The Existence of One-Way Functions

Under the assumption that there exist one-way functions, then we obtain a contradiction following a solid argumentation and therefore, one-way functions do not exist by contraposition. Hence, function problems such as the integer factorization of two large primes can be solved efficiently. In this way, we prove that is not safe many of the encryption and authentication methods such as the public-key cryptography. It could be the case that $P = NP$ or $P \neq NP$, even though there are no one-way functions. However, this result proves that $P = UP$.

Broadcast Proxy Reencryption Based on Certificateless Public Key Cryptography for Secure Data Sharing

Broadcast proxy reencryption (BPRE), which combines broadcast encryption (BE) and proxy reencryption (PRE), is a technology used for the redistribution of data uploaded on the cloud to multiple users. BPRE reencrypts data encrypted by the distributor and then uploads it to the cloud into a ciphertext that at a later stage targets multiple recipients. As a result of this, flexible data sharing is possible for multiple recipients. However, various inefficiencies and vulnerabilities of the BE, such as the recipient anonymity problem and the key escrow problem, also creep into BPRE. Our aim in this study was to address this problem of the existing BPRE technology. The partial key verification problem that appeared in the process of solving the key escrow problem was solved, and the computational efficiency was improved by not using bilinear pairing, which requires a lot of computation time.

Securing the Automatic Identification System (AIS): Using public key cryptography to prevent spoofing whilst retaining backwards compatibility

The civilian Automatic Identification System (AIS) has no inherent protection against spoofing. Spoofed AIS messages have the potential to interfere with the safe navigation of a vessel by, amongst other approaches, spoofing maritime virtual aids to navigation and/or differential global navigation satellite system (DGNSS) correction data conveyed across it. Acting maliciously, a single transmitter may spoof thousands of AIS messages per minute with the potential to cause considerable nuisance; compromising information provided by AIS intended to enhance the mariner's situational awareness. This work describes an approach to authenticate AIS messages using public key cryptography (PKC) and thus provide unequivocal evidence that AIS messages originate from genuine sources and so can be trusted. Improvements to the proposed AIS authentication scheme are identified which address a security weakness and help avoid false positives to spoofing caused by changes to message syntax. A channel loading investigation concludes that sufficient bandwidth is available to routinely authenticate all AIS messages whilst retaining backwards compatibility by carrying PKC ‘digital signatures’ in a separate VHF Data Exchange System (VDES) side channel.

Picpass Algorithm for Solution of Key Exchange Problem in Symmetric and Asymmetric Key Cryptography

In this dissertation a PicPass algorithm is proposed for the solution of Key Exchange problem using Symmetric and Asymmetric key cryptography. Diffie and Hellman proposed an algorithm for key exchange. But this algorithm suffers from Man-in middle attack. So to overcome this problem Seo proposed another algorithm that uses text password for the agreement between two parties. But again the password suffers from offline dictionary attack. In this, a PicPass Protocol i.e. picture is used as a password to make an agreement between two parties. The protocol contains two function i.e. picture function as well as distortion function is used to make picture in a compact size and then it is sent to receiver. Firstly the sender encrypts the Plain Text using Secret Picture and creates the Cipher Text using Symmetric key cryptography.Then the Secret Picture will be encrypted by covered picture resulting into Encrypted Picture.Now the Cipher Text and Encrypted Picture will be placed into digital envolpe and then the envelope will be send to the receiver. The receiver will receive the digital envelope, open it and then decrypt the Encrypted Picture using his Key Picture. This will result the receiver to get the Secret Picture. Now the receiver will open the Cipher Text using the Secret Picture and get the Plain Text. In between if any person wants to predict the Encrypted Picture then he cannot guess as the picture will only be decrypted using the Secret Key which will be only with the receiver. So in this dissertation, a picture is used as a password to authenticate key exchange is that gives practical solution against offline dictionary attacks only by using both private and public key cryptography.

Analysis and software implementation of the modified cryptographic Vernam cipher and the Caesar cipher

Problem. Modern cryptography is a very important part of cybersecurity and confidentiality of many operations. It covers almost all parts of our lives, from e-commerce to specialized education of students. Goal. The advantage of symmetric key cryptography is that working with this method is very easy for users, as one key is used for encryption, as well as for decryption purposes, and this key must be secret and should be known only to the sender and recipient and no one else. On the other hand, public key cryptography has two keys. Unfortunately, this exposes the inherent security flaws, as the integrity of the encryption depends entirely on the password. It was decided to consider the implementation of a modified symmetric Vernam cipher that avoids these problems, and its modification and experimental studies should further strengthen data protection. Methodology. Higher mathematics, linear algebra are very important subjects. But if we want to encourage students with cryptography, we need to use all aspects of the IT cluster more effectively. Ideal for this is the implementation of algorithms and programs using programming languages. It is very important and useful for students studying Cybersecurity to illustrate where and how it is possible to create software implementations of encryption / decryption methods. Results. The article presents the analysis and implementation of the modified cryptographic Vernam cipher and Caesar cipher using a concept that combines modern programming languages and the principles of cryptography, which students study in subject-oriented specialties. Originality. An original approach to teaching Cybersecurity students by implementing ciphers using applied programming is described. Practical value. Using cryptography as a learning tool will help students develop their programming skills and effectively understand the concept of cybersecurity in real-world examples.

