11 |
Provably Secure Nested One-Time Secret Mechanisms for Fast Mutual Authentication and Key Exchange in Mobile CommunicationsHo, Pei-hsiu 10 February 2011 (has links)
Wireless communication has played a very important role in people communication activities due to the properties of fast mobility and high
portability. Many security mechanisms for mobile communications have been introduced in the literature.
Among these mechanisms,
authentication is a quite important task in the entire mobile network system and acts as the first defense against attackers
since it ensures the correctness of the identities of distributed communication entities before they engage in any other communication
activity. Some schemes have similar drawbacks, such as high bandwidth consumption between VLR and HLR, storage overhead in VLR, and lack of
VLR authentication.
On the other hand, some protocols are efficient, but they are not based on rational assumptions.
Ideally, a mobile authentication scheme should achieve mutual entity authentication, low storage cost in VLR, and
light-weight computation and communication for each entity, to provide secure and fast communication services.
Therefore, in order to guarantee the quality of this advanced technology, an efficient (especially, user efficient) and secure
authentication scheme is urgently desired, and moreover, it should be under reasonable assumptions.
In this dissertation, we come up with a novel authentication mechanism, called the nested
one-time secret mechanism, tailored for mobile communication environments. Through maintaining inner and outer synchronously changeable
common secrets, respectively, every mobile user can be rapidly authenticated by VLR and HLR, respectively, in the proposed scheme based on
rational assumptions.
Not only does the proposed solution achieve mutual authentication, but also it greatly reduces the computation and communication cost
of the mobile users as compared with the existing authentication schemes.
Finally, we formally prove that the proposed scheme is a secure mutual authentication and key exchange scheme under the assumptions of semantic
security of encryption, indistinguishability of a pseudorandom function and a random function, and indistinguishability
of a pseudorandom permutation and a random permutation.
|
12 |
Convenient Decentralized Authentication Using PasswordsVan Der Horst, Timothy W. 10 March 2010 (has links) (PDF)
Passwords are a very convenient way to authenticate. In terms of simplicity and portability they are very difficult to match. Nevertheless, current password-based login mechanisms are vulnerable to phishing attacks and typically require users to create and manage a new password for each of their accounts. This research investigates the potential for indirect/decentralized approaches to improve password-based authentication. Adoption of a decentralized authentication mechanism requires the agreement between users and service providers on a trusted third party that vouches for users' identities. Email providers are the de facto trusted third parties on the Internet. Proof of email address ownership is typically required to both create an account and to reset a password when it is forgotten. Despite its shortcomings (e.g., latency, vulnerability to passive attack), this approach is a practical solution to the difficult problem of authenticating strangers on the Internet. This research utilizes this emergent, lightweight relationship with email providers to offload primary user authentication from service providers; thus reducing the need for service provider-specific passwords. Our goal is to provide decentralized authentication that maintains the convenience and portability of passwords, while improving its assurances (especially against phishing). Our first step to leverage this emergent trust, Simple Authentication for the Web (SAW), improves the security and convenience of email-based authentications and moves them from the background into the forefront, replacing need for an account-specific password. Wireless Authenticationg using Remote Passwords (WARP) adapts the principles of SAW to authentication in wireless networks. Lightweight User AUthentication (Luau) improves upon WARP and unifies user authentication across the application and network (especially wireless) layers. Our final protocol, pwdArmor, started as a simple wrapper to facilitate the use of existing databases of password verifiers in Luau, but grew into a generic middleware framework that augments the assurances of conventional password protocols.
|
13 |
Zero-Knowledge Proof for Knowledge of RLWE (Ring-Learning with Errors) Secret KeysR V, Saraswathy 07 June 2018 (has links)
No description available.
|
14 |
New Password Authenticated Key Exchange Based on the Ring Learning with ErrorsAlsayigh, Saed A. 24 October 2016 (has links)
No description available.
