Cryptographic key generation using handwritten signature
Freire, Manuel R.; Fiérrez, Julián; Ortega-García, Javier
2006-01-01
M. Freire-Santos ; J. Fierrez-Aguilar ; J. Ortega-Garcia; "Cryptographic key generation using handwritten signature", Biometric Technology for Human Identification III, Proc. SPIE 6202 (April 17, 2006); doi:10.1117/12.665875. Copyright 2006 Society of Photo‑Optical Instrumentation Engineers. One print or electronic copy may be made for personal use only. Systematic reproduction and distribution, duplication of any material in this paper for a fee or for commercial purposes, or modification of...
The generation of shared cryptographic keys through channel impulse response estimation at 60 GHz.
Energy Technology Data Exchange (ETDEWEB)
Young, Derek P.; Forman, Michael A.; Dowdle, Donald Ryan
2010-09-01
Methods to generate private keys based on wireless channel characteristics have been proposed as an alternative to standard key-management schemes. In this work, we discuss past work in the field and offer a generalized scheme for the generation of private keys using uncorrelated channels in multiple domains. Proposed cognitive enhancements measure channel characteristics, to dynamically change transmission and reception parameters as well as estimate private key randomness and expiration times. Finally, results are presented on the implementation of a system for the generation of private keys for cryptographic communications using channel impulse-response estimation at 60 GHz. The testbed is composed of commercial millimeter-wave VubIQ transceivers, laboratory equipment, and software implemented in MATLAB. Novel cognitive enhancements are demonstrated, using channel estimation to dynamically change system parameters and estimate cryptographic key strength. We show for a complex channel that secret key generation can be accomplished on the order of 100 kb/s.
Generating cryptographic keys by radioactive decays
International Nuclear Information System (INIS)
Grupen, Claus; Maurer, Ingo; Schmidt, Dieter; Smolik, Ludek
2001-01-01
We are presenting a new method for the generation of statistically genuine random bitstream with very high frequency which can be employed for cryptographic purposes. The method uses the feature of statistically unpredictable radioactive decays as the source of randomness. The measured quantity is the time distance between the responses of a small ionisation chamber due to the recording of ionising decay products. This time measurement is converted into states representing 0o r 1. The data generated in our experiment successfully passed FIPS PUB 140-1 and die hard statistical tests. For the simulation of systematic effects Monte Carlo techniques were used
Cryptographic Key Management System
Energy Technology Data Exchange (ETDEWEB)
No, author
2014-02-21
This report summarizes the outcome of U.S. Department of Energy (DOE) contract DE-OE0000543, requesting the design of a Cryptographic Key Management System (CKMS) for the secure management of cryptographic keys for the energy sector infrastructure. Prime contractor Sypris Electronics, in collaboration with Oak Ridge National Laboratories (ORNL), Electric Power Research Institute (EPRI), Valicore Technologies, and Purdue University's Center for Education and Research in Information Assurance and Security (CERIAS) and Smart Meter Integration Laboratory (SMIL), has designed, developed and evaluated the CKMS solution. We provide an overview of the project in Section 3, review the core contributions of all contractors in Section 4, and discuss bene ts to the DOE in Section 5. In Section 6 we describe the technical construction of the CKMS solution, and review its key contributions in Section 6.9. Section 7 describes the evaluation and demonstration of the CKMS solution in different environments. We summarize the key project objectives in Section 8, list publications resulting from the project in Section 9, and conclude with a discussion on commercialization in Section 10 and future work in Section 11.
Multi-biometrics based cryptographic key regeneration scheme
Kanade , Sanjay Ganesh; Petrovska-Delacrétaz , Dijana; Dorizzi , Bernadette
2009-01-01
International audience; Biometrics lack revocability and privacy while cryptography cannot detect the user's identity. By obtaining cryptographic keys using biometrics, one can achieve the properties such as revocability, assurance about user's identity, and privacy. In this paper, we propose a multi-biometric based cryptographic key regeneration scheme. Since left and right irises of a person are uncorrelated, we treat them as two independent biometrics and combine in our system. We propose ...
Efficient key management for cryptographically enforced access control
Zych, Anna; Petkovic, Milan; Jonker, Willem
Cryptographic enforcement of access control mechanisms relies on encrypting protected data with the keys stored by authorized users. This approach poses the problem of the distribution of secret keys. In this paper, a key management scheme is presented where each user stores a single key and is
A Key Management Method for Cryptographically Enforced Access Control
Zych, Anna; Petkovic, Milan; Jonker, Willem; Fernández-Medina, Eduardo; Yagüe, Mariemma I.
Cryptographic enforcement of access control mechanisms relies on encrypting protected data with the keys stored by authorized users. This approach poses the problem of the distribution of secret keys. In this paper, a key management scheme is presented where each user stores a single key and is
SIMPL Systems, or: Can We Design Cryptographic Hardware without Secret Key Information?
Rührmair, Ulrich
This paper discusses a new cryptographic primitive termed SIMPL system. Roughly speaking, a SIMPL system is a special type of Physical Unclonable Function (PUF) which possesses a binary description that allows its (slow) public simulation and prediction. Besides this public key like functionality, SIMPL systems have another advantage: No secret information is, or needs to be, contained in SIMPL systems in order to enable cryptographic protocols - neither in the form of a standard binary key, nor as secret information hidden in random, analog features, as it is the case for PUFs. The cryptographic security of SIMPLs instead rests on (i) a physical assumption on their unclonability, and (ii) a computational assumption regarding the complexity of simulating their output. This novel property makes SIMPL systems potentially immune against many known hardware and software attacks, including malware, side channel, invasive, or modeling attacks.
A Novel Method for Generating Encryption Keys
Directory of Open Access Journals (Sweden)
Dascalescu Ana Cristina
2009-12-01
Full Text Available The development of the informational society, which has led to an impressive growth of the information volume circulating in the computer networks, has accelerated the evolution and especially the use of modern cryptography instruments. Today, the commercial products use standard cryptographic libraries that implement certified and tested cryptographic algorithms. Instead, the fragility ofencryption algorithms is given by compositional operations like key handling or key generation. In this sense, the article proposes an innovative method to generate pseudorandom numbers which can be used for the construction of secure stream encryption keys. The proposed method is based on the mathematical complements based on the algebra of the finite fields and uses a particularized structure of the linear feedback shift registers.
Cryptographic Key Management and Critical Risk Assessment
Energy Technology Data Exchange (ETDEWEB)
Abercrombie, Robert K [ORNL
2014-05-01
The Department of Energy Office of Electricity Delivery and Energy Reliability (DOE-OE) CyberSecurity for Energy Delivery Systems (CSEDS) industry led program (DE-FOA-0000359) entitled "Innovation for Increasing CyberSecurity for Energy Delivery Systems (12CSEDS)," awarded a contract to Sypris Electronics LLC to develop a Cryptographic Key Management System for the smart grid (Scalable Key Management Solutions for Critical Infrastructure Protection). Oak Ridge National Laboratory (ORNL) and Sypris Electronics, LLC as a result of that award entered into a CRADA (NFE-11-03562) between ORNL and Sypris Electronics, LLC. ORNL provided its Cyber Security Econometrics System (CSES) as a tool to be modified and used as a metric to address risks and vulnerabilities in the management of cryptographic keys within the Advanced Metering Infrastructure (AMI) domain of the electric sector. ORNL concentrated our analysis on the AMI domain of which the National Electric Sector Cyber security Organization Resource (NESCOR) Working Group 1 (WG1) has documented 29 failure scenarios. The computational infrastructure of this metric involves system stakeholders, security requirements, system components and security threats. To compute this metric, we estimated the stakes that each stakeholder associates with each security requirement, as well as stochastic matrices that represent the probability of a threat to cause a component failure and the probability of a component failure to cause a security requirement violation. We applied this model to estimate the security of the AMI, by leveraging the recently established National Institute of Standards and Technology Interagency Report (NISTIR) 7628 guidelines for smart grid security and the International Electrotechnical Commission (IEC) 63351, Part 9 to identify the life cycle for cryptographic key management, resulting in a vector that assigned to each stakeholder an estimate of their average loss in terms of dollars per day of system
A Robust SRAM-PUF Key Generation Scheme Based on Polar Codes
Chen, Bin; Ignatenko, Tanya; Willems, Frans M. J.; Maes, Roel; van der Sluis, Erik; Selimis, Georgios
2017-01-01
Physical unclonable functions (PUFs) are relatively new security primitives used for device authentication and device-specific secret key generation. In this paper we focus on SRAM-PUFs. The SRAM-PUFs enjoy uniqueness and randomness properties stemming from the intrinsic randomness of SRAM memory cells, which is a result of manufacturing variations. This randomness can be translated into the cryptographic keys thus avoiding the need to store and manage the device cryptographic keys. Therefore...
A Symmetric Key Cryptographic Technique Through Swapping Bits in Binary Field Using p-Box Matrix
Subhranil Som; Soumasree Banerjee
2014-01-01
In this paper a symmetric key cryptographic algorithm named as “A Symmetric Key Cryptographic Technique Through Swapping Bits in Binary Field Using p-box Matrix“ is proposed. Secret sharing is a technique by which any information can be break down into small pieces. The secret can be reconstructed only when a sufficient number of pieces of shares are combined together; individual shares are of no use on their own. Traditional secret sharing scheme possesses high computational ...
Cryptographic Key Management in Delay Tolerant Networks: A Survey
Directory of Open Access Journals (Sweden)
Sofia Anna Menesidou
2017-06-01
Full Text Available Since their appearance at the dawn of the second millennium, Delay or Disruption Tolerant Networks (DTNs have gradually evolved, spurring the development of a variety of methods and protocols for making them more secure and resilient. In this context, perhaps, the most challenging problem to deal with is that of cryptographic key management. To the best of our knowledge, the work at hand is the first to survey the relevant literature and classify the various so far proposed key management approaches in such a restricted and harsh environment. Towards this goal, we have grouped the surveyed key management methods into three major categories depending on whether the particular method copes with (a security initialization, (b key establishment, and (c key revocation. We have attempted to provide a concise but fairly complete evaluation of the proposed up-to-date methods in a generalized way with the aim of offering a central reference point for future research.
Quantum cryptography using coherent states: Randomized encryption and key generation
Corndorf, Eric
objectives of key generation and direct data-encryption, a new quantum cryptographic principle is demonstrated wherein keyed coherent-state signal sets are employed. Taking advantage of the fundamental and irreducible quantum-measurement noise of coherent states, these schemes do not require the users to measure the influence of an attacker. Experimental key-generation and data encryption schemes based on these techniques, which are compatible with today's WDM fiber-optic telecommunications infrastructure, are implemented and analyzed.
Cryptographic Boolean functions and applications
Cusick, Thomas W
2009-01-01
Boolean functions are the building blocks of symmetric cryptographic systems. Symmetrical cryptographic algorithms are fundamental tools in the design of all types of digital security systems (i.e. communications, financial and e-commerce).Cryptographic Boolean Functions and Applications is a concise reference that shows how Boolean functions are used in cryptography. Currently, practitioners who need to apply Boolean functions in the design of cryptographic algorithms and protocols need to patch together needed information from a variety of resources (books, journal articles and other sources). This book compiles the key essential information in one easy to use, step-by-step reference. Beginning with the basics of the necessary theory the book goes on to examine more technical topics, some of which are at the frontier of current research.-Serves as a complete resource for the successful design or implementation of cryptographic algorithms or protocols using Boolean functions -Provides engineers and scient...
A novel, privacy-preserving cryptographic approach for sharing sequencing data
Cassa, Christopher A; Miller, Rachel A; Mandl, Kenneth D
2013-01-01
Objective DNA samples are often processed and sequenced in facilities external to the point of collection. These samples are routinely labeled with patient identifiers or pseudonyms, allowing for potential linkage to identity and private clinical information if intercepted during transmission. We present a cryptographic scheme to securely transmit externally generated sequence data which does not require any patient identifiers, public key infrastructure, or the transmission of passwords. Materials and methods This novel encryption scheme cryptographically protects participant sequence data using a shared secret key that is derived from a unique subset of an individual’s genetic sequence. This scheme requires access to a subset of an individual’s genetic sequence to acquire full access to the transmitted sequence data, which helps to prevent sample mismatch. Results We validate that the proposed encryption scheme is robust to sequencing errors, population uniqueness, and sibling disambiguation, and provides sufficient cryptographic key space. Discussion Access to a set of an individual’s genotypes and a mutually agreed cryptographic seed is needed to unlock the full sequence, which provides additional sample authentication and authorization security. We present modest fixed and marginal costs to implement this transmission architecture. Conclusions It is possible for genomics researchers who sequence participant samples externally to protect the transmission of sequence data using unique features of an individual’s genetic sequence. PMID:23125421
Cryptographic applications of analytic number theory complexity lower bounds and pseudorandomness
2003-01-01
The book introduces new ways of using analytic number theory in cryptography and related areas, such as complexity theory and pseudorandom number generation. Key topics and features: - various lower bounds on the complexity of some number theoretic and cryptographic problems, associated with classical schemes such as RSA, Diffie-Hellman, DSA as well as with relatively new schemes like XTR and NTRU - a series of very recent results about certain important characteristics (period, distribution, linear complexity) of several commonly used pseudorandom number generators, such as the RSA generator, Blum-Blum-Shub generator, Naor-Reingold generator, inversive generator, and others - one of the principal tools is bounds of exponential sums, which are combined with other number theoretic methods such as lattice reduction and sieving - a number of open problems of different level of difficulty and proposals for further research - an extensive and up-to-date bibliography Cryptographers and number theorists will find th...
Modelling Cryptographic Keys in Dynamic Epistemic Logic with DEMO
H. van Ditmarsch (Hans); D.J.N. van Eijck (Jan); F.A.G. Sietsma (Floor); S.E. Simon (Sunil); not CWI et al; J.B. Perez; not CWI et al
2012-01-01
textabstractIt is far from obvious to find logical counterparts to cryptographic protocol primitives. In logic, a common assumption is that agents are perfectly rational and have no computational limitations. This creates a dilemma. If one merely abstracts from computational aspects, protocols
Methods of Generating Key Sequences Based on Parameters of Handwritten Passwords and Signatures
Directory of Open Access Journals (Sweden)
Pavel Lozhnikov
2016-10-01
Full Text Available The modern encryption methods are reliable if strong keys (passwords are used, but the human factor issue cannot be solved by cryptographic methods. The best variant is binding all authenticators (passwords, encryption keys, and others to the identities. When a user is authenticated by biometrical characteristics, the problem of protecting a biometrical template stored on a remote server becomes a concern. The paper proposes several methods of generating keys (passwords by means of the fuzzy extractors method based on signature parameters without storing templates in an open way.
Efficient RSA Key Generation and Threshold Paillier in the Two-Party Setting
DEFF Research Database (Denmark)
Hazay, Carmit; Mikkelsen, Gert Læssøe; Rabin, Tal
2011-01-01
with security against malicious behavior. Our second contribution is complete Paillier [Pai99] threshold encryption scheme in the two-party setting with security against malicious behavior. Furthermore, we describe how to extend our protocols to the multiparty setting with dishonest majority. Our RSA key...... generation is comprised of the following: (i) a distributed protocol for generation of an RSA composite, and (ii) a biprimality test for verifying the validity of the generated composite. Our Paillier threshold encryption scheme uses the RSA composite as public key and is comprised of: (i) a distributed......The problem of generating an RSA composite in a distributed manner without leaking its factorization is particularly challenging and useful in many cryptographic protocols. Our first contribution is the first non-generic fully simulatable protocol for distributively generating an RSA composite...
Fundamental quantitative security in quantum key generation
International Nuclear Information System (INIS)
Yuen, Horace P.
2010-01-01
We analyze the fundamental security significance of the quantitative criteria on the final generated key K in quantum key generation including the quantum criterion d, the attacker's mutual information on K, and the statistical distance between her distribution on K and the uniform distribution. For operational significance a criterion has to produce a guarantee on the attacker's probability of correctly estimating some portions of K from her measurement, in particular her maximum probability of identifying the whole K. We distinguish between the raw security of K when the attacker just gets at K before it is used in a cryptographic context and its composition security when the attacker may gain further information during its actual use to help get at K. We compare both of these securities of K to those obtainable from conventional key expansion with a symmetric key cipher. It is pointed out that a common belief in the superior security of a quantum generated K is based on an incorrect interpretation of d which cannot be true, and the security significance of d is uncertain. Generally, the quantum key distribution key K has no composition security guarantee and its raw security guarantee from concrete protocols is worse than that of conventional ciphers. Furthermore, for both raw and composition security there is an exponential catch-up problem that would make it difficult to quantitatively improve the security of K in a realistic protocol. Some possible ways to deal with the situation are suggested.
Analysis and improvement for the performance of Baptista's cryptographic scheme
International Nuclear Information System (INIS)
Wei Jun; Liao Xiaofeng; Wong, K.W.; Zhou Tsing; Deng Yigui
2006-01-01
Based on Baptista's chaotic cryptosystem, we propose a secure and robust chaotic cryptographic scheme after investigating the problems found in this cryptosystem as well as its variants. In this proposed scheme, a subkey array generated from the key and the plaintext is adopted to enhance the security. Some methods are introduced to increase the efficiency. Theoretical analyses and numerical simulations indicate that the proposed scheme is secure and efficient for practical use
Cryptographic protocol security analysis based on bounded constructing algorithm
Institute of Scientific and Technical Information of China (English)
无
2006-01-01
An efficient approach to analyzing cryptographic protocols is to develop automatic analysis tools based on formal methods. However, the approach has encountered the high computational complexity problem due to reasons that participants of protocols are arbitrary, their message structures are complex and their executions are concurrent. We propose an efficient automatic verifying algorithm for analyzing cryptographic protocols based on the Cryptographic Protocol Algebra (CPA) model proposed recently, in which algebraic techniques are used to simplify the description of cryptographic protocols and their executions. Redundant states generated in the analysis processes are much reduced by introducing a new algebraic technique called Universal Polynomial Equation and the algorithm can be used to verify the correctness of protocols in the infinite states space. We have implemented an efficient automatic analysis tool for cryptographic protocols, called ACT-SPA, based on this algorithm, and used the tool to check more than 20 cryptographic protocols. The analysis results show that this tool is more efficient, and an attack instance not offered previously is checked by using this tool.
A Cryptographic SoC for Robust Protection of Secret Keys in IPTV DRM Systems
Lee, Sanghan; Yang, Hae-Yong; Yeom, Yongjin; Park, Jongsik
The security level of an internet protocol television (IPTV) digital right management (DRM) system ultimately relies on protection of secret keys. Well known devices for the key protection include smartcards and battery backup SRAMs (BB-SRAMs); however, these devices could be vulnerable to various physical attacks. In this paper, we propose a secure and cost-effective design of a cryptographic system on chip (SoC) that integrates the BB-SRAM with a cell-based design technique. The proposed SoC provides robust safeguard against the physical attacks, and satisfies high-speed and low-price requirements of IPTV set-top boxes. Our implementation results show that the maximum encryption rate of the SoC is 633Mb/s. In order to verify the data retention capabilities, we made a prototype chip using 0.18µm standard cell technology. The experimental results show that the integrated BB-SRAM can reliably retain data with a 1.4µA leakage current.
Energy Technology Data Exchange (ETDEWEB)
Abercrombie, R. K. [ORNL; Peters, Scott [Sypris Electronics, LLC
2014-05-28
The Department of Energy Office of Electricity Delivery and Energy Reliability (DOE-OE) Cyber Security for Energy Delivery Systems (CSEDS) industry led program (DE-FOA-0000359) entitled "Innovation for Increasing Cyber Security for Energy Delivery Systems (12CSEDS)," awarded a contract to Sypris Electronics LLC to develop a Cryptographic Key Management System for the smart grid (Scalable Key Management Solutions for Critical Infrastructure Protection). Oak Ridge National Laboratory (ORNL) and Sypris Electronics, LLC as a result of that award entered into a CRADA (NFE-11-03562) between ORNL and Sypris Electronics, LLC. ORNL provided its Cyber Security Econometrics System (CSES) as a tool to be modified and used as a metric to address risks and vulnerabilities in the management of cryptographic keys within the Advanced Metering Infrastructure (AMI) domain of the electric sector. ORNL concentrated our analysis on the AMI domain of which the National Electric Sector Cyber security Organization Resource (NESCOR) Working Group 1 (WG1) has documented 29 failure scenarios. The computational infrastructure of this metric involves system stakeholders, security requirements, system components and security threats. To compute this metric, we estimated the stakes that each stakeholder associates with each security requirement, as well as stochastic matrices that represent the probability of a threat to cause a component failure and the probability of a component failure to cause a security requirement violation. We applied this model to estimate the security of the AMI, by leveraging the recently established National Institute of Standards and Technology Interagency Report (NISTIR) 7628 guidelines for smart grid security and the International Electrotechnical Commission (IEC) 63351, Part 9 to identify the life cycle for cryptographic key management, resulting in a vector that assigned to each stakeholder an estimate of their average loss in terms of dollars per day of system
Analysis and Implementation of Cryptographic Hash Functions in Programmable Logic Devices
Directory of Open Access Journals (Sweden)
Tautvydas Brukštus
2016-06-01
Full Text Available In this day’s world, more and more focused on data pro-tection. For data protection using cryptographic science. It is also important for the safe storage of passwords for this uses a cryp-tographic hash function. In this article has been selected the SHA-256 cryptographic hash function to implement and explore, based on fact that it is now a popular and safe. SHA-256 cryp-tographic function did not find any theoretical gaps or conflict situations. Also SHA-256 cryptographic hash function used cryptographic currencies. Currently cryptographic currency is popular and their value is high. For the measurements have been chosen programmable logic integrated circuits as they less effi-ciency then ASIC. We chose Altera Corporation produced prog-rammable logic integrated circuits. Counting speed will be inves-tigated by three programmable logic integrated circuit. We will use programmable logic integrated circuits belong to the same family, but different generations. Each programmable logic integ-rated circuit made using different dimension technology. Choo-sing these programmable logic integrated circuits: EP3C16, EP4CE115 and 5CSEMA5F31. To compare calculations perfor-mances parameters are provided in the tables and graphs. Re-search show the calculation speed and stability of different prog-rammable logic circuits.
Physically Unclonable Cryptographic Primitives by Chemical Vapor Deposition of Layered MoS2.
Alharbi, Abdullah; Armstrong, Darren; Alharbi, Somayah; Shahrjerdi, Davood
2017-12-26
Physically unclonable cryptographic primitives are promising for securing the rapidly growing number of electronic devices. Here, we introduce physically unclonable primitives from layered molybdenum disulfide (MoS 2 ) by leveraging the natural randomness of their island growth during chemical vapor deposition (CVD). We synthesize a MoS 2 monolayer film covered with speckles of multilayer islands, where the growth process is engineered for an optimal speckle density. Using the Clark-Evans test, we confirm that the distribution of islands on the film exhibits complete spatial randomness, hence indicating the growth of multilayer speckles is a spatial Poisson process. Such a property is highly desirable for constructing unpredictable cryptographic primitives. The security primitive is an array of 2048 pixels fabricated from this film. The complex structure of the pixels makes the physical duplication of the array impossible (i.e., physically unclonable). A unique optical response is generated by applying an optical stimulus to the structure. The basis for this unique response is the dependence of the photoemission on the number of MoS 2 layers, which by design is random throughout the film. Using a threshold value for the photoemission, we convert the optical response into binary cryptographic keys. We show that the proper selection of this threshold is crucial for maximizing combination randomness and that the optimal value of the threshold is linked directly to the growth process. This study reveals an opportunity for generating robust and versatile security primitives from layered transition metal dichalcogenides.
Rationality in the Cryptographic Model
DEFF Research Database (Denmark)
Hubacek, Pavel
This thesis presents results in the field of rational cryptography. In the first part we study the use of cryptographic protocols to avoid mediation and binding commitment when implementing game theoretic equilibrium concepts. First, we concentrate on the limits of cryptographic cheap talk...... to implement correlated equilibria of two-player strategic games in a sequentially rational way. We show that there exist two-player games for which no cryptographic protocol can implement the mediator in a sequentially rational way; that is, without introducing empty threats. In the context of computational...... with appealing economic applications. Our implementation puts forward a notion of cryptographically blinded games that exploits the power of encryption to selectively restrict the information available to players about sampled action profiles, such that these desirable equilibria can be stably achieved...
International Nuclear Information System (INIS)
Muhammad, K.; Jan, Z.; Khan, Z
2015-01-01
Wireless Sensor Networks (WSNs) are memory and bandwidth limited networks whose main goals are to maximize the network lifetime and minimize the energy consumption and transmission cost. To achieve these goals, different techniques of compression and clustering have been used. However, security is an open and major issue in WSNs for which different approaches are used, both in centralized and distributed WSNs' environments. This paper presents an adaptive cryptographic scheme for secure transmission of various sensitive parameters, sensed by wireless sensors to the fusion center for further processing in WSNs such as military networks. The proposed method encrypts the sensitive captured data of sensor nodes using various encryption procedures (bitxor operation, bits shuffling, and secret key based encryption) and then sends it to the fusion center. At the fusion center, the received encrypted data is decrypted for taking further necessary actions. The experimental results with complexity analysis, validate the effectiveness and feasibility of the proposed method in terms of security in WSNs. (author)
Quantum cryptography beyond quantum key distribution
Broadbent, A.; Schaffner, C.
2016-01-01
Quantum cryptography is the art and science of exploiting quantum mechanical effects in order to perform cryptographic tasks. While the most well-known example of this discipline is quantum key distribution (QKD), there exist many other applications such as quantum money, randomness generation,
Using Compilers to Enhance Cryptographic Product Development
Bangerter, E.; Barbosa, M.; Bernstein, D.; Damgård, I.; Page, D.; Pagter, J. I.; Sadeghi, A.-R.; Sovio, S.
Developing high-quality software is hard in the general case, and it is significantly more challenging in the case of cryptographic software. A high degree of new skill and understanding must be learnt and applied without error to avoid vulnerability and inefficiency. This is often beyond the financial, manpower or intellectual resources avail-able. In this paper we present the motivation for the European funded CACE (Computer Aided Cryptography Engineering) project The main objective of CACE is to provide engineers (with limited or no expertise in cryptography) with a toolbox that allows them to generate robust and efficient implementations of cryptographic primitives. We also present some preliminary results already obtained in the early stages of this project, and discuss the relevance of the project as perceived by stakeholders in the mobile device arena.
Security for Key Management Interfaces
Kremer , Steve; Steel , Graham; Warinschi , Bogdan
2011-01-01
International audience; We propose a much-needed formal definition of security for cryptographic key management APIs. The advantages of our definition are that it is general, intuitive, and applicable to security proofs in both symbolic and computational models of cryptography. Our definition relies on an idealized API which allows only the most essential functions for generating, exporting and importing keys, and takes into account dynamic corruption of keys. Based on this we can define the ...
Efficient RSA Key Generation and Threshold Paillier in the Two-Party Setting
DEFF Research Database (Denmark)
Hazay, Carmit; Mikkelsen, Gert Læssøe; Rabin, Tal
2012-01-01
The problem of generating an RSA composite in a distributed manner without leaking its factorization is particularly challenging and useful in many cryptographic protocols. Our first contribution is the first non-generic fully simulatable protocol for distributively generating an RSA composite wi...
Key Management Strategies for Safeguards Authentication and Encryption
International Nuclear Information System (INIS)
Coram, M.; Hymel, R.; McDaniel, M.; Brotz, J.
2015-01-01
Management of cryptographic keys for the authentication and encryption of safeguards data can be the critical weak link in the practical implementation of information security. Within the safeguards community, there is the need to validate that data has not been modified at any point since generation and that it was generated by the monitoring node and not an imposter. In addition, there is the need for that data to be transmitted securely between the monitoring node and the monitoring party such that it cannot be intercepted and read while in transit. Encryption and digital signatures support the required confidentiality and authenticity but challenges exist in managing the cryptographic keys they require. Technologies developed at Sandia National Laboratories have evolved in their use of an associated key management strategy. The first generation system utilized a shared secret key for digital signatures. While fast and efficient, it required that a list of keys be maintained and protected. If control of the key was lost, fraudulent data could be made to look authentic. The second generation changed to support public key / private key cryptography. The key pair is generated by the system, the public key shared, and the private key held internally. This approach eliminated the need to maintain the list of keys. It also allows the public key to be provided to anyone needing to authenticate the data without allowing them to spoof data. A third generation system, currently under development, improves upon the public key / private key approach to address a potential man-in-the-middle attack related to the sharing of the public key. In a planned fourth generation system, secure key exchange protocols will distribute session keys for encryption, eliminating another fixed set of keys utilized by the technology and allowing for periodic renegotiation of keys for enhanced security. (author)
Brown, Adrian P; Borgs, Christian; Randall, Sean M; Schnell, Rainer
2017-06-08
Integrating medical data using databases from different sources by record linkage is a powerful technique increasingly used in medical research. Under many jurisdictions, unique personal identifiers needed for linking the records are unavailable. Since sensitive attributes, such as names, have to be used instead, privacy regulations usually demand encrypting these identifiers. The corresponding set of techniques for privacy-preserving record linkage (PPRL) has received widespread attention. One recent method is based on Bloom filters. Due to superior resilience against cryptographic attacks, composite Bloom filters (cryptographic long-term keys, CLKs) are considered best practice for privacy in PPRL. Real-world performance of these techniques using large-scale data is unknown up to now. Using a large subset of Australian hospital admission data, we tested the performance of an innovative PPRL technique (CLKs using multibit trees) against a gold-standard derived from clear-text probabilistic record linkage. Linkage time and linkage quality (recall, precision and F-measure) were evaluated. Clear text probabilistic linkage resulted in marginally higher precision and recall than CLKs. PPRL required more computing time but 5 million records could still be de-duplicated within one day. However, the PPRL approach required fine tuning of parameters. We argue that increased privacy of PPRL comes with the price of small losses in precision and recall and a large increase in computational burden and setup time. These costs seem to be acceptable in most applied settings, but they have to be considered in the decision to apply PPRL. Further research on the optimal automatic choice of parameters is needed.
Cryptographic framework for document-objects resulting from multiparty collaborative transactions.
Goh, A
2000-01-01
Multiparty transactional frameworks--i.e. Electronic Data Interchange (EDI) or Health Level (HL) 7--often result in composite documents which can be accurately modelled using hyperlinked document-objects. The structural complexity arising from multiauthor involvement and transaction-specific sequencing would be poorly handled by conventional digital signature schemes based on a single evaluation of a one-way hash function and asymmetric cryptography. In this paper we outline the generation of structure-specific authentication hash-trees for the the authentication of transactional document-objects, followed by asymmetric signature generation on the hash-tree value. Server-side multi-client signature verification would probably constitute the single most compute-intensive task, hence the motivation for our usage of the Rabin signature protocol which results in significantly reduced verification workloads compared to the more commonly applied Rivest-Shamir-Adleman (RSA) protocol. Data privacy is handled via symmetric encryption of message traffic using session-specific keys obtained through key-negotiation mechanisms based on discrete-logarithm cryptography. Individual client-to-server channels can be secured using a double key-pair variation of Diffie-Hellman (DH) key negotiation, usage of which also enables bidirectional node authentication. The reciprocal server-to-client multicast channel is secured through Burmester-Desmedt (BD) key-negotiation which enjoys significant advantages over the usual multiparty extensions to the DH protocol. The implementation of hash-tree signatures and bi/multidirectional key negotiation results in a comprehensive cryptographic framework for multiparty document-objects satisfying both authentication and data privacy requirements.
Lightweight Cryptographic Techniques
National Research Council Canada - National Science Library
Yuen, Horace
2004-01-01
The objective of this project was to develop new cryptographic techniques, and to modify the important existing ones, for applications to encryption and authentication in energy-constrained sensors...
Anonymity-Preserving Public-Key Encryption
DEFF Research Database (Denmark)
Kohlweiss, Markulf; Maurer, Ueli; Onete, Cristina
2013-01-01
security properties have been proposed. We investigate constructions as well as limitations for preserving receiver anonymity when using public-key encryption (PKE). We use the constructive cryptography approach by Maurer and Renner and interpret cryptographic schemes as constructions of a certain ideal...... literature (IND-CCA, key-privacy, weak robustness). We also show that a desirable stronger variant, preventing the adversary from selective ”trial-deliveries” of messages, is unfortunately unachievable by any PKE scheme, no matter how strong. The constructive approach makes the guarantees achieved...... by applying a cryptographic scheme explicit in the constructed (ideal) resource; this specifies the exact requirements for the applicability of a cryptographic scheme in a given context. It also allows to decide which of the existing security properties of such a cryptographic scheme are adequate...
Protecting Cryptographic Memory against Tampering Attack
DEFF Research Database (Denmark)
Mukherjee, Pratyay
In this dissertation we investigate the question of protecting cryptographic devices from tampering attacks. Traditional theoretical analysis of cryptographic devices is based on black-box models which do not take into account the attacks on the implementations, known as physical attacks. In prac......In this dissertation we investigate the question of protecting cryptographic devices from tampering attacks. Traditional theoretical analysis of cryptographic devices is based on black-box models which do not take into account the attacks on the implementations, known as physical attacks....... In practice such attacks can be executed easily, e.g. by heating the device, as substantiated by numerous works in the past decade. Tampering attacks are a class of such physical attacks where the attacker can change the memory/computation, gains additional (non-black-box) knowledge by interacting...... with the faulty device and then tries to break the security. Prior works show that generically approaching such problem is notoriously difficult. So, in this dissertation we attempt to solve an easier question, known as memory-tampering, where the attacker is allowed tamper only with the memory of the device...
Data protection by using the «Сhua’s circuit » chaos generator
Directory of Open Access Journals (Sweden)
Тетяна Олександрівна Левицька
2017-07-01
Full Text Available This article focuses on the justification of the use of cryptosystems based on a mathematical model of the chaos generator (an electric circuit, showing modes of chaotic oscillations, proposed by Leon Chua in 1983. This article also describes the principles of implementation of cryptographic algorithm and its application prospects. Reviewed the next questions: the problems of widespread cryptosystems, the theory of cryptographically strong algorithms, absolutely and computationally secure ciphers, particular theoretical method for solving the problem of increasing the reliability of hybrid computational proof systems by inclusion of a mathematical model of chaos as a generator to encrypt transmitted data key. Here described the recommendations on the implementation of cryptographic system and requirements on the Chua’s circuit generator ch
Evaluation of Information Leakage from Cryptographic Hardware via Common-Mode Current
Hayashi, Yu-Ichi; Homma, Naofumi; Mizuki, Takaaki; Sugawara, Takeshi; Kayano, Yoshiki; Aoki, Takafumi; Minegishi, Shigeki; Satoh, Akashi; Sone, Hideaki; Inoue, Hiroshi
This paper presents a possibility of Electromagnetic (EM) analysis against cryptographic modules outside their security boundaries. The mechanism behind the information leakage is explained from the view point of Electromagnetic Compatibility: electric fluctuation released from cryptographic modules can conduct to peripheral circuits based on ground bounce, resulting in radiation. We demonstrate the consequence of the mechanism through experiments where the ISO/IEC standard block cipher AES (Advanced Encryption Standard) is implemented on an FPGA board and EM radiations from power and communication cables are measured. Correlation Electromagnetic Analysis (CEMA) is conducted in order to evaluate the information leakage. The experimental results show that secret keys are revealed even though there are various disturbing factors such as voltage regulators and AC/DC converters between the target module and the measurement points. We also discuss information-suppression techniques as electrical-level countermeasures against such CEMAs.
NESSIE: A European Approach to Evaluate Cryptographic Algorithms
Preneel, Bart
2002-01-01
The NESSIE project (New European Schemes for Signature, Integrity and Encryption) intends to put forward a portfolio containing the next generation of cryptographic primitives. These primitives will offer a higher security level than existing primitives, and/or will offer a higher confidence level, built up by an open evaluation process. Moreover, they should be better suited for the constraints of future hardware and software environments. In order to reach this goal, the project has launche...
Directory of Open Access Journals (Sweden)
M. Varchola
2009-12-01
Full Text Available This paper deals with an evaluation platform for cryptographic True Random Number Generators (TRNGs based on the hardware implementation of statistical tests for FPGAs. It was developed in order to provide an automatic tool that helps to speed up the TRNG design process and can provide new insights on the TRNG behavior as it will be shown on a particular example in the paper. It enables to test sufﬁcient statistical properties of various TRNG designs under various working conditions on the ﬂy. Moreover, the tests are suitable to be embedded into cryptographic hardware products in order to recognize TRNG output of weak quality and thus increase its robustness and reliability. Tests are fully compatible with the FIPS 140 standard and are implemented by the VHDL language as an IP-Core for vendor independent FPGAs. A recent Flash based Actel Fusion FPGA was chosen for preliminary experiments. The Actel version of the tests possesses an interface to the Actel’s CoreMP7 softcore processor that is fully compatible with the industry standard ARM7TDMI. Moreover, identical tests suite was implemented to the Xilinx Virtex 2 and 5 in order to compare the performance of the proposed solution with the performance of already published one based on the same FPGAs. It was achieved 25% and 65% greater clock frequency respectively while consuming almost equal resources of the Xilinx FPGAs. On the top of it, the proposed FIPS 140 architecture is capable of processing one random bit per one clock cycle which results in 311.5 Mbps throughput for Virtex 5 FPGA.
Enhanced Matrix Power Function for Cryptographic Primitive Construction
Directory of Open Access Journals (Sweden)
Eligijus Sakalauskas
2018-02-01
Full Text Available A new enhanced matrix power function (MPF is presented for the construction of cryptographic primitives. According to the definition in previously published papers, an MPF is an action of two matrices powering some base matrix on the left and right. The MPF inversion equations, corresponding to the MPF problem, are derived and have some structural similarity with classical multivariate quadratic (MQ problem equations. Unlike the MQ problem, the MPF problem seems to be more complicated, since its equations are not defined over the field, but are represented as left–right action of two matrices defined over the infinite near-semiring on the matrix defined over the certain infinite, additive, noncommuting semigroup. The main results are the following: (1 the proposition of infinite, nonsymmetric, and noncommuting algebraic structures for the construction of the enhanced MPF, satisfying associativity conditions, which are necessary for cryptographic applications; (2 the proof that MPF inversion is polynomially equivalent to the solution of a certain kind of generalized multivariate quadratic (MQ problem which can be reckoned as hard; (3 the estimation of the effectiveness of direct MPF value computation; and (4 the presentation of preliminary security analysis, the determination of the security parameter, and specification of its secure value. These results allow us to make a conjecture that enhanced MPF can be a candidate one-way function (OWF, since the effective (polynomial-time inversion algorithm for it is not yet known. An example of the application of the proposed MPF for the Key Agreement Protocol (KAP is presented. Since the direct MPF value is computed effectively, the proposed MPF is suitable for the realization of cryptographic protocols in devices with restricted computation resources.
Low-power cryptographic coprocessor for autonomous wireless sensor networks
Olszyna, Jakub; Winiecki, Wiesław
2013-10-01
The concept of autonomous wireless sensor networks involves energy harvesting, as well as effective management of system resources. Public-key cryptography (PKC) offers the advantage of elegant key agreement schemes with which a secret key can be securely established over unsecure channels. In addition to solving the key management problem, the other major application of PKC is digital signatures, with which non-repudiation of messages exchanges can be achieved. The motivation for studying low-power and area efficient modular arithmetic algorithms comes from enabling public-key security for low-power devices that can perform under constrained environment like autonomous wireless sensor networks. This paper presents a cryptographic coprocessor tailored to the autonomous wireless sensor networks constraints. Such hardware circuit is aimed to support the implementation of different public-key cryptosystems based on modular arithmetic in GF(p) and GF(2m). Key components of the coprocessor are described as GEZEL models and can be easily transformed to VHDL and implemented in hardware.
Mathematical Background of Public Key Cryptography
DEFF Research Database (Denmark)
Frey, Gerhard; Lange, Tanja
2005-01-01
The two main systems used for public key cryptography are RSA and protocols based on the discrete logarithm problem in some cyclic group. We focus on the latter problem and state cryptographic protocols and mathematical background material.......The two main systems used for public key cryptography are RSA and protocols based on the discrete logarithm problem in some cyclic group. We focus on the latter problem and state cryptographic protocols and mathematical background material....
Tang, Li; Liu, Jing-Ning; Feng, Dan; Tong, Wei
2008-12-01
Existing security solutions in network storage environment perform poorly because cryptographic operations (encryption and decryption) implemented in software can dramatically reduce system performance. In this paper we propose a cryptographic hardware accelerator on dynamically reconfigurable platform for the security of high performance network storage system. We employ a dynamic reconfigurable platform based on a FPGA to implement a PowerPCbased embedded system, which executes cryptographic algorithms. To reduce the reconfiguration latency, we apply prefetch scheduling. Moreover, the processing elements could be dynamically configured to support different cryptographic algorithms according to the request received by the accelerator. In the experiment, we have implemented AES (Rijndael) and 3DES cryptographic algorithms in the reconfigurable accelerator. Our proposed reconfigurable cryptographic accelerator could dramatically increase the performance comparing with the traditional software-based network storage systems.
Cryptographic robustness of a quantum cryptography system using phase-time coding
International Nuclear Information System (INIS)
Molotkov, S. N.
2008-01-01
A cryptographic analysis is presented of a new quantum key distribution protocol using phase-time coding. An upper bound is obtained for the error rate that guarantees secure key distribution. It is shown that the maximum tolerable error rate for this protocol depends on the counting rate in the control time slot. When no counts are detected in the control time slot, the protocol guarantees secure key distribution if the bit error rate in the sifted key does not exceed 50%. This protocol partially discriminates between errors due to system defects (e.g., imbalance of a fiber-optic interferometer) and eavesdropping. In the absence of eavesdropping, the counts detected in the control time slot are not caused by interferometer imbalance, which reduces the requirements for interferometer stability.
Analysis of android random number generator
Sarıtaş, Serkan
2013-01-01
Ankara : The Department of Computer Engineering and the Graduate School of Engineering and Science of Bilkent University, 2013. Thesis (Master's) -- Bilkent University, 2013. Includes bibliographical references leaves 61-65. Randomness is a crucial resource for cryptography, and random number generators are critical building blocks of almost all cryptographic systems. Therefore, random number generation is one of the key parts of secure communication. Random number generatio...
Designing an ASIP for cryptographic pairings over Barreto-Naehrig curves
Kammler, D.; Zhang, D.; Schwabe, P.; Scharwaechter, H.; Langenberg, M.; Auras, D.; Ascheid, G.; Mathar, R.; Clavier, C.; Gaj, K.
2009-01-01
This paper presents a design-space exploration of an application-specific instruction-set processor (ASIP) for the computation of various cryptographic pairings over Barreto-Naehrig curves (BN curves). Cryptographic pairings are based on elliptic curves over finite fields—in the case of BN curves a
Elliptic net and its cryptographic application
Muslim, Norliana; Said, Mohamad Rushdan Md
2017-11-01
Elliptic net is a generalization of elliptic divisibility sequence and in cryptography field, most cryptographic pairings that are based on elliptic curve such as Tate pairing can be improved by applying elliptic nets algorithm. The elliptic net is constructed by using n dimensional array of values in rational number satisfying nonlinear recurrence relations that arise from elliptic divisibility sequences. The two main properties hold in the recurrence relations are for all positive integers m>n, hm +nhm -n=hm +1hm -1hn2-hn +1hn -1hm2 and hn divides hm whenever n divides m. In this research, we discuss elliptic divisibility sequence associated with elliptic nets based on cryptographic perspective and its possible research direction.
Secure method for biometric-based recognition with integrated cryptographic functions.
Chiou, Shin-Yan
2013-01-01
Biometric systems refer to biometric technologies which can be used to achieve authentication. Unlike cryptography-based technologies, the ratio for certification in biometric systems needs not to achieve 100% accuracy. However, biometric data can only be directly compared through proximal access to the scanning device and cannot be combined with cryptographic techniques. Moreover, repeated use, improper storage, or transmission leaks may compromise security. Prior studies have attempted to combine cryptography and biometrics, but these methods require the synchronization of internal systems and are vulnerable to power analysis attacks, fault-based cryptanalysis, and replay attacks. This paper presents a new secure cryptographic authentication method using biometric features. The proposed system combines the advantages of biometric identification and cryptographic techniques. By adding a subsystem to existing biometric recognition systems, we can simultaneously achieve the security of cryptographic technology and the error tolerance of biometric recognition. This method can be used for biometric data encryption, signatures, and other types of cryptographic computation. The method offers a high degree of security with protection against power analysis attacks, fault-based cryptanalysis, and replay attacks. Moreover, it can be used to improve the confidentiality of biological data storage and biodata identification processes. Remote biometric authentication can also be safely applied.
Secure Method for Biometric-Based Recognition with Integrated Cryptographic Functions
Directory of Open Access Journals (Sweden)
Shin-Yan Chiou
2013-01-01
Full Text Available Biometric systems refer to biometric technologies which can be used to achieve authentication. Unlike cryptography-based technologies, the ratio for certification in biometric systems needs not to achieve 100% accuracy. However, biometric data can only be directly compared through proximal access to the scanning device and cannot be combined with cryptographic techniques. Moreover, repeated use, improper storage, or transmission leaks may compromise security. Prior studies have attempted to combine cryptography and biometrics, but these methods require the synchronization of internal systems and are vulnerable to power analysis attacks, fault-based cryptanalysis, and replay attacks. This paper presents a new secure cryptographic authentication method using biometric features. The proposed system combines the advantages of biometric identification and cryptographic techniques. By adding a subsystem to existing biometric recognition systems, we can simultaneously achieve the security of cryptographic technology and the error tolerance of biometric recognition. This method can be used for biometric data encryption, signatures, and other types of cryptographic computation. The method offers a high degree of security with protection against power analysis attacks, fault-based cryptanalysis, and replay attacks. Moreover, it can be used to improve the confidentiality of biological data storage and biodata identification processes. Remote biometric authentication can also be safely applied.
On Cryptographic Information Security in Cloud Infrastructures: PKI and IBE Methods
Directory of Open Access Journals (Sweden)
Konstantin Grigorevich Kogos
2014-05-01
Full Text Available The application of cryptographic security methods in cloud infrastructure information security is analyzed. The cryptographic problems in cloudy infrastructures are chosen; the appropriate protocols are investigated; the appropriate mathematical problems are examined.
Review and Analysis of Cryptographic Schemes Implementing Threshold Signature
Directory of Open Access Journals (Sweden)
Anastasiya Victorovna Beresneva
2015-03-01
Full Text Available This work is devoted to the study of threshold signature schemes. The systematization of the threshold signature schemes was done, cryptographic constructions based on interpolation Lagrange polynomial, ellipt ic curves and bilinear pairings were investigated. Different methods of generation and verification of threshold signatures were explored, e.g. used in a mobile agents, Internet banking and e-currency. The significance of the work is determined by the reduction of the level of counterfeit electronic documents, signed by certain group of users.
Selimis, G.; Konijnenburg, M.; Ashouei, M.; Huisken, J.; de Groot, H.; van der Leest, V.; Schrijen, G.-J.; van Hulst, M.; Tuyls, P.
2011-01-01
Due to the unattended nature of WSN (Wireless Sensor Network) deployment, each sensor can be subject to physical capture, cloning and unauthorized device alteration. In this paper, we use the embedded SRAM, often available on a wireless sensor node, for secure data (cryptographic keys, IDs)
Superposition Attacks on Cryptographic Protocols
DEFF Research Database (Denmark)
Damgård, Ivan Bjerre; Funder, Jakob Løvstad; Nielsen, Jesper Buus
2011-01-01
of information. In this paper, we introduce a fundamentally new model of quantum attacks on classical cryptographic protocols, where the adversary is allowed to ask several classical queries in quantum superposition. This is a strictly stronger attack than the standard one, and we consider the security......Attacks on classical cryptographic protocols are usually modeled by allowing an adversary to ask queries from an oracle. Security is then defined by requiring that as long as the queries satisfy some constraint, there is some problem the adversary cannot solve, such as compute a certain piece...... of several primitives in this model. We show that a secret-sharing scheme that is secure with threshold $t$ in the standard model is secure against superposition attacks if and only if the threshold is lowered to $t/2$. We use this result to give zero-knowledge proofs for all of NP in the common reference...
Quantum key distribution and cryptography
International Nuclear Information System (INIS)
Alleaume, R.
2005-01-01
Full text: Originally proposed by classical cryptographers, the ideas behind Quantum Key Distribution (QKD) have attracted considerable interest among the quantum optics community, which has significantly helped bring these ideas to reality. Experimental realizations have quickly evolved from early lab demonstrations to QKD systems that are now deployed in real conditions and targeting commercial applications. Although QKD can be theoretically proven to rely on 'unconditional security proofs' and should thus be able to provide security levels unachievable through computationally-based cryptographic techniques, the debate on the cryptographic applications of QKD remains somehow controversial. It seems that a consensus on that matter cannot be reached without a careful analysis of assumptions and definitions related to security models used in classical or in quantum cryptography. In this talk, we will try to present a comprehensive synthesis on this topic. We have initiated this work as a contribution to the European IP SECOQC project, confronting views and knowledge among experimental and theoretical quantum physicists, as well as classical cryptographers. (author)
Secured Session-key Distribution using control Vector Encryption / Decryption Process
International Nuclear Information System (INIS)
Ismail Jabiullah, M.; Abdullah Al-Shamim; Khaleqdad Khan, ANM; Lutfar Rahman, M.
2006-01-01
Frequent key changes are very much desirable for the secret communications and are thus in high demand. A session-key distribution technique has been designed and implemented using the programming language C on which the communication between the end-users is encrypted is used for the duration of a logical connection. Each session-key is obtained from the key distribution center (KDC) over the same networking facilities used for end-user communication. The control vector is cryptographically coupled with the session-key at the time of key generation in the KDC. For this, the generated hash function, master key and the session-key are used for producing the encrypted session-key, which has to be transferred. All the operations have been performed using the C programming language. This process can be widely applicable to all sorts of electronic transactions online or offline; commercially and academically.(authors)
Cryptographic pseudo-random sequence from the spatial chaotic map
International Nuclear Information System (INIS)
Sun Fuyan; Liu Shutang
2009-01-01
A scheme for pseudo-random binary sequence generation based on the spatial chaotic map is proposed. In order to face the challenge of using the proposed PRBS in cryptography, the proposed PRBS is subjected to statistical tests which are the well-known FIPS-140-1 in the area of cryptography, and correlation properties of the proposed sequences are investigated. The proposed PRBS successfully passes all these tests. Results of statistical testing of the sequences are found encouraging. The results of statistical tests suggest strong candidature for cryptographic applications.
Security of subcarrier wave quantum key distribution against the collective beam-splitting attack.
Miroshnichenko, G P; Kozubov, A V; Gaidash, A A; Gleim, A V; Horoshko, D B
2018-04-30
We consider a subcarrier wave quantum key distribution (QKD) system, where quantum encoding is carried out at weak sidebands generated around a coherent optical beam as a result of electro-optical phase modulation. We study security of two protocols, B92 and BB84, against one of the most powerful attacks for this class of systems, the collective beam-splitting attack. Our analysis includes the case of high modulation index, where the sidebands are essentially multimode. We demonstrate numerically and experimentally that a subcarrier wave QKD system with realistic parameters is capable of distributing cryptographic keys over large distances in presence of collective attacks. We also show that BB84 protocol modification with discrimination of only one state in each basis performs not worse than the original BB84 protocol in this class of QKD systems, thus significantly simplifying the development of cryptographic networks using the considered QKD technique.
sPECTRA: a Precise framEwork for analyzing CrypTographic vulneRabilities in Android apps
Gajrani, J.; Tripathi, M.; Laxmi, V.; Gaur, M. S.; Conti, M.; Rajarajan, M.
2017-01-01
The majority of Android applications (apps) deals with user's personal data. Users trust these apps and allow them to access all sensitive data. Cryptography, when employed in an appropriate way, can be used to prevent misuse of data. Unfortunately, cryptographic libraries also include vulnerable cryptographic services. Since Android app developers may not be cryptographic experts, this makes apps become the target of various attacks due to cryptographic vulnerabilities. In this work, we pres...
Cryptographic robustness of practical quantum cryptography: BB84 key distribution protocol
International Nuclear Information System (INIS)
Molotkov, S. N.
2008-01-01
In real fiber-optic quantum cryptography systems, the avalanche photodiodes are not perfect, the source of quantum states is not a single-photon one, and the communication channel is lossy. For these reasons, key distribution is impossible under certain conditions for the system parameters. A simple analysis is performed to find relations between the parameters of real cryptography systems and the length of the quantum channel that guarantee secure quantum key distribution when the eavesdropper's capabilities are limited only by fundamental laws of quantum mechanics while the devices employed by the legitimate users are based on current technologies. Critical values are determined for the rate of secure real-time key generation that can be reached under the current technology level. Calculations show that the upper bound on channel length can be as high as 300 km for imperfect photodetectors (avalanche photodiodes) with present-day quantum efficiency (η ∼ 20%) and dark count probability (p dark ∼ 10 -7 )
Ablayev, F. M.; Vasiliev, A. V.
2014-02-01
We present a version of quantum hash functions based on non-binary discrete functions. The proposed quantum procedure is ‘classical-quantum’, that is, it takes a classical bit string as an input and produces a quantum state. The resulting function has the property of a one-way function (pre-image resistance); in addition it has properties analogous to classical cryptographic hash second pre-image resistance and collision resistance. We also show that the proposed function can be naturally used in a quantum digital signature protocol.
