Your search keyword '"hybrid encryption"' showing total 184 results

101. Efficient Identity-Based Key Encapsulation to Multiple Parties

Author

Barbosa, M., Farshim, P., Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Dough, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, and Smart, Nigel P., editor

Published

2005

102. Hybrid Signcryption Schemes with Outsider Security : (Extended Abstract)

Author

Dent, Alexander W., Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Dough, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Zhou, Jianying, editor, Lopez, Javier, editor, Deng, Robert H., editor, and Bao, Feng, editor

Published

2005

103. Building a Cryptovirus Using Microsoft’s Cryptographic API

Author

Young, Adam L., Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Dough, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Zhou, Jianying, editor, Lopez, Javier, editor, Deng, Robert H., editor, and Bao, Feng, editor

Published

2005

104. Symmetric Subgroup Membership Problems

Author

Gjøsteen, Kristian, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Dough, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, and Vaudenay, Serge, editor

Published

2005

105. A Universally Composable Secure Channel Based on the KEM-DEM Framework

Author

Nagao, Waka, Manabe, Yoshifumi, Okamoto, Tatsuaki, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Dough, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, and Kilian, Joe, editor

Published

2005

106. A New Paradigm of Hybrid Encryption Scheme

Author

Kurosawa, Kaoru, Desmedt, Yvo, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Dough, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, and Franklin, Matt, editor

Published

2004

107. GEM: A Generic Chosen-Ciphertext Secure Encryption Method

Author

Jean-Sébastien, Coron, Handschuh, Helena, Joye, Marc, Paillier, Pascal, Pointcheval, David, Tymen, Christophe, Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, and Preneel, Bart, editor

Published

2002

108. Hybrid Encryption

Author

Kurosawa, Kaoru, van Tilborg, Henk C. A., editor, and Jajodia, Sushil, editor

Published

2011

109. SECURE HYBRID ENCRYPTION USING ECC IN CLOUDS.

Author

Danisha, Shaik, Bindu, C. Shoba, and Reddy, P. Dileep Kumar

Subjects

ELLIPTIC curve cryptography, DIGITAL signatures, CLOUD computing, DATA integrity, DATA security

Abstract

The evolution of the cloud computing furnishes a better way for the data storage. ABE with delegation is accustomed for accessing the data and keep it confidential. But this scheme faces some limitations like the cloud servers can replace the cipher text with some malignant intent. They may also cheat the eligible users as unauthorized ones. The cloud servers even face external threats like the security attacks. So, to protect against the security attacks and to preserve the data integrity in the cloud, a hybrid encryption with VD scheme is proposed by Xu et al. Even this scheme faces the challenges like having larger keys, more computational time and vulnerability to man-in-the-middle attacks. A secure Hybrid Encryption using ECC in clouds is proposed to overcome these problems. The application of Elliptic Curve Cryptography and its algorithms in the proposed work provides a greater security because of the Elliptic Curve Discrete Logarithm Problem. The proposed work ensures greater security with the aid of a smaller key size. It also ensures less computational time, less memory and communication bandwidth. [ABSTRACT FROM AUTHOR]

Published

2017

110. Blockchain-based multi-authority revocable data sharing scheme in smart grid.

Author

Yang XD, Liao ZF, Shu B, and Chen AJ

Abstract

In view of the problems of inefficient data encryption, non-support of malicious user revocation and data integrity checking in current smart grid data sharing schemes, this paper proposes a blockchain-based multi-authority revocable data sharing scheme in the smart grid. Using online/offline encryption technology with hybrid encryption technology enhances the encryption performance for the data owner. The use of user binary tree technology enables the traceability and revocability of malicious users. The introduction of multiple attribute authorization authorities eliminates the threat of collusive attacks that exist in traditional data-sharing schemes. In addition, the semi-honest problem of third-party servers is solved by uploading data verification credentials to the blockchain. The security analysis results show that the scheme can resist selective plaintext attacks and collusion attacks. The performance analysis results show that the proposed scheme has lower computational overhead and better functionality than similar schemes, which is suitable for secure data sharing in smart grids.

Published

2023

111. A Length-Invariant Hybrid Mix

Author

Ohkubo, Miyako, Abe, Masayuki, Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, and Okamoto, Tatsuaki, editor

Published

2000

112. Separations in circular security for arbitrary length key cycles, revisited.

Author

Chang, Jinyong, Dai, Honglong, Xu, Maozhi, and Xue, Rui

Subjects

DATA encryption, PUBLIC key cryptography, COMPUTER security, DATA security, INTERNET security

Abstract

The circular security of public key encryptions has been drawn great attentions in recent years. The relationship of notions between circular securities and standard ones such as chosen plaintext security (CPA-security) and chosen ciphertext security (CCA-security) deserve to be clarified. For any integer n > 0 and n ≠ 2, whether the notions of n-circular securities can be implied by that of their standard correspondences, such as CPA or CCA security in public key setting, has largely remained open. Koppula, Ramchen, and Waters in TCC'15 recently made a separation in CPA case by proposing a CPA secure scheme that is not n-circular secure based on the recent candidate constructions of indistinguishable obfuscation. In this work, we consider the CCA case. In particular, inspired by the indistinguishable-obfuscation-based construction of Koppula et al., we obtain the following results: We make a separation between the n-circular CCA security and CCA security for anyn>0. Specifically, we propose a hybrid encryption scheme that achieves the CCA security but fails even in the n-circular CPA security. Hence, that makes a separation between the CCA security and the n-circular CCA security (and even the n-circular CPA security)., By revising the previous construction, we also present a CCA secure (hybrid encryption) scheme, which allows an adversary to recover all secret keys when obtaining an encrypted key cycle. Hence, that implies that: if a key cycle arises in a system, then a passive adversary might be able to recover all secret keys even if CCA-secure encryptions are used., The results in this work, together with that of Koppula et al., confirm that notions of circular securities are stronger than their standard correspondences. Copyright © 2016 John Wiley & Sons, Ltd. [ABSTRACT FROM AUTHOR]

Published

2016

113. A Novel Idea on Multimedia Encryption Using Hybrid Crypto Approach.

Author

Iyer, Sridhar C., Sedamkar, R.R., and Gupta, Shiwani

Subjects

MULTIMEDIA systems, DATA encryption, HYBRID systems, CRYPTOGRAPHY, DATA security

Abstract

Data security is of utmost importance in today's world. Especially when the data is travelling through an insecure communication network. There are symmetric key encryption techniques which use only one key for both encryption and decryption of the data. They are simple in design but can be easily cracked using brute force attacks. The entire security of such a cipher could be compromised if the attacker anyhow gets access to the keys. On the other hand, there are asymmetric key based algorithms which use a pair of keys, one for encryption, and the other for decryption, whose security is higher as compared to the symmetric ones but lack in time efficiency. It is also difficult to manage such a huge base of key-pairs efficiently and safely. This paper mainly focusses on the implementation of a system capable of encryption and decryption of multimedia data (Text, Images, Videos, Audio etc.) using a hybrid model based on the amalgamation of symmetric encryption techniques such as AES and asymmetric techniques such as ECC. ECC is based on the toughness of the discrete logarithm problem (DLP), whose public key is short, network bandwidth is little and ability to resist to attack is strong which makes it really difficult to guess the keys. Even if the attacker gets access to any of the keys, he or she won’t be in a position to decipher it in a relatively finite amount of man-years. [ABSTRACT FROM AUTHOR]

