scholarly journals Preventing Potential Backdoors in Bike Algorithm

2019 ◽  
Vol 73 (1) ◽  
pp. 179-193
Author(s):  
Pavol Zajac ◽  
Peter Špaček
Keyword(s):  
Public Key ◽  
Covert Channel ◽  
Covert Channels ◽  
The Public ◽  
Weak Keys ◽  
Public Execution ◽  
Public Keys ◽  
Cryptographic Algorithms ◽  
Key Encapsulation Mechanism ◽  
Security Device

Abstract BIKE suite of algorithms is one of the candidates in NIST call for public-key post-quantum cryptographic algorithms. It is a key-encapsulation mechanism based on QC-MDPC codes with purely ephemeral keys. The security device implementing such an algorithm therefore needs to generate multiple key pairs in its lifetime very efficiently. In our paper we explore the situation where BigBrother-type adversary can subtly corrupt the vendor(s) of the security devices (e.g., by altering the standard algorithms). In our model, BigBrother cannot preload the keys or synchronize the key generator by a covert channel, but is able to learn the secrets of security devices by observing the public execution of the KEM protocols. BigBrother typically obtains the secret through the usage of (masked) weak keys. However, we can also imagine other covert channels embedded into the ephemeral public keys by some unknown algorithm. To prevent these classes of attacks, we propose that the standard should explicitly specify a verifiable algorithm to transform the required key randomness into a set of keys.

scholarly journals Analisis dan Implementasi Algoritma Asimetris Dual Modulus RSA (DM-RSA) pada Aplikasi Chat

2021 ◽  
Vol 5 (4) ◽  
pp. 768-773
Author(s):  
Aminudin ◽  
Ilyas Nuryasin
Keyword(s):  
Prime Numbers ◽  
Public Key ◽  
Generation Process ◽  
Key Generation ◽  
The Public ◽  
Asymmetric Model ◽  
Rsa Algorithm ◽  
Private Key ◽  
Public Keys ◽  
Cryptographic Algorithms

The RSA algorithm is one of the cryptographic algorithms with an asymmetric model where the algorithm has two keys, namely the public key and the private key. However, as time goes on, these algorithms are increasingly exposed to security holes and make this algorithm vulnerable to being hacked by people who do not have authority. The vulnerability stems from the algorithm's public keys (e and n). The strength of the RSA algorithm is based on the difficulty of factoring two prime numbers that are generated during the key generation process, if these values ​​can be known using certain methods, the public key and private key values ​​will be found. Therefore, there are many studies that improvise the RSA algorithm, one of which is the Dual Modulus RSA (DM-RSA) algorithm. The algorithm uses four prime numbers which produce 2 modulus and 4 keys (2 public keys and 2 private keys). From the results of the Kraitchik factorization test, it was found that the DM-RSA algorithm was proven to be more resistant up to 2 times or even more than the standard RSA algorithm. This is evidenced by the fact that the value of n is 24 bits, the RSA algorithm can last up to 63204 ms (1 minute 22 seconds) while the Dual Modulus RSA algorithm lasts up to 248494123 ms (142 minutes 47 seconds).  

scholarly journals Another Step in the Ladder of DNS-Based Covert Channels: Hiding Ill-Disposed Information in DNSKEY RRs

Information ◽  
2019 ◽  
Vol 10 (9) ◽  
pp. 284
Author(s):  
Marios Anagnostopoulos ◽  
John André Seem
Keyword(s):  
Network Protocols ◽  
Public Key ◽  
Security Policies ◽  
Covert Channel ◽  
Proof Of Concept ◽  
Covert Channels ◽  
The Public ◽  
Private Data ◽  
Internal Network ◽  
Security Incidents

Covert channel communications are of vital importance for the ill-motivated purposes of cyber-crooks. Through these channels, they are capable of communicating in a stealthy way, unnoticed by the defenders and bypassing the security mechanisms of protected networks. The covert channels facilitate the hidden distribution of data to internal agents. For instance, a stealthy covert channel could be beneficial for the purposes of a botmaster that desires to send commands to their bot army, or for exfiltrating corporate and sensitive private data from an internal network of an organization. During the evolution of Internet, a plethora of network protocols has been exploited as covert channel. DNS protocol however has a prominent position in this exploitation race, as it is one of the few protocols that is rarely restricted by security policies or filtered by firewalls, and thus fulfills perfectly a covert channel’s requirements. Therefore, there are more than a few cases where the DNS protocol and infrastructure are exploited in well-known security incidents. In this context, the work at hand puts forward by investigating the feasibility of exploiting the DNS Security Extensions (DNSSEC) as a covert channel. We demonstrate that is beneficial and quite straightforward to embed the arbitrary data of an aggressor’s choice within the DNSKEY resource record, which normally provides the public key of a DNSSEC-enabled domain zone. Since DNSKEY contains the public key encoded in base64 format, it can be easily exploited for the dissemination of an encrypted or stego message, or even for the distribution of a malware’s binary encoded in base64 string. To this end, we implement a proof of concept based on two prominent nameserver software, namely BIND and NDS, and we publish in the DNS hierarchy custom data of our choice concealed as the public key of the DNS zone under our jurisdiction in order to demonstrate the effectiveness of the proposed covert channel.

