remote or local access to the system; - Authentication of Smart Meters in an Advanced Metering Infrastructure based on cloud computing; and - Authentication of electrical vehicles in a V2G (“Vehicle-to-Grid”) network. Each scenario has specific characteristics, that are reflected on the design of the proposed protocols. Moreover, such protocols assure mutual authentication among entities as well as the protection of privacy, confidentiality and integrity of system data. A comparison considering communication and computing costs is presented, involving proposed protocols and other previously published protocols, for each scenario. The results show that the proposed protocols have, in most cases, the best performance, thus constituting good choices for future implementation in SG networks. The formal validation of the proposed protocols by the use of AVISPA tool is realized, allowing to verify the compliance with security requirements

Fair exchange in e-commerce and certified e-mail, new scenarios and protocols

We are witnessing a steady growth in the use of Internet in the electronic commerce field. This rise is promoting the migration from traditional processes and applications (paper based) to an electronic model. But the security of electronic transactions continues to pose an impediment to its implementation. Traditionally, most business transactions were conducted in person. Signing a contract required the meeting of all interested parties, the postman delivered certified mail in hand, and when paying for goods or services both customer and provider were present. When all parties are physically present, a transaction does not require a complex protocol. The participants acknowledge the presence of the other parties as assurance that they will receive their parts, whether a signature on a contract, or a receipt, etc. But with e-commerce growing in importance as sales and business channel, all these transactions have moved to its digital counterpart. Therefore we have digital signature of contracts, certified delivery of messages and electronic payment systems. With electronic transactions, the physical presence is not required,moreover, most of the times it is even impossible. The participants in a transaction can be thousands of kilometers away from each other, and they may not even be human participants, they can be machines. Thus, the security that the transaction will be executed without incident is not assured per se, we need additional security measures. To address this problem, fair exchange protocols were developed. In a fair exchange every party involved has an item that wants to exchange, but none of the participants is willing to give his item away unless he has an assurance he will receive the corresponding item from the other participants. Fair exchange has many applications, like digital signature of contracts, where the items to be exchanged are signatures on contracts, certified delivery of messages, where we exchange a message for evidence of receipt, or a payment process, where we exchange a payment (e-cash, e-check, visa, etc.) for digital goods or a receipt. The objective of this dissertation is the study of the fair exchange problem. In particular, it presents two new scenarios for digital contracting, the Atomic Multi- Two Party (AM2P) and the Agent Mediated Scenario (AMS), and proposes one optimistic contract signing protocol for each one. Moreover, it studies the efficiency of Multi-Party Contract Signing (MPCS) protocols from their architecture point of view, presenting a new lower bound for each architecture, in terms of minimum number of transactions needed. Regarding Certified Electronic Mail (CEM), this dissertation presents two optimistic CEMprotocols designed to be deployed on thecurrent e-mail infrastructure, therefore they assume the participation of multiple Mail Transfer Agents (MTAs). In one case, the protocol assumes untrusted MTAs whereas in the other one it assumes each User Agent (UA) trusts his own MTA. Regarding payment systems, this dissertation presents a secure and efficient electronic bearer bank check scheme allowing the electronic checks to be transferred fairly and anonymously.L’ús d’Internet en l’àmbit del comerç electrònic està experimentant un creixement estable. Aquest increment d’ús està promovent lamigració de processos tradicionals i aplicacions (basades en paper) cap a un model electrònic. Però la seguretat de les transaccions electròniques continua impedint la seva implantació. Tradicionalment, la majoria de les transaccions s’han dut a terme en persona. La firma d’un contracte requeria la presència de tots els firmants, el carter entrega les cartes certificades enmà, i quan es paga per un bé o servei ambdós venedor i comprador hi són presents. Quan totes les parts hi són presents, les transaccions no requereixen un protocol complex. Els participants assumeixen la presència de les altres parts com assegurança que rebran el que esperen d’elles, ja sigui la firma d’un contracte, un rebut d’entrega o un pagament. Però amb el creixement del comerç electrònic com a canal de venda i negoci, totes aquestes transaccions s’hanmogut al seu equivalent en el món electrònic. Així doncs tenim firma electrònica de contractes, enviament certificat de missatges, sistemes de pagament electrònic, etc. En les transaccions electròniques la presència física no és necessària, de fet, la majoria de vegades és fins it tot impossible. Els participants poden estar separats permilers de kilòmetres, i no és necessari que siguin humans, podrien sermàquines. Llavors, la seguretat de que la transacció s’executarà correctament no està assegurada per se, necessitem proporcionar mesures de seguretat addicionals. Per solucionar aquest problema, es van desenvolupar els protocols d’intercanvi equitatiu. En un intercanvi equitatiu totes les parts involucrades tenen un objecte que volen intercanviar, però cap de les parts implicades vol donar el seu objecte si no té la seguretat que rebrà els objectes de les altres parts. L’intercanvi equitatiu té multitud d’aplicacions, com la firma electrònica de contractes, on els elements a intercanviar son firmes de contractes, enviament certificat demissatges, on s’intercanvien unmissatge per una evidència de recepció, o un procés de pagament, on intercanviemun pagament (e-cash, visa, e-xec, etc.) per bens digitals o per un rebut. L’objectiu d’aquesta tesi és estudiar el problema de l’intercanvi equitatiu. En particular, la tesi presenta dos nous escenaris per a la firma electrònica de contractes, l’escenari multi-two party atòmic i l’escenari amb agents intermediaris, i proposa un protocol optimista per a cada un d’ells. A més, presenta un estudi de l’eficiència dels protocols de firma electrònica multi-part (Multi-Party Contract Signing (MPCS) protocols) des del punt de vista de la seva arquitectura, presentant una nova fita per a cada una, en termes de mínim nombre de transaccions necessàries. Pel que fa al correu electrònic certificat, aquesta tesi presenta dos protocols optimistes dissenyats per a ser desplegats damunt l’infraestructura actual de correu electrònic, per tant assumeix la participació demúltiples agents de transferència de correu. Un dels protocols assumeix que cap dels agents de transferència de correu participants és de confiança,mentre que l’altre assumeix que cada usuari confia en el seu propi agent. Pel que fa a sistemes de pagament, la tesi presenta un esquema de xec bancari al portador, eficient i segur, que garanteix que la transferència dels xecs es fa demanera anònima i equitativa

