Quantum election scheme based on anonymous quantum key distribution

International Nuclear Information System (INIS)

Zhou Rui-Rui; Yang Li

2012-01-01

An unconditionally secure authority-certified anonymous quantum key distribution scheme using conjugate coding is presented, based on which we construct a quantum election scheme without the help of an entanglement state. We show that this election scheme ensures the completeness, soundness, privacy, eligibility, unreusability, fairness, and verifiability of a large-scale election in which the administrator and counter are semi-honest. This election scheme can work even if there exist loss and errors in quantum channels. In addition, any irregularity in this scheme is sensible. (general)

A multihop key agreement scheme for wireless ad hoc networks based on channel characteristics.

Science.gov (United States)

Hao, Zhuo; Zhong, Sheng; Yu, Nenghai

2013-01-01

A number of key agreement schemes based on wireless channel characteristics have been proposed recently. However, previous key agreement schemes require that two nodes which need to agree on a key are within the communication range of each other. Hence, they are not suitable for multihop wireless networks, in which nodes do not always have direct connections with each other. In this paper, we first propose a basic multihop key agreement scheme for wireless ad hoc networks. The proposed basic scheme is resistant to external eavesdroppers. Nevertheless, this basic scheme is not secure when there exist internal eavesdroppers or Man-in-the-Middle (MITM) adversaries. In order to cope with these adversaries, we propose an improved multihop key agreement scheme. We show that the improved scheme is secure against internal eavesdroppers and MITM adversaries in a single path. Both performance analysis and simulation results demonstrate that the improved scheme is efficient. Consequently, the improved key agreement scheme is suitable for multihop wireless ad hoc networks.

Multi-biometrics based cryptographic key regeneration scheme

OpenAIRE

Kanade , Sanjay Ganesh; Petrovska-Delacrétaz , Dijana; Dorizzi , Bernadette

2009-01-01

International audience; Biometrics lack revocability and privacy while cryptography cannot detect the user's identity. By obtaining cryptographic keys using biometrics, one can achieve the properties such as revocability, assurance about user's identity, and privacy. In this paper, we propose a multi-biometric based cryptographic key regeneration scheme. Since left and right irises of a person are uncorrelated, we treat them as two independent biometrics and combine in our system. We propose ...

Efficient Anonymous Authenticated Key Agreement Scheme for Wireless Body Area Networks

Directory of Open Access Journals (Sweden)

Tong Li

2017-01-01

Full Text Available Wireless body area networks (WBANs are widely used in telemedicine, which can be utilized for real-time patients monitoring and home health-care. The sensor nodes in WBANs collect the client’s physiological data and transmit it to the medical center. However, the clients’ personal information is sensitive and there are many security threats in the extra-body communication. Therefore, the security and privacy of client’s physiological data need to be ensured. Many authentication protocols for WBANs have been proposed in recent years. However, the existing protocols fail to consider the key update phase. In this paper, we propose an efficient authenticated key agreement scheme for WBANs and add the key update phase to enhance the security of the proposed scheme. In addition, session keys are generated during the registration phase and kept secretly, thus reducing computation cost in the authentication phase. The performance analysis demonstrates that our scheme is more efficient than the currently popular related schemes.

A Privacy Protection User Authentication and Key Agreement Scheme Tailored for the Internet of Things Environment: PriAuth

Directory of Open Access Journals (Sweden)

Yuwen Chen

2017-01-01

Full Text Available In a wearable sensor-based deployment, sensors are placed over the patient to monitor their body health parameters. Continuous physiological information monitored by wearable sensors helps doctors have a better diagnostic and a suitable treatment. When doctors want to access the patient’s sensor data remotely via network, the patient will authenticate the identity of the doctor first, and then they will negotiate a key for further communication. Many lightweight schemes have been proposed to enable a mutual authentication and key establishment between the two parties with the help of a gateway node, but most of these schemes cannot enable identity confidentiality. Besides, the shared key is also known by the gateway, which means the patient’s sensor data could be leaked to the gateway. In PriAuth, identities are encrypted to guarantee confidentiality. Additionally, Elliptic Curve Diffie–Hellman (ECDH key exchange protocol has been adopted to ensure the secrecy of the key, avoiding the gateway access to it. Besides, only hash and XOR computations are adopted because of the computability and power constraints of the wearable sensors. The proposed scheme has been validated by BAN logic and AVISPA, and the results show the scheme has been proven as secure.

Understanding security failures of two authentication and key agreement schemes for telecare medicine information systems.

Science.gov (United States)

Mishra, Dheerendra

2015-03-01

Smart card based authentication and key agreement schemes for telecare medicine information systems (TMIS) enable doctors, nurses, patients and health visitors to use smart cards for secure login to medical information systems. In recent years, several authentication and key agreement schemes have been proposed to present secure and efficient solution for TMIS. Most of the existing authentication schemes for TMIS have either higher computation overhead or are vulnerable to attacks. To reduce the computational overhead and enhance the security, Lee recently proposed an authentication and key agreement scheme using chaotic maps for TMIS. Xu et al. also proposed a password based authentication and key agreement scheme for TMIS using elliptic curve cryptography. Both the schemes provide better efficiency from the conventional public key cryptography based schemes. These schemes are important as they present an efficient solution for TMIS. We analyze the security of both Lee's scheme and Xu et al.'s schemes. Unfortunately, we identify that both the schemes are vulnerable to denial of service attack. To understand the security failures of these cryptographic schemes which are the key of patching existing schemes and designing future schemes, we demonstrate the security loopholes of Lee's scheme and Xu et al.'s scheme in this paper.

Tamper-proof secret image-sharing scheme for identifying cheated secret keys and shared images

Science.gov (United States)

Chen, Chien-Chang; Liu, Chong-An

2013-01-01

A (t,n) secret image-sharing scheme shares a secret image to n participants, and the t users recover the image. During the recovery procedure of a conventional secret image-sharing scheme, cheaters may use counterfeit secret keys or modified shared images to cheat other users' secret keys and shared images. A cheated secret key or shared image leads to an incorrect secret image. Unfortunately, the cheater cannot be identified. We present an exponent and modulus-based scheme to provide a tamper-proof secret image-sharing scheme for identifying cheaters on secret keys or shared images. The proposed scheme allows users to securely select their secret key. This assignment can be performed over networks. Modulus results of each shared image is calculated to recognize cheaters of a shared image. Experimental results indicate that the proposed scheme is excellent at identifying cheated secret keys and shared images.

A Dual Key-Based Activation Scheme for Secure LoRaWAN

Directory of Open Access Journals (Sweden)

Jaehyu Kim

2017-01-01

Full Text Available With the advent of the Internet of Things (IoT era, we are experiencing rapid technological progress. Billions of devices are connected to each other, and our homes, cities, hospitals, and schools are getting smarter and smarter. However, to realize the IoT, several challenging issues such as connecting resource-constrained devices to the Internet must be resolved. Recently introduced Low Power Wide Area Network (LPWAN technologies have been devised to resolve this issue. Among many LPWAN candidates, the Long Range (LoRa is one of the most promising technologies. The Long Range Wide Area Network (LoRaWAN is a communication protocol for LoRa that provides basic security mechanisms. However, some security loopholes exist in LoRaWAN’s key update and session key generation. In this paper, we propose a dual key-based activation scheme for LoRaWAN. It resolves the problem of key updates not being fully supported. In addition, our scheme facilitates each layer in generating its own session key directly, which ensures the independence of all layers. Real-world experimental results compared with the original scheme show that the proposed scheme is totally feasible in terms of delay and battery consumption.

Secret-Key-Aided Scheme for Securing Untrusted DF Relaying Networks

KAUST Repository

Shafie, Ahmed El

2017-06-12

This paper proposes a new scheme to secure the transmissions in an untrusted decode-and-forward (DF) relaying network. A legitimate source node, Alice, sends her data to a legitimate destination node, Bob, with the aid of an untrusted DF relay node, Charlie. To secure the transmissions from Charlie during relaying time slots, each data codeword is secured using a secret-key codeword that has been previously shared between Alice and Bob during the perfectly secured time slots (i.e., when the channel secrecy rate is positive). The secret-key bits exchanged between Alice and Bob are stored in a finite-length buffer and are used to secure data transmission whenever needed. We model the secret-key buffer as a queueing system and analyze its Markov chain. Our numerical results show the gains of our proposed scheme relative to benchmarks. Moreover, the proposed scheme achieves an upper bound on the secure throughput.

Secret-Key-Aided Scheme for Securing Untrusted DF Relaying Networks

KAUST Repository

Shafie, Ahmed El; Salem, Ahmed Sultan; Mabrouk, Asma; Tourki, Kamel; Al-Dhahir, Naofal

2017-01-01

This paper proposes a new scheme to secure the transmissions in an untrusted decode-and-forward (DF) relaying network. A legitimate source node, Alice, sends her data to a legitimate destination node, Bob, with the aid of an untrusted DF relay node, Charlie. To secure the transmissions from Charlie during relaying time slots, each data codeword is secured using a secret-key codeword that has been previously shared between Alice and Bob during the perfectly secured time slots (i.e., when the channel secrecy rate is positive). The secret-key bits exchanged between Alice and Bob are stored in a finite-length buffer and are used to secure data transmission whenever needed. We model the secret-key buffer as a queueing system and analyze its Markov chain. Our numerical results show the gains of our proposed scheme relative to benchmarks. Moreover, the proposed scheme achieves an upper bound on the secure throughput.