ENHANCED MULTI-DEVICE TWO-FACTOR AUTHENTICATION USING PUBLIC-KEY CRYPTOGRAPHY

This paper proposes a secure two-factor authentication (TFA) system that relies on a password and a crypto-capable device. In cases like a compromise of communication lines, server or device vulnerabilities, and offline and online attacks on user passwords, the approach provides the highest feasible security bounds given the collection of compromised components. Using either SAS Message Authentication or any PIN-based Authentication, the suggested approach constructs a TFA scheme. The paper also proposes a secure software architecture for implementing an enhanced public key cryptography system for mobile applications and an efficient implementation of this modular structure that can use any password-based client-server authentication method without relying on risky single- layer password authentication architecture.

ENHANCED MULTI-DEVICE TWO-FACTOR AUTHENTICATION USING PUBLIC-KEY CRYPTOGRAPHY

This paper proposes a secure two-factor authentication (TFA) system that relies on a password and a crypto-capable device. In cases like a compromise of communication lines, server or device vulnerabilities, and offline and online attacks on user passwords, the approach provides the highest feasible security bounds given the collection of compromised components. Using either SAS Message Authentication or any PIN-based Authentication, the suggested approach constructs a TFA scheme. The paper also proposes a secure software architecture for implementing an enhanced public key cryptography system for mobile applications and an efficient implementation of this modular structure that can use any password-based client-server authentication method without relying on risky single- layer password authentication architecture.

A Multi-Message Multi-Receiver Signcryption Scheme with Edge Computing for Secure and Reliable Wireless Internet of Medical Things Communications

Thanks to recent advancements in biomedical sensors, wireless networking technologies, and information networks, traditional healthcare methods are evolving into a new healthcare infrastructure known as the Internet of Medical Things (IoMT). It enables patients in remote areas to obtain preventative or proactive healthcare services at a cheaper cost through the ease of time-independent interaction. Despite the many benefits of IoMT, the ubiquitously linked devices offer significant security and privacy concerns for patient data. In the literature, several multi-message and multi-receiver signcryption schemes have been proposed that use traditional public-key cryptography, identity-based cryptography, or certificateless cryptography methods to securely transfer patient health-related data from a variety of biomedical sensors to healthcare professionals. However, certificate management, key escrow, and key distribution are all complications with these methods. Furthermore, in terms of IoMT performance and privacy requirements, they are impractical. This article aims to include edge computing into an IoMT with secure deployment employing a multi-message and multi-receiver signcryption scheme to address these issues. In the proposed method, certificate-based signcryption and hyperelliptic curve cryptography (HECC) have been coupled for excellent performance and security. The cost study confirms that the proposed scheme is better than the existing schemes in terms of computational and communication costs.

A Secure and Efficient Multi-Factor Authentication Algorithm for Mobile Money Applications

With the expansion of smartphone and financial technologies (FinTech), mobile money emerged to improve financial inclusion in many developing nations. The majority of the mobile money schemes used in these nations implement two-factor authentication (2FA) as the only means of verifying mobile money users. These 2FA schemes are vulnerable to numerous security attacks because they only use a personal identification number (PIN) and subscriber identity module (SIM). This study aims to develop a secure and efficient multi-factor authentication algorithm for mobile money applications. It uses a novel approach combining PIN, a one-time password (OTP), and a biometric fingerprint to enforce extra security during mobile money authentication. It also uses a biometric fingerprint and quick response (QR) code to confirm mobile money withdrawal. The security of the PIN and OTP is enforced by using secure hashing algorithm-256 (SHA-256), a biometric fingerprint by Fast IDentity Online (FIDO) that uses a standard public key cryptography technique (RSA), and Fernet encryption to secure a QR code and the records in the databases. The evolutionary prototyping model was adopted when developing the native mobile money application prototypes to prove that the algorithm is feasible and provides a higher degree of security. The developed applications were tested, and a detailed security analysis was conducted. The results show that the proposed algorithm is secure, efficient, and highly effective against the various threat models. It also offers secure and efficient authentication and ensures data confidentiality, integrity, non-repudiation, user anonymity, and privacy. The performance analysis indicates that it achieves better overall performance compared with the existing mobile money systems.

Twisted Edwards Elliptic Curves for Zero-Knowledge Circuits

Circuit-based zero-knowledge proofs have arose as a solution to the implementation of privacy in blockchain applications, and to current scalability problems that blockchains suffer from. The most efficient circuit-based zero-knowledge proofs use a pairing-friendly elliptic curve to generate and validate proofs. In particular, the circuits are built connecting wires that carry elements from a large prime field, whose order is determined by the number of elements of the pairing-friendly elliptic curve. In this context, it is important to generate an inner curve using this field, because it allows to create circuits that can verify public-key cryptography primitives, such as digital signatures and encryption schemes. To this purpose, in this article, we present a deterministic algorithm for generating twisted Edwards elliptic curves defined over a given prime field. We also provide an algorithm for checking the resilience of this type of curve against most common security attacks. Additionally, we use our algorithms to generate Baby Jubjub, a curve that can be used to implement elliptic-curve cryptography in circuits that can be validated in the Ethereum blockchain.