International Nuclear Information System (INIS)
Ablayev, F M; Vasiliev, A V
2014-01-01
We present a version of quantum hash functions based on non-binary discrete functions. The proposed quantum procedure is ‘classical-quantum’, that is, it takes a classical bit string as an input and produces a quantum state. The resulting function has the property of a one-way function (pre-image resistance); in addition it has properties analogous to classical cryptographic hash second pre-image resistance and collision resistance. We also show that the proposed function can be naturally used in a quantum digital signature protocol. (letter)
International Nuclear Information System (INIS)
Gaidash, A A; Egorov, V I; Gleim, A V
2014-01-01
Quantum cryptography in theory allows distributing secure keys between two users so that any performed eavesdropping attempt would be immediately discovered. However, in practice an eavesdropper can obtain key information from multi-photon states when attenuated laser radiation is used as a source. In order to overcome this possibility, it is generally suggested to implement special cryptographic protocols, like decoy states or SARG04. We present an alternative method based on monitoring photon number statistics after detection. This method can therefore be used with any existing protocol
Formal Analysis of Key Integrity in PKCS#11
Falcone, Andrea; Focardi, Riccardo
PKCS#11 is a standard API to cryptographic devices such as smarcards, hardware security modules and usb crypto-tokens. Though widely adopted, this API has been shown to be prone to attacks in which a malicious user gains access to the sensitive keys stored in the devices. In 2008, Delaune, Kremer and Steel proposed a model to formally reason on this kind of attacks. We extend this model to also describe flaws that are based on integrity violations of the stored keys. In particular, we consider scenarios in which a malicious overwriting of keys might fool honest users into using attacker's own keys, while performing sensitive operations. We further enrich the model with a trusted key mechanism ensuring that only controlled, non-tampered keys are used in cryptographic operations, and we show how this modified API prevents the above mentioned key-replacement attacks.
A Verifiable Language for Cryptographic Protocols
DEFF Research Database (Denmark)
Nielsen, Christoffer Rosenkilde
We develop a formal language for specifying cryptographic protocols in a structured and clear manner, which allows verification of many interesting properties; in particular confidentiality and integrity. The study sheds new light on the problem of creating intuitive and human readable languages...
Directory of Open Access Journals (Sweden)
Pryo Utomo
2017-06-01
Full Text Available One Time Pad (OTP is a cryptographic algorithm that is quite easy to be implemented. This algorithm works by converting plaintext and key into decimal then converting into binary number and calculating Exclusive-OR logic. In this paper, the authors try to make the comparison of OTP cryptography using KPI and KCT so that the ciphertext will be generated more difficult to be known. In the Key and Plaintext Insertion (KPI Method, we modify the OTP algorithm by adding the key insertion in the plaintext that has been splitted. Meanwhile in the Key Coloumnar Transposition (KCT Method, we modify the OTP algorithm by dividing the key into some parts in matrix of rows and coloumns. Implementation of the algorithms using PHP programming language.
Cryptographic Protocols Based on Root Extracting
DEFF Research Database (Denmark)
Koprowski, Maciej
In this thesis we design new cryptographic protocols, whose security is based on the hardness of root extracting or more speci cally the RSA problem. First we study the problem of root extraction in nite Abelian groups, where the group order is unknown. This is a natural generalization of the...... complexity of root extraction, even if the algorithm can choose the "public exponent'' itself. In other words, both the standard and the strong RSA assumption are provably true w.r.t. generic algorithms. The results hold for arbitrary groups, so security w.r.t. generic attacks follows for any cryptographic...... groups. In all cases, security follows from a well de ned complexity assumption (the strong root assumption), without relying on random oracles. A smooth natural number has no big prime factors. The probability, that a random natural number not greater than x has all prime factors smaller than x1/u...
A new method for generating an invariant iris private key based on the fuzzy vault system.
Lee, Youn Joo; Park, Kang Ryoung; Lee, Sung Joo; Bae, Kwanghyuk; Kim, Jaihie
2008-10-01
Cryptographic systems have been widely used in many information security applications. One main challenge that these systems have faced has been how to protect private keys from attackers. Recently, biometric cryptosystems have been introduced as a reliable way of concealing private keys by using biometric data. A fuzzy vault refers to a biometric cryptosystem that can be used to effectively protect private keys and to release them only when legitimate users enter their biometric data. In biometric systems, a critical problem is storing biometric templates in a database. However, fuzzy vault systems do not need to directly store these templates since they are combined with private keys by using cryptography. Previous fuzzy vault systems were designed by using fingerprint, face, and so on. However, there has been no attempt to implement a fuzzy vault system that used an iris. In biometric applications, it is widely known that an iris can discriminate between persons better than other biometric modalities. In this paper, we propose a reliable fuzzy vault system based on local iris features. We extracted multiple iris features from multiple local regions in a given iris image, and the exact values of the unordered set were then produced using the clustering method. To align the iris templates with the new input iris data, a shift-matching technique was applied. Experimental results showed that 128-bit private keys were securely and robustly generated by using any given iris data without requiring prealignment.
Kish, Laszlo B; Abbott, Derek; Granqvist, Claes G
2013-01-01
Recently, Bennett and Riedel (BR) (http://arxiv.org/abs/1303.7435v1) argued that thermodynamics is not essential in the Kirchhoff-law-Johnson-noise (KLJN) classical physical cryptographic exchange method in an effort to disprove the security of the KLJN scheme. They attempted to demonstrate this by introducing a dissipation-free deterministic key exchange method with two batteries and two switches. In the present paper, we first show that BR's scheme is unphysical and that some elements of its assumptions violate basic protocols of secure communication. All our analyses are based on a technically unlimited Eve with infinitely accurate and fast measurements limited only by the laws of physics and statistics. For non-ideal situations and at active (invasive) attacks, the uncertainly principle between measurement duration and statistical errors makes it impossible for Eve to extract the key regardless of the accuracy or speed of her measurements. To show that thermodynamics and noise are essential for the security, we crack the BR system with 100% success via passive attacks, in ten different ways, and demonstrate that the same cracking methods do not function for the KLJN scheme that employs Johnson noise to provide security underpinned by the Second Law of Thermodynamics. We also present a critical analysis of some other claims by BR; for example, we prove that their equations for describing zero security do not apply to the KLJN scheme. Finally we give mathematical security proofs for each BR-attack against the KLJN scheme and conclude that the information theoretic (unconditional) security of the KLJN method has not been successfully challenged.
Key Management in Wireless Sensor Networks
Directory of Open Access Journals (Sweden)
Ismail Mansour
2015-09-01
Full Text Available Wireless sensor networks are a challenging field of research when it comes to security issues. Using low cost sensor nodes with limited resources makes it difficult for cryptographic algorithms to function without impacting energy consumption and latency. In this paper, we focus on key management issues in multi-hop wireless sensor networks. These networks are easy to attack due to the open nature of the wireless medium. Intruders could try to penetrate the network, capture nodes or take control over particular nodes. In this context, it is important to revoke and renew keys that might be learned by malicious nodes. We propose several secure protocols for key revocation and key renewal based on symmetric encryption and elliptic curve cryptography. All protocols are secure, but have different security levels. Each proposed protocol is formally proven and analyzed using Scyther, an automatic verification tool for cryptographic protocols. For efficiency comparison sake, we implemented all protocols on real testbeds using TelosB motes and discussed their performances.
Multi-operation cryptographic engine: VLSI design and implementation
International Nuclear Information System (INIS)
Selimis, George; Koufopavlou, Odysseas
2005-01-01
The environment of smart card lacks of system resources but the commercial and economic transactions via smart cards demand the use of certificated and secure cryptographic methods. In this paper a cryptographic approach in hardware for smart cards is proposed. The proposed system supports two basic operations of cryptography, authentication and encryption. The basic component of system is the one round of DES algorithm which supports the DES, Triple DES and the ANSI X9.17 standards. The proposed system is efficient in terms of area resources and techniques for low power consumption have applied. Due to the fact that the system is for smart card applications the overall throughput outperforms the typical smart card throughput standards
Cryptographic Primitives with Quasigroup Transformations
Mileva, Aleksandra
2010-01-01
Cryptology is the science of secret communication, which consists of two complementary disciplines: cryptography and cryptanalysis. Cryptography is dealing with design and development of new primitives, algorithms and schemas for data enciphering and deciphering. For many centuries cryptographic technics have been applied in protection of secrecy and authentication in diplomatic, political and military correspondences and communications. Cryptanalysis is dealing with different attacks on c...
Public key cryptography from weaker assumptions
DEFF Research Database (Denmark)
Zottarel, Angela
This dissertation is focused on the construction of public key cryptographic primitives and on the relative security analysis in a meaningful theoretic model. This work takes two orthogonal directions. In the first part, we study cryptographic constructions preserving their security properties also...... in the case the adversary is granted access to partial information about the secret state of the primitive. To do so, we work in an extension of the standard black-box model, a new framework where possible leakage from the secret state is taken into account. In particular, we give the first construction...
Directory of Open Access Journals (Sweden)
Elyes Ben Hamida
2015-07-01
Full Text Available Due to the growing number of vehicles on the roads worldwide, road traffic accidents are currently recognized as a major public safety problem. In this context, connected vehicles are considered as the key enabling technology to improve road safety and to foster the emergence of next generation cooperative intelligent transport systems (ITS. Through the use of wireless communication technologies, the deployment of ITS will enable vehicles to autonomously communicate with other nearby vehicles and roadside infrastructures and will open the door for a wide range of novel road safety and driver assistive applications. However, connecting wireless-enabled vehicles to external entities can make ITS applications vulnerable to various security threats, thus impacting the safety of drivers. This article reviews the current research challenges and opportunities related to the development of secure and safe ITS applications. It first explores the architecture and main characteristics of ITS systems and surveys the key enabling standards and projects. Then, various ITS security threats are analyzed and classified, along with their corresponding cryptographic countermeasures. Finally, a detailed ITS safety application case study is analyzed and evaluated in light of the European ETSI TC ITS standard. An experimental test-bed is presented, and several elliptic curve digital signature algorithms (ECDSA are benchmarked for signing and verifying ITS safety messages. To conclude, lessons learned, open research challenges and opportunities are discussed.
Small private key MQPKS on an embedded microprocessor.
Seo, Hwajeong; Kim, Jihyun; Choi, Jongseok; Park, Taehwan; Liu, Zhe; Kim, Howon
2014-03-19
Multivariate quadratic (MQ) cryptography requires the use of long public and private keys to ensure a sufficient security level, but this is not favorable to embedded systems, which have limited system resources. Recently, various approaches to MQ cryptography using reduced public keys have been studied. As a result of this, at CHES2011 (Cryptographic Hardware and Embedded Systems, 2011), a small public key MQ scheme, was proposed, and its feasible implementation on an embedded microprocessor was reported at CHES2012. However, the implementation of a small private key MQ scheme was not reported. For efficient implementation, random number generators can contribute to reduce the key size, but the cost of using a random number generator is much more complex than computing MQ on modern microprocessors. Therefore, no feasible results have been reported on embedded microprocessors. In this paper, we propose a feasible implementation on embedded microprocessors for a small private key MQ scheme using a pseudo-random number generator and hash function based on a block-cipher exploiting a hardware Advanced Encryption Standard (AES) accelerator. To speed up the performance, we apply various implementation methods, including parallel computation, on-the-fly computation, optimized logarithm representation, vinegar monomials and assembly programming. The proposed method reduces the private key size by about 99.9% and boosts signature generation and verification by 5.78% and 12.19% than previous results in CHES2012.
Small Private Key PKS on an Embedded Microprocessor
Seo, Hwajeong; Kim, Jihyun; Choi, Jongseok; Park, Taehwan; Liu, Zhe; Kim, Howon
2014-01-01
Multivariate quadratic ( ) cryptography requires the use of long public and private keys to ensure a sufficient security level, but this is not favorable to embedded systems, which have limited system resources. Recently, various approaches to cryptography using reduced public keys have been studied. As a result of this, at CHES2011 (Cryptographic Hardware and Embedded Systems, 2011), a small public key scheme, was proposed, and its feasible implementation on an embedded microprocessor was reported at CHES2012. However, the implementation of a small private key scheme was not reported. For efficient implementation, random number generators can contribute to reduce the key size, but the cost of using a random number generator is much more complex than computing on modern microprocessors. Therefore, no feasible results have been reported on embedded microprocessors. In this paper, we propose a feasible implementation on embedded microprocessors for a small private key scheme using a pseudo-random number generator and hash function based on a block-cipher exploiting a hardware Advanced Encryption Standard (AES) accelerator. To speed up the performance, we apply various implementation methods, including parallel computation, on-the-fly computation, optimized logarithm representation, vinegar monomials and assembly programming. The proposed method reduces the private key size by about 99.9% and boosts signature generation and verification by 5.78% and 12.19% than previous results in CHES2012. PMID:24651722
Directory of Open Access Journals (Sweden)
Laszlo B Kish
Full Text Available Recently, Bennett and Riedel (BR (http://arxiv.org/abs/1303.7435v1 argued that thermodynamics is not essential in the Kirchhoff-law-Johnson-noise (KLJN classical physical cryptographic exchange method in an effort to disprove the security of the KLJN scheme. They attempted to demonstrate this by introducing a dissipation-free deterministic key exchange method with two batteries and two switches. In the present paper, we first show that BR's scheme is unphysical and that some elements of its assumptions violate basic protocols of secure communication. All our analyses are based on a technically unlimited Eve with infinitely accurate and fast measurements limited only by the laws of physics and statistics. For non-ideal situations and at active (invasive attacks, the uncertainly principle between measurement duration and statistical errors makes it impossible for Eve to extract the key regardless of the accuracy or speed of her measurements. To show that thermodynamics and noise are essential for the security, we crack the BR system with 100% success via passive attacks, in ten different ways, and demonstrate that the same cracking methods do not function for the KLJN scheme that employs Johnson noise to provide security underpinned by the Second Law of Thermodynamics. We also present a critical analysis of some other claims by BR; for example, we prove that their equations for describing zero security do not apply to the KLJN scheme. Finally we give mathematical security proofs for each BR-attack against the KLJN scheme and conclude that the information theoretic (unconditional security of the KLJN method has not been successfully challenged.
DNA Cryptography and Deep Learning using Genetic Algorithm with NW algorithm for Key Generation.
Kalsi, Shruti; Kaur, Harleen; Chang, Victor
2017-12-05
Cryptography is not only a science of applying complex mathematics and logic to design strong methods to hide data called as encryption, but also to retrieve the original data back, called decryption. The purpose of cryptography is to transmit a message between a sender and receiver such that an eavesdropper is unable to comprehend it. To accomplish this, not only we need a strong algorithm, but a strong key and a strong concept for encryption and decryption process. We have introduced a concept of DNA Deep Learning Cryptography which is defined as a technique of concealing data in terms of DNA sequence and deep learning. In the cryptographic technique, each alphabet of a letter is converted into a different combination of the four bases, namely; Adenine (A), Cytosine (C), Guanine (G) and Thymine (T), which make up the human deoxyribonucleic acid (DNA). Actual implementations with the DNA don't exceed laboratory level and are expensive. To bring DNA computing on a digital level, easy and effective algorithms are proposed in this paper. In proposed work we have introduced firstly, a method and its implementation for key generation based on the theory of natural selection using Genetic Algorithm with Needleman-Wunsch (NW) algorithm and Secondly, a method for implementation of encryption and decryption based on DNA computing using biological operations Transcription, Translation, DNA Sequencing and Deep Learning.
On Boolean functions with generalized cryptographic properties
Braeken, A.; Nikov, V.S.; Nikova, S.I.; Preneel, B.; Canteaut, A.; Viswanathan, K.
2004-01-01
By considering a new metric, we generalize cryptographic properties of Boolean functions such as resiliency and propagation characteristics. These new definitions result in a better understanding of the properties of Boolean functions and provide a better insight in the space defined by this metric.
Efficient Raman generation in a waveguide: A route to ultrafast quantum random number generation
Energy Technology Data Exchange (ETDEWEB)
England, D. G.; Bustard, P. J.; Moffatt, D. J.; Nunn, J.; Lausten, R.; Sussman, B. J., E-mail: ben.sussman@nrc.ca [National Research Council of Canada, 100 Sussex Drive, Ottawa, Ontario K1A 0R6 (Canada)
2014-02-03
The inherent uncertainty in quantum mechanics offers a source of true randomness which can be used to produce unbreakable cryptographic keys. We discuss the development of a high-speed random number generator based on the quantum phase fluctuations in spontaneously initiated stimulated Raman scattering (SISRS). We utilize the tight confinement and long interaction length available in a Potassium Titanyl Phosphate waveguide to generate highly efficient SISRS using nanojoule pulse energies, reducing the high pump power requirements of the previous approaches. We measure the random phase of the Stokes output using a simple interferometric setup to yield quantum random numbers at 145 Mbps.
Cryptographic Trust Management Requirements Specification: Version 1.1
Energy Technology Data Exchange (ETDEWEB)
Edgar, Thomas W.
2009-09-30
The Cryptographic Trust Management (CTM) Project is being developed for Department of Energy, OE-10 by the Pacific Northwest National Laboratory (PNNL). It is a component project of the NSTB Control Systems Security R&D Program.
A Review of RSA and Public-Key Cryptosystems | Rabah | Botswana ...
African Journals Online (AJOL)
... study and analyze the RSA cryptosystems – a public-key cryptographic algorithm - a system that uses two sets of keys; one for encryption and the other for decryption. Key Words: Public-key cryptography, DH, RSA, Internet Security and attacks, Digital Signature, Message digest, Authentication, Secure Socket Layer (SSL)
Small Private Key MQPKS on an Embedded Microprocessor
Directory of Open Access Journals (Sweden)
Hwajeong Seo
2014-03-01
Full Text Available Multivariate quadratic (MQ cryptography requires the use of long public and private keys to ensure a sufficient security level, but this is not favorable to embedded systems, which have limited system resources. Recently, various approaches to MQ cryptography using reduced public keys have been studied. As a result of this, at CHES2011 (Cryptographic Hardware and Embedded Systems, 2011, a small public key MQ scheme, was proposed, and its feasible implementation on an embedded microprocessor was reported at CHES2012. However, the implementation of a small private key MQ scheme was not reported. For efficient implementation, random number generators can contribute to reduce the key size, but the cost of using a random number generator is much more complex than computing MQ on modern microprocessors. Therefore, no feasible results have been reported on embedded microprocessors. In this paper, we propose a feasible implementation on embedded microprocessors for a small private key MQ scheme using a pseudo-random number generator and hash function based on a block-cipher exploiting a hardware Advanced Encryption Standard (AES accelerator. To speed up the performance, we apply various implementation methods, including parallel computation, on-the-fly computation, optimized logarithm representation, vinegar monomials and assembly programming. The proposed method reduces the private key size by about 99.9% and boosts signature generation and verification by 5.78% and 12.19% than previous results in CHES2012.
Number Theory and Public-Key Cryptography.
Lefton, Phyllis
1991-01-01
Described are activities in the study of techniques used to conceal the meanings of messages and data. Some background information and two BASIC programs that illustrate the algorithms used in a new cryptographic system called "public-key cryptography" are included. (CW)
Resilience Analysis of Key Update Strategies for Resource-Constrained Networks
DEFF Research Database (Denmark)
Yuksel, Ender; Nielson, Hanne Riis; Nielson, Flemming
2011-01-01
Severe resource limitations in certain types of networks lead to various open issues in security. Since such networks usually operate in unattended or hostile environments, revoking the cryptographic keys and establishing (also distributing) new keys – which we refer to as key update – is a criti...
On another two cryptographic identities in universal Osborn loops
Directory of Open Access Journals (Sweden)
T. G. Jaiyéolá
2010-03-01
Full Text Available In this study, by establishing an identity for universal Osborn loops, two other identities (of degrees 4 and 6 are deduced from it and they are recognized and recommended for cryptography in a similar spirit in which the cross inverse property (of degree 2 has been used by Keedwell following the fact that it was observed that universal Osborn loops that do not have the 3-power associative property or weaker forms of; inverse property, power associativity and diassociativity to mention a few, will have cycles (even long ones. These identities are found to be cryptographic in nature for universal Osborn loops and thereby called cryptographic identities. They were also found applicable to security patterns, arrangements and networks which the CIP may not be applicable to.
Physically unclonable cryptographic primitives using self-assembled carbon nanotubes
Hu, Zhaoying; Comeras, Jose Miguel M. Lobez; Park, Hongsik; Tang, Jianshi; Afzali, Ali; Tulevski, George S.; Hannon, James B.; Liehr, Michael; Han, Shu-Jen
2016-06-01
Information security underpins many aspects of modern society. However, silicon chips are vulnerable to hazards such as counterfeiting, tampering and information leakage through side-channel attacks (for example, by measuring power consumption, timing or electromagnetic radiation). Single-walled carbon nanotubes are a potential replacement for silicon as the channel material of transistors due to their superb electrical properties and intrinsic ultrathin body, but problems such as limited semiconducting purity and non-ideal assembly still need to be addressed before they can deliver high-performance electronics. Here, we show that by using these inherent imperfections, an unclonable electronic random structure can be constructed at low cost from carbon nanotubes. The nanotubes are self-assembled into patterned HfO2 trenches using ion-exchange chemistry, and the width of the trench is optimized to maximize the randomness of the nanotube placement. With this approach, two-dimensional (2D) random bit arrays are created that can offer ternary-bit architecture by determining the connection yield and switching type of the nanotube devices. As a result, our cryptographic keys provide a significantly higher level of security than conventional binary-bit architecture with the same key size.
An integrable low-cost hardware random number generator
Ranasinghe, Damith C.; Lim, Daihyun; Devadas, Srinivas; Jamali, Behnam; Zhu, Zheng; Cole, Peter H.
2005-02-01
A hardware random number generator is different from a pseudo-random number generator; a pseudo-random number generator approximates the assumed behavior of a real hardware random number generator. Simple pseudo random number generators suffices for most applications, however for demanding situations such as the generation of cryptographic keys, requires an efficient and a cost effective source of random numbers. Arbiter-based Physical Unclonable Functions (PUFs) proposed for physical authentication of ICs exploits statistical delay variation of wires and transistors across integrated circuits, as a result of process variations, to build a secret key unique to each IC. Experimental results and theoretical studies show that a sufficient amount of variation exits across IC"s. This variation enables each IC to be identified securely. It is possible to exploit the unreliability of these PUF responses to build a physical random number generator. There exists measurement noise, which comes from the instability of an arbiter when it is in a racing condition. There exist challenges whose responses are unpredictable. Without environmental variations, the responses of these challenges are random in repeated measurements. Compared to other physical random number generators, the PUF-based random number generators can be a compact and a low-power solution since the generator need only be turned on when required. A 64-stage PUF circuit costs less than 1000 gates and the circuit can be implemented using a standard IC manufacturing processes. In this paper we have presented a fast and an efficient random number generator, and analysed the quality of random numbers produced using an array of tests used by the National Institute of Standards and Technology to evaluate the randomness of random number generators designed for cryptographic applications.
Symbolic Analysis of Cryptographic Protocols
DEFF Research Database (Denmark)
Dahl, Morten
We present our work on using abstract models for formally analysing cryptographic protocols: First, we present an ecient method for verifying trace-based authenticity properties of protocols using nonces, symmetric encryption, and asymmetric encryption. The method is based on a type system...... of Gordon et al., which we modify to support fully-automated type inference. Tests conducted via an implementation of our algorithm found it to be very ecient. Second, we show how privacy may be captured in a symbolic model using an equivalencebased property and give a formal denition. We formalise...
Sadat, Md Nazmus; Jiang, Xiaoqian; Aziz, Md Momin Al; Wang, Shuang; Mohammed, Noman
2018-03-05
Machine learning is an effective data-driven tool that is being widely used to extract valuable patterns and insights from data. Specifically, predictive machine learning models are very important in health care for clinical data analysis. The machine learning algorithms that generate predictive models often require pooling data from different sources to discover statistical patterns or correlations among different attributes of the input data. The primary challenge is to fulfill one major objective: preserving the privacy of individuals while discovering knowledge from data. Our objective was to develop a hybrid cryptographic framework for performing regression analysis over distributed data in a secure and efficient way. Existing secure computation schemes are not suitable for processing the large-scale data that are used in cutting-edge machine learning applications. We designed, developed, and evaluated a hybrid cryptographic framework, which can securely perform regression analysis, a fundamental machine learning algorithm using somewhat homomorphic encryption and a newly introduced secure hardware component of Intel Software Guard Extensions (Intel SGX) to ensure both privacy and efficiency at the same time. Experimental results demonstrate that our proposed method provides a better trade-off in terms of security and efficiency than solely secure hardware-based methods. Besides, there is no approximation error. Computed model parameters are exactly similar to plaintext results. To the best of our knowledge, this kind of secure computation model using a hybrid cryptographic framework, which leverages both somewhat homomorphic encryption and Intel SGX, is not proposed or evaluated to this date. Our proposed framework ensures data security and computational efficiency at the same time. ©Md Nazmus Sadat, Xiaoqian Jiang, Md Momin Al Aziz, Shuang Wang, Noman Mohammed. Originally published in JMIR Medical Informatics (http://medinform.jmir.org), 05.03.2018.
Hosfelt, Diane Duros
2015-01-01
Threats from the internet, particularly malicious software (i.e., malware) often use cryptographic algorithms to disguise their actions and even to take control of a victim's system (as in the case of ransomware). Malware and other threats proliferate too quickly for the time-consuming traditional methods of binary analysis to be effective. By automating detection and classification of cryptographic algorithms, we can speed program analysis and more efficiently combat malware. This thesis wil...
Designing key-dependent chaotic S-box with larger key space
International Nuclear Information System (INIS)
Yin Ruming; Yuan Jian; Wang Jian; Shan Xiuming; Wang Xiqin
2009-01-01
The construction of cryptographically strong substitution boxes (S-boxes) is an important concern in designing secure cryptosystems. The key-dependent S-boxes designed using chaotic maps have received increasing attention in recent years. However, the key space of such S-boxes does not seem to be sufficiently large due to the limited parameter range of discretized chaotic maps. In this paper, we propose a new key-dependent S-box based on the iteration of continuous chaotic maps. We explore the continuous-valued state space of chaotic systems, and devise the discrete mapping between the input and the output of the S-box. A key-dependent S-box is constructed with the logistic map in this paper. We show that its key space could be much larger than the current key-dependent chaotic S-boxes.
Formalizing the Relationship Between Commitment and Basic Cryptographic Primitives
Directory of Open Access Journals (Sweden)
S. Sree Vivek
2016-11-01
Full Text Available Signcryption is a cryptographic primitive which offers the functionality of both digital signature and encryption with lower combined computational cost. On the other hand, commitment scheme allows an entity to commit to a value, where the entity reveals the committed value later during a decommit phase. In this paper, we explore the connection between commitment schemes, public key encryption, digital signatures and signcryption. We establish formal relationship between commitment and the other primitives. Our main result is that we show signcryption can be used as a commitment scheme with appropriate security notions. We show that if the underlying signcryption scheme is IND-CCA2 secure, then the hiding property of the commitment scheme is satisfied. Similarly, we show that if the underlying signcryption scheme is unforgeable, then the relaxed biding property of the commitment scheme is satisfied. Moreover, we prove that if the underlying signcryption scheme is NM-CCA2, then the commitment scheme is non-malleable.
75 FR 52798 - State-07, Cryptographic Clearance Records
2010-08-27
... Information Programs and Services, A/GIS/ IPS, Department of State, SA-2, 515 22nd Street, NW., Washington, DC... Department of State and Agency for International Development who have applied for cryptographic clearances as... that apply to all of its Privacy Act systems of records. These notices appear in the form of a...
Energy Technology Data Exchange (ETDEWEB)
Hughes, Richard John; Thrasher, James Thomas; Nordholt, Jane Elizabeth
2016-11-29
Innovations for quantum key management harness quantum communications to form a cryptography system within a public key infrastructure framework. In example implementations, the quantum key management innovations combine quantum key distribution and a quantum identification protocol with a Merkle signature scheme (using Winternitz one-time digital signatures or other one-time digital signatures, and Merkle hash trees) to constitute a cryptography system. More generally, the quantum key management innovations combine quantum key distribution and a quantum identification protocol with a hash-based signature scheme. This provides a secure way to identify, authenticate, verify, and exchange secret cryptographic keys. Features of the quantum key management innovations further include secure enrollment of users with a registration authority, as well as credential checking and revocation with a certificate authority, where the registration authority and/or certificate authority can be part of the same system as a trusted authority for quantum key distribution.
International Nuclear Information System (INIS)
Zhang Sheng; Wang Jian; Tang Chaojing; Zhang Quan
2011-01-01
It is established that a single quantum cryptography protocol usually cooperates with other cryptographic systems, such as an authentication system, in the real world. However, few protocols have been proposed on how to combine two or more quantum protocols. To fill this gap, we propose a composed quantum protocol, containing both quantum identity authentication and quantum key distribution, using squeezed states. Hence, not only the identity can be verified, but also a new private key can be generated by our new protocol. We also analyze the security under an optimal attack, and the efficiency, which is defined by the threshold of the tolerant error rate, using Gaussian error function. (general)
Small Private Key PKS on an Embedded Microprocessor
Seo, Hwajeong; Kim, Jihyun; Choi, Jongseok; Park, Taehwan; Liu, Zhe; Kim, Howon
2014-01-01
Multivariate quadratic (MQ) cryptography requires the use of long public and private keys to ensure a sufficient security level, but this is not favorable to embedded systems, which have limited system resources. Recently, various approaches to MQ cryptography using reduced public keys have been studied. As a result of this, at CHES2011 (Cryptographic Hardware and Embedded Systems, 2011), a small public key MQ scheme, was proposed, and its feasible implementation on an embedded microprocessor...
Cryptanalysis of Compact-LWE and Related Lightweight Public Key Encryption
Directory of Open Access Journals (Sweden)
Dianyan Xiao
2018-01-01
Full Text Available In the emerging Internet of Things (IoT, lightweight public key cryptography plays an essential role in security and privacy protection. With the approach of quantum computing era, it is important to design and evaluate lightweight quantum-resistant cryptographic algorithms applicable to IoT. LWE-based cryptography is a widely used and well-studied family of postquantum cryptographic constructions whose hardness is based on worst-case lattice problems. To make LWE friendly to resource-constrained IoT devices, a variant of LWE, named Compact-LWE, was proposed and used to design lightweight cryptographic schemes. In this paper, we study the so-called Compact-LWE problem and clarify that under certain parameter settings it can be solved in polynomial time. As a consequence, our result leads to a practical attack against an instantiated scheme based on Compact-LWE proposed by Liu et al. in 2017.
A Key Generation Model for Improving the Security of Cryptographic ...
African Journals Online (AJOL)
Cryptography is a mathematical technique that plays an important role in information security techniques for addressing authentication, interactive proofs, data origination, sender/receiver identity, non-repudiation, secure computation, data integrity and confidentiality, message integrity checking and digital signatures.
Cai, Hong; Long, Christopher M; DeRose, Christopher T; Boynton, Nicholas; Urayama, Junji; Camacho, Ryan; Pomerene, Andrew; Starbuck, Andrew L; Trotter, Douglas C; Davids, Paul S; Lentine, Anthony L
2017-05-29
We demonstrate a silicon photonic transceiver circuit for high-speed discrete variable quantum key distribution that employs a common structure for transmit and receive functions. The device is intended for use in polarization-based quantum cryptographic protocols, such as BB84. Our characterization indicates that the circuit can generate the four BB84 states (TE/TM/45°/135° linear polarizations) with >30 dB polarization extinction ratios and gigabit per second modulation speed, and is capable of decoding any polarization bases differing by 90° with high extinction ratios.
Architectural Building A Public Key Infrastructure Integrated Information Space
Directory of Open Access Journals (Sweden)
Vadim Ivanovich Korolev
2015-10-01
Full Text Available The article keeps under consideration the mattersto apply the cryptographic system having a public key to provide information security and to implya digital signature. It performs the analysis of trust models at the formation of certificates and their use. The article describes the relationships between the trust model and the architecture public key infrastructure. It contains conclusions in respect of the options for building the public key infrastructure for integrated informationspace.
An Authenticated Key Agreement Scheme Based on Cyclic Automorphism Subgroups of Random Orders
Directory of Open Access Journals (Sweden)
Yang Jun
2017-01-01
Full Text Available Group-based cryptography is viewed as a modern cryptographic candidate solution to blocking quantum computer attacks, and key exchange protocols on the Internet are one of the primitives to ensure the security of communication. In 2016 Habeeb et al proposed a “textbook” key exchange protocol based on the semidirect product of two groups, which is insecure for use in real-world applications. In this paper, after discarding the unnecessary disguising notion of semidirect product in the protocol, we establish a simplified yet enhanced authenticated key agreement scheme based on cyclic automorphism subgroups of random orders by making hybrid use of certificates and symmetric-key encryption as challenge-and-responses in the public-key setting. Its passive security is formally analyzed, which is relative to the cryptographic hardness assumption of a computational number-theoretic problem. Cryptanalysis of this scheme shows that it is secure against the intruder-in-the-middle attack even in the worst case of compromising the signatures, and provides explicit key confirmation to both parties.
Multipartite secret key distillation and bound entanglement
International Nuclear Information System (INIS)
Augusiak, Remigiusz; Horodecki, Pawel
2009-01-01
Recently it has been shown that quantum cryptography beyond pure entanglement distillation is possible and a paradigm for the associated protocols has been established. Here we systematically generalize the whole paradigm to the multipartite scenario. We provide constructions of new classes of multipartite bound entangled states, i.e., those with underlying twisted Greenberger-Horne-Zeilinger (GHZ) structure and nonzero distillable cryptographic key. We quantitatively estimate the key from below with the help of the privacy squeezing technique.
Research on the Maritime Communication Cryptographic Chip’s Compiler Optimization
Directory of Open Access Journals (Sweden)
Sheng Li
2017-08-01
Full Text Available In the process of ocean development, the technology for maritime communication system is a hot research field, of which information security is vital for the normal operation of the whole system, and that is also one of the difficulties in the research of maritime communication system. In this paper, a kind of maritime communication cryptographic SOC(system on chip is introduced, and its compiler framework is put forward through analysis of working mode and problems faced by compiler front end. Then, a loop unrolling factor calculating algorithm based on queue theory, named UFBOQ (unrolling factor based on queue, is proposed to make parallel optimization in the compiler frontend with consideration of the instruction memory capacity limit. Finally, the scalar replacement method is used to optimize unrolled code to solve the memory access latency on the parallel computing efficiency, for continuous data storage characteristics of cryptographic algorithm. The UFBOQ algorithm and scalar replacement prove effective and appropriate, of which the effect achieves the linear speedup.
Using pseudo-random number generator for making iterative algorithms of hashing data
International Nuclear Information System (INIS)
Ivanov, M.A.; Vasil'ev, N.P.; Kozyrskij, B.L.
2014-01-01
The method of stochastic data transformation made for usage in cryptographic methods of information protection has been analyzed. The authors prove the usage of cryptographically strong pseudo-random number generators as a basis for Sponge construction. This means that the analysis of the quality of the known methods and tools for assessing the statistical security of pseudo-random number generators can be used effectively [ru
A chaotic cryptography scheme for generating short ciphertext
International Nuclear Information System (INIS)
Wong, Kwok-Wo; Ho, Sun-Wah; Yung, Ching-Ki
2003-01-01
Recently, we have proposed a chaotic cryptographic scheme based on iterating the logistic map and updating the look-up table dynamically. The encryption and decryption processes become faster as the number of iterations required is reduced. However, the length of the ciphertext is still at least twice that of the original message. This may result in huge ciphertext files and hence long transmission time when encrypting large multimedia files. In this Letter, we modify the chaotic cryptographic scheme proposed previously so as to reduce the length of the ciphertext to the level slightly longer than that of the original message. Moreover, a session key is introduced in the cryptographic scheme so that the ciphertext length for a given message is not fixed
The Cryptographic Implications of the LinkedIn Data Breach
Gune, Aditya
2017-01-01
Data security and personal privacy are difficult to maintain in the Internet age. In 2012, professional networking site LinkedIn suffered a breach, compromising the login of over 100 million accounts. The passwords were cracked and sold online, exposing the authentication credentials millions of users. This manuscript dissects the cryptographic failures implicated in the breach, and explores more secure methods of storing passwords.
Forman, Michael A; Young, Derek
2012-09-18
Examples of methods for generating data based on a communications channel are described. In one such example, a processing unit may generate a first vector representation based in part on at least two characteristics of a communications channel. A constellation having at least two dimensions may be addressed with the first vector representation to identify a first symbol associated with the first vector representation. The constellation represents a plurality of regions, each region associated with a respective symbol. The symbol may be used to generate data, which may stored in an electronic storage medium and used as a cryptographic key or a spreading code or hopping sequence in a modulation technique.
A Distributed Shared Key Generation Procedure Using Fractional Keys
National Research Council Canada - National Science Library
Poovendran, Radha; Corson, M. S; Baras, J. S
1998-01-01
We present a new class of distributed key generation and recovery algorithms suitable for group communication systems where the group membership is either static or slowly time-varying, and must be tightly controlled...
Hamlet, Jason R; Bauer, Todd M; Pierson, Lyndon G
2014-09-30
Deterrence of device subversion by substitution may be achieved by including a cryptographic fingerprint unit within a computing device for authenticating a hardware platform of the computing device. The cryptographic fingerprint unit includes a physically unclonable function ("PUF") circuit disposed in or on the hardware platform. The PUF circuit is used to generate a PUF value. A key generator is coupled to generate a private key and a public key based on the PUF value while a decryptor is coupled to receive an authentication challenge posed to the computing device and encrypted with the public key and coupled to output a response to the authentication challenge decrypted with the private key.
International Nuclear Information System (INIS)
Kaszlikowski, Dagomir; Lim, J.Y.; Englert, Berthold-Georg; Kwek, L.C.
2005-01-01
The security of a cryptographic key that is generated by communication through a noisy quantum channel relies on the ability to distill a shorter secure key sequence from a longer insecure one. We show that - for protocols that use quantum channels of any dimension and completely characterize them by state tomography - the noise threshold for classical advantage distillation of a specific kind is substantially lower than the threshold for quantum entanglement distillation if the eavesdropper can perform powerful coherent attacks. In marked contrast, earlier investigations had shown that the thresholds are identical for incoherent attacks on the same classical distillation scheme. It remains an open question whether other schemes for classical advantage distillation have higher thresholds for coherent eavesdropping attacks
Novel secret key generation techniques using memristor devices
Abunahla, Heba; Shehada, Dina; Yeun, Chan Yeob; Mohammad, Baker; Jaoude, Maguy Abi
2016-02-01
This paper proposes novel secret key generation techniques using memristor devices. The approach depends on using the initial profile of a memristor as a master key. In addition, session keys are generated using the master key and other specified parameters. In contrast to existing memristor-based security approaches, the proposed development is cost effective and power efficient since the operation can be achieved with a single device rather than a crossbar structure. An algorithm is suggested and demonstrated using physics based Matlab model. It is shown that the generated keys can have dynamic size which provides perfect security. Moreover, the proposed encryption and decryption technique using the memristor based generated keys outperforms Triple Data Encryption Standard (3DES) and Advanced Encryption Standard (AES) in terms of processing time. This paper is enriched by providing characterization results of a fabricated microscale Al/TiO2/Al memristor prototype in order to prove the concept of the proposed approach and study the impacts of process variations. The work proposed in this paper is a milestone towards System On Chip (SOC) memristor based security.
Enhanced diffie-hellman algorithm for reliable key exchange
Aryan; Kumar, Chaithanya; Vincent, P. M. Durai Raj
2017-11-01
The Diffie -Hellman is one of the first public-key procedure and is a certain way of exchanging the cryptographic keys securely. This concept was introduced by Ralph Markel and it is named after Whitfield Diffie and Martin Hellman. Sender and Receiver make a common secret key in Diffie-Hellman algorithm and then they start communicating with each other over the public channel which is known to everyone. A number of internet services are secured by Diffie -Hellman. In Public key cryptosystem, the sender has to trust while receiving the public key of the receiver and vice-versa and this is the challenge of public key cryptosystem. Man-in-the-Middle attack is very much possible on the existing Diffie-Hellman algorithm. In man-in-the-middle attack, the attacker exists in the public channel, the attacker receives the public key of both sender and receiver and sends public keys to sender and receiver which is generated by his own. This is how man-in-the-middle attack is possible on Diffie-Hellman algorithm. Denial of service attack is another attack which is found common on Diffie-Hellman. In this attack, the attacker tries to stop the communication happening between sender and receiver and attacker can do this by deleting messages or by confusing the parties with miscommunication. Some more attacks like Insider attack, Outsider attack, etc are possible on Diffie-Hellman. To reduce the possibility of attacks on Diffie-Hellman algorithm, we have enhanced the Diffie-Hellman algorithm to a next level. In this paper, we are extending the Diffie -Hellman algorithm by using the concept of the Diffie -Hellman algorithm to get a stronger secret key and that secret key is further exchanged between the sender and the receiver so that for each message, a new secret shared key would be generated. The second secret key will be generated by taking primitive root of the first secret key.
Novel secret key generation techniques using memristor devices
Directory of Open Access Journals (Sweden)
Heba Abunahla
2016-02-01
Full Text Available This paper proposes novel secret key generation techniques using memristor devices. The approach depends on using the initial profile of a memristor as a master key. In addition, session keys are generated using the master key and other specified parameters. In contrast to existing memristor-based security approaches, the proposed development is cost effective and power efficient since the operation can be achieved with a single device rather than a crossbar structure. An algorithm is suggested and demonstrated using physics based Matlab model. It is shown that the generated keys can have dynamic size which provides perfect security. Moreover, the proposed encryption and decryption technique using the memristor based generated keys outperforms Triple Data Encryption Standard (3DES and Advanced Encryption Standard (AES in terms of processing time. This paper is enriched by providing characterization results of a fabricated microscale Al/TiO2/Al memristor prototype in order to prove the concept of the proposed approach and study the impacts of process variations. The work proposed in this paper is a milestone towards System On Chip (SOC memristor based security.
CWI cryptanalyst discovers new cryptographic attack variant in Flame spy malware
M.M.J. Stevens (Marc); R.J.F. Cramer (Ronald)
2012-01-01
htmlabstractCryptanalyst Marc Stevens from the Centrum Wiskunde & Informatica (CWI) in Amsterdam, known for breaking the https security in 2008 using a cryptanalytic attack on MD5, analyzed the recent Flame virus this week. He discovered that for this spy malware an as yet unknown cryptographic
Optimal attacks on qubit-based Quantum Key Recycling
Leermakers, Daan; Škorić, Boris
2018-03-01
Quantum Key Recycling (QKR) is a quantum cryptographic primitive that allows one to reuse keys in an unconditionally secure way. By removing the need to repeatedly generate new keys, it improves communication efficiency. Škorić and de Vries recently proposed a QKR scheme based on 8-state encoding (four bases). It does not require quantum computers for encryption/decryption but only single-qubit operations. We provide a missing ingredient in the security analysis of this scheme in the case of noisy channels: accurate upper bounds on the required amount of privacy amplification. We determine optimal attacks against the message and against the key, for 8-state encoding as well as 4-state and 6-state conjugate coding. We provide results in terms of min-entropy loss as well as accessible (Shannon) information. We show that the Shannon entropy analysis for 8-state encoding reduces to the analysis of quantum key distribution, whereas 4-state and 6-state suffer from additional leaks that make them less effective. From the optimal attacks we compute the required amount of privacy amplification and hence the achievable communication rate (useful information per qubit) of qubit-based QKR. Overall, 8-state encoding yields the highest communication rates.
Securing information using optically generated biometric keys
Verma, Gaurav; Sinha, Aloka
2016-11-01
In this paper, we present a new technique to obtain biometric keys by using the fingerprint of a person for an optical image encryption system. The key generation scheme uses the fingerprint biometric information in terms of the amplitude mask (AM) and the phase mask (PM) of the reconstructed fingerprint image that is implemented using the digital holographic technique. Statistical tests have been conducted to check the randomness of the fingerprint PM key that enables its usage as an image encryption key. To explore the utility of the generated biometric keys, an optical image encryption system has been further demonstrated based on the phase retrieval algorithm and the double random phase encoding scheme in which keys for the encryption are used as the AM and the PM key. The advantage associated with the proposed scheme is that the biometric keys’ retrieval requires the simultaneous presence of the fingerprint hologram and the correct knowledge of the reconstruction parameters at the decryption stage, which not only verifies the authenticity of the person but also protects the valuable fingerprint biometric features of the keys. Numerical results are carried out to prove the feasibility and the effectiveness of the proposed encryption system.
Parallel Device-Independent Quantum Key Distribution
Jain, Rahul; Miller, Carl A.; Shi, Yaoyun
2017-01-01
A prominent application of quantum cryptography is the distribution of cryptographic keys with unconditional security. Recently, such security was extended by Vazirani and Vidick (Physical Review Letters, 113, 140501, 2014) to the device-independent (DI) scenario, where the users do not need to trust the integrity of the underlying quantum devices. The protocols analyzed by them and by subsequent authors all require a sequential execution of N multiplayer games, where N is the security parame...
SHAMROCK: A Synthesizable High Assurance Cryptography and Key Management Coprocessor
2016-11-01
cryptographic functions such as Advanced Encryption Standard ( AES ) [5] to produce keywraps to orchestrate key exchanges between groups of devices. These...Storage (MPMS). This is done for two reasons: first, the mission package is encrypted using AES keywrap mode with the CEK [7], which is a special version...Zone 1) denoting ephemeral secrets such as dynamic keys. AES encryption is employed as a one-way function leading from the ephemeral Zone 1 to the
Energy efficient security in MANETs: a comparison of cryptographic and artificial immune systems
International Nuclear Information System (INIS)
Mazhar, N.
2010-01-01
MANET is characterized by a set of mobile nodes in an inherently insecure environment, having limited battery capacities. Provisioning of energy efficient security in MANETs is, therefore, an open problem for which a number of solutions have been proposed. In this paper, we present an overview and comparison of the MANET security at routing layer by using the cryptographic and Artificial Immune System (AIS) approaches. The BeeAdHoc protocol, which is a Bio-inspired MANET routing protocol based on the foraging principles of honey bee colony, is taken as case study. We carry out an analysis of the three security frameworks that we have proposed earlier for securing BeeAdHoc protocol; one based on asymmetric key encryption, i.e BeeSec, and the other two using the AIS approach, i.e BeeAIS based on self non-self discrimination from adaptive immune system and BeeAIS-DC based on Dendritic Cell (DC) behavior from innate immune system. We extensively evaluate the performance of the three protocols through network simulations in ns-2 and compare with BeeAdHoc, the base protocol, as well as with state-of-the-art MANET routing protocols DSR and AODV. Our results clearly indicate that AIS based systems provide security at much lower cost to energy as compared with the cryptographic systems. Moreover, the use of dendritic cells and danger signals instead of the classical self non-self discrimination allows to detect the non-self antigens with greater accuracy. Based on the results of this investigation, we also propose a composite AIS model for BeeAdHoc security by combining the concepts from both the adaptive and the innate immune systems by modelling the attributes and behavior of the B-cells and DCs. (author)
Lorenz's attractor applied to the stream cipher (Ali-Pacha generator)
International Nuclear Information System (INIS)
Ali-Pacha, Adda; Hadj-Said, Naima; M'Hamed, A.; Belgoraf, A.
2007-01-01
The safety of information is primarily founded today on the calculation of algorithms whose confidentiality depends on the number of the necessary bits for the definition of a cryptographic key. If this type of system has proved reliable, then the increasing power of the means of calculation threatens the confidentiality of these methods. The powerful computers are certainly able to quantify and decipher information quickly, but their computing speed allows parallel cryptanalysis, which aims 'to break' a code by discovering the key, for example, by testing all the possible keys. The only evocation of the principle of the quantum computer, with the potentially colossal capacities of calculation, has started a shock, even in the most savaged who are convinced of algorithmic cryptography. To mitigate this concern, we will introduce in this article a new cryptographic system based on chaotic concepts
Type-Based Automated Verification of Authenticity in Asymmetric Cryptographic Protocols
DEFF Research Database (Denmark)
Dahl, Morten; Kobayashi, Naoki; Sun, Yunde
2011-01-01
Gordon and Jeffrey developed a type system for verification of asymmetric and symmetric cryptographic protocols. We propose a modified version of Gordon and Jeffrey's type system and develop a type inference algorithm for it, so that protocols can be verified automatically as they are, without any...... type annotations or explicit type casts. We have implemented a protocol verifier SpiCa based on the algorithm, and confirmed its effectiveness....
Secure Method for Biometric-Based Recognition with Integrated Cryptographic Functions
Chiou, Shin-Yan
2013-01-01
Biometric systems refer to biometric technologies which can be used to achieve authentication. Unlike cryptography-based technologies, the ratio for certification in biometric systems needs not to achieve 100% accuracy. However, biometric data can only be directly compared through proximal access to the scanning device and cannot be combined with cryptographic techniques. Moreover, repeated use, improper storage, or transmission leaks may compromise security. Prior studies have attempted to c...
Key thrusts in next generation CANDU. Annex 10
International Nuclear Information System (INIS)
Shalaby, B.A.; Torgerson, D.F.; Duffey, R.B.
2002-01-01
Current electricity markets and the competitiveness of other generation options such as CCGT have influenced the directions of future nuclear generation. The next generation CANDU has used its key characteristics as the basis to leap frog into a new design featuring improved economics, enhanced passive safety, enhanced operability and demonstrated fuel cycle flexibility. Many enabling technologies spinning of current CANDU design features are used in the next generation design. Some of these technologies have been developed in support of existing plants and near term designs while others will need to be developed and tested. This paper will discuss the key principles driving the next generation CANDU design and the fuel cycle flexibility of the CANDU system which provide synergism with the PWR fuel cycle. (author)
DNA based random key generation and management for OTP encryption.
Zhang, Yunpeng; Liu, Xin; Sun, Manhui
2017-09-01
One-time pad (OTP) is a principle of key generation applied to the stream ciphering method which offers total privacy. The OTP encryption scheme has proved to be unbreakable in theory, but difficult to realize in practical applications. Because OTP encryption specially requires the absolute randomness of the key, its development has suffered from dense constraints. DNA cryptography is a new and promising technology in the field of information security. DNA chromosomes storing capabilities can be used as one-time pad structures with pseudo-random number generation and indexing in order to encrypt the plaintext messages. In this paper, we present a feasible solution to the OTP symmetric key generation and transmission problem with DNA at the molecular level. Through recombinant DNA technology, by using only sender-receiver known restriction enzymes to combine the secure key represented by DNA sequence and the T vector, we generate the DNA bio-hiding secure key and then place the recombinant plasmid in implanted bacteria for secure key transmission. The designed bio experiments and simulation results show that the security of the transmission of the key is further improved and the environmental requirements of key transmission are reduced. Analysis has demonstrated that the proposed DNA-based random key generation and management solutions are marked by high security and usability. Published by Elsevier B.V.
A brief history of cryptology and cryptographic algorithms
Dooley, John F
2013-01-01
The science of cryptology is made up of two halves. Cryptography is the study of how to create secure systems for communications. Cryptanalysis is the study of how to break those systems. The conflict between these two halves of cryptology is the story of secret writing. For over 2,000 years, the desire to communicate securely and secretly has resulted in the creation of numerous and increasingly complicated systems to protect one's messages. Yet for every system there is a cryptanalyst creating a new technique to break that system. With the advent of computers the cryptographer seems to final
Analysis of cryptographic mechanisms used in ransomware CryptXXX v3
Directory of Open Access Journals (Sweden)
Michał Glet
2016-12-01
Full Text Available The main purpose of this paper was to analysis how malicious software is using cryptographic mechanisms. Reverse engineering were applied in order to discover mechanisms used in ransomware CryptXXX v3. At the end were given some useful advices how to improve CryptXXX.[b]Keyword:[/b] ransomware, software engineering, reverse engineering, RC4, RSA, malicious software
Hamlet, Jason R; Pierson, Lyndon G
2014-10-21
Detection and deterrence of spoofing of user authentication may be achieved by including a cryptographic fingerprint unit within a hardware device for authenticating a user of the hardware device. The cryptographic fingerprint unit includes an internal physically unclonable function ("PUF") circuit disposed in or on the hardware device, which generates a PUF value. Combining logic is coupled to receive the PUF value, combines the PUF value with one or more other authentication factors to generate a multi-factor authentication value. A key generator is coupled to generate a private key and a public key based on the multi-factor authentication value while a decryptor is coupled to receive an authentication challenge posed to the hardware device and encrypted with the public key and coupled to output a response to the authentication challenge decrypted with the private key.
