A new certificateless multiple key agreement scheme

2017 ◽  
Vol 09 (01) ◽  
pp. 1750002 ◽  
Author(s):  
Reza Alimoradi
Keyword(s):  
Key Agreement ◽  
Security Requirements ◽  
Public Key ◽  
Forward Secrecy ◽  
Zero Knowledge ◽  
Public Key Cryptosystems ◽  
Security Properties ◽  
Perfect Forward Secrecy ◽  
Major Shortcoming ◽  
Identity Based

Recently, by changing security requirements of computer networks, many public key schemes are introduced. One major shortcoming of identity-based cryptosystems is key screw. Certificateless public key cryptosystems were introduced to solve this problem. In this paper, a certificateless, public-key, multiple-key-agreement scheme will be offered which has some significant security properties such as perfect forward secrecy, strong security, and zero-knowledge proof. This scheme produces far more shared hidden keys per session in comparison with many existing schemes. In this paper, the security and the efficiency of the proposed scheme will be compared with some well-known current schemes.

scholarly journals Drone Secure Communication Protocol for Future Sensitive Applications in Military Zone

Sensors ◽  
2021 ◽  
Vol 21 (6) ◽  
pp. 2057
Author(s):  
Yongho Ko ◽  
Jiyoon Kim ◽  
Daniel Gerbi Duguma ◽  
Philip Virgil Astillo ◽  
Ilsun You ◽  
...  
Keyword(s):  
Performance Evaluation ◽  
Secure Communication ◽  
Communication Protocol ◽  
Denial Of Service ◽  
Mutual Authentication ◽  
Information Leakage ◽  
Security Protocol ◽  
Security Requirements ◽  
Forward Secrecy ◽  
Perfect Forward Secrecy

Unmanned Aerial Vehicle (UAV) plays a paramount role in various fields, such as military, aerospace, reconnaissance, agriculture, and many more. The development and implementation of these devices have become vital in terms of usability and reachability. Unfortunately, as they become widespread and their demand grows, they are becoming more and more vulnerable to several security attacks, including, but not limited to, jamming, information leakage, and spoofing. In order to cope with such attacks and security threats, a proper design of robust security protocols is indispensable. Although several pieces of research have been carried out with this regard, there are still research gaps, particularly concerning UAV-to-UAV secure communication, support for perfect forward secrecy, and provision of non-repudiation. Especially in a military scenario, it is essential to solve these gaps. In this paper, we studied the security prerequisites of the UAV communication protocol, specifically in the military setting. More importantly, a security protocol (with two sub-protocols), that serves in securing the communication between UAVs, and between a UAV and a Ground Control Station, is proposed. This protocol, apart from the common security requirements, achieves perfect forward secrecy and non-repudiation, which are essential to a secure military communication. The proposed protocol is formally and thoroughly verified by using the BAN-logic (Burrow-Abadi-Needham logic) and Scyther tool, followed by performance evaluation and implementation of the protocol on a real UAV. From the security and performance evaluation, it is indicated that the proposed protocol is superior compared to other related protocols while meeting confidentiality, integrity, mutual authentication, non-repudiation, perfect forward secrecy, perfect backward secrecy, response to DoS (Denial of Service) attacks, man-in-the-middle protection, and D2D (Drone-to-Drone) security.

CCA-Secure and Revocable Certificateless Encryption with Ciphertext Evolution

2020 ◽  
Vol 31 (02) ◽  
pp. 175-191
Author(s):  
Yinxia Sun ◽  
Futai Zhang ◽  
Anmin Fu ◽  
Zhe Xia
Keyword(s):  
Security Requirements ◽  
User Needs ◽  
Security Model ◽  
Encrypted Data ◽  
Public Key Cryptosystems ◽  
Generic Construction ◽  
Certificateless Encryption ◽  
User Revocation ◽  
Identity Based ◽  
Certificate Management

Certificateless cryptosystems have attracted great interests in cryptographic research since its invention. Because compared with traditional public key cryptosystems or identity-based cryptosystems, they could not only simplify the certificate management, but also alleviate the key escrow problem. In certificateless cryptosystems, user revocation is a challenging issue. To address this issue, one popular method is to update the key via public channels. However, most of the existing schemes in this approach are impractical because of the following two shortcomings. Firstly, the user needs to maintain a list of decryption keys, but the size of the list will keep increasing. Secondly, the revoked user can still recover the plaintexts of the encrypted data prior to revocation, and this is a particular threat in some applications. To solve these problems, this paper presents revocable certificateless encryption with ciphertext evolution. We give a generic construction and then describe how it can be initialized concretely. In our proposed scheme, the user only needs to keep one decryption key, and once a user is revoked, it can no longer decrypt any ciphertext in the server. Moreover, the IND-CCA security model is defined against three types of attacks. And our schemes are formally proved to satisfy these security requirements.

