21 research outputs found
Overview of Key Agreement Protocols
The emphasis of this paper is to focus on key agreement.
To this aim, we address a self-contained, up-to-date presentation of key agreement protocols at high level.
We have attempted to provide a brief but fairly complete survey of all these schemes
Protocolos para la seguridad de la informaci贸n en eHealth: Criptograf铆a en entornos mHeath
Abstract.
The advance of technology has brought with it the evolution of tools in various fields,
among which the medical field stands out. Today鈥檚 medicine has tools that 30 years
ago were unthinkable making its functioning completely different. Thanks to this fusion
of medicine and technology new terms concerning this symbiosis, such as eHealth or
mHealth, may be found in our daily lives. Both users and all the areas that work in
the protection and performance of health and safety benefit from it. In this doctoral
thesis we have worked in several lines with the aim of improving information security in
several mHealth systems trying to make the proposed solutions extrapolable to other
environments. Firstly, a tool, supported by an expert system and using identity-based
encryption for the protection of patient information, for the diagnosis, treatment and
monitoring of children with attention deficit disorder is proposed. Second, a solution
focused on geared towards enhancing solutions for two of the fundamental problems
of medical data information security: the secure management of patient information
and the identification of patients within the hospital environment, is included. The
solution proposed for the identification problem is based on the use of NFC bracelets
that store an identifier associated with the patient and is generated through an HMAC
function. In the third work, the problem of identification is again analyzed, but this time
in emergency environments where no stable communication networks are present. It
also proposes a system for the classification of victims whose objective is to improve the
management of health resources in these scenarios. The fourth contribution is a system
for improving the traceability and management of small emergencies and everyday
events based on the use of blockchains. To conclude with the contributions of this
thesis, a cryptographic scheme which improves security in healthcare devices with little
computing capacity is presented.
The general aim of this thesis is providing improvements in current medicine through
mHealth systems, paying special attention to information security. Specifically,
measures for the protection of data integrity, identification, authentication and nonrepudiation
of information are included.
The completion of this doctoral thesis has been funded through a pre-doctoral FPI
grant from the Canary Islands Government.El avance de la tecnolog铆a ha tra铆do consigo la evoluci贸n de herramientas en diversos 谩mbitos, entre ellos destaca el de la medicina. La medicina actual posee unas herramientas que hace 30 a帽os eran impensables, lo que hace que su funcionamiento sea completamente diferente. Gracias a esta fusi贸n de medicina y tecnolog铆a encontramos en nuestro d铆a a d铆a nuevos t茅rminos, como eHealth o mHealth, que hacen referencia a esta simbiosis, en la que se benefician tanto los usuarios, como todas las 谩reas que trabajan en la protecci贸n y actuaci贸n de la salud y seguridad de las mismas. En esta tesis doctoral se ha trabajado en varias l铆neas con el objetivo de mejorar la seguridad de la informaci贸n en varios sistemas mHealth intentando que las soluciones propuestas sean extrapolables a otros entornos. En primer lugar se propone una herramienta destinada al diagn贸stico, tratamiento y monitorizaci贸n de ni帽os con trastorno de d茅ficit de atenci贸n que se apoya en un sistema experto y usa cifrado basado en identidad para la protecci贸n de la informaci贸n de los pacientes. En segundo lugar, se incluye una soluci贸n centrada en aportar mejoras en dos de los problemas fundamentales de la seguridad de la informaci贸n de los datos m茅dicos: la gesti贸n segura de la informaci贸n de los pacientes y la identificaci贸n de los mismos dentro del entorno hospitalario. La soluci贸n planteada para el problema de identificaci贸n se basa en la utilizaci贸n de pulseras NFC que almacenan un identificador asociado al paciente y que es generado a trav茅s de una funci贸n HMAC. En el tercer trabajo se analiza de nuevo el problema de identificaci贸n de las personas pero esta vez en entornos de emergencia en los que no se cuenta con redes de comunicaciones estables. Adem谩s se propone un sistema de clasificaci贸n de v铆ctimas en dichos entornos cuyo objetivo es mejorar la gesti贸n de recursos sanitarios en estos escenarios. Como cuarta aportaci贸n se presenta un sistema de mejora de la trazabilidad y de la gesti贸n de peque帽as emergencias y eventos cotidianos basada en el uso de blockchain. Para terminar con las aportaciones de esta tesis, se presenta un esquema criptogr谩fico que mejora los esquemas actuales de seguridad utilizados para dispositivos del entorno sanitario que poseen poca capacidad computacional.