Published

2016

114. Circuit Ciphertext-Policy Attribute-Based Hybrid Encryption with Verifiable Delegation in Cloud Computing.

Author

Xu, Jie, Wen, Qiaoyan, Li, Wenmin, and Jin, Zhengping

Subjects

*CLOUD computing, *WEB services, *CLOUD storage, *DISTRIBUTED computing, *DATA encryption

Abstract

In the cloud, for achieving access control and keeping data confidential, the data owners could adopt attribute-based encryption to encrypt the stored data. Users with limited computing power are however more likely to delegate the mask of the decryption task to the cloud servers to reduce the computing cost. As a result, attribute-based encryption with delegation emerges. Still, there are caveats and questions remaining in the previous relevant works. For instance, during the delegation, the cloud servers could tamper or replace the delegated ciphertext and respond a forged computing result with malicious intent. They may also cheat the eligible users by responding them that they are ineligible for the purpose of cost saving. Furthermore, during the encryption, the access policies may not be flexible enough as well. Since policy for general circuits enables to achieve the strongest form of access control, a construction for realizing circuit ciphertext-policy attribute-based hybrid encryption with verifiable delegation has been considered in our work. In such a system, combined with verifiable computation and encrypt-then-mac mechanism, the data confidentiality, the fine-grained access control and the correctness of the delegated computing results are well guaranteed at the same time. Besides, our scheme achieves security against chosen-plaintext attacks under the $k$ -multilinear Decisional Diffie-Hellman assumption. Moreover, an extensive simulation campaign confirms the feasibility and efficiency of the proposed solution. [ABSTRACT FROM AUTHOR]

Published

2016

115. Achieving CCA security from DCCA security more efficiently by using the KEM+DEM hybrid paradigm.

Author

Yuan Chen and Qingkuan Dong

Subjects

PLASTIC embedment of electronic equipment, DATA extraction, DATA encryption, DATA security, EMBEDDED computer systems

Abstract

Detectable Chosen Ciphertext (DCCA) security is a useful notion to achieve CCA security for public-key encryptions (PKE). An "inner-outer" structure can transform a DCCA-secure PKE into a CCA-secure one. In the structure, the "inner" layer encrypts both the message and the two embedded randomness, so a key encapsulated mechanism (KEM) + data encapsulation mechanism (DEM) hybrid paradigm helps to gain time efficiency. Nevertheless, the long "inner" ciphertext still makes the "outer" encryption less efficient. We show that the structure can be applied solely on the KEM part, and even the embedded randomness can be encrypted outside the structure by introducing a CCA-secure DEM. These reduce the length of the "inner" ciphertext, thus avoiding some redundant re-encryptions in the "outer" layer and offload as much of the work as possible from KEMs to faster DEMs. Combined with a recent improvement made on the "outer" layer, we can gain better time and space efficiency. Additionally, we prove that when a DCCA-secure KEM satisfies the so-called "translatability", a proper related-key secure DEM helps to achieve CCA security directly by applying the hybrid paradigm without any use of the less efficient "inner-outer" structure. [ABSTRACT FROM AUTHOR]

Published

2015

116. Using Fully Homomorphic Hybrid Encryption to Minimize Non-interative Zero-Knowledge Proofs.

Author

Gentry, Craig, Groth, Jens, Ishai, Yuval, Peikert, Chris, Sahai, Amit, and Smith, Adam

Subjects

HOMOMORPHISMS, DATA encryption, CRYPTOGRAPHY, ZERO-knowledge proofs, COMPUTER security

Abstract

A non-interactive zero-knowledge (NIZK) proof can be used to demonstrate the truth of a statement without revealing anything else. It has been shown under standard cryptographic assumptions that NIZK proofs of membership exist for all languages in NP. While there is evidence that such proofs cannot be much shorter than the corresponding membership witnesses, all known NIZK proofs for NP languages are considerably longer than the witnesses. Soon after Gentry's construction of fully homomorphic encryption, several groups independently contemplated the use of hybrid encryption to optimize the size of NIZK proofs and discussed this idea within the cryptographic community. This article formally explores this idea of using fully homomorphic hybrid encryption to optimize NIZK proofs and other related cryptographic primitives. We investigate the question of minimizing the communication overhead of NIZK proofs for NP and show that if fully homomorphic encryption exists then it is possible to get proofs that are roughly of the same size as the witnesses. Our technique consists in constructing a fully homomorphic hybrid encryption scheme with ciphertext size $$|m|+{\mathrm {poly}}(k)$$ , where $$m$$ is the plaintext and $$k$$ is the security parameter. Encrypting the witness for an NP-statement allows us to evaluate the NP-relation in a communication-efficient manner. We apply this technique to both standard non-interactive zero-knowledge proofs and to universally composable non-interactive zero-knowledge proofs. The technique can also be applied outside the realm of non-interactive zero-knowledge proofs, for instance to get witness-size interactive zero-knowledge proofs in the plain model without any setup or to minimize the communication in secure computation protocols. [ABSTRACT FROM AUTHOR]

Published

2015

117. A Hybrid Encryption Scheme for Quantum Secure Video Conferencing Combined with Blockchain.

Author

Zhu, Dexin, Zheng, Jun, Zhou, Hu, Wu, Jianan, Li, Nianfeng, and Song, Lijun

Subjects

*VIDEOCONFERENCING, *BLOCKCHAINS, *MEETING minutes, *COMPUTATIONAL complexity, *SECURITY systems, *PROBLEM solving

Abstract

Traditional video conference systems depend largely on computational complexity to ensure system security, but with the development of high-performance computers, the existing encryption system will be seriously threatened. To solve this problem, a hybrid encryption scheme for quantum secure video conferencing combined with blockchain is proposed in this study. In the system solution architecture, first, the quantum key distribution network is embedded in the classic network; then, the "classical + quantum" hybrid encryption scheme is designed according to the secret level required for the video conference content. Besides, the real-time monitoring module of the quantum key distribution network is designed to ensure that users can check the running state of the network at any time. Meeting minutes can be shared by combining with blockchain. In order to quickly query meeting minutes, a cache-efficient query method based on B+ tree is proposed. The experimental results show that compared with the traditional video conference system, the quantum secure video conference system sufficiently integrates the technical advantages of the quantum key distribution to resist the security threats such as channel eavesdropping and high-performance computational attacks while ensuring the stable operation of the classic system, thus providing a video conference system with a higher security level. Meanwhile, the query time cost of blockchain with different lengths is tested, and the query efficiency of the proposed method is 3.15-times higher than the original query efficiency of blockchain. [ABSTRACT FROM AUTHOR]