Key handling in wireless sensor networks
International Nuclear Information System (INIS)
Li, Y; Newe, T
2007-01-01
With the rapid growth of Wireless Sensor Networks (WSNs), many advanced application areas have received significant attention. However, security will be an important factor for their full adoption. Wireless sensor nodes pose unique challenges and as such traditional security protocols, used in traditional networks cannot be applied directly. Some new protocols have been published recently with the goal of providing both privacy of data and authentication of sensor nodes for WSNs. Such protocols can employ private-key and/or public key cryptographic algorithms. Public key algorithms hold the promise of simplifying the network infrastructure required to provide security services such as: privacy, authentication and non-repudiation, while symmetric algorithms require less processing power on the lower power wireless node. In this paper a selection of key establishment/agreement protocols are reviewed and they are broadly divided into two categories: group key agreement protocols and pair-wise key establishment protocols. A summary of the capabilities and security related services provided by each protocol is provided
Key handling in wireless sensor networks
Energy Technology Data Exchange (ETDEWEB)
Li, Y; Newe, T [Optical Fibre Sensors Research Centre, Department of Electronic and Computer Engineering, University of Limerick, Limerick (Ireland)
2007-07-15
With the rapid growth of Wireless Sensor Networks (WSNs), many advanced application areas have received significant attention. However, security will be an important factor for their full adoption. Wireless sensor nodes pose unique challenges and as such traditional security protocols, used in traditional networks cannot be applied directly. Some new protocols have been published recently with the goal of providing both privacy of data and authentication of sensor nodes for WSNs. Such protocols can employ private-key and/or public key cryptographic algorithms. Public key algorithms hold the promise of simplifying the network infrastructure required to provide security services such as: privacy, authentication and non-repudiation, while symmetric algorithms require less processing power on the lower power wireless node. In this paper a selection of key establishment/agreement protocols are reviewed and they are broadly divided into two categories: group key agreement protocols and pair-wise key establishment protocols. A summary of the capabilities and security related services provided by each protocol is provided.
Experimentally generated randomness certified by the impossibility of superluminal signals.
Bierhorst, Peter; Knill, Emanuel; Glancy, Scott; Zhang, Yanbao; Mink, Alan; Jordan, Stephen; Rommal, Andrea; Liu, Yi-Kai; Christensen, Bradley; Nam, Sae Woo; Stevens, Martin J; Shalm, Lynden K
2018-04-01
From dice to modern electronic circuits, there have been many attempts to build better devices to generate random numbers. Randomness is fundamental to security and cryptographic systems and to safeguarding privacy. A key challenge with random-number generators is that it is hard to ensure that their outputs are unpredictable 1-3 . For a random-number generator based on a physical process, such as a noisy classical system or an elementary quantum measurement, a detailed model that describes the underlying physics is necessary to assert unpredictability. Imperfections in the model compromise the integrity of the device. However, it is possible to exploit the phenomenon of quantum non-locality with a loophole-free Bell test to build a random-number generator that can produce output that is unpredictable to any adversary that is limited only by general physical principles, such as special relativity 1-11 . With recent technological developments, it is now possible to carry out such a loophole-free Bell test 12-14,22 . Here we present certified randomness obtained from a photonic Bell experiment and extract 1,024 random bits that are uniformly distributed to within 10 -12 . These random bits could not have been predicted according to any physical theory that prohibits faster-than-light (superluminal) signalling and that allows independent measurement choices. To certify and quantify the randomness, we describe a protocol that is optimized for devices that are characterized by a low per-trial violation of Bell inequalities. Future random-number generators based on loophole-free Bell tests may have a role in increasing the security and trust of our cryptographic systems and infrastructure.
Czernik, Pawel
2013-10-01
The hardware random number generator based on the 74121 monostable multivibrators for applications in cryptographically secure distributed measurement and control systems with asymmetric resources was presented. This device was implemented on the basis of the physical electronic vibration generator in which the circuit is composed of two "loop" 74121 monostable multivibrators, D flip-flop and external clock signal source. The clock signal, witch control D flip-flop was generated by a computer on one of the parallel port pins. There was presented programmed the author's acquisition process of random data from the measuring system to a computer. The presented system was designed, builded and thoroughly tested in the term of cryptographic security in our laboratory, what there is the most important part of this publication. Real cryptographic security was tested based on the author's software and the software environment called RDieHarder. The obtained results was here presented and analyzed in detail with particular reference to the specificity of distributed measurement and control systems with asymmetric resources.
Super fast physical-random number generation using laser diode frequency noises
Ushiki, Tetsuro; Doi, Kohei; Maehara, Shinya; Sato, Takashi; Ohkawa, Masashi; Ohdaira, Yasuo
2011-02-01
Random numbers can be classified as either pseudo- or physical-random in character. Pseudo-random numbers' periodicity renders them inappropriate for use in cryptographic applications, but naturally-generated physical-random numbers have no calculable periodicity, thereby making them ideally-suited to the task. The laser diode naturally produces a wideband "noise" signal that is believed to have tremendous capacity and great promise, for the rapid generation of physical-random numbers for use in cryptographic applications. We measured a laser diode's output, at a fast photo detector and generated physical-random numbers from frequency noises. We then identified and evaluated the binary-number-line's statistical properties. The result shows that physical-random number generation, at speeds as high as 40Gbps, is obtainable, using the laser diode's frequency noise characteristic.
A System-Level Throughput Model for Quantum Key Distribution
2015-09-17
discrete logarithms in a finite field [35]. Arguably the most popular asymmetric encryption scheme is the RSA algorithm, published a year later in...Theory, vol. 22, no. 6, pp. 644-654, 1976. [36] G. Singh and S. Supriya, ’A Study of Encryption Algorithms ( RSA , DES, 3DES and AES) for Information...xv Dictionary QKD = Quantum Key Distribution OTP = One-Time Pad cryptographic algorithm DES = Data Encryption Standard 3DES
Directory of Open Access Journals (Sweden)
Shabir Ahmad Sofi
2017-05-01
Full Text Available Ad Hoc wireless sensor network (WSN is a collection of nodes that do not need to rely on predefined infrastructure to keep the network connected. The level of security and performance are always somehow related to each other, therefore due to limited resources in WSN, cryptographic methods for securing the network against attacks is not feasible. Byzantine attacks disrupt the communication between nodes in the network without regard to its own resource consumption. This paper discusses the performance of cluster based WSN comparing LEACH with Advanced node based clusters under byzantine attacks. This paper also proposes an algorithm for detection and isolation of the compromised nodes to mitigate the attacks by non-cryptographic means. The throughput increases after using the algorithm for isolation of the malicious nodes, 33% in case of Gray Hole attack and 62% in case of Black Hole attack.
2002-03-22
may be derived from detailed inspection of the IC itself or from illicit appropriation of design information. Counterfeit smart cards can be mass...Infrastructure (PKI) as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair...interference devices (SQDIS), electrical testing, and electron beam testing. • Other attacks, such as UV or X-rays or high temperatures, could cause erasure
Yu, Aifang; Chen, Xiangyu; Cui, Haotian; Chen, Libo; Luo, Jianjun; Tang, Wei; Peng, Mingzeng; Zhang, Yang; Zhai, Junyi; Wang, Zhong Lin
2016-12-27
Modern cryptography increasingly employs random numbers generated from physical sources in lieu of conventional software-based pseudorandom numbers, primarily owing to the great demand of unpredictable, indecipherable cryptographic keys from true random numbers for information security. Thus, far, the sole demonstration of true random numbers has been generated through thermal noise and/or quantum effects, which suffers from expensive and complex equipment. In this paper, we demonstrate a method for self-powered creation of true random numbers by using triboelectric technology to collect random signals from nature. This random number generator based on coupled triboelectric and electrostatic induction effects at the liquid-dielectric interface includes an elaborately designed triboelectric generator (TENG) with an irregular grating structure, an electronic-optical device, and an optical-electronic device. The random characteristics of raindrops are harvested through TENG and consequently transformed and converted by electronic-optical device and an optical-electronic device with a nonlinear characteristic. The cooperation of the mechanical, electrical, and optical signals ensures that the generator possesses complex nonlinear input-output behavior and contributes to increased randomness. The random number sequences are deduced from final electrical signals received by an optical-electronic device using a familiar algorithm. These obtained random number sequences exhibit good statistical characteristics, unpredictability, and unrepeatability. Our study supplies a simple, practical, and effective method to generate true random numbers, which can be widely used in cryptographic protocols, digital signatures, authentication, identification, and other information security fields.
Rafi Ahamed, Shaik
2016-01-01
In biomedical, data security is the most expensive resource for wireless body area network applications. Cryptographic algorithms are used in order to protect the information against unauthorised access. Advanced encryption standard (AES) cryptographic algorithm plays a vital role in telemedicine applications. The authors propose a novel approach for design of substitution bytes (S-Box) using second-order reversible one-dimensional cellular automata (RCA2) as a replacement to the classical look-up-table (LUT) based S-Box used in AES algorithm. The performance of proposed RCA2 based S-Box and conventional LUT based S-Box is evaluated in terms of security using the cryptographic properties such as the nonlinearity, correlation immunity bias, strict avalanche criteria and entropy. Moreover, it is also shown that RCA2 based S-Boxes are dynamic in nature, invertible and provide high level of security. Further, it is also found that the RCA2 based S-Box have comparatively better performance than that of conventional LUT based S-Box. PMID:27733924
Gangadari, Bhoopal Rao; Rafi Ahamed, Shaik
2016-09-01
In biomedical, data security is the most expensive resource for wireless body area network applications. Cryptographic algorithms are used in order to protect the information against unauthorised access. Advanced encryption standard (AES) cryptographic algorithm plays a vital role in telemedicine applications. The authors propose a novel approach for design of substitution bytes (S-Box) using second-order reversible one-dimensional cellular automata (RCA 2 ) as a replacement to the classical look-up-table (LUT) based S-Box used in AES algorithm. The performance of proposed RCA 2 based S-Box and conventional LUT based S-Box is evaluated in terms of security using the cryptographic properties such as the nonlinearity, correlation immunity bias, strict avalanche criteria and entropy. Moreover, it is also shown that RCA 2 based S-Boxes are dynamic in nature, invertible and provide high level of security. Further, it is also found that the RCA 2 based S-Box have comparatively better performance than that of conventional LUT based S-Box.
IMPLEMENTATION OF NEURAL - CRYPTOGRAPHIC SYSTEM USING FPGA
Directory of Open Access Journals (Sweden)
KARAM M. Z. OTHMAN
2011-08-01
Full Text Available Modern cryptography techniques are virtually unbreakable. As the Internet and other forms of electronic communication become more prevalent, electronic security is becoming increasingly important. Cryptography is used to protect e-mail messages, credit card information, and corporate data. The design of the cryptography system is a conventional cryptography that uses one key for encryption and decryption process. The chosen cryptography algorithm is stream cipher algorithm that encrypt one bit at a time. The central problem in the stream-cipher cryptography is the difficulty of generating a long unpredictable sequence of binary signals from short and random key. Pseudo random number generators (PRNG have been widely used to construct this key sequence. The pseudo random number generator was designed using the Artificial Neural Networks (ANN. The Artificial Neural Networks (ANN providing the required nonlinearity properties that increases the randomness statistical properties of the pseudo random generator. The learning algorithm of this neural network is backpropagation learning algorithm. The learning process was done by software program in Matlab (software implementation to get the efficient weights. Then, the learned neural network was implemented using field programmable gate array (FPGA.
A fingerprint key binding algorithm based on vector quantization and error correction
Li, Liang; Wang, Qian; Lv, Ke; He, Ning
2012-04-01
In recent years, researches on seamless combination cryptosystem with biometric technologies, e.g. fingerprint recognition, are conducted by many researchers. In this paper, we propose a binding algorithm of fingerprint template and cryptographic key to protect and access the key by fingerprint verification. In order to avoid the intrinsic fuzziness of variant fingerprints, vector quantization and error correction technique are introduced to transform fingerprint template and then bind with key, after a process of fingerprint registration and extracting global ridge pattern of fingerprint. The key itself is secure because only hash value is stored and it is released only when fingerprint verification succeeds. Experimental results demonstrate the effectiveness of our ideas.
Secure self-calibrating quantum random-bit generator
International Nuclear Information System (INIS)
Fiorentino, M.; Santori, C.; Spillane, S. M.; Beausoleil, R. G.; Munro, W. J.
2007-01-01
Random-bit generators (RBGs) are key components of a variety of information processing applications ranging from simulations to cryptography. In particular, cryptographic systems require 'strong' RBGs that produce high-entropy bit sequences, but traditional software pseudo-RBGs have very low entropy content and therefore are relatively weak for cryptography. Hardware RBGs yield entropy from chaotic or quantum physical systems and therefore are expected to exhibit high entropy, but in current implementations their exact entropy content is unknown. Here we report a quantum random-bit generator (QRBG) that harvests entropy by measuring single-photon and entangled two-photon polarization states. We introduce and implement a quantum tomographic method to measure a lower bound on the 'min-entropy' of the system, and we employ this value to distill a truly random-bit sequence. This approach is secure: even if an attacker takes control of the source of optical states, a secure random sequence can be distilled
Efficient, Robust and Constant-Round Distributed RSA Key Generation
DEFF Research Database (Denmark)
Damgård, Ivan Bjerre; Mikkelsen, Gert Læssøe
2010-01-01
We present the first protocol for distributed RSA key generation which is constant round, secure against malicious adversaries and has a negligibly small bound on the error probability, even using only one iteration of the underlying primality test on each candidate number.......We present the first protocol for distributed RSA key generation which is constant round, secure against malicious adversaries and has a negligibly small bound on the error probability, even using only one iteration of the underlying primality test on each candidate number....
Quantum key distribution with an entangled light emitting diode
Energy Technology Data Exchange (ETDEWEB)
Dzurnak, B.; Stevenson, R. M.; Nilsson, J.; Dynes, J. F.; Yuan, Z. L.; Skiba-Szymanska, J.; Shields, A. J. [Toshiba Research Europe Limited, 208 Science Park, Milton Road, Cambridge CB4 0GZ (United Kingdom); Farrer, I.; Ritchie, D. A. [Cavendish Laboratory, University of Cambridge, JJ Thomson Avenue, Cambridge CB3 0HE (United Kingdom)
2015-12-28
Measurements performed on entangled photon pairs shared between two parties can allow unique quantum cryptographic keys to be formed, creating secure links between users. An advantage of using such entangled photon links is that they can be adapted to propagate entanglement to end users of quantum networks with only untrusted nodes. However, demonstrations of quantum key distribution with entangled photons have so far relied on sources optically excited with lasers. Here, we realize a quantum cryptography system based on an electrically driven entangled-light-emitting diode. Measurement bases are passively chosen and we show formation of an error-free quantum key. Our measurements also simultaneously reveal Bell's parameter for the detected light, which exceeds the threshold for quantum entanglement.
Directory of Open Access Journals (Sweden)
Niti Ravika Nasution
2017-04-01
Full Text Available In this study the authors use Cryptographic Algorithms Rivest Shamir Adleman Chinese Remainder Theorem (RSA-CRT and steganography technique Random Least Significant Bits (LSB. RSA-CRT is basically the same as usual, but utilizing RSA CRT theorem to shorten the bit size decryption exponent d by hiding d on congruent systems that accelerate time decryption, the difference in the key generation process and the decryption process. Cryptographic algorithm RSA-CRT produce ciphertext stored into a picture (image using Steganography technique Random Least Significant Bits (LSB. The workings of Random LSB is storing the message (ciphertext in the first bit or the second bit random key for use random number generator Pseudo Random Number Generator (PRNG with Linear Congruential Generator (LCG method. Ciphertext stored in a picture (image has extracted key re-use random number generator at the time of inserting the message. Then the ciphertext is decrypted back by the algorithm RSA-CRT to produce the original text (plaintext. Merging Cryptographic Algorithm RSA-CRT with Steganography Technique Simple LSB than with Random LSB generate higher PSNR and MSE is lower, which means better level of data security and more resistant to attack. Has more difficult to find a secret message by cryptanalysis and steganalyst.
Quantum Communication Attacks on Classical Cryptographic Protocols
DEFF Research Database (Denmark)
Damgård, Ivan Bjerre
, one can show that the protocol remains secure even under such an attack. However, there are also cases where the honest players are quantum as well, even if the protocol uses classical communication. For instance, this is the case when classical multiparty computation is used as a “subroutine......In the literature on cryptographic protocols, it has been studied several times what happens if a classical protocol is attacked by a quantum adversary. Usually, this is taken to mean that the adversary runs a quantum algorithm, but communicates classically with the honest players. In several cases......” in quantum multiparty computation. Furthermore, in the future, players in a protocol may employ quantum computing simply to improve efficiency of their local computation, even if the communication is supposed to be classical. In such cases, it no longer seems clear that a quantum adversary must be limited...
Quantum Communication Attacks on Classical Cryptographic Protocols
DEFF Research Database (Denmark)
Damgård, Ivan Bjerre
, one can show that the protocol remains secure even under such an attack. However, there are also cases where the honest players are quantum as well, even if the protocol uses classical communication. For instance, this is the case when classical multiparty computation is used as a “subroutine......” in quantum multiparty computation. Furthermore, in the future, players in a protocol may employ quantum computing simply to improve efficiency of their local computation, even if the communication is supposed to be classical. In such cases, it no longer seems clear that a quantum adversary must be limited......In the literature on cryptographic protocols, it has been studied several times what happens if a classical protocol is attacked by a quantum adversary. Usually, this is taken to mean that the adversary runs a quantum algorithm, but communicates classically with the honest players. In several cases...
Quantum-noise randomized data encryption for wavelength-division-multiplexed fiber-optic networks
International Nuclear Information System (INIS)
Corndorf, Eric; Liang Chuang; Kanter, Gregory S.; Kumar, Prem; Yuen, Horace P.
2005-01-01
We demonstrate high-rate randomized data-encryption through optical fibers using the inherent quantum-measurement noise of coherent states of light. Specifically, we demonstrate 650 Mbit/s data encryption through a 10 Gbit/s data-bearing, in-line amplified 200-km-long line. In our protocol, legitimate users (who share a short secret key) communicate using an M-ry signal set while an attacker (who does not share the secret key) is forced to contend with the fundamental and irreducible quantum-measurement noise of coherent states. Implementations of our protocol using both polarization-encoded signal sets as well as polarization-insensitive phase-keyed signal sets are experimentally and theoretically evaluated. Different from the performance criteria for the cryptographic objective of key generation (quantum key-generation), one possible set of performance criteria for the cryptographic objective of data encryption is established and carefully considered
Authenticated group Diffie-Hellman key exchange: theory and practice
Energy Technology Data Exchange (ETDEWEB)
Chevassut, Olivier [Catholic Univ. of Louvain, Louvain-la-Neuve (Belgium)
2002-10-01
Authenticated two-party Diffie-Hellman key exchange allows two principals A and B, communicating over a public network, and each holding a pair of matching public/private keys to agree on a session key. Protocols designed to deal with this problem ensure A (B resp.)that no other principals aside from B (A resp.) can learn any information about this value. These protocols additionally often ensure A and B that their respective partner has actually computed the shared secret value. A natural extension to the above cryptographic protocol problem is to consider a pool of principals agreeing on a session key. Over the years several papers have extended the two-party Diffie-Hellman key exchange to the multi-party setting but no formal treatments were carried out till recently. In light of recent developments in the formalization of the authenticated two-party Diffie-Hellman key exchange we have in this thesis laid out the authenticated group Diffie-Hellman key exchange on firmer foundations.
Information Theoretic Secret Key Generation: Structured Codes and Tree Packing
Nitinawarat, Sirin
2010-01-01
This dissertation deals with a multiterminal source model for secret key generation by multiple network terminals with prior and privileged access to a set of correlated signals complemented by public discussion among themselves. Emphasis is placed on a characterization of secret key capacity, i.e., the largest rate of an achievable secret key,…
Low-Power Public Key Cryptography
Energy Technology Data Exchange (ETDEWEB)
BEAVER,CHERYL L.; DRAELOS,TIMOTHY J.; HAMILTON,VICTORIA A.; SCHROEPPEL,RICHARD C.; GONZALES,RITA A.; MILLER,RUSSELL D.; THOMAS,EDWARD V.
2000-11-01
This report presents research on public key, digital signature algorithms for cryptographic authentication in low-powered, low-computation environments. We assessed algorithms for suitability based on their signature size, and computation and storage requirements. We evaluated a variety of general purpose and special purpose computing platforms to address issues such as memory, voltage requirements, and special functionality for low-powered applications. In addition, we examined custom design platforms. We found that a custom design offers the most flexibility and can be optimized for specific algorithms. Furthermore, the entire platform can exist on a single Application Specific Integrated Circuit (ASIC) or can be integrated with commercially available components to produce the desired computing platform.
Dynamic Group Diffie-Hellman Key Exchange under standard assumptions
International Nuclear Information System (INIS)
Bresson, Emmanuel; Chevassut, Olivier; Pointcheval, David
2002-01-01
Authenticated Diffie-Hellman key exchange allows two principals communicating over a public network, and each holding public-private keys, to agree on a shared secret value. In this paper we study the natural extension of this cryptographic problem to a group of principals. We begin from existing formal security models and refine them to incorporate major missing details (e.g., strong-corruption and concurrent sessions). Within this model we define the execution of a protocol for authenticated dynamic group Diffie-Hellman and show that it is provably secure under the decisional Diffie-Hellman assumption. Our security result holds in the standard model and thus provides better security guarantees than previously published results in the random oracle model
On cryptographic security of end-to-end encrypted connections in WhatsApp and Telegram messengers
Directory of Open Access Journals (Sweden)
Sergey V. Zapechnikov
2017-11-01
Full Text Available The aim of this work is to analyze the available possibilities for improving secure messaging with end-to-end connections under conditions of external violator actions and distrusted service provider. We made a comparative analysis of cryptographic security mechanisms for two widely used messengers: Telegram and WhatsApp. It was found that Telegram is based on MTProto protocol, while WhatsApp is based on the alternative Signal protocol. We examine the specific features of messengers implementation associated with random number generation on the most popular Android mobile platform. It was shown that Signal has better security properties. It is used in several other popular messengers such as TextSecure, RedPhone, GoogleAllo, FacebookMessenger, Signal along with WhatsApp. A number of possible attacks on both messengers were analyzed in details. In particular, we demonstrate that the metadata are poorly protected in both messengers. Metadata security may be one of the goals for further studies.
Automatic Inference of Cryptographic Key Length Based on Analysis of Proof Tightness
2016-06-01
allows us to select a smaller security parameter). 5.5 Python Implementation We implement our software tool in the Python programming language...27 5.4 Second Pass . . . . . . . . . . . . . . . . . . . . . . . . . . 31 5.5 Python Implementation . . . . . . . . . . . . . . . . . . . . . . 32 5.6...software tool, implemented in Python and leveraging the SymPy symbolic solver library; and • We validate our tool using the Schnorr public-key
Mahmood, Zahid; Ning, Huansheng; Ghafoor, AtaUllah
2017-03-24
Wireless Sensor Networks (WSNs) consist of lightweight devices to measure sensitive data that are highly vulnerable to security attacks due to their constrained resources. In a similar manner, the internet-based lightweight devices used in the Internet of Things (IoT) are facing severe security and privacy issues because of the direct accessibility of devices due to their connection to the internet. Complex and resource-intensive security schemes are infeasible and reduce the network lifetime. In this regard, we have explored the polynomial distribution-based key establishment schemes and identified an issue that the resultant polynomial value is either storage intensive or infeasible when large values are multiplied. It becomes more costly when these polynomials are regenerated dynamically after each node join or leave operation and whenever key is refreshed. To reduce the computation, we have proposed an Efficient Key Management (EKM) scheme for multiparty communication-based scenarios. The proposed session key management protocol is established by applying a symmetric polynomial for group members, and the group head acts as a responsible node. The polynomial generation method uses security credentials and secure hash function. Symmetric cryptographic parameters are efficient in computation, communication, and the storage required. The security justification of the proposed scheme has been completed by using Rubin logic, which guarantees that the protocol attains mutual validation and session key agreement property strongly among the participating entities. Simulation scenarios are performed using NS 2.35 to validate the results for storage, communication, latency, energy, and polynomial calculation costs during authentication, session key generation, node migration, secure joining, and leaving phases. EKM is efficient regarding storage, computation, and communication overhead and can protect WSN-based IoT infrastructure.
Yang, Xiuping; Min, Lequan; Wang, Xue
2015-05-01
This paper sets up a chaos criterion theorem on a kind of cubic polynomial discrete maps. Using this theorem, Zhou-Song's chaos criterion theorem on quadratic polynomial discrete maps and generalized synchronization (GS) theorem construct an eight-dimensional chaotic GS system. Numerical simulations have been carried out to verify the effectiveness of theoretical results. The chaotic GS system is used to design a chaos-based pseudorandom number generator (CPRNG). Using FIPS 140-2 test suit/Generalized FIPS 140-2, test suit tests the randomness of two 1000 key streams consisting of 20 000 bits generated by the CPRNG, respectively. The results show that there are 99.9%/98.5% key streams to have passed the FIPS 140-2 test suit/Generalized FIPS 140-2 test. Numerical simulations show that the different keystreams have an average 50.001% same codes. The key space of the CPRNG is larger than 2(1345). As an application of the CPRNG, this study gives an image encryption example. Experimental results show that the linear coefficients between the plaintext and the ciphertext and the decrypted ciphertexts via the 100 key streams with perturbed keys are less than 0.00428. The result suggests that the decrypted texts via the keystreams generated via perturbed keys of the CPRNG are almost completely independent on the original image text, and brute attacks are needed to break the cryptographic system.
Provably-Secure Authenticated Group Diffie-Hellman KeyExchange
Energy Technology Data Exchange (ETDEWEB)
Bresson, Emmanuel; Chevassut, Olivier; Pointcheval, David
2007-01-01
Authenticated key exchange protocols allow two participantsA and B, communicating over a public network and each holding anauthentication means, to exchange a shared secret value. Methods designedto deal with this cryptographic problem ensure A (resp. B) that no otherparticipants aside from B (resp. A) can learn any information about theagreed value, and often also ensure A and B that their respective partnerhas actually computed this value. A natural extension to thiscryptographic method is to consider a pool of participants exchanging ashared secret value and to provide a formal treatment for it. Startingfrom the famous 2-party Diffie-Hellman (DH) key exchange protocol, andfrom its authenticated variants, security experts have extended it to themulti-party setting for over a decade and completed a formal analysis inthe framework of modern cryptography in the past few years. The presentpaper synthesizes this body of work on the provably-secure authenticatedgroup DH key exchange.
Reid, M. D.
2000-12-01
Correlations of the type discussed by EPR in their original 1935 paradox for continuous variables exist for the quadrature phase amplitudes of two spatially separated fields. These correlations were first experimentally reported in 1992. We propose to use such EPR beams in quantum cryptography, to transmit with high efficiency messages in such a way that the receiver and sender may later determine whether eavesdropping has occurred. The merit of the new proposal is in the possibility of transmitting a reasonably secure yet predetermined key. This would allow relay of a cryptographic key over long distances in the presence of lossy channels.
2017-09-01
satisfying the strict avalanche criterion,” Discrete Math ., vol. 185, pp. 29–39, 1998. [2] R.C. Bose, “On some connections between the design of... Discrete Appl. Math ., vol. 149, pp. 73–86, 2005. [11] T.W. Cusick and P. Stănică, Cryptographic Boolean Functions and Applications, 2nd ed., San Diego...Stănică, “Bisecting binomial coefficients,” Discrete Appl. Math ., vol. 227, pp. 70–83, 2017. [28] T. Martinsen, W. Meidl, and P. Stănică, “Generalized
A novel block cryptosystem based on iterating a chaotic map
International Nuclear Information System (INIS)
Xiang Tao; Liao Xiaofeng; Tang Guoping; Chen Yong; Wong, Kwok-wo
2006-01-01
A block cryptographic scheme based on iterating a chaotic map is proposed. With random binary sequences generated from the real-valued chaotic map, the plaintext block is permuted by a key-dependent shift approach and then encrypted by the classical chaotic masking technique. Simulation results show that performance and security of the proposed cryptographic scheme are better than those of existing algorithms. Advantages and security of our scheme are also discussed in detail
Quadratic Sieve integer factorization using Hadoop
Ghebregiorgish, Semere Tsehaye
2012-01-01
Master's thesis in Computer Science Integer factorization problem is one of the most important parts in the world of cryptography. The security of the widely-used public-key cryptographic algorithm, RSA [1], and the Blum Blum Shub cryptographic pseudorandom number generator [2] heavily depend on the presumed difficulty of factoring a number to its prime constituents. As the size of the number to be factored gets larger, the difficulty of the problem increases enormously. Thi...
Cryptographically supported NFC tags in medication for better inpatient safety.
Özcanhan, Mehmet Hilal; Dalkılıç, Gökhan; Utku, Semih
2014-08-01
Reliable sources report that errors in drug administration are increasing the number of harmed or killed inpatients, during healthcare. This development is in contradiction to patient safety norms. A correctly designed hospital-wide ubiquitous system, using advanced inpatient identification and matching techniques, should provide correct medicine and dosage at the right time. Researchers are still making grouping proof protocol proposals based on the EPC Global Class 1 Generation 2 ver. 1.2 standard tags, for drug administration. Analyses show that such protocols make medication unsecure and hence fail to guarantee inpatient safety. Thus, the original goal of patient safety still remains. In this paper, a very recent proposal (EKATE) upgraded by a cryptographic function is shown to fall short of expectations. Then, an alternative proposal IMS-NFC which uses a more suitable and newer technology; namely Near Field Communication (NFC), is described. The proposed protocol has the additional support of stronger security primitives and it is compliant to ISO communication and security standards. Unlike previous works, the proposal is a complete ubiquitous system that guarantees full patient safety; and it is based on off-the-shelf, new technology products available in every corner of the world. To prove the claims the performance, cost, security and scope of IMS-NFC are compared with previous proposals. Evaluation shows that the proposed system has stronger security, increased patient safety and equal efficiency, at little extra cost.
Two-Round Password-Only Authenticated Key Exchange in the Three-Party Setting
Directory of Open Access Journals (Sweden)
Junghyun Nam
2015-01-01
Full Text Available We present the first provably-secure three-party password-only authenticated key exchange (PAKE protocol that can run in only two communication rounds. Our protocol is generic in the sense that it can be constructed from any two-party PAKE protocol. The protocol is proven secure in a variant of the widely-accepted model of Bellare, Pointcheval and Rogaway (2000 without any idealized assumptions on the cryptographic primitives used. We also investigate the security of the two-round, three-party PAKE protocol of Wang, Hu and Li (2010 and demonstrate that this protocol cannot achieve implicit key authentication in the presence of an active adversary.
MEANING OF THE BITCOIN CRYPTOGRAPHIC CURRENCY AS A MEDIUM OF EXCHANGE
Directory of Open Access Journals (Sweden)
Łukasz Dopierała
2014-06-01
Full Text Available This article presents one of the new elements of virtual reality, which is the Bitcoin cryptocurrency. This thesis focuses on the condition and perspectives on development of the trading function of this instrument. The authors discuss the legal aspects of functioning of the Bitcoin, conduct a SWOT analysis of this cryptocurrency as a medium of exchange, and examin the scale of use of Bitcoin in transaction purposes. As of March 1, 2014 the trading system gradually develops and the strengths of this cryptographic currency outweigh its weaknesses, but the future of Bitcoin as a medium of exchange is difficult to determine.
MiMC: Efficient encryption and cryptographic hashing with minimal multiplicative complexity
DEFF Research Database (Denmark)
Albrecht, Martin; Grassi, Lorenzo; Rechberger, Christian
2016-01-01
and cryptographic hash functions is to reconsider and simplify the round function of the Knudsen-Nyberg cipher from 1995. The mapping F(x) := x3 is used as the main component there and is also the main component of our family of proposals called “MiMC”. We study various attack vectors for this construction and give...... a new attack vector that outperforms others in relevant settings. Due to its very low number of multiplications, the design lends itself well to a large class of applications, especially when the depth does not matter but the total number of multiplications in the circuit dominates all aspects...
Security bound of two-basis quantum-key-distribution protocols using qudits
International Nuclear Information System (INIS)
Nikolopoulos, Georgios M.; Alber, Gernot
2005-01-01
We investigate the security bounds of quantum-cryptographic protocols using d-level systems. In particular, we focus on schemes that use two mutually unbiased bases, thus extending the Bennett-Brassard 1984 quantum-key-distribution scheme to higher dimensions. Under the assumption of general coherent attacks, we derive an analytic expression for the ultimate upper security bound of such quantum-cryptography schemes. This bound is well below the predictions of optimal cloning machines. The possibility of extraction of a secret key beyond entanglement distillation is discussed. In the case of qutrits we argue that any eavesdropping strategy is equivalent to a symmetric one. For higher dimensions such an equivalence is generally no longer valid
Key distillation in quantum cryptography
Slutsky, Boris Aron
1998-11-01
Quantum cryptography is a technique which permits two parties to communicate over an open channel and establish a shared sequence of bits known only to themselves. This task, provably impossible in classical cryptography, is accomplished by encoding the data on quantum particles and harnessing their unique properties. It is believed that no eavesdropping attack consistent with the laws of quantum theory can compromise the secret data unknowingly to the legitimate users of the channel. Any attempt by a hostile actor to monitor the data carrying particles while in transit reveals itself through transmission errors it must inevitably introduce. Unfortunately, in practice a communication is not free of errors even when no eavesdropping is present. Key distillation is a technique that permits the parties to overcome this difficulty and establish a secret key despite channel defects, under the assumption that every particle is handled independently from other particles by the enemy. In the present work, key distillation is described and its various aspects are studied. A relationship is derived between the average error rate resulting from an eavesdropping attack and the amount of information obtained by the attacker. Formal definition is developed of the security of the final key. The net throughput of secret bits in a quantum cryptosystem employing key distillation is assessed. An overview of quantum cryptographic protocols and related information theoretical results is also given.
All-optical cryptography of M-QAM formats by using two-dimensional spectrally sliced keys.
Abbade, Marcelo L F; Cvijetic, Milorad; Messani, Carlos A; Alves, Cleiton J; Tenenbaum, Stefan
2015-05-10
There has been an increased interest in enhancing the security of optical communications systems and networks. All-optical cryptography methods have been considered as an alternative to electronic data encryption. In this paper we propose and verify the use of a novel all-optical scheme based on cryptographic keys applied on the spectral signal for encryption of the M-QAM modulated data with bit rates of up to 200 gigabits per second.
The IAEA's Universal Instrument Token
International Nuclear Information System (INIS)
Naumann, I.; Wishard, B.; Morgan, K.; Christoph, B.; Schwier, A.; Frank, T.
2015-01-01
The IAEA currently seeks to improve the harmonization of security approaches across safeguards equipment. The protection of digital safeguards data is based on several principles: a) the signing of data in measurement devices using standard public/private-key-based signature generation, b) the storage of secret keys on certified, tamper-protected cryptographic devices, and c) well-established cryptographic algorithms and protocols based on global standards and internationally recognized cryptographic libraries. This paper discusses a cryptographic token, the Universal Instrument Token, which constitutes the core element of the architecture for signing safeguards data. This architecture supports the above principles and is compliant with the IAEA's information security policies and guidelines. An important side-condition is that the UIT must be implemented across a wide range of operating systems and hardware architectures, which mandates the use of open-source software for all software-related parts involved. The UIT is permanently connected to the measuring device (usually via the USB port) and requires complex hardware drivers and middleware components. Identifying open-source based, mature and ready-for-use smart card drivers and tools that are compatible with a range of operating systems was a major challenge. Reliable and well-established cryptographic libraries reside at the core of every information-security application. Different types of review software, typically software products used at IAEA headquarters in Vienna but occasionally also in the facilities, need to contain some specific software modules in order to verify the digital signatures attached to the data. Finally, also required are enrollment tools which generate private keys and certify their corresponding public counterparts using the IAEA's internal Certification Authority. In 2014, the roll-out of the UIT has raised the security of IAEA instrument data signing to a level which is
DEVELOPMENT OF A NEW ALGORITHM FOR KEY AND S-BOX GENERATION IN BLOWFISH ALGORITHM
Directory of Open Access Journals (Sweden)
TAYSEER S. ATIA
2014-08-01
Full Text Available Blowfish algorithm is a block cipher algorithm, its strong, simple algorithm used to encrypt data in block of size 64-bit. Key and S-box generation process in this algorithm require time and memory space the reasons that make this algorithm not convenient to be used in smart card or application requires changing secret key frequently. In this paper a new key and S-box generation process was developed based on Self Synchronization Stream Cipher (SSS algorithm where the key generation process for this algorithm was modified to be used with the blowfish algorithm. Test result shows that the generation process requires relatively slow time and reasonably low memory requirement and this enhance the algorithm and gave it the possibility for different usage.
Short Review on Quantum Key Distribution Protocols.
Giampouris, Dimitris
2017-01-01
Cryptographic protocols and mechanisms are widely investigated under the notion of quantum computing. Quantum cryptography offers particular advantages over classical ones, whereas in some cases established protocols have to be revisited in order to maintain their functionality. The purpose of this paper is to provide the basic definitions and review the most important theoretical advancements concerning the BB84 and E91 protocols. It also aims to offer a summary on some key developments on the field of quantum key distribution, closely related with the two aforementioned protocols. The main goal of this study is to provide the necessary background information along with a thorough review on the theoretical aspects of QKD, concentrating on specific protocols. The BB84 and E91 protocols have been chosen because most other protocols are similar to these, a fact that makes them important for the general understanding of how the QKD mechanism functions.
Energy Technology Data Exchange (ETDEWEB)
Yang, Xiuping, E-mail: yangxiuping-1990@163.com; Min, Lequan, E-mail: minlequan@sina.com; Wang, Xue, E-mail: wangxue-20130818@163.com [Schools of Mathematics and Physics, University of Science and Technology Beijing, Beijing 100083 (China)
2015-05-15
This paper sets up a chaos criterion theorem on a kind of cubic polynomial discrete maps. Using this theorem, Zhou-Song's chaos criterion theorem on quadratic polynomial discrete maps and generalized synchronization (GS) theorem construct an eight-dimensional chaotic GS system. Numerical simulations have been carried out to verify the effectiveness of theoretical results. The chaotic GS system is used to design a chaos-based pseudorandom number generator (CPRNG). Using FIPS 140-2 test suit/Generalized FIPS 140-2, test suit tests the randomness of two 1000 key streams consisting of 20 000 bits generated by the CPRNG, respectively. The results show that there are 99.9%/98.5% key streams to have passed the FIPS 140-2 test suit/Generalized FIPS 140-2 test. Numerical simulations show that the different keystreams have an average 50.001% same codes. The key space of the CPRNG is larger than 2{sup 1345}. As an application of the CPRNG, this study gives an image encryption example. Experimental results show that the linear coefficients between the plaintext and the ciphertext and the decrypted ciphertexts via the 100 key streams with perturbed keys are less than 0.00428. The result suggests that the decrypted texts via the keystreams generated via perturbed keys of the CPRNG are almost completely independent on the original image text, and brute attacks are needed to break the cryptographic system.
Novel Quantum Encryption Algorithm Based on Multiqubit Quantum Shift Register and Hill Cipher
International Nuclear Information System (INIS)
Khalaf, Rifaat Zaidan; Abdullah, Alharith Abdulkareem
2014-01-01
Based on a quantum shift register, a novel quantum block cryptographic algorithm that can be used to encrypt classical messages is proposed. The message is encoded and decoded by using a code generated by the quantum shift register. The security of this algorithm is analysed in detail. It is shown that, in the quantum block cryptographic algorithm, two keys can be used. One of them is the classical key that is used in the Hill cipher algorithm where Alice and Bob use the authenticated Diffie Hellman key exchange algorithm using the concept of digital signature for the authentication of the two communicating parties and so eliminate the man-in-the-middle attack. The other key is generated by the quantum shift register and used for the coding of the encryption message, where Alice and Bob share the key by using the BB84 protocol. The novel algorithm can prevent a quantum attack strategy as well as a classical attack strategy. The problem of key management is discussed and circuits for the encryption and the decryption are suggested
ON TESTING OF CRYPTOGRAPHYC GENERATORS OUTPUT SEQUENCES USING MARKOV CHAINS OF CONDITIONAL ORDER
Directory of Open Access Journals (Sweden)
M. V. Maltsev
2013-01-01
Full Text Available The paper deals with the Markov chain of conditional order, which is used for statisticaltesting of cryptographic generators. Statistical estimations of model parameters are given. Consistency of the order estimator is proved. Results of computer experiments are presented.
African Journals Online (AJOL)
Egwali, Annie O. Vol 19 (2011) - Articles Appraising the Strength of Users Passwords in Computing Systems in Nigeria Abstract · Vol 19 (2011) - Articles A Key Generation Model for Improving the Security of Cryptographic Keys Abstract. ISSN: 1116-4336. AJOL African Journals Online. HOW TO USE AJOL... for Researchers ...
African Journals Online (AJOL)
Items 1 - 50 of 985 ... Vol 19 (2011), A Key Generation Model for Improving the Security of Cryptographic Keys, Abstract. Annie O Egwali. Vol 19 (2011), A Linear Multistep Method with Continuous coefficients for Solving First Order Ordinary Differential Equation (ODE), Abstract. Umaru Mohammed. Vol 30 (2015), A Line-Tau ...
Bourgoin, Jean-Philippe; Gigov, Nikolay; Higgins, Brendon L.; Yan, Zhizhong; Meyer-Scott, Evan; Khandani, Amir K.; Lütkenhaus, Norbert; Jennewein, Thomas
2015-11-01
Quantum key distribution (QKD) has the potential to improve communications security by offering cryptographic keys whose security relies on the fundamental properties of quantum physics. The use of a trusted quantum receiver on an orbiting satellite is the most practical near-term solution to the challenge of achieving long-distance (global-scale) QKD, currently limited to a few hundred kilometers on the ground. This scenario presents unique challenges, such as high photon losses and restricted classical data transmission and processing power due to the limitations of a typical satellite platform. Here we demonstrate the feasibility of such a system by implementing a QKD protocol, with optical transmission and full post-processing, in the high-loss regime using minimized computing hardware at the receiver. Employing weak coherent pulses with decoy states, we demonstrate the production of secure key bits at up to 56.5 dB of photon loss. We further illustrate the feasibility of a satellite uplink by generating a secure key while experimentally emulating the varying losses predicted for realistic low-Earth-orbit satellite passes at 600 km altitude. With a 76 MHz source and including finite-size analysis, we extract 3374 bits of a secure key from the best pass. We also illustrate the potential benefit of combining multiple passes together: while one suboptimal "upper-quartile" pass produces no finite-sized key with our source, the combination of three such passes allows us to extract 165 bits of a secure key. Alternatively, we find that by increasing the signal rate to 300 MHz it would be possible to extract 21 570 bits of a secure finite-sized key in just a single upper-quartile pass.
Detector decoy quantum key distribution
International Nuclear Information System (INIS)
Moroder, Tobias; Luetkenhaus, Norbert; Curty, Marcos
2009-01-01
Photon number resolving detectors can enhance the performance of many practical quantum cryptographic setups. In this paper, we employ a simple method to estimate the statistics provided by such a photon number resolving detector using only a threshold detector together with a variable attenuator. This idea is similar in spirit to that of the decoy state technique, and is especially suited to those scenarios where only a few parameters of the photon number statistics of the incoming signals have to be estimated. As an illustration of the potential applicability of the method in quantum communication protocols, we use it to prove security of an entanglement-based quantum key distribution scheme with an untrusted source without the need for a squash model and by solely using this extra idea. In this sense, this detector decoy method can be seen as a different conceptual approach to adapt a single-photon security proof to its physical, full optical implementation. We show that in this scenario, the legitimate users can now even discard the double click events from the raw key data without compromising the security of the scheme, and we present simulations on the performance of the BB84 and the 6-state quantum key distribution protocols.
Modified Baptista type chaotic cryptosystem via matrix secret key
International Nuclear Information System (INIS)
Ariffin, M.R.K.; Noorani, M.S.M.
2008-01-01
In 1998, M.S. Baptista proposed a chaotic cryptosystem using the ergodicity property of the simple low-dimensional and chaotic logistic equation. Since then, many cryptosystems based on Baptista's work have been proposed. However, over the years research has shown that this cryptosystem is predictable and vulnerable to attacks and is widely discussed. Among the weaknesses are the non-uniform distribution of ciphertexts and succumbing to the one-time pad attack (a type of chosen plaintext attack). In this Letter, our objective is to modify the chaotic cryptographic scheme proposed previously. We use a matrix secret key such that the cryptosystem would no longer succumb to the one-time pad attack
Distributed protocols for digital signatures and public key encryption.
Kuchta, Veronika
2016-01-01
Distributed protocols allow a cryptographic scheme to distribute its operation among a group of participants (servers). This new concept of cryptosystems was introduced by Desmedt [56]. We consider two different flavours of distributed protocols. One of them considers a distributed model with n parties where all of these parties are honest. The other allows up to t − 1 parties to be faulty. Such cryptosystems are called threshold cryptosystems. The distribution of cryptographic process is ...
Development of a New Cryptographic Construct Using Palmprint-Based Fuzzy Vault
Directory of Open Access Journals (Sweden)
Amioy Kumar
2009-01-01
Full Text Available The combination of cryptology and biometrics has emerged as promising component of information security. Despite the current popularity of palmprint biometric, there has not been any attempt to investigate its usage for the fuzzy vault. This paper therefore investigates the possible usage of palmprint in fuzzy vault to develop a user friendly and reliable crypto system. We suggest the use of both symmetric and asymmetric approach for the encryption. The ciphertext of any document is generated by symmetric cryptosystem; the symmetric key is then encrypted by asymmetric approach. Further, Reed and Solomon codes are used on the generated asymmetric key to provide some error tolerance while decryption. The experimental results from the proposed approach on the palmprint images suggest its possible usage in an automated palmprint-based key generation system.
Autocompensating quantum cryptography
International Nuclear Information System (INIS)
Bethune, Donald S.; Risk, William P.
2002-01-01
Quantum cryptographic key distribution (QKD) uses extremely faint light pulses to carry quantum information between two parties (Alice and Bob), allowing them to generate a shared, secret cryptographic key. Autocompensating QKD systems automatically and passively compensate for uncontrolled time-dependent variations of the optical fibre properties by coding the information as a differential phase between orthogonally polarized components of a light pulse sent on a round trip through the fibre, reflected at mid-course using a Faraday mirror. We have built a prototype system based on standard telecom technology that achieves a privacy-amplified bit generation rate of ∼1000 bits s -1 over a 10 km optical fibre link. Quantum cryptography is an example of an application that, by using quantum states of individual particles to represent information, accomplishes a practical task that is impossible using classical means. (author)
A New Three Dimensional Based Key Generation Technique in AVK
Banerjee, Subhasish; Dutta, Manash Pratim; Bhunia, Chandan Tilak
2017-08-01
In modern era, ensuring high order security becomes one and only objective of computer networks. From the last few decades, many researchers have given their contributions to achieve the secrecy over the communication channel. In achieving perfect security, Shannon had done the pioneer work on perfect secret theorem and illustrated that secrecy of the shared information can be maintained if the key becomes variable in nature instead of static one. In this regard, a key generation technique has been proposed where the key can be changed every time whenever a new block of data needs to be exchanged. In our scheme, the keys not only vary in bit sequences but also in size. The experimental study is also included in this article to prove the correctness and effectiveness of our proposed technique.
Building Secure Public Key Encryption Scheme from Hidden Field Equations
Directory of Open Access Journals (Sweden)
Yuan Ping
2017-01-01
Full Text Available Multivariate public key cryptography is a set of cryptographic schemes built from the NP-hardness of solving quadratic equations over finite fields, amongst which the hidden field equations (HFE family of schemes remain the most famous. However, the original HFE scheme was insecure, and the follow-up modifications were shown to be still vulnerable to attacks. In this paper, we propose a new variant of the HFE scheme by considering the special equation x2=x defined over the finite field F3 when x=0,1. We observe that the equation can be used to further destroy the special structure of the underlying central map of the HFE scheme. It is shown that the proposed public key encryption scheme is secure against known attacks including the MinRank attack, the algebraic attacks, and the linearization equations attacks. The proposal gains some advantages over the original HFE scheme with respect to the encryption speed and public key size.
Efficient Sampling of the Structure of Crypto Generators' State Transition Graphs
Keller, Jörg
Cryptographic generators, e.g. stream cipher generators like the A5/1 used in GSM networks or pseudo-random number generators, are widely used in cryptographic network protocols. Basically, they are finite state machines with deterministic transition functions. Their state transition graphs typically cannot be analyzed analytically, nor can they be explored completely because of their size which typically is at least n = 264. Yet, their structure, i.e. number and sizes of weakly connected components, is of interest because a structure deviating significantly from expected values for random graphs may form a distinguishing attack that indicates a weakness or backdoor. By sampling, one randomly chooses k nodes, derives their distribution onto connected components by graph exploration, and extrapolates these results to the complete graph. In known algorithms, the computational cost to determine the component for one randomly chosen node is up to O(√n), which severely restricts the sample size k. We present an algorithm where the computational cost to find the connected component for one randomly chosen node is O(1), so that a much larger sample size k can be analyzed in a given time. We report on the performance of a prototype implementation, and about preliminary analysis for several generators.
PRIMITIVE MATRICES AND GENERATORS OF PSEUDO RANDOM SEQUENCES OF GALOIS
Directory of Open Access Journals (Sweden)
A. Beletsky
2014-04-01
Full Text Available In theory and practice of information cryptographic protection one of the key problems is the forming a binary pseudo-random sequences (PRS with a maximum length with acceptable statistical characteristics. PRS generators are usually implemented by linear shift register (LSR of maximum period with linear feedback [1]. In this paper we extend the concept of LSR, assuming that each of its rank (memory cell can be in one of the following condition. Let’s call such registers “generalized linear shift register.” The research goal is to develop algorithms for constructing Galois and Fibonacci generalized matrix of n-order over the field , which uniquely determined both the structure of corresponding generalized of n-order LSR maximal period, and formed on their basis Galois PRS generators of maximum length. Thus the article presents the questions of formation the primitive generalized Fibonacci and Galois arbitrary order matrix over the prime field . The synthesis of matrices is based on the use of irreducible polynomials of degree and primitive elements of the extended field generated by polynomial. The constructing methods of Galois and Fibonacci conjugated primitive matrices are suggested. The using possibilities of such matrices in solving the problem of constructing generalized generators of Galois pseudo-random sequences are discussed.
Distributed generation of shared RSA keys in mobile ad hoc networks
Liu, Yi-Liang; Huang, Qin; Shen, Ying
2005-12-01
Mobile Ad Hoc Networks is a totally new concept in which mobile nodes are able to communicate together over wireless links in an independent manner, independent of fixed physical infrastructure and centralized administrative infrastructure. However, the nature of Ad Hoc Networks makes them very vulnerable to security threats. Generation and distribution of shared keys for CA (Certification Authority) is challenging for security solution based on distributed PKI(Public-Key Infrastructure)/CA. The solutions that have been proposed in the literature and some related issues are discussed in this paper. The solution of a distributed generation of shared threshold RSA keys for CA is proposed in the present paper. During the process of creating an RSA private key share, every CA node only has its own private security. Distributed arithmetic is used to create the CA's private share locally, and that the requirement of centralized management institution is eliminated. Based on fully considering the Mobile Ad Hoc network's characteristic of self-organization, it avoids the security hidden trouble that comes by holding an all private security share of CA, with which the security and robustness of system is enhanced.
Anticollusion Attack Noninteractive Security Hierarchical Key Agreement Scheme in WHMS
Directory of Open Access Journals (Sweden)
Kefei Mao
2016-01-01
Full Text Available Wireless Health Monitoring Systems (WHMS have potential to change the way of health care and bring numbers of benefits to patients, physicians, hospitals, and society. However, there are crucial barriers not only to transmit the biometric information but also to protect the privacy and security of the patients’ information. The key agreement between two entities is an essential cryptography operation to clear the barriers. In particular, the noninteractive hierarchical key agreement scheme becomes an attractive direction in WHMS because each sensor node or gateway has limited resources and power. Recently, a noninteractive hierarchical key agreement scheme has been proposed by Kim for WHMS. However, we show that Kim’s cryptographic scheme is vulnerable to the collusion attack if the physicians can be corrupted. Obviously, it is a more practical security condition. Therefore, we proposed an improved key agreement scheme against the attack. Security proof, security analysis, and experimental results demonstrate that our proposed scheme gains enhanced security and more efficiency than Kim’s previous scheme while inheriting its qualities of one-round communication and security properties.
A cyber-physical approach to secret key generation in smart environments
Barsocchi, Paolo; Chessa, Stefano; Martinovic, Ivan; Oligeri, Gabriele
2011-01-01
Encrypted communication in wireless sensor networks oftentimes requires additional randomness and frequent re-keying in order to avoid known-plain text attacks. Conventional approaches for shared secret generation suffer however from various disadvantages, such as necessity of a trusted third party, protocol scalability, and especially, the computational resources needed for performance-demanding public-key protocols. To appropriately respond to the increasing disproportions between a computa...
Bui, Francis Minhthang; Hatzinakos, Dimitrios
2007-12-01
As electronic communications become more prevalent, mobile and universal, the threats of data compromises also accordingly loom larger. In the context of a body sensor network (BSN), which permits pervasive monitoring of potentially sensitive medical data, security and privacy concerns are particularly important. It is a challenge to implement traditional security infrastructures in these types of lightweight networks since they are by design limited in both computational and communication resources. A key enabling technology for secure communications in BSN's has emerged to be biometrics. In this work, we present two complementary approaches which exploit physiological signals to address security issues: (1) a resource-efficient key management system for generating and distributing cryptographic keys to constituent sensors in a BSN; (2) a novel data scrambling method, based on interpolation and random sampling, that is envisioned as a potential alternative to conventional symmetric encryption algorithms for certain types of data. The former targets the resource constraints in BSN's, while the latter addresses the fuzzy variability of biometric signals, which has largely precluded the direct application of conventional encryption. Using electrocardiogram (ECG) signals as biometrics, the resulting computer simulations demonstrate the feasibility and efficacy of these methods for delivering secure communications in BSN's.