scholarly journals Electronic Voting Protocol Using Identity-Based Cryptography

2015 ◽  
Vol 2015 ◽  
pp. 1-6 ◽  
Author(s):  
Gina Gallegos-Garcia ◽  
Horacio Tapia-Recillas
Keyword(s):  
Key Agreement ◽  
Public Key Cryptography ◽  
Public Key ◽  
Electronic Voting ◽  
Certification Authority ◽  
Public Keys ◽  
Core Components ◽  
Identity Based ◽  
High Flexibility ◽  
Agreement Protocols

Electronic voting protocols proposed to date meet their properties based on Public Key Cryptography (PKC), which offers high flexibility through key agreement protocols and authentication mechanisms. However, when PKC is used, it is necessary to implement Certification Authority (CA) to provide certificates which bind public keys to entities and enable verification of such public key bindings. Consequently, the components of the protocol increase notably. An alternative is to use Identity-Based Encryption (IBE). With this kind of cryptography, it is possible to have all the benefits offered by PKC, without neither the need of certificates nor all the core components of a Public Key Infrastructure (PKI). Considering the aforementioned, in this paper we propose an electronic voting protocol, which meets the privacy and robustness properties by using bilinear maps.

scholarly journals Non-invertible Public Key Certificates

2020 ◽  
Author(s):  
Luis Lizama-Pérez ◽  
J. Mauricio López
Keyword(s):  
Public Key Infrastructure ◽  
Key Exchange ◽  
Public Key ◽  
Key Exchange Protocol ◽  
Forward Secrecy ◽  
Certification System ◽  
Perfect Forward Secrecy

Post-quantum public cryptosystems introduced so far do not define an scalable public key infrastructure for the quantum era. We demonstrate here a public certification system based in Lizama’s non-invertible Key Exchange Protocol which can be used to implement a public key infrastructure (PKI), secure, scalable, interoperable and efficient. We show functionality of certificates across different certification domains. Finally, we discuss that non-invertible certificates can exhibit Perfect Forward Secrecy (PFS).

scholarly journals Dynamic Public Key Certificates with Forward Secrecy

Electronics ◽  
2021 ◽  
Vol 10 (16) ◽  
pp. 2009
Author(s):  
Hung-Yu Chien
Keyword(s):  
Public Key Infrastructure ◽  
Public Key ◽  
Practical Reasons ◽  
Forward Secrecy ◽  
The Public ◽  
Private Key ◽  
Security Properties ◽  
The Subject ◽  
Key Exposure ◽  
Chameleon Hash

Conventionally, public key certificates bind one subject with one static public key so that the subject can facilitate the services of the public key infrastructure (PKI). In PKI, certificates need to be renewed (or revoked) for several practical reasons, including certificate expiration, private key breaches, condition changes, and possible risk reduction. The certificate renewal process is very costly, especially for those environments where online authorities are not available or the connection is not reliable. A dynamic public key certificate (DPKC) facilitates the dynamic changeover of the current public–private key pairs without renewing the certificate authority (CA). This paper extends the previous study in several aspects: (1) we formally define the DPKC; (2) we formally define the security properties; (3) we propose another implementation of the Krawczyk–Rabin chameleon-hash-based DPKC; (4) we propose two variants of DPKC, using the Ateniese–Medeiros key-exposure-free chameleon hash; (5) we detail two application scenarios.

scholarly journals A Provably Secure Revocable ID-Based Authenticated Group Key Exchange Protocol with Identifying Malicious Participants

2014 ◽  
Vol 2014 ◽  
pp. 1-10 ◽  
Author(s):  
Tsu-Yang Wu ◽  
Tung-Tso Tsai ◽  
Yuh-Min Tseng
Keyword(s):  
Key Exchange ◽  
Public Key ◽  
Key Exchange Protocol ◽  
Forward Secrecy ◽  
Group Key ◽  
Computation Technique ◽  
Group Key Exchange ◽  
Security Properties ◽  
Authenticated Group Key ◽  
Provably Secure

The existence of malicious participants is a major threat for authenticated group key exchange (AGKE) protocols. Typically, there are two detecting ways (passive and active) to resist malicious participants in AGKE protocols. In 2012, the revocable identity- (ID-) based public key system (R-IDPKS) was proposed to solve the revocation problem in the ID-based public key system (IDPKS). Afterwards, based on the R-IDPKS, Wu et al. proposed a revocable ID-based AGKE (RID-AGKE) protocol, which adopted a passive detecting way to resist malicious participants. However, it needs three rounds and cannot identify malicious participants. In this paper, we fuse a noninteractive confirmed computation technique to propose the first two-round RID-AGKE protocol with identifying malicious participants, which is an active detecting way. We demonstrate that our protocol is a provably secure AGKE protocol with forward secrecy and can identify malicious participants. When compared with the recently proposed ID/RID-AGKE protocols, our protocol possesses better performance and more robust security properties.