|
15 |
The Study of Practical Privacy Preserving and Forward Secure Authentication Technologies on Wireless CommunicationsHsu, Ruei-Hau 18 June 2012 (has links)
Information exchange in wireless communication without being blocked by terrain or infrastructure is easier and simpler than that in the traditional wired communication environments. Due to the transmission type, anonymity is urgently required in wireless communications for concealing the footprint of mobile users. Additionally, the mobility of a mobile device may incur possible threats to the past encrypted transmitted data, where the past session keys for the encryptions of wireless communications may be derived by the long-term secret stored the mobile device if it is lost. In this thesis, we propose an efficient solution by using symmetry-based cryptosystems for forward secrecy and anonymity in the standards of mobile networks, such as GSM, UMTS, and LTE, without losing the compatibility. By adopting secret chain (SC) based mechanism, the generation of every session key involves a short-term secret, changed in every session, to achieve forward secrecy and anonymity. Furthermore, synchronization mechanism required for the SC-protocol is also proposed.
For more advanced security requirements of truly non-repudiation and strong anonymity, which is additionally anonymous to systems, certificateless signatures and group signatures are applied in the authentication protocols for UMTS and VANETs. Certificateless signatures can eliminate the overhead of using public-key infrastructure (PKI) in wireless communications. Our work proposed a certificateless signature scheme achieving the same security level of non-repudiation as that in the PKI-based signature scheme, that most of the proposed certificateless signatures cannot fulfill. Group signatures practice the privacy of the participants of the authentication protocol by originating the group signatures belonging to their group. However, directly applying group signatures in wireless communications results in inefficiency of computation when a group has a large amount of members. Therefore, we aim at reducing the computation costs of membership revocation on the proposed group signature scheme to constant without being influenced by the amount of members and then apply the scheme to VANETs and UMTS. Eventually, all the proposed schemes in the thesis are theoretically proven secure under the standard reduction.
|
16 |
Sécurité polynomiale en cryptographieFiedler, Heinz 08 1900 (has links)
Dans ce mémoire, nous proposons des protocoles cryptographiques d'échange de clef, de mise en gage, et de transfert équivoque. Un premier protocole de transfert équivoque, primitive cryptographique universelle pour le calcul multi-parties, s'inspire du protocole d'échange de clef par puzzle de Merkle, et améliore les résultats existants. Puis, nous montrons qu'il est possible de construire ces mêmes primitives cryptographiques sans l'hypothèse des fonctions à sens unique, mais avec le problème 3SUM. Ce problème simple ---dans une liste de n entiers, en trouver trois dont la somme a une certaine valeur--- a une borne inférieure conjecturée de Omega(n^2). / In this work, we propose cryptographic protocols for key exchange, bit commitment and oblivious transfer. Our oblivious transfer protocol, universal cryptographic primitive for multipartie computation, is inspired from Merkle's key exchange protocol with puzzles, and improves on existing results.
Then, we show that it's possible to build those same cryptographic primitives without the hypothesis of one-way functions, but with the 3SUM problem. This simple problem ---in a list of n integers, find three that sum is a desired value--- has a conjectured lower bound of Omega(n^2).