scholarly journals Survey on Asymmetric Key Cryptographic Algorithms

2020 ◽  
pp. 404-408
Author(s):  
Sabitha S ◽  
Binitha V Nair
Keyword(s):  
Public Key Cryptography ◽  
Public Key ◽  
The Public ◽  
Private Key ◽  
Design And Implementation ◽  
Diffie Hellman ◽  
Encryption And Decryption ◽  
Cryptographic Algorithms ◽  
Symmetric Key ◽  
Symmetric Key Cryptography

Cryptography is an essential and effective method for securing information’s and data. Several symmetric and asymmetric key cryptographic algorithms are used for securing the data. Symmetric key cryptography uses the same key for both encryption and decryption. Asymmetric Key Cryptography also known as public key cryptography uses two different keys – a public key and a private key. The public key is used for encryption and the private key is used for decryption. In this paper, certain asymmetric key algorithms such as RSA, Rabin, Diffie-Hellman, ElGamal and Elliptical curve cryptosystem, their security aspects and the processes involved in design and implementation of these algorithms are examined.

scholarly journals Implementation of a New Strongly-Asymmetric Algorithm and Its Optimization

Cryptography ◽  
2020 ◽  
Vol 4 (3) ◽  
pp. 21
Author(s):  
Koki Jimbo ◽  
Satoshi Iriyama ◽  
Massimo Regoli
Keyword(s):  
General Framework ◽  
Key Agreement ◽  
Public Key ◽  
Security Level ◽  
The Public ◽  
High Speeds ◽  
Diffie Hellman ◽  
New Public ◽  
Public Keys ◽  
Free Parameters

A new public key agreement (PKA) algorithm, called the strongly-asymmetric algorithm (SAA-5), was introduced by Accardi et al. The main differences from the usual PKA algorithms are that Bob has some independent public keys and Alice produces her public key by using some part of the public keys from Bob. Then, the preparation and calculation processes are essentially asymmetric. This algorithms has several free parameters more than the usual symmetric PKA algorithms and the velocity of calculation is largely dependent on the parameters chosen; however, the performance of it has not yet been tested. The purpose of our study was to discuss efficient parameters to share the key with high speeds in SAA-5 and to optimize SAA-5 in terms of calculation speed. To find efficient parameters of SAA-5, we compared the calculation speed with Diffie–Hellman (D-H) while varying values of some parameters under the circumstance where the length of the secret shared key (SSK) was fixed. For optimization, we discuss a more general framework of SAA-5 to find more efficient operations. By fixing the parameters of the framework properly, a new PKA algorithm with the same security level as SAA-5 was produced. The result shows that the calculation speed of the proposed PKA algorithm is faster than D-H, especially for large key lengths. The calculation speed of the proposed PKA algorithm increases linearly as the SSK length increases, whereas D-H increases exponentially.

scholarly journals A novel method for developing post-quantum cryptoschemes and a practical signature algorithm

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Nikolay Andreevich Moldovyan ◽  
Dmitriy Nikolaevich Moldovyan
Keyword(s):  
Digital Signature ◽  
Practical Purpose ◽  
Multiplicative Group ◽  
Quantum Signature ◽  
Public Key ◽  
Signature Scheme ◽  
Associative Algebras ◽  
Content Type ◽  
The Public ◽  
Public Keys

PurposeThe practical purpose of this research is to propose a candidate for post-quantum signature standard that is free of significant drawback of the finalists of the NIST world competition, which consists in the large size of the signature and the public key. The practical purpose is to propose a fundamentally new method for development of algebraic digital signature algorithms.Design/methodology/approachThe proposed method is distinguished by the use of two different finite commutative associative algebras as a single algebraic support of the digital signature scheme and setting two different verification equation for a single signature. A single public key is computed as the first and the second public keys, elements of which are computed exponentiating two different generators of cyclic groups in each of the algebras.FindingsAdditionally, a scalar multiplication by a private integer is performed as final step of calculation of every element of the public key. The same powers and the same scalar values are used to compute the first and the second public keys by the same mathematic formulas. Due to such design, the said generators are kept in secret, providing resistance to quantum attacks. Two new finite commutative associative algebras, multiplicative group of which possesses four-dimensional cyclicity, have been proposed as a suitable algebraic support.Originality/valueThe introduced method is novel and includes new techniques for designing algebraic signature schemes that resist quantum attacks. On its base, a new practical post-quantum signature scheme with relatively small size of signature and public key is developed.

