A nonlinear decomposition attack

2016 ◽  
Vol 8 (2) ◽  
Author(s):  
Vitaliĭ Roman’kov
Keyword(s):  
Key Agreement ◽  
Deterministic Algorithm ◽  
The Public ◽  
Diffie Hellman ◽  
Public Data ◽  
Algorithmic Problems ◽  
New Type ◽  
Nonlinear Decomposition ◽  
Polycyclic Groups ◽  
Agreement Protocols

AbstractThis paper introduces a new type of attack, termed a nonlinear decomposition attack, against two known group-based key agreement protocols, namely, protocol based on extensions of (semi)groups by endomorphisms introduced by Kahrobaei, Shpilrain et al., and the noncommutative Diffie–Hellman protocol introduced by Ko, Lee et al. This attack works efficiently in the case when finitely generated nilpotent (more generally, polycyclic) groups are used as platforms. This attack is based on a deterministic algorithm that finds the secret shared key from the public data in both the protocols under consideration. Furthermore, we show that in this case one can break the schemes without solving the algorithmic problems on which the assumptions are based. The efficacy of the attack depends on the platform group, so it requires a more thorough analysis in each particular case.

scholarly journals Implementation of a New Strongly-Asymmetric Algorithm and Its Optimization

Cryptography ◽  
2020 ◽  
Vol 4 (3) ◽  
pp. 21
Author(s):  
Koki Jimbo ◽  
Satoshi Iriyama ◽  
Massimo Regoli
Keyword(s):  
General Framework ◽  
Key Agreement ◽  
Public Key ◽  
Security Level ◽  
The Public ◽  
High Speeds ◽  
Diffie Hellman ◽  
New Public ◽  
Public Keys ◽  
Free Parameters

A new public key agreement (PKA) algorithm, called the strongly-asymmetric algorithm (SAA-5), was introduced by Accardi et al. The main differences from the usual PKA algorithms are that Bob has some independent public keys and Alice produces her public key by using some part of the public keys from Bob. Then, the preparation and calculation processes are essentially asymmetric. This algorithms has several free parameters more than the usual symmetric PKA algorithms and the velocity of calculation is largely dependent on the parameters chosen; however, the performance of it has not yet been tested. The purpose of our study was to discuss efficient parameters to share the key with high speeds in SAA-5 and to optimize SAA-5 in terms of calculation speed. To find efficient parameters of SAA-5, we compared the calculation speed with Diffie–Hellman (D-H) while varying values of some parameters under the circumstance where the length of the secret shared key (SSK) was fixed. For optimization, we discuss a more general framework of SAA-5 to find more efficient operations. By fixing the parameters of the framework properly, a new PKA algorithm with the same security level as SAA-5 was produced. The result shows that the calculation speed of the proposed PKA algorithm is faster than D-H, especially for large key lengths. The calculation speed of the proposed PKA algorithm increases linearly as the SSK length increases, whereas D-H increases exponentially.

Key Management

2011 ◽  
pp. 88-113
Author(s):  
Chuan-Kun Wu
Keyword(s):  
Secret Sharing ◽  
Key Management ◽  
Key Agreement ◽  
Public Key ◽  
Key Escrow ◽  
The Public ◽  
Cryptographic Algorithm ◽  
Diffie Hellman ◽  
Public Networks ◽  
Active Attacks

In secure communications, key management is not as simple as metal key management which is supposed to be in a key ring or simply put in a pocket. Suppose Alice wants to transmit some confidential information to Bob over the public networks such as the Internet, Alice could simply encrypt the message using a known cipher such as AES, and then transmit the ciphertext to Bob. However, in order to enable Bob to decrypt the ciphertext to get the original message, in traditional cipher system, Bob needs to have the encryption key. How to let Alice securely and efficiently transmit the encryption key to Bob is a problem of key management. An intuitive approach would be to use a secure channel for the key transmission; this worked in earlier years, but is not a desirable solution in today’s electronic world. Since the invention of public key cryptography, the key management problem with respect to secret key transmission has been solved, which can either employ the Diffie-Hellman key agreement scheme or to use a public key cryptographic algorithm to encrypt the encryption key (which is often known as a session key). This approach is secure against passive attacks, but is vulnerable against active attacks (more precisely the man-in-the-middle attacks). So there must be a way to authenticate the identity of the communication entities. This leads to public key management where the public key infrastructure (PKI) is a typical set of practical protocols, and there is also a set of international standards about PKI. With respect to private key management, it is to prevent keys to be lost or stolen. To prevent a key from being lost, one way is to use the secret sharing, and another is to use the key escrow technique. Both aspects have many research outcomes and practical solutions. With respect to keys being stolen, another practical solution is to use a password to encrypt the key. Hence, there are many password-based security protocols in different applications. This chapter presents a comprehensive description about how each aspect of the key management works. Topics on key management covered by this chapter include key agreement, group-based key agreement and key distribution, the PKI mechanisms, secret sharing, key escrow, password associated key management, and key management in PGP and UMTS systems.