A Secure Trust Establishment Scheme for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Farruh Ishmanov

2014-01-01

Full Text Available Trust establishment is an important tool to improve cooperation and enhance security in wireless sensor networks. The core of trust establishment is trust estimation. If a trust estimation method is not robust against attack and misbehavior, the trust values produced will be meaningless, and system performance will be degraded. We present a novel trust estimation method that is robust against on-off attacks and persistent malicious behavior. Moreover, in order to aggregate recommendations securely, we propose using a modified one-step M-estimator scheme. The novelty of the proposed scheme arises from combining past misbehavior with current status in a comprehensive way. Specifically, we introduce an aggregated misbehavior component in trust estimation, which assists in detecting an on-off attack and persistent malicious behavior. In order to determine the current status of the node, we employ previous trust values and current measured misbehavior components. These components are combined to obtain a robust trust value. Theoretical analyses and evaluation results show that our scheme performs better than other trust schemes in terms of detecting an on-off attack and persistent misbehavior.

An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System.

Science.gov (United States)

Jung, Jaewook; Kang, Dongwoo; Lee, Donghoon; Won, Dongho

2017-01-01

Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency.

An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System.

Directory of Open Access Journals (Sweden)

Jaewook Jung

Full Text Available Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency.

An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System

Science.gov (United States)

Kang, Dongwoo; Lee, Donghoon; Won, Dongho

2017-01-01

Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency. PMID:28046075

Physical Layer Secret-Key Generation Scheme for Transportation Security Sensor Network.

Science.gov (United States)

Yang, Bin; Zhang, Jianfeng

2017-06-28

Wireless Sensor Networks (WSNs) are widely used in different disciplines, including transportation systems, agriculture field environment monitoring, healthcare systems, and industrial monitoring. The security challenge of the wireless communication link between sensor nodes is critical in WSNs. In this paper, we propose a new physical layer secret-key generation scheme for transportation security sensor network. The scheme is based on the cooperation of all the sensor nodes, thus avoiding the key distribution process, which increases the security of the system. Different passive and active attack models are analyzed in this paper. We also prove that when the cooperative node number is large enough, even when the eavesdropper is equipped with multiple antennas, the secret-key is still secure. Numerical results are performed to show the efficiency of the proposed scheme.

Key Management Schemes for Peer-to-Peer Multimedia Streaming Overlay Networks

Science.gov (United States)

Naranjo, J. A. M.; López-Ramos, J. A.; Casado, L. G.

Key distribution for multimedia live streaming peer-to-peer overlay networks is a field still in its childhood stage. A scheme designed for networks of this kind must seek security and efficiency while keeping in mind the following restrictions: limited bandwidth, continuous playing, great audience size and clients churn. This paper introduces two novel schemes that allow a trade-off between security and efficiency by allowing to dynamically vary the number of levels used in the key hierarchy. These changes are motivated by great variations in audience size, and initiated by decision of the Key Server. Additionally, a comparative study of both is presented, focusing on security and audience size. Results show that larger key hierarchies can supply bigger audiences, but offer less security against statistical attacks. The opposite happens for shorter key hierarchies.

Three-factor anonymous authentication and key agreement scheme for Telecare Medicine Information Systems.

Science.gov (United States)

Arshad, Hamed; Nikooghadam, Morteza

2014-12-01

Nowadays, with comprehensive employment of the internet, healthcare delivery services is provided remotely by telecare medicine information systems (TMISs). A secure mechanism for authentication and key agreement is one of the most important security requirements for TMISs. Recently, Tan proposed a user anonymity preserving three-factor authentication scheme for TMIS. The present paper shows that Tan's scheme is vulnerable to replay attacks and Denial-of-Service attacks. In order to overcome these security flaws, a new and efficient three-factor anonymous authentication and key agreement scheme for TMIS is proposed. Security and performance analysis shows superiority of the proposed scheme in comparison with previously proposed schemes that are related to security of TMISs.

Two-Dimensional Key Table-Based Group Key Distribution in Advanced Metering Infrastructure

Directory of Open Access Journals (Sweden)

Woong Go

2014-01-01

Full Text Available A smart grid provides two-way communication by using the information and communication technology. In order to establish two-way communication, the advanced metering infrastructure (AMI is used in the smart grid as the core infrastructure. This infrastructure consists of smart meters, data collection units, maintenance data management systems, and so on. However, potential security problems of the AMI increase owing to the application of the public network. This is because the transmitted information is electricity consumption data for charging. Thus, in order to establish a secure connection to transmit electricity consumption data, encryption is necessary, for which key distribution is required. Further, a group key is more efficient than a pairwise key in the hierarchical structure of the AMI. Therefore, we propose a group key distribution scheme using a two-dimensional key table through the analysis result of the sensor network group key distribution scheme. The proposed scheme has three phases: group key predistribution, selection of group key generation element, and generation of group key.

Dynamic Symmetric Key Mobile Commerce Scheme Based on Self-Verified Mechanism

Directory of Open Access Journals (Sweden)

Jiachen Yang

2014-01-01

Full Text Available In terms of the security and efficiency of mobile e-commerce, the authors summarized the advantages and disadvantages of several related schemes, especially the self-verified mobile payment scheme based on the elliptic curve cryptosystem (ECC and then proposed a new type of dynamic symmetric key mobile commerce scheme based on self-verified mechanism. The authors analyzed the basic algorithm based on self-verified mechanisms and detailed the complete transaction process of the proposed scheme. The authors analyzed the payment scheme based on the security and high efficiency index. The analysis shows that the proposed scheme not only meets the high efficiency of mobile electronic payment premise, but also takes the security into account. The user confirmation mechanism at the end of the proposed scheme further strengthens the security of the proposed scheme. In brief, the proposed scheme is more efficient and practical than most of the existing schemes.

A Lightweight Authentication and Key Management Scheme for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Danyang Qin

2016-01-01

Full Text Available Security problem is one of the most popular research fields in wireless sensor networks for both the application requirement and the resource-constrained essence. An effective and lightweight Authentication and Key Management Scheme (AKMS is proposed in this paper to solve the problem of malicious nodes occurring in the process of networking and to offer a high level of security with low cost. For the condition that the mobile sensor nodes need to be authenticated, the keys in AKMS will be dynamically generated and adopted for security protection. Even when the keys are being compromised or captured, the attackers can neither use the previous keys nor misuse the authenticated nodes to cheat. Simulation results show that the proposed scheme provides more efficient security with less energy consumption for wireless sensor networks especially with mobile sensors.

Differential on-on keying: A robust non-coherent digital modulation scheme

KAUST Repository

Kaddoum, Georges

2015-05-01

A robust digital modulation scheme, called differential on-on keying (DOOK), is presented in this paper which outperforms the conventional on-off keying (OOK). In this scheme, a sinusoidal signal is transmitted during the first half of the bit duration while a replica or an inverted version of the sinusoidal signal is transmitted during the second half for logic one or logic zero, respectively. Non-coherent receiver correlates the two halves of the received signal over half bit duration to construct a decision variable. Bit error performance is analyzed over AWGN and Rayleigh fading channels and compared to the conventional OOK.

Differential on-on keying: A robust non-coherent digital modulation scheme

KAUST Repository

Kaddoum, Georges; Ahmed, Mohammed F. A.; Al-Naffouri, Tareq Y.

2015-01-01

A robust digital modulation scheme, called differential on-on keying (DOOK), is presented in this paper which outperforms the conventional on-off keying (OOK). In this scheme, a sinusoidal signal is transmitted during the first half of the bit duration while a replica or an inverted version of the sinusoidal signal is transmitted during the second half for logic one or logic zero, respectively. Non-coherent receiver correlates the two halves of the received signal over half bit duration to construct a decision variable. Bit error performance is analyzed over AWGN and Rayleigh fading channels and compared to the conventional OOK.

On the Security of a Two-Factor Authentication and Key Agreement Scheme for Telecare Medicine Information Systems.

Science.gov (United States)

Arshad, Hamed; Teymoori, Vahid; Nikooghadam, Morteza; Abbassi, Hassan

2015-08-01

Telecare medicine information systems (TMISs) aim to deliver appropriate healthcare services in an efficient and secure manner to patients. A secure mechanism for authentication and key agreement is required to provide proper security in these systems. Recently, Bin Muhaya demonstrated some security weaknesses of Zhu's authentication and key agreement scheme and proposed a security enhanced authentication and key agreement scheme for TMISs. However, we show that Bin Muhaya's scheme is vulnerable to off-line password guessing attacks and does not provide perfect forward secrecy. Furthermore, in order to overcome the mentioned weaknesses, we propose a new two-factor anonymous authentication and key agreement scheme using the elliptic curve cryptosystem. Security and performance analyses demonstrate that the proposed scheme not only overcomes the weaknesses of Bin Muhaya's scheme, but also is about 2.73 times faster than Bin Muhaya's scheme.

An efficient chaotic maps-based authentication and key agreement scheme using smartcards for telecare medicine information systems.