Published

2022

118. New method of key-dependent message security for asymmetric encryption.

Author

Lai, Qiqi, Hu, Yupu, Chen, Yuan, Wang, Baocang, and Wang, Fenghe

Subjects

PUBLIC key infrastructure (Computer security), MESSAGE authentication codes, DATA encryption, CRYPTOGRAPHY, COMPUTER access control

Abstract

Key-dependent message (KDM) security should be considered in the design of security protocols, especially for complicated ones, where the messages related to the secret key might be encrypted. In this paper, we present a new method of constructing a KDM secure asymmetric encryption scheme with the notation of hybrid encryption in the standard model; although the notation of hybrid encryption was thought as no help to get rid of dependencies between messages and the secret key. Our result can also be seen as a partial instantiation for a previously well-known KDM secure asymmetric encryption scheme based on random oracle. As we know, this has never been carried out before. And our result indicates a new cryptographic application for the primitive of lossy trapdoor function. Throughout the paper, our main idea is to archive KDM security by making use of both leakage-resilience and auxiliary-input security properties. Copyright © 2014 John Wiley & Sons, Ltd. [ABSTRACT FROM AUTHOR]

Published

2015

119. A new efficient signcryption scheme in the standard model.

Author

Yang, Zheng

Subjects

CRYPTOGRAPHY research, TELECOMMUNICATION security, COMPUTER security, INTERNET protocols, INTERNET industry -- Social aspects

Abstract

We introduce an efficient signcryption scheme for hybrid authenticated encryption that is provably secure in the standard model under a strong multiuser insider setting. Our new signcryption scheme is built on the basis of a variant of Boneh-Boyen short signature, which works under bilinear groups. The new construction idea is to reuse the signature value to derive the encryption key. This could dramatically save not only the computational cost but also the communication bandwidth. The session key security of the proposed scheme is reduced to a hard problem that is a variant of bilinear decisional Diffie-Hellman problem. Copyright © 2014 John Wiley & Sons, Ltd. [ABSTRACT FROM AUTHOR]

Published

2015

120. Comment on 'Circuit Ciphertext-Policy Attribute-Based Hybrid Encryption with Verifiable Delegation in Cloud Computing'

Abstract

The scheme [1] is flawed because: (1) its circuit access structure is confusingly described; (2) the cloud server cannot complete the related computations; (3) some users can conspire to generate new decryption keys, without the help of the key generation authority., SCOPUS: ar.j, info:eu-repo/semantics/published

Published

2020

121. A Secure Fine-Grained Access Control Mechanism for Networked Storage Systems.

Author

Lin, Hsiao-Ying, Kubiatowicz, John, and Tzeng, Wen-Guey

Abstract

Networked storage systems provide storage services for users over networks. Secure networked storage systems store encrypted data to guarantee data confidentiality. However, using encryption schemes somehow restricts the access control function over stored data. We address the access control function for a secure networked storage system by proposing a fine-grained access control mechanism. In our mechanism, a user cannot only read or write data but also grant the reading permissions of a single file or a whole directory of files to others with low cost. Moreover, these functions are supported in a confidential way against honest-but-curious storage servers. Our technical contribution is to propose a hybrid encryption scheme for a typical structure of a file system by integrating a hierarchical proxy re-encryption scheme and a hierarchical key assignment scheme. We measure the computation overhead for reading, writing, and granting operations by experiments. Our experimental results show that getting a finer access control mechanism does not cost much. [ABSTRACT FROM PUBLISHER]

Published

2012

122. DCCA-Secure Public-Key Encryptions from Hybrid Paradigms.

Author

Chen, Yuan, Chen, Xiaofeng, and Li, Hui

Abstract

Detectable Chosen Cipher text Security (DCCA security) is a security notion for Public-Key Encryptions proposed recently in [1]. A DCCA-secure encryption is not necessarily CCA-secure, but dangerous decryption queries can be detected and are not allowed to be requested to the decryption oracle. DCCA-secure schemes may helps in constructing of CCA-secure ones. In this paper, we show there are already DCCA-secure public-key encryptions from popular KEM+DEM style hybrid paradigms, and passive security for DEM is sufficient for achieving DCCA-secure hybrid PKEs both for KEM+DEM and Tag-KEM/DEM paradigms. Furthermore, two DCCA-secure Public-Key schemes constructed from CCA secure KEMs by using hybrid paradigms are presented, which fall outside any of the three cases pointed out in [1]. [ABSTRACT FROM PUBLISHER]

Published

2012

123. An Intrusion and Random-Number-Leakage Resilient Scheme in Mobile Unattended WSNs.

Author

Iida, Tatsuro, Emura, Keita, Miyaji, Atsuko, and Omote, Kazumasa

Abstract

In INFOCOM 2010, Pietro, Oligeri, Soriente, and Tsudik (POST) proposed an intrusion-resilient system with forward and backward secrecy in mobile Unattended Wireless Sensor Networks (UWSNs), where sensors move according to some mobility model (random jump model and random waypoint model). In the POST scheme, each sensor encrypts its ephemeral key $K$ as a plaintext by using the sink's public key, and sends this cipher text and the encrypted sensed data by $K$. Although the POST scheme recommends the hybrid encryption, it does not follow the conventional hybrid encryption usage, i.e., the POST scheme is not necessarily secure. More concretely, $K$ must be regarded as a plaintext of the underlying public key system, and therefore the POST scheme requires at least one more encryption procedure (i.e, encryptions for both $K$ and the data) compared with the conventional hybrid encryption procedure. In this paper, we scrutinize the original POST intrusion-resilient system. We set deployed information as a seed used for generating a random number (which is applied for public key encryption). This procedure follows the conventional hybrid encryption usage, and random-number-leakage problem does not occur. In conclusion, we improve the POST scheme from the viewpoint of both security and efficiency without spoiling significant benefit points of the original one. [ABSTRACT FROM PUBLISHER]

Published

2012

124. Hybrid and Adaptive Cryptographic-based secure authentication approach in IoT based applications using hybrid encryption.

Author

Patil, Kavitha S., Mandal, Indrajit, and Rangaswamy, C.