Cryptographic Schemes based on Elliptic Curve Pairings

This thesis introduces the concept of certificateless public key cryptography (CLPKC). Elliptic curve pairings are then used to make concrete CL-PKC schemes and are also used to make other efficient key agreement protocols. CL-PKC can be viewed as a model for the use of public key cryptography that is intermediate between traditional certificated PKC and ID-PKC. This is because, in contrast to traditional public key cryptographic systems, CL-PKC does not require the use of certificates to guarantee the authenticity of public keys. It does rely on the use of a trusted authority (TA) who is in possession of a master key. In this respect, CL-PKC is similar to identity-based public key cryptography (ID-PKC). On the other hand, CL-PKC does not suffer from the key escrow property that is inherent in ID-PKC. Applications for the new infrastructure are discussed. We exemplify how CL-PKC schemes can be constructed by constructing several certificateless public key encryption schemes and modifying other existing ID based schemes. The lack of certificates and the desire to prove the schemes secure in the presence of an adversary who has access to the master key or has the ability to replace public keys, requires the careful development of new security models. We prove that some of our schemes are secure, provided that the Bilinear Diffie-Hellman Problem is hard. We then examine Joux’s protocol, which is a one round, tripartite key agreement protocol that is more bandwidth-efficient than any previous three-party key agreement protocol, however, Joux’s protocol is insecure, suffering from a simple man-in-the-middle attack. We show how to make Joux’s protocol secure, presenting several tripartite, authenticated key agreement protocols that still require only one round of communication. The security properties of the new protocols are studied. Applications for the protocols are also discussed