1,853 research outputs found
Practical IBC Using Hybrid-Mode Problems: Factoring and Discrete Logarithm
Shamir proposed the concept of the ID-based cryptosystem (IBC) in 1984. Instead of generating and publishing a public key for each user, the ID-based scheme permits each user to choose his name or network address as his public key. This is advantageous to public-key cryptosystems because the public-key verification is so easy and direct. In such a way, a large public key file is not required. Since new cryptographic schemes always face security challenges and many integer factorization problem and discrete logarithm based cryptographic systems have been deployed, therefore, the purpose of this paper is to design practical IBC using hybrid mode problems factoring and discrete logarithm. We consider the security against a conspiracy of some entities in the proposed system and show the possibility of establishing a more secure system
Practical IBC using Hybrid-Mode Problems: Factoring and Discrete Logarithm
Shamir proposed the concept of the ID-based cryptosystem (IBC) in 1984. Instead of generating and publishing a public key for each user, the ID-based scheme permits each user to choose his name or network address as his public key. This is advantageous to public-key cryptosystems because the public-key verification is so easy and direct. In such a way, a large public key file is not required. Since new cryptographic schemes always face security challenges and many integer factorization problem and discrete logarithm based cryptographic systems have been deployed, therefore, the purpose of this paper is to design practical IBC using hybrid mode problems factoring and discrete logarithm. We consider the security against a conspiracy of some entities in the proposed system and show the possibility of establishing a more secure system
Roadmap on optical security
Postprint (author's final draft
Using quantum key distribution for cryptographic purposes: a survey
The appealing feature of quantum key distribution (QKD), from a cryptographic
viewpoint, is the ability to prove the information-theoretic security (ITS) of
the established keys. As a key establishment primitive, QKD however does not
provide a standalone security service in its own: the secret keys established
by QKD are in general then used by a subsequent cryptographic applications for
which the requirements, the context of use and the security properties can
vary. It is therefore important, in the perspective of integrating QKD in
security infrastructures, to analyze how QKD can be combined with other
cryptographic primitives. The purpose of this survey article, which is mostly
centered on European research results, is to contribute to such an analysis. We
first review and compare the properties of the existing key establishment
techniques, QKD being one of them. We then study more specifically two generic
scenarios related to the practical use of QKD in cryptographic infrastructures:
1) using QKD as a key renewal technique for a symmetric cipher over a
point-to-point link; 2) using QKD in a network containing many users with the
objective of offering any-to-any key establishment service. We discuss the
constraints as well as the potential interest of using QKD in these contexts.
We finally give an overview of challenges relative to the development of QKD
technology that also constitute potential avenues for cryptographic research.Comment: Revised version of the SECOQC White Paper. Published in the special
issue on QKD of TCS, Theoretical Computer Science (2014), pp. 62-8
From Pre-Quantum to Post-Quantum IoT Security: A Survey on Quantum-Resistant Cryptosystems for the Internet of Things
© 2020 IEEE. This version of the article has been accepted for publication,
after peer review. Personal use of this material is permitted. Permission from
IEEE must be obtained for all other uses, in any current or future media,
including reprinting/republishing this material for advertising or promotional
purposes, creating new collective works, for resale or redistribution to servers
or lists, or reuse of any copyrighted component of this work in other works.[Absctract]: Although quantum computing is still in its nascent age, its evolution threatens the most popular public-key encryption systems. Such systems are essential for today's Internet security due to their ability for solving the key distribution problem and for providing high security in insecure communications channels that allow for accessing websites or for exchanging e-mails, financial transactions, digitally signed documents, military communications or medical data. Cryptosystems like Rivest-Shamir-Adleman (RSA), elliptic curve cryptography (ECC) or Diffie-Hellman have spread worldwide and are part of diverse key Internet standards like Transport Layer Security (TLS), which are used both by traditional computers and Internet of Things (IoT) devices. It is especially difficult to provide high security to IoT devices, mainly because many of them rely on batteries and are resource constrained in terms of computational power and memory, which implies that specific energy-efficient and lightweight algorithms need to be designed and implemented for them. These restrictions become relevant challenges when implementing cryptosystems that involve intensive mathematical operations and demand substantial computational resources, which are often required in applications where data privacy has to be preserved for the long term, like IoT applications for defense, mission-critical scenarios or smart healthcare. Quantum computing threatens such a long-term IoT device security and researchers are currently developing solutions to mitigate such a threat. This article provides a survey on what can be called post-quantum IoT systems (IoT systems protected from the currently known quantum computing attacks): the main post-quantum cryptosystems and initiatives are reviewed, the most relevant IoT architectures and challenges are analyzed, and the expected future trends are indicated. Thus, this article is aimed at providing a wide view of post-quantum IoT security and give useful guidelines...This work was supported in part
by the Xunta de Galicia under Grant ED431G2019/01, in part by the
Agencia Estatal de InvestigaciĂłn of Spain under Grant TEC2016-75067-C4-
1-R and Grant RED2018-102668-T, and in part by ERDF funds of the EU
(AEI/FEDER, UE).Xunta de Galicia; ED431G2019/0
An Outline of Security in Wireless Sensor Networks: Threats, Countermeasures and Implementations
With the expansion of wireless sensor networks (WSNs), the need for securing