Security of Identity-Based Encryption Algorithms

2018 ◽  
pp. 4975-4984
Author(s):  
Kannan Balasubramanian ◽  
M. Rajakani
Keyword(s):  
Key Management ◽  
Public Key ◽  
The Public ◽  
Private Key ◽  
Identity Based Encryption ◽  
Public Keys ◽  
Identity Based ◽  
Encryption Algorithms ◽  
Encrypted Communication ◽  
E Mail

The concept of Identity Based Cryptography introduced the idea of using arbitrary strings such as e-mail addresses and IP Addresses to form public keys with the corresponding private keys being created by the Trusted Authority(TA) who is in possession of a system-wide master secret. Then a party, Alice who wants to send encrypted communication to Bob need only Bob's identifier and the system-wide public parameters. Thus the receiver is able to choose and manipulate the public key of the intended recipient which has a number of advantages. While IBC removes the problem of trust in the public key, it introduces trust in the TA. As the TA uses the system-wide master secret to compute private keys for users in the system, it can effectively recompute a private key for any arbitrary string without having to archive private keys. This greatly simplifies key management as the TA simply needs to protect its master secret.

Security of Identity-Based Encryption Algorithms

2019 ◽  
pp. 312-325
Author(s):  
Kannan Balasubramanian ◽  
M. Rajakani
Keyword(s):  
Key Management ◽  
Public Key ◽  
The Public ◽  
Private Key ◽  
Identity Based Encryption ◽  
Public Keys ◽  
Identity Based ◽  
Encryption Algorithms ◽  
Encrypted Communication ◽  
E Mail

The concept of identity-based cryptography introduced the idea of using arbitrary strings such as e-mail addresses and IP addresses to form public keys with the corresponding private keys being created by the trusted authority (TA) who is in possession of a systemwide master secret. Then a party, Alice, who wants to send encrypted communication to Bob need only Bob's identifier and the systemwide public parameters. Thus, the receiver is able to choose and manipulate the public key of the intended recipient which has a number of advantages. While IBC removes the problem of trust in the public key, it introduces trust in the TA. As the TA uses the systemwide master secret to compute private keys for users in the system, it can effectively recompute a private key for any arbitrary string without having to archive private keys. This greatly simplifies key management as the TA simply needs to protect its master secret.

Certificates and Public Key Infrastructure

2008 ◽  
pp. 217-245
Author(s):  
Manuel Mogollon
Keyword(s):  
Access Control ◽  
Digital Signature ◽  
Public Key Infrastructure ◽  
Public Key ◽  
Comprehensive System ◽  
Public Key Encryption ◽  
Control Data ◽  
The Public ◽  
Digital Certificates ◽  
Public Keys

In public-key encryption, the secrecy of the public key is not required, but the authenticity of the public key is necessary to guarantee its integrity and to avoid spoofing and playback attacks. A user’s public key can be authenticated (signed) by a certificate authority that verifies that a public key belongs to a specific user. In this chapter, digital certificates, which are used to validate public keys, and certificate authorities are discussed. When public-key is used, it is necessary to have a comprehensive system that provides public key encryption and digital signature services to ensure confidentiality, access control, data integrity, authentication, and non-repudiation. That system, public-key infrastructure or PKI, is also discussed in this chapter.

On the Security of Self-Certified Public Keys

2013 ◽  
pp. 124-130
Author(s):  
Cheng-Chi Lee ◽  
Min-Shiang Hwang ◽  
I-En Liao
Keyword(s):  
Information Security ◽  
The Self ◽  
Public Key ◽  
Secret Key ◽  
Slight Improvement ◽  
The Public ◽  
Public Keys

Many cryptosystems have been developed to solve the problem of information security, and some approaches are based on the self-certified public key proposed by Girault. In Girault’s scheme, the public key is computed cooperatively by both the system authority (SA) and the user. One of the advantages is that the public key is able to implicitly authenticate itself without any additional certificates. Another advantage is that the SA is not able to forge a public key without knowing the user’s secret key. Despite the advantages of Girault’s system, in this paper, the authors demonstrate that the system still suffers from two main weaknesses. As a result, the authors propose a slight improvement on Girault’s system.

Sign in / Sign up

Export Citation Format

Share Document