La finalidad general perseguida en esta tesis es aportar mejoras al uso de la medicina actual a trav茅s de sistemas mHealth en los que se presta especial atenci贸n a la seguridad de la informaci贸n. Concretamente se incluyen medidas para la protecci贸n de la integridad de los datos, identificaci贸n de personas, autenticaci贸n y no repudio
de la informaci贸n.
La realizaci贸n de esta tesis doctoral ha contando con financiaci贸n del Gobierno de Canarias a trav茅s de una beca predoctoral FPI
On the Application of Identity-Based Cryptography in Grid Security
This thesis examines the application of identity-based cryptography
(IBC) in designing security infrastructures for grid applications.
In this thesis, we propose a fully identity-based key infrastructure
for grid (IKIG). Our proposal exploits some interesting properties
of hierarchical identity-based cryptography (HIBC) to replicate
security services provided by the grid security infrastructure (GSI)
in the Globus Toolkit. The GSI is based on public key infrastructure
(PKI) that supports standard X.509 certificates and proxy
certificates. Since our proposal is certificate-free and has small
key sizes, it offers a more lightweight approach to key management
than the GSI. We also develop a one-pass delegation protocol that
makes use of HIBC properties. This combination of lightweight key
management and efficient delegation protocol has better scalability
than the existing PKI-based approach to grid security.
Despite the advantages that IKIG offers, key escrow remains an issue
which may not be desirable for certain grid applications. Therefore,
we present an alternative identity-based approach called dynamic key
infrastructure for grid (DKIG). Our DKIG proposal combines both
identity-based techniques and the conventional PKI approach. In this
hybrid setting, each user publishes a fixed parameter set through a
standard X.509 certificate. Although X.509 certificates are involved
in DKIG, it is still more lightweight than the GSI as it enables the
derivation of both long-term and proxy credentials on-the-fly based
only on a fixed certificate.
We also revisit the notion of secret public keys which was
originally used as a cryptographic technique for designing secure
password-based authenticated key establishment protocols. We
introduce new password-based protocols using identity-based secret
public keys. Our identity-based techniques can be integrated
naturally with the standard TLS handshake protocol. We then discuss
how this TLS-like identity-based secret public key protocol can be
applied to securing interactions between users and credential
storage systems, such as MyProxy, within grid environments
Cryptographic Schemes based on Elliptic Curve Pairings
This thesis introduces the concept of certificateless public key
cryptography (CLPKC). Elliptic curve pairings are then used to
make concrete CL-PKC schemes and are also used to make other
efficient key agreement protocols.
CL-PKC can be viewed as a model for the use of public key cryptography
that is intermediate between traditional certificated PKC and ID-PKC.
This is because, in contrast to traditional public key cryptographic
systems, CL-PKC does not require the use of certificates to guarantee
the authenticity of public keys. It does rely on the use of a trusted
authority (TA) who is in possession of a master key. In this
respect, CL-PKC is similar to identity-based public key
cryptography (ID-PKC). On the other hand, CL-PKC does not suffer
from the key escrow property that is inherent in ID-PKC.
Applications for the new infrastructure are discussed.
We exemplify how CL-PKC schemes can be constructed by constructing
several certificateless public key encryption schemes and
modifying other existing ID based schemes. The lack of
certificates and the desire to prove the schemes secure in the
presence of an adversary who has access to the master key or has
the ability to replace public keys, requires the careful
development of new security models. We prove that some of our
schemes are secure, provided that the Bilinear Diffie-Hellman
Problem is hard.
We then examine Joux鈥檚 protocol, which is a one round, tripartite
key agreement protocol that is more bandwidth-efficient than any
previous three-party key agreement protocol, however, Joux鈥檚 protocol
is insecure, suffering from a simple man-in-the-middle attack. We
show how to make Joux鈥檚 protocol secure, presenting several tripartite,
authenticated key agreement protocols that still require only one round
of communication. The security properties of the new protocols are
studied. Applications for the protocols are also discussed
Theory and Practice of Cryptography and Network Security Protocols and Technologies
In an age of explosive worldwide growth of electronic data storage and communications, effective protection of information has become a critical requirement. When used in coordination with other tools for ensuring information security, cryptography in all of its applications, including data confidentiality, data integrity, and user authentication, is a most powerful tool for protecting information. This book presents a collection of research work in the field of cryptography. It discusses some of the critical challenges that are being faced by the current computing world and also describes some mechanisms to defend against these challenges. It is a valuable source of knowledge for researchers, engineers, graduate and doctoral students working in the field of cryptography. It will also be useful for faculty members of graduate schools and universities
Authenticated group Diffie-Hellman key exchange: theory and practice
Authenticated two-party Diffie-Hellman key exchange allows two principals A and B, communicating over a public network, and each holding a pair of matching public/private keys to agree on a session key. Protocols designed to deal with this problem ensure A (B resp.)that no other principals aside from B (A resp.) can learn any information about this value. These protocols additionally often ensure A and B that their respective partner has actually computed the shared secret value. A natural extension to the above cryptographic protocol problem is to consider a pool of principals agreeing on a session key. Over the years several papers have extended the two-party Diffie-Hellman key exchange to the multi-party setting but no formal treatments were carried out till recently. In light of recent developments in the formalization of the authenticated two-party Diffie-Hellman key exchange we have in this thesis laid out the authenticated group Diffie-Hellman key exchange on firmer foundations
Pairing-based cryptosystems and key agreement protocols.
