Your search keyword '"provably security"' showing total 10 results

1. Memory-Tight Multi-challenge Security of Public-Key Encryption

Author

Jaeger, Joseph, Kumar, Akshaya, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Agrawal, Shweta, editor, and Lin, Dongdai, editor

Published

2022

2. A Lightweight Certificateless Aggregation Signature Scheme With Provably Security in the Standard Model.

Author

Deng, Lunzhi, Ning, Bingqin, and Jiang, Yuhong

Abstract

In an aggregate signature scheme, $n$ signatures on $n$ different messages from $n$ users can be combined into a single signature. By verifying the signature, the verifier believes that $n$ users did generate the $n$ corresponding signatures. In the recent decade, numerous certificateless aggregate signature (CLAS) schemes have been introduced. There are two issues with these schemes. First, it was in the random oracles model (ROM) that the security proofs of these schemes were given. ROM is an idealized model. A signature scheme is not necessarily secure in real life even if it has proven to be safe in ROM. Second, the number of hash-to-point operations increases linearly with the number of signers in these schemes, so that are not suited for the computation-constrained devices (such as mobile devices). In this article, a new certificateless signature scheme is constructed. Based on it, a new CLAS scheme is proposed. Under the hypothesis that it is hard to solve a computation Diffie–Hellman problem, two schemes are proved to be secure in the standard model. The CLAS scheme needs only three pairing operations and does not need a hash-to-point operation, taken into account the computation cost, it is more efficient than previous CLAS schemes. [ABSTRACT FROM AUTHOR]

Published

2020

3. Ideal Lattice-Based Anonymous Authentication Protocol for Mobile Devices.

Author

Feng, Qi, He, Debiao, Zeadally, Sherali, Kumar, Neeraj, and Liang, Kaitai

Abstract

The rapid advances of wireless communication technologies along with the popularity of mobile devices are enabling users to access various web services anywhere and anytime. Due to the openness of wireless communications, security becomes a vital issue. To provide secure communication, many anonymous authentication protocols in mobile client–server environments based on classical mathematical hard assumptions (i.e., discrete logarithm problem or integer factorization problem) have been presented in last two decades. However, both of the two assumptions can be solved by postquantum computers in polynomial time, which means these protocols are never secure in the postquantum era. To mitigate such types of attacks, we propose an ideal lattice-based anonymous authentication protocol for mobile client–server environments. A detailed security proof shows that our proposed protocol is provably secure under a random oracle model based on the difficulty of the ring learning with errors problem. Furthermore, the informal security analysis and experimental implementation show that our proposed protocol is practical for real-world mobile client–server environments. [ABSTRACT FROM AUTHOR]

Published

2019

4. Cryptanalysis and Improvement of a Privacy-Preserving Three-Factor Authentication Protocol for Wireless Sensor Networks

Author

Km Renuka, Sachin Kumar, Saru Kumari, and Chien-Ming Chen

Subjects

wireless sensor networks, multi-factor authentication, fuzzy extractor, anonymity, provably security, Chemical technology, TP1-1185

Abstract

Wireless sensor networks (WSNs) are of prominent use in unmanned surveillance applications. This peculiar trait of WSNs is actually the underlying technology of various applications of the Internet of Things (IoT) such as smart homes, smart cities, smart shopping complexes, smart traffic, smart health, and much more. Over time, WSNs have evolved as a strong base for laying the foundations of IoT infrastructure. In order to address the scenario in which a user wants to access the real-time data directly from the sensor node in wireless sensor networks (WSNs), Das recently proposed an anonymity-preserving three-factor authentication protocol. Das’s protocol is suitable for resource-constrained sensor nodes because it only uses lightweight cryptographic primitives such as hash functions and symmetric encryption schemes as building blocks. Das’s protocol is claimed to be secure against different known attacks by providing formal security proof and security verification using the Automated Validation of Internet Security Protocols and Applications tool. However, we find that Das’s protocol has the following security loopholes: (1) By using a captured sensor node, an adversary can impersonate a legal user to the gateway node, impersonate other sensor nodes to deceive the user, and the adversary can also decrypt all the cipher-texts of the user; (2) the gateway node has a heavy computational cost due to user anonymity and thus the protocol is vulnerable to denial of service (DoS) attacks. We overcome the shortcomings of Das’s protocol and propose an improved protocol. We also prove the security of the proposed protocol in the random oracle model. Compared with the other related protocols, the improved protocol enjoys better functionality without much enhancement in the computation and communication costs. Consequently, it is more suitable for applications in WSNs

