Filters








681 Hits in 4.7 sec

Report on Pairing-based Cryptography

Dustin Moody, Rene Peralta, Ray Perlner, Andrew Regenscheid, Allen Roginsky, Lily Chen
2015 Journal of Research of the National Institute of Standards and Technology  
Diffie-Hellman and MQV key agreement schemes.  ...  Indeed, the Internet Engineering Task Force (IETF) has started developing certain standards for some pairing-based cryptosystems.  ...  IBE in e-mail application as specified in the S/MIME working group of IETF is well standardized but may not be widely used for the reasons discussed above.  ... 
doi:10.6028/jres.120.002 pmid:26958435 pmcid:PMC4730686 fatcat:zxzb76skivd5zhfg5hmiohichq

Cryptography Standards in Quantum Time: New Wine in an Old Wineskin?

Lidong Chen
2017 IEEE Security and Privacy  
Now that public-key cryptography schemes like Diffie-Hellman key agreement ([2]) and RSA digital signatures ([3]) have become indispensable for our digitized life, the recent progress made on quantum computers  ...  compels us to look for quantum-resistant counterparts.  ...  The "Oakley group 1" for Internet Key Exchange (IKE) used a prime modulus of less than 800 bits in Diffie-Hellman key agreement, which is considered very weak with today's discrete logarithm algorithms  ... 
doi:10.1109/msp.2017.3151339 pmid:29333107 pmcid:PMC5766008 fatcat:z3gurwsxvvef3m6zrcq3tswacu

nQUIC: Noise-Based QUIC Packet Protection [article]

Mathias Hall-Andersen, David Wong, Nick Sullivan, Alishah Chator
2019 IACR Cryptology ePrint Archive  
We present nQUIC, a variant of QUIC-TLS that uses the Noise protocol framework for its key exchange and basis of its packet protector with no semantic transport changes. nQUIC is designed for deployment  ...  It uses a fixed key exchange algorithm, compromising agility for implementation and verification ease. nQUIC provides mandatory server and optional client authentication, resistance to Key Compromise Impersonation  ...  Acknowledgement We would like to thank Christopher Wood for his precious help.  ... 
dblp:journals/iacr/Hall-Andersen0S19 fatcat:euesavsrnvhqxes7nk4jfadmgi

The advantages of elliptic curve cryptography for wireless security

K. Lauter
2004 IEEE wireless communications  
The IETF has working groups drafting standards for S/MIME, IPSec, and Transparent Layer Security (TLS).  ...  IMPLEMENTATION REFINEMENTS FOR ELLIPTIC CURVE CRYPTOGRAPHY To implement the Diffie-Hellman Key Exchange with an elliptic curve group, many iterations of the group operation must be performed.  ...  Since 1999 she has been a researcher in the Cryptography and Anti-Piracy group at Microsoft Research, working on elliptic curve cryptography and related areas.  ... 
doi:10.1109/mwc.2004.1269719 fatcat:rdei23ylqnbypl2yw3572erbhi

On reusing ephemeral keys in Diffie-Hellman key agreement protocols

Alfred Menezes, Berkant Ustaoglu
2010 International Journal of Applied Cryptography  
A party may choose to reuse ephemeral public keys in a Diffie-Hellman key agreement protocol in order to reduce its computational workload or to mitigate against denial-of-service attacks.  ...  S/MIME S/MIME (version 3.1) is an IETF standard for securing email [20, 11, 10] .  ...  For example, the ANSI X9.42 [2] standard which specifies several Diffie-Hellman protocols states that an ephemeral key is a "private or public key that is unique for each execution of a cryptographic  ... 
doi:10.1504/ijact.2010.038308 fatcat:xnd6475otbcktclo4o6i5noct4

SoK: Password-Authenticated Key Exchange - Theory, Practice, Standardization and Real-World Lessons [article]