scholarly journals A Lightweight Authentication and Key Agreement Schemes for IoT Environments

Sensors ◽  
2020 ◽  
Vol 20 (18) ◽  
pp. 5350
Author(s):  
Dae-Hwi Lee ◽  
Im-Yeong Lee
Keyword(s):  
Key Agreement ◽  
Essential Element ◽  
Public Key Cryptography ◽  
Security Requirements ◽  
Public Key ◽  
Smart Devices ◽  
The Internet ◽  
Session Key ◽  
Authentication And Key Agreement ◽  
Lightweight Authentication

In the Internet of Things (IoT) environment, more types of devices than ever before are connected to the internet to provide IoT services. Smart devices are becoming more intelligent and improving performance, but there are devices with little computing power and low storage capacity. Devices with limited resources will have difficulty applying existing public key cryptography systems to provide security. Therefore, communication protocols for various kinds of participating devices should be applicable in the IoT environment, and these protocols should be lightened for resources-restricted devices. Security is an essential element in the IoT environment, so for secure communication, it is necessary to perform authentication between the communication objects and to generate the session key. In this paper, we propose two kinds of lightweight authentication and key agreement schemes to enable fast and secure authentication among the objects participating in the IoT environment. The first scheme is an authentication and key agreement scheme with limited resource devices that can use the elliptic curve Qu–Vanstone (ECQV) implicit certificate to quickly agree on the session key. The second scheme is also an authentication and key agreement scheme that can be used more securely, but slower than first scheme using certificateless public key cryptography (CL-PKC). In addition, we compare and analyze existing schemes and propose new schemes to improve security requirements that were not satisfactory.

scholarly journals Identity-Based Signature Schemes for Multivariate Public Key Cryptosystems

2019 ◽  
Vol 62 (8) ◽  
pp. 1132-1147 ◽  
Author(s):  
Jiahui Chen ◽  
Jie Ling ◽  
Jianting Ning ◽  
Jintai Ding
Keyword(s):  
General Scheme ◽  
Security Analysis ◽  
Distribution Center ◽  
Public Key ◽  
Signature Schemes ◽  
The Public ◽  
Public Key Cryptosystems ◽  
Unique Identity ◽  
Identity Based ◽  
Multivariate Public Key

Abstract In this paper, we proposed an idea to construct a general multivariate public key cryptographic (MPKC) scheme based on a user’s identity. In our construction, each user is distributed a unique identity by the key distribution center (KDC) and we use this key to generate user’s private keys. Thereafter, we use these private keys to produce the corresponding public key. This method can make key generating process easier so that the public key will reduce from dozens of Kilobyte to several bits. We then use our general scheme to construct practical identity-based signature schemes named ID-UOV and ID-Rainbow based on two well-known and promising MPKC signature schemes, respectively. Finally, we present the security analysis and give experiments for all of our proposed schemes and the baseline schemes. Comparison shows that our schemes are both efficient and practical.

A New Group Key Agreement Protocol with Anonymity

2013 ◽  
Vol 380-384 ◽  
pp. 2256-2261
Author(s):  
Gang Yao ◽  
Li Guo
Keyword(s):  
Privacy Protection ◽  
Key Agreement ◽  
Forward Secrecy ◽  
Session Key ◽  
Group Key ◽  
Group Key Agreement ◽  
Key Agreement Protocol ◽  
Perfect Forward Secrecy ◽  
Agreement Protocols ◽  
Group Key Agreement Protocol

Popularity of group-oriented applications motivates research on security protection for group communications. A number of group key agreement protocols have been proposed for this objective, but most current group key agreement protocols do not consider privacy protection. Group key agreement protocols for networks should also handle dynamic group membership events such as user join and leave events. The Join and Leave Protocols provide backward and forward secrecy respectively. In this paper, we proposed a new anonymous group key agreement protocol based on ID-based encryption cryptosystems. The proposed protocol not only benefits from the desirable features of ID-based cryptosystem, but also provides privacy protection for users. The proposed protocol achieves the following security attribute: anonymity, unlinkability, group key secrecy, group forward secrecy, group backward secrecy, perfect forward secrecy for the group session key and entity authentication.

Sign in / Sign up

Export Citation Format

Share Document