Directory of Open Access Journals (Sweden)
Dimitrios Hatzinakos
2008-03-01
Full Text Available As electronic communications become more prevalent, mobile and universal, the threats of data compromises also accordingly loom larger. In the context of a body sensor network (BSN, which permits pervasive monitoring of potentially sensitive medical data, security and privacy concerns are particularly important. It is a challenge to implement traditional security infrastructures in these types of lightweight networks since they are by design limited in both computational and communication resources. A key enabling technology for secure communications in BSN's has emerged to be biometrics. In this work, we present two complementary approaches which exploit physiological signals to address security issues: (1 a resource-efficient key management system for generating and distributing cryptographic keys to constituent sensors in a BSN; (2 a novel data scrambling method, based on interpolation and random sampling, that is envisioned as a potential alternative to conventional symmetric encryption algorithms for certain types of data. The former targets the resource constraints in BSN's, while the latter addresses the fuzzy variability of biometric signals, which has largely precluded the direct application of conventional encryption. Using electrocardiogram (ECG signals as biometrics, the resulting computer simulations demonstrate the feasibility and efficacy of these methods for delivering secure communications in BSN's.
Shi, Jinyang; Lam, Kwok-Yan; Gu, Ming; Li, Mingze; Chung, Siu-Leung
2011-10-01
Wireless body sensor network (WBSN) has gained significant interests as an important infrastructure for real-time biomedical healthcare systems, while the security of the sensitive health information becomes one of the main challenges. Due to the constraints of limited power, traditional cryptographic key distribution schemes are not suitable for WBSN. This paper proposes a novel energy-efficient approach, BodyKey, which can distribute the keys using the electrocardiograph biometrics. BodyKey represents the biometric features as ordered set, and deals with the biometric variations using set reconciliation. In this way, only limited necessary information needs to be communicated for key agreement, and the total energy consumption for key distribution can thus be reduced. Experiments on the PhysioBank Database show that BodyKey can perform an energy consumption rate of 0.01 mJ/bit with an equal accuracy rate of 97.28%, allowing the system to be used as an energy-efficient key distribution scheme for secure communications in WBSN.
Key Generation for Fast Inversion of the Paillier Encryption Function
Hirano, Takato; Tanaka, Keisuke
We study fast inversion of the Paillier encryption function. Especially, we focus only on key generation, and do not modify the Paillier encryption function. We propose three key generation algorithms based on the speeding-up techniques for the RSA encryption function. By using our algorithms, the size of the private CRT exponent is half of that of Paillier-CRT. The first algorithm employs the extended Euclidean algorithm. The second algorithm employs factoring algorithms, and can construct the private CRT exponent with low Hamming weight. The third algorithm is a variant of the second one, and has some advantage such as compression of the private CRT exponent and no requirement for factoring algorithms. We also propose the settings of the parameters for these algorithms and analyze the security of the Paillier encryption function by these algorithms against known attacks. Finally, we give experimental results of our algorithms.
Secure Key Management in the Cloud
DEFF Research Database (Denmark)
Damgård, Ivan Bjerre; Jakobsen, Thomas Pelle; Nielsen, Jesper Buus
2013-01-01
information such as cryptographic keys. Applications like this include many cases where secure multiparty computation is outsourced to the cloud, and in particular a number of online auctions and benchmark computations with confidential inputs. We consider fully autonomous servers that switch between online......We consider applications involving a number of servers in the cloud that go through a sequence of online periods where the servers communicate, separated by offline periods where the servers are idle. During the offline periods, we assume that the servers need to securely store sensitive...... and offline periods without communicating with anyone from outside the cloud, and semi-autonomous servers that need a limited kind of assistance from outside the cloud when doing the transition. We study the levels of security one can – and cannot – obtain in this model, propose light-weight protocols...
1987-05-01
34 Advances in Crypt g: Proceedings of CRYPTO 84,r o ... .. .. _ __...o ... .. ... ....... ed. by G.R. Blakely and D. Chaum . [Wagn84b] Wagner, Neal R...in Distributed Computer Systems," IEEE Trans. on Computers, Vol. C-35, No. 7, Jul. 86, pp. 583-590. Gifford, David K., "Cryptographic Sealing for
Soelistijanto, B.; Muliadi, V.
2018-03-01
Diffie-Hellman (DH) provides an efficient key exchange system by reducing the number of cryptographic keys distributed in the network. In this method, a node broadcasts a single public key to all nodes in the network, and in turn each peer uses this key to establish a shared secret key which then can be utilized to encrypt and decrypt traffic between the peer and the given node. In this paper, we evaluate the key transfer delay and cost performance of DH in opportunistic mobile networks, a specific scenario of MANETs where complete end-to-end paths rarely exist between sources and destinations; consequently, the end-to-end delays in these networks are much greater than typical MANETs. Simulation results, driven by a random node movement model and real human mobility traces, showed that DH outperforms a typical key distribution scheme based on the RSA algorithm in terms of key transfer delay, measured by average key convergence time; however, DH performs as well as the benchmark in terms of key transfer cost, evaluated by total key (copies) forwards.
A novel method of S-box design based on chaotic map and composition method
International Nuclear Information System (INIS)
Lambić, Dragan
2014-01-01
Highlights: • Novel chaotic S-box generation method is presented. • Presented S-box has better cryptographic properties than other examples of chaotic S-boxes. • The advantages of the proposed method are the low complexity and large key space. -- Abstract: An efficient algorithm for obtaining random bijective S-boxes based on chaotic maps and composition method is presented. The proposed method is based on compositions of S-boxes from a fixed starting set. The sequence of the indices of starting S-boxes used is obtained by using chaotic maps. The results of performance test show that the S-box presented in this paper has good cryptographic properties. The advantages of the proposed method are the low complexity and the possibility to achieve large key space
Controlling Leakage of Biometric Information using Dithering
Buhan, I.R.; Doumen, J.M.; Hartel, Pieter H.; Buhan, I.R.; Doumen, J.M.; Hartel, P.H.
Fuzzy extractors allow cryptographic keys to be generated from noisy, non-uniform biometric data. Fuzzy extractors can be used to authenticate a user to a server without storing her biometric data directly. However, in the Information Theoretic sense fuzzy extractors will leak information about the
Directory of Open Access Journals (Sweden)
B. SENTHILKUMAR
2015-05-01
Full Text Available A novel implementation of code based cryptography (Cryptocoding technique for multi-layer key distribution scheme is presented. VLSI chip is designed for storing information on generation of round keys. New algorithm is developed for reduced key size with optimal performance. Error Control Algorithm is employed for both generation of round keys and diffusion of non-linearity among them. Two new functions for bit inversion and its reversal are developed for cryptocoding. Probability of retrieving original key from any other round keys is reduced by diffusing nonlinear selective bit inversions on round keys. Randomized selective bit inversions are done on equal length of key bits by Round Constant Feedback Shift Register within the error correction limits of chosen code. Complexity of retrieving the original key from any other round keys is increased by optimal hardware usage. Proposed design is simulated and synthesized using VHDL coding for Spartan3E FPGA and results are shown. Comparative analysis is done between 128 bit Advanced Encryption Standard round keys and proposed round keys for showing security strength of proposed algorithm. This paper concludes that chip based multi-layer key distribution of proposed algorithm is an enhanced solution to the existing threats on cryptography algorithms.
A robust SRAM-PUF key generation scheme based on polar codes
Chen, Bin; Ignatenko, Tanya; Willems, Frans M.J.; Maes, Roel; van der Sluis, Erik; Selimis, Georgios
2017-01-01
Physical unclonable functions (PUFs) are relatively new security primitives used for device authentication and device-specific secret key generation. In this paper we focus on SRAM- PUFs. The SRAM-PUFs enjoy uniqueness and randomness properties stemming from the intrinsic randomness of SRAM memory
The University of Canberra quantum key distribution testbed
International Nuclear Information System (INIS)
Ganeshkumar, G.; Edwards, P.J.; Cheung, W.N.; Barbopoulos, L.O.; Pham, H.; Hazel, J.C.
1999-01-01
Full text: We describe the design, operation and preliminary results obtained from a quantum key distribution (QKD) testbed constructed at the University of Canberra. Quantum cryptographic systems use shared secret keys exchanged in the form of sequences of polarisation coded or phase encoded single photons transmitted over an optical communications channel. Secrecy of this quantum key rests upon fundamental laws of quantum physics: measurements of linear or circular photon polarisation states introduce noise into the conjugate variable and so reveal eavesdropping. In its initial realisation reported here, pulsed light from a 650nm laser diode is attenuated by a factor of 10 6 , plane-polarised and then transmitted through a birefringent liquid crystal modulator (LCM) to a polarisation sensitive single photon receiver. This transmitted key sequence consists of a 1 kHz train of weak coherent 100ns wide light pulses, polarisation coded according to the BB84 protocol. Each pulse is randomly assigned one of four polarisation states (two orthogonal linear and two orthogonal circular) by computer PCA operated by the sender ('Alice'). This quaternary polarisation shift keyed photon stream is detected by the receiver ('Bob') whose computer (PCB) randomly chooses either a linear or a circular polarisation basis. Computer PCB is also used for final key selection, authentication, privacy amplification and eavesdropping. We briefly discuss the realisation of a mesoscopic single photon QKD source and the use of the testbed to simulate a global quantum key distribution system using earth satellites. Copyright (1999) Australian Optical Society
A Secure Information Framework with APRQ Properties
Rupa, Ch.
2017-08-01
Internet of the things is the most trending topics in the digital world. Security issues are rampant. In the corporate or institutional setting, security risks are apparent from the outset. Market leaders are unable to use the cryptographic techniques due to their complexities. Hence many bits of private information, including ID, are readily available for third parties to see and to utilize. There is a need to decrease the complexity and increase the robustness of the cryptographic approaches. In view of this, a new cryptographic technique as good encryption pact with adjacency, random prime number and quantum code properties has been proposed. Here, encryption can be done by using quantum photons with gray code. This approach uses the concepts of physics and mathematics with no external key exchange to improve the security of the data. It also reduces the key attacks by generation of a key at the party side instead of sharing. This method makes the security more robust than with the existing approach. Important properties of gray code and quantum are adjacency property and different photons to a single bit (0 or 1). These can reduce the avalanche effect. Cryptanalysis of the proposed method shows that it is resistant to various attacks and stronger than the existing approaches.
Physical Layer Secret-Key Generation Scheme for Transportation Security Sensor Network.
Yang, Bin; Zhang, Jianfeng
2017-06-28
Wireless Sensor Networks (WSNs) are widely used in different disciplines, including transportation systems, agriculture field environment monitoring, healthcare systems, and industrial monitoring. The security challenge of the wireless communication link between sensor nodes is critical in WSNs. In this paper, we propose a new physical layer secret-key generation scheme for transportation security sensor network. The scheme is based on the cooperation of all the sensor nodes, thus avoiding the key distribution process, which increases the security of the system. Different passive and active attack models are analyzed in this paper. We also prove that when the cooperative node number is large enough, even when the eavesdropper is equipped with multiple antennas, the secret-key is still secure. Numerical results are performed to show the efficiency of the proposed scheme.
Directory of Open Access Journals (Sweden)
P. G. Klyucharev
2014-01-01
Full Text Available In the paper the author considers hardware implementation of the GRACE-H family general cellular automata based cryptographic hash functions. VHDL is used as a language and Altera FPGA as a platform for hardware implementation. Performance and effectiveness of the FPGA implementations of GRACE-H hash functions were compared with Keccak (SHA-3, SHA-256, BLAKE, Groestl, JH, Skein hash functions. According to the performed tests, performance of the hardware implementation of GRACE-H family hash functions significantly (up to 12 times exceeded performance of the hardware implementation of previously known hash functions, and effectiveness of that hardware implementation was also better (up to 4 times.
Differential Fault Analysis on CLEFIA with 128, 192, and 256-Bit Keys
Takahashi, Junko; Fukunaga, Toshinori
This paper describes a differential fault analysis (DFA) attack against CLEFIA. The proposed attack can be applied to CLEFIA with all supported keys: 128, 192, and 256-bit keys. DFA is a type of side-channel attack. This attack enables the recovery of secret keys by injecting faults into a secure device during its computation of the cryptographic algorithm and comparing the correct ciphertext with the faulty one. CLEFIA is a 128-bit blockcipher with 128, 192, and 256-bit keys developed by the Sony Corporation in 2007. CLEFIA employs a generalized Feistel structure with four data lines. We developed a new attack method that uses this characteristic structure of the CLEFIA algorithm. On the basis of the proposed attack, only 2 pairs of correct and faulty ciphertexts are needed to retrieve the 128-bit key, and 10.78 pairs on average are needed to retrieve the 192 and 256-bit keys. The proposed attack is more efficient than any previously reported. In order to verify the proposed attack and estimate the calculation time to recover the secret key, we conducted an attack simulation using a PC. The simulation results show that we can obtain each secret key within three minutes on average. This result shows that we can obtain the entire key within a feasible computational time.
Pseudo-random number generator based on mixing of three chaotic maps
François, M.; Grosges, T.; Barchiesi, D.; Erra, R.
2014-04-01
A secure pseudo-random number generator three-mixer is proposed. The principle of the method consists in mixing three chaotic maps produced from an input initial vector. The algorithm uses permutations whose positions are computed and indexed by a standard chaotic function and a linear congruence. The performance of that scheme is evaluated through statistical analysis. Such a cryptosystem lets appear significant cryptographic qualities for a high security level.
Mobile Device Based Dynamic Key Management Protocols for Wireless Sensor Networks
Directory of Open Access Journals (Sweden)
Chin-Ling Chen
2015-01-01
Full Text Available In recent years, wireless sensor network (WSN applications have tended to transmit data hop by hop, from sensor nodes through cluster nodes to the base station. As a result, users must collect data from the base station. This study considers two different applications: hop by hop transmission of data from cluster nodes to the base station and the direct access to cluster nodes data by mobile users via mobile devices. Due to the hardware limitations of WSNs, some low-cost operations such as symmetric cryptographic algorithms and hash functions are used to implement a dynamic key management. The session key can be updated to prevent threats of attack from each communication. With these methods, the data gathered in wireless sensor networks can be more securely communicated. Moreover, the proposed scheme is analyzed and compared with related schemes. In addition, an NS2 simulation is developed in which the experimental results show that the designed communication protocol is workable.
Cooperative Secret Sharing Using QR Codes and Symmetric Keys
Directory of Open Access Journals (Sweden)
Yang-Wai Chow
2018-04-01
Full Text Available Secret sharing is an information security technique where a dealer divides a secret into a collection of shares and distributes these to members of a group. The secret will only be revealed when a predefined number of group members cooperate to recover the secret. The purpose of this study is to investigate a method of distributing shares by embedding them into cover Quick Response (QR codes in a secure manner using cryptographic keys. The advantage of this approach is that the shares can be disseminated over public channels, as anyone who scans the QR codes will only obtain public information. Only authorized individuals who are in possession of the required keys will be able to recover the shares. This also means that when group members cooperate to recover a secret, the group can determine the presence of an illegitimate participant if the person does not produce a valid share. This study proposes a protocol for accomplishing this and discusses the underlying security of the protocol.
Integral computer-generated hologram via a modified Gerchberg-Saxton algorithm
International Nuclear Information System (INIS)
Wu, Pei-Jung; Lin, Bor-Shyh; Chen, Chien-Yue; Huang, Guan-Syun; Deng, Qing-Long; Chang, Hsuan T
2015-01-01
An integral computer-generated hologram, which modulates the phase function of an object based on a modified Gerchberg–Saxton algorithm and compiles a digital cryptographic diagram with phase synthesis, is proposed in this study. When the diagram completes position demultiplexing decipherment, multi-angle elemental images can be reconstructed. Furthermore, an integral CGH with a depth of 225 mm and a visual angle of ±11° is projected through the lens array. (paper)
MODIFIED AES WITH RANDOM S BOX GENERATION TO OVERCOME THE SIDE CHANNEL ASSAULTS USING CLOUD
Directory of Open Access Journals (Sweden)
M. Navaneetha Krishnan
2017-01-01
Full Text Available Development of any communication system with secure and complex cryptographic algorithms highly depends on concepts of data security which is crucial in the current technological world. The security and complexity of the cryptography algorithms need to get increased by randomization of secret keys. To overcome the issues associated to data security and for improvising it during encryption and decryption process over the encrypting device, a novel Secure Side Channel Assault Prevention (SSCAP approach has been projected which will eliminate outflow of side channel messages and also provides effective security over the encrypting device. An effective Enriched AES (E-AES encryption algorithm is proposed to reduce the side channel attack; the modified algorithm in this research shows its improvement in the Generation of Random Multiple S - Box (GRM S-Box which makes it hard to the attacks to break the text which is in encrypted form. Our novel SSCAP approach also improves the security over the original information; it widely minimizes the leakage of the side channel information. Attackers cannot easily get a clue about the proposed S-Box Generation technique. Our E-AES algorithm will be implemented in cloud environment thereby improving the cloud security. The proposed SSCAP approach is judged against the existing security based algorithms on the scale of encryption and decryption time, time taken for generating the key, and performance. The proposed work proves to outperform over all other methods used in the past.
Design and analysis of cryptographic algorithms
DEFF Research Database (Denmark)
Kölbl, Stefan
. From securing our passwords and personal data to protecting mobile communication from eavesdroppers and our electronic bank transactions from manipulation. These applications would be impossible without cryptography. The main topic of this thesis is the design and security analysis of the most......In today’s world computers are ubiquitous. They can be found in virtually any industry and most households own at least one personal computer or have a mobile phone. Apart from these fairly large and complex devices, we also see computers on a much smaller scale appear in everyday objects...... to this development. However, most of this communication happens over inherently insecure channels requiring methods to protect our communication. A further issue is the vast amount of data generated, which raises serious privacy concerns. Cryptography provides the key components for protecting our communication...
Directory of Open Access Journals (Sweden)
Anunay Kulshrestha
2017-12-01
Full Text Available We introduce a robust framework that allows for cryptographically secure multiparty computations, such as distributed private value auctions. The security is guaranteed by two-sided authentication of all network connections, homomorphically encrypted bids, and the publication of zero-knowledge proofs of every computation. This also allows a non-participant verifier to verify the result of any such computation using only the information broadcasted on the network by each individual bidder. Building on previous work on such systems, we design and implement an extensible framework that puts the described ideas to practice. Apart from the actual implementation of the framework, our biggest contribution is the level of protection we are able to guarantee from attacks described in previous work. In order to provide guidance to users of the library, we analyze the use of zero knowledge proofs in ensuring the correct behavior of each node in a computation. We also describe the usage of the library to perform a private-value distributed auction, as well as the other challenges in implementing the protocol, such as auction registration and certificate distribution. Finally, we provide performance statistics on our implementation of the auction.
Authenticity techniques for PACS images and records
Wong, Stephen T. C.; Abundo, Marco; Huang, H. K.
1995-05-01
Along with the digital radiology environment supported by picture archiving and communication systems (PACS) comes a new problem: How to establish trust in multimedia medical data that exist only in the easily altered memory of a computer. Trust is characterized in terms of integrity and privacy of digital data. Two major self-enforcing techniques can be used to assure the authenticity of electronic images and text -- key-based cryptography and digital time stamping. Key-based cryptography associates the content of an image with the originator using one or two distinct keys and prevents alteration of the document by anyone other than the originator. A digital time stamping algorithm generates a characteristic `digital fingerprint' for the original document using a mathematical hash function, and checks that it has not been modified. This paper discusses these cryptographic algorithms and their appropriateness for a PACS environment. It also presents experimental results of cryptographic algorithms on several imaging modalities.
Symmetric cryptographic protocols
Ramkumar, Mahalingam
2014-01-01
This book focuses on protocols and constructions that make good use of symmetric pseudo random functions (PRF) like block ciphers and hash functions - the building blocks for symmetric cryptography. Readers will benefit from detailed discussion of several strategies for utilizing symmetric PRFs. Coverage includes various key distribution strategies for unicast, broadcast and multicast security, and strategies for constructing efficient digests of dynamic databases using binary hash trees. • Provides detailed coverage of symmetric key protocols • Describes various applications of symmetric building blocks • Includes strategies for constructing compact and efficient digests of dynamic databases
International Nuclear Information System (INIS)
Kannan, R.
2009-01-01
The UK government's economy-wide 60% carbon dioxide reduction target by 2050 requires a paradigm shift in the whole energy system. Numerous analytical studies have concluded that the power sector is a critical contributor to a low carbon energy system, and electricity generation has dominated the policy discussion on UK decarbonisation scenarios. However, range of technical, social and market challenges, combined with alternate market investment strategies mean that large scale deployment of key classes of low carbon electricity technologies is fraught with uncertainty. The UK MARKAL energy systems model has been used to investigate these long-term uncertainties in key electricity generation options. A range of power sector specific parametric sensitivities have been performed under a 'what-if' framework to provide a systematic exploration of least-cost energy system configurations under a broad, integrated set of input assumptions. In this paper results of six sensitivities, via restricted investments in key low carbon technologies to reflect their technical and political uncertainties, and an alternate investment strategies from perceived risk and other barriers, have been presented. (author)
Protecting Cryptographic Keys and Functions from Malware Attacks
2010-12-01
2009. 92 [17] D. Chaum and E. Van Heyst. Group signatures. In D. W. Davies, editor, Advances in Cryptology — Eurocrypt ’91, pages 257–265, Berlin...and David A. Patterson. Computer Architecture - A Quantitative Ap- proach. Morgan Kaufmann Publishers, pub-MORGAN-KAUFMANN:adr, third edition, 2002...to provide data secrecy for user appli- cations on a per-page basis. In David Gregg, Vikram S. Adve, and Brian N. Bershad, editors, Proceedings of the
Cryptographic keys from noisy data, theory and applications
Buhan, I.R.
2008-01-01
Biometric security systems that verify a person's identity by scanning fingers, hands, eye or face are becoming more and more common. As a result biometrics is one of the fastest growing industries. Applications for biometrics range from homeland security physical access to various facilities and
New public key cryptosystem based on quaternions
Durcheva, Mariana; Karailiev, Kristian
2017-12-01
Quaternions are not commonly used in cryptography. Nevertheless, the noncommutativity of their multiplication makes them suitable for cryptographic purposes. In this paper we suggest a Diffie-Hellman like cryptosystem based on the the quaternions. Additionally, a computer realization of the protocol is given.
Vagliasindi, Maria
2012-01-01
This paper presents new global evidence on the key determinants of public-private partnership investment in electricity generated by fossil fuels and renewable energy based on a panel data analysis for 105 developing countries over a period of 16 years from 1993 to 2008. It aims to identify the key factors affecting private investors' decision to enter electricity generation, through probi...
Chaos-based encryption keys and neural key-store for cloud-hosted data confidentiality
CSIR Research Space (South Africa)
Mosola, NN
2017-09-01
Full Text Available learning and cryptography, using neural networks. In their research, [7] proposes artificial intelligence techniques to invent cryptosystems to curb eavesdropping. The research proposes two artificial neural networks for develop a cryptographic... or UP. REFERENCES [1] A. Shawish and M. Salama, 2014. Cloud Computing: Paradigms and Technologies, F. Xhafa and N. Bessis (eds.), Inter-cooperative Collective Intelligence: Techniques and Applications, Studies in Computational Intelligence 495, DOI...
International Nuclear Information System (INIS)
Gaidash, A A; Egorov, V I; Gleim, A V
2016-01-01
Quantum cryptography allows distributing secure keys between two users so that any performed eavesdropping attempt would be immediately discovered. However, in practice an eavesdropper can obtain key information from multi-photon states when attenuated laser radiation is used as a source of quantum states. In order to prevent actions of an eavesdropper, it is generally suggested to implement special cryptographic protocols, like decoy states or SARG04. In this paper, we describe an alternative method based on monitoring photon number statistics after detection. We provide a useful rule of thumb to estimate approximate order of difference of expected distribution and distribution in case of attack. Formula for calculating a minimum value of total pulses or time-gaps to resolve attack is shown. Also formulas for actual fraction of raw key known to Eve were derived. This method can therefore be used with any system and even combining with mentioned special protocols. (paper)
DEFF Research Database (Denmark)
Gauravaram, Praveen; Knudsen, Lars Ramkilde
2010-01-01
functions, also called message authentication codes (MACs) serve data integrity and data origin authentication in the secret key setting. The building blocks of hash functions can be designed using block ciphers, modular arithmetic or from scratch. The design principles of the popular Merkle...
Kota, Sujatha; Padmanabhuni, Venkata Nageswara Rao; Budda, Kishor; K, Sruthi
2018-05-01
Elliptic Curve Cryptography (ECC) uses two keys private key and public key and is considered as a public key cryptographic algorithm that is used for both authentication of a person and confidentiality of data. Either one of the keys is used in encryption and other in decryption depending on usage. Private key is used in encryption by the user and public key is used to identify user in the case of authentication. Similarly, the sender encrypts with the private key and the public key is used to decrypt the message in case of confidentiality. Choosing the private key is always an issue in all public key Cryptographic Algorithms such as RSA, ECC. If tiny values are chosen in random the security of the complete algorithm becomes an issue. Since the Public key is computed based on the Private Key, if they are not chosen optimally they generate infinity values. The proposed Modified Elliptic Curve Cryptography uses selection in either of the choices; the first option is by using Particle Swarm Optimization and the second option is by using Cuckoo Search Algorithm for randomly choosing the values. The proposed algorithms are developed and tested using sample database and both are found to be secured and reliable. The test results prove that the private key is chosen optimally not repetitive or tiny and the computations in public key will not reach infinity.
Mishra, Dheerendra
2015-03-01
Smart card based authentication and key agreement schemes for telecare medicine information systems (TMIS) enable doctors, nurses, patients and health visitors to use smart cards for secure login to medical information systems. In recent years, several authentication and key agreement schemes have been proposed to present secure and efficient solution for TMIS. Most of the existing authentication schemes for TMIS have either higher computation overhead or are vulnerable to attacks. To reduce the computational overhead and enhance the security, Lee recently proposed an authentication and key agreement scheme using chaotic maps for TMIS. Xu et al. also proposed a password based authentication and key agreement scheme for TMIS using elliptic curve cryptography. Both the schemes provide better efficiency from the conventional public key cryptography based schemes. These schemes are important as they present an efficient solution for TMIS. We analyze the security of both Lee's scheme and Xu et al.'s schemes. Unfortunately, we identify that both the schemes are vulnerable to denial of service attack. To understand the security failures of these cryptographic schemes which are the key of patching existing schemes and designing future schemes, we demonstrate the security loopholes of Lee's scheme and Xu et al.'s scheme in this paper.
Dynamic Session-Key Generation for Wireless Sensor Networks
Directory of Open Access Journals (Sweden)
Chen Chin-Ling
2008-01-01
Full Text Available Abstract Recently, wireless sensor networks have been used extensively in different domains. For example, if the wireless sensor node of a wireless sensor network is distributed in an insecure area, a secret key must be used to protect the transmission between the sensor nodes. Most of the existing methods consist of preselecting keys from a key pool and forming a key chain. Then, the sensor nodes make use of the key chain to encrypt the data. However, while the secret key is being transmitted, it can easily be exposed during transmission. We propose a dynamic key management protocol, which can improve the security of the key juxtaposed to existing methods. Additionally, the dynamic update of the key can lower the probability of the key to being guessed correctly. In addition, with the new protocol, attacks on the wireless sensor network can be avoided.
Dynamic Session-Key Generation for Wireless Sensor Networks
Directory of Open Access Journals (Sweden)
Cheng-Ta Li
2008-09-01
Full Text Available Recently, wireless sensor networks have been used extensively in different domains. For example, if the wireless sensor node of a wireless sensor network is distributed in an insecure area, a secret key must be used to protect the transmission between the sensor nodes. Most of the existing methods consist of preselecting m keys from a key pool and forming a key chain. Then, the sensor nodes make use of the key chain to encrypt the data. However, while the secret key is being transmitted, it can easily be exposed during transmission. We propose a dynamic key management protocol, which can improve the security of the key juxtaposed to existing methods. Additionally, the dynamic update of the key can lower the probability of the key to being guessed correctly. In addition, with the new protocol, attacks on the wireless sensor network can be avoided.
Unbiased All-Optical Random-Number Generator
Steinle, Tobias; Greiner, Johannes N.; Wrachtrup, Jörg; Giessen, Harald; Gerhardt, Ilja
2017-10-01
The generation of random bits is of enormous importance in modern information science. Cryptographic security is based on random numbers which require a physical process for their generation. This is commonly performed by hardware random-number generators. These often exhibit a number of problems, namely experimental bias, memory in the system, and other technical subtleties, which reduce the reliability in the entropy estimation. Further, the generated outcome has to be postprocessed to "iron out" such spurious effects. Here, we present a purely optical randomness generator, based on the bistable output of an optical parametric oscillator. Detector noise plays no role and postprocessing is reduced to a minimum. Upon entering the bistable regime, initially the resulting output phase depends on vacuum fluctuations. Later, the phase is rigidly locked and can be well determined versus a pulse train, which is derived from the pump laser. This delivers an ambiguity-free output, which is reliably detected and associated with a binary outcome. The resulting random bit stream resembles a perfect coin toss and passes all relevant randomness measures. The random nature of the generated binary outcome is furthermore confirmed by an analysis of resulting conditional entropies.
Lin, Chao; Shen, Xueju; Li, Zengyan
2013-07-01
The key space of phase encryption algorithm using discrete random phase mask is investigated by numerical simulation in this paper. Random phase mask with finite and discrete phase levels is considered as the core component in most practical optical encryption architectures. The key space analysis is based on the design criteria of discrete random phase mask. The role of random amplitude mask and random phase mask in optical encryption system is identified from the perspective of confusion and diffusion. The properties of discrete random phase mask in a practical double random phase encoding scheme working in both amplitude encoding (AE) and phase encoding (PE) modes are comparably analyzed. The key space of random phase encryption algorithm is evaluated considering both the encryption quality and the brute-force attack resistibility. A method for enlarging the key space of phase encryption algorithm is also proposed to enhance the security of optical phase encryption techniques.
Directory of Open Access Journals (Sweden)
Oliver Hanka
2011-02-01
Full Text Available In this article, a security extension for the HiiMap Next Generation Internet Architecture is presented. We regard a public key infrastructure which is integrated into the mapping infrastructure of the locator/identifier-split addressing scheme. The security approach is based on Threshold Cryptography which enables a sharing of keys among the mapping servers. Hence, a more trustworthy and fair approach for a Next Generation Internet Architecture as compared to the state of the art approach is fostered. Additionally, we give an evaluation based on IETF AAA recommendations for security-related systems.
Directory of Open Access Journals (Sweden)
Lara Ortiz-Martin
2018-01-01
Full Text Available The proliferation of wearable and implantable medical devices has given rise to an interest in developing security schemes suitable for these systems and the environment in which they operate. One area that has received much attention lately is the use of (human biological signals as the basis for biometric authentication, identification and the generation of cryptographic keys. The heart signal (e.g., as recorded in an electrocardiogram has been used by several researchers in the last few years. Specifically, the so-called Inter-Pulse Intervals (IPIs, which is the time between two consecutive heartbeats, have been repeatedly pointed out as a potentially good source of entropy and are at the core of various recent authentication protocols. In this work, we report the results of a large-scale statistical study to determine whether such an assumption is (or not upheld. For this, we have analyzed 19 public datasets of heart signals from the Physionet repository, spanning electrocardiograms from 1353 subjects sampled at different frequencies and with lengths that vary between a few minutes and several hours. We believe this is the largest dataset on this topic analyzed in the literature. We have then applied a standard battery of randomness tests to the extracted IPIs. Under the algorithms described in this paper and after analyzing these 19 public ECG datasets, our results raise doubts about the use of IPI values as a good source of randomness for cryptographic purposes. This has repercussions both in the security of some of the protocols proposed up to now and also in the design of future IPI-based schemes.
“Robots in Space” Multiagent Problem: Complexity, Information and Cryptographic Aspects
Directory of Open Access Journals (Sweden)
A. Yu. Bernstein
2013-01-01
Full Text Available We study a multiagent algorithmic problem that we call Robot in Space (RinS: There are n ≥ 2 autonomous robots, that need to agree without outside interference on distribution of shelters, so that straight pathes to the shelters will not intersect. The problem is closely related to the assignment problem in Graph Theory, to the convex hull problem in Combinatorial Geometry, or to the path-planning problem in Artificial Intelligence. Our algorithm grew up from a local search solution of the problem suggested by E.W. Dijkstra. We present a multiagent anonymous and scalable algorithm (protocol solving the problem, give an upper bound for the algorithm, prove (manually its correctness, and examine two communication aspects of the RinS problem — the informational and cryptographic. We proved that (1 there is no protocol that solves the RinS, which transfers a bounded number of bits, and (2 suggested the protocol that allows robots to check whether their paths intersect, without revealing additional information about their relative positions (with respect to shelters. The present paper continues the research presented in Mars Robot Puzzle (a Multiagent Approach to the Dijkstra Problem (by E.V. Bodin, N.O. Garanina, and N.V. Shilov, published in Modeling and analysis of information systems, 18(2, 2011.
Hardware device binding and mutual authentication
Hamlet, Jason R; Pierson, Lyndon G
2014-03-04
Detection and deterrence of device tampering and subversion by substitution may be achieved by including a cryptographic unit within a computing device for binding multiple hardware devices and mutually authenticating the devices. The cryptographic unit includes a physically unclonable function ("PUF") circuit disposed in or on the hardware device, which generates a binding PUF value. The cryptographic unit uses the binding PUF value during an enrollment phase and subsequent authentication phases. During a subsequent authentication phase, the cryptographic unit uses the binding PUF values of the multiple hardware devices to generate a challenge to send to the other device, and to verify a challenge received from the other device to mutually authenticate the hardware devices.
DEFF Research Database (Denmark)
Geisler, Martin Joakim Bittel
cryptography was thus concerned with message confidentiality and integrity. Modern cryptography cover a much wider range of subjects including the area of secure multiparty computation, which will be the main topic of this dissertation. Our first contribution is a new protocol for secure comparison, presented...... implemented the comparison protocol in Java and benchmarks show that is it highly competitive and practical. The biggest contribution of this dissertation is a general framework for secure multiparty computation. Instead of making new ad hoc implementations for each protocol, we want a single and extensible...... in Chapter 2. Comparisons play a key role in many systems such as online auctions and benchmarks — it is not unreasonable to say that when parties come together for a multiparty computation, it is because they want to make decisions that depend on private information. Decisions depend on comparisons. We have...
Fast random-number generation using a diode laser's frequency noise characteristic
Takamori, Hiroki; Doi, Kohei; Maehara, Shinya; Kawakami, Kohei; Sato, Takashi; Ohkawa, Masashi; Ohdaira, Yasuo
2012-02-01
Random numbers can be classified as either pseudo- or physical-random, in character. Pseudo-random numbers are generated by definite periodicity, so, their usefulness in cryptographic applications is somewhat limited. On the other hand, naturally-generated physical-random numbers have no calculable periodicity, thereby making them ideal for the task. Diode lasers' considerable wideband noise gives them tremendous capacity for generating physical-random numbers, at a high rate of speed. We measured a diode laser's output with a fast photo detector, and evaluated the binary-numbers from the diode laser's frequency noise characteristics. We then identified and evaluated the binary-number-line's statistical properties. We also investigate the possibility that much faster physical-random number parallel-generation is possible, using separate outputs of different optical-path length and character, which we refer to as "coherence collapse".
Code-Based Cryptography: New Security Solutions Against a Quantum Adversary
Sendrier , Nicolas; Tillich , Jean-Pierre
2016-01-01
International audience; Cryptography is one of the key tools for providing security in our quickly evolving technological society. An adversary with the ability to use a quantum computer would defeat most of the cryptographic solutions that are deployed today to secure our communications. We do not know when quantum computing will become available, but nevertheless, the cryptographic research community must get ready for it now. Code-based cryptography is among the few cryptographic technique...
Opportunities in white-box cryptography
Michiels, W.
White-box cryptography is the discipline of implementing a cryptographic algorithm in software such that an adversary will have difficulty extracting the cryptographic key. This approach assumes that the adversary has full access to and full control over the implementation's execution. White-box
Architecture for the Secret-Key BC3 Cryptography Algorithm
Directory of Open Access Journals (Sweden)
Arif Sasongko
2011-08-01
Full Text Available Cryptography is a very important aspect in data security. The focus of research in this field is shifting from merely security aspect to consider as well the implementation aspect. This paper aims to introduce BC3 algorithm with focus on its hardware implementation. It proposes architecture for the hardware implementation for this algorithm. BC3 algorithm is a secret-key cryptography algorithm developed with two considerations: robustness and implementation efficiency. This algorithm has been implemented on software and has good performance compared to AES algorithm. BC3 is improvement of BC2 and AE cryptographic algorithm and it is expected to have the same level of robustness and to gain competitive advantages in the implementation aspect. The development of the architecture gives much attention on (1 resource sharing and (2 having single clock for each round. It exploits regularity of the algorithm. This architecture is then implemented on an FPGA. This implementation is three times smaller area than AES, but about five times faster. Furthermore, this BC3 hardware implementation has better performance compared to BC3 software both in key expansion stage and randomizing stage. For the future, the security of this implementation must be reviewed especially against side channel attack.
Directory of Open Access Journals (Sweden)
Sead Muftic
2016-12-01
Full Text Available With the widespread use of Internet, Web, and mobile technologies, a new category of applications and transactions that requires anonymity is gaining increased interest and importance. Examples of such new applications are innovative payment systems, digital notaries, electronic voting, documents sharing, electronic auctions, medical applications, and many others. In addition to anonymity, these applications and transactions also require standard security services: identification, authentication, and authorization of users and protection of their transactions. Providing those services in combination with anonymity is an especially challenging issue, because all security services require explicit user identification and authentication. To solve this issue and enable applications with security and also anonymity we introduce a new type of cryptographically encapsulated objects called BIX certificates. “BIX” is an abbreviation for “Blockchain Information Exchange.” Their purpose is equivalent to X.509 certificates: to support security services for users and transactions, but also enhanced with anonymity. This paper describes the structure and attributes of BIX certificate objects and all related protocols for their creation, distribution, and use. The BIX Certification Infrastructure (BCI as a distributed public ledger is also briefly described.
An Efficient Key-Policy Attribute-Based Encryption Scheme with Constant Ciphertext Length
Directory of Open Access Journals (Sweden)
Changji Wang
2013-01-01
Full Text Available There is an acceleration of adoption of cloud computing among enterprises. However, moving the infrastructure and sensitive data from trusted domain of the data owner to public cloud will pose severe security and privacy risks. Attribute-based encryption (ABE is a new cryptographic primitive which provides a promising tool for addressing the problem of secure and fine-grained data sharing and decentralized access control. Key-policy attribute-based encryption (KP-ABE is an important type of ABE, which enables senders to encrypt messages under a set of attributes and private keys are associated with access structures that specify which ciphertexts the key holder will be allowed to decrypt. In most existing KP-ABE scheme, the ciphertext size grows linearly with the number of attributes embedded in ciphertext. In this paper, we propose a new KP-ABE construction with constant ciphertext size. In our construction, the access policy can be expressed as any monotone access structure. Meanwhile, the ciphertext size is independent of the number of ciphertext attributes, and the number of bilinear pairing evaluations is reduced to a constant. We prove that our scheme is semantically secure in the selective-set model based on the general Diffie-Hellman exponent assumption.
Efficient secure-channel free public key encryption with keyword search for EMRs in cloud storage.
Guo, Lifeng; Yau, Wei-Chuen
2015-02-01
Searchable encryption is an important cryptographic primitive that enables privacy-preserving keyword search on encrypted electronic medical records (EMRs) in cloud storage. Efficiency of such searchable encryption in a medical cloud storage system is very crucial as it involves client platforms such as smartphones or tablets that only have constrained computing power and resources. In this paper, we propose an efficient secure-channel free public key encryption with keyword search (SCF-PEKS) scheme that is proven secure in the standard model. We show that our SCF-PEKS scheme is not only secure against chosen keyword and ciphertext attacks (IND-SCF-CKCA), but also secure against keyword guessing attacks (IND-KGA). Furthermore, our proposed scheme is more efficient than other recent SCF-PEKS schemes in the literature.
The Crypto Controversy : A Key Conflict in the Information Society
Koops, E.J.
1999-01-01
The aim of the book is twofold: to provide an overall, in-depth, and impartial analysis of the issues at stake, and to bridge the gap between technology and law, between governments and privacy activists, between cryptographers and law-enforcement agencies.
The Crypto Controversy: A Key Conflict in the Information Society
Koops, E.J.
1999-01-01
The aim of the book is twofold: to provide an overall, in-depth, and impartial analysis of the issues at stake, and to bridge the gap between technology and law, between governments and privacy activists, between cryptographers and law-enforcement agencies.
Energy-Efficient Implementation of ECDH Key Exchange for Wireless Sensor Networks
Lederer, Christian; Mader, Roland; Koschuch, Manuel; Großschädl, Johann; Szekely, Alexander; Tillich, Stefan
Wireless Sensor Networks (WSNs) are playing a vital role in an ever-growing number of applications ranging from environmental surveillance over medical monitoring to home automation. Since WSNs are often deployed in unattended or even hostile environments, they can be subject to various malicious attacks, including the manipulation and capture of nodes. The establishment of a shared secret key between two or more individual nodes is one of the most important security services needed to guarantee the proper functioning of a sensor network. Despite some recent advances in this field, the efficient implementation of cryptographic key establishment for WSNs remains a challenge due to the resource constraints of small sensor nodes such as the MICAz mote. In this paper we present a lightweight implementation of the elliptic curve Diffie-Hellman (ECDH) key exchange for ZigBee-compliant sensor nodes equipped with an ATmega128 processor running the TinyOS operating system. Our implementation uses a 192-bit prime field specified by the NIST as underlying algebraic structure and requires only 5.20 ·106 clock cycles to compute a scalar multiplication if the base point is fixed and known a priori. A scalar multiplication using a random base point takes about 12.33 ·106 cycles. Our results show that a full ECDH key exchange between two MICAz motes consumes an energy of 57.33 mJ (including radio communication), which is significantly better than most previously reported ECDH implementations on comparable platforms.
Directory of Open Access Journals (Sweden)
Sari Agustini Hafman
2013-05-01
Full Text Available According to Kerchoffs (1883, the security system should only rely on cryptographic keys which is used in that system. Generally, the key sequences are generated by a Pseudo Random Number Generator (PRNG or Random Number Generator (RNG. There are three types of randomness sequences that generated by the RNG and PRNG i.e. pseudorandom sequence, cryptographically secure pseudorandom sequences, and real random sequences. Several statistical tests, including diehard battery of tests of randomness, is used to check the type of randomness sequences that generated by PRNG or RNG. Due to its purpose, the principle on taking the testing parameters and the test statistic are associated with the validity of the conclusion produced by a statistical test, then the theoretical analysis is performed by applying a variety of statistical theory to evaluate craps test, one of the test included in the diehard battery of randomness tests. Craps test, inspired by craps game, aims to examine whether a PRNG produces an independent and identically distributed (iid pseudorandom sequences. To demonstrate the process to produce a test statistics equation and to show how craps games applied on that test, will be carried out theoretical analysis by applying a variety of statistical theory. Furthermore, empirical observations will be done by applying craps test on a PRNG in order to check the test effectiveness in detecting the distribution and independency of sequences which produced by PRNG
Hardware device to physical structure binding and authentication
Hamlet, Jason R.; Stein, David J.; Bauer, Todd M.
2013-08-20
Detection and deterrence of device tampering and subversion may be achieved by including a cryptographic fingerprint unit within a hardware device for authenticating a binding of the hardware device and a physical structure. The cryptographic fingerprint unit includes an internal physically unclonable function ("PUF") circuit disposed in or on the hardware device, which generate an internal PUF value. Binding logic is coupled to receive the internal PUF value, as well as an external PUF value associated with the physical structure, and generates a binding PUF value, which represents the binding of the hardware device and the physical structure. The cryptographic fingerprint unit also includes a cryptographic unit that uses the binding PUF value to allow a challenger to authenticate the binding.
Wireless Physical Layer Security: On the Performance Limit of Secret-Key Agreement
Zorgui, Marwen
2015-01-01
Physical layer security (PLS) is a new paradigm aiming at securing communications between legitimate parties at the physical layer. Conventionally, achieving confidentiality in communication networks relies on cryptographic techniques such as public
Foundations of mechanism design: A tutorial Part 1 – Key concepts ...
Indian Academy of Sciences (India)
social choice theory (The Nobel Foundation 2007), computer science (Nisan et al .... progress in the recent past in applying cryptographic tools and techniques to ...... Again by making use of statistical independence we can rewrite the above ...
A STUDY ON BIOMETRIC TEMPLATE SECURITY
Directory of Open Access Journals (Sweden)
N. Radha
2010-07-01
Full Text Available The increasing popularity of biometrics and cryptography is driven by the widespread stipulation on information security. Abundant efforts have been made in developing successful methods in these areas in order to accomplish an enhanced level of information security. There are two dominant issues in information security enhancement. One is to defend the user ownership and control the access to information by authenticating an individual’s identity. The other is to make sure the privacy and integrity of information and to secure communication. Cryptography is the science of writing in secret code. Secret-key cryptography and public-key cryptography are the two most important cryptographic architectures. The security of a cryptographic system is reliant on the secrecy of the cryptographic key. Biometric authentication or simply biometrics refers to establishing automatic personal recognition based on the physical and behavioral characteristics of an individual (e.g. face, voice, fingerprint, gait, hand geometry, iris, gene, etc.. Biometrics offers superior security and easier than traditional identity authentication systems (based on passwords and cryptographic keys.Since biometrics characteristics are naturally related with a particular individual, making them insusceptible to being stolen, forgotten, lost or attached. This paper presents a survey on various techniques proposed earlier in developing an authentication system for ensuring individual’s information security by combining biometric characteristics of that particular individual and the cryptographic techniques. In addition, it provides some fundamental idea for future research that may help in eliminating the problems associated with the present authentication systems.
Key distribution in PKC through Quantas
Aditya Goel
2010-01-01
Cryptography literally means "The art & science of secret writing & sending a message between two parties in such a way that its contents cannot be understood by someone other than the intended recipient". and Quantum word is related with "Light". Thus, Quantum Cryptography is a way of descripting any information in the form of quantum particles. There are no classical cryptographic systems which are perfectly secure. In contrast to Classical cryptography which depends upon Mathematics, Quant...
Hassan, Waleed K.; Al-Assam, Hisham
2017-05-01
The main problem associated with using symmetric/ asymmetric keys is how to securely store and exchange the keys between the parties over open networks particularly in the open environment such as cloud computing. Public Key Infrastructure (PKI) have been providing a practical solution for session key exchange for loads of web services. The key limitation of PKI solution is not only the need for a trusted third partly (e.g. certificate authority) but also the absent link between data owner and the encryption keys. The latter is arguably more important where accessing data needs to be linked with identify of the owner. Currently available key exchange protocols depend on using trusted couriers or secure channels, which can be subject to man-in-the-middle attack and various other attacks. This paper proposes a new protocol for Key Exchange using Biometric Identity Based Encryption (KE-BIBE) that enables parties to securely exchange cryptographic keys even an adversary is monitoring the communication channel between the parties. The proposed protocol combines biometrics with IBE in order to provide a secure way to access symmetric keys based on the identity of the users in unsecure environment. In the KE-BIOBE protocol, the message is first encrypted by the data owner using a traditional symmetric key before migrating it to a cloud storage. The symmetric key is then encrypted using public biometrics of the users selected by data owner to decrypt the message based on Fuzzy Identity-Based Encryption. Only the selected users will be able to decrypt the message by providing a fresh sample of their biometric data. The paper argues that the proposed solution eliminates the needs for a key distribution centre in traditional cryptography. It will also give data owner the power of finegrained sharing of encrypted data by control who can access their data.
Efficient generation of photonic entanglement and multiparty quantum communication
Energy Technology Data Exchange (ETDEWEB)
Trojek, Pavel
2007-09-15
This thesis deals largely with the problem of efficient generation of photonic entanglement with the principal aim of developing a bright source of polarization-entangled photon pairs, which meets the requirements for reliable and economic operation of quantum communication prototypes and demonstrators. Our approach uses a cor-related photon-pair emission in nonlinear process of spontaneous parametric downconversion pumped by light coming from a compact and cheap blue laser diode. Two alternative source configurations are examined within the thesis. The first makes use of a well established concept of degenerate non-collinear emission from a single type-II nonlinear crystal and the second relies on a novel method where the emissions from two adjacent type-I phase-matched nonlinear crystals operated in collinear non-degenerate regime are coherently overlapped. The latter approach showed to be more effective, yielding a total detected rate of almost 10{sup 6} pairs/s at >98% quantum interference visibility of polarization correlations. The second issue addressed within the thesis is the simplification and practical implementation of quantum-assisted solutions to multiparty communication tasks. We show that entanglement is not the only non-classical resource endowing the quantum multiparty information processing its power. Instead, only the sequential communication and transformation of a single qubit can be sufficient to accomplish certain tasks. This we prove for two distinct communication tasks, secret sharing and communication complexity. Whereas the goal of the first is to split a cryptographic key among several parties in a way that its reconstruction requires their collaboration, the latter aims at reducing the amount of communication during distributed computational tasks. Importantly, our qubitassisted solutions to the problems are feasible with state-of-the-art technology. This we clearly demonstrate in the laboratory implementation for 6 and 5 parties
Efficient generation of photonic entanglement and multiparty quantum communication
International Nuclear Information System (INIS)
Trojek, Pavel
2007-09-01
This thesis deals largely with the problem of efficient generation of photonic entanglement with the principal aim of developing a bright source of polarization-entangled photon pairs, which meets the requirements for reliable and economic operation of quantum communication prototypes and demonstrators. Our approach uses a cor-related photon-pair emission in nonlinear process of spontaneous parametric downconversion pumped by light coming from a compact and cheap blue laser diode. Two alternative source configurations are examined within the thesis. The first makes use of a well established concept of degenerate non-collinear emission from a single type-II nonlinear crystal and the second relies on a novel method where the emissions from two adjacent type-I phase-matched nonlinear crystals operated in collinear non-degenerate regime are coherently overlapped. The latter approach showed to be more effective, yielding a total detected rate of almost 10 6 pairs/s at >98% quantum interference visibility of polarization correlations. The second issue addressed within the thesis is the simplification and practical implementation of quantum-assisted solutions to multiparty communication tasks. We show that entanglement is not the only non-classical resource endowing the quantum multiparty information processing its power. Instead, only the sequential communication and transformation of a single qubit can be sufficient to accomplish certain tasks. This we prove for two distinct communication tasks, secret sharing and communication complexity. Whereas the goal of the first is to split a cryptographic key among several parties in a way that its reconstruction requires their collaboration, the latter aims at reducing the amount of communication during distributed computational tasks. Importantly, our qubitassisted solutions to the problems are feasible with state-of-the-art technology. This we clearly demonstrate in the laboratory implementation for 6 and 5 parties
Sriram, Vinay K; Montgomery, Doug
2017-07-01
The Internet is subject to attacks due to vulnerabilities in its routing protocols. One proposed approach to attain greater security is to cryptographically protect network reachability announcements exchanged between Border Gateway Protocol (BGP) routers. This study proposes and evaluates the performance and efficiency of various optimization algorithms for validation of digitally signed BGP updates. In particular, this investigation focuses on the BGPSEC (BGP with SECurity extensions) protocol, currently under consideration for standardization in the Internet Engineering Task Force. We analyze three basic BGPSEC update processing algorithms: Unoptimized, Cache Common Segments (CCS) optimization, and Best Path Only (BPO) optimization. We further propose and study cache management schemes to be used in conjunction with the CCS and BPO algorithms. The performance metrics used in the analyses are: (1) routing table convergence time after BGPSEC peering reset or router reboot events and (2) peak-second signature verification workload. Both analytical modeling and detailed trace-driven simulation were performed. Results show that the BPO algorithm is 330% to 628% faster than the unoptimized algorithm for routing table convergence in a typical Internet core-facing provider edge router.
Simple method of generating and distributing frequency-entangled qudits
Jin, Rui-Bo; Shimizu, Ryosuke; Fujiwara, Mikio; Takeoka, Masahiro; Wakabayashi, Ryota; Yamashita, Taro; Miki, Shigehito; Terai, Hirotaka; Gerrits, Thomas; Sasaki, Masahide
2016-11-01
High-dimensional, frequency-entangled photonic quantum bits (qudits for d-dimension) are promising resources for quantum information processing in an optical fiber network and can also be used to improve channel capacity and security for quantum communication. However, up to now, it is still challenging to prepare high-dimensional frequency-entangled qudits in experiments, due to technical limitations. Here we propose and experimentally implement a novel method for a simple generation of frequency-entangled qudts with d\\gt 10 without the use of any spectral filters or cavities. The generated state is distributed over 15 km in total length. This scheme combines the technique of spectral engineering of biphotons generated by spontaneous parametric down-conversion and the technique of spectrally resolved Hong-Ou-Mandel interference. Our frequency-entangled qudits will enable quantum cryptographic experiments with enhanced performances. This distribution of distinct entangled frequency modes may also be useful for improved metrology, quantum remote synchronization, as well as for fundamental test of stronger violation of local realism.