Subjects

ADVANCED Encryption Standard, ELLIPTIC curve cryptography, INTERNET of things, TELECOMMUNICATION systems

Abstract

The Internet of Things (IoT) in communication networks has gained major interest in recent decades. Accordingly, secure authentication of such individuals results in a major challenge due to the weakness in the authentication process. Hence, an effective Hybrid and Adaptive Cryptographic (HAC)-based secure authentication framework is designed in this research to perform an authentication process in IoT. The proposed approach uses cryptographic operations, like exclusive-or (Ex-or) operation, a hashing function, and hybrid encryption to accomplish the authentication process. However, the hybrid encryption function is carried out in two different ways: one depends on Advanced Encryption Standard (AES) as well as Elliptic Curve Cryptography (ECC), while other is based on Rivest Shamir Adleman (RSA) and AES. With a hybrid encryption function, security flaws can be effectively dealt through the cryptographic system. Moreover, the proposed approach provides high robustness with low complexity. The proposed HAC-based secure authentication approach obtained a minimum communication cost of 0.017sec, less computation time of 0.060sec, and minimum memory usage of 2.502MB, respectively. [ABSTRACT FROM AUTHOR]

Published

2022

125. RCCA security for KEM+DEM style hybrid encryptions and a general hybrid paradigm from RCCA-secure KEMs to CCA-secure encryptions.

Author

Yuan, Chen and Qingkuan, Dong

Subjects

PUBLIC key cryptography, DATA encryption, COMPUTER network security, CIPHERS, COMPUTER security research

Abstract

ABSTRACT Replayable chosen-ciphertext attack (RCCA) security is a weaker notion than chosen-ciphertext attack (CCA) security and has been proven to be sufficient for several cryptographic tasks. However, it is open to construct RCCA-secure schemes more efficient than CCA-secure ones. This paper adapts RCCA security to the most popular hybrid paradigms, KEM+DEM and Tag-KEM/DEM. For KEM+DEM paradigm, we show RCCA security is consistent with the CCA case, just as desired. But for Tag-KEM/DEM paradigm, we find some different status. Natural RCCA-secure Tag-KEM schemes can be easily constructed, which are more efficient than all existing CCA-secure ones. But unfortunately, passive security of DEM is not sufficient to obtain RCCA hybrid encryptions. In spite of this and for completeness, we show RCCA-secure DEMs are still sufficient. On the other hand, for passive secure DEMs, we prove that a stronger notion of RCCA security for Tag-KEM, named as tRCCA security, suffices for RCCA-secure hybrid encryptions. This somewhat suggests that a benign RCCA security for tag-based schemes should be tRCCA security. Finally, to show RCCA-secure KEM is sufficient for achieving CCA-secure hybrid encryptions, we introduce a new hybrid paradigm, named as KEM/Tag-DEM, where the ciphertext of KEM is used as a tag for Tag-DEM scheme rather than reversely in Tag-KEM/DEM, so that the security of KEM can be weakened to RCCA one. KEM/Tag-DEM shows the diversity of hybrid encryptions and has additional practical values. We also show Tag-DEMs can be constructed as efficiently as DEMs. Copyright © 2013 John Wiley & Sons, Ltd. [ABSTRACT FROM AUTHOR]

Published

2014

126. Triple layer image security using bit-shift, chaos, and stream encryption

Author

De Rosal Ignatius Moses Setiadi, Ibnu Utomo Wahyu Mulyono, Musfiqur Rahman Sazal, Kamruzzaman Sarker, Eko Hari Rachmawanto, Christy Atika Sari, and Ajib Susanto

Subjects

Control and Optimization, Computer Networks and Communications, Computer science, Cryptography, RC4, Arnold chaotic maps, Rivest cipher, Encryption, Computer Science::Multimedia, Computer Science (miscellaneous), Hybrid cryptosystem, Electrical and Electronic Engineering, Instrumentation, Stream cipher, Avalanche effect, Computer Science::Cryptography and Security, business.industry, Hybrid encryption, CHAOS (operating system), Hardware and Architecture, Control and Systems Engineering, Cyclic bit-shift, Computer Science::Computer Vision and Pattern Recognition, Super-encryption, Bit error rate, business, Algorithm, Information Systems

Abstract

One popular image security technique is image encryption. This research proposes an image encryption technique that consists of three encryption layers, i.e. bit-shift encryption, chaos-based encryption, and stream encryption. The chaos algorithm used is Arnold's chaotic map, while the stream cipher algorithm used is RC4. Each layer has different cryptology characteristics in order to obtain safer image encryption. The characteristics of cryptology are permutation, confusion, diffusion, and substitution. The combination of the proposed encryption method aims to secure images against various attacks, especially attacks on statistics and differentials. The encryption method testing is done by various measuring instruments such as statistical analysis, i.e. entropy information, avalanche effect, and histogram, differential analysis, i.e. UACI and NPCR, visual analysis using PSNR and SSIM, and bit error ratio. Based on the results of experiments that the encryption method that we propose can work excellently based on various measurement instruments. The decryption process can also work perfectly this is evidenced by the ∞ value based on PSNR, and zero value based on SSIM and BER.

Published

2020

127. Comment on 'Circuit Ciphertext-Policy Attribute-Based Hybrid Encryption With Verifiable Delegation in Cloud Computing'

Author

Olivier Markowitch and Zhengjun Cao

Subjects

Computer science, media_common.quotation_subject, Cloud computing, 02 engineering and technology, hybrid encryption, Computer security, computer.software_genre, Encryption, Technologie informatique hardware, Informatique mathématique, Ciphertext, 0202 electrical engineering, electronic engineering, information engineering, Hybrid cryptosystem, media_common, Access structure, 020203 distributed computing, Key generation, Delegation, Informatique générale, business.industry, Computational Theory and Mathematics, Hardware and Architecture, verifiable delegation, Signal Processing, Ciphertext-policy attribute-based encryption, Verifiable secret sharing, multilinear map, business, computer, Sciences exactes et naturelles

Abstract

The scheme [1] is flawed because: (1) its circuit access structure is confusingly described; (2) the cloud server cannot complete the related computations; (3) some users can conspire to generate new decryption keys, without the help of the key generation authority., SCOPUS: ar.j, info:eu-repo/semantics/inPress

Published

2021

128. A NOVEL SECURITY MECHANISM FOR HYBRID ENCRYPTION IN MINERAL MANAGEMENT INFORMATION SYSTEM.

Author

Tingyao Jiang, Heng Yu, and Lele Cui

Subjects

DATABASE management, INFORMATION resources management, DATA protection, DATA warehousing, RADIO frequency identification systems, INFORMATION storage & retrieval systems

