A secure electronic voting scheme

In this paper a new electronic voting scheme is described which guarantees coercion-resistance as well as privacy, eligibility, unreusability and verifiability. The proposed protocol can be implemented in practical environment, since it does not require untappable channel or voting booth, only anonymous channels are applied

Multi-Vendor PayWord with Payment Approval

One of the most well known micropayment scheme is the PayWord scheme. It is designed to be onevendor, so if we apply it for multiple vendors, it does not protect against double spending. We extended the PayWord scheme, it supports shopping at multiple vendors without an on-line broker or an on-line secure database. The proposed credit-based system uses one hash chain, hence besides the secret signature key only the seed and a random value should be securely stored. Our scheme is analyzed in applied pi calculus, we prove that it fulfills payment approval, secure payment authorization, secrecy of payment information and unreusability

Identity-based cloud authentication protocol

Cloud computing is a recently developed new technology for complex systems with massivescale services sharing among many users. One of the most important security objectives is to achieve secure user authentication. If it is breached, confidentiality and integrity of the data may be compromised. We propose an identity-based mutual authentication protocol, where identity verification is carried out by multiple servers applying secret sharing technology on the cloud provider side. Robustness and elasticity of the cloud are ensured by its hierarchical structure

Proving Anonymity for BILMIX

L

Provably Secure Identity-Based Remote Password Registration

One of the most significant challenges is the secure user authentication. If it becomes breached, confidentiality and integrity of the data or services may be compromised. The most widespread solution for entity authentication is the password-based scheme. It is easy to use and deploy. During password registration typically users create or activate their account along with their password through their verification email, and service providers are authenticated based on their SSL/TLS certificate. We propose a password registration scheme based on identity-based cryptography, i.e. both the user and the service provider are authenticated by their short-lived identity-based secret key. For secure storage a bilinear map with a salt is applied, therefore in case of an offline attack the adversary is forced to calculate a computationally expensive bilinear map for each password candidate and salt that slows down the attack. New adversarial model with new secure password registration scheme are introduced. We show that the proposed protocol is based on the assumptions that Bilinear Diffie-Hellman problem is computationally infeasible, bilinear map is a one-way function and Mac is existentially unforgeable under an adaptive chosen-message attack

A válás, mint krízis a családban

INST: L_11