Science.gov (United States)

Lee, Tian-Fu

2013-12-01

A smartcard-based authentication and key agreement scheme for telecare medicine information systems enables patients, doctors, nurses and health visitors to use smartcards for secure login to medical information systems. Authorized users can then efficiently access remote services provided by the medicine information systems through public networks. Guo and Chang recently improved the efficiency of a smartcard authentication and key agreement scheme by using chaotic maps. Later, Hao et al. reported that the scheme developed by Guo and Chang had two weaknesses: inability to provide anonymity and inefficient double secrets. Therefore, Hao et al. proposed an authentication scheme for telecare medicine information systems that solved these weaknesses and improved performance. However, a limitation in both schemes is their violation of the contributory property of key agreements. This investigation discusses these weaknesses and proposes a new smartcard-based authentication and key agreement scheme that uses chaotic maps for telecare medicine information systems. Compared to conventional schemes, the proposed scheme provides fewer weaknesses, better security, and more efficiency.

Key-Insulated Undetachable Digital Signature Scheme and Solution for Secure Mobile Agents in Electronic Commerce

Directory of Open Access Journals (Sweden)

Yang Shi

2016-01-01

Full Text Available Considering the security of both the customers’ hosts and the eShops’ servers, we introduce the idea of a key-insulated undetachable digital signature, enabling mobile agents to generate undetachable digital signatures on remote hosts with the key-insulated property of the original signer’s signing key. From the theoretical perspective, we provide the formal definition and security notion of a key-insulated undetachable digital signature. From the practical perspective, we propose a concrete scheme to secure mobile agents in electronic commerce. The scheme is mainly focused on protecting the signing key from leakage and preventing the misuse of the signature algorithm on malicious servers. Agents do not carry the signing key when they generate digital signatures on behalf of the original signer, so the key is protected on remote servers. Furthermore, if a hacker gains the signing key of the original signer, the hacker is still unable to forge a signature for any time period other than the key being accessed. In addition, the encrypted function is combined with the original signer’s requirement to prevent the misuse of signing algorithm. The scheme is constructed on gap Diffie–Hellman groups with provable security, and the performance testing indicates that the scheme is efficient.

An Energy Efficient Mutual Authentication and Key Agreement Scheme Preserving Anonymity for Wireless Sensor Networks

Science.gov (United States)

Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Yang, Yixian

2016-01-01

WSNs (Wireless sensor networks) are nowadays viewed as a vital portion of the IoTs (Internet of Things). Security is a significant issue in WSNs, especially in resource-constrained environments. AKA (Authentication and key agreement) enhances the security of WSNs against adversaries attempting to get sensitive sensor data. Various AKA schemes have been developed for verifying the legitimate users of a WSN. Firstly, we scrutinize Amin-Biswas’s currently scheme and demonstrate the major security loopholes in their works. Next, we propose a lightweight AKA scheme, using symmetric key cryptography based on smart card, which is resilient against all well known security attacks. Furthermore, we prove the scheme accomplishes mutual handshake and session key agreement property securely between the participates involved under BAN (Burrows, Abadi and Needham) logic. Moreover, formal security analysis and simulations are also conducted using AVISPA(Automated Validation of Internet Security Protocols and Applications) to show that our scheme is secure against active and passive attacks. Additionally, performance analysis shows that our proposed scheme is secure and efficient to apply for resource-constrained WSNs. PMID:27338382

An Energy Efficient Mutual Authentication and Key Agreement Scheme Preserving Anonymity for Wireless Sensor Networks.

Science.gov (United States)

Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Yang, Yixian

2016-06-08

WSNs (Wireless sensor networks) are nowadays viewed as a vital portion of the IoTs (Internet of Things). Security is a significant issue in WSNs, especially in resource-constrained environments. AKA (Authentication and key agreement) enhances the security of WSNs against adversaries attempting to get sensitive sensor data. Various AKA schemes have been developed for verifying the legitimate users of a WSN. Firstly, we scrutinize Amin-Biswas's currently scheme and demonstrate the major security loopholes in their works. Next, we propose a lightweight AKA scheme, using symmetric key cryptography based on smart card, which is resilient against all well known security attacks. Furthermore, we prove the scheme accomplishes mutual handshake and session key agreement property securely between the participates involved under BAN (Burrows, Abadi and Needham) logic. Moreover, formal security analysis and simulations are also conducted using AVISPA(Automated Validation of Internet Security Protocols and Applications) to show that our scheme is secure against active and passive attacks. Additionally, performance analysis shows that our proposed scheme is secure and efficient to apply for resource-constrained WSNs.

An Energy Efficient Mutual Authentication and Key Agreement Scheme Preserving Anonymity for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Yanrong Lu

2016-06-01

Full Text Available WSNs (Wireless sensor networks are nowadays viewed as a vital portion of the IoTs (Internet of Things. Security is a significant issue in WSNs, especially in resource-constrained environments. AKA (Authentication and key agreement enhances the security of WSNs against adversaries attempting to get sensitive sensor data. Various AKA schemes have been developed for verifying the legitimate users of a WSN. Firstly, we scrutinize Amin-Biswas’s currently scheme and demonstrate the major security loopholes in their works. Next, we propose a lightweight AKA scheme, using symmetric key cryptography based on smart card, which is resilient against all well known security attacks. Furthermore, we prove the scheme accomplishes mutual handshake and session key agreement property securely between the participates involved under BAN (Burrows, Abadi and Needham logic. Moreover, formal security analysis and simulations are also conducted using AVISPA(Automated Validation of Internet Security Protocols and Applications to show that our scheme is secure against active and passive attacks. Additionally, performance analysis shows that our proposed scheme is secure and efficient to apply for resource-constrained WSNs.

A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems.

Science.gov (United States)

Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao

2014-09-01

Telecare medicine information system (TMIS) is widely used for providing a convenient and efficient communicating platform between patients at home and physicians at medical centers or home health care (HHC) organizations. To ensure patient privacy, in 2013, Hao et al. proposed a chaotic map based authentication scheme with user anonymity for TMIS. Later, Lee showed that Hao et al.'s scheme is in no provision for providing fairness in session key establishment and gave an efficient user authentication and key agreement scheme using smart cards, in which only few hashing and Chebyshev chaotic map operations are required. In addition, Jiang et al. discussed that Hao et al.'s scheme can not resist stolen smart card attack and they further presented an improved scheme which attempts to repair the security pitfalls found in Hao et al.'s scheme. In this paper, we found that both Lee's and Jiang et al.'s authentication schemes have a serious security problem in that a registered user's secret parameters may be intentionally exposed to many non-registered users and this problem causing the service misuse attack. Therefore, we propose a slight modification on Lee's scheme to prevent the shortcomings. Compared with previous schemes, our improved scheme not only inherits the advantages of Lee's and Jiang et al.'s authentication schemes for TMIS but also remedies the serious security weakness of not being able to withstand service misuse attack.

Ubi-RKE: A Rhythm Key Based Encryption Scheme for Ubiquitous Devices

Directory of Open Access Journals (Sweden)

Jae Dong Lee

2014-01-01

Full Text Available As intelligent ubiquitous devices become more popular, security threats targeting them are increasing; security is seen as one of the major challenges of the ubiquitous computing. Now a days, applying ubiquitous computing in number of fields for human safety and convenience was immensely increased in recent years. The popularity of the technology is rising day by day, and hence the security is becoming the main focused point with the advent and rising popularity of the applications. In particular, the number of wireless networks based on ubiquitous devices has increased rapidly; these devices support transmission for many types of data traffic. The convenient portability of ubiquitous devices makes them vulnerable to security threats, such as loss, theft, data modification, and wiretapping. Developers and users should seriously consider employing data encryption to protect data from such vulnerabilities. In this paper, we propose a Rhythm Key based Encryption scheme for ubiquitous devices (Ubi-RKE. The concept of Rhythm Key based Encryption has been applied to numerous real world applications in different domains. It provides key memorability and secure encryption through user touching rhythm on ubiquitous devices. Our proposed scheme is more efficient for users than existing schemes, by providing a strong cipher.

An Improved Dynamic ID-Based Remote User Authentication with Key Agreement Scheme

Directory of Open Access Journals (Sweden)

Juan Qu

2013-01-01

Full Text Available In recent years, several dynamic ID-based remote user authentication schemes have been proposed. In 2012, Wen and Li proposed a dynamic ID-based remote user authentication with key agreement scheme. They claimed that their scheme can resist impersonation attack and insider attack and provide anonymity for the users. However, we will show that Wen and Li's scheme cannot withstand insider attack and forward secrecy, does not provide anonymity for the users, and inefficiency for error password login. In this paper, we propose a novel ECC-based remote user authentication scheme which is immune to various known types of attack and is more secure and practical for mobile clients.

Mitigation of Control Channel Jamming via Combinatorial Key Distribution

Science.gov (United States)

Falahati, Abolfazl; Azarafrooz, Mahdi

The problem of countering control channel jamming against internal adversaries in wireless ad hoc networks is addressed. Using combinatorial key distribution, a new method to secure the control channel access is introduced. This method, utilizes the established keys in the key establishment phase to hide the location of control channels without the need for a secure BS. This is in obtained by combination of a collision free one-way function and a combinatorial key establishment method. The proposed scheme can be considered as a special case of the ALOHA random access schemes which uses the common established keys as its seeds to generate the pattern of transmission.