Abstract

To increase the tax collection of mineral resources and enhance the management of resource exploitation, computerized mineral management information systems (MMIS) are developed and applied to the government management system. The MMIS are run at checking portals that inspect trucks transporting minerals. Only the trucks with the special permit (also called ticket) can pass through the checking portal after the ticket is correctly authenticated by the MMIS. Due to the huge economic benefits of the special tickets, the tickets are frequently fabricated. Because tickets are exoteric and current, the security of them becomes an urgent problem. In this paper, a novel security mechanism is proposed for the mineral management information system, in which the hash function, AES (Advanced Encryption Standard) encryption algorithm and ECC (Elliptic Curve Cryptography) encryption algorithm are hybrid to encode and encrypt the data involved with the ticket according to different sensitivity levels. Data are dynamically and separately stored into the disk storage or RFID (Radio Frequency Identification) tags storage. Identity authentication of the ticket is achieved by data in the two-dimensional bar code printed on the ticket, the RFID tag that is installed on the truck with the ticket, and the disk storage of MMIS database. MMIS equipped with the presented ticket encryption mechanism is secure and results in great economic and society interests. [ABSTRACT FROM AUTHOR]

Published

2011

129. SİMETRİK VE ASİMETRİK ŞİFRELEME YÖNTEMLERİNE METOTLAR: ÇIRPILMIŞ VE BİRLEŞİK AKM-VKM.

Author

YILDIRIM, Kerim and DEMİRAY, H. Engin

Subjects

*DATA encryption, *COMPUTER algorithms, *DIGITAL signatures, *DATA structures, *ACCESS control

Abstract

It is possible that an adversary may attack to conventional key encapsulation mechanism (KEM) and data encapsulation mechanism (DEM) structure, if any weakness exists in these algorithms. In order to prevent such kind of attacks and to make the KEM-DEM structure secure in a very strong sense, we propose a scramble algorithm in which KEM and DEM are combined and permuted, then encrypted with symmetric key driving into one block. In addition, for a long term communication between two nodes, we propose a new scheme Combined KEM-DEM which provides message integrity and sender's identity control via an integrated session key. In this method, each message is encrypted with different symmetric key and whole communication traffic is controlled. Simulations made using RSA with different key lengths (256, 512, and 1024 bits) show that by employing the Combined KEM-DEM scheme, computation times of KEM for the encryption and decryption are reduced by 40% as compared to Tag-KEM/DEM [2] and Fujisaki-Okamoto's KEM-DEM [3] schemes. [ABSTRACT FROM AUTHOR]

Published

2008

130. Tag-KEM/DEM: A New Framework for Hybrid Encryption.

Author

Abe, Masayuki, Gennaro, Rosario, and Kurosawa, Kaoru

Subjects

DATA encryption, CRYPTOGRAPHY, COMPUTER science, CIPHERS, COMPUTER security, DATA protection

Abstract

This paper presents a novel framework for the generic construction of hybrid encryption schemes which produces more efficient schemes than the ones known before. A previous framework introduced by Shoup combines a key encapsulation mechanism (KEM) and a data encryption mechanism (DEM). While it is sufficient to require both components to be secure against chosen ciphertext attacks (CCA-secure), Kurosawa and Desmedt showed a particular example of KEM that is not CCA-secure but can be securely combined with a specific type of CCA-secure DEM to obtain a more efficient, CCA-secure hybrid encryption scheme. There are also many other efficient hybrid encryption schemes in the literature that do not fit into Shoup’s framework. These facts serve as motivation to seek another framework. The framework we propose yields more efficient hybrid scheme, and in addition provides insightful explanation about existing schemes that do not fit into the previous framework. Moreover, it allows immediate conversion from a class of threshold public-key encryption to a threshold hybrid one without considerable overhead, which may not be possible in the previous approach. [ABSTRACT FROM AUTHOR]

Published

2008

131. Cryptoviral extortion using Microsoft's Crypto API.

Author

Young, Adam

Subjects

*COMPUTER security, *MICROSOFT Windows device drivers (Computer programs), *DATA protection, *DATA encryption, *COMPUTER viruses, *COMPUTER network security

Abstract

This paper presents the experimental results that were obtained by implementing the payload of a cryptovirus on the Microsoft Windows platform. The attack is based entirely on the Microsoft Cryptographic API and the needed API calls are covered in detail. More specifically, it is shown that by using eight types of API calls and 72 lines of C code, the payload can hybrid encrypt sensitive data and hold it hostage. Benchmarks are also given. A novel countermeasure against cryptoviral extortion attacks is shown that forces the API caller to demonstrate that an authorized party can recover the asymmetrically encrypted data. [ABSTRACT FROM AUTHOR]

Published

2006

132. Natural sd-RCCA Secure Public-key Encryptions from Hybrid Paradigms

Author

Chen, Y., Dong, Q., Yannan Li, Lai, Q., and Wang, Z.

Subjects

public-key encryption, Electronic computers. Computer science, ComputingMethodologies_IMAGEPROCESSINGANDCOMPUTERVISION, QA75.5-76.95, sd-RCCA security, probabilistic MAC, hybrid encryption, hybrid encryp

Abstract

The existence of natural public-key encryption (PKE) schemes satisfying secretly detectable replayable CCA (sd-RCCA) security is left as open. By introducing probabilistic message authentication codes (MACs) into popular KEM plus DEM paradigms, several instances of such schemes are presented in this paper. It is known that the encrypt-then-authenticate paradigm gives an RCCA secure DEM when the underlying MAC is regular (but not strong) secure, where forgeries for old messages might be possible. By further requiring that the validity of such forgeries can be verified only secretly, sd-RCCA secure DEMs is obtained. Combining such DEMs with CCA secure KEMs gives sd-RCCA secure hybrid PKEs. We first formalize the related notions and this paradigm, and also other variants of KEM plus DEM hybrid paradigm since MACs are commonly used in them. Then we show natural examples of desired probabilistic MACs under the standard DDH assumption, and find appropriate KEMs to match the message space for those MACs and then obtain natural instances of sd-RCCA secure hybrid PKEs.

Published

2019

133. Modern Family: A Revocable Hybrid Encryption Scheme Based on Attribute-Based Encryption, Symmetric Searchable Encryption and SGX

Author

Antonis Michalas and Alexandros Bakas

Subjects

Computer science, Cloud computing, Access control, Data_CODINGANDINFORMATIONTHEORY, 0102 computer and information sciences, 02 engineering and technology, Encryption, 01 natural sciences, Cloud Security, 0202 electrical engineering, electronic engineering, information engineering, Hybrid cryptosystem, Attribute-Based Encryption, Policies, Storage Protection, Cloud computing security, Revocation, business.industry, Access Control, Symmetric Searchable Encryption, 010201 computation theory & mathematics, Hybrid Encryption, 020201 artificial intelligence & image processing, Attribute-based encryption, business, Cloud storage, Computer network

Abstract

Secure cloud storage is considered as one of the most important issues that both businesses and end-users take into account before moving their private data to the cloud. Lately, we have seen some interesting approaches that are based either on the promising concept of Symmetric Searchable Encryption (SSE) or on the well-studied field of Attribute-Based Encryption (ABE). In the first case, researchers are trying to design protocols where users' data will be protected from both internal and external attacks without paying the necessary attention to the problem of user revocation. In the second case, existing approaches address the problem of revocation. However, the overall efficiency of these systems is compromised since the proposed protocols are solely based on ABE schemes and the size of the produced ciphertexts and the time required to decrypt grows with the complexity of the access formula. In this paper, we propose a hybrid encryption scheme that combines both SSE and ABE by utilizing the advantages of both these techniques. In contrast to many approaches, we design a revocation mechanism that is completely separated from the ABE scheme and solely based on the functionality offered by SGX.