Published

2019

5. ID-Based Blind Signature and Ring Signature from Pairings

Author

Zhang, Fangguo, Kim, Kwangjo, Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, and Zheng, Yuliang, editor

Published

2002

6. Efficient public key encryption with revocable keyword search.

Author

Yu, Yong, Ni, Jianbing, Yang, Haomiao, Mu, Yi, and Susilo, Willy

Subjects

PUBLIC key cryptography, TRAPDOORS, CLOUD computing, DATA security, COMPARATIVE studies

Abstract

ABSTRACT Public key encryption with keyword search is a novel cryptographic primitive enabling one to search on the encrypted data directly. In the known schemes, once getting a trapdoor, the server can search associated data without any restrictions. However, in reality, it is sometimes essential to prevent the server from searching the data all the time because the server is not fully trusted. In this paper, we propose the notion of public key encryption with revocable keyword search to address the issue. We also develop a concrete construction by dividing the whole life of the system into distinct times to achieve our goals. The proposed scheme achieves the properties of the indistinguishability of ciphertexts against an adaptive chosen keywords attack security under the co-decisional bilinear Diffie-Hellman assumption in our security model. Compared with two somewhat schemes, ours offers much better performance in terms of computational cost. Copyright © 2013 John Wiley & Sons, Ltd. [ABSTRACT FROM AUTHOR]

Published

2014

7. A provably secure proxy signature scheme from bilinear pairings.

Author

Wang, Aiqin, Li, Jiguo, and Wang, Zhijian

Abstract

proxy signature allows an entity, called original signer, to delegate its signing power to another entity, called proxy signer, to sign messages on its behalf. Proxy signatures have many practical applications and are very important cryptographic protocol. In this paper, we propose an efficient proxy signature scheme from bilinear pairings. We prove it secure in the random oracle model and analyze computation cost of our scheme. Our scheme satisfies all the properties required for proxy signatures. [ABSTRACT FROM AUTHOR]

Published

2010

8. Practical Password-Authenticated Three-Party Key Exchange.

Author

Jeong Ok Kwon, Ik Rae Jeong, and Dong Hoon Lee

Subjects

COMPUTER passwords, TELECOMMUNICATION, KEYSTROKE timing authentication, ONLINE banking, COMPUTER networks, RESEARCH

Abstract

Password-based authentication key exchange (PAKE) protocols in the literature typically assume a password that is shared between a client and a server. PAKE has been applied in various environments, especially in the "client-server" applications of remotely accessed systems, such as e-banking. With the rapid developments in modern communication environments, such as ad-hoc networks and ubiquitous computing, it is customary to construct a secure peer-to-peer channel, which is quite a different paradigm from existing paradigms. In such a peer-to-peer channel, it would be much more common for users to not share a password with others. In this paper, we consider password-based authentication key exchange in the three-party setting, where two users do not share a password between themselves but only with one server. The users make a session-key by using their different passwords with the help of the server. We propose an efficient password-based authentication key exchange protocol with different passwords that achieves forward secrecy in the standard model. The protocol requires parties to only memorize human-memorable passwords; all other information that is necessary to run the protocol is made public. The protocol is also light-weighted, i.e., it requires only three rounds and four modular exponentiations per user. In fact, this amount of computation and the number of rounds are comparable to the most efficient password-based authentication key exchange protocol in the random-oracle model. The dispensation of random oracles in the protocol does not require the security of any expensive signature schemes or zero-knowlegde proofs. [ABSTRACT FROM AUTHOR]

Published

2008

9. Cryptanalysis and Improvement of a Privacy-Preserving Three-Factor Authentication Protocol for Wireless Sensor Networks