Two-Factor User Authentication with Key Agreement Scheme Based on Elliptic Curve Cryptosystem

Directory of Open Access Journals (Sweden)

Juan Qu

2014-01-01

Full Text Available A password authentication scheme using smart card is called two-factor authentication scheme. Two-factor authentication scheme is the most accepted and commonly used mechanism that provides the authorized users a secure and efficient method for accessing resources over insecure communication channel. Up to now, various two-factor user authentication schemes have been proposed. However, most of them are vulnerable to smart card loss attack, offline password guessing attack, impersonation attack, and so on. In this paper, we design a password remote user authentication with key agreement scheme using elliptic curve cryptosystem. Security analysis shows that the proposed scheme has high level of security. Moreover, the proposed scheme is more practical and secure in contrast to some related schemes.

A Key Pre-Distribution Scheme Based on µ-PBIBD for Enhancing Resilience in Wireless Sensor Networks.

Science.gov (United States)

Yuan, Qi; Ma, Chunguang; Yu, Haitao; Bian, Xuefen

2018-05-12

Many key pre-distribution (KPD) schemes based on combinatorial design were proposed for secure communication of wireless sensor networks (WSNs). Due to complexity of constructing the combinatorial design, it is infeasible to generate key rings using the corresponding combinatorial design in large scale deployment of WSNs. In this paper, we present a definition of new combinatorial design, termed “µ-partially balanced incomplete block design (µ-PBIBD)”, which is a refinement of partially balanced incomplete block design (PBIBD), and then describe a 2-D construction of µ-PBIBD which is mapped to KPD in WSNs. Our approach is of simple construction which provides a strong key connectivity and a poor network resilience. To improve the network resilience of KPD based on 2-D µ-PBIBD, we propose a KPD scheme based on 3-D Ex-µ-PBIBD which is a construction of µ-PBIBD from 2-D space to 3-D space. Ex-µ-PBIBD KPD scheme improves network scalability and resilience while has better key connectivity. Theoretical analysis and comparison with the related schemes show that key pre-distribution scheme based on Ex-µ-PBIBD provides high network resilience and better key scalability, while it achieves a trade-off between network resilience and network connectivity.

Key management schemes using routing information frames in secure wireless sensor networks

Science.gov (United States)

Kamaev, V. A.; Finogeev, A. G.; Finogeev, A. A.; Parygin, D. S.

2017-01-01

The article considers the problems and objectives of key management for data encryption in wireless sensor networks (WSN) of SCADA systems. The structure of the key information in the ZigBee network and methods of keys obtaining are discussed. The use of a hybrid key management schemes is most suitable for WSN. The session symmetric key is used to encrypt the sensor data, asymmetric keys are used to encrypt the session key transmitted from the routing information. Three algorithms of hybrid key management using routing information frames determined by routing methods and the WSN topology are presented.

A Cross-Layer Key Management Scheme for MIPv6 Fast Handover over IEEE 802.11 Wireless LAN

Directory of Open Access Journals (Sweden)

Chang-Seop Park

2015-01-01

Full Text Available A new key management and security scheme is proposed to integrate Layer Two (L2 and Layer Three (L3 keys for secure and fast Mobile IPv6 handover over IEEE 802.11 Wireless Local Area Network (WLAN. Unlike the original IEEE 802.11-based Mobile IPv6 Fast Handover (FMIPv6 that requires time-consuming IEEE 802.1x-based Extensible Authentication Protocol (EAP authentication on each L3 handover, the newly proposed key management and security scheme requires only one 802.1x-EAP regardless of how many L3 handovers occur. Therefore, the proposed scheme reduces the handover latency that results from a lengthy 802.1x-based EAP. The proposed key management and security scheme is extensively analyzed in terms of security and performance, and the proposed security scheme is shown to be more secure than those that were previously proposed.

Towards Public Key Encryption Scheme Supporting Equality Test with Fine-Grained Authorization

NARCIS (Netherlands)

Tang, Qiang

2011-01-01

In this paper we investigate a new category of public key encryption schemes which supports equality test between ciphertexts. With this new primitive, two users, who possess their own public/private key pairs, can issue token(s) to a proxy to authorize it to perform equality test between their

Establishing Key Performance Indicators : Case company X

OpenAIRE

Singh, Jatinder

2015-01-01

The key performance indicators serve as the navigational tools for a business organization to monitor its performance. They enable the management team to take real time decisions to keep organization’s resources aligned to its business strategy to accomplish its strategic objec-tives. This research was conducted to analyse the process of establishing successful key per-formance indicators for a business organization. The research was conducted to recommend key performance indicators developme...

A Secure Dynamic Identity and Chaotic Maps Based User Authentication and Key Agreement Scheme for e-Healthcare Systems.

Science.gov (United States)

Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao; Chen, Song-Jhih

2016-11-01

Secure user authentication schemes in many e-Healthcare applications try to prevent unauthorized users from intruding the e-Healthcare systems and a remote user and a medical server can establish session keys for securing the subsequent communications. However, many schemes does not mask the users' identity information while constructing a login session between two or more parties, even though personal privacy of users is a significant topic for e-Healthcare systems. In order to preserve personal privacy of users, dynamic identity based authentication schemes are hiding user's real identity during the process of network communications and only the medical server knows login user's identity. In addition, most of the existing dynamic identity based authentication schemes ignore the inputs verification during login condition and this flaw may subject to inefficiency in the case of incorrect inputs in the login phase. Regarding the use of secure authentication mechanisms for e-Healthcare systems, this paper presents a new dynamic identity and chaotic maps based authentication scheme and a secure data protection approach is employed in every session to prevent illegal intrusions. The proposed scheme can not only quickly detect incorrect inputs during the phases of login and password change but also can invalidate the future use of a lost/stolen smart card. Compared the functionality and efficiency with other authentication schemes recently, the proposed scheme satisfies desirable security attributes and maintains acceptable efficiency in terms of the computational overheads for e-Healthcare systems.

Extended KCI attack against two-party key establishment protocols

NARCIS (Netherlands)

Tang, Qiang; Chen, Liqun

2011-01-01

We introduce an extended Key Compromise Impersonation (KCI) attack against two-party key establishment protocols, where an adversary has access to both long-term and ephemeral secrets of a victim. Such an attack poses serious threats to both key authentication and key confirmation properties of a

Cryptanalysis and Improvement of a Biometric-Based Multi-Server Authentication and Key Agreement Scheme.

Directory of Open Access Journals (Sweden)

Chengqi Wang

Full Text Available With the security requirements of networks, biometrics authenticated schemes which are applied in the multi-server environment come to be more crucial and widely deployed. In this paper, we propose a novel biometric-based multi-server authentication and key agreement scheme which is based on the cryptanalysis of Mishra et al.'s scheme. The informal and formal security analysis of our scheme are given, which demonstrate that our scheme satisfies the desirable security requirements. The presented scheme provides a variety of significant functionalities, in which some features are not considered in the most of existing authentication schemes, such as, user revocation or re-registration and biometric information protection. Compared with several related schemes, our scheme has more secure properties and lower computation cost. It is obviously more appropriate for practical applications in the remote distributed networks.

Cryptanalysis and Improvement of a Biometric-Based Multi-Server Authentication and Key Agreement Scheme

Science.gov (United States)

Wang, Chengqi; Zhang, Xiao; Zheng, Zhiming

2016-01-01

With the security requirements of networks, biometrics authenticated schemes which are applied in the multi-server environment come to be more crucial and widely deployed. In this paper, we propose a novel biometric-based multi-server authentication and key agreement scheme which is based on the cryptanalysis of Mishra et al.’s scheme. The informal and formal security analysis of our scheme are given, which demonstrate that our scheme satisfies the desirable security requirements. The presented scheme provides a variety of significant functionalities, in which some features are not considered in the most of existing authentication schemes, such as, user revocation or re-registration and biometric information protection. Compared with several related schemes, our scheme has more secure properties and lower computation cost. It is obviously more appropriate for practical applications in the remote distributed networks. PMID:26866606

Cryptanalysis and Improvement of a Biometric-Based Multi-Server Authentication and Key Agreement Scheme.

Science.gov (United States)

Wang, Chengqi; Zhang, Xiao; Zheng, Zhiming

2016-01-01

With the security requirements of networks, biometrics authenticated schemes which are applied in the multi-server environment come to be more crucial and widely deployed. In this paper, we propose a novel biometric-based multi-server authentication and key agreement scheme which is based on the cryptanalysis of Mishra et al.'s scheme. The informal and formal security analysis of our scheme are given, which demonstrate that our scheme satisfies the desirable security requirements. The presented scheme provides a variety of significant functionalities, in which some features are not considered in the most of existing authentication schemes, such as, user revocation or re-registration and biometric information protection. Compared with several related schemes, our scheme has more secure properties and lower computation cost. It is obviously more appropriate for practical applications in the remote distributed networks.