An enhanced chaotic key-based RC5 block cipher adapted to image encryption
Faragallah, Osama S.
2012-07-01
RC5 is a block cipher that has several salient features such as adaptability to process different word lengths with a variable block size, a variable number of rounds and a variable-length secret key. However, RC5 can be broken with various attacks such as correlation attack, timing attack, known plaintext correlation attack and differential attacks, revealing weak security. We aimed to enhance the RC5 block cipher to be more secure and efficient for real-time applications while preserving its advantages. For this purpose, this article introduces a new approach based on strengthening both the confusion and diffusion operations by combining chaos and cryptographic primitive operations to produce round keys with better pseudo-random sequences. Comparative security analysis and performance evaluation of the enhanced RC5 block cipher (ERC5) with RC5, RC6 and chaotic block cipher algorithm (CBCA) are addressed. Several test images are used for inspecting the validity of the encryption and decryption algorithms. The experimental results show the superiority of the suggested enhanced RC5 (ERC5) block cipher to image encryption algorithms such as RC5, RC6 and CBCA from the security analysis and performance evaluation points of view.
Next generation DRM: cryptography or forensics?
Robert, Arnaud
2009-02-01
Current content protection systems rely primarily on applied cryptographic techniques but there is an increased use of forensic solutions in images, music and video distribution alike. The two approaches differ significantly, both in terms of technology and in terms of strategy, and thus it begs the question: will one approach take over in the long run, and if so which one? Discussing the evolution of both cryptographic and forensic solutions, we conclude that neither approach is ideal for all constituents, and that in the video space at least they will continue to co-exist for the foreseeable future - even if this may not be the case for other media types. We also analyze shortcomings of these approaches, and suggest that new solutions are necessary in this still emerging marketplace.
Logistic chaotic maps for binary numbers generations
International Nuclear Information System (INIS)
Kanso, Ali; Smaoui, Nejib
2009-01-01
Two pseudorandom binary sequence generators, based on logistic chaotic maps intended for stream cipher applications, are proposed. The first is based on a single one-dimensional logistic map which exhibits random, noise-like properties at given certain parameter values, and the second is based on a combination of two logistic maps. The encryption step proposed in both algorithms consists of a simple bitwise XOR operation of the plaintext binary sequence with the keystream binary sequence to produce the ciphertext binary sequence. A threshold function is applied to convert the floating-point iterates into binary form. Experimental results show that the produced sequences possess high linear complexity and very good statistical properties. The systems are put forward for security evaluation by the cryptographic committees.
Joux, Antoine
2009-01-01
Illustrating the power of algorithms, Algorithmic Cryptanalysis describes algorithmic methods with cryptographically relevant examples. Focusing on both private- and public-key cryptographic algorithms, it presents each algorithm either as a textual description, in pseudo-code, or in a C code program.Divided into three parts, the book begins with a short introduction to cryptography and a background chapter on elementary number theory and algebra. It then moves on to algorithms, with each chapter in this section dedicated to a single topic and often illustrated with simple cryptographic applic
Enhancing LoRaWAN Security through a Lightweight and Authenticated Key Management Approach.
Sanchez-Iborra, Ramon; Sánchez-Gómez, Jesús; Pérez, Salvador; Fernández, Pedro J; Santa, José; Hernández-Ramos, José L; Skarmeta, Antonio F
2018-06-05
Luckily, new communication technologies and protocols are nowadays designed considering security issues. A clear example of this can be found in the Internet of Things (IoT) field, a quite recent area where communication technologies such as ZigBee or IPv6 over Low power Wireless Personal Area Networks (6LoWPAN) already include security features to guarantee authentication, confidentiality and integrity. More recent technologies are Low-Power Wide-Area Networks (LP-WAN), which also consider security, but present initial approaches that can be further improved. An example of this can be found in Long Range (LoRa) and its layer-two supporter LoRa Wide Area Network (LoRaWAN), which include a security scheme based on pre-shared cryptographic material lacking flexibility when a key update is necessary. Because of this, in this work, we evaluate the security vulnerabilities of LoRaWAN in the area of key management and propose different alternative schemes. Concretely, the application of an approach based on the recently specified Ephemeral Diffie⁻Hellman Over COSE (EDHOC) is found as a convenient solution, given its flexibility in the update of session keys, its low computational cost and the limited message exchanges needed. A comparative conceptual analysis considering the overhead of different security schemes for LoRaWAN is carried out in order to evaluate their benefits in the challenging area of LP-WAN.
Das, Ashok Kumar; Odelu, Vanga; Goswami, Adrijit
2015-09-01
The telecare medicine information system (TMIS) helps the patients to gain the health monitoring facility at home and access medical services over the Internet of mobile networks. Recently, Amin and Biswas presented a smart card based user authentication and key agreement security protocol usable for TMIS system using the cryptographic one-way hash function and biohashing function, and claimed that their scheme is secure against all possible attacks. Though their scheme is efficient due to usage of one-way hash function, we show that their scheme has several security pitfalls and design flaws, such as (1) it fails to protect privileged-insider attack, (2) it fails to protect strong replay attack, (3) it fails to protect strong man-in-the-middle attack, (4) it has design flaw in user registration phase, (5) it has design flaw in login phase, (6) it has design flaw in password change phase, (7) it lacks of supporting biometric update phase, and (8) it has flaws in formal security analysis. In order to withstand these security pitfalls and design flaws, we aim to propose a secure and robust user authenticated key agreement scheme for the hierarchical multi-server environment suitable in TMIS using the cryptographic one-way hash function and fuzzy extractor. Through the rigorous security analysis including the formal security analysis using the widely-accepted Burrows-Abadi-Needham (BAN) logic, the formal security analysis under the random oracle model and the informal security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme using the most-widely accepted and used Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The simulation results show that our scheme is also secure. Our scheme is more efficient in computation and communication as compared to Amin-Biswas's scheme and other related schemes. In addition, our scheme supports extra functionality features as compared to
Two-Dimensional Key Table-Based Group Key Distribution in Advanced Metering Infrastructure
Directory of Open Access Journals (Sweden)
Woong Go
2014-01-01
Full Text Available A smart grid provides two-way communication by using the information and communication technology. In order to establish two-way communication, the advanced metering infrastructure (AMI is used in the smart grid as the core infrastructure. This infrastructure consists of smart meters, data collection units, maintenance data management systems, and so on. However, potential security problems of the AMI increase owing to the application of the public network. This is because the transmitted information is electricity consumption data for charging. Thus, in order to establish a secure connection to transmit electricity consumption data, encryption is necessary, for which key distribution is required. Further, a group key is more efficient than a pairwise key in the hierarchical structure of the AMI. Therefore, we propose a group key distribution scheme using a two-dimensional key table through the analysis result of the sensor network group key distribution scheme. The proposed scheme has three phases: group key predistribution, selection of group key generation element, and generation of group key.
Kong, Siu Cheung; Li, Ping; Song, Yanjie
2018-01-01
This study evaluated a bilingual text-mining system, which incorporated a bilingual taxonomy of key words and provided hierarchical visualization, for understanding learner-generated text in the learning management systems through automatic identification and counting of matching key words. A class of 27 in-service teachers studied a course…
Key findings from the artist project on aerosol retention in a dry steam generator
International Nuclear Information System (INIS)
Dehbi, Abedeloahab; Suckow, Deltef; Lind, Tettaliisa; Guentat, Salih; Danner, Steffen; Mukin, Roman
2016-01-01
A steam generator tube rupture (SGTR) event with a stuck-open safety relief valve constitutes one of the most serious accident sequences in pressurized water reactors (PWRs) because it may create an open path for radioactive aerosol release into the environment. The release may be mitigated by the deposition of fission product particles on a steam generator's (SG's) dry tubes and structures or by scrubbing in the secondary coolant. However, the absence of empirical data, the complexity of the geometry, and the controlling processes have, until recently, made any quantification of retention difficult to justify. As a result, past risk assessment studies typically took little or no credit for aerosol retention in SGTR sequences. To provide these missing data, the Paul Scherrer Institute (PSI) initiated the Aerosol Trapping In Steam GeneraTor (ARTIST) Project, which aimed to thoroughly investigate various aspects of aerosol removal in the secondary side of a breached steam generator. Between 2003 and 2011, the PSI has led the ARTIST Project, which involved intense collaboration between nearly 20 international partners. This summary paper presents key findings of experimental and analytical work conducted at the PSI within the ARTIST program
Key findings from the artist project on aerosol retention in a dry steam generator
Energy Technology Data Exchange (ETDEWEB)
Dehbi, Abedeloahab; Suckow, Deltef; Lind, Tettaliisa; Guentat, Salih; Danner, Steffen; Mukin, Roman [Nuclear Energy and Safety Research Department, Paul Scherrer Institute, Villigen (Switzerland)
2016-08-15
A steam generator tube rupture (SGTR) event with a stuck-open safety relief valve constitutes one of the most serious accident sequences in pressurized water reactors (PWRs) because it may create an open path for radioactive aerosol release into the environment. The release may be mitigated by the deposition of fission product particles on a steam generator's (SG's) dry tubes and structures or by scrubbing in the secondary coolant. However, the absence of empirical data, the complexity of the geometry, and the controlling processes have, until recently, made any quantification of retention difficult to justify. As a result, past risk assessment studies typically took little or no credit for aerosol retention in SGTR sequences. To provide these missing data, the Paul Scherrer Institute (PSI) initiated the Aerosol Trapping In Steam GeneraTor (ARTIST) Project, which aimed to thoroughly investigate various aspects of aerosol removal in the secondary side of a breached steam generator. Between 2003 and 2011, the PSI has led the ARTIST Project, which involved intense collaboration between nearly 20 international partners. This summary paper presents key findings of experimental and analytical work conducted at the PSI within the ARTIST program.
Key Findings from the Artist Project on Aerosol Retention in a Dry Steam Generator
Directory of Open Access Journals (Sweden)
Abdelouahab Dehbi
2016-08-01
Full Text Available A steam generator tube rupture (SGTR event with a stuck-open safety relief valve constitutes one of the most serious accident sequences in pressurized water reactors (PWRs because it may create an open path for radioactive aerosol release into the environment. The release may be mitigated by the deposition of fission product particles on a steam generator's (SG's dry tubes and structures or by scrubbing in the secondary coolant. However, the absence of empirical data, the complexity of the geometry, and the controlling processes have, until recently, made any quantification of retention difficult to justify. As a result, past risk assessment studies typically took little or no credit for aerosol retention in SGTR sequences. To provide these missing data, the Paul Scherrer Institute (PSI initiated the Aerosol Trapping In Steam GeneraTor (ARTIST Project, which aimed to thoroughly investigate various aspects of aerosol removal in the secondary side of a breached steam generator. Between 2003 and 2011, the PSI has led the ARTIST Project, which involved intense collaboration between nearly 20 international partners. This summary paper presents key findings of experimental and analytical work conducted at the PSI within the ARTIST program.
A pipelined FPGA implementation of an encryption algorithm based on genetic algorithm
Thirer, Nonel
2013-05-01
With the evolution of digital data storage and exchange, it is essential to protect the confidential information from every unauthorized access. High performance encryption algorithms were developed and implemented by software and hardware. Also many methods to attack the cipher text were developed. In the last years, the genetic algorithm has gained much interest in cryptanalysis of cipher texts and also in encryption ciphers. This paper analyses the possibility to use the genetic algorithm as a multiple key sequence generator for an AES (Advanced Encryption Standard) cryptographic system, and also to use a three stages pipeline (with four main blocks: Input data, AES Core, Key generator, Output data) to provide a fast encryption and storage/transmission of a large amount of data.
Attacks on quantum key distribution protocols that employ non-ITS authentication
Pacher, C.; Abidin, A.; Lorünser, T.; Peev, M.; Ursin, R.; Zeilinger, A.; Larsson, J.-Å.
2016-01-01
We demonstrate how adversaries with large computing resources can break quantum key distribution (QKD) protocols which employ a particular message authentication code suggested previously. This authentication code, featuring low key consumption, is not information-theoretically secure (ITS) since for each message the eavesdropper has intercepted she is able to send a different message from a set of messages that she can calculate by finding collisions of a cryptographic hash function. However, when this authentication code was introduced, it was shown to prevent straightforward man-in-the-middle (MITM) attacks against QKD protocols. In this paper, we prove that the set of messages that collide with any given message under this authentication code contains with high probability a message that has small Hamming distance to any other given message. Based on this fact, we present extended MITM attacks against different versions of BB84 QKD protocols using the addressed authentication code; for three protocols, we describe every single action taken by the adversary. For all protocols, the adversary can obtain complete knowledge of the key, and for most protocols her success probability in doing so approaches unity. Since the attacks work against all authentication methods which allow to calculate colliding messages, the underlying building blocks of the presented attacks expose the potential pitfalls arising as a consequence of non-ITS authentication in QKD post-processing. We propose countermeasures, increasing the eavesdroppers demand for computational power, and also prove necessary and sufficient conditions for upgrading the discussed authentication code to the ITS level.
Pseudo-random number generator based on asymptotic deterministic randomness
Wang, Kai; Pei, Wenjiang; Xia, Haishan; Cheung, Yiu-ming
2008-06-01
A novel approach to generate the pseudorandom-bit sequence from the asymptotic deterministic randomness system is proposed in this Letter. We study the characteristic of multi-value correspondence of the asymptotic deterministic randomness constructed by the piecewise linear map and the noninvertible nonlinearity transform, and then give the discretized systems in the finite digitized state space. The statistic characteristics of the asymptotic deterministic randomness are investigated numerically, such as stationary probability density function and random-like behavior. Furthermore, we analyze the dynamics of the symbolic sequence. Both theoretical and experimental results show that the symbolic sequence of the asymptotic deterministic randomness possesses very good cryptographic properties, which improve the security of chaos based PRBGs and increase the resistance against entropy attacks and symbolic dynamics attacks.
Pseudo-random number generator based on asymptotic deterministic randomness
International Nuclear Information System (INIS)
Wang Kai; Pei Wenjiang; Xia Haishan; Cheung Yiuming
2008-01-01
A novel approach to generate the pseudorandom-bit sequence from the asymptotic deterministic randomness system is proposed in this Letter. We study the characteristic of multi-value correspondence of the asymptotic deterministic randomness constructed by the piecewise linear map and the noninvertible nonlinearity transform, and then give the discretized systems in the finite digitized state space. The statistic characteristics of the asymptotic deterministic randomness are investigated numerically, such as stationary probability density function and random-like behavior. Furthermore, we analyze the dynamics of the symbolic sequence. Both theoretical and experimental results show that the symbolic sequence of the asymptotic deterministic randomness possesses very good cryptographic properties, which improve the security of chaos based PRBGs and increase the resistance against entropy attacks and symbolic dynamics attacks
Quantum Data Locking for Secure Communication against an Eavesdropper with Time-Limited Storage
Directory of Open Access Journals (Sweden)
Cosmo Lupo
2015-05-01
Full Text Available Quantum cryptography allows for unconditionally secure communication against an eavesdropper endowed with unlimited computational power and perfect technologies, who is only constrained by the laws of physics. We review recent results showing that, under the assumption that the eavesdropper can store quantum information only for a limited time, it is possible to enhance the performance of quantum key distribution in both a quantitative and qualitative fashion. We consider quantum data locking as a cryptographic primitive and discuss secure communication and key distribution protocols. For the case of a lossy optical channel, this yields the theoretical possibility of generating secret key at a constant rate of 1 bit per mode at arbitrarily long communication distances.
Attack strategies on quantum cryptographic protocols
International Nuclear Information System (INIS)
Schauer, S.; Suda, M.
2006-01-01
Full text: Quantum key distribution (QKD) and quantum authentication (QA) have been a topic of extensive research in the last 20 years. In course of that many attacks on QKD and QA protocols have been studied. Among these, Zhang, Lee and Guo presented an attack on a QKD protocol using entanglement swapping. Based on that strategy we take a look at other protocols to inspect how much information an adversary may get if he shares entanglement with either one or both parties. We will present some protocols where an adversary can even get full information about the key using entanglement. (author)
Aryanti, Aryanti; Mekongga, Ikhthison
2018-02-01
Data security and confidentiality is one of the most important aspects of information systems at the moment. One attempt to secure data such as by using cryptography. In this study developed a data security system by implementing the cryptography algorithm Rivest, Shamir Adleman (RSA) and Vigenere Cipher. The research was done by combining Rivest, Shamir Adleman (RSA) and Vigenere Cipher cryptographic algorithms to document file either word, excel, and pdf. This application includes the process of encryption and decryption of data, which is created by using PHP software and my SQL. Data encryption is done on the transmit side through RSA cryptographic calculations using the public key, then proceed with Vigenere Cipher algorithm which also uses public key. As for the stage of the decryption side received by using the Vigenere Cipher algorithm still use public key and then the RSA cryptographic algorithm using a private key. Test results show that the system can encrypt files, decrypt files and transmit files. Tests performed on the process of encryption and decryption of files with different file sizes, file size affects the process of encryption and decryption. The larger the file size the longer the process of encryption and decryption.
Enhancing LoRaWAN Security through a Lightweight and Authenticated Key Management Approach
Directory of Open Access Journals (Sweden)
Ramon Sanchez-Iborra
2018-06-01
Full Text Available Luckily, new communication technologies and protocols are nowadays designed considering security issues. A clear example of this can be found in the Internet of Things (IoT field, a quite recent area where communication technologies such as ZigBee or IPv6 over Low power Wireless Personal Area Networks (6LoWPAN already include security features to guarantee authentication, confidentiality and integrity. More recent technologies are Low-Power Wide-Area Networks (LP-WAN, which also consider security, but present initial approaches that can be further improved. An example of this can be found in Long Range (LoRa and its layer-two supporter LoRa Wide Area Network (LoRaWAN, which include a security scheme based on pre-shared cryptographic material lacking flexibility when a key update is necessary. Because of this, in this work, we evaluate the security vulnerabilities of LoRaWAN in the area of key management and propose different alternative schemes. Concretely, the application of an approach based on the recently specified Ephemeral Diffie–Hellman Over COSE (EDHOC is found as a convenient solution, given its flexibility in the update of session keys, its low computational cost and the limited message exchanges needed. A comparative conceptual analysis considering the overhead of different security schemes for LoRaWAN is carried out in order to evaluate their benefits in the challenging area of LP-WAN.
Revocable identity-based proxy re-signature against signing key exposure.
Yang, Xiaodong; Chen, Chunlin; Ma, Tingchun; Wang, Jinli; Wang, Caifen
2018-01-01
Identity-based proxy re-signature (IDPRS) is a novel cryptographic primitive that allows a semi-trusted proxy to convert a signature under one identity into another signature under another identity on the same message by using a re-signature key. Due to this transformation function, IDPRS is very useful in constructing privacy-preserving schemes for various information systems. Key revocation functionality is important in practical IDPRS for managing users dynamically; however, the existing IDPRS schemes do not provide revocation mechanisms that allow the removal of misbehaving or compromised users from the system. In this paper, we first introduce a notion called revocable identity-based proxy re-signature (RIDPRS) to achieve the revocation functionality. We provide a formal definition of RIDPRS as well as its security model. Then, we present a concrete RIDPRS scheme that can resist signing key exposure and prove that the proposed scheme is existentially unforgeable against adaptive chosen identity and message attacks in the standard model. To further improve the performance of signature verification in RIDPRS, we introduce a notion called server-aided revocable identity-based proxy re-signature (SA-RIDPRS). Moreover, we extend the proposed RIDPRS scheme to the SA-RIDPRS scheme and prove that this extended scheme is secure against adaptive chosen message and collusion attacks. The analysis results show that our two schemes remain efficient in terms of computational complexity when implementing user revocation procedures. In particular, in the SA-RIDPRS scheme, the verifier needs to perform only a bilinear pairing and four exponentiation operations to verify the validity of the signature. Compared with other IDPRS schemes in the standard model, our SA-RIDPRS scheme greatly reduces the computation overhead of verification.
A Note on 5-bit Quadratic Permutations’ Classification
Božilov, Dušan; Bilgin, Begül; Sahin, Hacı Ali
2017-01-01
Classification of vectorial Boolean functions up to affine equivalence is used widely to analyze various cryptographic and implementation properties of symmetric-key algorithms. We show that there exist 75 affine equivalence classes of 5-bit quadratic permutations. Furthermore, we explore important cryptographic properties of these classes, such as linear and differential properties and degrees of their inverses, together with multiplicative complexity and existence of uniform threshold reali...
Lee, Jeffrey S; Cleaver, Gerald B
2017-10-01
In this note, the Cosmic Microwave Background (CMB) Radiation is shown to be capable of functioning as a Random Bit Generator, and constitutes an effectively infinite supply of truly random one-time pad values of arbitrary length. It is further argued that the CMB power spectrum potentially conforms to the FIPS 140-2 standard. Additionally, its applicability to the generation of a (n × n) random key matrix for a Vernam cipher is established.
Miret, Josep M.; Sebé, Francesc
Low-cost devices are the key component of several applications: RFID tags permit an automated supply chain management while smart cards are a secure means of storing cryptographic keys required for remote and secure authentication in e-commerce and e-government applications. These devices must be cheap in order to permit their cost-effective massive manufacturing and deployment. Unfortunately, their low cost limits their computational power. Other devices such as nodes of sensor networks suffer from an additional constraint, namely, their limited battery life. Secure applications designed for these devices cannot make use of classical cryptographic primitives designed for full-fledged computers.
EPCGen2 Pseudorandom Number Generators: Analysis of J3Gen
Directory of Open Access Journals (Sweden)
Alberto Peinado
2014-04-01
Full Text Available This paper analyzes the cryptographic security of J3Gen, a promising pseudo random number generator for low-cost passive Radio Frequency Identification (RFID tags. Although J3Gen has been shown to fulfill the randomness criteria set by the EPCglobal Gen2 standard and is intended for security applications, we describe here two cryptanalytic attacks that question its security claims: (i a probabilistic attack based on solving linear equation systems; and (ii a deterministic attack based on the decimation of the output sequence. Numerical results, supported by simulations, show that for the specific recommended values of the configurable parameters, a low number of intercepted output bits are enough to break J3Gen. We then make some recommendations that address these issues.
Securing Wireless Communications of the Internet of Things from the Physical Layer, An Overview
Zhang, Junqing; Duong, Trung; Woods, Roger; Marshall, Alan
2017-08-01
The security of the Internet of Things (IoT) is receiving considerable interest as the low power constraints and complexity features of many IoT devices are limiting the use of conventional cryptographic techniques. This article provides an overview of recent research efforts on alternative approaches for securing IoT wireless communications at the physical layer, specifically the key topics of key generation and physical layer encryption. These schemes can be implemented and are lightweight, and thus offer practical solutions for providing effective IoT wireless security. Future research to make IoT-based physical layer security more robust and pervasive is also covered.
Energy Technology Data Exchange (ETDEWEB)
Stipčević, Mario, E-mail: mario.stipcevic@irb.hr [Photonics and Quantum Optics Research Unit, Center of Excellence for Advanced Materials and Sensing Devices, Ruđer Bošković Institute, Bijenička 54, 10000 Zagreb (Croatia)
2016-03-15
In this work, a new type of elementary logic circuit, named random flip-flop (RFF), is proposed, experimentally realized, and studied. Unlike conventional Boolean logic circuits whose action is deterministic and highly reproducible, the action of a RFF is intentionally made maximally unpredictable and, in the proposed realization, derived from a fundamentally random process of emission and detection of light quanta. We demonstrate novel applications of RFF in randomness preserving frequency division, random frequency synthesis, and random number generation. Possible usages of these applications in the information and communication technology, cryptographic hardware, and testing equipment are discussed.
International Nuclear Information System (INIS)
Evdokimov, Nikolai V; Komolov, Pavel V; Komolov, Vladimir P
2001-01-01
The sign correlation of quasiperiodic oscillations with close incommensurable frequencies forms a dynamic chaos, which interferes like noise with a single interference peak and is controlled by the delay of its constituent oscillations. This property of oscillations with incommensurable frequencies can be employed in multichannel information transfer systems to form radar reception patterns and obtain uninterrupted coherent key streams in symmetric cryptographic systems. The review of known results on the generation and properties of quasiperiodic oscillations is complemented by a description of new experiments. (methodological notes)
Directory of Open Access Journals (Sweden)
Ki-Wook Kim
2017-09-01
Full Text Available Many Internet of Things (IoT services utilize an IoT access network to connect small devices with remote servers. They can share an access network with standard communication technology, such as IEEE 802.11ah. However, an authentication and key management (AKM mechanism for resource constrained IoT devices using IEEE 802.11ah has not been proposed as yet. We therefore propose a new AKM mechanism for an IoT access network, which is based on IEEE 802.11 key management with the IEEE 802.1X authentication mechanism. The proposed AKM mechanism does not require any pre-configured security information between the access network domain and the IoT service domain. It considers the resource constraints of IoT devices, allowing IoT devices to delegate the burden of AKM processes to a powerful agent. The agent has sufficient power to support various authentication methods for the access point, and it performs cryptographic functions for the IoT devices. Performance analysis shows that the proposed mechanism greatly reduces computation costs, network costs, and memory usage of the resource-constrained IoT device as compared to the existing IEEE 802.11 Key Management with the IEEE 802.1X authentication mechanism.
Kim, Ki-Wook; Han, Youn-Hee; Min, Sung-Gi
2017-09-21
Many Internet of Things (IoT) services utilize an IoT access network to connect small devices with remote servers. They can share an access network with standard communication technology, such as IEEE 802.11ah. However, an authentication and key management (AKM) mechanism for resource constrained IoT devices using IEEE 802.11ah has not been proposed as yet. We therefore propose a new AKM mechanism for an IoT access network, which is based on IEEE 802.11 key management with the IEEE 802.1X authentication mechanism. The proposed AKM mechanism does not require any pre-configured security information between the access network domain and the IoT service domain. It considers the resource constraints of IoT devices, allowing IoT devices to delegate the burden of AKM processes to a powerful agent. The agent has sufficient power to support various authentication methods for the access point, and it performs cryptographic functions for the IoT devices. Performance analysis shows that the proposed mechanism greatly reduces computation costs, network costs, and memory usage of the resource-constrained IoT device as compared to the existing IEEE 802.11 Key Management with the IEEE 802.1X authentication mechanism.
Quantum Security of Cryptographic Primitives
Gagliardoni, Tommaso
2017-01-01
We call quantum security the area of IT security dealing with scenarios where one or more parties have access to quantum hardware. This encompasses both the fields of post-quantum cryptography (that is, traditional cryptography engineered to be resistant against quantum adversaries), and quantum cryptography (that is, security protocols designed to be natively run on a quantum infrastructure, such as quantum key distribution). Moreover, there exist also hybrid models, where traditional crypto...
Free-Space Quantum Key Distribution with a High Generation Rate KTP Waveguide Photon-Pair Source
Wilson, J.; Chaffee, D.; Wilson, N.; Lekki, J.; Tokars, R.; Pouch, J.; Lind, A.; Cavin, J.; Helmick, S.; Roberts, T.;
2016-01-01
NASA awarded Small Business Innovative Research (SBIR) contracts to AdvR, Inc to develop a high generation rate source of entangled photons that could be used to explore quantum key distribution (QKD) protocols. The final product, a photon pair source using a dual-element periodically- poled potassium titanyl phosphate (KTP) waveguide, was delivered to NASA Glenn Research Center in June of 2015. This paper describes the source, its characterization, and its performance in a B92 (Bennett, 1992) protocol QKD experiment.
Asymmetric cryptography based on wavefront sensing.
Peng, Xiang; Wei, Hengzheng; Zhang, Peng
2006-12-15
A system of asymmetric cryptography based on wavefront sensing (ACWS) is proposed for the first time to our knowledge. One of the most significant features of the asymmetric cryptography is that a trapdoor one-way function is required and constructed by analogy to wavefront sensing, in which the public key may be derived from optical parameters, such as the wavelength or the focal length, while the private key may be obtained from a kind of regular point array. The ciphertext is generated by the encoded wavefront and represented with an irregular array. In such an ACWS system, the encryption key is not identical to the decryption key, which is another important feature of an asymmetric cryptographic system. The processes of asymmetric encryption and decryption are formulized mathematically and demonstrated with a set of numerical experiments.
Directory of Open Access Journals (Sweden)
Afany Zeinata Firdaus
2013-12-01
Full Text Available In today's era of communication, online data transactions is increasing. Various information even more accessible, both upload and download. Because it takes a capable security system. Blowfish cryptographic equipped with Audio Steganography is one way to secure the data so that the data can not be accessed by unauthorized parties. In this study Audio Steganography technique is implemented using parity coding method that is used to send the key cryptography blowfish in e-commerce applications based on Android. The results obtained for the average computation time on stage insertion (embedding the secret message is shorter than the average computation time making phase (extracting the secret message. From the test results can also be seen that the more the number of characters pasted the greater the noise received, where the highest SNR is obtained when a character is inserted as many as 506 characters is equal to 11.9905 dB, while the lowest SNR obtained when a character is inserted as many as 2006 characters at 5,6897 dB . Keywords: audio steganograph, parity coding, embedding, extractin, cryptography blowfih.
Directory of Open Access Journals (Sweden)
Jeffrey S. Lee
2017-10-01
Full Text Available In this note, the Cosmic Microwave Background (CMB Radiation is shown to be capable of functioning as a Random Bit Generator, and constitutes an effectively infinite supply of truly random one-time pad values of arbitrary length. It is further argued that the CMB power spectrum potentially conforms to the FIPS 140-2 standard. Additionally, its applicability to the generation of a (n × n random key matrix for a Vernam cipher is established. Keywords: Particle physics, Computer science, Mathematics, Astrophysics
Directory of Open Access Journals (Sweden)
Aryanti Aryanti
2018-01-01
Full Text Available Data security and confidentiality is one of the most important aspects of information systems at the moment. One attempt to secure data such as by using cryptography. In this study developed a data security system by implementing the cryptography algorithm Rivest, Shamir Adleman (RSA and Vigenere Cipher. The research was done by combining Rivest, Shamir Adleman (RSA and Vigenere Cipher cryptographic algorithms to document file either word, excel, and pdf. This application includes the process of encryption and decryption of data, which is created by using PHP software and my SQL. Data encryption is done on the transmit side through RSA cryptographic calculations using the public key, then proceed with Vigenere Cipher algorithm which also uses public key. As for the stage of the decryption side received by using the Vigenere Cipher algorithm still use public key and then the RSA cryptographic algorithm using a private key. Test results show that the system can encrypt files, decrypt files and transmit files. Tests performed on the process of encryption and decryption of files with different file sizes, file size affects the process of encryption and decryption. The larger the file size the longer the process of encryption and decryption.
Autonomous Byte Stream Randomizer
Paloulian, George K.; Woo, Simon S.; Chow, Edward T.
2013-01-01
Net-centric networking environments are often faced with limited resources and must utilize bandwidth as efficiently as possible. In networking environments that span wide areas, the data transmission has to be efficient without any redundant or exuberant metadata. The Autonomous Byte Stream Randomizer software provides an extra level of security on top of existing data encryption methods. Randomizing the data s byte stream adds an extra layer to existing data protection methods, thus making it harder for an attacker to decrypt protected data. Based on a generated crypto-graphically secure random seed, a random sequence of numbers is used to intelligently and efficiently swap the organization of bytes in data using the unbiased and memory-efficient in-place Fisher-Yates shuffle method. Swapping bytes and reorganizing the crucial structure of the byte data renders the data file unreadable and leaves the data in a deconstructed state. This deconstruction adds an extra level of security requiring the byte stream to be reconstructed with the random seed in order to be readable. Once the data byte stream has been randomized, the software enables the data to be distributed to N nodes in an environment. Each piece of the data in randomized and distributed form is a separate entity unreadable on its own right, but when combined with all N pieces, is able to be reconstructed back to one. Reconstruction requires possession of the key used for randomizing the bytes, leading to the generation of the same cryptographically secure random sequence of numbers used to randomize the data. This software is a cornerstone capability possessing the ability to generate the same cryptographically secure sequence on different machines and time intervals, thus allowing this software to be used more heavily in net-centric environments where data transfer bandwidth is limited.
Breaking chaotic shift key communication via adaptive key identification
International Nuclear Information System (INIS)
Ren Haipeng; Han Chongzhao; Liu Ding
2008-01-01
This paper proposes an adaptive parameter identification method for breaking chaotic shift key communication from the transmitted signal in public channel. The sensitive dependence property of chaos on parameter mismatch is used for chaos adaptive synchronization and parameter identification. An index function about the synchronization error is defined and conjugate gradient method is used to minimize the index function and to search the transmitter's parameter (key). By using proposed method, secure key is recovered from transmitted signal generated by low dimensional chaos and hyper chaos switching communication. Multi-parameters can also be identified from the transmitted signal with noise
Lin, Guofen; Hong, Hanshu; Xia, Yunhao; Sun, Zhixin
2017-10-01
Attribute-based encryption (ABE) is an interesting cryptographic technique for flexible cloud data sharing access control. However, some open challenges hinder its practical application. In previous schemes, all attributes are considered as in the same status while they are not in most of practical scenarios. Meanwhile, the size of access policy increases dramatically with the raise of its expressiveness complexity. In addition, current research hardly notices that mobile front-end devices, such as smartphones, are poor in computational performance while too much bilinear pairing computation is needed for ABE. In this paper, we propose a key-policy weighted attribute-based encryption without bilinear pairing computation (KP-WABE-WB) for secure cloud data sharing access control. A simple weighted mechanism is presented to describe different importance of each attribute. We introduce a novel construction of ABE without executing any bilinear pairing computation. Compared to previous schemes, our scheme has a better performance in expressiveness of access policy and computational efficiency.
Color image encryption based on Coupled Nonlinear Chaotic Map
International Nuclear Information System (INIS)
Mazloom, Sahar; Eftekhari-Moghadam, Amir Masud
2009-01-01
Image encryption is somehow different from text encryption due to some inherent features of image such as bulk data capacity and high correlation among pixels, which are generally difficult to handle by conventional methods. The desirable cryptographic properties of the chaotic maps such as sensitivity to initial conditions and random-like behavior have attracted the attention of cryptographers to develop new encryption algorithms. Therefore, recent researches of image encryption algorithms have been increasingly based on chaotic systems, though the drawbacks of small key space and weak security in one-dimensional chaotic cryptosystems are obvious. This paper proposes a Coupled Nonlinear Chaotic Map, called CNCM, and a novel chaos-based image encryption algorithm to encrypt color images by using CNCM. The chaotic cryptography technique which used in this paper is a symmetric key cryptography with a stream cipher structure. In order to increase the security of the proposed algorithm, 240 bit-long secret key is used to generate the initial conditions and parameters of the chaotic map by making some algebraic transformations to the key. These transformations as well as the nonlinearity and coupling structure of the CNCM have enhanced the cryptosystem security. For getting higher security and higher complexity, the current paper employs the image size and color components to cryptosystem, thereby significantly increasing the resistance to known/chosen-plaintext attacks. The results of several experimental, statistical analysis and key sensitivity tests show that the proposed image encryption scheme provides an efficient and secure way for real-time image encryption and transmission.
A Review of RSA Cryptosystems and Cryptographic Protocols ...
African Journals Online (AJOL)
The use of cryptography in information security over insecure open network in both the convectional, symmetric encryption and the public-key cryptography has witnessed tremendous developments over the years. No doubt, the public-key cryptography is an established technology in terms of modern approach in ...
Santhi, B; Dheeptha, B
2016-01-01
The field of telemedicine has gained immense momentum, owing to the need for transmitting patients' information securely. This paper puts forth a unique method for embedding data in medical images. It is based on edge based embedding and XOR coding. The algorithm proposes a novel key generation technique by utilizing the design of a sudoku puzzle to enhance the security of the transmitted message. The edge blocks of the cover image alone, are utilized to embed the payloads. The least significant bit of the pixel values are changed by XOR coding depending on the data to be embedded and the key generated. Hence the distortion in the stego image is minimized and the information is retrieved accurately. Data is embedded in the RGB planes of the cover image, thus increasing its embedding capacity. Several measures including peak signal noise ratio (PSNR), mean square error (MSE), universal image quality index (UIQI) and correlation coefficient (R) are the image quality measures that have been used to analyze the quality of the stego image. It is evident from the results that the proposed technique outperforms the former methodologies.
Architecture for the Secret-Key BC3 Cryptography Algorithm
Directory of Open Access Journals (Sweden)
Arif Sasongko
2014-11-01
Full Text Available Cryptography is a very important aspect in data security. The focus of research in this field is shifting from merely security aspect to consider as well the implementation aspect. This paper aims to introduce BC3 algorithm with focus on its hardware implementation. It proposes an architecture for the hardware implementation for this algorithm. BC3 algorithm is a secret-key cryptography algorithm developed with two considerations: robustness and implementation efficiency. This algorithm has been implemented on software and has good performance compared to AES algorithm. BC3 is improvement of BC2 and AE cryptographic algorithm and it is expected to have the same level of robustness and to gain competitive advantages in the implementation aspect. The development of the architecture gives much attention on (1 resource sharing and (2 having single clock for each round. It exploits regularity of the algorithm. This architecture is then implemented on an FPGA. This implementation is three times smaller area than AES, but about five times faster. Furthermore, this BC3 hardware implementation has better performance compared to BC3 software both in key expansion stage and randomizing stage. For the future, the security of this implementation must be reviewed especially against side channel attack.
Algebraic Side-Channel Attack on Twofish
Directory of Open Access Journals (Sweden)
Chujiao Ma
2017-05-01
Full Text Available While algebraic side-channel attack (ASCA has been successful in breaking simple cryptographic algorithms, it has never been done on larger or more complex algorithms such as Twofish. Compared to other algorithms that ASCA has been used on, Twofish is more difficult to attack due to the key-dependent S-boxes as well as the complex key scheduling. In this paper, we propose the first algebraic side-channel attack on Twofish, and examine the importance of side-channel information in getting past the key-dependent S-boxes and the complex key scheduling. The cryptographic algorithm and side-channel information are both expressed as boolean equations and a SAT solver is used to recover the key. While algebraic attack by itself is not sufficient to break the algorithm, with the help of side-channel information such as Hamming weights, we are able to correctly solve for 96 bits of the 128 bits key in under 2 hours with known plaintext/ciphertext.
Quantum dense key distribution
International Nuclear Information System (INIS)
Degiovanni, I.P.; Ruo Berchera, I.; Castelletto, S.; Rastello, M.L.; Bovino, F.A.; Colla, A.M.; Castagnoli, G.
2004-01-01
This paper proposes a protocol for quantum dense key distribution. This protocol embeds the benefits of a quantum dense coding and a quantum key distribution and is able to generate shared secret keys four times more efficiently than the Bennet-Brassard 1984 protocol. We hereinafter prove the security of this scheme against individual eavesdropping attacks, and we present preliminary experimental results, showing its feasibility
Reconstruction method for data protection in telemedicine systems
Buldakova, T. I.; Suyatinov, S. I.
2015-03-01
In the report the approach to protection of transmitted data by creation of pair symmetric keys for the sensor and the receiver is offered. Since biosignals are unique for each person, their corresponding processing allows to receive necessary information for creation of cryptographic keys. Processing is based on reconstruction of the mathematical model generating time series that are diagnostically equivalent to initial biosignals. Information about the model is transmitted to the receiver, where the restoration of physiological time series is performed using the reconstructed model. Thus, information about structure and parameters of biosystem model received in the reconstruction process can be used not only for its diagnostics, but also for protection of transmitted data in telemedicine complexes.
Lightweight Cryptography for Passive RFID Tags
DEFF Research Database (Denmark)
David, Mathieu
2012-01-01
were mostly unsatisfactory. As a conclusion, a new branch of cryptography, commonly called Lightweight Cryptography, emerged to address the issues of these tiny ubiquitous devices. This Thesis presents a comprehensive engineering to lightweight cryptography, proposes a classification and explores its...... various ramifications by giving key examples in each of them. We select two of these branches, ultralightweight cryptography and symmetric-key cryptography, and propose a cryptographic primitive in each of them. In the case of symmetric-key cryptography, we propose a stream cipher that has a footprint...... of an integrator for a particular application. Finally, we conclude that the research for finding robust cryptographic primitive in the branch of lightweight cryptography still has some nice days ahead, and that providing a secure cryptosystem for printed electronics RFID tags remains an open research topic....
Secret-key rates and privacy leakage in biometric systems
Ignatenko, T.
2009-01-01
In this thesis both the generation of secret keys from biometric data and the binding of secret keys to biometric data are investigated. These secret keys can be used to regulate access to sensitive data, services, and environments. In a biometric secrecy system a secret key is generated or chosen
Lenstra, A.K.; Verheul, E.R.; Okamoto, T.
2000-01-01
This paper describes improved methods for XTR key representation and parameter generation (cf. [4]). If the field characteristic is properly chosen, the size of the XTR public key for signature applications can be reduced by a factor of three at the cost of a small one time computation for the
Security of quantum key distributions with entangled qudits
Durt, Thomas; Kaszlikowski, Dagomir; Chen, Jing-Ling; Kwek, L. C.
2004-03-01
We consider a generalization of Ekert's entanglement-based quantum cryptographic protocol where qubits are replaced by N - or d -dimensional systems (qudits). In order to study its robustness against optimal incoherent attacks, we derive the information gained by a potential eavesdropper during a cloning-based individual attack. In doing so, we generalize Cerf’s formalism for cloning machines and establish the form of the most general cloning machine that respects all the symmetries of the problem. We obtain an upper bound on the error rate that guarantees the confidentiality of qudit generalizations of the Ekert’s protocol for qubits.
Combining Cryptography with EEG Biometrics.
Damaševičius, Robertas; Maskeliūnas, Rytis; Kazanavičius, Egidijus; Woźniak, Marcin
2018-01-01
Cryptographic frameworks depend on key sharing for ensuring security of data. While the keys in cryptographic frameworks must be correctly reproducible and not unequivocally connected to the identity of a user, in biometric frameworks this is different. Joining cryptography techniques with biometrics can solve these issues. We present a biometric authentication method based on the discrete logarithm problem and Bose-Chaudhuri-Hocquenghem (BCH) codes, perform its security analysis, and demonstrate its security characteristics. We evaluate a biometric cryptosystem using our own dataset of electroencephalography (EEG) data collected from 42 subjects. The experimental results show that the described biometric user authentication system is effective, achieving an Equal Error Rate (ERR) of 0.024.
A Multi-Threaded Cryptographic Pseudorandom Number Generator Test Suite
2016-09-01
bitcoin thieves, Google releases patch. (2013, Aug. 16). SiliconANGLE. [Online]. Available: http://siliconangle.com/blog/2013/ 08/16/android-crypto-prng...flaw-aided- bitcoin -thieves-google-releases-patch/ [5] M. Gondree. (2014, Sep. 28). NPS POSIX thread pool library. [Online]. Available: https
Knobler, Ron; Scheffel, Peter; Jackson, Scott; Gaj, Kris; Kaps, Jens Peter
2013-05-01
Various embedded systems, such as unattended ground sensors (UGS), are deployed in dangerous areas, where they are subject to compromise. Since numerous systems contain a network of devices that communicate with each other (often times with commercial off the shelf [COTS] radios), an adversary is able to intercept messages between system devices, which jeopardizes sensitive information transmitted by the system (e.g. location of system devices). Secret key algorithms such as AES are a very common means to encrypt all system messages to a sufficient security level, for which lightweight implementations exist for even very resource constrained devices. However, all system devices must use the appropriate key to encrypt and decrypt messages from each other. While traditional public key algorithms (PKAs), such as RSA and Elliptic Curve Cryptography (ECC), provide a sufficiently secure means to provide authentication and a means to exchange keys, these traditional PKAs are not suitable for very resource constrained embedded systems or systems which contain low reliability communication links (e.g. mesh networks), especially as the size of the network increases. Therefore, most UGS and other embedded systems resort to pre-placed keys (PPKs) or other naïve schemes which greatly reduce the security and effectiveness of the overall cryptographic approach. McQ has teamed with the Cryptographic Engineering Research Group (CERG) at George Mason University (GMU) to develop an approach using revolutionary cryptographic techniques that provides both authentication and encryption, but on resource constrained embedded devices, without the burden of large amounts of key distribution or storage.
БЕЗОПАСНОСТЬ КЛЮЧЕВЫХ СИСТЕМ СРЕДСТВ ЗАЩИЩЕННОГО ЭЛЕКТРОННОГО ДОКУМЕНТООБОРОТА
Directory of Open Access Journals (Sweden)
Сергей Владимирович Запечников
2009-06-01
Full Text Available The structures of cryptographic key systems in secure electronic data interchange products are analyzed. Some examples are offered for existing and future systems. We calculate a set of security indicators for a typical key system and give a technique how to make them higher with key material management schemes.
Yang, Yu-Guang; Xu, Peng; Yang, Rui; Zhou, Yi-Hua; Shi, Wei-Min
2016-01-01
Quantum information and quantum computation have achieved a huge success during the last years. In this paper, we investigate the capability of quantum Hash function, which can be constructed by subtly modifying quantum walks, a famous quantum computation model. It is found that quantum Hash function can act as a hash function for the privacy amplification process of quantum key distribution systems with higher security. As a byproduct, quantum Hash function can also be used for pseudo-random number generation due to its inherent chaotic dynamics. Further we discuss the application of quantum Hash function to image encryption and propose a novel image encryption algorithm. Numerical simulations and performance comparisons show that quantum Hash function is eligible for privacy amplification in quantum key distribution, pseudo-random number generation and image encryption in terms of various hash tests and randomness tests. It extends the scope of application of quantum computation and quantum information.
Yang, Yu-Guang; Xu, Peng; Yang, Rui; Zhou, Yi-Hua; Shi, Wei-Min
2016-01-01
Quantum information and quantum computation have achieved a huge success during the last years. In this paper, we investigate the capability of quantum Hash function, which can be constructed by subtly modifying quantum walks, a famous quantum computation model. It is found that quantum Hash function can act as a hash function for the privacy amplification process of quantum key distribution systems with higher security. As a byproduct, quantum Hash function can also be used for pseudo-random number generation due to its inherent chaotic dynamics. Further we discuss the application of quantum Hash function to image encryption and propose a novel image encryption algorithm. Numerical simulations and performance comparisons show that quantum Hash function is eligible for privacy amplification in quantum key distribution, pseudo-random number generation and image encryption in terms of various hash tests and randomness tests. It extends the scope of application of quantum computation and quantum information. PMID:26823196
Quantum networks: where should we be heading?
Sasaki, Masahide
2017-06-01
Quantum key distribution network has become a reality in practical environment. Quantum repeaters have been explored in various physical systems and their combinations. For practical use of them, these new paradigms must be combined with existing or emerging infrastructures of communication and security systems. In this article, we discussed how quantum network can be combined with modern cryptographic technologies in fibre network and with emerging mobile terminals in wireless network, creating new solutions for the future cryptographic and communication systems. Our discussions are summarised in a roadmap.
Multiparty quantum key agreement with single particles
Liu, Bin; Gao, Fei; Huang, Wei; Wen, Qiao-yan
2013-04-01
Two conditions must be satisfied in a secure quantum key agreement (QKA) protocol: (1) outside eavesdroppers cannot gain the generated key without introducing any error; (2) the generated key cannot be determined by any non-trivial subset of the participants. That is, a secure QKA protocol can not only prevent the outside attackers from stealing the key, but also resist the attack from inside participants, i.e. some dishonest participants determine the key alone by illegal means. How to resist participant attack is an aporia in the design of QKA protocols, especially the multi-party ones. In this paper we present the first secure multiparty QKA protocol against both outside and participant attacks. Further more, we have proved its security in detail.
System of end-to-end symmetric database encryption
Galushka, V. V.; Aydinyan, A. R.; Tsvetkova, O. L.; Fathi, V. A.; Fathi, D. V.
2018-05-01
The article is devoted to the actual problem of protecting databases from information leakage, which is performed while bypassing access control mechanisms. To solve this problem, it is proposed to use end-to-end data encryption, implemented at the end nodes of an interaction of the information system components using one of the symmetric cryptographic algorithms. For this purpose, a key management method designed for use in a multi-user system based on the distributed key representation model, part of which is stored in the database, and the other part is obtained by converting the user's password, has been developed and described. In this case, the key is calculated immediately before the cryptographic transformations and is not stored in the memory after the completion of these transformations. Algorithms for registering and authorizing a user, as well as changing his password, have been described, and the methods for calculating parts of a key when performing these operations have been provided.
Entangled quantum key distribution with a biased basis choice
International Nuclear Information System (INIS)
Erven, Chris; Ma Xiongfeng; Laflamme, Raymond; Weihs, Gregor
2009-01-01
We investigate a quantum key distribution (QKD) scheme that utilizes a biased basis choice in order to increase the efficiency of the scheme. The optimal bias between the two measurement bases, a more refined error analysis and finite key size effects are all studied in order to assure the security of the final key generated with the system. We then implement the scheme in a local entangled QKD system that uses polarization entangled photon pairs to securely distribute the key. A 50/50 non-polarizing beamsplitter (BS) with different optical attenuators is used to simulate a variable BS in order to allow us to study the operation of the system for different biases. Over 6 h of continuous operation with a total bias of 0.9837/0.0163 (Z/X), we were able to generate 0.4567 secure key bits per raw key bit as compared to 0.2550 secure key bits per raw key bit for the unbiased case. This represents an increase in the efficiency of the key generation rate by 79%.
Practical quantum key distribution with polarization-entangled photons
International Nuclear Information System (INIS)
Poppe, A.; Fedrizzi, A.; Boehm, H.; Ursin, R.; Loruenser, T.; Peev, M.; Maurhardt, O.; Suda, M.; Kurtsiefer, C.; Weinfurter, H.; Jennewein, T.; Zeilinger, A.
2005-01-01
Full text: We present an entangled-state quantum cryptography system that operated for the first time in a real-world application scenario. The full key generation protocol was performed in real-time between two distributed embedded hardware devices, which were connected by 1.45 km of optical fiber, installed for this experiment in the Vienna sewage system. A source for polarization-entangled photons delivered about 8200 entangled photon pairs per second. After transmission to the distant receivers, a mean value of 468 pairs per second remained for the generation of a raw key, which showed an average qubit error rate of 6.4 %. The raw key was sifted and subsequently processed by a classical protocol which included error correction and privacy amplification. The final secure key bit rate was about 76 bits per second. The generated quantum key was then handed over and used by a secure communication application. (author)
Data Security Using Cryptographic Approach | Okoro | Information ...
African Journals Online (AJOL)
The need for data security in Information and Communications Technology (ICT) can not be overemphasized. In this paper, the use of symmetric and asymmetric key cryptographies to clearly achieve the required protection by means of prime number system and modular multiplicative inverse has been highlighted and ...
International Nuclear Information System (INIS)
Colbeck, Roger; Kent, Adrian
2006-01-01
Alice is a charismatic quantum cryptographer who believes her parties are unmissable; Bob is a (relatively) glamorous string theorist who believes he is an indispensable guest. To prevent possibly traumatic collisions of self-perception and reality, their social code requires that decisions about invitation or acceptance be made via a cryptographically secure variable-bias coin toss (VBCT). This generates a shared random bit by the toss of a coin whose bias is secretly chosen, within a stipulated range, by one of the parties; the other party learns only the random bit. Thus one party can secretly influence the outcome, while both can save face by blaming any negative decisions on bad luck. We describe here some cryptographic VBCT protocols whose security is guaranteed by quantum theory and the impossibility of superluminal signaling, setting our results in the context of a general discussion of secure two-party computation. We also briefly discuss other cryptographic applications of VBCT
Colbeck, Roger; Kent, Adrian
2006-03-01
Alice is a charismatic quantum cryptographer who believes her parties are unmissable; Bob is a (relatively) glamorous string theorist who believes he is an indispensable guest. To prevent possibly traumatic collisions of self-perception and reality, their social code requires that decisions about invitation or acceptance be made via a cryptographically secure variable-bias coin toss (VBCT). This generates a shared random bit by the toss of a coin whose bias is secretly chosen, within a stipulated range, by one of the parties; the other party learns only the random bit. Thus one party can secretly influence the outcome, while both can save face by blaming any negative decisions on bad luck. We describe here some cryptographic VBCT protocols whose security is guaranteed by quantum theory and the impossibility of superluminal signaling, setting our results in the context of a general discussion of secure two-party computation. We also briefly discuss other cryptographic applications of VBCT.
RETRACTED: The Application of Symmetric Key Cryptographic Algorithms in Wireless Sensor Networks
Si, Lingling; Ji, Zhigang; Wang, Zhihui
This article has been retracted: please see Elsevier Policy on Article Withdrawal. This article has been retracted at the request of the Publisher. The authors have plagiarized a paper that had already appeared in "Queen's 25th Biennial Symposium on Communications", page 168-172, print ISBN 978-1-4244-5709-0, http://dx.doi.org/10.1109/BSC.2010.5472979. One of the conditions of submission of a paper for publication is that authors declare explicitly that their work is original and has not appeared in a publication elsewhere. Re-use of any data should be appropriately cited. As such this article represents a severe abuse of the scientific publishing system. The scientific community takes a very strong view on this matter and apologies are offered to readers of the journal that this was not detected during the submission process.
