14 Hits in 9.7 sec

On the Security of Authenticated Group Key Agreement Protocols

Suman Bala, Gaurav Sharma, Hmani Bansal, Tarunpreet Bhatia
2019 Scalable Computing : Practice and Experience  
The protocols presented by Gupta and Biswas have been found insecure to ephemeral secret key leakage (ESL) attack and also, malicious insiders can impersonate an honest participant.  ...  The group key agreement protocol enables to derive a shared session key for the remote members to communicate securely.  ...  To fix the above attack, one solution is to use a signature such that the leakage of private key can be avoided on the leakage of ephemeral secrets while other solution suggests to mask the ephemeral secret  ... 
doi:10.12694/scpe.v20i1.1440 fatcat:52dy6kz66zehvg6prkgvj5dslq

Integrating identity-based and certificate-based authenticated key exchange protocols

Berkant Ustaoğlu
2011 International Journal of Information Security  
Keywords Authenticated key establishment · Certificate-based protocols · ID-based protocols · Shared static state · ID-PKI integration Motivation Authenticated key exchange (AKE), along with public key  ...  In this work, we offer an alternative where a user needs to keep a single static key pair and can subsequently engage in a session key establishment with peers holding certificates or identity-based keys  ...  Huang and Cao [14] showed that there is no inherent difficulty to devise ID-AKE protocols that are resilient to test session ephemeral leakage, something not considered in previous ID-AKE protocols.  ... 
doi:10.1007/s10207-011-0136-3 fatcat:6awtwuwixbgb3nmggxsmrrccui

A Twofold Group Key Agreement Protocol for NoC based MPSoCs

Gaurav Sharma, Veronika Kuchta, Rajeev Anand Sahu, Soultana Ellinidou, Olivier Markowitch, Jean-Michel Dricot
2018 2018 16th Annual Conference on Privacy, Security and Trust (PST)  
In order to combine both the functionalities, a hybrid key agreement protocol is needed, which can output a shared symmetric key for inside communication and an asymmetric key pair for any unrestricted  ...  A symmetric group key agreement protocol enables the group members to derive a shared session key for secure communication among them, whereas an asymmetric one facilitates security to any communication  ...  ACKNOWLEDGMENT This research has been performed in the context of Self-Organising circuits For Interconnected, Secure and Template computing (SOFIST) project, supported by Project ARC (Concerted Research  ... 
doi:10.1109/pst.2018.8514117 dblp:conf/pst/0006KSEMD18 fatcat:6rf2pr6yvzfy7kiq3kv2obq27u

A Pairing-Free, One Round Identity Based Authenticated Key Exchange Protocol Secure Against Memory-Scrapers

Suvradip Chakraborty, Srinivasan Raghuraman, C. Pandu Rangan
2016 Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications  
In order to realistically capture these advanced classes of threats posed by such malwares we propose a new security model for identity-based authenticated key exchange (ID-AKE) which we call the Identity  ...  ., single round) ID-AKE protocol for two-party settings. Our design assumes a hybrid system equipped with a bare minimal Trusted Platform Module (TPM) that can only perform group exponentiations.  ...  Note that the challenger does not have the master secret key s 1 to generate the private keys of users.  ... 
doi:10.22667/jowua.2016.03.31.001 dblp:journals/jowua/ChakrabortyRR16 fatcat:pe2gbf24qna6veuebc2arc4iva

A strongly secure identity-based authenticated group key exchange protocol

JiKai Teng, ChuanKun Wu, ChunMing Tang, YouLiang Tian
2015 Science China Information Sciences  
The EGBG model takes ephemeral secret key leakage attack into consideration. Until now, there is no ID-based GKE protocol secure in the EGBG model.  ...  An identity-based protocol is preferred to that under the employment of traditional public key infrastructure (PKI), since identity-based cryptosystem can simplify public key management procedure.  ...  of long-term private keys and ephemeral secret keys of users in test session, but it is not allowed to obtain both the long-term private key and the ephemeral secret key of one user.  ... 
doi:10.1007/s11432-014-5271-9 fatcat:najy4lhw4zaalkxiwqwmtbandu

An ID-based authenticated key exchange protocol based on bilinear Diffie-Hellman problem

Hai Huang, Zhenfu Cao
2009 Proceedings of the 4th International Symposium on Information, Computer, and Communications Security - ASIACCS '09  
The main issue is that without static private key it is difficult for simulator to fully support the SessionKeyReveal and EphemeralKeyReveal queries.  ...  In this paper,we present a new ID-based authenticated key exchange (ID-AKE) protocol based on the trapdoor test technique.  ...  Later, the shared session key can be used to efficiently ensure data confidentiality and integrity between A and B using efficient symmetric encryptions and message authentication codes.  ... 
doi:10.1145/1533057.1533101 dblp:conf/ccs/HuangC09 fatcat:avfxm4kwunbshjt223ql2kz6wu