A secure effective dynamic group password-based authenticated key agreement scheme for the integrated EPR information system

Directory of Open Access Journals (Sweden)

Vanga Odelu

2016-01-01

Full Text Available With the rapid growth of the Internet, a lot of electronic patient records (EPRs have been developed for e-medicine systems. The security and privacy issues of EPRs are important for the patients in order to understand how the hospitals control the use of their personal information, such as name, address, e-mail, medical records, etc. of a particular patient. Recently, Lee et al. proposed a simple group password-based authenticated key agreement protocol for the integrated EPR information system (SGPAKE. However, in this paper, we show that Lee et al.’s protocol is vulnerable to the off-line weak password guessing attack and as a result, their scheme does not provide users’ privacy. To withstand this security weakness found in Lee et al.’s scheme, we aim to propose an effective dynamic group password-based authenticated key exchange scheme for the integrated EPR information system, which retains the original merits of Lee et al.’s scheme. Through the informal and formal security analysis, we show that our scheme provides users’ privacy, perfect forward security and known-key security, and also protects online and offline password guessing attacks. Furthermore, our scheme efficiently supports the dynamic group password-based authenticated key agreement for the integrated EPR information system. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications tool and show that our scheme is secure against passive and active attacks.

Cryptanalysis and improvement of a biometrics-based authentication and key agreement scheme for multi-server environments.

Science.gov (United States)

Yang, Li; Zheng, Zhiming

2018-01-01

According to advancements in the wireless technologies, study of biometrics-based multi-server authenticated key agreement schemes has acquired a lot of momentum. Recently, Wang et al. presented a three-factor authentication protocol with key agreement and claimed that their scheme was resistant to several prominent attacks. Unfortunately, this paper indicates that their protocol is still vulnerable to the user impersonation attack, privileged insider attack and server spoofing attack. Furthermore, their protocol cannot provide the perfect forward secrecy. As a remedy of these aforementioned problems, we propose a biometrics-based authentication and key agreement scheme for multi-server environments. Compared with various related schemes, our protocol achieves the stronger security and provides more functionality properties. Besides, the proposed protocol shows the satisfactory performances in respect of storage requirement, communication overhead and computational cost. Thus, our protocol is suitable for expert systems and other multi-server architectures. Consequently, the proposed protocol is more appropriate in the distributed networks.

Cryptanalysis and improvement of a biometrics-based authentication and key agreement scheme for multi-server environments

Science.gov (United States)

Zheng, Zhiming

2018-01-01

According to advancements in the wireless technologies, study of biometrics-based multi-server authenticated key agreement schemes has acquired a lot of momentum. Recently, Wang et al. presented a three-factor authentication protocol with key agreement and claimed that their scheme was resistant to several prominent attacks. Unfortunately, this paper indicates that their protocol is still vulnerable to the user impersonation attack, privileged insider attack and server spoofing attack. Furthermore, their protocol cannot provide the perfect forward secrecy. As a remedy of these aforementioned problems, we propose a biometrics-based authentication and key agreement scheme for multi-server environments. Compared with various related schemes, our protocol achieves the stronger security and provides more functionality properties. Besides, the proposed protocol shows the satisfactory performances in respect of storage requirement, communication overhead and computational cost. Thus, our protocol is suitable for expert systems and other multi-server architectures. Consequently, the proposed protocol is more appropriate in the distributed networks. PMID:29534085

A new two-code keying scheme for SAC-OCDMA systems enabling bipolar encoding

Science.gov (United States)

Al-Khafaji, Hamza M. R.; Ngah, Razali; Aljunid, S. A.; Rahman, T. A.

2015-03-01

In this paper, we propose a new two-code keying scheme for enabling bipolar encoding in a high-rate spectral-amplitude coding optical code-division multiple-access (SAC-OCDMA) system. The mathematical formulations are derived for the signal-to-noise ratio and bit-error rate (BER) of SAC-OCDMA system based on the suggested scheme using multi-diagonal (MD) code. Performance analyses are assessed considering the effects of phase-induced intensity noise, as well as shot and thermal noises in photodetectors. The numerical results demonstrated that the proposed scheme exhibits an enhanced BER performance compared to the existing unipolar encoding with direct detection technique. Furthermore, the performance improvement afforded by this scheme is verified using simulation experiments.

Robust biometrics based authentication and key agreement scheme for multi-server environments using smart cards.

Science.gov (United States)

Lu, Yanrong; Li, Lixiang; Yang, Xing; Yang, Yixian

2015-01-01

Biometrics authenticated schemes using smart cards have attracted much attention in multi-server environments. Several schemes of this type where proposed in the past. However, many of them were found to have some design flaws. This paper concentrates on the security weaknesses of the three-factor authentication scheme by Mishra et al. After careful analysis, we find their scheme does not really resist replay attack while failing to provide an efficient password change phase. We further propose an improvement of Mishra et al.'s scheme with the purpose of preventing the security threats of their scheme. We demonstrate the proposed scheme is given to strong authentication against several attacks including attacks shown in the original scheme. In addition, we compare the performance and functionality with other multi-server authenticated key schemes.

Robust biometrics based authentication and key agreement scheme for multi-server environments using smart cards.

Directory of Open Access Journals (Sweden)

Yanrong Lu

Full Text Available Biometrics authenticated schemes using smart cards have attracted much attention in multi-server environments. Several schemes of this type where proposed in the past. However, many of them were found to have some design flaws. This paper concentrates on the security weaknesses of the three-factor authentication scheme by Mishra et al. After careful analysis, we find their scheme does not really resist replay attack while failing to provide an efficient password change phase. We further propose an improvement of Mishra et al.'s scheme with the purpose of preventing the security threats of their scheme. We demonstrate the proposed scheme is given to strong authentication against several attacks including attacks shown in the original scheme. In addition, we compare the performance and functionality with other multi-server authenticated key schemes.

A novel authentication scheme using self-certified public keys for telecare medical information systems.

Science.gov (United States)

Guo, Dianli; Wen, Qiaoyan; Li, Wenmin; Zhang, Hua; Jin, Zhengping

2015-06-01

Telecare medical information systems (TMIS), with the explosive growth of communication technology and physiological monitoring devices, are applied increasingly to enable and support healthcare delivery services. In order to safeguard patients' privacy and tackle the illegal access, authentication schemes for TMIS have been investigated and designed by many researchers. Many of them are promising for adoption in practice, nevertheless, they still have security flaws. In this paper, we propose a novel remote authentication scheme for TMIS using self-certified public keys, which is formally secure in the ID-mBJM model. Besides, the proposed scheme has better computational efficiency. Compared to the related schemes, our protocol is more practical for telemedicine system.

A New Quantum Key Distribution Scheme Based on Frequency and Time Coding

International Nuclear Information System (INIS)

Chang-Hua, Zhu; Chang-Xing, Pei; Dong-Xiao, Quan; Jing-Liang, Gao; Nan, Chen; Yun-Hui, Yi

2010-01-01

A new scheme of quantum key distribution (QKD) using frequency and time coding is proposed, in which the security is based on the frequency-time uncertainty relation. In this scheme, the binary information sequence is encoded randomly on either the central frequency or the time delay of the optical pulse at the sender. The central frequency of the single photon pulse is set as ω 1 for bit 0 and set as ω 2 for bit 1 when frequency coding is selected. However, the single photon pulse is not delayed for bit 0 and is delayed in τ for 1 when time coding is selected. At the receiver, either the frequency or the time delay of the pulse is measured randomly, and the final key is obtained after basis comparison, data reconciliation and privacy amplification. With the proposed method, the effect of the noise in the fiber channel and environment on the QKD system can be reduced effectively

Design of a Secure Authentication and Key Agreement Scheme Preserving User Privacy Usable in Telecare Medicine Information Systems.

Science.gov (United States)

Arshad, Hamed; Rasoolzadegan, Abbas

2016-11-01

Authentication and key agreement schemes play a very important role in enhancing the level of security of telecare medicine information systems (TMISs). Recently, Amin and Biswas demonstrated that the authentication scheme proposed by Giri et al. is vulnerable to off-line password guessing attacks and privileged insider attacks and also does not provide user anonymity. They also proposed an improved authentication scheme, claiming that it resists various security attacks. However, this paper demonstrates that Amin and Biswas's scheme is defenseless against off-line password guessing attacks and replay attacks and also does not provide perfect forward secrecy. This paper also shows that Giri et al.'s scheme not only suffers from the weaknesses pointed out by Amin and Biswas, but it also is vulnerable to replay attacks and does not provide perfect forward secrecy. Moreover, this paper proposes a novel authentication and key agreement scheme to overcome the mentioned weaknesses. Security and performance analyses show that the proposed scheme not only overcomes the mentioned security weaknesses, but also is more efficient than the previous schemes.

An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks.

Science.gov (United States)

Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

2018-01-11

Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes.