Jajodia, Sushil; Samarati, Pierangela; Singhal, Anoop; Swarup, Vipin; Wang, Cliff
2014-01-01
This book presents a range of cloud computing security challenges and promising solution paths. The first two chapters focus on practical considerations of cloud computing. In Chapter 1, Chandramouli, Iorga, and Chokani describe the evolution of cloud computing and the current state of practice, followed by the challenges of cryptographic key management in the cloud. In Chapter 2, Chen and Sion present a dollar cost model of cloud computing and explore the economic viability of cloud computing with and without security mechanisms involving cryptographic mechanisms. The next two chapters addres
Penerapan CIELab dan Chaos sebagai Cipher pada Aplikasi Kriptografi Citra Digital
Directory of Open Access Journals (Sweden)
Linna Oktaviana Sari
2013-04-01
Full Text Available The development of Internet supports people to transmit information, such as text, images and other media quickly. However, digital images transmitted over the Internet are very vulnerable to attacks, for examples modification and duplication by unauthorized people. Therefore, cryptography as one of method for data security has been developed. This research proposed a combination of color structure CIELab and key randomization by logistic map from chaos as new cipher in digital image cryptographic applications. Cipher is applied to the encryption and decryption process. Implementation of new cipher in cryptographic digital images application was built with Matlab R2010a. Based on the research that has been done, it was found that combination CIELab and chaos can be applied as a new cipher on the encryption and decryption of digital images for cryptographic applications with processing time less than 1 second. Under possible maximum key range on RGB image by 5,2x 1033, the cipher was sufficiently secure against brute-force attack. Decrypted image has good quality with PSNR greater than 50 dB for digital image formatted in “tiff” and “png”.
Smart practice: smart card design considerations in health care.
Lindley, R A; Pacheco, F
1995-01-01
Recent innovations in microelectronics and advances in cryptography are driving the appearance of a new generation of smart cards with wider applications; this has important repercussions for our society in the coming years. Essentially, these breakthroughs include built-in microprocessors capable of generating cryptographic transactions (e.g.,Jelectronic blinded signatures, digital pseudonyms, and digital credentials), developments toward a single electronic card offering multi-access to services such as transport, telecommunications, health, financial, and entertainment (Universal Access Services), and incorporation of personal identification technologies such as voice, eye, or skin pattern recognition. For example, by using electronic representatives or cryptographic blinded signatures, a smart card can be used for multi transactions across different organizations and under different generated pseudonyms. These pseudonyms are capable of recognizing an individual unambiguously, while none of her records can be linked [1]. Moreover, tamper-proof electronic observers would make smart cards a very attractive technology for high-security based applications, such as those in the health care field. New trends in smart card technology offer excellent privacy and confidentiality safeguards. Therefore, smart cards constitute a promising technology for the health sector in Australia and other countries around the world in their pursuit of technology to support the delivery of quality care services. This paper addresses the main issues and the key design criteria which may be of strategic importance to the success of future smart card technology in the health care sector.
Derkach, Ivan D.; Peuntinger, Christian; Ruppert, László; Heim, Bettina; Gunthner, Kevin; Usenko, Vladyslav C.; Elser, Dominique; Marquardt, Christoph; Filip, Radim; Leuchs, Gerd
2016-10-01
Continuous-variable quantum key distribution is a practical application of quantum information theory that is aimed at generation of secret cryptographic key between two remote trusted parties and that uses multi-photon quantum states as carriers of key bits. Remote parties share the secret key via a quantum channel, that presumably is under control of of an eavesdropper, and which properties must be taken into account in the security analysis. Well-studied fiber-optical quantum channels commonly possess stable transmittance and low noise levels, while free-space channels represent a simpler, less demanding and more flexible alternative, but suffer from atmospheric effects such as turbulence that in particular causes a non-uniform transmittance distribution referred to as fading. Nonetheless free-space channels, providing an unobstructed line-of-sight, are more apt for short, mid-range and potentially long-range (using satellites) communication and will play an important role in the future development and implementation of QKD networks. It was previously theoretically shown that coherent-state CV QKD should be in principle possible to implement over a free-space fading channel, but strong transmittance fluctuations result in the significant modulation-dependent channel excess noise. In this regime the post-selection of highly transmitting sub-channels may be needed, which can even restore the security of the protocol in the strongly turbulent channels. We now report the first proof-of-principle experimental test of coherent state CV QKD protocol using different levels Gaussian modulation over a mid-range (1.6-kilometer long) free-space atmospheric quantum channel. The transmittance of the link was characterized using intensity measurements for the reference but channel estimation using the modulated coherent states was also studied. We consider security against Gaussian collective attacks, that were shown to be optimal against CV QKD protocols . We assumed a
Charting a Security Landscape in the Clouds: Data Protection and Collaboration in Cloud Storage
2016-07-01
strength of specific cryptographic primitives used such as Advanced Encryption Standard ( AES ); protection of keys and key materials beyond the protocol...Advanced Encryption Standard ( AES ) with a 256-bit key instead of a 128-bit key for example, is not a particularly insightful observation. Rather, this... AES Advanced Encryption Standard TLS/SSL Transport Layer Security/Security Socket Layer 35 REFERENCES [1] International Data Corporation
A novel image encryption scheme based on spatial chaos map
International Nuclear Information System (INIS)
Sun Fuyan; Liu Shutang; Li Zhongqin; Lue Zongwang
2008-01-01
In recent years, the chaos-based cryptographic algorithms have suggested some new and efficient ways to develop secure image encryption techniques, but the drawbacks of small key space and weak security in one-dimensional chaotic cryptosystems are obvious. In this paper, spatial chaos system are used for high degree security image encryption while its speed is acceptable. The proposed algorithm is described in detail. The basic idea is to encrypt the image in space with spatial chaos map pixel by pixel, and then the pixels are confused in multiple directions of space. Using this method one cycle, the image becomes indistinguishable in space due to inherent properties of spatial chaotic systems. Several experimental results, key sensitivity tests, key space analysis, and statistical analysis show that the approach for image cryptosystems provides an efficient and secure way for real time image encryption and transmission from the cryptographic viewpoint
A new image cipher in time and frequency domains
Abd El-Latif, Ahmed A.; Niu, Xiamu; Amin, Mohamed
2012-10-01
Recently, various encryption techniques based on chaos have been proposed. However, most existing chaotic encryption schemes still suffer from fundamental problems such as small key space, weak security function and slow performance speed. This paper introduces an efficient encryption scheme for still visual data that overcome these disadvantages. The proposed scheme is based on hybrid Linear Feedback Shift Register (LFSR) and chaotic systems in hybrid domains. The core idea is to scramble the pixel positions based on 2D chaotic systems in frequency domain. Then, the diffusion is done on the scrambled image based on cryptographic primitive operations and the incorporation of LFSR and chaotic systems as round keys. The hybrid compound of LFSR, chaotic system and cryptographic primitive operations strengthen the encryption performance and enlarge the key space required to resist the brute force attacks. Results of statistical and differential analysis show that the proposed algorithm has high security for secure digital images. Furthermore, it has key sensitivity together with a large key space and is very fast compared to other competitive algorithms.
Wireless Physical Layer Security: On the Performance Limit of Secret-Key Agreement
Zorgui, Marwen
2015-05-01
Physical layer security (PLS) is a new paradigm aiming at securing communications between legitimate parties at the physical layer. Conventionally, achieving confidentiality in communication networks relies on cryptographic techniques such as public-key cryptography, secret-key distribution and symmetric encryption. Such techniques are deemed secure based on the assumption of limited computational abilities of a wiretapper. Given the relentless progress in computational capacities and the dynamic topology and proliferation of modern wireless networks, the relevance of the previous techniques in securing communications is more and more questionable and less and less reliable. In contrast to this paradigm, PLS does not assume a specific computational power at any eavesdropper, its premise to guarantee provable security via employing channel coding techniques at the physical layer exploiting the inherent randomness in most communication systems. In this dissertation, we investigate a particular aspect of PLS, which is secret-key agreement, also known as secret-sharing. In this setup, two legitimate parties try to distill a secret-key via the observation of correlated signals through a noisy wireless channel, in the presence of an eavesdropper who must be kept ignorant of the secret-key. Additionally, a noiseless public channel is made available to the legitimate parties to exchange public messages that are also accessible to the eavesdropper. Recall that key agreement is an important aspect toward realizing secure communications in the sense that the key can be used in a one-time pad scheme to send the confidential message. In the first part, our focus is on secret-sharing over Rayleigh fading quasi-static channels. We study the fundamental relationship relating the probability of error and a given target secret-key rate in the high power regime. This is characterized through the diversity multiplexing tradeoff (DMT) concept, that we define for our model and then
Pirbhulal, Sandeep; Zhang, Heye; Mukhopadhyay, Subhas Chandra; Li, Chunyue; Wang, Yumei; Li, Guanglin; Wu, Wanqing; Zhang, Yuan-Ting
2015-06-26
Body Sensor Network (BSN) is a network of several associated sensor nodes on, inside or around the human body to monitor vital signals, such as, Electroencephalogram (EEG), Photoplethysmography (PPG), Electrocardiogram (ECG), etc. Each sensor node in BSN delivers major information; therefore, it is very significant to provide data confidentiality and security. All existing approaches to secure BSN are based on complex cryptographic key generation procedures, which not only demands high resource utilization and computation time, but also consumes large amount of energy, power and memory during data transmission. However, it is indispensable to put forward energy efficient and computationally less complex authentication technique for BSN. In this paper, a novel biometric-based algorithm is proposed, which utilizes Heart Rate Variability (HRV) for simple key generation process to secure BSN. Our proposed algorithm is compared with three data authentication techniques, namely Physiological Signal based Key Agreement (PSKA), Data Encryption Standard (DES) and Rivest Shamir Adleman (RSA). Simulation is performed in Matlab and results suggest that proposed algorithm is quite efficient in terms of transmission time utilization, average remaining energy and total power consumption.
Quantum key distribution without alternative measurements
Cabello, A
2000-01-01
Entanglement swapping between Einstein-Podolsky-Rosen (EPR) pairs can be used to generate the same sequence of random bits in two remote places. A quantum key distribution protocol based on this idea is described. The scheme exhibits the following features. (a) It does not require that Alice and Bob choose between alternative measurements, therefore improving the rate of generated bits by transmitted qubit. (b) It allows Alice and Bob to generate a key of arbitrary length using a single quantum system (three EPR pairs), instead of a long sequence of them. (c) Detecting Eve requires the comparison of fewer bits. (d) Entanglement is an essential ingredient. The scheme assumes reliable measurements of the Bell operator. (20 refs).
Ensemble of Chaotic and Naive Approaches for Performance Enhancement in Video Encryption
Directory of Open Access Journals (Sweden)
Jeyamala Chandrasekaran
2015-01-01
Full Text Available Owing to the growth of high performance network technologies, multimedia applications over the Internet are increasing exponentially. Applications like video conferencing, video-on-demand, and pay-per-view depend upon encryption algorithms for providing confidentiality. Video communication is characterized by distinct features such as large volume, high redundancy between adjacent frames, video codec compliance, syntax compliance, and application specific requirements. Naive approaches for video encryption encrypt the entire video stream with conventional text based cryptographic algorithms. Although naive approaches are the most secure for video encryption, the computational cost associated with them is very high. This research work aims at enhancing the speed of naive approaches through chaos based S-box design. Chaotic equations are popularly known for randomness, extreme sensitivity to initial conditions, and ergodicity. The proposed methodology employs two-dimensional discrete Henon map for (i generation of dynamic and key-dependent S-box that could be integrated with symmetric algorithms like Blowfish and Data Encryption Standard (DES and (ii generation of one-time keys for simple substitution ciphers. The proposed design is tested for randomness, nonlinearity, avalanche effect, bit independence criterion, and key sensitivity. Experimental results confirm that chaos based S-box design and key generation significantly reduce the computational cost of video encryption with no compromise in security.
Lee, Paul U.; Sheridan, Tom; Poage, james L.; Martin, Lynne Hazel; Jobe, Kimberly K.
2010-01-01
This report identifies key human-performance-related issues associated with Next Generation Air Transportation System (NextGen) research in the NASA NextGen-Airspace Project. Four Research Focus Areas (RFAs) in the NextGen-Airspace Project - namely Separation Assurance (SA), Airspace Super Density Operations (ASDO), Traffic Flow Management (TFM), and Dynamic Airspace Configuration (DAC) - were examined closely. In the course of the research, it was determined that the identified human performance issues needed to be analyzed in the context of NextGen operations rather than through basic human factors research. The main gaps in human factors research in NextGen were found in the need for accurate identification of key human-systems related issues within the context of specific NextGen concepts and better design of the operational requirements for those concepts. By focusing on human-system related issues for individual concepts, key human performance issues for the four RFAs were identified and described in this report. In addition, mixed equipage airspace with components of two RFAs were characterized to illustrate potential human performance issues that arise from the integration of multiple concepts.
Directory of Open Access Journals (Sweden)
Ken White
2010-03-01
Full Text Available Some common, mental models shape how people in the US perceive political changes over time. The one-dimensional pendulum swing model and the two-dimensional cyclical model are prevalent. When generational differences are mapped onto such political change cycles, they orient to cohorts or age groups. This leads to viewing generational cohorts as experiencing one- or two-dimensional cycles without deeper scrutiny. Cohort differences that surface in the Generations Salons that I and others conducted in California suggest a different, three-dimensional model may be more representative of the potential for societal change in the US. Using a musical metaphor, that model is explained in terms of different political “keys” and the value of distinguishing among them as time passes. It also underlies a speculation about a “politics in a new key,” which might prove more useful.Summary-level reporting of the action research conducted with the Generations Salons supports the three-dimensional model. We expect new politics to emerge from the Millennial cohort coming of age now, yet it will not be without the support and wisdom of the cohorts that came of age before it. This must be the case if the burden of expectations we place on the Millennials will indeed pave the way for transformative change in US society. Intergenerational support of Millennials is essential. This initial research and application suggests the potential for the generational/ developmental approach as a wellspring for transformational—and practically successful—political work. It begs the question: What will you do to help?
Directory of Open Access Journals (Sweden)
Ken White
2010-03-01
Full Text Available Some common, mental models shape how people in the US perceive political changes over time. The one-dimensional pendulum swing model and the two-dimensional cyclical model are prevalent. When generational differences are mapped onto such political change cycles, they orient to cohorts or age groups. This leads to viewing generational cohorts as experiencing one- or two-dimensional cycles without deeper scrutiny. Cohort differences that surface in the Generations Salons that I and others conducted in California suggest a different, three-dimensional model may be more representative of the potential for societal change in the US. Using a musical metaphor, that model is explained in terms of different political “keys” and the value of distinguishing among them as time passes. It also underlies a speculation about a “politics in a new key,” which might prove more useful. Summary-level reporting of the action research conducted with the Generations Salons supports the three-dimensional model. We expect new politics to emerge from the Millennial cohort coming of age now, yet it will not be without the support and wisdom of the cohorts that came of age before it. This must be the case if the burden of expectations we place on the Millennials will indeed pave the way for transformative change in US society. Intergenerational support of Millennials is essential. This initial research and application suggests the potential for the generational/ developmental approach as a wellspring for transformational—and practically successful—political work. It begs the question: What will you do to help?
The LOFAR Transients Key Science Project
Stappers, B.; Fender, R.; Wijers, R.
2009-01-01
The Transients Key Science Project (TKP) is one of six Key Science Projects of the next generation radio telescope LOFAR. Its aim is the study of transient and variable low-frequency radio sources with an extremely broad science case ranging from relativistic jet sources to pulsars, exoplanets,
Performance costs of cryptography in securing new-generation Internet of Energy endpoint devices
CSIR Research Space (South Africa)
Ledwaba, Lehlogonolo PI
2017-11-01
Full Text Available cryptographic services on wireless sensor nodes have resulted in high power consumptions, long operating times and the depletion of memory resources. Over the last decade, however, processors for the IoT and IoE have improved; with increased operating power...
Wilson, Jeffrey D.; Chaffee, Dalton W.; Wilson, Nathaniel C.; Lekki, John D.; Tokars, Roger P.; Pouch, John J.; Roberts, Tony D.; Battle, Philip; Floyd, Bertram M.; Lind, Alexander J.;
2016-01-01
A high generation rate photon-pair source using a dual element periodically-poled potassium titanyl phosphate (PP KTP) waveguide is described. The fully integrated photon-pair source consists of a 1064-nanometer pump diode laser, fiber-coupled to a dual element waveguide within which a pair of 1064-nanometer photons are up-converted to a single 532-nanometer photon in the first stage. In the second stage, the 532-nanometer photon is down-converted to an entangled photon-pair at 800 nanometer and 1600 nanometer which are fiber-coupled at the waveguide output. The photon-pair source features a high pair generation rate, a compact power-efficient package, and continuous wave (CW) or pulsed operation. This is a significant step towards the long term goal of developing sources for high-rate Quantum Key Distribution (QKD) to enable Earth-space secure communications. Characterization and test results are presented. Details and preliminary results of a laboratory free-space QKD experiment with the B92 protocol are also presented.
A light weight secure image encryption scheme based on chaos & DNA computing
Directory of Open Access Journals (Sweden)
Bhaskar Mondal
2017-10-01
Full Text Available This paper proposed a new light weight secure cryptographic scheme for secure image communication. In this scheme the plain image is permuted first using a sequence of pseudo random number (PRN and encrypted by DeoxyriboNucleic Acid (DNA computation. Two PRN sequences are generated by a Pseudo Random Number Generator (PRNG based on cross coupled chaotic logistic map using two sets of keys. The first PRN sequence is used for permuting the plain image whereas the second PRN sequence is used for generating random DNA sequence. The number of rounds of permutation and encryption may be variable to increase security. The scheme is proposed for gray label images but the scheme may be extended for color images and text data. Simulation results exhibit that the proposed scheme can defy any kind of attack.
Directory of Open Access Journals (Sweden)
Muhammad Sajjad
2014-02-01
Full Text Available Visual sensor networks (VSNs usually generate a low-resolution (LR frame-sequence due to energy and processing constraints. These LR-frames are not very appropriate for use in certain surveillance applications. It is very important to enhance the resolution of the captured LR-frames using resolution enhancement schemes. In this paper, an effective framework for a super-resolution (SR scheme is proposed that enhances the resolution of LR key-frames extracted from frame-sequences captured by visual-sensors. In a VSN, a visual processing hub (VPH collects a huge amount of visual data from camera sensors. In the proposed framework, at the VPH, key-frames are extracted using our recent key-frame extraction technique and are streamed to the base station (BS after compression. A novel effective SR scheme is applied at BS to produce a high-resolution (HR output from the received key-frames. The proposed SR scheme uses optimized orthogonal matching pursuit (OOMP for sparse-representation recovery in SR. OOMP does better in terms of detecting true sparsity than orthogonal matching pursuit (OMP. This property of the OOMP helps produce a HR image which is closer to the original image. The K-SVD dictionary learning procedure is incorporated for dictionary learning. Batch-OMP improves the dictionary learning process by removing the limitation in handling a large set of observed signals. Experimental results validate the effectiveness of the proposed scheme and show its superiority over other state-of-the-art schemes.
Sajjad, Muhammad; Mehmood, Irfan; Baik, Sung Wook
2014-02-21
Visual sensor networks (VSNs) usually generate a low-resolution (LR) frame-sequence due to energy and processing constraints. These LR-frames are not very appropriate for use in certain surveillance applications. It is very important to enhance the resolution of the captured LR-frames using resolution enhancement schemes. In this paper, an effective framework for a super-resolution (SR) scheme is proposed that enhances the resolution of LR key-frames extracted from frame-sequences captured by visual-sensors. In a VSN, a visual processing hub (VPH) collects a huge amount of visual data from camera sensors. In the proposed framework, at the VPH, key-frames are extracted using our recent key-frame extraction technique and are streamed to the base station (BS) after compression. A novel effective SR scheme is applied at BS to produce a high-resolution (HR) output from the received key-frames. The proposed SR scheme uses optimized orthogonal matching pursuit (OOMP) for sparse-representation recovery in SR. OOMP does better in terms of detecting true sparsity than orthogonal matching pursuit (OMP). This property of the OOMP helps produce a HR image which is closer to the original image. The K-SVD dictionary learning procedure is incorporated for dictionary learning. Batch-OMP improves the dictionary learning process by removing the limitation in handling a large set of observed signals. Experimental results validate the effectiveness of the proposed scheme and show its superiority over other state-of-the-art schemes.
The youth of Russia and Serbia: Social trust and key generational problems
Directory of Open Access Journals (Sweden)
U V Šuvaković
2016-12-01
Full Text Available The Sociological Laboratory of the Peoples’ Friendship University of Russia has conducted a number of comparative studies using the method of mass surveys on the representative samples of student youth in different countries and different regions within them. The results of these surveys were presented in the articles in both Russian and foreign scientific journals, and we hope to establish a kind of tradition to publish two types of articles based on the comparative research data: in 2015 we focused mainly on methodological and technical issues to identify key problems of the comparative analysis in cross-cultural studies that become evident only if you conduct an empirical research yourself - from the first step of setting the problem and approving it by all the sides involved to the last step of interpreting and comparing the data obtained. From 2016 to the end of the Russian Foundation for Humanities’ support in 2017 we will focus on the results of our comparative studies together with our colleagues that participate in the project and conduct surveys on the student samples in their countries using the same questionnaire (with the inevitable and predictable changes as we do. The authors present only a small part of the empirical data revealing the perception of the Serbian and Russian student youth of their own situation through the identification of the key problems of the younger generations and the trust to the basic social institutions. This is a deliberate decision of the authors - to leave other topics (and corresponding questions out in order to address them more thoroughly later in the further analysis and publications. The article considers the results of the empirical studies conducted on the representative samples of students of two Serbian universities - University of Belgrade and University of Pristina with the head-office in Kosovska Mitrovica, and on the representative sample of Moscow students (a part of the sample was
Breaking an encryption scheme based on chaotic baker map
International Nuclear Information System (INIS)
Alvarez, Gonzalo; Li, Shujun
2006-01-01
In recent years, a growing number of cryptosystems based on chaos have been proposed, many of them fundamentally flawed by a lack of robustness and security. This Letter describes the security weaknesses of a recently proposed cryptographic algorithm with chaos at the physical level based on the baker map. It is shown that the security is trivially compromised for practical implementations of the cryptosystem with finite computing precision and for the use of the iteration number n as the secret key. Some possible countermeasures to enhance the security of the chaos-based cryptographic algorithm are also discussed
Key parameters controlling radiology departments
International Nuclear Information System (INIS)
Busch, Hans-Peter
2011-01-01
For radiology departments and outstanding practises control and optimization of processes demand an efficient management based on key data. Systems of key data deliver indicators for control of medical quality, service quality and economics. For practices effectiveness (productivity), for hospitals effectiveness and efficiency are in the focus of economical optimization strategies. Task of daily key data is continuous monitoring of activities and workflow, task of weekly/monthly key data is control of data quality, process quality and achievement of objectives, task of yearly key data is determination of long term strategies (marketing) and comparison with competitors (benchmarking). Key parameters have to be defined clearly and have to be available directly. For generation, evaluation and control of key parameters suitable forms of organization and processes are necessary. Strategies for the future will be directed more to the total processes of treatment. To think in total processes and to steer and optimize with suitable parameters is the challenge for participants in the healthcare market of the future. (orig.)
Cost Comparison Among Provable Data Possession Schemes
2016-03-01
of Acronyms and Abbreviations AE authenticated encryption AWS Amazon Web Services CIO Chief Information Officer DISA Defense Information Systems Agency...the number of possible challenges, H be a cryptographic hash function, AE be an authenticated encryption scheme, f be a keyed pseudo-random function...key kenc R←− Kenc for symmetric encryption scheme Enc, and a random HMAC key kmac R←− Kmac. The secret key is sk = 〈kenc, kmac〉 and public key is pk
Lattice Based Mix Network for Location Privacy in Mobile System
Directory of Open Access Journals (Sweden)
Kunwar Singh
2015-01-01
Full Text Available In 1981, David Chaum proposed a cryptographic primitive for privacy called mix network (Mixnet. A mixnet is cryptographic construction that establishes anonymous communication channel through a set of servers. In 2004, Golle et al. proposed a new cryptographic primitive called universal reencryption which takes the input as encrypted messages under the public key of the recipients not the public key of the universal mixnet. In Eurocrypt 2010, Gentry, Halevi, and Vaikunthanathan presented a cryptosystem which is an additive homomorphic and a multiplicative homomorphic for only one multiplication. In MIST 2013, Singh et al. presented a lattice based universal reencryption scheme under learning with error (LWE assumption. In this paper, we have improved Singh et al.’s scheme using Fairbrother’s idea. LWE is a lattice hard problem for which till now there is no polynomial time quantum algorithm. Wiangsripanawan et al. proposed a protocol for location privacy in mobile system using universal reencryption whose security is reducible to Decision Diffie-Hellman assumption. Once quantum computer becomes a reality, universal reencryption can be broken in polynomial time by Shor’s algorithm. In postquantum cryptography, our scheme can replace universal reencryption scheme used in Wiangsripanawan et al. scheme for location privacy in mobile system.
Optical digital chaos cryptography
Arenas-Pingarrón, Álvaro; González-Marcos, Ana P.; Rivas-Moscoso, José M.; Martín-Pereda, José A.
2007-10-01
In this work we present a new way to mask the data in a one-user communication system when direct sequence - code division multiple access (DS-CDMA) techniques are used. The code is generated by a digital chaotic generator, originally proposed by us and previously reported for a chaos cryptographic system. It is demonstrated that if the user's data signal is encoded with a bipolar phase-shift keying (BPSK) technique, usual in DS-CDMA, it can be easily recovered from a time-frequency domain representation. To avoid this situation, a new system is presented in which a previous dispersive stage is applied to the data signal. A time-frequency domain analysis is performed, and the devices required at the transmitter and receiver end, both user-independent, are presented for the optical domain.
Protecting privacy in a clinical data warehouse.
Kong, Guilan; Xiao, Zhichun
2015-06-01
Peking University has several prestigious teaching hospitals in China. To make secondary use of massive medical data for research purposes, construction of a clinical data warehouse is imperative in Peking University. However, a big concern for clinical data warehouse construction is how to protect patient privacy. In this project, we propose to use a combination of symmetric block ciphers, asymmetric ciphers, and cryptographic hashing algorithms to protect patient privacy information. The novelty of our privacy protection approach lies in message-level data encryption, the key caching system, and the cryptographic key management system. The proposed privacy protection approach is scalable to clinical data warehouse construction with any size of medical data. With the composite privacy protection approach, the clinical data warehouse can be secure enough to keep the confidential data from leaking to the outside world. © The Author(s) 2014.
Reset Tree-Based Optical Fault Detection
Directory of Open Access Journals (Sweden)
Howon Kim
2013-05-01
Full Text Available In this paper, we present a new reset tree-based scheme to protect cryptographic hardware against optical fault injection attacks. As one of the most powerful invasive attacks on cryptographic hardware, optical fault attacks cause semiconductors to misbehave by injecting high-energy light into a decapped integrated circuit. The contaminated result from the affected chip is then used to reveal secret information, such as a key, from the cryptographic hardware. Since the advent of such attacks, various countermeasures have been proposed. Although most of these countermeasures are strong, there is still the possibility of attack. In this paper, we present a novel optical fault detection scheme that utilizes the buffers on a circuit’s reset signal tree as a fault detection sensor. To evaluate our proposal, we model radiation-induced currents into circuit components and perform a SPICE simulation. The proposed scheme is expected to be used as a supplemental security tool.
New Construction of PVPKE Scheme and Its Application in Information Systems and Mobile Communication
Minqing Zhang; Xu An Wang; Xiaoyuan Yang; Weihua Li
2015-01-01
In SCN12, Nieto et al. discussed an interesting property of public key encryption with chosen ciphertext security, that is, ciphertexts with public verifiability. Independently, we introduced a new cryptographic primitive, CCA-secure publicly verifiable public key encryption without pairings in the standard model (PVPKE), and discussed its application in proxy reencryption (PRE) and threshold public key encryption (TPKE). In Crypto’09, Hofheiz and Kiltz introduced the group of signed quadrati...
Analysis of a security protocol in ?CRL
J. Pang
2002-01-01
textabstractNeedham-Schroeder public-key protocol; With the growth and commercialization of the Internet, the security of communication between computers becomes a crucial point. A variety of security protocols based on cryptographic primitives are used to establish secure communication over
International Nuclear Information System (INIS)
Zeghuzi, A.; Schmeckebier, H.; Stubenrauch, M.; Bimberg, D.; Meuer, C.; Schubert, C.; Bunge, C.-A.
2015-01-01
Error-free generation of 25-Gbit/s differential phase-shift keying (DPSK) signals via direct modulation of InAs quantum-dot (QD) based semiconductor optical amplifiers (SOAs) is experimentally demonstrated with an input power level of −5 dBm. The QD SOAs emit in the 1.3-μm wavelength range and provide a small-signal fiber-to-fiber gain of 8 dB. Furthermore, error-free DPSK modulation is achieved for constant optical input power levels from 3 dBm down to only −11 dBm for a bit rate of 20 Gbit/s. Direct phase modulation of QD SOAs via current changes is thus demonstrated to be much faster than direct gain modulation
Special Issue on Entropy-Based Applied Cryptography and Enhanced Security for Ubiquitous Computing
Directory of Open Access Journals (Sweden)
James (Jong Hyuk Park
2016-09-01
Full Text Available Entropy is a basic and important concept in information theory. It is also often used as a measure of the unpredictability of a cryptographic key in cryptography research areas. Ubiquitous computing (Ubi-comp has emerged rapidly as an exciting new paradigm. In this special issue, we mainly selected and discussed papers related with ore theories based on the graph theory to solve computational problems on cryptography and security, practical technologies; applications and services for Ubi-comp including secure encryption techniques, identity and authentication; credential cloning attacks and countermeasures; switching generator with resistance against the algebraic and side channel attacks; entropy-based network anomaly detection; applied cryptography using chaos function, information hiding and watermark, secret sharing, message authentication, detection and modeling of cyber attacks with Petri Nets, and quantum flows for secret key distribution, etc.
Security and efficiency data sharing scheme for cloud storage
International Nuclear Information System (INIS)
Han, Ke; Li, Qingbo; Deng, Zhongliang
2016-01-01
With the adoption and diffusion of data sharing paradigm in cloud storage, there have been increasing demands and concerns for shared data security. Ciphertext Policy Attribute-Based Encryption (CP-ABE) is becoming a promising cryptographic solution to the security problem of shared data in cloud storage. However due to key escrow, backward security and inefficiency problems, existing CP-ABE schemes cannot be directly applied to cloud storage system. In this paper, an effective and secure access control scheme for shared data is proposed to solve those problems. The proposed scheme refines the security of existing CP-ABE based schemes. Specifically, key escrow and conclusion problem are addressed by dividing key generation center into several distributed semi-trusted parts. Moreover, secrecy revocation algorithm is proposed to address not only back secrecy but efficient problem in existing CP-ABE based scheme. Furthermore, security and performance analyses indicate that the proposed scheme is both secure and efficient for cloud storage.
van der Meijden, Paola E J; Feijge, Marion A H; Swieringa, Frauke; Gilio, Karen; Nergiz-Unal, Reyhan; Hamulyák, Karly; Heemskerk, Johan W M
2012-10-01
The fibrin(ogen) receptor, integrin α(IIb)β(3), has a well-established role in platelet spreading, aggregation and clot retraction. How α(IIb)β(3) contributes to platelet-dependent coagulation is less well resolved. Here, we demonstrate that the potent suppressing effect of clinically used α(IIb)β(3) blockers on tissue factor-induced thrombin generation is linked to diminished platelet Ca(2+) responses and phosphatidylserine (PS) exposure. The same blockers suppress these responses in platelets stimulated with collagen and thrombin receptor agonists, whereas added fibrinogen potentiates these responses. In platelets spreading on fibrinogen, outside-in α(IIb)β(3) signaling similarly enhances thrombin-induced Ca(2+) rises and PS exposure. These responses are reduced in α(IIb)β(3)-deficient platelets from patients with Glanzmann's thrombasthenia. Furthermore, the contribution of α(IIb)β(3) to tissue factor-induced platelet Ca(2+) rises, PS exposure and thrombin generation in plasma are fully dependent on Syk kinase activity. Tyrosine phosphorylation analysis confirms a key role of Syk activation, which is largely but not exclusively dependent on α(IIb)β(3) activation. It is concluded that the majority of tissue factor-induced procoagulant activity of platelets relies on Syk activation and ensuing Ca(2+) signal generation, and furthermore that a considerable part of Syk activation relies on α(IIb)β(3) signaling. These results hence point to a novel role of Syk in integrin-dependent thrombin generation.
Directory of Open Access Journals (Sweden)
Sandeep Pirbhulal
2015-06-01
Full Text Available Body Sensor Network (BSN is a network of several associated sensor nodes on, inside or around the human body to monitor vital signals, such as, Electroencephalogram (EEG, Photoplethysmography (PPG, Electrocardiogram (ECG, etc. Each sensor node in BSN delivers major information; therefore, it is very significant to provide data confidentiality and security. All existing approaches to secure BSN are based on complex cryptographic key generation procedures, which not only demands high resource utilization and computation time, but also consumes large amount of energy, power and memory during data transmission. However, it is indispensable to put forward energy efficient and computationally less complex authentication technique for BSN. In this paper, a novel biometric-based algorithm is proposed, which utilizes Heart Rate Variability (HRV for simple key generation process to secure BSN. Our proposed algorithm is compared with three data authentication techniques, namely Physiological Signal based Key Agreement (PSKA, Data Encryption Standard (DES and Rivest Shamir Adleman (RSA. Simulation is performed in Matlab and results suggest that proposed algorithm is quite efficient in terms of transmission time utilization, average remaining energy and total power consumption.
Pirbhulal, Sandeep; Zhang, Heye; Mukhopadhyay, Subhas Chandra; Li, Chunyue; Wang, Yumei; Li, Guanglin; Wu, Wanqing; Zhang, Yuan-Ting
2015-01-01
Body Sensor Network (BSN) is a network of several associated sensor nodes on, inside or around the human body to monitor vital signals, such as, Electroencephalogram (EEG), Photoplethysmography (PPG), Electrocardiogram (ECG), etc. Each sensor node in BSN delivers major information; therefore, it is very significant to provide data confidentiality and security. All existing approaches to secure BSN are based on complex cryptographic key generation procedures, which not only demands high resource utilization and computation time, but also consumes large amount of energy, power and memory during data transmission. However, it is indispensable to put forward energy efficient and computationally less complex authentication technique for BSN. In this paper, a novel biometric-based algorithm is proposed, which utilizes Heart Rate Variability (HRV) for simple key generation process to secure BSN. Our proposed algorithm is compared with three data authentication techniques, namely Physiological Signal based Key Agreement (PSKA), Data Encryption Standard (DES) and Rivest Shamir Adleman (RSA). Simulation is performed in Matlab and results suggest that proposed algorithm is quite efficient in terms of transmission time utilization, average remaining energy and total power consumption. PMID:26131666
Second order statistical behavior of LLL and BKZ
Y. Yu (Yang); L. Ducas (Léo)
2017-01-01
textabstractThe LLL algorithm (from Lenstra, Lenstra and Lovász) and its generalization BKZ (from Schnorr and Euchner) are widely used in cryptanalysis, especially for lattice-based cryptography. Precisely understanding their behavior is crucial for deriving appropriate key-size for cryptographic
Choice of optical system is critical for the security of double random phase encryption systems
Muniraj, Inbarasan; Guo, Changliang; Malallah, Ra'ed; Cassidy, Derek; Zhao, Liang; Ryle, James P.; Healy, John J.; Sheridan, John T.
2017-06-01
The linear canonical transform (LCT) is used in modeling a coherent light-field propagation through first-order optical systems. Recently, a generic optical system, known as the quadratic phase encoding system (QPES), for encrypting a two-dimensional image has been reported. In such systems, two random phase keys and the individual LCT parameters (α,β,γ) serve as secret keys of the cryptosystem. It is important that such encryption systems also satisfy some dynamic security properties. We, therefore, examine such systems using two cryptographic evaluation methods, the avalanche effect and bit independence criterion, which indicate the degree of security of the cryptographic algorithms using QPES. We compared our simulation results with the conventional Fourier and the Fresnel transform-based double random phase encryption (DRPE) systems. The results show that the LCT-based DRPE has an excellent avalanche and bit independence characteristics compared to the conventional Fourier and Fresnel-based encryption systems.
Decoy State Quantum Key Distribution
Lo, Hoi-Kwong
2005-10-01
Quantum key distribution (QKD) allows two parties to communicate in absolute security based on the fundamental laws of physics. Up till now, it is widely believed that unconditionally secure QKD based on standard Bennett-Brassard (BB84) protocol is limited in both key generation rate and distance because of imperfect devices. Here, we solve these two problems directly by presenting new protocols that are feasible with only current technology. Surprisingly, our new protocols can make fiber-based QKD unconditionally secure at distances over 100km (for some experiments, such as GYS) and increase the key generation rate from O(η2) in prior art to O(η) where η is the overall transmittance. Our method is to develop the decoy state idea (first proposed by W.-Y. Hwang in "Quantum Key Distribution with High Loss: Toward Global Secure Communication", Phys. Rev. Lett. 91, 057901 (2003)) and consider simple extensions of the BB84 protocol. This part of work is published in "Decoy State Quantum Key Distribution", . We present a general theory of the decoy state protocol and propose a decoy method based on only one signal state and two decoy states. We perform optimization on the choice of intensities of the signal state and the two decoy states. Our result shows that a decoy state protocol with only two types of decoy states--a vacuum and a weak decoy state--asymptotically approaches the theoretical limit of the most general type of decoy state protocols (with an infinite number of decoy states). We also present a one-decoy-state protocol as a special case of Vacuum+Weak decoy method. Moreover, we provide estimations on the effects of statistical fluctuations and suggest that, even for long distance (larger than 100km) QKD, our two-decoy-state protocol can be implemented with only a few hours of experimental data. In conclusion, decoy state quantum key distribution is highly practical. This part of work is published in "Practical Decoy State for Quantum Key Distribution
Directory of Open Access Journals (Sweden)
P. G. Klyucharev
2017-01-01
Full Text Available A number of previous author’s papers proposed methods for constructing various cryptographic algorithms, including block ciphers and cryptographic hash functions, based on generalized cellular automata. This one is aimed at studying a possibility to use the algebraic cryptanalysis methods related to the construction of Gröbner bases for the generalized cellular automata to be applied in cryptography, i.e. this paper studies the possibility for using algebraic cryptanalysis methods to solve the problems of inversion of a generalized cellular automaton and recovering the key of such an automaton.If the cryptographic algorithm is represented as a system of polynomial equations over a certain finite field, then its breach is reduced to solving this system with respect to the key. Although the problem of solving a system of polynomial equations in a finite field is NP-difficult in the general case, the solution of a particular system can have low computational cost.Cryptanalysis based on the construction of a system of polynomial equations that links plain text, cipher-text and key, and its solution by algebraic methods, is usually called algebraic cryptanalysis. Among the main methods to solve systems of polynomial equations are those to construct Gröbner bases.Cryptanalysis of ciphers and hash functions based on generalized cellular automata can be reduced to various problems. We will consider two such problems: the problem of inversion of a generalized cellular automaton, which, in case we know the values of the cells after k iterations, enables us to find the initial values. And the task of recovering the key, which is to find the initial values of the remaining cells, using the cell values after k steps and the initial values of a part of the cells.A computational experiment was carried out to solve the two problems above stated in order to determine the maximum size of a generalized cellular automaton for which the solution of these
Research of user key management mechanisms in the cloud
Directory of Open Access Journals (Sweden)
Іван Федорович Аулов
2016-06-01
Full Text Available The results of comparison and recommendations on the use of existing user key management mechanisms in the cloud environment are given. New generation and installing mechanism of a private key pair between the N-means of key management in the cloud by using a modified Diffie-Hellman protocol is proposed
Security in Wireless Sensor Networks Employing MACGSP6
Nitipaichit, Yuttasart
2010-01-01
Wireless Sensor Networks (WSNs) have unique characteristics which constrain them; including small energy stores, limited computation, and short range communication capability. Most traditional security algorithms use cryptographic primitives such as Public-key cryptography and are not optimized for energy usage. Employing these algorithms for the…
From Ephemerizer to Timed-Ephemerizer: Achieve Assured Lifecycle Enforcement for Sensitive Data
Tang, Qiang
2010-01-01
The concept of Ephemerizer, proposed by Perlman, is a cryptographic primitive for assured data deletion. With an Ephemerizer protocol, data in persistent storage devices will always be encrypted simultaneously using an ephemeral public key of the Ephemerizer (an entity which will publish a set of
Chaos-based hash function (CBHF) for cryptographic applications
International Nuclear Information System (INIS)
Amin, Mohamed; Faragallah, Osama S.; Abd El-Latif, Ahmed A.
2009-01-01
As the core of cryptography, hash is the basic technique for information security. Many of the hash functions generate the message digest through a randomizing process of the original message. Subsequently, a chaos system also generates a random behavior, but at the same time a chaos system is completely deterministic. In this paper, an algorithm for one-way hash function construction based on chaos theory is introduced. Theoretical analysis and computer simulation indicate that the algorithm can satisfy all performance requirements of hash function in an efficient and flexible manner and secure against birthday attacks or meet-in-the-middle attacks, which is good choice for data integrity or authentication.
Chaos-based hash function (CBHF) for cryptographic applications
Energy Technology Data Exchange (ETDEWEB)
Amin, Mohamed [Dept. of Mathematics and Computer Science, Faculty of Science, Menoufia University, Shebin El-Koom 32511 (Egypt)], E-mail: mamin04@yahoo.com; Faragallah, Osama S. [Dept. of Computer Science and Engineering, Faculty of Electronic Engineering, Menoufia University, Menouf 32952 (Egypt)], E-mail: osam_sal@yahoo.com; Abd El-Latif, Ahmed A. [Dept. of Mathematics and Computer Science, Faculty of Science, Menoufia University, Shebin El-Koom 32511 (Egypt)], E-mail: ahmed_rahiem@yahoo.com
2009-10-30
As the core of cryptography, hash is the basic technique for information security. Many of the hash functions generate the message digest through a randomizing process of the original message. Subsequently, a chaos system also generates a random behavior, but at the same time a chaos system is completely deterministic. In this paper, an algorithm for one-way hash function construction based on chaos theory is introduced. Theoretical analysis and computer simulation indicate that the algorithm can satisfy all performance requirements of hash function in an efficient and flexible manner and secure against birthday attacks or meet-in-the-middle attacks, which is good choice for data integrity or authentication.
International Nuclear Information System (INIS)
Ruoss, F.; Turton, H.; Hirschberg, S.
2009-12-01
This report presents the findings of a survey of key factors affecting the deployment of electricity generation technologies in selected energy scenarios. The assumptions and results of scenarios, and the different models used in their construction, are compared. Particular attention is given to technology assumptions, such as investment cost or capacity factors, and their impact on technology deployment. We conclude that the deployment of available technologies, i.e. their market shares, can only be explained from a holistic perspective, and that there are strong interactions between driving forces and competing technology options within a certain scenario. Already the design of a scenario analysis has important impacts on the deployment of technologies: the choice of the set of available technologies, the modeling approach and the definition of the storylines determine the outcome. Furthermore, the quantification of these storylines into input parameters and cost assumptions drives technology deployment, even though differences across the scenarios in cost assumptions are not observed to account for many of the observed differences in electricity technology deployment. The deployment can only be understood after a consideration of the interplay of technology options and the scale of technology deployment, which is determined by economic growth, end-use efficiency, and electrification. Some input parameters are of particular importance for certain technologies: CO 2 prices, fuel prices and the availability of carbon capture and storage appear to be crucial for the deployment of fossil-fueled power plants; maximum construction rates and safety concerns determine the market share of nuclear power; the availability of suitable sites represents the most important factor for electricity generation from hydro and wind power plants; and technology breakthroughs are needed for solar photovoltaics to become cost-competitive. Finally, this analysis concludes with a review
Energy Technology Data Exchange (ETDEWEB)
Ruoss, F.; Turton, H.; Hirschberg, S.
2009-12-15
This report presents the findings of a survey of key factors affecting the deployment of electricity generation technologies in selected energy scenarios. The assumptions and results of scenarios, and the different models used in their construction, are compared. Particular attention is given to technology assumptions, such as investment cost or capacity factors, and their impact on technology deployment. We conclude that the deployment of available technologies, i.e. their market shares, can only be explained from a holistic perspective, and that there are strong interactions between driving forces and competing technology options within a certain scenario. Already the design of a scenario analysis has important impacts on the deployment of technologies: the choice of the set of available technologies, the modeling approach and the definition of the storylines determine the outcome. Furthermore, the quantification of these storylines into input parameters and cost assumptions drives technology deployment, even though differences across the scenarios in cost assumptions are not observed to account for many of the observed differences in electricity technology deployment. The deployment can only be understood after a consideration of the interplay of technology options and the scale of technology deployment, which is determined by economic growth, end-use efficiency, and electrification. Some input parameters are of particular importance for certain technologies: CO{sub 2} prices, fuel prices and the availability of carbon capture and storage appear to be crucial for the deployment of fossil-fueled power plants; maximum construction rates and safety concerns determine the market share of nuclear power; the availability of suitable sites represents the most important factor for electricity generation from hydro and wind power plants; and technology breakthroughs are needed for solar photovoltaics to become cost-competitive. Finally, this analysis concludes with a
Viega, John
2009-01-01
Secure Programming Cookbook for C and C++ is an important new resource for developers serious about writing secure code for Unix® (including Linux®) and Windows® environments. This essential code companion covers a wide range of topics, including safe initialization, access control, input validation, symmetric and public key cryptography, cryptographic hashes and MACs, authentication and key exchange, PKI, random numbers, and anti-tampering.
Robust and Reusable Fuzzy Extractors
Boyen, Xavier
The use of biometric features as key material in security protocols has often been suggested to relieve their owner from the need to remember long cryptographic secrets. The appeal of biometric data as cryptographic secrets stems from their high apparent entropy, their availability to their owner, and their relative immunity to loss. In particular, they constitute a very effective basis for user authentication, especially when combined with complementary credentials such as a short memorized password or a physical token. However, the use of biometrics in cryptography does not come without problems. Some difficulties are technical, such as the lack of uniformity and the imperfect reproducibility of biometrics, but some challenges are more fundamental.
Leakage-Resilient Circuits without Computational Assumptions
DEFF Research Database (Denmark)
Dziembowski, Stefan; Faust, Sebastian
2012-01-01
Physical cryptographic devices inadvertently leak information through numerous side-channels. Such leakage is exploited by so-called side-channel attacks, which often allow for a complete security breache. A recent trend in cryptography is to propose formal models to incorporate leakage...... on computational assumptions, our results are purely information-theoretic. In particular, we do not make use of public key encryption, which was required in all previous works...... into the model and to construct schemes that are provably secure within them. We design a general compiler that transforms any cryptographic scheme, e.g., a block-cipher, into a functionally equivalent scheme which is resilient to any continual leakage provided that the following three requirements are satisfied...
Key on demand (KoD) for software-defined optical networks secured by quantum key distribution (QKD).
Cao, Yuan; Zhao, Yongli; Colman-Meixner, Carlos; Yu, Xiaosong; Zhang, Jie
2017-10-30
Software-defined optical networking (SDON) will become the next generation optical network architecture. However, the optical layer and control layer of SDON are vulnerable to cyberattacks. While, data encryption is an effective method to minimize the negative effects of cyberattacks, secure key interchange is its major challenge which can be addressed by the quantum key distribution (QKD) technique. Hence, in this paper we discuss the integration of QKD with WDM optical networks to secure the SDON architecture by introducing a novel key on demand (KoD) scheme which is enabled by a novel routing, wavelength and key assignment (RWKA) algorithm. The QKD over SDON with KoD model follows two steps to provide security: i) quantum key pools (QKPs) construction for securing the control channels (CChs) and data channels (DChs); ii) the KoD scheme uses RWKA algorithm to allocate and update secret keys for different security requirements. To test our model, we define a security probability index which measures the security gain in CChs and DChs. Simulation results indicate that the security performance of CChs and DChs can be enhanced by provisioning sufficient secret keys in QKPs and performing key-updating considering potential cyberattacks. Also, KoD is beneficial to achieve a positive balance between security requirements and key resource usage.
Directory of Open Access Journals (Sweden)
Y. A. Gatchin
2016-05-01
Full Text Available Subject of Research.This paper presents solution of authentication problem for all components of information interoperabilityin process of operation system network loading on thin client from terminal server. System Definition. In the proposed solution operation system integrity check is made by hardware-software module, including USB-token with protected memory for secure storage of cryptographic keys and loader. The key requirement for the solution is mutual authentication of four participants: terminal server, thin client, token and user. We have created two algorithms for the problem solution. The first of the designed algorithms compares the encrypted one-time password (random number with the reference value stored in the memory of the token and updates this number in case of successful authentication. The second algorithm uses the public and private keys of the token and the server. As a result of cryptographic transformation, participants are authenticated and the secure channel is formed between the token, thin client and terminal server. Main Results. Additional research was carried out to find out if the designed algorithms meet the necessary requirements. Criteria used included applicability in a multi-access terminal system architecture, potential threats evaluation and overall system security. According to analysis results, it is recommended to use the algorithm based on PKI due to its high scalability and usability. High level of data security is proved as a result of asymmetric cryptography application with the guarantee that participants' private keys are never sent in the authentication process. Practical Relevance. The designed PKI-based algorithm allows solving the problem with the use of cryptographic algorithms according to state standard even in its absence on asymmetric cryptography. Thus, it can be applied in the State Information Systems with increased requirements to information security.
Universal Intelligent Data Encryption Standards: A Review
Directory of Open Access Journals (Sweden)
Renjith V Ravi
2014-06-01
Full Text Available -The most challenging aspects in the word of electronic communication is nothing but the data security. The significance of the exchanged data over the internet and other media types are increasing. One of the most interesting subjects in the security related communities is the hunt for the best solution to offer an essential protection against the data intruders’ attacks together with providing these services in time. Cryptography is the one of the main category of data security which converts information from its original form into an unreadable form. There are two main uniqueness to distinguish an encryption system from another are its ability to secure the protected data against cryptanalytic attacks and its speed and efficiency in the process.Cryptographic research has a common objective to design protocols that offer a confidential and authenticated transmission channel for messages over an insecure network. If a cryptographic algorithm is said to be computationally secured, it cannot be broken with typical resources, either present or future and apart from the algorithm, key distribution is also more important to make an proficient cryptographic system.
Quantum mutual information and the one-time pad
International Nuclear Information System (INIS)
Schumacher, Benjamin; Westmoreland, Michael D.
2006-01-01
Alice and Bob share a correlated composite quantum system AB. If AB is used as the key for a one-time pad cryptographic system, we show that the maximum amount of information that Alice can send securely to Bob is the quantum mutual information of AB
Practical cryptographic strategies in the post-quantum era
Kabanov, I. S.; Yunusov, R. R.; Kurochkin, Y. V.; Fedorov, A. K.
2018-02-01
Quantum key distribution technologies promise information-theoretic security and are currently being deployed in com-mercial applications. We review new frontiers in information security technologies in communications and distributed storage applications with the use of classical, quantum, hybrid classical-quantum, and post-quantum cryptography. We analyze the cur-rent state-of-the-art, critical characteristics, development trends, and limitations of these techniques for application in enterprise information protection systems. An approach concerning the selection of practical encryption technologies for enterprises with branched communication networks is discussed.
Composability in quantum cryptography
International Nuclear Information System (INIS)
Mueller-Quade, Joern; Renner, Renato
2009-01-01
If we combine two secure cryptographic systems, is the resulting system still secure? Answering this question is highly nontrivial and has recently sparked a considerable research effort, in particular, in the area of classical cryptography. A central insight was that the answer to the question is yes, but only within a well-specified composability framework and for carefully chosen security definitions. In this article, we review several aspects of composability in the context of quantum cryptography. The first part is devoted to key distribution. We discuss the security criteria that a quantum key distribution (QKD) protocol must fulfill to allow its safe use within a larger security application (e.g. for secure message transmission); and we demonstrate-by an explicit example-what can go wrong if conventional (non-composable) security definitions are used. Finally, to illustrate the practical use of composability, we show how to generate a continuous key stream by sequentially composing rounds of a QKD protocol. In the second part, we take a more general point of view, which is necessary for the study of cryptographic situations involving, for example, mutually distrustful parties. We explain the universal composability (UC) framework and state the composition theorem that guarantees that secure protocols can securely be composed to larger applications. We focus on the secure composition of quantum protocols into unconditionally secure classical protocols. However, the resulting security definition is so strict that some tasks become impossible without additional security assumptions. Quantum bit commitment is impossible in the UC framework even with mere computational security. Similar problems arise in the quantum bounded storage model and we observe a trade-off between the UC and the use of the weakest possible security assumptions.