Published

2019

134. A New Hybrid Encryption Scheme for Computer Networks

Author

El-Hadidi, M. T., Hegazi, N. H., Aslan, H. K., Katsikas, Sokratis K., editor, and Gritzalis, Dimitris, editor

Published

1996

135. Designing generic asymmetric key cryptosystem with message paddings

Abstract

This thesis focuses on structural remodelling and security proof of cryptographic schemes. A message pre-processing, also known as asymmetric message padding, is an essential step in asymmetric encryption which is heavily used in secure banking applications. In this thesis, we propose new effective padding schemes and able to mitigate the various computation and memory overhead compared to previous works. We are also able to provide streaming capability which was missing in most of the previous works. Mathematical security proof of proposed schemes justifies their security.

Published

2018

136. Data Security on Internet of Things Device Using Hybrid Encryption Model

Author

Asang, Marsel Sampe, Manongga, Danny, and Sembiring, Irwan

Subjects

IoT Security, hybrid encryption, encryption

Abstract

Tidak diijinkan karya tersebut diunggah ke dalam aplikasi Repositori Perpustakaan Universitas. The development of IoT in various sectors causes new security issues. There have been many cases of breaking data and data theft on the IoT system due to poor system security, especially on the IoT device. This study focuses on how to secure data on IoT device before the data is sent to the server using a hybrid encryption model. This hybrid encryption model is a combination of AES and ECDH algorithms. Firstly this model is attempted to be implemented on RaspberryPi device. An analysis of the computational load and communication load of the encryption process is perform to measure effective and efficient of this model. The last is perform a simulation of MITM attacks to find out how well the effectiveness of this model. The results of this study shows that this encryption model is suitable enough for use on IoT device without having to overload the memory usage of device.

Published

2018

137. A New Rabin-type Trapdoor Permutation Equivalent to Factoring.

Author

Schmidt-Samoa, Katja

Subjects

DATA encryption, PUBLIC key cryptography, COMPUTER network security, DATA protection

Abstract

Abstract: Public key cryptography has been invented to overcome some key management problems in open networks. Although nearly all aspects of public key cryptography rely on the existence of trapdoor one-way functions, only a very few candidates for this primitive have been observed yet. In this paper, we introduce a new trapdoor one-way permutation based on the hardness of factoring integers of -type. We point out that there are some similarities between Rabin''s trapdoor permutation and our proposal. Although our function is less efficient, it possesses a nice feature which is not known for modular squaring, namely there is a variant with a different and easy-to-handle domain. Thus it provides some advantages for practical applications. To confirm this statement, we develop a simple hybrid encryption scheme based on our proposed trapdoor permutation that is CCA-secure in the random oracle model. [Copyright &y& Elsevier]

Published

2006

138. Hibrit şifreleme algoritması

Author

Gençoğlu, Hakan, Yerlikaya, Tarık, and Bilgisayar Mühendisliği Anabilim Dalı

Subjects

Hibrit algoritm, Electronic signature, Elektronik imza, Hybrid encryption, Hybrid algorithm, Hibrit şifreleme, Computer Engineering and Computer Science and Control, Bilgisayar Mühendisliği Bilimleri-Bilgisayar ve Kontrol

Abstract

Bilgi teknolojilerinde veri güvenliği için kullanılan simetrik ve asimetrik algoritmaların kendilerine özgü avantajları ve dezavantajları bulunmaktadır. Avantajlar kullanılarak ortadan kaldırılmaya çalışılan dezavantajlar ortaya hibrit mekanizmanın ortaya çıkmasını sağlamıştır. Hibrit mekanizmalar üzerine yapılan çalışmalar KEM – DEM mimarileri üzerine yoğunlaşmıştır. DEM – Data Encapsulation Mechanism mesajın kendisini şifrelemekte, KEM - KEY Encapsulation Mechanism verinin şifrelendiği anahtarın şifrelenmesi işlemini gerçekleştirerek güvenlik altına almaktadır. Çalışmamızda klasik KEM-DEM yapısından farklı olarak mimari sadece veri ve verinin şifrelendiği anahtar olmaktan çıkarıp mimariye bir de güvenlik paketi eklenmiştir. Güvenlik paketinde doğrulama işlemleri ile ilgili veriler bulunmakta güvenlik paketi de şifrelenerek güvenlik altına alınmıştır. Gerek oturum açma, gerek şifreli iletişim sırasında özellikle anahtarlar olmak üzere kişisel bilgiler önemlidir. Kişisel bilgilerin detaylarını ve şifreleme anahtarlarını akılda tutmak zor olabilir. Bu bilgiler doğrulama ve imzalama işlemleri için kullanılacaktır. Bu nokta düşünülerek bu bilgilerin, güvenliği sağlanmış elektronik sertifikalarda tutulması önerilmiştir. Çalışmada elektronik sertifikaların hukuki karşılığından bahsedilmiş ve mimari içinde kullanım biçimi anlatılmıştır. Ayrıca mimarinin testleri .NET platformunda yazılan uygulamalarla test edilmiş. Asimetrik algoritma (RSA) için mobil platform ile de test gerçekleştirilmiş ve performans testi yapılmıştır. Asymmetric and symmetric algorithms used at information technologies for information security have some advantages and also disadvantages. Hybrid encryption mechanism came up to remove the disadvantages.Most of the studies on hybrid mechanism are about KEM-DEM. DEM – Data Encapsulation Mechanism encrypts data and KEM – Key Encapsulation Mechanism encrypts keys to secure the data. In this study, we offer a new architecture different from KEM-DEM mechanism. Data encryption like DEM, key Encryption like KEM and also data security package are the parts of our mechanism. Data security package consists of the data related to the verification processes. Data security package is also encrypted. Keys and personal information are vital when to login to the system and also in the process of transmission. Details of personal data and the keys can be difficult to keep in mind. These data are going to be used for verification and signing. For that reason, it has been offered for the data to be stored in the secure electronic certificates. We stated the legal status of electronic certificates, and expressed the way of the use in our architecture. Personal information, especially encryption-decryption keys, is need during encrypted communication or login to a system. Details of keys or personal information can be hard to remember. This information is used for signing and verification the user because of that they are needed. For that reason personal information certificates offered to store this information. A software developed in .NET platform to test the architecture, and also an application developed for the test of asymmetric algorithm RSA in mobil devices.

