54,685 research outputs found

    Satellite quantum communications when man-in-the-middle attacks are excluded

    Full text link
    An application of quantum communications is the transmission of qubits to create shared symmetric encryption keys in a process called Quantum Key Distribution (QKD). Contrary to public-private key encryption, symmetric encryption is safe from (quantum) computing attacks, i.e. it provides forward security and is thus attractive for secure communications. In this paper we argue that for free-space quantum communications, especially with satellites, if one assumes that man-in-the-middle attacks can be detected by classical channel monitoring techniques, simplified quantum communications protocols and hardware systems can be implemented that offer improved key rates. We term these protocols photon key distribution (PKD) to differentiate them from the standard QKD protocols. We identify three types of photon sources and calculate asymptotic secret key rates for PKD protocols and compare them to their QKD counterparts. Results show that PKD protocols have roughly a factor of two higher rates as only one measurement basis is used and due to the relaxed security assumptions can establish keys at very high losses whereas in QKD the privacy amplification process becomes prohibitive.Comment: 5 page

    Implementation of message authentication code using DNA-LCG key and a novel hash algorithm

    Get PDF
    With the introduction of electronic form of data, the need for an automatic system of security to protect the integrity of data while being transferred from one place to another is required. This is especially the case for a network in which the systems are accessed over a public network or internet. Security mechanisms involve the use of more than one algorithm. They further require that the participants should possess a secret key, which raises issues about creation, distribution and proper usage of these keys. The most effective technique used in provisioning security is Message Authentication Code (MAC) which helps in preserving integrity. MAC involves the use of secret key along with a hash algorithm. In this paper, we present an implementation of MAC using a secret key created by Deoxyribonucleic Acid (DNA) and random output sequence of Linear Congruential Generator (LCG). The hash algorithm used is made more robust by adding complexity to the traditional SHA-160. The presented scheme RMAC (Robust Message Authentication Code) is tested on National Institute of Science and Technology (NIST) test suite for random numbers, avalanche criteria and resistance towards network attacks. The results reveal that the scheme is efficient and is applicable for a variety of security demanding environments

    Implementasi Algoritma Merkle Hellman untuk Keamanan Database

    Get PDF
    The development of information technology today has a huge impact, namely the issue of security and confidentiality of data. One solution that can be used to guarantee the confidentiality and security of information is cryptography. By using cryptography, a data can be secured through the decryption and encryption process. Security issues and database confidentiality are the most important aspects of an information system. One mechanism to improve database security is to use asymmetric algorithms such as the Merkle Hellmen algorithm. Merkle Hellman is one of the crypto systems that uses the key type of asymmetry. In the Merkle Hellman system, the keys used are 2 different keys, namely the public key and the secret key. Encryption generates ciphertext and decryption produces a plaintext for securing databases that want to be kept confidential. The advantages of this Merkle Hellman algorithm is that there is no need for confidentiality in the key distribution process. From the results of experiments that have been done with this application, the encrypted database becomes a form of message that cannot be understood (ciphertext), but after the decryption process is done, the database is successfully returned to its original form (plaintext) that can be understoo

    Cost-effective ML-powered polarization-encoded quantum key distribution

    Get PDF
    Secure communications have become a requirement for virtually all kind of applications. Currently, two distant parties can generate shared random secret keys by using public key cryptography. However, quantum computing represents one of the greatest threats for the finite complexity of the mathematics behind public key cryptography. In contrast, Quantum Key Distribution (QKD) relies on properties of quantum mechanics, which enables eavesdropping detection and guarantees the security of the key. Among QKD systems, polarization encoded QKD has been successfully tested in laboratory experiments and recently demonstrated in closed environments. The main drawback of QKD is its high cost, which comes, among others, from: i) the requirements for the quantum transmitters and receivers; and ii) the need of carefully selecting the fibers supporting the quantum channel to minimize the environmental effects that could dramatically change the polarization state of photons. In this paper, we propose a Machine Learning (ML) -based polarization tracking and compensation that is able to keep shared secret key exchange to high rates even under large fiber stressing events. Exhaustive results using both synthetic and experimental data show remarkable performance, which can simplify the design of both quantum transmitter and receiver, as well as enable the use of aerial optical cables, thus reducing total QKD system cost.This work was supported in part by the AEI IBON Project under Grant PID2020-114135RB-I00, and in part by the ICREA Institution.Peer ReviewedPostprint (author's final draft

    Strong Monitor Of Admission Manager With Multi-Level Ability For Open Cloud

    Get PDF
    Controlling data access is a difficult issue in public cloud storage systems. Attribute-Based Encryption (CP-ABE) Cipher text-Policy has been adopted as a promising technology to provide flexible, accurate and secure control of data access for cloud storage with honest but weird cloud servers. However, in current CP-EBA schemes, the single attribute authority must implement a validation of the legality of time-consuming users and the distribution of the secret key, resulting in a one-point performance block when a CP-EBA scheme is adopted. in a large-scale system. Cloud storage. Users could be stuck in the queue for a long time to get their secret keys, which could degrade the efficiency of the system. Although multi-agency access control schemes have been proposed, these schemes still cannot overcome the disadvantages of one-point blocking and low efficiency, due to the fact that each authority still independently manages a separate set of attributes. In this paper, we propose a new, heterogeneous framework to eliminate the problem of blocking in single-point performance and to provide a more efficient access control system with an audit mechanism. Our framework uses several proprietary powers to share the burden of validating user legitimacy. Meanwhile, in our scheme, a CA (central authority) is introduced to generate secret keys for users whose legitimacy has been verified. Unlike other multi-body access control systems, each authority in our scheme manages the entire feature set individually. To increase security, we also suggest an audit mechanism to detect AA (Awarding Authority) that has incorrectly or maliciously performed the legitimacy validation procedure. The analysis shows that our system not only ensures the safety requirements, but also improves the outstanding performance of the switches