Feng Hao, Paul C. van Oorschot
2021 IACR Cryptology ePrint Archive  
To reduce confusion and encourage practical development, major standards bodies including IEEE, ISO/IEC and the IETF have worked towards standardizing PAKE schemes, with mixed results.  ...  Challenges have included contrasts between heuristic protocols and schemes with security proofs, and subtleties in the assumptions of such proofs rendering some schemes unsuitable for practice.  ...  This method is based on a Diffie-Hellman scheme with the server storing a password-derived Diffie-Hellman public key.  ... 
dblp:journals/iacr/HaoO21 fatcat:sxnpw4g2gnc3xajsj3t6wtkhei

Reactive and Proactive Standardisation of TLS [chapter]

Kenneth G. Paterson, Thyla van der Merwe
2016 Lecture Notes in Computer Science  
In the development of TLS 1.3, the IETF TLS Working Group has adopted an "analysis-prior-to-deployment" design philosophy. This is in sharp contrast to all previous versions of the protocol.  ...  for TLS 1.3.  ...  We thank Eric Rescorla and the anonymous reviewers of SSR 2016 for their valuable feedback on the paper.  ... 
doi:10.1007/978-3-319-49100-4_7 fatcat:33ngau3bv5a5lb3purmdqqtmxe

An Analysis of Hybrid Public Key Encryption [article]

Benjamin Lipp
2020 IACR Cryptology ePrint Archive  
This document presents a mechanized cryptographic analysis done with CryptoVerif, of all four HPKE modes, instantiated with a prime-order-group Diffie-Hellman Key Encapsulation Mechanism (KEM).  ...  Hybrid Public Key Encryption (HPKE) is a cryptographic primitive being standardized by the Crypto Forum Research Group (CFRG) within the Internet Research Task Force (IRTF).  ...  Wood, and Benjamin Beurdouche for helpful discussions on HPKE. The author thanks Bruno Blanchet for his advice with regards to CryptoVerif. The author thanks Christopher A.  ... 
dblp:journals/iacr/Lipp20 fatcat:cn3n7ic5kjhj7dtsrinsley5su

Efficient, DoS-Resistant, Secure Key Exchange for Internet Protocols [chapter]

Matt Blaze
2002 Lecture Notes in Computer Science  
We describe JFK, a new key exchange protocol, primarily designed for use in the IP Security Architecture. It is simple, efficient, and secure; we sketch a proof of the latter property.  ...  JFK also has a number of novel engineering parameters that permit a variety of trade-offs, most notably the ability to balance the need for perfect forward secrecy against susceptibility to denial-of-service  ...  Assuming that the responder accepts the Diffie-Hellman group in the initiator's message (rejections are discussed in Section 2.5), he replies with a signed copy of his own exponential (in the same group  ... 
doi:10.1007/3-540-45807-7_6 fatcat:jvx4rqip6rhsvdxh42ccddd4la

Efficient, DoS-resistant, secure key exchange for internet protocols

William Aiello, Steven M. Bellovin, Matt Blaze, John Ioannidis, Omer Reingold, Ran Canetti, Angelos D. Keromytis
2002 Proceedings of the 9th ACM conference on Computer and communications security - CCS '02  
We describe JFK, a new key exchange protocol, primarily designed for use in the IP Security Architecture. It is simple, efficient, and secure; we sketch a proof of the latter property.  ...  JFK also has a number of novel engineering parameters that permit a variety of trade-offs, most notably the ability to balance the need for perfect forward secrecy against susceptibility to denial-of-service  ...  Assuming that the responder accepts the Diffie-Hellman group in the initiator's message (rejections are discussed in Section 2.5), he replies with a signed copy of his own exponential (in the same group  ... 
doi:10.1145/586115.586118 fatcat:6so6oar63bb7bdm2xaz7njivzq

Efficient, DoS-Resistant, Secure Key Exchange for Internet Protocols [chapter]