Published

2017

139. An Enhanced Approach for Security in Database Using Encryption Technology.

Author

Divya, C.

Subjects

ENCRYPTION protocols, DATA encryption standards, DATABASE security, PUBLIC key cryptography, CYBERTERRORISM, COUNTERTERRORISM

Abstract

In traditional database security research, the database is usually assumed to be reliable. Under this assumption, the goal is to achieve security against external attacks, for instance from hackers and possibly also against users trying to obtain information beyond their privileges, for instance by some type of statistical inference. Therefore the database cannot necessarily be assumed to be fully trusted. Data in a database is very important. We must assure their security completely. It points out that it is difficult to ensure the security of the system by using a single encryption technology. This paper introduces the basic technologies of symmetrical encryption, asymmetrical encryption and then the hybrid encryption thoughts of combining the both are promoted. By using this method, the security of databases is enhanced. [ABSTRACT FROM AUTHOR]

Published

2012

140. Efficient hybrid encryption from ID-based encryption

Author

Abe, Masayuki, Cui, Yang, Imai, Hideki, and Kiltz, Eike

Published

2010

141. A New Rabin-type Trapdoor Permutation Equivalent to Factoring

Author

Katja Schmidt-Samoa

Subjects

Theoretical computer science, General Computer Science, business.industry, trapdoor one-way permutations, Tag-KEM/DEM framework, Claw-free permutation, hybrid encryption, Theoretical Computer Science, Random oracle, Public-key cryptography, Permutation, Factoring, Hybrid cryptosystem, Trapdoor function, business, Key management, Computer Science::Cryptography and Security, Computer Science(all), Mathematics

Abstract

Public key cryptography has been invented to overcome some key management problems in open networks. Although nearly all aspects of public key cryptography rely on the existence of trapdoor one-way functions, only a very few candidates for this primitive have been observed yet. In this paper, we introduce a new trapdoor one-way permutation based on the hardness of factoring integers of p2q-type. We point out that there are some similarities between Rabin's trapdoor permutation and our proposal. Although our function is less efficient, it possesses a nice feature which is not known for modular squaring, namely there is a variant with a different and easy-to-handle domain. Thus it provides some advantages for practical applications. To confirm this statement, we develop a simple hybrid encryption scheme based on our proposed trapdoor permutation that is CCA-secure in the random oracle model.

Published

2006

142. Highly efficient method of data protection based on multilayer hybrid encryption

Author

Liashuk, O.M.

Subjects

гібридне шифрування, криптографія, 681.3.07, AES, cryptography, RSA, гибридное шифрование, криптография, симетричний алгоритм, hybrid encryption, симметричный алгоритм, symmetric algorithm

Abstract

У роботі розглянуті сучасні алгоритми шифрування та проблеми, які виникають при їх використанні; описано метод гібридного шифрування. Запропоновано метод багатошарового гібридного шифрування, який розроблено для безпечного обміну інформацією у мережі Інтернет, з використанням асиметричного та n-кількості симетричних алгоритмів. Introduction. The paper deals with modern encryption algorithms and problems associated with their use. Hybrid encryption method was developed for secure communication over the Internet. Principal part. Symmetric algorithms used in method are AES, Serpent and Twofish, asymmetric algorithm is RSA. For each layer new secure random key is generated and encrypted by RSA. This key is aligned and written in the beginning of the encrypted data. On decryption key is read from the beginning of encrypted data and decrypted by RSA secret key. Then symmetric key is used to decrypt data layer by layer. Conclusions. Use of multilayer hybrid encryption allows to transmit both keys and data by unsecure channel and ensure that data will be protected and at least one symmectric algorithm is not compromised. В работе рассмотрены современные алгоритмы шифрования и проблемы, возникающие при их использовании; описан метод гибридного шифрования. Предложен метод многослойного гибридного шифрования, который разработан для безопасного обмена информацией в сети Интернет, с использованием асимметричного и n-количества симметричных алгоритмов.

Published

2014

143. MHED – высокоэффективный метод защиты данных на основе многослойного гибридного шифрования

Abstract

В работе рассмотрены современные алгоритмы шифрования и проблемы, возникающие при их использовании; описан метод гибридного шифрования. Предложен метод многослойного гибридного шифрования, который разработан для безопасного обмена информацией в сети Интернет, с использованием асимметричного и n–количества симметричных алгоритмов., Introduction. The paper deals with modern encryption algorithms and problems associated with their use. Hybrid encryption method was developed for secure communication over the Internet. Principal part. Symmetric algorithms, which used in method, are AES, Serpent and Twofish, asymmetric algorithm is RSA. For each layer new secure random key is generated and encrypted by RSA. This key is aligned and written in the beginning of the encrypted data. On decryption key is read from the beginning of encrypted data and decrypted by RSA secret key. Then symmetric key is used to decrypt data layer by layer. Conclusions. Use of multilayer hybrid encryption allows to transmit both keys and data by unsecure channel and ensure that data will be protected and at least one symmectric algorithm is not compromised., У роботі розглянуті сучасні алгоритми шифрування та проблеми, які виникають при їх використанні; описано метод гібридного шифрування. Запропоновано метод багатошарового гібридного шифрування, який розроблено для безпечного обміну інформацією у мережі Інтернет, з використанням аси-метричного та n–кількості симетричних алгоритмів.

Published

2014

144. MHED – високоефективний метод захисту даних на основі багатошарового гібридного шифрування

Abstract

У роботі розглянуті сучасні алгоритми шифрування та проблеми, які виникають при їх використанні; описано метод гібридного шифрування. Запропоновано метод багатошарового гібридного шифрування, який розроблено для безпечного обміну інформацією у мережі Інтернет, з використанням аси-метричного та n–кількості симетричних алгоритмів.

Published

2014

145. Secure and Anonymous Hybrid Encryption from Coding Theory

Author

Edoardo Persichetti

Subjects

Cryptographic primitive, Theoretical computer science, Computer science, business.industry, Hybrid Encryption, McEliece, CCA, Cryptography, Coding theory, Computer security, computer.software_genre, Random oracle, Hybrid cryptosystem, Message authentication code, business, computer, Anonymity

Abstract

Cryptographic schemes based on coding theory are one of the most accredited choices for cryptography in a post-quantum scenario. In this work, we present a hybrid construction based on the Niederreiter framework that provides IND-CCA security in the random oracle model. In addition, the construction satisfies the IK-CCA notion of anonymity whose importance is ever growing in the cryptographic community.