    Privacy-preserving Intelligent Resource Allocation for Federated Edge Learning in Quantum Internet

    Full text link
    Federated edge learning (FEL) is a promising paradigm of distributed machine learning that can preserve data privacy while training the global model collaboratively. However, FEL is still facing model confidentiality issues due to eavesdropping risks of exchanging cryptographic keys through traditional encryption schemes. Therefore, in this paper, we propose a hierarchical architecture for quantum-secured FEL systems with ideal security based on the quantum key distribution (QKD) to facilitate public key and model encryption against eavesdropping attacks. Specifically, we propose a stochastic resource allocation model for efficient QKD to encrypt FEL keys and models. In FEL systems, remote FEL workers are connected to cluster heads via quantum-secured channels to train an aggregated global model collaboratively. However, due to the unpredictable number of workers at each location, the demand for secret-key rates to support secure model transmission to the server is unpredictable. The proposed systems need to efficiently allocate limited QKD resources (i.e., wavelengths) such that the total cost is minimized in the presence of stochastic demand by formulating the optimization problem for the proposed architecture as a stochastic programming model. To this end, we propose a federated reinforcement learning-based resource allocation scheme to solve the proposed model without complete state information. The proposed scheme enables QKD managers and controllers to train a global QKD resource allocation policy while keeping their private experiences local. Numerical results demonstrate that the proposed schemes can successfully achieve the cost-minimizing objective under uncertain demand while improving the training efficiency by about 50\% compared to state-of-the-art schemes

    Implementing RAAC Model for Cloud Storage

    Get PDF
    Data access control is a challenging issue in public cloud storage systems. Cipher text-Policy Attribute-Based Encryption (CP-ABE) has been adopted as a promising technique to provide flexible, fine-grained and secure data access control for cloud storage with honest-but curious cloud servers. However, in the existing CP-ABE schemes, the single attribute authority must execute the time-consuming user legitimacy verification and secret key distribution, and hence it results in a single-point performance bottleneck when a CP-ABE scheme is adopted in a large-scale cloud storage system. Users may be stuck in the waiting queue for a long period to obtain their secret keys, thereby resulting in low-efficiency of the system. Although multi authority access control schemes have been proposed, these schemes still cannot overcome the drawbacks of single-point bottleneck and low efficiency, due to the fact that each of the authorities still independently manages a disjoint attribute set. In this paper we propose a system that improves the approach of CP-ABE from text based asymmetric to Image based symmetric approach for faster encryption as well as access to data. We also propose a multiple access policy generation for single user where we will be able to implement one to many and many to many methodology

    Robust Multiple Authority and ABE for Access Control in Cloud Computing

    Get PDF
    Data access control is a challenging issue in public cloud storage systems. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) has been adopted as a promising technique to provide flexible, fine-grained and secure data access control for cloud storage with honest-but-curious cloud servers. However, in the existing CP-ABE schemes, the single attribute authority must execute the time-consuming user legitimacy verification and secret key distribution, and hence it results in a single-point performance bottleneck when a CP-ABE scheme is adopted in a large-scale cloud storage system. Users may be stuck in the waiting queue for a long period to obtain their secret keys, thereby resulting in low-efficiency of the system. Although multi authority access control schemes have been proposed, these schemes still cannot overcome the drawbacks of single-point bottleneck and low efficiency, due to the fact that each of the authorities still independently manages a disjoint attribute set. In this paper we propose a system that improves the approach of CP-ABE from text based asymmetric to Image based symmetric approach for faster encryption as well as access to data. We also propose a multiple access policy generation for single user where we will be able to implement one to many and many to many methodology

    Using quantum key distribution for cryptographic purposes: a survey

    Full text link
    The appealing feature of quantum key distribution (QKD), from a cryptographic viewpoint, is the ability to prove the information-theoretic security (ITS) of the established keys. As a key establishment primitive, QKD however does not provide a standalone security service in its own: the secret keys established by QKD are in general then used by a subsequent cryptographic applications for which the requirements, the context of use and the security properties can vary. It is therefore important, in the perspective of integrating QKD in security infrastructures, to analyze how QKD can be combined with other cryptographic primitives. The purpose of this survey article, which is mostly centered on European research results, is to contribute to such an analysis. We first review and compare the properties of the existing key establishment techniques, QKD being one of them. We then study more specifically two generic scenarios related to the practical use of QKD in cryptographic infrastructures: 1) using QKD as a key renewal technique for a symmetric cipher over a point-to-point link; 2) using QKD in a network containing many users with the objective of offering any-to-any key establishment service. We discuss the constraints as well as the potential interest of using QKD in these contexts. We finally give an overview of challenges relative to the development of QKD technology that also constitute potential avenues for cryptographic research.Comment: Revised version of the SECOQC White Paper. Published in the special issue on QKD of TCS, Theoretical Computer Science (2014), pp. 62-8
    corecore