William Aiello, Steven M. Bellovin, Matt Blaze, Ran Canetti, John Ioannidis, Angelos D. Keromytis, Omer Reingold
2002 Lecture Notes in Computer Science  
We describe JFK, a new key exchange protocol, primarily designed for use in the IP Security Architecture. It is simple, efficient, and secure; we sketch a proof of the latter property.  ...  JFK also has a number of novel engineering parameters that permit a variety of trade-offs, most notably the ability to balance the need for perfect forward secrecy against susceptibility to denial-of-service  ...  Assuming that the responder accepts the Diffie-Hellman group in the initiator's message (rejections are discussed in Section 2.5), he replies with a signed copy of his own exponential (in the same group  ... 
doi:10.1007/3-540-45807-7_5 fatcat:rv2sn7kbdvhf3ilzswgfbhos3u

Efficient, DoS-resistant, secure key exchange for internet protocols

William Aiello, Steven M. Bellovin, Matt Blaze, John Ioannidis, Omer Reingold, Ran Canetti, Angelos D. Keromytis
2002 Proceedings of the 9th ACM conference on Computer and communications security - CCS '02  
We describe JFK, a new key exchange protocol, primarily designed for use in the IP Security Architecture. It is simple, efficient, and secure; we sketch a proof of the latter property.  ...  JFK also has a number of novel engineering parameters that permit a variety of trade-offs, most notably the ability to balance the need for perfect forward secrecy against susceptibility to denial-of-service  ...  Assuming that the responder accepts the Diffie-Hellman group in the initiator's message (rejections are discussed in Section 2.5), he replies with a signed copy of his own exponential (in the same group  ... 
doi:10.1145/586110.586118 dblp:conf/ccs/AielloBBIRCK02 fatcat:vjcko6qlsnaklayhb47uoevsae

Prying Open Pandora's Box: KCI Attacks against TLS

Clemens Hlauschek, Markus Gruber, Florian Fankhauser, Christian Schanes
2015 Workshop on Offensive Technologies  
The TLS protocol includes a class of key agreement and authentication methods that are vulnerable to KCI attacks: non-ephemeral Diffie-Hellman key exchange with fixed Diffie-Hellman client authentication  ...  The industry standard for doing this is TLS. The TLS protocol supports a multitude of key agreement and authentication options which provide various different security guarantees.  ...  "Thank you"s also go to Lucas Telefont for helping us with our tests on Mac OS X; to the anonymous reviewers for their valuable comments and accurate reading of the paper; to the principal author's master  ... 
dblp:conf/woot/HlauschekGFS15 fatcat:fm6wuvlkavdlrbnryhvq6xlcuu

Cloud And Parallel Network File System Using Authenticated Key Exchange Protocols

2016 International Journal of Science and Research (IJSR)  
The system work focuses on the current Internet standard for such file systems, i.e., parallel Network File System (pNFS), which makes use of Kerberos to establish parallel session keys between clients  ...  Already we studied the issues of key establishment for secure many-to-many communications.  ...  The NFS protocol has since then evolved into an open standard defined by the IETF Network Working Group [49], [9], [45]. Figure 1 : 1 Figure 1: The conceptual model of pNFS.  ... 
doi:10.21275/v5i5.nov163973 fatcat:zem74bm3wvbtjmvdsvey2egx4a

Efficient Key Agreement for Merging Clusters in Ad-Hoc Networking Environments [chapter]

Sooyeon Shin, Taekyoung Kwon
2005 Lecture Notes in Computer Science  
In general, two ways can be considered for this; 1) to agree on a new group key, and 2) to reuse the established group key which is used before merging.  ...  When nodes of each cluster have already agreed on their own group keys and intend to merge themselves for further secure communications, our scheme can be used in an efficient and secure way.  ...  MANET Working group in IETF (Internet Engineering Task Force) works for standardization of such ad-hoc networks and mainly decides standards of routing protocols.  ... 
doi:10.1007/11596042_102 fatcat:aa4flkmwjzbmrh2o3qohxj66ei
« Previous Showing results 1 — 15 out of 681 results