the data flow through these networks is increasing. These sensor networks allow
for easy-to-apply and flexible installations which have enabled them to be used
for numerous applications. Due to these properties, they face distinct
information security threats. Security of the data flowing through across
networks provides the researchers with an interesting and intriguing potential
for research. Design of these networks to ensure the protection of data faces
the constraints of limited power and processing resources. We provide the
basics of wireless sensor network security to help the researchers and
engineers in better understanding of this applications field. In this chapter,
we will provide the basics of information security with special emphasis on
WSNs. The chapter will also give an overview of the information security
requirements in these networks. Threats to the security of data in WSNs and
some of their counter measures are also presented
Joint block and stream cipher based on a modified skew tent map
Image encryption is very different from that of texts due to the bulk data capacity and the
high redundancy of images. Thus, traditional methods are difficult to use for image encryption
as their pseudo-random sequences have small space. Chaotic cryptography use chaos
theory in specific systems working such as computing algorithms to accomplish dissimilar
cryptographic tasks in a cryptosystem with a fast throughput. For higher security, encryption
is the approach to guard information and prevent its leakage. In this paper, a hybrid encryption
scheme that combines both stream and block ciphering algorithms is proposed in order
to achieve the required level of security with the minimum encryption time. This scheme is
based on an improved mathematical model to cover the defects in the previous discredited
model proposed by Masuda. The proposed chaos-based cryptosystem uses the improved
Skew Tent Map (STM) RQ-FSTM as a substitution layer. This map is based on a lookup
table to overcome various problems, such as the fixed point, the key space restrictions, and
the limitation of mapping between plain text and cipher text. It uses the same map as a generator
to change the byte position to achieve the required confusion and diffusion effects.
This modification improves the security level of the original STM. The robustness of the
proposed cryptosystem is proven by the performance and the security analysis, as well as
the high encryption speed. Depending on the results of the security analysis the proposed
system has a better dynamic key space than previous ones using STM, a double encryption
quality and a better security analysis than others in the literature with speed convenience to
real-time applications
Privacy in Biometric Systems
Biometrics are physiological and/or behavioral characteristics of a person that have been used to provide an automatic proof of identity in a growing list of applications including crime/terrorism fighting, forensics, access and border control, securing e-/m-commerce transactions and service entitlements. In recent years, a great deal of research into a variety of new and traditional biometrics has widened the scope of investigations beyond improving accuracy into mechanisms that deal with serious concerns raised about the potential misuse of collected biometric data. Despite the long list of biometrics’ benefits, privacy concerns have become widely shared due to the fact that every time the biometric of a person is checked, a trace is left that could reveal personal and confidential information. In fact, biometric-based recognition has an inherent privacy problem as it relies on capturing, analyzing, and storing personal data about us as individuals. For example, biometric systems deal with data related to the way we look (face, iris), the way we walk (gait), the way we talk (speaker recognition), the way we write (handwriting), the way we type on a keyboard (keystroke), the way we read (eye movement), and many more. Privacy has become a serious concern for the public as biometric systems are increasingly deployed in many applications ranging from accessing our account on a Smartphone or computer to border control and national biometric cards on a very large scale. For example, the Unique Identification Authority of India (UIDAI) has issued 56 million biometric cards as of January 2014 [1], where each biometric card holds templates of the 10 fingers, the two irises and the face. An essential factor behind the growing popularity of biometrics in recent years is the fact that biometric sensors have become a lot cheaper as well as easier to install and handle. CCTV cameras are installed nearly everywhere and almost all Smartphones are equipped with a camera, microphone, fingerprint scanner, and probably very soon, an iris scanner
THRIVE: Threshold Homomorphic encryption based secure and privacy preserving bIometric VErification system
In this paper, we propose a new biometric verification and template
protection system which we call the THRIVE system. The system includes novel
enrollment and authentication protocols based on threshold homomorphic
cryptosystem where the private key is shared between a user and the verifier.
In the THRIVE system, only encrypted binary biometric templates are stored in
the database and verification is performed via homomorphically randomized
templates, thus, original templates are never revealed during the
authentication stage. The THRIVE system is designed for the malicious model
where the cheating party may arbitrarily deviate from the protocol
specification. Since threshold homomorphic encryption scheme is used, a
malicious database owner cannot perform decryption on encrypted templates of
the users in the database. Therefore, security of the THRIVE system is enhanced
using a two-factor authentication scheme involving the user's private key and
the biometric data. We prove security and privacy preservation capability of
the proposed system in the simulation-based model with no assumption. The
proposed system is suitable for applications where the user does not want to
reveal her biometrics to the verifier in plain form but she needs to proof her
physical presence by using biometrics. The system can be used with any
biometric modality and biometric feature extraction scheme whose output
templates can be binarized. The overall connection time for the proposed THRIVE
system is estimated to be 336 ms on average for 256-bit biohash vectors on a
desktop PC running with quad-core 3.2 GHz CPUs at 10 Mbit/s up/down link
connection speed. Consequently, the proposed system can be efficiently used in
real life applications
- …