An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks

Science.gov (United States)

Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

2018-01-01

Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes. PMID:29324719

An Efficient Key-Policy Attribute-Based Encryption Scheme with Constant Ciphertext Length

Directory of Open Access Journals (Sweden)

Changji Wang

2013-01-01

Full Text Available There is an acceleration of adoption of cloud computing among enterprises. However, moving the infrastructure and sensitive data from trusted domain of the data owner to public cloud will pose severe security and privacy risks. Attribute-based encryption (ABE is a new cryptographic primitive which provides a promising tool for addressing the problem of secure and fine-grained data sharing and decentralized access control. Key-policy attribute-based encryption (KP-ABE is an important type of ABE, which enables senders to encrypt messages under a set of attributes and private keys are associated with access structures that specify which ciphertexts the key holder will be allowed to decrypt. In most existing KP-ABE scheme, the ciphertext size grows linearly with the number of attributes embedded in ciphertext. In this paper, we propose a new KP-ABE construction with constant ciphertext size. In our construction, the access policy can be expressed as any monotone access structure. Meanwhile, the ciphertext size is independent of the number of ciphertext attributes, and the number of bilinear pairing evaluations is reduced to a constant. We prove that our scheme is semantically secure in the selective-set model based on the general Diffie-Hellman exponent assumption.

An Anonymous User Authentication and Key Agreement Scheme Based on a Symmetric Cryptosystem in Wireless Sensor Networks.

Science.gov (United States)

Jung, Jaewook; Kim, Jiye; Choi, Younsung; Won, Dongho

2016-08-16

In wireless sensor networks (WSNs), a registered user can login to the network and use a user authentication protocol to access data collected from the sensor nodes. Since WSNs are typically deployed in unattended environments and sensor nodes have limited resources, many researchers have made considerable efforts to design a secure and efficient user authentication process. Recently, Chen et al. proposed a secure user authentication scheme using symmetric key techniques for WSNs. They claim that their scheme assures high efficiency and security against different types of attacks. After careful analysis, however, we find that Chen et al.'s scheme is still vulnerable to smart card loss attack and is susceptible to denial of service attack, since it is invalid for verification to simply compare an entered ID and a stored ID in smart card. In addition, we also observe that their scheme cannot preserve user anonymity. Furthermore, their scheme cannot quickly detect an incorrect password during login phase, and this flaw wastes both communication and computational overheads. In this paper, we describe how these attacks work, and propose an enhanced anonymous user authentication and key agreement scheme based on a symmetric cryptosystem in WSNs to address all of the aforementioned vulnerabilities in Chen et al.'s scheme. Our analysis shows that the proposed scheme improves the level of security, and is also more efficient relative to other related schemes.

An Anonymous User Authentication and Key Agreement Scheme Based on a Symmetric Cryptosystem in Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Jaewook Jung

2016-08-01

Full Text Available In wireless sensor networks (WSNs, a registered user can login to the network and use a user authentication protocol to access data collected from the sensor nodes. Since WSNs are typically deployed in unattended environments and sensor nodes have limited resources, many researchers have made considerable efforts to design a secure and efficient user authentication process. Recently, Chen et al. proposed a secure user authentication scheme using symmetric key techniques for WSNs. They claim that their scheme assures high efficiency and security against different types of attacks. After careful analysis, however, we find that Chen et al.’s scheme is still vulnerable to smart card loss attack and is susceptible to denial of service attack, since it is invalid for verification to simply compare an entered ID and a stored ID in smart card. In addition, we also observe that their scheme cannot preserve user anonymity. Furthermore, their scheme cannot quickly detect an incorrect password during login phase, and this flaw wastes both communication and computational overheads. In this paper, we describe how these attacks work, and propose an enhanced anonymous user authentication and key agreement scheme based on a symmetric cryptosystem in WSNs to address all of the aforementioned vulnerabilities in Chen et al.’s scheme. Our analysis shows that the proposed scheme improves the level of security, and is also more efficient relative to other related schemes.

The QKD network: model and routing scheme

Science.gov (United States)

Yang, Chao; Zhang, Hongqi; Su, Jinhai

2017-11-01

Quantum key distribution (QKD) technology can establish unconditional secure keys between two communicating parties. Although this technology has some inherent constraints, such as the distance and point-to-point mode limits, building a QKD network with multiple point-to-point QKD devices can overcome these constraints. Considering the development level of current technology, the trust relaying QKD network is the first choice to build a practical QKD network. However, the previous research didn't address a routing method on the trust relaying QKD network in detail. This paper focuses on the routing issues, builds a model of the trust relaying QKD network for easily analysing and understanding this network, and proposes a dynamical routing scheme for this network. From the viewpoint of designing a dynamical routing scheme in classical network, the proposed scheme consists of three components: a Hello protocol helping share the network topology information, a routing algorithm to select a set of suitable paths and establish the routing table and a link state update mechanism helping keep the routing table newly. Experiments and evaluation demonstrates the validity and effectiveness of the proposed routing scheme.

KALwEN+: Practical Key Management Schemes for Gossip-Based Wireless Medical Sensor Networks

NARCIS (Netherlands)

Gong, Zheng; Tang, Qiang; Law, Y.W.; Chen, Hongyang; Lai, X.; Yung, M.

2010-01-01

The constrained resources of sensors restrict the design of a key management scheme for wireless sensor networks (WSNs). In this work, we first formalize the security model of ALwEN, which is a gossip-based wireless medical sensor network (WMSN) for ambient assisted living. Our security model

On distributed key distribution centers and unconditionally secure proactive verifiable secret sharing schemes based on general access structure

NARCIS (Netherlands)

Nikov, V.S.; Nikova, S.I.; Preneel, B.; Vandewalle, J.; Menezes, A.; Sarkar, P.

2002-01-01

A Key Distribution Center of a network is a server enabling private communications within groups of users. A Distributed Key Distribution Center is a set of servers that jointly realizes a Key Distribution Center. In this paper we build a robust Distributed Key Distribution Center Scheme secure

A Secure and Robust User Authenticated Key Agreement Scheme for Hierarchical Multi-medical Server Environment in TMIS.

Science.gov (United States)

Das, Ashok Kumar; Odelu, Vanga; Goswami, Adrijit

2015-09-01

The telecare medicine information system (TMIS) helps the patients to gain the health monitoring facility at home and access medical services over the Internet of mobile networks. Recently, Amin and Biswas presented a smart card based user authentication and key agreement security protocol usable for TMIS system using the cryptographic one-way hash function and biohashing function, and claimed that their scheme is secure against all possible attacks. Though their scheme is efficient due to usage of one-way hash function, we show that their scheme has several security pitfalls and design flaws, such as (1) it fails to protect privileged-insider attack, (2) it fails to protect strong replay attack, (3) it fails to protect strong man-in-the-middle attack, (4) it has design flaw in user registration phase, (5) it has design flaw in login phase, (6) it has design flaw in password change phase, (7) it lacks of supporting biometric update phase, and (8) it has flaws in formal security analysis. In order to withstand these security pitfalls and design flaws, we aim to propose a secure and robust user authenticated key agreement scheme for the hierarchical multi-server environment suitable in TMIS using the cryptographic one-way hash function and fuzzy extractor. Through the rigorous security analysis including the formal security analysis using the widely-accepted Burrows-Abadi-Needham (BAN) logic, the formal security analysis under the random oracle model and the informal security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme using the most-widely accepted and used Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The simulation results show that our scheme is also secure. Our scheme is more efficient in computation and communication as compared to Amin-Biswas's scheme and other related schemes. In addition, our scheme supports extra functionality features as compared to

Secure anonymity-preserving password-based user authentication and session key agreement scheme for telecare medicine information systems.

Science.gov (United States)

Sutrala, Anil Kumar; Das, Ashok Kumar; Odelu, Vanga; Wazid, Mohammad; Kumari, Saru

2016-10-01

Information and communication and technology (ICT) has changed the entire paradigm of society. ICT facilitates people to use medical services over the Internet, thereby reducing the travel cost, hospitalization cost and time to a greater extent. Recent advancements in Telecare Medicine Information System (TMIS) facilitate users/patients to access medical services over the Internet by gaining health monitoring facilities at home. Amin and Biswas recently proposed a RSA-based user authentication and session key agreement protocol usable for TMIS, which is an improvement over Giri et al.'s RSA-based user authentication scheme for TMIS. In this paper, we show that though Amin-Biswas's scheme considerably improves the security drawbacks of Giri et al.'s scheme, their scheme has security weaknesses as it suffers from attacks such as privileged insider attack, user impersonation attack, replay attack and also offline password guessing attack. A new RSA-based user authentication scheme for TMIS is proposed, which overcomes the security pitfalls of Amin-Biswas's scheme and also preserves user anonymity property. The careful formal security analysis using the two widely accepted Burrows-Abadi-Needham (BAN) logic and the random oracle models is done. Moreover, the informal security analysis of the scheme is also done. These security analyses show the robustness of our new scheme against the various known attacks as well as attacks found in Amin-Biswas's scheme. The simulation of the proposed scheme using the widely accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool is also done. We present a new user authentication and session key agreement scheme for TMIS, which fixes the mentioned security pitfalls found in Amin-Biswas's scheme, and we also show that the proposed scheme provides better security than other existing schemes through the rigorous security analysis and verification tool. Furthermore, we present the formal security

Robust and Efficient Authentication Scheme for Session Initiation Protocol

Directory of Open Access Journals (Sweden)

Yanrong Lu

2015-01-01

Full Text Available The session initiation protocol (SIP is a powerful application-layer protocol which is used as a signaling one for establishing, modifying, and terminating sessions among participants. Authentication is becoming an increasingly crucial issue when a user asks to access SIP services. Hitherto, many authentication schemes have been proposed to enhance the security of SIP. In 2014, Arshad and Nikooghadam proposed an enhanced authentication and key agreement scheme for SIP and claimed that their scheme could withstand various attacks. However, in this paper, we show that Arshad and Nikooghadam’s authentication scheme is still susceptible to key-compromise impersonation and trace attacks and does not provide proper mutual authentication. To conquer the flaws, we propose a secure and efficient ECC-based authentication scheme for SIP. Through the informal and formal security analyses, we demonstrate that our scheme is resilient to possible known attacks including the attacks found in Arshad et al.’s scheme. In addition, the performance analysis shows that our scheme has similar or better efficiency in comparison with other existing ECC-based authentication schemes for SIP.