Certificateless Secure Upload for Drive-Thru Internet

Jun Song, Yanyan Zhuang, Jianping Pan, Lin Cai
2011 2011 IEEE International Conference on Communications (ICC)  
In this paper, we focus on the latter, particularly for vehicles to upload to roadside units, the socalled drive-thru Internet, in a secure and efficient manner.  ...  We implement and evaluate the proposed scheme, and also investigate how to mitigate the security overhead through the separation of security association and data transfer in a drive-thru Internet.  ...  Unknown key-share attack [7] session identifier and MAC values, CDH or DDH, etc. Leakage of ephemeral keys [7] e.g., M, U, α, β, λ 4 , CDH, etc.  ... 
doi:10.1109/icc.2011.5962528 dblp:conf/icc/SongZPC11 fatcat:se5uxrqjirfp5ktlkijdzu7btq

Security Protocols in a Nutshell [article]

Mohsen Toorani
2016 arXiv   pre-print
Furthermore, a survey on computational security models for authenticated key exchange (AKE) and password-authenticated key exchange (PAKE) protocols, as the most important and well-studied type of security  ...  Security protocols are considered abstract when analyzed, but they can have extra vulnerabilities when implemented. This manuscript provides a holistic study on security protocols.  ...  Acknowledgment The author would like to thank Øyvind Ytrehus for helpful comments and discussions.  ... 
arXiv:1605.09771v2 fatcat:mkbc3in6tvdo7madnvqaxogbfq

S6AE: Securing 6LoWPAN Using Authenticated Encryption Scheme

Muhammad Tanveer, Ghulam Abbas, Ziaul Haq Abbas, Muhammad Waqas, Fazal Muhammad, Sunghwan Kim
2020 Sensors  
Upon successful authentication, sensor nodes and the central server can establish the secret key for secure communications.  ...  This paper presents a lightweight Authentication and Key Exchange (AKE) scheme for 6LoWPAN using an authenticated encryption algorithm and hash function.  ...  It • calculates the master key K m by computing K m = H(ID cs r cs ), where ID cs is the real identity of CS and r cs is a random number.  ... 
doi:10.3390/s20092707 pmid:32397469 fatcat:hoh2e2axzfh5vgwxplyossbpyu

Authentication Protocols for Internet of Things: A Comprehensive Survey

Mohamed Amine Ferrag, Leandros A. Maglaras, Helge Janicke, Jianmin Jiang, Lei Shu
2017 Security and Communication Networks  
In addition a taxonomy and comparison of authentication protocols that are developed for the IoT in terms of network model, specific security goals, main processes, computation complexity, and communication  ...  Based on the current survey, open issues are identified and future research directions are proposed.  ...  The protocol [65] uses multiplicative secret sharing technique [164] where the user can generate one-time pseudonym private key pairs and leakageresilient locally.  ... 
doi:10.1155/2017/6562953 fatcat:xehq47dklvfnxeljd6wvrksmaq

Online) International Journal of Network Security is published both in traditional paper form

Min-Shiang Hwang, Shu-Fen Chiou, Chia-Chun Wu, Cheng-Yi Yang, Ajith Abraham, Korea, Wael Adi, Iqbal Sheikh, Ahamed, Vijay Atluri, Mauro Barni, Andrew Blyth (+100 others)
2016 International Journal of Network Security   unpublished
Certificateless-based signature can also overcome the certificate management problem and the key escrow problem of the traditional signature system.  ...  For this reason, we do not need the certificate authority (CA) to store and manage users' certificates and public keys.  ...  Acknowledgments Acknowledgments This study was supported by the National Science Council of Taiwan under grant NSC102-2221-E-468-020 and NSC101-2622-E-468-002-CC3.  ... 

A Privacy Preserving Framework For Cyber-Physical Systems And Its Integration In Real World Applications

Haodong Wang
In this dissertation, an efficient public key security primitives, WM-ECC, has been implemented for TelosB and MICAz, the two major hardware platform in current sensor networks.  ...  Recent advances in efficient public key schemes, such as ECC, have already shown the feasibility to use public key schemes on low power devices including sensor motes.  ...  . + Pn ak.  ... 
doi:10.21220/s2-75t7-bw53 fatcat:ql24svjaifhhjlzlkoewzohe6m

Transcript Collision Attacks: Breaking Authentication in TLS, IKE, and SSH

Karthikeyan Bhargavan, Gaetan Leurent
2016 Proceedings 2016 Network and Distributed System Security Symposium   unpublished
We identify a new class of transcript collision attacks on key exchange protocols that rely on efficient collisionfinding algorithms on the underlying hash constructions.  ...  In response to high-profile attacks that exploit hash function collisions, software vendors have started to phase out the use of MD5 and SHA-1 in third-party digital signature applications such as X.509  ...  Like other AKE protocols, SIGMA' aims to prevent message tampering, peer impersonation, and session key leakage, even if the network and other clients and servers are under the control of the adversary  ... 
doi:10.14722/ndss.2016.23418 fatcat:zvxy46wzbzbjxplfcevzo7tgwy

Protocols for Connecting Blockchains with Off-chain Systems

Fan Zhang
endows smart contracts with privacy by storing secrets and performing computation in off-chain committees. (3) resource-efficient consensus that achieves Proof of Work style consensus while avoiding wasteful  ...  Worse yet, smart contracts inherit blockchains' lack of confidentiality and poor efficiency. This thesis introduces solutions to these problems by connecting blockchains with off-chain systems.  ...  an ecosystem in which users control their identities and data by means of private keys.  ... 
doi:10.7298/jw55-g827 fatcat:2f6qobvuvzenllmhxgoubz7woe