Tamaki, K
2005-01-01
In this presentation, we show some counter-examples to a naive belief that the security of QKD is based on no-cloning theorem. One example is shown by explicitly proving that one can indeed generate an unconditionally secure key from Alice's two-photon emission part in "SARG04 protocol" proposed by V. Scarani et al, in Phys. Rev. Lett. 92, 057901 (2004). This protocol differs from BB84 only in the classical communication. It is, thus, interesting to see how only the classical communication of QKD protocol might qualitatively change its security. We also show that one can generate an unconditionally secure key from the single to the four-photon part in a generalized SARG04 that uses six states. Finally, we also compare the bit error rate threshold of these protocols with the one in BB84 and the original six-state protocol assuming a depolarizing channel.
Strong authentication with physical unclonable functions (Chapter 10)
Tuyls, P.T.; Skoric, B.; Petkovic, M.; Jonker, W.
2007-01-01
Physical unclonable functions (PUFs) can be used as a cost-effective means to store cryptographic key material in an unclonable way. They can be employed for strong authentication of objects, e.g., tokens, and of persons possessing such tokens, but also for other purposes. We give a short overview
A Machine-Checked Formalization of the Generic Model and the Random Oracle Model
Barthe, Gilles; Cederquist, J.G.; Tarento, Sabrina; Basin, David; Rusinowitch, Michaël
Most approaches to the formal analyses of cryptographic protocols make the perfect cryptography assumption, i.e. the hypothese that there is no way to obtain knowledge about the plaintext pertaining to a ciphertext without knowing the key. Ideally, one would prefer to rely on a weaker hypothesis on
Directory of Open Access Journals (Sweden)
Taha Belkhouja
2018-05-01
Full Text Available Healthcare remote devices are recognized as a promising technology for treating health related issues. Among them are the wireless Implantable Medical Devices (IMDs: These electronic devices are manufactured to treat, monitor, support or replace defected vital organs while being implanted in the human body. Thus, they play a critical role in healing and even saving lives. Current IMDs research trends concentrate on their medical reliability. However, deploying wireless technology in such applications without considering security measures may offer adversaries an easy way to compromise them. With the aim to secure these devices, we explore a new scheme that creates symmetric encryption keys to encrypt the wireless communication portion. We will rely on chaotic systems to obtain a synchronized Pseudo-Random key. The latter will be generated separately in the system in such a way that avoids a wireless key exchange, thus protecting patients from the key theft. Once the key is defined, a simple encryption system that we propose in this paper will be used. We analyze the performance of this system from a cryptographic point of view to ensure that it offers a better safety and protection for patients.
Si, Lingling; Ji, Zhigang; Wang, Zhihui
This article has been retracted: please see Elsevier Policy on Article Withdrawal. This article has been retracted at the request of the Publisher. The authors have plagiarized a paper that had already appeared in "Queen's 25th Biennial Symposium on Communications", page 168-172, print ISBN 978-1-4244-5709-0. One of the conditions of submission of a paper for publication is that authors declare explicitly that their work is original and has not appeared in a publication elsewhere. Re-use of any data should be appropriately cited. As such this article represents a severe abuse of the scientific publishing system. The scientific community takes a very strong view on this matter and apologies are offered to readers of the journal that this was not detected during the submission process.
Secure image retrieval with multiple keys
Liang, Haihua; Zhang, Xinpeng; Wei, Qiuhan; Cheng, Hang
2018-03-01
This article proposes a secure image retrieval scheme under a multiuser scenario. In this scheme, the owner first encrypts and uploads images and their corresponding features to the cloud; then, the user submits the encrypted feature of the query image to the cloud; next, the cloud compares the encrypted features and returns encrypted images with similar content to the user. To find the nearest neighbor in the encrypted features, an encryption with multiple keys is proposed, in which the query feature of each user is encrypted by his/her own key. To improve the key security and space utilization, global optimization and Gaussian distribution are, respectively, employed to generate multiple keys. The experiments show that the proposed encryption can provide effective and secure image retrieval for each user and ensure confidentiality of the query feature of each user.
Energy Technology Data Exchange (ETDEWEB)
Horst, Tilmann Abbe; Seifert, Marco; Schmidt, Christian [BMW Forschung und Technik GmbH, Muenchen (Germany); Zuck, Bernhard [BMW AG, Muenchen (Germany); Spliethoff, Hartmut [Technische Univ. Muenchen (Germany). Lehrstuhl fuer Energiesysteme
2012-11-01
Waste heat recovery is a promising approach for achieving further reductions in fuel consumption and, as a result, exhaust emissions. In 2005, the potential of a system based on the Rankine cycle was demonstrated for the first time with the BMW Turbosteamer. For the second generation, the system design has been thoroughly simplified. In the current setup, heat is taken in from the exhaust gas of the engine and the heat from condensation is transferred to the existing cooling system. Steam expansion is accomplished by an impulse turbine with high power density. Integration of this system into the thermal management of the engine poses a great challenge. Interactions between the exhaust system, the cooling system and the waste heat recovery system have to be considered to enable efficient operation in a passenger car. For example, the operation range is limited by the exhaust gas backpressure that is generated in the evaporator. Another consideration is that additional heat rejection to the cooling system may not affect the thermal safety of the engine. In this paper, the second generation Turbosteamer and the latest findings regarding system design, development of the key components and vehicle integration are presented. Analysis of the interactions with the engine thermal management leads to a recommendation for the optimal operating range and strategy of the waste heat recovery system. The influence of the integration effects on the system efficiency are evaluated on this basis. (orig.)
Quantum key distribution over multicore fiber based on silicon photonics
DEFF Research Database (Denmark)
Ding, Yunhong; Bacco, Davide; Dalgaard, Kjeld
on quantum physics. In order to exchange secure information between users, quantum key distribution (QKD), a branch of Quantum Communications (QCs), provides good prospects for ultimate security based on the laws of quantum mechanics [2–7]. Most of QKD systems are implemented in a point-to-point link using...... generations, to HD-entanglement distribution. Furthermore, MCFs are expected as a good candidate for overcoming the capacity limit of a current optical communication system, as example the record capacity of 661 Tbits/s was obtained last year with a 30-cores fiber [8]. Proof of concept experiment has already...... requirements in terms of key generation are needed. A solution may be represented by new technologies applied to quantum world. In particular multicore fiber (MCF) open a new scenario for quantum communications, from high-dimensional (HD) spatial entanglement generation, to HD QKD and multi-user key...
Kawakami, Shun; Sasaki, Toshihiko; Koashi, Masato
2017-07-01
An essential step in quantum key distribution is the estimation of parameters related to the leaked amount of information, which is usually done by sampling of the communication data. When the data size is finite, the final key rate depends on how the estimation process handles statistical fluctuations. Many of the present security analyses are based on the method with simple random sampling, where hypergeometric distribution or its known bounds are used for the estimation. Here we propose a concise method based on Bernoulli sampling, which is related to binomial distribution. Our method is suitable for the Bennett-Brassard 1984 (BB84) protocol with weak coherent pulses [C. H. Bennett and G. Brassard, Proceedings of the IEEE Conference on Computers, Systems and Signal Processing (IEEE, New York, 1984), Vol. 175], reducing the number of estimated parameters to achieve a higher key generation rate compared to the method with simple random sampling. We also apply the method to prove the security of the differential-quadrature-phase-shift (DQPS) protocol in the finite-key regime. The result indicates that the advantage of the DQPS protocol over the phase-encoding BB84 protocol in terms of the key rate, which was previously confirmed in the asymptotic regime, persists in the finite-key regime.
Neural Synchronization and Cryptography
Ruttor, Andreas
2007-11-01
Neural networks can synchronize by learning from each other. In the case of discrete weights full synchronization is achieved in a finite number of steps. Additional networks can be trained by using the inputs and outputs generated during this process as examples. Several learning rules for both tasks are presented and analyzed. In the case of Tree Parity Machines synchronization is much faster than learning. Scaling laws for the number of steps needed for full synchronization and successful learning are derived using analytical models. They indicate that the difference between both processes can be controlled by changing the synaptic depth. In the case of bidirectional interaction the synchronization time increases proportional to the square of this parameter, but it grows exponentially, if information is transmitted in one direction only. Because of this effect neural synchronization can be used to construct a cryptographic key-exchange protocol. Here the partners benefit from mutual interaction, so that a passive attacker is usually unable to learn the generated key in time. The success probabilities of different attack methods are determined by numerical simulations and scaling laws are derived from the data. They show that the partners can reach any desired level of security by just increasing the synaptic depth. Then the complexity of a successful attack grows exponentially, but there is only a polynomial increase of the effort needed to generate a key. Further improvements of security are possible by replacing the random inputs with queries generated by the partners.
Ultra-fast secure communication with complex systems in classical channels (Conference Presentation)
Mazzone, Valerio
2017-04-28
Developing secure communications is a research area of growing interest. During the past years, several cryptographic schemes have been developed, with Quantum cryptography being a promising scheme due to the use of quantum effects, which make very difficult for an eavesdropper to intercept the communication. However, practical quantum key distribution methods have encountered several limitations; current experimental realizations, in fact, fail to scale up on long distances, as well as in providing unconditional security and speed comparable to classical optical communications channels. Here we propose a new, low cost and ultra-fast cryptographic system based on a fully classical optical channel. Our cryptographic scheme exploits the complex synchronization of two different random systems (one on the side of the sender and another on the side of the receiver) to realize a “physical” one paid system. The random medium is created by an optical chip fabricated through electron beam lithography on a Silicon On Insulator (SOI) substrate. We present experiments with ps lasers and commercial fibers, showing the ultrafast distribution of a random key between two users (Alice and Bob), with absolute no possibility for a passive/active eavesdropper to intercept the communication. Remarkably, this system enables the same security of quantum cryptography, but with the use of a classical communication channel. Our system exploits a unique synchronization that exists between two different random systems, and at such is extremely versatile and can enable safe communications among different users in standards telecommunications channels.
Intake of Key Chronic Disease–Related Nutrients among Baby Boomers
King, Dana E.; Xiang, Jun; Brown, Alexander
2014-01-01
Objectives The dietary habits of baby boomers (people born between 1946 and 1964) undoubtedly will have a substantial impact on their future health; however, dietary information regarding the intake of key chronic disease–related nutrients is lacking for this generation. The objective of this study was to compare the dietary intake of key chronic disease–related nutrients of the baby boomer generation with the previous generation of middle-aged adults. Methods National cross-sectional study comparison analyzing data from the National Health and Nutrition Examination Survey (NHANES) including NHANES III (1988–1994) and the NHANES for 2007–2010, focused on adult respondents ages 46 to 64 years who were not institutionalized at the time of each survey. The two cohorts were compared with regard to dietary intake of key nutritional components. The main outcome measures were intake of total calories, sodium, cholesterol, fat, fruits, vegetables, vitamin C, water, and fiber. Results The baby boomers’ average daily intake of nutrients exceeded that of the previous generation of middle-aged adults for total calories (2118/1999), total fat (82/76 g), sodium (3513/3291 mg), and cholesterol (294/262 g; all P generation (P baby boomers compared with the previous generation of middle-aged adults. These findings are indicative of a diet that may contribute to increased rates of chronic disease among individuals in this age group. PMID:24945165
Intake of key chronic disease-related nutrients among baby boomers.
King, Dana E; Xiang, Jun; Brown, Alexander
2014-06-01
The dietary habits of baby boomers (people born between 1946 and 1964) undoubtedly will have a substantial impact on their future health; however, dietary information regarding the intake of key chronic disease-related nutrients is lacking for this generation. The objective of this study was to compare the dietary intake of key chronic disease-related nutrients of the baby boomer generation with the previous generation of middle-aged adults. National cross-sectional study comparison analyzing data from the National Health and Nutrition Examination Survey (NHANES) including NHANES III (1988-1994) and the NHANES for 2007-2010, focused on adult respondents ages 46 to 64 years who were not institutionalized at the time of each survey. The two cohorts were compared with regard to dietary intake of key nutritional components. The main outcome measures were intake of total calories, sodium, cholesterol, fat, fruits, vegetables, vitamin C, water, and fiber. The baby boomers' average daily intake of nutrients exceeded that of the previous generation of middle-aged adults for total calories (2118/1999), total fat (82/76 g), sodium (3513/3291 mg), and cholesterol (294/262 g; all P generation (P baby boomers compared with the previous generation of middle-aged adults. These findings are indicative of a diet that may contribute to increased rates of chronic disease among individuals in this age group.
User-Centric Key Entropy: Study of Biometric Key Derivation Subject to Spoofing Attacks
Directory of Open Access Journals (Sweden)
Lavinia Mihaela Dinca
2017-02-01
Full Text Available Biometric data can be used as input for PKI key pair generation. The concept of not saving the private key is very appealing, but the implementation of such a system shouldn’t be rushed because it might prove less secure then current PKI infrastructure. One biometric characteristic can be easily spoofed, so it was believed that multi-modal biometrics would offer more security, because spoofing two or more biometrics would be very hard. This notion, of increased security of multi-modal biometric systems, was disproved for authentication and matching, studies showing that not only multi-modal biometric systems are not more secure, but they introduce additional vulnerabilities. This paper is a study on the implications of spoofing biometric data for retrieving the derived key. We demonstrate that spoofed biometrics can yield the same key, which in turn will lead an attacker to obtain the private key. A practical implementation is proposed using fingerprint and iris as biometrics and the fuzzy extractor for biometric key extraction. Our experiments show what happens when the biometric data is spoofed for both uni-modal systems and multi-modal. In case of multi-modal system tests were performed when spoofing one biometric or both. We provide detailed analysis of every scenario in regard to successful tests and overall key entropy. Our paper defines a biometric PKI scenario and an in depth security analysis for it. The analysis can be viewed as a blueprint for implementations of future similar systems, because it highlights the main security vulnerabilities for bioPKI. The analysis is not constrained to the biometric part of the system, but covers CA security, sensor security, communication interception, RSA encryption vulnerabilities regarding key entropy, and much more.
International Nuclear Information System (INIS)
Brenes Acosta, Carolina; Cortes Barquero, Jorge
2014-01-01
Key performance indicators are proposed for the diagnosis, monitoring of quality and to generate improvements in the Servicio de Radiologia of Hospital Mexico. Critical performance key indicators are identified for service improvement. A method for collection of information is proposed of the individual production of medical assistants from Servicio de Radiologia of Hospital Mexico. Waiting times for patients in the ultrasound are measured in the Radiology Service, as indicator of patient experience and level of service. The satisfaction of treating physicians and their perception about the level quality of the service provided are identified with respect to the reports generated by the Departamento de Radiologia of Hospital Mexico. A peer review system is established to measure the clinical performance of the studies. A structured radiological report template is proposed for radiological practice in the Hospital Mexico, to facilitate its reading and guarantee a minimum standard of quality in information [es
A unifying view on template protection schemes
Buhan, I.R.; Doumen, J.M.; Hartel, Pieter H.; Veldhuis, R.N.J.; Veldhuis, Raymond N.J.; Cronie, H.S.
2007-01-01
We show that there is a direct relation between the maximum length keys extracted from biometric data and the error rates of the biometric system. This information can be used a-priori to evaluate the potential of the biometric data in the context of a specific cryptographic application. We model
Two-phase hybrid cryptography algorithm for wireless sensor networks
Directory of Open Access Journals (Sweden)
Rawya Rizk
2015-12-01
Full Text Available For achieving security in wireless sensor networks (WSNs, cryptography plays an important role. In this paper, a new security algorithm using combination of both symmetric and asymmetric cryptographic techniques is proposed to provide high security with minimized key maintenance. It guarantees three cryptographic primitives, integrity, confidentiality and authentication. Elliptical Curve Cryptography (ECC and Advanced Encryption Standard (AES are combined to provide encryption. XOR-DUAL RSA algorithm is considered for authentication and Message Digest-5 (MD5 for integrity. The results show that the proposed hybrid algorithm gives better performance in terms of computation time, the size of cipher text, and the energy consumption in WSN. It is also robust against different types of attacks in the case of image encryption.
The Simplest Protocol for Oblivious Transfer
DEFF Research Database (Denmark)
Chou, Tung; Orlandi, Claudio
2015-01-01
Oblivious Transfer (OT) is the fundamental building block of cryptographic protocols. In this paper we describe the simplest and most efficient protocol for 1-out-of-n OT to date, which is obtained by tweaking the Diffie-Hellman key-exchange protocol. The protocol achieves UC-security against...... active and adaptive corruptions in the random oracle model. Due to its simplicity, the protocol is extremely efficient and it allows to perform m 1-out-of-n OTs using only: - Computation: (n+1)m+2 exponentiations (mn for the receiver, mn+2 for the sender) and - Communication: 32(m+1) bytes (for the group...... optimizations) is at least one order of magnitude faster than previous work. Category / Keywords: cryptographic protocols / Oblivious Transfer, UC Security, Elliptic Curves, Efficient Implementation...
Security analysis of the decoy method with the Bennett–Brassard 1984 protocol for finite key lengths
International Nuclear Information System (INIS)
Hayashi, Masahito; Nakayama, Ryota
2014-01-01
This paper provides a formula for the sacrifice bit-length for privacy amplification with the Bennett–Brassard 1984 protocol for finite key lengths, when we employ the decoy method. Using the formula, we can guarantee the security parameter for a realizable quantum key distribution system. The key generation rates with finite key lengths are numerically evaluated. The proposed method improves the existing key generation rate even in the asymptotic setting. (paper)
Communication key using delay times in time-delayed chaos synchronization
International Nuclear Information System (INIS)
Kim, Chil-Min; Kye, Won-Ho; Rim, Sunghwan; Lee, Soo-Young
2004-01-01
We propose an efficient key scheme, which can generate a great number of communication keys, for communication using chaos synchronization. We have attained the keys from delay times of time-delay coupled chaotic systems. We explain the scheme and the efficiency by coupling Henon and logistic maps and illustrate them by coupling Navier-Stokes and Lorenz equations as a continuous system
Diffie-Hellman Key Exchange through Steganographied Images
Directory of Open Access Journals (Sweden)
Amine Khaldi
2018-05-01
Full Text Available Purpose – In a private key system, the major problem is the exchange of the key between the two parties. Diffie and Hellman have set up a way to share the key. However, this technique is not protected against a man-in-the-middle attack as the settings are not authenticated. The Diffie-Hellman key exchange requires the use of digital signature or creating a secure channel for data exchanging to avoid the man-in-the-middle attack. Methodology/approach/design – We present a Diffie-Hellman key exchange implementation using steganographied images. Using steganography made invisible the data exchange to a potential attacker. So, we will not need a digital signature or creating a secure channel to do our key exchange since only the two concerned parts are aware of this exchange. Findings – We generate a symmetric 128-bit key between two users without use of digital signature or secure channel. However, it works only on bitmap images, heavy images and sensitive to compression.
Bootstrapping and Maintaining Trust in the Cloud
2016-12-01
encryption key Kb. The cloud tenant uses AES - GCM to encrypt the sensitive data to pass to the node d with Kb, denoted EncKb(d). The tenant then performs...provides a clean interface that allows higher level security services like disk encryption or configuration man- agement to leverage trusted computing...allow the ten- ant to leverage hardware-rooted cryptographic keys in software to secure services they already use (e.g., disk encryption or
Authentication Using Mobile Phones
Fusek, Z.
2015-01-01
This project deals with authentication by a mobile device. The mobile device with the operating system Android 5.0 was chosen as authentication device. The user can perform authentication with emulation of contactless chip cards by using Host-based Card Emulation, which runs via Near Field Communication, where cryptographic keys are stored in a secure environment KeyStore. The project continues with implementation of authentication via Bluetooth LE and describes application for authentization...
Garcia Mesas, Vicent
2009-01-01
Implementació d'un esquema criptogràfic basat en PKI (Public Key Infrastructure) per a gestionar d'una manera segura dins una xarxa de comunicacions els historials mèdics dels pacients. Implementación de un esquema criptográfico basado en PKI (Public Key Infrastructure) para gestionar de una manera segura dentro de una red de comunicaciones los historiales médicos de los pacientes. Implementation of a cryptographic scheme based on PKI (Public Key Infrastructure) to securely manage the m...
Fully device-independent conference key agreement
Ribeiro, Jérémy; Murta, Gláucia; Wehner, Stephanie
2018-02-01
We present a security analysis of conference key agreement (CKA) in the most adversarial model of device independence (DI). Our protocol can be implemented by any experimental setup that is capable of performing Bell tests [specifically, the Mermin-Ardehali-Belinskii-Klyshko (MABK) inequality], and security can in principle be obtained for any violation of the MABK inequality that detects genuine multipartite entanglement among the N parties involved in the protocol. As our main tool, we derive a direct physical connection between the N -partite MABK inequality and the Clauser-Horne-Shimony-Holt (CHSH) inequality, showing that certain violations of the MABK inequality correspond to a violation of the CHSH inequality between one of the parties and the other N -1 . We compare the asymptotic key rate for device-independent conference key agreement (DICKA) to the case where the parties use N -1 device-independent quantum key distribution protocols in order to generate a common key. We show that for some regime of noise the DICKA protocol leads to better rates.
Mitigation of Control Channel Jamming via Combinatorial Key Distribution
Falahati, Abolfazl; Azarafrooz, Mahdi
The problem of countering control channel jamming against internal adversaries in wireless ad hoc networks is addressed. Using combinatorial key distribution, a new method to secure the control channel access is introduced. This method, utilizes the established keys in the key establishment phase to hide the location of control channels without the need for a secure BS. This is in obtained by combination of a collision free one-way function and a combinatorial key establishment method. The proposed scheme can be considered as a special case of the ALOHA random access schemes which uses the common established keys as its seeds to generate the pattern of transmission.
Cache Timing Analysis of LFSR-based Stream Ciphers
DEFF Research Database (Denmark)
Zenner, Erik; Leander, Gregor; Hawkes, Philip
2009-01-01
Cache timing attacks are a class of side-channel attacks that is applicable against certain software implementations. They have generated significant interest when demonstrated against the Advanced Encryption Standard (AES), but have more recently also been applied against other cryptographic...
Investigating SRAM PUFs in large CPUs and GPUs
Aubel, Van P.; Bernstein, D.J.; Niederhagen, R.F.
2015-01-01
Physically unclonable functions (PUFs) provide data that can be used for cryptographic purposes: on the one hand randomness for the initialization of random-number generators; on the other hand individual fingerprints for unique identification of specific hardware components. However, today's
Investigating SRAM PUFs in large CPUs and GPUs
Aubel, Van P.; Bernstein, D.J.; Niederhagen, R.F.; Chakraborty, R.S.; Schwabe, P.; Solworth, J.
2015-01-01
Physically unclonable functions (PUFs) provide data that can be used for cryptographic purposes: on the one hand randomness for the initialization of random-number generators; on the other hand individual fingerprints for unique identification of specific hardware components. However, today’s
A Survey of Public Key Infrastructure-Based Security for Mobile Communication Systems
Directory of Open Access Journals (Sweden)
Mohammed Ramadan
2016-08-01
Full Text Available Mobile communication security techniques are employed to guard the communication between the network entities. Mobile communication cellular systems have become one of the most important communication systems in recent times and are used by millions of people around the world. Since the 1990s, considerable efforts have been taken to improve both the communication and security features of the mobile communications systems. However, these improvements divide the mobile communications field into different generations according to the communication and security techniques such as A3, A5 and A8 algorithms for 2G-GSM cellular system, 3G-authentication and key agreement (AKA, evolved packet system-authentication and key agreement (EPS-AKA, and long term evolution-authentication and key agreement (LTE-AKA algorithms for 3rd generation partnership project (3GPP systems. Furthermore, these generations have many vulnerabilities, and huge security work is involved to solve such problems. Some of them are in the field of the public key cryptography (PKC which requires a high computational cost and more network flexibility to be achieved. As such, the public key infrastructure (PKI is more compatible with the modern generations due to the superior communications features. This paper surveys the latest proposed works on the security of GSM, CDMA, and LTE cellular systems using PKI. Firstly, we present the security issues for each generation of mobile communication systems, then we study and analyze the latest proposed schemes and give some comparisons. Finally, we introduce some new directions for the future scope. This paper classifies the mobile communication security schemes according to the techniques used for each cellular system and covers some of the PKI-based security techniques such as authentication, key agreement, and privacy preserving.
Phase-remapping attack in practical quantum-key-distribution systems
International Nuclear Information System (INIS)
Fung, Chi-Hang Fred; Qi, Bing; Lo, Hoi-Kwong; Tamaki, Kiyoshi
2007-01-01
Quantum key distribution (QKD) can be used to generate secret keys between two distant parties. Even though QKD has been proven unconditionally secure against eavesdroppers with unlimited computation power, practical implementations of QKD may contain loopholes that may lead to the generated secret keys being compromised. In this paper, we propose a phase-remapping attack targeting two practical bidirectional QKD systems (the 'plug-and-play' system and the Sagnac system). We showed that if the users of the systems are unaware of our attack, the final key shared between them can be compromised in some situations. Specifically, we showed that, in the case of the Bennett-Brassard 1984 (BB84) protocol with ideal single-photon sources, when the quantum bit error rate (QBER) is between 14.6% and 20%, our attack renders the final key insecure, whereas the same range of QBER values has been proved secure if the two users are unaware of our attack; also, we demonstrated three situations with realistic devices where positive key rates are obtained without the consideration of Trojan horse attacks but in fact no key can be distilled. We remark that our attack is feasible with only current technology. Therefore, it is very important to be aware of our attack in order to ensure absolute security. In finding our attack, we minimize the QBER over individual measurements described by a general POVM, which has some similarity with the standard quantum state discrimination problem
Backup key generation model for one-time password security protocol
Jeyanthi, N.; Kundu, Sourav
2017-11-01
The use of one-time password (OTP) has ushered new life into the existing authentication protocols used by the software industry. It introduced a second layer of security to the traditional username-password authentication, thus coining the term, two-factor authentication. One of the drawbacks of this protocol is the unreliability of the hardware token at the time of authentication. This paper proposes a simple backup key model that can be associated with the real world applications’user database, which would allow a user to circumvent the second authentication stage, in the event of unavailability of the hardware token.
High-capacity quantum key distribution via hyperentangled degrees of freedom
International Nuclear Information System (INIS)
Simon, David S; Sergienko, Alexander V
2014-01-01
Quantum key distribution (QKD) has long been a promising area for the application of quantum effects in solving real-world problems. However, two major obstacles have stood in the way of its widespread application: low secure key generation rates and short achievable operating distances. In this paper, a new physical mechanism for dealing with the first of these problems is proposed: the interplay between different degrees of freedom in a hyperentangled system (parametric down-conversion) is used to increase the Hilbert space dimension available for key generation while maintaining security. Polarization-based Bell tests provide security checking, while orbital angular momentum (OAM) and total angular momentum (TAM) provide a higher key generation rate. Whether to measure TAM or OAM is decided randomly in each trial. The concurrent noncommutativity of TAM with OAM and polarization provides the physical basis for quantum security. TAM measurements link polarization to OAM, so that if the legitimate participants measure OAM while the eavesdropper measures TAM (or vice-versa), then polarization entanglement is lost, revealing the eavesdropper. In contrast to other OAM-based QKD methods, complex active switching between OAM bases is not required; instead, passive switching by beam splitters combined with much simpler active switching between polarization bases makes implementation at high OAM more practical. (paper)
Directory of Open Access Journals (Sweden)
VanItallie Theodore B
2005-02-01
Full Text Available Abstract Ancel Keys, Ph.D., who died in November, 2004, at the age of 100, was among the first scientists to recognize that human atherosclerosis is not an inevitable consequence of aging, and that a high-fat diet can be a major risk factor for coronary heart disease. During World War II, he and a group of talented co-workers at the University of Minnesota conducted a large-scale study of experimentally-induced human starvation. The data generated by this study – which was immediately recognized to be a classic – continue to be of inestimable value to nutrition scientists. In his later years, Keys spent more time at his home in Naples, Italy, where he had the opportunity to continue his personal study of the beneficial effects on health and longevity of a Mediterranean diet.
Distributed Generation in Power Systems: An Overview and Key Issues
DEFF Research Database (Denmark)
Singh, Sri Niwas
2009-01-01
quality, etc. However, depending on the system configuration and management, these advantages may not be true. Moreover, due to structural and managerial changes in the electricity supply industry motivated with introduction of completion, the role of small generations distributed in the low...... issues in the DG integration in power systems...
Chailloux , André
2011-01-01
Quantum computing allows us to revisit the study of quantum cryptographic primitives with information theoretic security. In 1984, Bennett and Brassard presented a protocol of quantum key distribution. In this protocol, Alice and Bob cooperate in order to share a common secret key k, which has to be unknown for a third party that has access to the communication channel. They showed how to perform this task quantumly with an information theoretic security; which is impossible classically.In my...
Implementasi Algoritma Kriptografi RSA untuk Enkripsi dan Dekripsi Email
Directory of Open Access Journals (Sweden)
Albert Ginting
2015-04-01
Full Text Available In the world of Internet nothing is really safe. There's always a gap in any application made. Likewise in email delivery. To minimize attacks on the data transmission is usually applied cryptography. One fairly popular cryptographic algorithms are RSA algorithm. In this study will discuss the implementation of a cryptographic algorithm RSA encryption and decryption process email. To test created a java-based email client program with message encryption and decryption features messages. This application uses the Java programming language and Netbeans 7.4 as editor. Mail servers used is Google Mail. The initial step of this study was to download email from the Google server and encrypt the message. The second step is decrypt the message to verify whether the message is still the same as the original message before it is encrypted . Results from this study is the application that can encrypt and decrypt messages using RSA cryptographic algorithm. With this application is expected to mail delivery is much safer. Because encrypted email will generate a random decimal number of unknown value .
Image Encryption Scheme Based on Balanced Two-Dimensional Cellular Automata
Directory of Open Access Journals (Sweden)
Xiaoyan Zhang
2013-01-01
Full Text Available Cellular automata (CA are simple models of computation which exhibit fascinatingly complex behavior. Due to the universality of CA model, it has been widely applied in traditional cryptography and image processing. The aim of this paper is to present a new image encryption scheme based on balanced two-dimensional cellular automata. In this scheme, a random image with the same size of the plain image to be encrypted is first generated by a pseudo-random number generator with a seed. Then, the random image is evoluted alternately with two balanced two-dimensional CA rules. At last, the cipher image is obtained by operating bitwise XOR on the final evolution image and the plain image. This proposed scheme possesses some advantages such as very large key space, high randomness, complex cryptographic structure, and pretty fast encryption/decryption speed. Simulation results obtained from some classical images at the USC-SIPI database demonstrate the strong performance of the proposed image encryption scheme.
A robust certification service for highly dynamic MANET in emergency tasks
DEFF Research Database (Denmark)
Ge, M; Lam, K Y; Gollmann, Dieter
2009-01-01
In emergency tasks, cross-agency operations being carried out in disaster-hit areas require some supporting communication system for command and control. Mobile Ad hoc Network (MANET) is a very suitable way to meet such communication requirements since it can function without any pre......-installed communication infrastructure. Owing to potential threats in the field environment and the unique features of MANET (e.g. the open nature of wireless links and the absence of security infrastructure), security of communications over MANET is a serious issue that is typically addressed by asymmetric cryptographic...... public keys in our scenario. For issuance and/or revocation of mission-specific certificate, a Mission-specific Certificate Authority (MCA), which consists of a collection of server nodes to operate the threshold cryptographic scheme, is proposed. Furthermore, to cater for the occurrence of network...
Cryptanalysis of Some Lightweight Symmetric Ciphers
DEFF Research Database (Denmark)
Abdelraheem, Mohamed Ahmed Awadelkareem Mohamed Ahmed
In recent years, the need for lightweight encryption systems has been increasing as many applications use RFID and sensor networks which have a very low computational power and thus incapable of performing standard cryptographic operations. In response to this problem, the cryptographic community...... on a variant of PRESENT with identical round keys. We propose a new attack named the Invariant Subspace Attack that was specifically mounted against the lightweight block cipher PRINTcipher. Furthermore, we mount several attacks on a recently proposed stream cipher called A2U2....... of the international standards in lightweight cryptography. This thesis aims at analyzing and evaluating the security of some the recently proposed lightweight symmetric ciphers with a focus on PRESENT-like ciphers, namely, the block cipher PRESENT and the block cipher PRINTcipher. We provide an approach to estimate...
Co-designed accelerator for homomorphic encryption applications
Directory of Open Access Journals (Sweden)
Asma Mkhinini
2018-02-01
Full Text Available Fully Homomorphic Encryption (FHE is considered as a key cryptographic tool in building a secure cloud computing environment since it allows computing arbitrary functions directly on encrypted data. However, existing FHE implementations remain impractical due to very high time and resource costs. These costs are essentially due to the computationally intensive modular polynomial multiplication. In this paper, we present a software/hardware co-designed modular polynomial multiplier in order to accelerate homomorphic schemes. The hardware part is implemented through a High-Level Synthesis (HLS flow. Experimental results show competitive latencies when compared with hand-made designs, while maintaining large advantages on resources. Moreover, we show that our high-level description can be easily configured with different parameters and very large sizes in negligible time, generating new designs for numerous applications.
CRYPTOGRAPHIC SECURE CLOUD STORAGE MODEL WITH ANONYMOUS AUTHENTICATION AND AUTOMATIC FILE RECOVERY
Directory of Open Access Journals (Sweden)
Sowmiya Murthy
2014-10-01
Full Text Available We propose a secure cloud storage model that addresses security and storage issues for cloud computing environments. Security is achieved by anonymous authentication which ensures that cloud users remain anonymous while getting duly authenticated. For achieving this goal, we propose a digital signature based authentication scheme with a decentralized architecture for distributed key management with multiple Key Distribution Centers. Homomorphic encryption scheme using Paillier public key cryptosystem is used for encrypting the data that is stored in the cloud. We incorporate a query driven approach for validating the access policies defined by an individual user for his/her data i.e. the access is granted to a requester only if his credentials matches with the hidden access policy. Further, since data is vulnerable to losses or damages due to the vagaries of the network, we propose an automatic retrieval mechanism where lost data is recovered by data replication and file replacement with string matching algorithm. We describe a prototype implementation of our proposed model.
FPGA BASED HARDWARE KEY FOR TEMPORAL ENCRYPTION
Directory of Open Access Journals (Sweden)
B. Lakshmi
2010-09-01
Full Text Available In this paper, a novel encryption scheme with time based key technique on an FPGA is presented. Time based key technique ensures right key to be entered at right time and hence, vulnerability of encryption through brute force attack is eliminated. Presently available encryption systems, suffer from Brute force attack and in such a case, the time taken for breaking a code depends on the system used for cryptanalysis. The proposed scheme provides an effective method in which the time is taken as the second dimension of the key so that the same system can defend against brute force attack more vigorously. In the proposed scheme, the key is rotated continuously and four bits are drawn from the key with their concatenated value representing the delay the system has to wait. This forms the time based key concept. Also the key based function selection from a pool of functions enhances the confusion and diffusion to defend against linear and differential attacks while the time factor inclusion makes the brute force attack nearly impossible. In the proposed scheme, the key scheduler is implemented on FPGA that generates the right key at right time intervals which is then connected to a NIOS – II processor (a virtual microcontroller which is brought out from Altera FPGA that communicates with the keys to the personal computer through JTAG (Joint Test Action Group communication and the computer is used to perform encryption (or decryption. In this case the FPGA serves as hardware key (dongle for data encryption (or decryption.
Efficient multiuser quantum cryptography network based on entanglement.
Xue, Peng; Wang, Kunkun; Wang, Xiaoping
2017-04-04
We present an efficient quantum key distribution protocol with a certain entangled state to solve a special cryptographic task. Also, we provide a proof of security of this protocol by generalizing the proof of modified of Lo-Chau scheme. Based on this two-user scheme, a quantum cryptography network protocol is proposed without any quantum memory.
Comment on ''Semiquantum-key distribution using less than four quantum states''
International Nuclear Information System (INIS)
Boyer, Michel; Mor, Tal
2011-01-01
For several decades it was believed that information-secure key distribution requires both the sender and receiver to have the ability to generate and/or manipulate quantum states. Earlier, we showed that quantum key distribution in which one party is classical is possible [Boyer, Kenigsberg, and Mor, Phys. Rev. Lett. 99, 140501 (2007)]. A surprising and very nice extension of that result was suggested by Zou, Qiu, Li, Wu, and Li [Phys. Rev. A 79, 052312 (2009)]. Their paper suggests that it is sufficient for the originator of the states (the person holding the quantum technology) to generate just one state. The resulting semiquantum key distribution, which we call here 'quantum key distribution with classical Alice' is indeed completely robust against eavesdropping. However, their proof (that no eavesdropper can get information without being possibly detected) is faulty. We provide here a fully detailed and direct proof of their very important result.
Quantum key distribution with an unknown and untrusted source
Zhao, Yi; Qi, Bing; Lo, Hoi-Kwong
2009-03-01
The security of a standard bi-directional ``plug & play'' quantum key distribution (QKD) system has been an open question for a long time. This is mainly because its source is equivalently controlled by an eavesdropper, which means the source is unknown and untrusted. Qualitative discussion on this subject has been made previously. In this paper, we present the first quantitative security analysis on a general class of QKD protocols whose sources are unknown and untrusted. The securities of standard BB84 protocol, weak+vacuum decoy state protocol, and one-decoy decoy state protocol, with unknown and untrusted sources are rigorously proved. We derive rigorous lower bounds to the secure key generation rates of the above three protocols. Our numerical simulation results show that QKD with an untrusted source gives a key generation rate that is close to that with a trusted source. Our work is published in [1]. [4pt] [1] Y. Zhao, B. Qi, and H.-K. Lo, Phys. Rev. A, 77:052327 (2008).
Malleability of the blockchain’s entropy
C.A. Pierrot (Cécile); W. Wesolowski (Benjamin)
2017-01-01
textabstractTrustworthy generation of public random numbers is necessary for the security of a number of cryptographic applications. It was suggested to use the inherent unpredictability of blockchains as a source of public randomness. Entropy from the Bitcoin blockchain in particular has been used
Patients' Data Management System Protected by Identity-Based Authentication and Key Exchange.
Rivero-García, Alexandra; Santos-González, Iván; Hernández-Goya, Candelaria; Caballero-Gil, Pino; Yung, Moti
2017-03-31
A secure and distributed framework for the management of patients' information in emergency and hospitalization services is proposed here in order to seek improvements in efficiency and security in this important area. In particular, confidentiality protection, mutual authentication, and automatic identification of patients are provided. The proposed system is based on two types of devices: Near Field Communication (NFC) wristbands assigned to patients, and mobile devices assigned to medical staff. Two other main elements of the system are an intermediate server to manage the involved data, and a second server with a private key generator to define the information required to protect communications. An identity-based authentication and key exchange scheme is essential to provide confidential communication and mutual authentication between the medical staff and the private key generator through an intermediate server. The identification of patients is carried out through a keyed-hash message authentication code. Thanks to the combination of the aforementioned tools, a secure alternative mobile health (mHealth) scheme for managing patients' data is defined for emergency and hospitalization services. Different parts of the proposed system have been implemented, including mobile application, intermediate server, private key generator and communication channels. Apart from that, several simulations have been performed, and, compared with the current system, significant improvements in efficiency have been observed.
Metropolitan Quantum Key Distribution with Silicon Photonics
Bunandar, Darius; Lentine, Anthony; Lee, Catherine; Cai, Hong; Long, Christopher M.; Boynton, Nicholas; Martinez, Nicholas; DeRose, Christopher; Chen, Changchen; Grein, Matthew; Trotter, Douglas; Starbuck, Andrew; Pomerene, Andrew; Hamilton, Scott; Wong, Franco N. C.; Camacho, Ryan; Davids, Paul; Urayama, Junji; Englund, Dirk
2018-04-01
Photonic integrated circuits provide a compact and stable platform for quantum photonics. Here we demonstrate a silicon photonics quantum key distribution (QKD) encoder in the first high-speed polarization-based QKD field tests. The systems reach composable secret key rates of 1.039 Mbps in a local test (on a 103.6-m fiber with a total emulated loss of 9.2 dB) and 157 kbps in an intercity metropolitan test (on a 43-km fiber with 16.4 dB loss). Our results represent the highest secret key generation rate for polarization-based QKD experiments at a standard telecom wavelength and demonstrate photonic integrated circuits as a promising, scalable resource for future formation of metropolitan quantum-secure communications networks.
Quantum-locked key distribution at nearly the classical capacity rate.
Lupo, Cosmo; Lloyd, Seth
2014-10-17
Quantum data locking is a protocol that allows for a small secret key to (un)lock an exponentially larger amount of information, hence yielding the strongest violation of the classical one-time pad encryption in the quantum setting. This violation mirrors a large gap existing between two security criteria for quantum cryptography quantified by two entropic quantities: the Holevo information and the accessible information. We show that the latter becomes a sensible security criterion if an upper bound on the coherence time of the eavesdropper's quantum memory is known. Under this condition, we introduce a protocol for secret key generation through a memoryless qudit channel. For channels with enough symmetry, such as the d-dimensional erasure and depolarizing channels, this protocol allows secret key generation at an asymptotic rate as high as the classical capacity minus one bit.
Summary on several key techniques in 3D geological modeling.
Mei, Gang
2014-01-01
Several key techniques in 3D geological modeling including planar mesh generation, spatial interpolation, and surface intersection are summarized in this paper. Note that these techniques are generic and widely used in various applications but play a key role in 3D geological modeling. There are two essential procedures in 3D geological modeling: the first is the simulation of geological interfaces using geometric surfaces and the second is the building of geological objects by means of various geometric computations such as the intersection of surfaces. Discrete geometric surfaces that represent geological interfaces can be generated by creating planar meshes first and then spatially interpolating; those surfaces intersect and then form volumes that represent three-dimensional geological objects such as rock bodies. In this paper, the most commonly used algorithms of the key techniques in 3D geological modeling are summarized.
Implementation of continuous-variable quantum key distribution with discrete modulation
Hirano, Takuya; Ichikawa, Tsubasa; Matsubara, Takuto; Ono, Motoharu; Oguri, Yusuke; Namiki, Ryo; Kasai, Kenta; Matsumoto, Ryutaroh; Tsurumaru, Toyohiro
2017-06-01
We have developed a continuous-variable quantum key distribution (CV-QKD) system that employs discrete quadrature-amplitude modulation and homodyne detection of coherent states of light. We experimentally demonstrated automated secure key generation with a rate of 50 kbps when a quantum channel is a 10 km optical fibre. The CV-QKD system utilises a four-state and post-selection protocol and generates a secure key against the entangling cloner attack. We used a pulsed light source of 1550 nm wavelength with a repetition rate of 10 MHz. A commercially available balanced receiver is used to realise shot-noise-limited pulsed homodyne detection. We used a non-binary LDPC code for error correction (reverse reconciliation) and the Toeplitz matrix multiplication for privacy amplification. A graphical processing unit card is used to accelerate the software-based post-processing.
Cryptographic pseudo-random sequences from the chaotic Hénon ...
Indian Academy of Sciences (India)
2-dimensional chaotic maps for the generation of pseudorandom sequences. 3. ... map. Consider the bit-stream Bx formed by choosing every Pth bit of Sx, ... Similarly, the probability of the linear complexity C assuming the value c(c < N) when.
Zhuo-Dan, Zhu; Shang-Hong, Zhao; Chen, Dong; Ying, Sun
2018-07-01
In this paper, a phase-encoded measurement device independent quantum key distribution (MDI-QKD) protocol without a shared reference frame is presented, which can generate secure keys between two parties while the quantum channel or interferometer introduces an unknown and slowly time-varying phase. The corresponding secret key rate and single photons bit error rate is analysed, respectively, with single photons source (SPS) and weak coherent source (WCS), taking finite-key analysis into account. The numerical simulations show that the modified phase-encoded MDI-QKD protocol has apparent superiority both in maximal secure transmission distance and key generation rate while possessing the improved robustness and practical security in the high-speed case. Moreover, the rejection of the frame-calibrating part will intrinsically reduce the consumption of resources as well as the potential security flaws of practical MDI-QKD systems.
Factoring RSA keys from certified smart cards : Coppersmith in the wild
Bernstein, D.J.; Chang, Y.A.; Cheng, C.M.; Chou, L.P.; Heninger, N.; Lange, T.; Someren, van N.
2013-01-01
An attacker can efficiently factor at least 184 distinct 1024-bit RSA keys from Taiwan's national "Citizen Digital Certificate" database. The big story here is that these keys were generated by government-issued smart cards that were certified secure. The certificates had all the usual buzzwords:
Analysis of Secret Key Randomness Exploiting the Radio Channel Variability
Directory of Open Access Journals (Sweden)
Taghrid Mazloum
2015-01-01
Full Text Available A few years ago, physical layer based techniques have started to be considered as a way to improve security in wireless communications. A well known problem is the management of ciphering keys, both regarding the generation and distribution of these keys. A way to alleviate such difficulties is to use a common source of randomness for the legitimate terminals, not accessible to an eavesdropper. This is the case of the fading propagation channel, when exact or approximate reciprocity applies. Although this principle has been known for long, not so many works have evaluated the effect of radio channel properties in practical environments on the degree of randomness of the generated keys. To this end, we here investigate indoor radio channel measurements in different environments and settings at either 2.4625 GHz or 5.4 GHz band, of particular interest for WIFI related standards. Key bits are extracted by quantizing the complex channel coefficients and their randomness is evaluated using the NIST test suite. We then look at the impact of the carrier frequency, the channel variability in the space, time, and frequency degrees of freedom used to construct a long secret key, in relation to the nature of the radio environment such as the LOS/NLOS character.
Metropolitan Quantum Key Distribution with Silicon Photonics
Directory of Open Access Journals (Sweden)
Darius Bunandar
2018-04-01
Full Text Available Photonic integrated circuits provide a compact and stable platform for quantum photonics. Here we demonstrate a silicon photonics quantum key distribution (QKD encoder in the first high-speed polarization-based QKD field tests. The systems reach composable secret key rates of 1.039 Mbps in a local test (on a 103.6-m fiber with a total emulated loss of 9.2 dB and 157 kbps in an intercity metropolitan test (on a 43-km fiber with 16.4 dB loss. Our results represent the highest secret key generation rate for polarization-based QKD experiments at a standard telecom wavelength and demonstrate photonic integrated circuits as a promising, scalable resource for future formation of metropolitan quantum-secure communications networks.
Security Concepts for Satellite Links
Tobehn, C.; Penné, B.; Rathje, R.; Weigl, A.; Gorecki, Ch.; Michalik, H.
2008-08-01
The high costs to develop, launch and maintain a satellite network makes protecting the assets imperative. Attacks may be passive such as eavesdropping on the payload data. More serious threat are active attacks that try to gain control of the satellite, which may lead to the total lost of the satellite asset. To counter these threats, new satellite and ground systems are using cryptographic technologies to provide a range of services: confidentiality, entity & message authentication, and data integrity. Additionally, key management cryptographic services are required to support these services. This paper describes the key points of current satellite control and operations, that are authentication of the access to the satellite TMTC link and encryption of security relevant TM/TC data. For payload data management the key points are multi-user ground station access and high data rates both requiring frequent updates and uploads of keys with the corresponding key management methods. For secure satellite management authentication & key negotiation algorithms as HMAC-RIPEMD160, EC- DSA and EC-DH are used. Encryption of data uses algorithms as IDEA, AES, Triple-DES, or other. A channel coding and encryption unit for payload data provides download data rates up to Nx250 Mbps. The presented concepts are based on our experience and heritage of the security systems for all German MOD satellite projects (SATCOMBw2, SAR-Lupe multi- satellite system and German-French SAR-Lupe-Helios- II systems inter-operability) as well as for further international (KOMPSAT-II Payload data link system) and ESA activities (TMTC security and GMES).
DEFF Research Database (Denmark)
Rodriguez, Pedro; Luna, Alvaro; Hermoso, Juan Ramon
2011-01-01
The operation of distributed power generation systems under grid fault conditions is a key issue for the massive integration of renewable energy systems. Several studies have been conducted to improve the response of such distributed generation systems under voltage dips. In spite of being less s...
Patients’ Data Management System Protected by Identity-Based Authentication and Key Exchange
Directory of Open Access Journals (Sweden)
Alexandra Rivero-García
2017-03-01
Full Text Available A secure and distributed framework for the management of patients’ information in emergency and hospitalization services is proposed here in order to seek improvements in efficiency and security in this important area. In particular, confidentiality protection, mutual authentication, and automatic identification of patients are provided. The proposed system is based on two types of devices: Near Field Communication (NFC wristbands assigned to patients, and mobile devices assigned to medical staff. Two other main elements of the system are an intermediate server to manage the involved data, and a second server with a private key generator to define the information required to protect communications. An identity-based authentication and key exchange scheme is essential to provide confidential communication and mutual authentication between the medical staff and the private key generator through an intermediate server. The identification of patients is carried out through a keyed-hash message authentication code. Thanks to the combination of the aforementioned tools, a secure alternative mobile health (mHealth scheme for managing patients’ data is defined for emergency and hospitalization services. Different parts of the proposed system have been implemented, including mobile application, intermediate server, private key generator and communication channels. Apart from that, several simulations have been performed, and, compared with the current system, significant improvements in efficiency have been observed.
Patients’ Data Management System Protected by Identity-Based Authentication and Key Exchange
Rivero-García, Alexandra; Santos-González, Iván; Hernández-Goya, Candelaria; Caballero-Gil, Pino; Yung, Moti
2017-01-01
A secure and distributed framework for the management of patients’ information in emergency and hospitalization services is proposed here in order to seek improvements in efficiency and security in this important area. In particular, confidentiality protection, mutual authentication, and automatic identification of patients are provided. The proposed system is based on two types of devices: Near Field Communication (NFC) wristbands assigned to patients, and mobile devices assigned to medical staff. Two other main elements of the system are an intermediate server to manage the involved data, and a second server with a private key generator to define the information required to protect communications. An identity-based authentication and key exchange scheme is essential to provide confidential communication and mutual authentication between the medical staff and the private key generator through an intermediate server. The identification of patients is carried out through a keyed-hash message authentication code. Thanks to the combination of the aforementioned tools, a secure alternative mobile health (mHealth) scheme for managing patients’ data is defined for emergency and hospitalization services. Different parts of the proposed system have been implemented, including mobile application, intermediate server, private key generator and communication channels. Apart from that, several simulations have been performed, and, compared with the current system, significant improvements in efficiency have been observed. PMID:28362328
Keys to the success of the CB Conquero
Directory of Open Access Journals (Sweden)
C. Fernández-Espínola
2016-12-01
Full Text Available When a team gets sport successes to level profesional, generates the topics that will be investigated such as the key factors of the succes. The main aim of this study is to analyze the influencie of different factors like the sports context, the social context and training aspects in the success of the Club Baloncesto Conquero through direct perception of thirteen informants associated with the team and the basketball in Huelva. An interview was carried out, related with those factors and the keys to success. The results revealed that workforce planning along the great work of coaching staff, medical staff and physical trainer have been key to the team gets sport successes.
Designing and implementing of improved cryptographic algorithm using modular arithmetic theory
Directory of Open Access Journals (Sweden)
Maryam Kamarzarrin
2015-05-01
Full Text Available Maintaining the privacy and security of people information are two most important principles of electronic health plan. One of the methods of creating privacy and securing of information is using Public key cryptography system. In this paper, we compare two algorithms, Common And Fast Exponentiation algorithms, for enhancing the efficiency of public key cryptography. We express that a designed system by Fast Exponentiation Algorithm has high speed and performance but low power consumption and space occupied compared with Common Exponentiation algorithm. Although designed systems by Common Exponentiation algorithm have slower speed and lower performance, designing by this algorithm has less complexity, and easier designing compared with Fast Exponentiation algorithm. In this paper, we will try to examine and compare two different methods of exponentiation, also observe performance Impact of these two approaches in the form of hardware with VHDL language on FPGA.
Evaluating the use of key performance indicators to evidence the patient experience.
McCance, Tanya; Hastings, Jack; Dowler, Hilda
2015-11-01
To test eight person-centred key performance indicators and the feasibility of an appropriate measurement framework as an approach to evidencing the patient experience. The value of measuring the quality of patient care is undisputed in the international literature, however, the type of measures that can be used to generate data that is meaningful for practice continues to be debated. This paper offers a different perspective to the 'measurement' of the nursing and midwifery contribution to the patient experience. Fourth generation evaluation was the methodological approach used to evaluate the implementation of the key performance indicators and measurement framework across three participating organisations involving nine practice settings. Data were collected by repeated use of claims, concerns and issues with staff working across nine participating sites (n = 18) and the senior executives from the three partner organisations (n = 12). Data were collected during the facilitated sessions with stakeholders and analysed in conjunction with the data generated from the measurement framework. The data reveal the inherent value placed on the evidence generated from the implementation of the key performance indicators as reflected in the following themes: measuring what matters; evidencing the patient experience; engaging staff; a focus for improving practice; and articulating and demonstrating the positive contribution of nursing and midwifery. The implementation of the key performance indicators and the measurement framework has been effective in generating evidence that demonstrates the patient experience. The nature of the data generated not only privileges the patient voice but also offers feedback to nurses and midwives that can inform the development of person-centred cultures. The use of these indicators will produce evidence of patient experience that can be used by nurse and midwives to celebrate and further inform person-centred practice. © 2015 John
Path Hopping: An MTD Strategy for Long-Term Quantum-Safe Communication
Directory of Open Access Journals (Sweden)
Reihaneh Safavi-Naini
2018-01-01
Full Text Available Moving target defense (MTD strategies have been widely studied for securing computer systems. We consider using MTD strategies to provide long-term cryptographic security for message transmission against an eavesdropping adversary who has access to a quantum computer. In such a setting, today’s widely used cryptographic systems including Diffie-Hellman key agreement protocol and RSA cryptosystem will be insecure and alternative solutions are needed. We will use a physical assumption, existence of multiple communication paths between the sender and the receiver, as the basis of security, and propose a cryptographic system that uses this assumption and an MTD strategy to guarantee efficient long-term information theoretic security even when only a single path is not eavesdropped. Following the approach of Maleki et al., we model the system using a Markov chain, derive its transition probabilities, propose two security measures, and prove results that show how to calculate these measures using transition probabilities. We define two types of attackers that we call risk-taking and risk-averse and compute our proposed measures for the two types of adversaries for a concrete MTD strategy. We will use numerical analysis to study tradeoffs between system parameters, discuss our results, and propose directions for future research.
