A Secure Traitor Tracing Scheme against Key Exposure

Copyright protection is a major issue in distributing digital content. On the other hand, improvements to usability are sought by content users. In this paper, we propose a secure {\it traitor tracing scheme against key exposure (TTaKE)} which contains the properties of both a traitor tracing scheme and a forward secure public key cryptosystem. Its structure fits current digital broadcasting systems and it may be useful in preventing traitors from making illegal decoders and in minimizing the damage from accidental key exposure. It can improve usability through these properties.Comment: 5 pages, IEEE International Symposium on Information Theory 2005 (ISIT 2005

Bounded-Collusion IBE from Key Homomorphism

In this work, we show how to construct IBE schemes that are secure against a bounded number of collusions, starting with underlying PKE schemes which possess linear homomorphisms over their keys. In particular, this enables us to exhibit a new (bounded-collusion) IBE construction based on the quadratic residuosity assumption, without any need to assume the existence of random oracles. The new IBE’s public parameters are of size O(tλlogI) where I is the total number of identities which can be supported by the system, t is the number of collusions which the system is secure against, and λ is a security parameter. While the number of collusions is bounded, we note that an exponential number of total identities can be supported. More generally, we give a transformation that takes any PKE satisfying Linear Key Homomorphism, Identity Map Compatibility, and the Linear Hash Proof Property and translates it into an IBE secure against bounded collusions. We demonstrate that these properties are more general than our quadratic residuosity-based scheme by showing how a simple PKE based on the DDH assumption also satisfies these properties.National Science Foundation (U.S.) (NSF CCF-0729011)National Science Foundation (U.S.) (NSF CCF-1018064)United States. Defense Advanced Research Projects Agency (DARPA FA8750-11-2-0225

KCRS: A Blockchain-Based Key Compromise Resilient Signature System

Digital signatures are widely used to assure authenticity and integrity of messages (including blockchain transactions). This assurance is based on assumption that the private signing key is kept secret, which may be exposed or compromised without being detected in the real world. Many schemes have been proposed to mitigate this problem, but most schemes are not compatible with widely used digital signature standards and do not help detect private key exposures. In this paper, we propose a Key Compromise Resilient Signature (KCRS) system, which leverages blockchain to detect key compromises and mitigate the consequences. Our solution keeps a log of valid certificates and digital signatures that have been issued on the blockchain, which can deter the abuse of compromised private keys. Since the blockchain is an open system, KCRS also provides a privacy protection mechanism to prevent the public from learning the relationship between signatures. We present a theoretical framework for the security of the system and a provably-secure construction. We also implement a prototype of KCRS and conduct experiments to demonstrate its practicability

Enhance Data Security Protection for Data Sharing in Cloud Storage System

Cloud computing technology can be used in all types of organizations. There are many benefits to use cloud storage. The most notable is data accessibility. Data stored in the cloud can be accessed at any time any place. Another advantage of cloud storage is data sharing between users. By sharing storage and networks with many users it is also possible for unauthorized users to access our data. To provide confidentiality of shared sensitive data, the cryptographic techniques are applied. So protect the data from unauthorized users, the cryptographic key is main challenge. In this method a data protection for cloud storage 1) The key is protected by two factors: Secret key is stored in the computer and personal security device 2) The key can be revoked efficiently by implementing proxy re-encryption and key separation techniques. 3) The data is protected in a fine grained way by adopting the attribute based encryption technique. So our proposed method provides confidentiality on data

Group Selection and Key Management Strategies for Ciphertext-Policy Attribute-Based Encryption