For a long time, pairings on elliptic curves have been considered to be destructive in elliptic curve cryptography. Only recently after some pioneering works, particularly the well-known Boneh-Franklin identity-based encryption (IBE), pairings have quickly become an important
tool to construct novel cryptographic schemes.
In this thesis, several new cryptographic schemes with pairings are proposed, which are both efficient and secure with respect to a properly defined security model, and some
relevant previous schemes are revisited.
IBE provides a public key encryption mechanism where a public key can be an arbitrary string such as an entity identifier and unwieldy certificates are unnecessary. Based on the Sakai-Kasahara key construction, an IBE scheme which is secure in the Boneh-Franklin IBE model is constructed, and two identity-based key encapsulation mechanisms are proposed. These schemes achieve the best efficiency among the existing schemes to date. Recently Al-Riyami and Paterson introduced the certificateless public key encryption (CL-PKE) paradigm, which eliminates the need of certificates and at the same time retains the desirable properties of IBE without the key escrow problem. The security formulation of CL-PKE is revisited and a strong security model for this type of mechanism is defined.
Following a heuristic approach, three efficient CL-PKE schemes which are secure in the defined strong security model are proposed. Identity-based two-party key agreement protocols from pairings are also investigated.
The Bellare-Rogaway key agreement model is enhanced and within the model several previously unproven protocols in the literature are formally analysed. In considering that the user identity may be sensitive information in many environments, an identity-based key agreement protocol with unilateral identity privacy is proposed
ISSUES AND SOLUTIONS OF APPLYING IDENTITY-BASED CRYPTOGRAPHY TO MOBILE AD-HOC NETWORKS
Concept of Mobile Ad-hoc Networks (MANETs) was brought up a few decades ago with assumed prosperous future. Unfortunately, we do not see many practical applications of them in real life. Security of MANETs is a big concern considered by investors and industries, and hinders them from putting MANETs into application. Requirements of security, and difficulties to meet these requirements have been stated clearly already; yet solutions to these difficulties are not quite clear. Cryptographic technologies seem to be capable of satisfying most of the requirements, which has been proved in Internet or wired networks. However, most of the technologies, including symmetric and traditional asymmetric cryptography (such as Public Key Infrastructure (PKI)), are inapplicable or inconvenient to use inMANETs context. Identity-based Cryptography (IBC), as a special form of asymmetric cryptography, carries many features interesting for MANETs. IBC has been studied a lot recently by researchers of MANET security, and many applications have been proposed and claimed to address this difficult problem. However, it is still the case that most of the solutions are not sound enough to be used in a practical MANET. This thesis starts with an intensive survey on the proposals of applications of IBC in MANETs, and points out the issues, limitations and weaknesses in these proposals and also in IBC itself. The thesis proposes a novel framework with key management and secure routing scheme integrated aiming to address these issues. This scheme brings these contributions: compared to symmetric key solutions, it has more functionality derived from asymmetric keys, and is more secure due to using 1-to-m broadcasting key instead of only 1 group broadcasting key, and has less keys to store per node due to using asymmetric keys instead of pairwise symmetric keys; compared to traditional asymmetric cryptography solutions, the storage and communication requirements are lower due to IBC properties; compared to previous IBC solutions, it has no key management and secure routing interdependency cycle problem. Security of the proposed scheme is proved and performance of the scheme is simulated and analyzed in the thesis. To the end of a complete solution for an arbitraryMANET running in an arbitrary environment, the thesis proposes enhancements to counter various attacks and options to abate or eliminate limitations and weaknesses of IBC. The proposed scheme has a wide range of applicability for various MANETs with little or no administrative overhead depending on situations where it is considered