A NOVEL TECHNIQUE FOR SECURE ENCRYPTED MESSAGES IN MOBILE AND PERVASIVE APPLICATIONS

More than applications rely on the existence of small devices that can exchange information and form communication networks. In a significant portion of such applications, the confidentiality and integrity of the communicated messages are of particular interest. In this work, to propose two novel techniques for authenticating short encrypted messages that are directed to meet the requirements of mobile and pervasive applications. By taking advantage of the fact that the message to be authenticated must also be encrypted, to propose provably secure authentication codes that are more efficient than any message authentication code in the literature. The key idea behind the proposed techniques is to utilize the security that the encryption algorithm can provide to design more efficient authentication mechanisms, as opposed to using standalone authentication primitives

Efficient and complete remote authentication scheme with smart cards

99學年度洪文斌升等參考著作[[abstract]]A complete remote authentication scheme should provide the following security properties: (1) mutual authentication, (2) session key exchange, (3) protection of user anonymity, (4) support of immediate revocation capability, (5) low communication and computation cost, (6) resistance to various kinds of attacks, (7) freely choosing and securely changing passwords by users, and (8) without storing password or verification tables in servers. However, none of the existing schemes meets all the requirements. In this paper, along the line of cost effective approach using hash functions for authentication, we propose an efficient and practical remote user authentication scheme with smart cards to support the above complete security properties.[[conferencetype]]國際[[conferencedate]]20080617~20080620[[booktype]]紙本[[booktype]]電子版[[conferencelocation]]Taipei, Taiwa

How to pair with a human

We introduce a protocol, that we call Human Key Agreement, that allows pairs of humans to establish a key in a (seemingly hopeless) case where no public-key infrastructure is available, the users do not share any common secret, and have never been connected by any physically-secure channel. Our key agreement scheme, while vulnerable to the human-in-the middle attacks, is secure against any malicious machine-in-the middle. The only assumption that we make is that the attacker is a machine that is not able to break the Captcha puzzles (introduced by von Ahn et al., EUROCRYPT 2003). Our main tool is a primitive that we call a Simultaneous Turing Test, which is a protocol that allows two users to verify if they are both human, in such a way that if one of them is not a human, then he does not learn whether the other one is human, or not. To construct this tool we use a Universally-Composable Password Authenticated Key Agreement of Canetti et al. (EUROCRYPT 2005)

Information Assurance Protocols for Body Sensors Using Physiological Data

Griffith Sciences, School of Information and Communication TechnologyFull Tex

SECURING TESLA BROADCAST PROTOCOL WITH DIFFIE- HELLMAN KEY EXCHANGE

ABSTRACT Broadcast communication is highly prone to attacks from unauthenticated users in the wireless medium. Techniques have been proposed to make the communication more secure. In this paper, TESLA broadcast protocol is used to ensure source authentication. Diffie-Hellman Key Exchange is used to share the cryptographic keys in a secured manner. A PKI is developed based on TESLA and Diffie-Hellman Key Exchange, assuming that all network nodes in the network are loosely synchronized in time