|
17 |
多伺服器環境中基於智慧卡的身分認證機制之研究 / A Study on Smart Card Based User Authentication Mechanism for Multi-Server Environments張詠詠, Chang, Yung Yung Unknown Date (has links)
隨著科技的進步,智慧卡的種類漸增,功能也愈趨完善,生活中需要使用到智慧卡的時機也愈來愈頻繁,與之相對的,其安全性也愈加受到重視,尤其在卡片遺失的情形下,必須做到卡片中留存的資料就算被有心人士竊取,也無法從中得出使用者密碼(password),藉以偽冒成合法使用者,如此才能確保卡片使用者的安全。為了達到此一目的,許多學者在智慧卡的安全機制上做了許多的研究,如:2012年學者Cheng等人提出了一個基於智慧卡的遠端使用者登錄認證機制。同一時期,學者Li等人也提出了多伺服器網路中,基於密碼驗證的智慧卡認證機制。本研究中,我們發現Cheng等人及Li等人所自訂之智慧卡認證協議,在智慧卡遺失的情況下,並未提供完整的保密環境,導致其使用者與伺服器雙方所建立的秘鑰與會議金鑰可能被破解而無法得知。因此,我們提出了改良版的基於邏輯運算的智慧卡身分驗證機制,加入Diffie-Hellman密鑰交換,以達到更具安全性的目標。 / With advances in technology, different types and functions of smart cards have become more popular and perfect in recent years. We use smart cards in daily life more and more frequent, so smart card security has become a very important issue, especially in the case of smart-card-loss. We have to ensure that if our card is lost and someone steals the sensitive data in our card, he/she cannot use it to guess or get user’s password. To achieve the goal, many researchers have done a lot of work in smart card security. In 2012 Cheng et al. proposed a smart card based authentication scheme for remote user login and verification. During the same period, Li et al. proposed a password and smart card based user authentication mechanism for multi-server environments. In this thesis, we first pointed out the security flaws of Cheng et al.’s and Li et al.’s mechanism. We found that Cheng et al.’s and Li et al.’s mechanism cannot be secure under offline-dictionary attack in the smart-card-loss case. This enables adversaries to guess user’s password and session keys. Secondly, we introduced an improved version of smart card based authentication mechanism using Diffie-Hellman key exchange to overcome the above mentioned problems
|
18 |
Machine-Level Software Optimization of Cryptographic ProtocolsFishbein, Dieter January 2014 (has links)
This work explores two methods for practical cryptography on mobile devices. The first method is a quantum-resistant key-exchange protocol proposed by Jao et al.. As the use of mobile devices increases, the deployment of practical cryptographic protocols designed for use on these devices is of increasing importance. Furthermore, we are faced with the possible development of a large-scale quantum computer in the near future and must take steps to prepare for this possibility. We describe the key-exchange protocol of Jao et al. and discuss their original implementation. We then describe our modifications to their scheme that make it suitable for use in mobile devices. Our code is between 18-26% faster (depending on the security level). The second is an highly optimized implementation of Miller's algorithm that efficiently computes the Optimal Ate pairing over Barreto-Naehrig curves proposed by Grewal et al.. We give an introduction to cryptographic pairings and describe the Tate pairing and its variants. We then proceed to describe Grewal et al.'s implementation of Miller's algorithm, along with their optimizations. We describe our use of hand-optimized assembly code to increase the performance of their implementation. For the Optimal Ate pairing over the BN-446 curve, our code is between 7-8% faster depending on whether the pairing uses affine or projective coordinates.
|
19 |
Kryptoggraphie mit elliptischen KurvenPönisch, Jens 01 December 2014 (has links) (PDF)
Der Vortrag erläutert das Grundprinzip des Diffie-Hellman-Schlüsseltausches mithilfe des diskreten Logarithmus unter Zuhilfenahme elliptischer Kurven über endlichen Körpern.
|
20 |
Sécurité polynomiale en cryptographieFiedler, Heinz 08 1900 (has links)
Dans ce mémoire, nous proposons des protocoles cryptographiques d'échange de clef, de mise en gage, et de transfert équivoque. Un premier protocole de transfert équivoque, primitive cryptographique universelle pour le calcul multi-parties, s'inspire du protocole d'échange de clef par puzzle de Merkle, et améliore les résultats existants. Puis, nous montrons qu'il est possible de construire ces mêmes primitives cryptographiques sans l'hypothèse des fonctions à sens unique, mais avec le problème 3SUM. Ce problème simple ---dans une liste de n entiers, en trouver trois dont la somme a une certaine valeur--- a une borne inférieure conjecturée de Omega(n^2). / In this work, we propose cryptographic protocols for key exchange, bit commitment and oblivious transfer. Our oblivious transfer protocol, universal cryptographic primitive for multipartie computation, is inspired from Merkle's key exchange protocol with puzzles, and improves on existing results.
Then, we show that it's possible to build those same cryptographic primitives without the hypothesis of one-way functions, but with the 3SUM problem. This simple problem ---in a list of n integers, find three that sum is a desired value--- has a conjectured lower bound of Omega(n^2).
|
Page generated in 0.0442 seconds