1,530 research outputs found

    Still Wrong Use of Pairings in Cryptography

    Get PDF
    Several pairing-based cryptographic protocols are recently proposed with a wide variety of new novel applications including the ones in emerging technologies like cloud computing, internet of things (IoT), e-health systems and wearable technologies. There have been however a wide range of incorrect use of these primitives. The paper of Galbraith, Paterson, and Smart (2006) pointed out most of the issues related to the incorrect use of pairing-based cryptography. However, we noticed that some recently proposed applications still do not use these primitives correctly. This leads to unrealizable, insecure or too inefficient designs of pairing-based protocols. We observed that one reason is not being aware of the recent advancements on solving the discrete logarithm problems in some groups. The main purpose of this article is to give an understandable, informative, and the most up-to-date criteria for the correct use of pairing-based cryptography. We thereby deliberately avoid most of the technical details and rather give special emphasis on the importance of the correct use of bilinear maps by realizing secure cryptographic protocols. We list a collection of some recent papers having wrong security assumptions or realizability/efficiency issues. Finally, we give a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page

    Key Authentication Scheme-based on Discrete Logarithms and Chinese Remainder Theorem

    Get PDF
    Public key cryptosystems are secure only when the authenticity of the public key is assured. Shao proposeda new scheme to overcome the problems of the existing schemes, which suffers from two major drawbacks. Thefirst drawback is the availability of users’ passwords in plaintext format in key server which are prone to attacksby ill-minded users. The second one is depending on the key server blindly for certificate generation, withoutfurther verification by the user. To overcome these severe drawbacks, we proposed an improved key authenticationscheme based on Chinese remainder theorem and discrete logarithms. Our scheme allows the user to generate his/her certificate without the help of any trusted third party. This scheme is intended for online services, military anddefense applications to exchange keys securely.

    Year 2010 Issues on Cryptographic Algorithms

    Get PDF
    In the financial sector, cryptographic algorithms are used as fundamental techniques for assuring confidentiality and integrity of data used in financial transactions and for authenticating entities involved in the transactions. Currently, the most widely used algorithms appear to be two-key triple DES and RC4 for symmetric ciphers, RSA with a 1024-bit key for an asymmetric cipher and a digital signature, and SHA-1 for a hash function according to international standards and guidelines related to the financial transactions. However, according to academic papers and reports regarding the security evaluation for such algorithms, it is difficult to ensure enough security by using the algorithms for a long time period, such as 10 or 15 years, due to advances in cryptanalysis techniques, improvement of computing power, and so on. To enhance the transition to more secure ones, National Institute of Standards and Technology (NIST) of the United States describes in various guidelines that NIST will no longer approve two-key triple DES, RSA with a 1024-bit key, and SHA-1 as the algorithms suitable for IT systems of the U.S. Federal Government after 2010. It is an important issue how to advance the transition of the algorithms in the financial sector. This paper refers to issues regarding the transition as Year 2010 issues in cryptographic algorithms. To successfully complete the transition by 2010, the deadline set by NIST, it is necessary for financial institutions to begin discussing the issues at the earliest possible date. This paper summarizes security evaluation results of the current algorithms, and describes Year 2010 issues, their impact on the financial industry, and the transition plan announced by NIST. This paper also shows several points to be discussed when dealing with Year 2010 issues.Cryptographic algorithm; Symmetric cipher; Asymmetric cipher; Security; Year 2010 issues; Hash function

    An identity-based key infrastructure suitable for messaging applications

    Get PDF
    Abstract—Identity-based encryption (IBE) systems are relatively recently proposed; yet they are highly popular for messaging applications since they offer new features such as certificateless infrastructure and anonymous communication. In this paper, we intended to propose an IBE infrastructure for messaging applications. The proposed infrastructure requires one registration authority and at least one public key generator and they secret share the master secret key. In addition, the PKG also shares the same master secret with each user in the system in a different way. Therefore, the PKG will never be able to learn the private keys of users under non-collusion assumption. We discuss different aspects of the proposed infrastructure such as security, key revocation, uniqueness of the identities that constitute the main drawbacks of other IBE schemes. We demonstrate that our infrastructure solves many of these drawbacks under certain assumptions

    A Novel Blind Signature Scheme Based On Discrete Logarithm Problem With Un-traceability

    Get PDF
    Blind Signatures are a special type of digital signatures which possess two special properties of blindness and untraceability, which are important for today’s real world applications that require authentication , integrity , security , anonymity and privacy. David Chaum[2] was the first to propose the concept of blind signatures. The scheme's security was based on the difficulty of solving the factoring problem [3, 4]. Two properties that are important for a blind signature scheme in order to be used in various modern applications are blindness and untraceability[2, 5, 6] . Blindness means that the signer is not able to know the contents of the message while signing it, which is achieved by disguising (or blinding) the message through various methods. Untraceability refers to preventing the signer from linking the blinded message it signs to a later unblinded version that it may be called upon to verify. Blind signatures based on discrete logarithm problem are still an area with much scope for research. We aim to propose a novel blind signature scheme with untraceability , based on the discrete logarithm problem
    corecore