International Nuclear Information System (INIS)
Semenov, V.D.; Furman, Eh.G.
1974-01-01
The paper describes a current pulse generator with an auxiliary network consisting of a choke and diode in series designed to enlarge the range of pulse frequency control. One output of the network is connected to an adjustable valve cathode and via antoher auxiliary condenser to the point where the cathode of the main key unit is joined to the start of the magnetizing coil. A second output is connected to the anode of another adjustable valve and via another auxiliary condenser to the point where the anode of the other main key unit is joined to the end of the magnetizing coil. The generator can be used to excite the electromagnets of charged particle accelerators or in devices designed to produce magnetic fields. (author)
Fast Modular Exponentiation and Elliptic Curve Group Operation in Maple
Yan, S. Y.; James, G.
2006-01-01
The modular exponentiation, y[equivalent to]x[superscript k](mod n) with x,y,k,n integers and n [greater than] 1; is the most fundamental operation in RSA and ElGamal public-key cryptographic systems. Thus the efficiency of RSA and ElGamal depends entirely on the efficiency of the modular exponentiation. The same situation arises also in elliptic…
Performance of Сellular Automata-based Stream Ciphers in GPU Implementation
Directory of Open Access Journals (Sweden)
P. G. Klyucharev
2016-01-01
Full Text Available Earlier the author had developed methods to build high-performance generalized cellular automata-based symmetric ciphers, which allow obtaining the encryption algorithms that show extremely high performance in hardware implementation. However, their implementation based on the conventional microprocessors lacks high performance. The mere fact is quite common - it shows a scope of applications for these ciphers. Nevertheless, the use of graphic processors enables achieving an appropriate performance for a software implementation.The article is extension of a series of the articles, which study various aspects to construct and implement cryptographic algorithms based on the generalized cellular automata. The article is aimed at studying the capabilities to implement the GPU-based cryptographic algorithms under consideration.Representing a key generator, the implemented encryption algorithm comprises 2k generalized cellular automata. The cellular automata graphs are Ramanujan’s ones. The cells of produced k gamma streams alternate, thereby allowing the GPU capabilities to be better used.To implement was used OpenCL, as the most universal and platform-independent API. The software written in C ++ was designed so that the user could set various parameters, including the encryption key, the graph structure, the local communication function, various constants, etc. To test were used a variety of graphics processors (NVIDIA GTX 650; NVIDIA GTX 770; AMD R9 280X.Depending on operating conditions, and GPU used, a performance range is from 0.47 to 6.61 Gb / s, which is comparable to the performance of the countertypes.Thus, the article has demonstrated that using the GPU makes it is possible to provide efficient software implementation of stream ciphers based on the generalized cellular automata.This work was supported by the RFBR, the project №16-07-00542.
Youqing, Chen
2006-01-01
Experience is an activity that arouses emotions and generates meanings based on vivid sensation and profound comprehension. It is emotional, meaningful, and personal, playing a key role in the course of forming and developing one's qualities. The psychological process of experience generation consists of such links as sensing things, arousing…
Directory of Open Access Journals (Sweden)
Xing Fan
2018-04-01
Full Text Available Background/Aims: Induction of oxidative stress and reactive oxygen species (ROS mediated-apoptosis have been utilized as effective strategies in anticancer therapy. Macranthoidin B (MB is a potent inducer of ROS-mediated apoptosis in cancer, but its mechanism of action is poorly understood. Method: Superoxide production with MB exposure in colorectal cancer (CRC cells was measured using lucigenin chemiluminescence and real-time PCR. MB’s inhibitory effect on proliferation and viability of CRC cells was determined by proliferation assays. MB’s effect on apoptosis of CRC cells was determined by Western blotting and annexin V-FITC/PI staining. MB’s effect on the growth of CRC xenografts in mice was assessed. An established metabolomics profiling platform combining ultra-performance liquid chromatography-tandem mass spectrometry (LC-MS with gas chromatography-mass spectrometry (GC-MS was performed to determine MB’s effect on total metabolite variation in CRC cells. Results: We found that MB increases ROS generation via modulating key metabolic pathways. Using metabolomics profiling platform combining LC-MS with GC-MS, a total of 236 metabolites were identified in HCT-116 cells in which 31 metabolites were determined to be significantly regulated (p ≤ 0.05 after MB exposure. A number of key metabolites revealed by metabolomics analysis include glucose, fructose, citrate, arginine, phenylalanine, and S-adenosylhomocysteine (SAH, suggesting specific modulation of metabolism on carbohydrates, amino acids and peptides, lipids, nucleotide, cofactors and vitamins in HCT-116 CRC cells with MB treatment highly associated with apoptosis triggered by enhanced ROS and activated caspase-3. Conclusion: Our results demonstrate that MB represses CRC cell proliferation by inducing ROS-mediated apoptosis.
Fan, Xing; Rao, Jun; Zhang, Ziwei; Li, Dengfeng; Cui, Wenhao; Zhang, Jun; Wang, Hua; Tou, Fangfang; Zheng, Zhi; Shen, Qiang
2018-01-01
Induction of oxidative stress and reactive oxygen species (ROS) mediated-apoptosis have been utilized as effective strategies in anticancer therapy. Macranthoidin B (MB) is a potent inducer of ROS-mediated apoptosis in cancer, but its mechanism of action is poorly understood. Superoxide production with MB exposure in colorectal cancer (CRC) cells was measured using lucigenin chemiluminescence and real-time PCR. MB's inhibitory effect on proliferation and viability of CRC cells was determined by proliferation assays. MB's effect on apoptosis of CRC cells was determined by Western blotting and annexin V-FITC/PI staining. MB's effect on the growth of CRC xenografts in mice was assessed. An established metabolomics profiling platform combining ultra-performance liquid chromatography-tandem mass spectrometry (LC-MS) with gas chromatography-mass spectrometry (GC-MS) was performed to determine MB's effect on total metabolite variation in CRC cells. We found that MB increases ROS generation via modulating key metabolic pathways. Using metabolomics profiling platform combining LC-MS with GC-MS, a total of 236 metabolites were identified in HCT-116 cells in which 31 metabolites were determined to be significantly regulated (p ≤ 0.05) after MB exposure. A number of key metabolites revealed by metabolomics analysis include glucose, fructose, citrate, arginine, phenylalanine, and S-adenosylhomocysteine (SAH), suggesting specific modulation of metabolism on carbohydrates, amino acids and peptides, lipids, nucleotide, cofactors and vitamins in HCT-116 CRC cells with MB treatment highly associated with apoptosis triggered by enhanced ROS and activated caspase-3. Our results demonstrate that MB represses CRC cell proliferation by inducing ROS-mediated apoptosis. © 2018 The Author(s). Published by S. Karger AG, Basel.
RSA Key Development Using Fingerprint Image on Text Message
Rahman, Sayuti; Triana, Indah; Khairani, Sumi; Yasir, Amru; Sundari, Siti
2017-12-01
Along with the development of technology today, humans are very facilitated in accessing information and Communicate with various media, including through the Internet network . Messages are sent by media such as text are not necessarily guaranteed security. it is often found someone that wants to send a secret message to the recipient, but the messages can be known by irresponsible people. So the sender feels dissappointed because the secret message that should be known only to the recipient only becomes known by the irresponsible people . It is necessary to do security the message by using the RSA algorithm, Using fingerprint image to generate RSA key.This is a solution to enrich the security of a message,it is needed to process images firstly before generating RSA keys with feature extraction.
Fuzzy extractors for continuous distributions
Buhan, I.R.; Doumen, J.M.; Hartel, Pieter H.; Veldhuis, Raymond N.J.
2006-01-01
We show that there is a direct relation between the maximum length of the keys extracted from biometric data and the error rates of the biometric system. The length of the bio-key depends on the amount of distinguishing information that can be extracted from the source data. This information can be used a-priori to evaluate the potential of the biometric data in the context of a specific cryptographic application. We model the biometric data more naturally as a continuous distribution and we ...
Comment on ``Semiquantum-key distribution using less than four quantum states''
Boyer, Michel; Mor, Tal
2011-04-01
For several decades it was believed that information-secure key distribution requires both the sender and receiver to have the ability to generate and/or manipulate quantum states. Earlier, we showed that quantum key distribution in which one party is classical is possible [Boyer, Kenigsberg, and Mor, Phys. Rev. Lett.PRLTAO0031-900710.1103/PhysRevLett.99.140501 99, 140501 (2007)]. A surprising and very nice extension of that result was suggested by Zou, Qiu, Li, Wu, and Li [Phys. Rev. APLRAAN1050-294710.1103/PhysRevA.79.052312 79, 052312 (2009)]. Their paper suggests that it is sufficient for the originator of the states (the person holding the quantum technology) to generate just one state. The resulting semiquantum key distribution, which we call here “quantum key distribution with classical Alice” is indeed completely robust against eavesdropping. However, their proof (that no eavesdropper can get information without being possibly detected) is faulty. We provide here a fully detailed and direct proof of their very important result.
Behavior of temperature dependent SRAM-PUFs, and consequences for secret-key capacity
Kusters, C.J.; Ignatenko, T.; Willems, F.M.J.
2017-01-01
Physical Unclonable Functions (PUFs) are a resource for generating and sharing secret keys. The mutual information between two respective observations of the same PUF gives an upper bound for the achievable secret-key rate of a secret-sharing scheme that relies on this PUF. This mutual information
Quantum-key-distribution protocol with pseudorandom bases
Trushechkin, A. S.; Tregubov, P. A.; Kiktenko, E. O.; Kurochkin, Y. V.; Fedorov, A. K.
2018-01-01
Quantum key distribution (QKD) offers a way for establishing information-theoretical secure communications. An important part of QKD technology is a high-quality random number generator for the quantum-state preparation and for post-processing procedures. In this work, we consider a class of prepare-and-measure QKD protocols, utilizing additional pseudorandomness in the preparation of quantum states. We study one of such protocols and analyze its security against the intercept-resend attack. We demonstrate that, for single-photon sources, the considered protocol gives better secret key rates than the BB84 and the asymmetric BB84 protocols. However, the protocol strongly requires single-photon sources.
Summary Report on Unconditionally Secure Protocols
DEFF Research Database (Denmark)
Damgård, Ivan Bjerre; Salvail, Louis; Cachin, Christian
This document describes the state of the art snd some of the main open problems in the area of unconditionally secure cryptographic protocols. The most essential part of a cryptographic protocol is not its being secure. Imagine a cryptographic protocol which is secure, but where we do not know...... that it is secure. Such a protocol would do little in providing security. When all comes to all, cryptographic security is done for the sake of people, and the essential part of security is for people what it has always been, namely to feel secure. To feel secure employing a given cryptographic protocol we need...... to know that is is secure. I.e. we need a proof that it is secure. Today the proof of security of essentially all practically employed cryptographic protocols relies on computational assumptions. To prove that currently employed ways to communicate securely over the Internet are secure we e.g. need...
Institute of Scientific and Technical Information of China (English)
Chen Youqing
2006-01-01
Experience iS an activity that arouses emotions and generates meanings based on vivid sensation and profound compreh ension.It iS emotional,meaningful,and personal,playing a key role in the course of forming and developing one'S qualities.The psychological process of experience generation consists of such links as sensing things,arousing emotions,promoting comprehension and association,generating insights and meanings,and deepening emotional responses.Undergoing things personally by means of direct sensation,taking part in activities,and living life are the most important preconditions of experience generation.Emotional influence,situational edification,and arts edification ale extemal factors that induce experience generation.
A Dual Key-Based Activation Scheme for Secure LoRaWAN
Directory of Open Access Journals (Sweden)
Jaehyu Kim
2017-01-01
Full Text Available With the advent of the Internet of Things (IoT era, we are experiencing rapid technological progress. Billions of devices are connected to each other, and our homes, cities, hospitals, and schools are getting smarter and smarter. However, to realize the IoT, several challenging issues such as connecting resource-constrained devices to the Internet must be resolved. Recently introduced Low Power Wide Area Network (LPWAN technologies have been devised to resolve this issue. Among many LPWAN candidates, the Long Range (LoRa is one of the most promising technologies. The Long Range Wide Area Network (LoRaWAN is a communication protocol for LoRa that provides basic security mechanisms. However, some security loopholes exist in LoRaWAN’s key update and session key generation. In this paper, we propose a dual key-based activation scheme for LoRaWAN. It resolves the problem of key updates not being fully supported. In addition, our scheme facilitates each layer in generating its own session key directly, which ensures the independence of all layers. Real-world experimental results compared with the original scheme show that the proposed scheme is totally feasible in terms of delay and battery consumption.
Parallel sort with a ranged, partitioned key-value store in a high perfomance computing environment
Bent, John M.; Faibish, Sorin; Grider, Gary; Torres, Aaron; Poole, Stephen W.
2016-01-26
Improved sorting techniques are provided that perform a parallel sort using a ranged, partitioned key-value store in a high performance computing (HPC) environment. A plurality of input data files comprising unsorted key-value data in a partitioned key-value store are sorted. The partitioned key-value store comprises a range server for each of a plurality of ranges. Each input data file has an associated reader thread. Each reader thread reads the unsorted key-value data in the corresponding input data file and performs a local sort of the unsorted key-value data to generate sorted key-value data. A plurality of sorted, ranged subsets of each of the sorted key-value data are generated based on the plurality of ranges. Each sorted, ranged subset corresponds to a given one of the ranges and is provided to one of the range servers corresponding to the range of the sorted, ranged subset. Each range server sorts the received sorted, ranged subsets and provides a sorted range. A plurality of the sorted ranges are concatenated to obtain a globally sorted result.
A Certificate Authority (CA-based cryptographic solution for HIPAA privacy/security regulations
Directory of Open Access Journals (Sweden)
Sangram Ray
2014-07-01
Full Text Available The Health Insurance Portability and Accountability Act (HIPAA passed by the US Congress establishes a number of privacy/security regulations for e-healthcare systems. These regulations support patients’ medical privacy and secure exchange of PHI (protected health information among medical practitioners. Three existing HIPAA-based schemes have been studied but appear to be ineffective as patients’ PHI is stored in smartcards. Moreover, carrying a smartcard during a treatment session and accessing PHI from different locations results in restrictions. In addition, authentication of the smartcard presenter would not be possible if the PIN is compromised. In this context, we propose an MCS (medical center server should be located at each hospital and accessed via the Internet for secure handling of patients’ PHI. All entities of the proposed e-health system register online with the MCS, and each entity negotiates a contributory registration key, where public-key certificates issued and maintained by CAs are used for authentication. Prior to a treatment session, a doctor negotiates a secret session key with MCS and uploads/retrieves patients’ PHI securely. The proposed scheme has five phases, which have been implemented in a secure manner for supporting HIPAA privacy/security regulations. Finally, the security aspects, computation and communication costs of the scheme are analyzed and compared with existing methods that display satisfactory performance.
Review of Micro Magnetic Generator
Directory of Open Access Journals (Sweden)
Lin DU
2014-08-01
Full Text Available This paper discusses the research progress of micro magnetic generator systems. Micro magnetic generator systems convert energy from the environment to electric energy with advantages as high reliability, high power density, long life time and can be applied to extreme environment. This paper summarizes methods for improving generator performance of micro magnetic generator, including rotational magnetic generator, vibrational magnetic generator and hybrid magnetic generator, analyzes and compares their design and performance, and concludes key technologies and ongoing challenges for further progress. The paper is instructive and meaningful to for research work of related field.
A Forward Authentication Key Management Scheme for Heterogeneous Sensor Networks
Directory of Open Access Journals (Sweden)
Huang Jen-Yan
2011-01-01
Full Text Available Key encryption technology is a basic technique for protecting the secrecy of transmitted data among sensor nodes in wireless sensor networks. However, sensor nodes are inherently limited by insufficient hardware resources such as memory capacity and battery lifetime. As a result, few current key management schemes are appropriate for wireless sensor networks. This paper proposes a new key management method that uses dynamic key management schemes for heterogeneous sensor networks. The proposed scheme loads a hash function into the base station, cluster heads, and sensor nodes. The cluster heads and sensor nodes then generate their own keychains to provide forward authentication in case of key changes, security breaches, key changes due to security breaches. The cluster heads and sensor nodes establish pairwise keys to ensure transmission secrecy. The proposed scheme decreases the number of keys required for sensor nodes and cluster heads and is robust to the following attacks: guessing attacks, replay attacks, man-in-the-middle attacks, node capture attacks, and denial-of-service attacks.
A strategy study on the technology development for key nuclear structural materials
International Nuclear Information System (INIS)
Hong, Jun Hwa; Jeong, Youg Hwan; Kim, Tae Kyu
2012-01-01
In order to realize the advanced long-life PWRs and new Generation-IV nuclear systems, it is pre-requisite to establish or ensure the several key materials technology. In this study, we proposed the several key needs and directions for the key materials issues. Each issue is envisioned and described below. 1) Development of innovative nuclear structural materials with extreme environment-resistance for advanced G-IV systems 2) Improvement/development of key reactor materials for advanced and long -life PWRs. 3) Development of technologies against nuclear materials aging degradation
Energy Technology Data Exchange (ETDEWEB)
Zhu, Feng; Zhang, Chun-Hui; Liu, Ai-Ping [Institute of Signal Processing Transmission, Nanjing University of Posts and Telecommunications, Nanjing 210003 (China); Key Lab of Broadband Wireless Communication and Sensor Network Technology, Nanjing University of Posts and Telecommunications, Ministry of Education, Nanjing 210003 (China); Wang, Qin, E-mail: qinw@njupt.edu.cn [Institute of Signal Processing Transmission, Nanjing University of Posts and Telecommunications, Nanjing 210003 (China); Key Lab of Broadband Wireless Communication and Sensor Network Technology, Nanjing University of Posts and Telecommunications, Ministry of Education, Nanjing 210003 (China); Key Laboratory of Quantum Information, University of Science and Technology of China, Hefei 230026 (China)
2016-04-01
In this paper, we propose to implement the heralded pair-coherent source into the measurement-device-independent quantum key distribution. By comparing its performance with other existing schemes, we demonstrate that our new scheme can overcome many shortcomings existing in current schemes, and show excellent behavior in the quantum key distribution. Moreover, even when taking the statistical fluctuation into account, we can still obtain quite high key generation rate at very long transmission distance by using our new scheme. - Highlights: • Implement the heralded pair-coherent source into the measurement-device-independent quantum key distribution. • Overcome many shortcomings existing in current schemes and show excellent behavior. • Obtain quite high key generation rate even when taking statistical fluctuation into account.
Finite-key-size effect in a commercial plug-and-play QKD system
Chaiwongkhot, Poompong; Sajeed, Shihan; Lydersen, Lars; Makarov, Vadim
2017-12-01
A security evaluation against the finite-key-size effect was performed for a commercial plug-and-play quantum key distribution (QKD) system. We demonstrate the ability of an eavesdropper to force the system to distill key from a smaller length of sifted-key. We also derive a key-rate equation that is specific for this system. This equation provides bounds above the upper bound of secure key under finite-key-size analysis. From this equation and our experimental data, we show that the keys that have been distilled from the smaller sifted-key size fall above our bound. Thus, their security is not covered by finite-key-size analysis. Experimentally, we could consistently force the system to generate the key outside of the bound. We also test manufacturer’s software update. Although all the keys after the patch fall under our bound, their security cannot be guaranteed under this analysis. Our methodology can be used for security certification and standardization of QKD systems.
Key management issue in SCADA networks: A review
Directory of Open Access Journals (Sweden)
Abdalhossein Rezai
2017-02-01
Full Text Available Supervisory Control And Data Acquisition (SCADA networks have a vital role in Critical Infrastructures (CIs such as public transports, power generation systems, gas, water and oil industries, so that there are concerns on security issues in these networks. The utilized Remote Terminal Units (RTUs and Intelligence Electronic Devices (IEDs in these networks have resource limitations, which make security applications a challenging issue. Efficient key management schemes are required besides lightweight ciphers for securing the SCADA communications. Many key management schemes have been developed to address the tradeoff between SCADA constrain and security, but which scheme is the most effective is still debatable. This paper presents a review of the existing key management schemes in SCADA networks, which provides directions for further researches in this field.
Cryptography Engineering Design Principles and Practical Applications
Ferguson, Niels; Kohno, Tadayoshi
2012-01-01
The ultimate guide to cryptography, updated from an author team of the world's top cryptography experts. Cryptography is vital to keeping information safe, in an era when the formula to do so becomes more and more challenging. Written by a team of world-renowned cryptography experts, this essential guide is the definitive introduction to all major areas of cryptography: message security, key negotiation, and key management. You'll learn how to think like a cryptographer. You'll discover techniques for building cryptography into products from the start and you'll examine the many technical chan
Energy Technology Data Exchange (ETDEWEB)
2017-06-30
Password management solutions exist, but few are designed for enterprise systems administrators sharing oncall rotations. Due to the Multi-Factor Level of Assurance 4 effort, DOE is now distributing PIV cards with cryptographically signed certificate and private key pairs to administrators and other security-significant users. We utilize this public key infrastructure (PKI) to encrypt passwords for other recipients in a secure way. This is cross platform (works on OSX and Linux systems), and has already been adopted internally by the NCCS systems administration staff to replace their old password book system.
Key parameters analysis of hybrid HEMP simulator
International Nuclear Information System (INIS)
Mao Congguang; Zhou Hui
2009-01-01
According to the new standards on the high-altitude electromagnetic pulse (HEMP) developed by International Electrotechnical Commission (IEC), the target parameter requirements of the key structure of the hybrid HEMP simulator are decomposed. Firstly, the influences of the different excitation sources and biconical structures to the key parameters of the radiated electric field wave shape are investigated and analyzed. Then based on the influence curves the target parameter requirements of the pulse generator are proposed. Finally the appropriate parameters of the biconical structure and the excitation sources are chosen, and the computational result of the electric field in free space is presented. The results are of great value for the design of the hybrid HEMP simulator. (authors)
A practical two-way system of quantum key distribution with untrusted source
International Nuclear Information System (INIS)
Chen Ming-Juan; Liu Xiang
2011-01-01
The most severe problem of a two-way 'plug-and-play' (p and p) quantum key distribution system is that the source can be controlled by the eavesdropper. This kind of source is defined as an “untrusted source . This paper discusses the effects of the fluctuation of internal transmittance on the final key generation rate and the transmission distance. The security of the standard BB84 protocol, one-decoy state protocol, and weak+vacuum decoy state protocol, with untrusted sources and the fluctuation of internal transmittance are studied. It is shown that the one-decoy state is sensitive to the statistical fluctuation but weak+vacuum decoy state is only slightly affected by the fluctuation. It is also shown that both the maximum secure transmission distance and final key generation rate are reduced when Alice's laboratory transmittance fluctuation is considered. (general)
Key-value store with internal key-value storage interface
Bent, John M.; Faibish, Sorin; Ting, Dennis P. J.; Tzelnic, Percy; Gupta, Uday; Grider, Gary; Bonnie, David J.
2018-01-16
A key-value store is provided having one or more key-value storage interfaces. A key-value store on at least one compute node comprises a memory for storing a plurality of key-value pairs; and an abstract storage interface comprising a software interface module that communicates with at least one persistent storage device providing a key-value interface for persistent storage of one or more of the plurality of key-value pairs, wherein the software interface module provides the one or more key-value pairs to the at least one persistent storage device in a key-value format. The abstract storage interface optionally processes one or more batch operations on the plurality of key-value pairs. A distributed embodiment for a partitioned key-value store is also provided.
Quantum key distribution session with 16-dimensional photonic states
Etcheverry, S.; Cañas, G.; Gómez, E. S.; Nogueira, W. A. T.; Saavedra, C.; Xavier, G. B.; Lima, G.
2013-01-01
The secure transfer of information is an important problem in modern telecommunications. Quantum key distribution (QKD) provides a solution to this problem by using individual quantum systems to generate correlated bits between remote parties, that can be used to extract a secret key. QKD with D-dimensional quantum channels provides security advantages that grow with increasing D. However, the vast majority of QKD implementations has been restricted to two dimensions. Here we demonstrate the feasibility of using higher dimensions for real-world quantum cryptography by performing, for the first time, a fully automated QKD session based on the BB84 protocol with 16-dimensional quantum states. Information is encoded in the single-photon transverse momentum and the required states are dynamically generated with programmable spatial light modulators. Our setup paves the way for future developments in the field of experimental high-dimensional QKD. PMID:23897033
A continuous variable quantum deterministic key distribution based on two-mode squeezed states
International Nuclear Information System (INIS)
Gong, Li-Hua; Song, Han-Chong; Liu, Ye; Zhou, Nan-Run; He, Chao-Sheng
2014-01-01
The distribution of deterministic keys is of significance in personal communications, but the existing continuous variable quantum key distribution protocols can only generate random keys. By exploiting the entanglement properties of two-mode squeezed states, a continuous variable quantum deterministic key distribution (CVQDKD) scheme is presented for handing over the pre-determined key to the intended receiver. The security of the CVQDKD scheme is analyzed in detail from the perspective of information theory. It shows that the scheme can securely and effectively transfer pre-determined keys under ideal conditions. The proposed scheme can resist both the entanglement and beam splitter attacks under a relatively high channel transmission efficiency. (paper)
Forgery quality and its implications for behavioral biometric security.
Ballard, Lucas; Lopresti, Daniel; Monrose, Fabian
2007-10-01
Biometric security is a topic of rapidly growing importance in the areas of user authentication and cryptographic key generation. In this paper, we describe our steps toward developing evaluation methodologies for behavioral biometrics that take into account threat models that have been largely ignored. We argue that the pervasive assumption that forgers are minimally motivated (or, even worse, naive) is too optimistic and even dangerous. Taking handwriting as a case in point, we show through a series of experiments that some users are significantly better forgers than others, that such forgers can be trained in a relatively straightforward fashion to pose an even greater threat, that certain users are easy targets for forgers, and that most humans are a relatively poor judge of handwriting authenticity, and hence, their unaided instincts cannot be trusted. Additionally, to overcome current labor-intensive hurdles in performing more accurate assessments of system security, we present a generative attack model based on concatenative synthesis that can provide a rapid indication of the security afforded by the system. We show that our generative attacks match or exceed the effectiveness of forgeries rendered by the skilled humans we have encountered.
Finite key analysis in quantum cryptography
International Nuclear Information System (INIS)
Meyer, T.
2007-01-01
In view of experimental realization of quantum key distribution schemes, the study of their efficiency becomes as important as the proof of their security. The latter is the subject of most of the theoretical work about quantum key distribution, and many important results such as the proof of unconditional security have been obtained. The efficiency and also the robustness of quantum key distribution protocols against noise can be measured by figures of merit such as the secret key rate (the fraction of input signals that make it into the key) and the threshold quantum bit error rate (the maximal error rate such that one can still create a secret key). It is important to determine these quantities because they tell us whether a certain quantum key distribution scheme can be used at all in a given situation and if so, how many secret key bits it can generate in a given time. However, these figures of merit are usually derived under the ''infinite key limit'' assumption, that is, one assumes that an infinite number of quantum states are send and that all sub-protocols of the scheme (in particular privacy amplification) are carried out on these infinitely large blocks. Such an assumption usually eases the analysis, but also leads to (potentially) too optimistic values for the quantities in question. In this thesis, we are explicitly avoiding the infinite key limit for the analysis of the privacy amplification step, which plays the most important role in a quantum key distribution scheme. We still assume that an optimal error correction code is applied and we do not take into account any statistical errors that might occur in the parameter estimation step. Renner and coworkers derived an explicit formula for the obtainable key rate in terms of Renyi entropies of the quantum states describing Alice's, Bob's, and Eve's systems. This results serves as a starting point for our analysis, and we derive an algorithm that efficiently computes the obtainable key rate for any
Finite key analysis in quantum cryptography
Energy Technology Data Exchange (ETDEWEB)
Meyer, T.
2007-10-31
In view of experimental realization of quantum key distribution schemes, the study of their efficiency becomes as important as the proof of their security. The latter is the subject of most of the theoretical work about quantum key distribution, and many important results such as the proof of unconditional security have been obtained. The efficiency and also the robustness of quantum key distribution protocols against noise can be measured by figures of merit such as the secret key rate (the fraction of input signals that make it into the key) and the threshold quantum bit error rate (the maximal error rate such that one can still create a secret key). It is important to determine these quantities because they tell us whether a certain quantum key distribution scheme can be used at all in a given situation and if so, how many secret key bits it can generate in a given time. However, these figures of merit are usually derived under the ''infinite key limit'' assumption, that is, one assumes that an infinite number of quantum states are send and that all sub-protocols of the scheme (in particular privacy amplification) are carried out on these infinitely large blocks. Such an assumption usually eases the analysis, but also leads to (potentially) too optimistic values for the quantities in question. In this thesis, we are explicitly avoiding the infinite key limit for the analysis of the privacy amplification step, which plays the most important role in a quantum key distribution scheme. We still assume that an optimal error correction code is applied and we do not take into account any statistical errors that might occur in the parameter estimation step. Renner and coworkers derived an explicit formula for the obtainable key rate in terms of Renyi entropies of the quantum states describing Alice's, Bob's, and Eve's systems. This results serves as a starting point for our analysis, and we derive an algorithm that efficiently computes
PDES, Fips Standard Data Encryption Algorithm
Energy Technology Data Exchange (ETDEWEB)
Nessett, D N [Lawrence Livermore National Laboratory (United States)
1991-03-26
Description of program or function: PDES performs the National Bureau of Standards FIPS Pub. 46 data encryption/decryption algorithm used for the cryptographic protection of computer data. The DES algorithm is designed to encipher and decipher blocks of data consisting of 64 bits under control of a 64-bit key. The key is generated in such a way that each of the 56 bits used directly by the algorithm are random and the remaining 8 error-detecting bits are set to make the parity of each 8-bit byte of the key odd, i. e. there is an odd number of '1' bits in each 8-bit byte. Each member of a group of authorized users of encrypted computer data must have the key that was used to encipher the data in order to use it. Data can be recovered from cipher only by using exactly the same key used to encipher it, but with the schedule of addressing the key bits altered so that the deciphering process is the reverse of the enciphering process. A block of data to be enciphered is subjected to an initial permutation, then to a complex key-dependent computation, and finally to a permutation which is the inverse of the initial permutation. Two PDES routines are included; both perform the same calculation. One, identified as FDES.MAR, is designed to achieve speed in execution, while the other identified as PDES.MAR, presents a clearer view of how the algorithm is executed
PDES, Fips Standard Data Encryption Algorithm
International Nuclear Information System (INIS)
Nessett, D.N.
1991-01-01
Description of program or function: PDES performs the National Bureau of Standards FIPS Pub. 46 data encryption/decryption algorithm used for the cryptographic protection of computer data. The DES algorithm is designed to encipher and decipher blocks of data consisting of 64 bits under control of a 64-bit key. The key is generated in such a way that each of the 56 bits used directly by the algorithm are random and the remaining 8 error-detecting bits are set to make the parity of each 8-bit byte of the key odd, i. e. there is an odd number of '1' bits in each 8-bit byte. Each member of a group of authorized users of encrypted computer data must have the key that was used to encipher the data in order to use it. Data can be recovered from cipher only by using exactly the same key used to encipher it, but with the schedule of addressing the key bits altered so that the deciphering process is the reverse of the enciphering process. A block of data to be enciphered is subjected to an initial permutation, then to a complex key-dependent computation, and finally to a permutation which is the inverse of the initial permutation. Two PDES routines are included; both perform the same calculation. One, identified as FDES.MAR, is designed to achieve speed in execution, while the other identified as PDES.MAR, presents a clearer view of how the algorithm is executed
Gas supply planning for new gas-fired electricity generation facilities
International Nuclear Information System (INIS)
Slocum, J.C.
1990-01-01
This paper explores several key issues in gas supply planning for new gas fired electric generation facilities. This paper will have two main sections, as follows: developing the gas supply plan for a gas-fired electricity generation facility and exploring key gas supply contract pricing issues
Long-distance quantum key distribution with imperfect devices
International Nuclear Information System (INIS)
Lo Piparo, Nicoló; Razavi, Mohsen
2014-01-01
Quantum key distribution over probabilistic quantum repeaters is addressed. We compare, under practical assumptions, two such schemes in terms of their secure key generation rate per memory, R QKD . The two schemes under investigation are the one proposed by Duan et al. in [Nat. 414, 413 (2001)] and that of Sangouard et al. proposed in [Phys. Rev. A 76, 050301 (2007)]. We consider various sources of imperfections in the latter protocol, such as a nonzero double-photon probability for the source, dark count per pulse, channel loss and inefficiencies in photodetectors and memories, to find the rate for different nesting levels. We determine the maximum value of the double-photon probability beyond which it is not possible to share a secret key anymore. We find the crossover distance for up to three nesting levels. We finally compare the two protocols
GENERALIZED MATRIXES OF GALOIS PROTOCOLS EXCHANGE ENCRYPTION KEYS
Directory of Open Access Journals (Sweden)
Anatoly Beletsky
2016-03-01
Full Text Available The methods of construction of matrix formation the secret protocols legalized subscribers of public communications networks encryption keys. Based key exchange protocols laid asymmetric cryptography algorithms. The solution involves the calculation of one-way functions and is based on the use of generalized Galois arrays of isomorphism relationship with forming elements, and depending on the selected irreducible polynomial generating matrix. A simple method for constructing generalized Galois matrix by the method of filling the diagonal. In order to eliminate the isomorphism of Galois arrays and their constituent elements, limiting the possibility of building one-way functions, Galois matrix subjected to similarity transformation carried out by means of permutation matrices. The variant of the organization of the algebraic attacks on encryption keys sharing protocols and discusses options for easing the consequences of an attack.
Directory of Open Access Journals (Sweden)
Yang Shi
2016-01-01
Full Text Available Considering the security of both the customers’ hosts and the eShops’ servers, we introduce the idea of a key-insulated undetachable digital signature, enabling mobile agents to generate undetachable digital signatures on remote hosts with the key-insulated property of the original signer’s signing key. From the theoretical perspective, we provide the formal definition and security notion of a key-insulated undetachable digital signature. From the practical perspective, we propose a concrete scheme to secure mobile agents in electronic commerce. The scheme is mainly focused on protecting the signing key from leakage and preventing the misuse of the signature algorithm on malicious servers. Agents do not carry the signing key when they generate digital signatures on behalf of the original signer, so the key is protected on remote servers. Furthermore, if a hacker gains the signing key of the original signer, the hacker is still unable to forge a signature for any time period other than the key being accessed. In addition, the encrypted function is combined with the original signer’s requirement to prevent the misuse of signing algorithm. The scheme is constructed on gap Diffie–Hellman groups with provable security, and the performance testing indicates that the scheme is efficient.
[Analysis on the key factors affecting the inheritance of the acupuncture learning].
Li, Su-yun; Zhang, Li-jian; Gang, Wei-juan; Xu, Wen-bin; Xu, Qing-yan
2010-06-01
On the basis of systematicly reviewing the developmental history of acupuncture and moxibustion and profoundly understanding its academic connotations, the authors of the present article make a summary and analysis on the key factors influencing the development of acupuncturology. These key factors are (1) the emergence of "microacupuncture needle regulating-Qi" and the establishement of their corresponding theory system, (2) a large number of practitioners who inherited the learnings of acupuncturology generations by generations, and abundant medical classical works which recorded the valuable academic thoughts and clinical experience of the predecesors, (3) the application of acupuncture charts and manikins, and (4) modernizing changes of acupuncture learnings after introduction of western medicine to China. Just under the influence of these key factors, the acupuncture medicine separates itself from the level of the simple experience medicine, and has formed a set of special theory system and developed into a mature subject.
HVDC: A key solution in future transmission systems
Energy Technology Data Exchange (ETDEWEB)
Heyman, Olof H.; Weimers, Lars; Bohl, Mie-Lotte
2010-09-15
With the transition of power grids, based on sustainable generation, HVDC is a key technology with new applications. This includes connection of remote wind parks and strengthening of existing AC grids. In addition, traditional applications, such as bulk hydropower transfer and interconnections between regions, play a major role in our transition to sustainable generation and the associated grids. The technology for regional grids with a limited number of nodes is already in place and commercial projects are commissioned. For extensive grids, development and verification are ongoing in parallel to industry standards being discussed in groups such as ENTSO-E and CIGRE.
Key parameters controlling the performance of catalytic motors
Energy Technology Data Exchange (ETDEWEB)
Esplandiu, Maria J.; Afshar Farniya, Ali [Catalan Institute of Nanoscience and Nanotechnology (ICN2), CSIC and The Barcelona Institute of Science and Technology, Campus UAB, Bellaterra, 08193 Barcelona (Spain); Reguera, David, E-mail: dreguera@ub.edu [Departament de Física Fonamental, Universitat de Barcelona, C/Martí i Franquès 1, 08028 Barcelona (Spain)
2016-03-28
The development of autonomous micro/nanomotors driven by self-generated chemical gradients is a topic of high interest given their potential impact in medicine and environmental remediation. Although impressive functionalities of these devices have been demonstrated, a detailed understanding of the propulsion mechanism is still lacking. In this work, we perform a comprehensive numerical analysis of the key parameters governing the actuation of bimetallic catalytic micropumps. We show that the fluid motion is driven by self-generated electro-osmosis where the electric field originates by a proton current rather than by a lateral charge asymmetry inside the double layer. Hence, the surface potential and the electric field are the key parameters for setting the pumping strength and directionality. The proton flux that generates the electric field stems from the proton gradient induced by the electrochemical reactions taken place at the pump. Surprisingly the electric field and consequently the fluid flow are mainly controlled by the ionic strength and not by the conductivity of the solution, as one could have expected. We have also analyzed the influence of the chemical fuel concentration, electrochemical reaction rates, and size of the metallic structures for an optimized pump performance. Our findings cast light on the complex chemomechanical actuation of catalytic motors and provide important clues for the search, design, and optimization of novel catalytic actuators.
Directory of Open Access Journals (Sweden)
Balajee Maram K.
2016-02-01
Full Text Available Data security is a major issue because of rapid evolution of data communication over unsecured internetwork. Here the proposed system is concerned with the problem of randomly generated S-box. The generation of S-box depends on Pseudo-Random-Number-Generators and shared-secret-key. The process of Pseudo-Random-Number-Generator depends on large prime numbers. All Pseudo-Random-Numbers are scrambled according to shared-secret-key. After scrambling, the S-box is generated. In this research, large prime numbers are the inputs to the Pseudo-Random-Number-Generator. The proposed S-box will reduce the complexity of S-box generation. Based on S-box parameters, it experimentally investigates the quality and robustness of the proposed algorithm which was tested. It yields better results with the S-box parameters like Hamming Distance, Balanced Output and Avalanche Effect and can be embedded to popular cryptography algorithms
Optimisation of key performance measures in air cargo demand management
Alexander May; Adrian Anslow; Udechukwu Ojiako; Yue Wu; Alasdair Marshall; Maxwell Chipulu
2014-01-01
This article sought to facilitate the optimisation of key performance measures utilised for demand management in air cargo operations. The focus was on the Revenue Management team at Virgin Atlantic Cargo and a fuzzy group decision-making method was used. Utilising intelligent fuzzy multi-criteria methods, the authors generated a ranking order of ten key outcome-based performance indicators for Virgin Atlantic air cargo Revenue Management. The result of this industry-driven study showed that ...
Directory of Open Access Journals (Sweden)
Tieyu Zhao
2015-01-01
Full Text Available The optical image encryption has attracted more and more researchers’ attention, and the various encryption schemes have been proposed. In existing optical cryptosystem, the phase functions or images are usually used as the encryption keys, and it is difficult that the traditional public-key algorithm (such as RSA, ECC, etc. is used to complete large numerical key transfer. In this paper, we propose a key distribution scheme based on the phase retrieval algorithm and the RSA public-key algorithm, which solves the problem for the key distribution in optical image encryption system. Furthermore, we also propose a novel image encryption system based on the key distribution principle. In the system, the different keys can be used in every encryption process, which greatly improves the security of the system.
Experimental plug and play quantum coin flipping
Pappa, Anna; Jouguet, Paul; Lawson, Thomas; Chailloux, André; Legré, Matthieu; Trinkler, Patrick; Kerenidis, Iordanis; Diamanti, Eleni
2014-04-01
Performing complex cryptographic tasks will be an essential element in future quantum communication networks. These tasks are based on a handful of fundamental primitives, such as coin flipping, where two distrustful parties wish to agree on a randomly generated bit. Although it is known that quantum versions of these primitives can offer information-theoretic security advantages with respect to classical protocols, a demonstration of such an advantage in a practical communication scenario has remained elusive. Here we experimentally implement a quantum coin flipping protocol that performs strictly better than classically possible over a distance suitable for communication over metropolitan area optical networks. The implementation is based on a practical plug and play system, developed by significantly enhancing a commercial quantum key distribution device. Moreover, we provide combined quantum coin flipping protocols that are almost perfectly secure against bounded adversaries. Our results offer a useful toolbox for future secure quantum communications.
Cache timing attacks on recent microarchitectures
DEFF Research Database (Denmark)
Andreou, Alexandres; Bogdanov, Andrey; Tischhauser, Elmar Wolfgang
2017-01-01
Cache timing attacks have been known for a long time, however since the rise of cloud computing and shared hardware resources, such attacks found new potentially devastating applications. One prominent example is S$A (presented by Irazoqui et al at S&P 2015) which is a cache timing attack against...... AES or similar algorithms in virtualized environments. This paper applies variants of this cache timing attack to Intel's latest generation of microprocessors. It enables a spy-process to recover cryptographic keys, interacting with the victim processes only over TCP. The threat model is a logically...... separated but CPU co-located attacker with root privileges. We report successful and practically verified applications of this attack against a wide range of microarchitectures, from a two-core Nehalem processor (i5-650) to two-core Haswell (i7-4600M) and four-core Skylake processors (i7-6700). The attack...
CO-GENERATION AND OPERATING NETWORK CELLS
DEFF Research Database (Denmark)
Nielsen, John Eli
2008-01-01
In Denmark several thousands of generators are connected to the distribution system (10 kV and 0.4 kV). The production from these generators many times exceeds the load. The generators can be divided into two types, Wind turbines and CHP generators. These generators have one thing in common......, the power system they are connected to, has never been designed to accommodate so many generators. In Denmark we now expect a third type of generators: the microgenerators. This time we want to be prepared. Denmark therefore now participates in a lot of research and full scale demonstration projects. A key...
On the security of consumer wearable devices in the Internet of Things.
Tahir, Hasan; Tahir, Ruhma; McDonald-Maier, Klaus
2018-01-01
Miniaturization of computer hardware and the demand for network capable devices has resulted in the emergence of a new class of technology called wearable computing. Wearable devices have many purposes like lifestyle support, health monitoring, fitness monitoring, entertainment, industrial uses, and gaming. Wearable devices are hurriedly being marketed in an attempt to capture an emerging market. Owing to this, some devices do not adequately address the need for security. To enable virtualization and connectivity wearable devices sense and transmit data, therefore it is essential that the device, its data and the user are protected. In this paper the use of novel Integrated Circuit Metric (ICMetric) technology for the provision of security in wearable devices has been suggested. ICMetric technology uses the features of a device to generate an identification which is then used for the provision of cryptographic services. This paper explores how a device ICMetric can be generated by using the accelerometer and gyroscope sensor. Since wearable devices often operate in a group setting the work also focuses on generating a group identification which is then used to deliver services like authentication, confidentiality, secure admission and symmetric key generation. Experiment and simulation results prove that the scheme offers high levels of security without compromising on resource demands.
Chaotic Image Encryption Based on Running-Key Related to Plaintext
Directory of Open Access Journals (Sweden)
Cao Guanghui
2014-01-01
Full Text Available In the field of chaotic image encryption, the algorithm based on correlating key with plaintext has become a new developing direction. However, for this kind of algorithm, some shortcomings in resistance to reconstruction attack, efficient utilization of chaotic resource, and reducing dynamical degradation of digital chaos are found. In order to solve these problems and further enhance the security of encryption algorithm, based on disturbance and feedback mechanism, we present a new image encryption scheme. In the running-key generation stage, by successively disturbing chaotic stream with cipher-text, the relation of running-key to plaintext is established, reconstruction attack is avoided, effective use of chaotic resource is guaranteed, and dynamical degradation of digital chaos is minimized. In the image encryption stage, by introducing random-feedback mechanism, the difficulty of breaking this scheme is increased. Comparing with the-state-of-the-art algorithms, our scheme exhibits good properties such as large key space, long key period, and extreme sensitivity to the initial key and plaintext. Therefore, it can resist brute-force, reconstruction attack, and differential attack.
Chaotic image encryption based on running-key related to plaintext.
Guanghui, Cao; Kai, Hu; Yizhi, Zhang; Jun, Zhou; Xing, Zhang
2014-01-01
In the field of chaotic image encryption, the algorithm based on correlating key with plaintext has become a new developing direction. However, for this kind of algorithm, some shortcomings in resistance to reconstruction attack, efficient utilization of chaotic resource, and reducing dynamical degradation of digital chaos are found. In order to solve these problems and further enhance the security of encryption algorithm, based on disturbance and feedback mechanism, we present a new image encryption scheme. In the running-key generation stage, by successively disturbing chaotic stream with cipher-text, the relation of running-key to plaintext is established, reconstruction attack is avoided, effective use of chaotic resource is guaranteed, and dynamical degradation of digital chaos is minimized. In the image encryption stage, by introducing random-feedback mechanism, the difficulty of breaking this scheme is increased. Comparing with the-state-of-the-art algorithms, our scheme exhibits good properties such as large key space, long key period, and extreme sensitivity to the initial key and plaintext. Therefore, it can resist brute-force, reconstruction attack, and differential attack.
Generative Inferences Based on Learned Relations
Chen, Dawn; Lu, Hongjing; Holyoak, Keith J.
2017-01-01
A key property of relational representations is their "generativity": From partial descriptions of relations between entities, additional inferences can be drawn about other entities. A major theoretical challenge is to demonstrate how the capacity to make generative inferences could arise as a result of learning relations from…
Geometric data perturbation-based personal health record transactions in cloud computing.
Balasubramaniam, S; Kavitha, V
2015-01-01
Cloud computing is a new delivery model for information technology services and it typically involves the provision of dynamically scalable and often virtualized resources over the Internet. However, cloud computing raises concerns on how cloud service providers, user organizations, and governments should handle such information and interactions. Personal health records represent an emerging patient-centric model for health information exchange, and they are outsourced for storage by third parties, such as cloud providers. With these records, it is necessary for each patient to encrypt their own personal health data before uploading them to cloud servers. Current techniques for encryption primarily rely on conventional cryptographic approaches. However, key management issues remain largely unsolved with these cryptographic-based encryption techniques. We propose that personal health record transactions be managed using geometric data perturbation in cloud computing. In our proposed scheme, the personal health record database is perturbed using geometric data perturbation and outsourced to the Amazon EC2 cloud.
Geometric Data Perturbation-Based Personal Health Record Transactions in Cloud Computing
Balasubramaniam, S.; Kavitha, V.
2015-01-01
Cloud computing is a new delivery model for information technology services and it typically involves the provision of dynamically scalable and often virtualized resources over the Internet. However, cloud computing raises concerns on how cloud service providers, user organizations, and governments should handle such information and interactions. Personal health records represent an emerging patient-centric model for health information exchange, and they are outsourced for storage by third parties, such as cloud providers. With these records, it is necessary for each patient to encrypt their own personal health data before uploading them to cloud servers. Current techniques for encryption primarily rely on conventional cryptographic approaches. However, key management issues remain largely unsolved with these cryptographic-based encryption techniques. We propose that personal health record transactions be managed using geometric data perturbation in cloud computing. In our proposed scheme, the personal health record database is perturbed using geometric data perturbation and outsourced to the Amazon EC2 cloud. PMID:25767826
Measurement-Device Independency Analysis of Continuous-Variable Quantum Digital Signature
Directory of Open Access Journals (Sweden)
Tao Shang
2018-04-01
Full Text Available With the practical implementation of continuous-variable quantum cryptographic protocols, security problems resulting from measurement-device loopholes are being given increasing attention. At present, research on measurement-device independency analysis is limited in quantum key distribution protocols, while there exist different security problems for different protocols. Considering the importance of quantum digital signature in quantum cryptography, in this paper, we attempt to analyze the measurement-device independency of continuous-variable quantum digital signature, especially continuous-variable quantum homomorphic signature. Firstly, we calculate the upper bound of the error rate of a protocol. If it is negligible on condition that all measurement devices are untrusted, the protocol is deemed to be measurement-device-independent. Then, we simplify the calculation by using the characteristics of continuous variables and prove the measurement-device independency of the protocol according to the calculation result. In addition, the proposed analysis method can be extended to other quantum cryptographic protocols besides continuous-variable quantum homomorphic signature.
Geometric Data Perturbation-Based Personal Health Record Transactions in Cloud Computing
Directory of Open Access Journals (Sweden)
S. Balasubramaniam
2015-01-01
Full Text Available Cloud computing is a new delivery model for information technology services and it typically involves the provision of dynamically scalable and often virtualized resources over the Internet. However, cloud computing raises concerns on how cloud service providers, user organizations, and governments should handle such information and interactions. Personal health records represent an emerging patient-centric model for health information exchange, and they are outsourced for storage by third parties, such as cloud providers. With these records, it is necessary for each patient to encrypt their own personal health data before uploading them to cloud servers. Current techniques for encryption primarily rely on conventional cryptographic approaches. However, key management issues remain largely unsolved with these cryptographic-based encryption techniques. We propose that personal health record transactions be managed using geometric data perturbation in cloud computing. In our proposed scheme, the personal health record database is perturbed using geometric data perturbation and outsourced to the Amazon EC2 cloud.
Quantum random oracle model for quantum digital signature
Shang, Tao; Lei, Qi; Liu, Jianwei
2016-10-01
The goal of this work is to provide a general security analysis tool, namely, the quantum random oracle (QRO), for facilitating the security analysis of quantum cryptographic protocols, especially protocols based on quantum one-way function. QRO is used to model quantum one-way function and different queries to QRO are used to model quantum attacks. A typical application of quantum one-way function is the quantum digital signature, whose progress has been hampered by the slow pace of the experimental realization. Alternatively, we use the QRO model to analyze the provable security of a quantum digital signature scheme and elaborate the analysis procedure. The QRO model differs from the prior quantum-accessible random oracle in that it can output quantum states as public keys and give responses to different queries. This tool can be a test bed for the cryptanalysis of more quantum cryptographic protocols based on the quantum one-way function.
Practical long-distance quantum key distribution system using decoy levels
International Nuclear Information System (INIS)
Rosenberg, D; Peterson, C G; Harrington, J W; Rice, P R; Dallmann, N; Tyagi, K T; McCabe, K P; Hughes, R J; Nordholt, J E; Nam, S; Baek, B; Hadfield, R H
2009-01-01
Quantum key distribution (QKD) has the potential for widespread real-world applications, but no secure long-distance experiment has demonstrated the truly practical operation needed to move QKD from the laboratory to the real world due largely to limitations in synchronization and poor detector performance. Here, we report results obtained using a fully automated, robust QKD system based on the Bennett Brassard 1984 (BB84) protocol with low-noise superconducting nanowire single-photon detectors (SNSPDs) and decoy levels to produce a secret key with unconditional security over a record 140.6 km of optical fibre, an increase of more than a factor of five compared with the previous record for unconditionally secure key generation in a practical QKD system.
International Nuclear Information System (INIS)
Sánchez Yañez, Pablo
2017-01-01
Most of the keys of the north of the country have a high potential for tourism Sun and beach, which is why each has an associated infrastructure that allows hotels have the necessary quality standards. Within this infrastructure the continuous electrical service must have each hotel to meet the needs of tourists stands. Today the keys are isolated from the SEN and electrical service is supplied by generators. These groups feed on fuel and diesel, and generate polluting gases near where the major hotel groups are. The problems in transporting fuel and pollution they generate have led to begin to analyze different ways of providing electric service stably in the keys. One possible option to address the problems generated by power generators in an isolated system is to interconnect the cay with SEN. This connection can be made in three ways; by airlines, underground cables or submarine cables. The airlines in the tourist areas are discarded because they affect the visuality this is why variants of underground cables or submarines are almost always handled. The proposal is to interconnect the keys with submarine cable where current conditions do not allow the use of underground cables. This interconnection can meet the demand of the keys stably and more reliably than current conditions. In addition to cases where there is a tourism growth should be no more generators only have a cable with the ability to transfer all the power needed. (author)