Key Management

2013 ◽  
pp. 728-753
Author(s):  
Chuan-Kun Wu
Keyword(s):  
Secret Sharing ◽  
Key Management ◽  
Key Agreement ◽  
Public Key ◽  
Key Escrow ◽  
The Public ◽  
Cryptographic Algorithm ◽  
Diffie Hellman ◽  
Public Networks ◽  
Active Attacks

In secure communications, key management is not as simple as metal key management which is supposed to be in a key ring or simply put in a pocket. Suppose Alice wants to transmit some confidential information to Bob over the public networks such as the Internet, Alice could simply encrypt the message using a known cipher such as AES, and then transmit the ciphertext to Bob. However, in order to enable Bob to decrypt the ciphertext to get the original message, in traditional cipher system, Bob needs to have the encryption key. How to let Alice securely and efficiently transmit the encryption key to Bob is a problem of key management. An intuitive approach would be to use a secure channel for the key transmission; this worked in earlier years, but is not a desirable solution in today’s electronic world. Since the invention of public key cryptography, the key management problem with respect to secret key transmission has been solved, which can either employ the Diffie-Hellman key agreement scheme or to use a public key cryptographic algorithm to encrypt the encryption key (which is often known as a session key). This approach is secure against passive attacks, but is vulnerable against active attacks (more precisely the man-in-the-middle attacks). So there must be a way to authenticate the identity of the communication entities. This leads to public key management where the public key infrastructure (PKI) is a typical set of practical protocols, and there is also a set of international standards about PKI. With respect to private key management, it is to prevent keys to be lost or stolen. To prevent a key from being lost, one way is to use the secret sharing, and another is to use the key escrow technique. Both aspects have many research outcomes and practical solutions. With respect to keys being stolen, another practical solution is to use a password to encrypt the key. Hence, there are many password-based security protocols in different applications. This chapter presents a comprehensive description about how each aspect of the key management works. Topics on key management covered by this chapter include key agreement, group-based key agreement and key distribution, the PKI mechanisms, secret sharing, key escrow, password associated key management, and key management in PGP and UMTS systems.

Two general schemes of algebraic cryptography

2018 ◽  
Vol 0 (0) ◽  
Author(s):  
Vitaly Roman’kov
Keyword(s):  
Algebraic System ◽  
Decomposition Method ◽  
General Scheme ◽  
Search Problem ◽  
Algebraic Cryptanalysis ◽  
Algebraic Setting ◽  
Diffie Hellman ◽  
Algebraic Cryptography ◽  
Algorithmic Problems ◽  
Nonlinear Decomposition

AbstractIn this paper, we introduce two general schemes of algebraic cryptography. We show that many of the systems and protocols considered in literature that use two-sided multiplications are specific cases of the first general scheme. In a similar way, we introduce the second general scheme that joins systems and protocols based on automorphisms or endomorphisms of algebraic systems. Also, we discuss possible applications of the membership search problem in algebraic cryptanalysis. We show how an efficient decidability of the underlined membership search problem for an algebraic system chosen as the platform can be applied to show a vulnerability of both schemes. Our attacks are based on the linear or on the nonlinear decomposition method, which complete each other. We give a couple of examples of systems and protocols known in the literature that use one of the two introduced schemes with their cryptanalysis. Mostly, these protocols simulate classical cryptographic schemes, such as Diffie–Hellman, Massey–Omura and ElGamal in algebraic setting. Furthermore, we show that, in many cases, one can break the schemes without solving the algorithmic problems on which the assumptions are based.

Pembangunan Web Service Data Masyarakat Menggunakan REST API dengan Access Token

2018 ◽  
Vol 10 (1) ◽  
pp. 19-26 ◽  
Author(s):  
Muhammad Iqbal Perkasa ◽  
Eko Budi Setiawan
Keyword(s):  
Web Service ◽  
Job Search ◽  
Population Data ◽  
The Public ◽  
Public Data ◽  
Community Data ◽  
The Government ◽  
Rest Api ◽  
Service Application ◽  
Service Data

Data is one of the most important things in this information and information technology era that evolving now. Currently, the government still has not used the public data maximally for administrative purposes. Utilization of this big population data is the creation of a web service application system with REST API where this data will be open and accessible to those who have access. One of the institutions that use this service is the Manpower and Transmigration Service where this system can make the Dinas staff more efficient to create and register job search cards using available community data. This application is able to provide and facilitate many parties, such as data administrators to monitor data usage, registration employee in input data, and people able to register independently. Index Terms—Web service, API, Rest api, People data

Sign in / Sign up

Export Citation Format

Share Document