Author

Saru Kumari, Sachin Kumar, Chien-Ming Chen, and Km. Renuka

Subjects

Computer science, Denial-of-service attack, 02 engineering and technology, lcsh:Chemical technology, Encryption, Internet security, provably security, Biochemistry, Article, Analytical Chemistry, Default gateway, 0202 electrical engineering, electronic engineering, information engineering, lcsh:TP1-1185, ComputerSystemsOrganization_SPECIAL-PURPOSEANDAPPLICATION-BASEDSYSTEMS, Electrical and Electronic Engineering, wireless sensor networks, Instrumentation, Cryptographic primitive, anonymity, business.industry, Node (networking), ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 020206 networking & telecommunications, Adversary, Multi-factor authentication, fuzzy extractor, Atomic and Molecular Physics, and Optics, Symmetric-key algorithm, Sensor node, Authentication protocol, multi-factor authentication, 020201 artificial intelligence & image processing, business, Wireless sensor network, Computer network

Abstract

Wireless sensor networks (WSNs) are of prominent use in unmanned surveillance applications. This peculiar trait of WSNs is actually the underlying technology of various applications of the Internet of Things (IoT) such as smart homes, smart cities, smart shopping complexes, smart traffic, smart health, and much more. Over time, WSNs have evolved as a strong base for laying the foundations of IoT infrastructure. In order to address the scenario in which a user wants to access the real-time data directly from the sensor node in wireless sensor networks (WSNs), Das recently proposed an anonymity-preserving three-factor authentication protocol. Das&rsquo, s protocol is suitable for resource-constrained sensor nodes because it only uses lightweight cryptographic primitives such as hash functions and symmetric encryption schemes as building blocks. Das&rsquo, s protocol is claimed to be secure against different known attacks by providing formal security proof and security verification using the Automated Validation of Internet Security Protocols and Applications tool. However, we find that Das&rsquo, s protocol has the following security loopholes: (1) By using a captured sensor node, an adversary can impersonate a legal user to the gateway node, impersonate other sensor nodes to deceive the user, and the adversary can also decrypt all the cipher-texts of the user, (2) the gateway node has a heavy computational cost due to user anonymity and thus the protocol is vulnerable to denial of service (DoS) attacks. We overcome the shortcomings of Das&rsquo, s protocol and propose an improved protocol. We also prove the security of the proposed protocol in the random oracle model. Compared with the other related protocols, the improved protocol enjoys better functionality without much enhancement in the computation and communication costs. Consequently, it is more suitable for applications in WSNs

Published

2019

10. Cryptanalysis and Improvement of a Privacy-Preserving Three-Factor Authentication Protocol for Wireless Sensor Networks.

Author

Renuka, Km, Kumar, Sachin, Kumari, Saru, and Chen, Chien-Ming

Subjects

*WIRELESS sensor networks, *CRYPTOGRAPHY, *QUANTUM cryptography, *WIRELESS sensor nodes, *INTERNET protocols, *SYMMETRIC functions, *HOME wireless technology, *SMART cities

Abstract

Wireless sensor networks (WSNs) are of prominent use in unmanned surveillance applications. This peculiar trait of WSNs is actually the underlying technology of various applications of the Internet of Things (IoT) such as smart homes, smart cities, smart shopping complexes, smart traffic, smart health, and much more. Over time, WSNs have evolved as a strong base for laying the foundations of IoT infrastructure. In order to address the scenario in which a user wants to access the real-time data directly from the sensor node in wireless sensor networks (WSNs), Das recently proposed an anonymity-preserving three-factor authentication protocol. Das's protocol is suitable for resource-constrained sensor nodes because it only uses lightweight cryptographic primitives such as hash functions and symmetric encryption schemes as building blocks. Das's protocol is claimed to be secure against different known attacks by providing formal security proof and security verification using the Automated Validation of Internet Security Protocols and Applications tool. However, we find that Das's protocol has the following security loopholes: (1) By using a captured sensor node, an adversary can impersonate a legal user to the gateway node, impersonate other sensor nodes to deceive the user, and the adversary can also decrypt all the cipher-texts of the user; (2) the gateway node has a heavy computational cost due to user anonymity and thus the protocol is vulnerable to denial of service (DoS) attacks. We overcome the shortcomings of Das's protocol and propose an improved protocol. We also prove the security of the proposed protocol in the random oracle model. Compared with the other related protocols, the improved protocol enjoys better functionality without much enhancement in the computation and communication costs. Consequently, it is more suitable for applications in WSNs [ABSTRACT FROM AUTHOR]

Published

2019