Published

2013

146. An Intrusion and Random-Number-Leakage Resilient Scheme in Mobile Unattended WSNs

Author

Atsuko Miyaji, Kazumasa Omote, Keita Emura, and Tatsuro Iida

Subjects

business.industry, Computer science, Plaintext, hybrid encryption, computer.software_genre, Encryption, Deterministic encryption, Public-key cryptography, Multiple encryption, Probabilistic encryption, Forward secrecy, random-number-leakage problem, Secrecy, Ciphertext, 56-bit encryption, 40-bit encryption, Hybrid cryptosystem, Link encryption, On-the-fly encryption, wireless sensor networks, business, computer, Computer network

Abstract

In INFOCOM 2010, Pietro, Oligeri, Soriente, and Tsudik (POST) proposed an intrusion-resilient system with forward and backward secrecy in mobile Unattended Wireless Sensor Networks (UWSNs), where sensors move according to some mobility model (random jump model and random waypoint model). In the POST scheme, each sensor encrypts its ephemeral key $K$ as a plaintext by using the sink's public key, and sends this cipher text and the encrypted sensed data by $K$. Although the POST scheme recommends the hybrid encryption, it does not follow the conventional hybrid encryption usage, i.e., the POST scheme is not necessarily secure. More concretely, $K$ must be regarded as a plaintext of the underlying public key system, and therefore the POST scheme requires at least one more encryption procedure (i.e, encryptions for both $K$ and the data) compared with the conventional hybrid encryption procedure. In this paper, we scrutinize the original POST intrusion-resilient system. We set deployed information as a seed used for generating a random number (which is applied for public key encryption). This procedure follows the conventional hybrid encryption usage, and random-number-leakage problem does not occur. In conclusion, we improve the POST scheme from the viewpoint of both security and efficiency without spoiling significant benefit points of the original one.

Published

2012

147. A Key-Misuse-Resistant Hybrid Encryption Scheme using Terminal Fingerprint

Subjects

ハイブリッド暗号, 不正利用, 秘密鍵, Key-misuse-resistant, Hybrid encryption, 再暗号化, Terminal fingerprint

Abstract

インターネットにおいて，デジタルコンテンツの違法な利用の問題が多発している． この問題を解決するため，多くの暗号化方式が提案された． しかし，秘密鍵のコピーや転送などの漏洩を防ぐことが困難であるため，解決には至っていない． すなわち，秘密鍵の不正利用 （鍵乱用） の問題が依然としてある． 本論文では，端末フィンガープリント情報を用いた鍵乱用を防止できるハイブリッド暗号方式を提案する． この方式は，入手や変更ができないと仮定した端末のフィンガープリント情報を利用して再暗号化鍵を生成することから，たとえ利用者が秘密鍵を漏洩させた場合であっても，その秘密鍵は再暗号化鍵を生成した端末以外では動作しないことを保証できる．, Internet services raise an issue of illegal copying and distribution of digital contents. A lot of public key encryption schemes solve this issue. However, the secret key is not completely protected i.e. these kinds of encryption methods do not prevent illegal copying and distribution of secret keys. In this paper, we propose a key-misuse-resistant hybrid encryption scheme using terminal fingerprint. Since the terminal fingerprint is assumed to be unchangeable and unknowable, we ensure that our secret keys are valid in the terminal where such secret keys were created.

Published

2015

148. An Intrusion and Random-Number-Leakage Resilient Scheme in Mobile Unattended WSNs

Abstract

In INFOCOM 2010, Pietro, Oligeri, Soriente, and Tsudik (POST) proposed an intrusion-resilient system with forward and backward secrecy in mobile Unattended Wireless Sensor Networks (UWSNs), where sensors move according to some mobility model (random jump model and random waypoint model). In the POST scheme, each sensor encrypts its ephemeral key K as a plaintext by using the sink’s public key, and sends this ciphertext and the encrypted sensed data by K. Although the POST scheme recommends the hybrid encryption, it does not follow the conventional hybrid encryption usage, i.e., the POST scheme is not necessarily secure. More concretely, K must be regarded as a plaintext of the underlying public key system, and therefore the POST scheme requires at least one more encryption procedure (i.e, encryptions for both K and the data) compared with the conventional hybrid encryption procedure. In this paper, we scrutinize the original POST intrusion-resilient system. We set deployed information as a seed used for generating a random number (which is applied for public key encryption). This procedure follows the conventional hybrid encryption usage, and random-numberleakage problem does not occur. In conclusion, we improve the POST scheme from the viewpoint of both security and efficiency without spoiling significant benefit points of the original one., identifier:https://dspace.jaist.ac.jp/dspace/handle/10119/10656

Published

2012

149. An Intrusion and Random-Number-Leakage Resilient Scheme in Mobile Unattended WSNs

Abstract

In INFOCOM 2010, Pietro, Oligeri, Soriente, and Tsudik (POST) proposed an intrusion-resilient system with forward and backward secrecy in mobile Unattended Wireless Sensor Networks (UWSNs), where sensors move according to some mobility model (random jump model and random waypoint model). In the POST scheme, each sensor encrypts its ephemeral key K as a plaintext by using the sink’s public key, and sends this ciphertext and the encrypted sensed data by K. Although the POST scheme recommends the hybrid encryption, it does not follow the conventional hybrid encryption usage, i.e., the POST scheme is not necessarily secure. More concretely, K must be regarded as a plaintext of the underlying public key system, and therefore the POST scheme requires at least one more encryption procedure (i.e, encryptions for both K and the data) compared with the conventional hybrid encryption procedure. In this paper, we scrutinize the original POST intrusion-resilient system. We set deployed information as a seed used for generating a random number (which is applied for public key encryption). This procedure follows the conventional hybrid encryption usage, and random-numberleakage problem does not occur. In conclusion, we improve the POST scheme from the viewpoint of both security and efficiency without spoiling significant benefit points of the original one.

Published

2012

150. Efficient Identity-Based Key Encapsulation to Multiple Parties

Author

Pooya Farshim, Manuel Barbosa, and Universidade do Minho

Subjects

TheoryofComputation_MISCELLANEOUS, Provable security, Science & Technology, business.industry, Computer science, Hybrid encryption, Diffie–Hellman problem, 020206 networking & telecommunications, Cryptography, 02 engineering and technology, Key encapsulation mechanism (KEM), Computer security model, Computer security, computer.software_genre, Identity based cryptography, Oracle, Random oracle, Public-key cryptography, 0202 electrical engineering, electronic engineering, information engineering, Hybrid cryptosystem, 020201 artificial intelligence & image processing, Key encapsulation, business, computer

Abstract

We introduce the concept of identity based key encapsulation to multiple parties (mID-KEM), and define a security model for it. This concept is the identity based analogue of public key KEM to multiple parties. We also analyse possible mID-KEM constructions, and propose an efficient scheme based on bilinear pairings. We prove our scheme secure in the random oracle model under the Gap Bilinear Diffie-Hellman assumption., Fundação para a Ciência e a Tecnologia - SFRH/BPD/20528/2004.

Published

2005