Ciphertext-Policy Attribute-Based Encryption (CPABE) was introduced by Bethencourt, Sahai, and Waters, as an improvement of Identity Based Encryption, allowing fine grained control of access to encrypted files by restricting access to only users whose attributes match that of the monotonic access tree of the encrypted file. Through these modifications, encrypted files can be placed securely on an unsecure server, without fear of malicious users being able to access the files, while allowing each user to have a unique key, reducing the vulnerabilites associated with sharing a key between multiple users. However, due to the fact that CPABE was designed for the purpose of not using trusted servers, key management strategies such as efficient renewal and immediate key revocation are inherently prevented. In turn, this reduces security of the entire scheme, as a user could maliciously keep a key after having an attribute changed or revoked, using the old key to decrypt files that they should not have access to with their new key. Additionally, the original CPABE implementation provided does not discuss the selection of the underlying bilinear pairing which is used as the cryptographic primitive for the scheme. This thesis explores different possibilites for improvement to CPABE, in both the choice of bilinear group used, as well as support for key management that does not rely on proxy servers while minimizing the communication overhead. Through this work, it was found that nonsupersingular elliptic curves can be used for CPABE, and Barreto-Naehrig curves allowed the fastest encryption and key generation in CHARM, but were the slowest curves for decryption due to the large size of the output group. Key management was performed by using a key-insulation method, which provided helper keys which allow keys to be transformed over different time periods, with revocation and renewal through key update. Unfortunately, this does not allow immediate revocation, and revoked keys are still valid until the end of the time period during which they are revoked. Discussion of other key management methods is presented to show that immediate key revocation is difficult without using trusted servers to control access

Universal Forgeability of Wang-Wu-Wang Key-Insulated Signature Scheme

Wang et al. recently proposed a new perfect and strong key-insulated signature scheme in [1]. We find that the scheme is universally forgeable. In the paper we present a simple and direct attack on it

Design and validation of a platform for electromagnetic fault injection

Security is acknowledged as one of the main challenges in the design and deployment of embedded circuits. Devices need to operate on-the-field safely and correctly, even when at physical reach of potential adversaries. One of the most powerful techniques to compromise the correct functioning of a device are fault injection attacks. They enable an active adversary to trigger errors on a circuit in order to bypass security features or to gain knowledge of security-sensitive information. There are several methods to induce such errors. In this work we focus on the injection of faults through the electromagnetic (EM) channel. In particular, we document our efforts towards building a suitable platform for EM pulse injection. We design a pulse injection circuit that can provide currents over 20 A to an EM injector in order to generate abrupt variations of the EM field on the vicinity of a circuit. We validate the suitability of our platform by applying a well-know attack on an embedded 8-bit microcontroller implementing the AES block cipher. In particular, we show how to extract the AES secret cryptographic keys stored in the device by careful injection of faults during the encryption operations and simple analysis of the erroneous outputs.Peer ReviewedPostprint (published version

Certificateless Key Insulated Encryption: Cryptographic Primitive for Achieving Key-escrow free and Key-exposure Resilience

Certificateless encryption (CLE) alleviates the heavy certificate management in traditional public key encryption and the key escrow problem in the ID-based encryption simultaneously. Current CLE schemes assumed that the user’s secret key is absolutely secure. Unfortunately, this assumption is too strong in case the CLE is deployed in the hostile setting and the leakage of secret key is inevitable. In this paper, we present a new concept called an certificateless key insulated encryption scheme (CL-KIE). We argue that this is an important cryptographic primitive that can be used to achieve key-escrow free and key-exposure resilience. We also present an efficient CL-KIE scheme based on bilinear pairing. After that, the security of our scheme is proved under the Bilinear Diffie-Hellman assumption in the random oracle model. Certificateless encryption (CLE) alleviates the heavy certificate management in traditional public key encryption and the key escrow problem in the ID-based encryption simultaneously. Current CLE schemes assumed that the user’s secret key is absolutely secure. Unfortunately, this assumption is too strong in case the CLE is deployed in the hostile setting and the leakage of the secret key is inevitable. In this paper, we present a new concept called a certificateless key insulated encryption scheme (CL-KIE). We argue that this is an important cryptographic primitive that can be used to achieve key-escrow free and key-exposure resilience. We also present an efficient CL-KIE scheme based on bilinear pairing. After that, the security of our scheme is proved under the Bilinear DiffieHellman assumption in the random oracle model