Key Recovery Attacks on Recent Authenticated Ciphers

DEFF Research Database (Denmark)

Bogdanov, Andrey; Dobraunig, Christoph; Eichlseder, Maria

2014-01-01

In this paper, we cryptanalyze three authenticated ciphers: AVALANCHE, Calico, and RBS. While the former two are contestants in the ongoing international CAESAR competition for authenticated encryption schemes, the latter has recently been proposed for lightweight applications such as RFID systems...... and wireless networks. All these schemes use well-established and secure components such as the AES, Grain-like NFSRs, ChaCha and SipHash as their building blocks. However, we discover key recovery attacks for all three designs, featuring square-root complexities. Using a key collision technique, we can...

A Round-Efficient Authenticated Key Agreement Scheme Based on Extended Chaotic Maps for Group Cloud Meeting.

Science.gov (United States)

Lin, Tsung-Hung; Tsung, Chen-Kun; Lee, Tian-Fu; Wang, Zeng-Bo

2017-12-03

The security is a critical issue for business purposes. For example, the cloud meeting must consider strong security to maintain the communication privacy. Considering the scenario with cloud meeting, we apply extended chaotic map to present passwordless group authentication key agreement, termed as Passwordless Group Authentication Key Agreement (PL-GAKA). PL-GAKA improves the computation efficiency for the simple group password-based authenticated key agreement (SGPAKE) proposed by Lee et al. in terms of computing the session key. Since the extended chaotic map has equivalent security level to the Diffie-Hellman key exchange scheme applied by SGPAKE, the security of PL-GAKA is not sacrificed when improving the computation efficiency. Moreover, PL-GAKA is a passwordless scheme, so the password maintenance is not necessary. Short-term authentication is considered, hence the communication security is stronger than other protocols by dynamically generating session key in each cloud meeting. In our analysis, we first prove that each meeting member can get the correct information during the meeting. We analyze common security issues for the proposed PL-GAKA in terms of session key security, mutual authentication, perfect forward security, and data integrity. Moreover, we also demonstrate that communicating in PL-GAKA is secure when suffering replay attacks, impersonation attacks, privileged insider attacks, and stolen-verifier attacks. Eventually, an overall comparison is given to show the performance between PL-GAKA, SGPAKE and related solutions.

Lower and Upper Bounds for Deniable Public-Key Encryption

DEFF Research Database (Denmark)

Bendlin, Rikke; Nielsen, Jesper Buus; Nordholt, Peter Sebastian

2011-01-01

the parties to change their internal state to make it look like a given ciphertext decrypts to a message different from what it really decrypts to. Deniable encryption was in this way introduced to allow to deny a message exchange and hence combat coercion. Depending on which parties can be coerced...... that it is impossible to construct a non-interactive bi-deniable public-key encryption scheme with better than polynomial security. Specifically, we give an explicit bound relating the security of the scheme to how efficient the scheme is in terms of key size. Our impossibility result establishes a lower bound...

A Round-Efficient Authenticated Key Agreement Scheme Based on Extended Chaotic Maps for Group Cloud Meeting

Directory of Open Access Journals (Sweden)

Tsung-Hung Lin

2017-12-01

Full Text Available The security is a critical issue for business purposes. For example, the cloud meeting must consider strong security to maintain the communication privacy. Considering the scenario with cloud meeting, we apply extended chaotic map to present passwordless group authentication key agreement, termed as Passwordless Group Authentication Key Agreement (PL-GAKA. PL-GAKA improves the computation efficiency for the simple group password-based authenticated key agreement (SGPAKE proposed by Lee et al. in terms of computing the session key. Since the extended chaotic map has equivalent security level to the Diffie–Hellman key exchange scheme applied by SGPAKE, the security of PL-GAKA is not sacrificed when improving the computation efficiency. Moreover, PL-GAKA is a passwordless scheme, so the password maintenance is not necessary. Short-term authentication is considered, hence the communication security is stronger than other protocols by dynamically generating session key in each cloud meeting. In our analysis, we first prove that each meeting member can get the correct information during the meeting. We analyze common security issues for the proposed PL-GAKA in terms of session key security, mutual authentication, perfect forward security, and data integrity. Moreover, we also demonstrate that communicating in PL-GAKA is secure when suffering replay attacks, impersonation attacks, privileged insider attacks, and stolen-verifier attacks. Eventually, an overall comparison is given to show the performance between PL-GAKA, SGPAKE and related solutions.

An Improvement of Robust Biometrics-Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards.

Science.gov (United States)

Moon, Jongho; Choi, Younsung; Jung, Jaewook; Won, Dongho

2015-01-01

In multi-server environments, user authentication is a very important issue because it provides the authorization that enables users to access their data and services; furthermore, remote user authentication schemes for multi-server environments have solved the problem that has arisen from user's management of different identities and passwords. For this reason, numerous user authentication schemes that are designed for multi-server environments have been proposed over recent years. In 2015, Lu et al. improved upon Mishra et al.'s scheme, claiming that their remote user authentication scheme is more secure and practical; however, we found that Lu et al.'s scheme is still insecure and incorrect. In this paper, we demonstrate that Lu et al.'s scheme is vulnerable to outsider attack and user impersonation attack, and we propose a new biometrics-based scheme for authentication and key agreement that can be used in multi-server environments; then, we show that our proposed scheme is more secure and supports the required security properties.

A key heterogeneous structure of fractal networks based on inverse renormalization scheme

Science.gov (United States)

Bai, Yanan; Huang, Ning; Sun, Lina

2018-06-01

Self-similarity property of complex networks was found by the application of renormalization group theory. Based on this theory, network topologies can be classified into universality classes in the space of configurations. In return, through inverse renormalization scheme, a given primitive structure can grow into a pure fractal network, then adding different types of shortcuts, it exhibits different characteristics of complex networks. However, the effect of primitive structure on networks structural property has received less attention. In this paper, we introduce a degree variance index to measure the dispersion of nodes degree in the primitive structure, and investigate the effect of the primitive structure on network structural property quantified by network efficiency. Numerical simulations and theoretical analysis show a primitive structure is a key heterogeneous structure of generated networks based on inverse renormalization scheme, whether or not adding shortcuts, and the network efficiency is positively correlated with degree variance of the primitive structure.

Cryptanalysis and Enhancement of Anonymity Preserving Remote User Mutual Authentication and Session Key Agreement Scheme for E-Health Care Systems.

Science.gov (United States)

Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Li, Xiong

2015-11-01

The E-health care systems employ IT infrastructure for maximizing health care resources utilization as well as providing flexible opportunities to the remote patient. Therefore, transmission of medical data over any public networks is necessary in health care system. Note that patient authentication including secure data transmission in e-health care system is critical issue. Although several user authentication schemes for accessing remote services are available, their security analysis show that none of them are free from relevant security attacks. We reviewed Das et al.'s scheme and demonstrated their scheme lacks proper protection against several security attacks such as user anonymity, off-line password guessing attack, smart card theft attack, user impersonation attack, server impersonation attack, session key discloser attack. In order to overcome the mentioned security pitfalls, this paper proposes an anonymity preserving remote patient authentication scheme usable in E-health care systems. We then validated the security of the proposed scheme using BAN logic that ensures secure mutual authentication and session key agreement. We also presented the experimental results of the proposed scheme using AVISPA software and the results ensure that our scheme is secure under OFMC and CL-AtSe models. Moreover, resilience of relevant security attacks has been proved through both formal and informal security analysis. The performance analysis and comparison with other schemes are also made, and it has been found that the proposed scheme overcomes the security drawbacks of the Das et al.'s scheme and additionally achieves extra security requirements.

An Improvement of Robust Biometrics-Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards

Science.gov (United States)

Moon, Jongho; Choi, Younsung; Jung, Jaewook; Won, Dongho

2015-01-01

In multi-server environments, user authentication is a very important issue because it provides the authorization that enables users to access their data and services; furthermore, remote user authentication schemes for multi-server environments have solved the problem that has arisen from user’s management of different identities and passwords. For this reason, numerous user authentication schemes that are designed for multi-server environments have been proposed over recent years. In 2015, Lu et al. improved upon Mishra et al.’s scheme, claiming that their remote user authentication scheme is more secure and practical; however, we found that Lu et al.’s scheme is still insecure and incorrect. In this paper, we demonstrate that Lu et al.’s scheme is vulnerable to outsider attack and user impersonation attack, and we propose a new biometrics-based scheme for authentication and key agreement that can be used in multi-server environments; then, we show that our proposed scheme is more secure and supports the required security properties. PMID:26709702

A Secure Key Establishment Protocol for ZigBee Wireless Sensor Networks

DEFF Research Database (Denmark)

Yuksel, Ender; Nielson, Hanne Riis; Nielson, Flemming

2009-01-01

ZigBee is a wireless sensor network standard that defines network and application layers on top of IEEE 802.15.4’s physical and medium access control layers. In the latest version of ZigBee, enhancements are prescribed for the security sublayer but we show in this paper that problems persist....... In particular we show that the End-to-End Application Key Establishment Protocol is flawed and we propose a secure protocol instead. We do so by using formal verification techniques based on static program analysis and process algebras. We present a way of using formal methods in wireless network security......, and propose a secure key establishment protocol for ZigBee networks....

Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services

Directory of Open Access Journals (Sweden)

Youngsook Lee

2014-01-01

Full Text Available An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.’s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1 it fails to provide user anonymity against any third party as well as the foreign agent, (2 it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3 it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.’s scheme can be addressed without degrading the efficiency of the scheme.

Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks.

Science.gov (United States)

Jung, Jaewook; Moon, Jongho; Lee, Donghoon; Won, Dongho

2017-03-21

At present, users can utilize an authenticated key agreement protocol in a Wireless Sensor Network (WSN) to securely obtain desired information, and numerous studies have investigated authentication techniques to construct efficient, robust WSNs. Chang et al. recently presented an authenticated key agreement mechanism for WSNs and claimed that their authentication mechanism can both prevent various types of attacks, as well as preserve security properties. However, we have discovered that Chang et al's method possesses some security weaknesses. First, their mechanism cannot guarantee protection against a password guessing attack, user impersonation attack or session key compromise. Second, the mechanism results in a high load on the gateway node because the gateway node should always maintain the verifier tables. Third, there is no session key verification process in the authentication phase. To this end, we describe how the previously-stated weaknesses occur and propose a security-enhanced version for WSNs. We present a detailed analysis of the security and performance of our authenticated key agreement mechanism, which not only enhances security compared to that of related schemes, but also takes efficiency into consideration.

VLSI IMPLEMENTATION OF NOVEL ROUND KEYS GENERATION SCHEME FOR CRYPTOGRAPHY APPLICATIONS BY ERROR CONTROL ALGORITHM

Directory of Open Access Journals (Sweden)

B. SENTHILKUMAR

2015-05-01

Full Text Available A novel implementation of code based cryptography (Cryptocoding technique for multi-layer key distribution scheme is presented. VLSI chip is designed for storing information on generation of round keys. New algorithm is developed for reduced key size with optimal performance. Error Control Algorithm is employed for both generation of round keys and diffusion of non-linearity among them. Two new functions for bit inversion and its reversal are developed for cryptocoding. Probability of retrieving original key from any other round keys is reduced by diffusing nonlinear selective bit inversions on round keys. Randomized selective bit inversions are done on equal length of key bits by Round Constant Feedback Shift Register within the error correction limits of chosen code. Complexity of retrieving the original key from any other round keys is increased by optimal hardware usage. Proposed design is simulated and synthesized using VHDL coding for Spartan3E FPGA and results are shown. Comparative analysis is done between 128 bit Advanced Encryption Standard round keys and proposed round keys for showing security strength of proposed algorithm. This paper concludes that chip based multi-layer key distribution of proposed algorithm is an enhanced solution to the existing threats on cryptography algorithms.

Secure and Efficient Anonymous Authentication Scheme in Global Mobility Networks

Directory of Open Access Journals (Sweden)

Jun-Sub Kim

2013-01-01

Full Text Available In 2012, Mun et al. pointed out that Wu et al.’s scheme failed to achieve user anonymity and perfect forward secrecy and disclosed the passwords of legitimate users. And they proposed a new enhancement for anonymous authentication scheme. However, their proposed scheme has vulnerabilities that are susceptible to replay attack and man-in-the-middle attack. It also incurs a high overhead in the database. In this paper, we examine the vulnerabilities in the existing schemes and the computational overhead incurred in the database. We then propose a secure and efficient anonymous authentication scheme for roaming service in global mobility network. Our proposed scheme is secure against various attacks, provides mutual authentication and session key establishment, and incurs less computational overhead in the database than Mun et al.'s scheme.

Chaotic Image Encryption Based on Running-Key Related to Plaintext

Directory of Open Access Journals (Sweden)

Cao Guanghui

2014-01-01

Full Text Available In the field of chaotic image encryption, the algorithm based on correlating key with plaintext has become a new developing direction. However, for this kind of algorithm, some shortcomings in resistance to reconstruction attack, efficient utilization of chaotic resource, and reducing dynamical degradation of digital chaos are found. In order to solve these problems and further enhance the security of encryption algorithm, based on disturbance and feedback mechanism, we present a new image encryption scheme. In the running-key generation stage, by successively disturbing chaotic stream with cipher-text, the relation of running-key to plaintext is established, reconstruction attack is avoided, effective use of chaotic resource is guaranteed, and dynamical degradation of digital chaos is minimized. In the image encryption stage, by introducing random-feedback mechanism, the difficulty of breaking this scheme is increased. Comparing with the-state-of-the-art algorithms, our scheme exhibits good properties such as large key space, long key period, and extreme sensitivity to the initial key and plaintext. Therefore, it can resist brute-force, reconstruction attack, and differential attack.

Chaotic image encryption based on running-key related to plaintext.

Science.gov (United States)

Guanghui, Cao; Kai, Hu; Yizhi, Zhang; Jun, Zhou; Xing, Zhang

2014-01-01

In the field of chaotic image encryption, the algorithm based on correlating key with plaintext has become a new developing direction. However, for this kind of algorithm, some shortcomings in resistance to reconstruction attack, efficient utilization of chaotic resource, and reducing dynamical degradation of digital chaos are found. In order to solve these problems and further enhance the security of encryption algorithm, based on disturbance and feedback mechanism, we present a new image encryption scheme. In the running-key generation stage, by successively disturbing chaotic stream with cipher-text, the relation of running-key to plaintext is established, reconstruction attack is avoided, effective use of chaotic resource is guaranteed, and dynamical degradation of digital chaos is minimized. In the image encryption stage, by introducing random-feedback mechanism, the difficulty of breaking this scheme is increased. Comparing with the-state-of-the-art algorithms, our scheme exhibits good properties such as large key space, long key period, and extreme sensitivity to the initial key and plaintext. Therefore, it can resist brute-force, reconstruction attack, and differential attack.

An advanced temporal credential-based security scheme with mutual authentication and key agreement for wireless sensor networks.

Science.gov (United States)

Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

2013-07-24

Wireless sensor networks (WSNs) can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs). Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.'s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users' attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.'s authentication scheme are left unchanged.

An improved and effective secure password-based authentication and key agreement scheme using smart cards for the telecare medicine information system.

Science.gov (United States)

Das, Ashok Kumar; Bruhadeshwar, Bezawada

2013-10-01

Recently Lee and Liu proposed an efficient password based authentication and key agreement scheme using smart card for the telecare medicine information system [J. Med. Syst. (2013) 37:9933]. In this paper, we show that though their scheme is efficient, their scheme still has two security weaknesses such as (1) it has design flaws in authentication phase and (2) it has design flaws in password change phase. In order to withstand these flaws found in Lee-Liu's scheme, we propose an improvement of their scheme. Our improved scheme keeps also the original merits of Lee-Liu's scheme. We show that our scheme is efficient as compared to Lee-Liu's scheme. Further, through the security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our scheme is secure against passive and active attacks.

An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Chun-Ta Li

2013-07-01

Full Text Available Wireless sensor networks (WSNs can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs. Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.’s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users’ attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.’s authentication scheme are left unchanged.

Implementation of a european directive establishing a negotiable CO2 emissions trading scheme

International Nuclear Information System (INIS)

Coussy, P.

2003-01-01

Approved on July 22, 2003, European Directive 87/2003/EC establishes a scheme for the trading of greenhouse gas emissions allowances. Before the market comes into effect on January 1, 2005, industrialists will have to account for a new financial asset in planning development strategy: the CO 2 allowance. Each Member State is currently developing a climate plan that includes the allocation of CO 2 emissions allowances to industrial installations. It will not be possible to exceed these allowances without incurring a financial penalty. (author)

J-PAKE: Authenticated Key Exchange without PKI

Science.gov (United States)

Hao, Feng; Ryan, Peter

Password Authenticated Key Exchange (PAKE) is one of the important topics in cryptography. It aims to address a practical security problem: how to establish secure communication between two parties solely based on a shared password without requiring a Public Key Infrastructure (PKI). After more than a decade of extensive research in this field, there have been several PAKE protocols available. The EKE and SPEKE schemes are perhaps the two most notable examples. Both techniques are however patented. In this paper, we review these techniques in detail and summarize various theoretical and practical weaknesses. In addition, we present a new PAKE solution called J-PAKE. Our strategy is to depend on well-established primitives such as the Zero-Knowledge Proof (ZKP). So far, almost all of the past solutions have avoided using ZKP for the concern on efficiency. We demonstrate how to effectively integrate the ZKP into the protocol design and meanwhile achieve good efficiency. Our protocol has comparable computational efficiency to the EKE and SPEKE schemes with clear advantages on security.

Critical analysis of the Bennett-Riedel attack on secure cryptographic key distributions via the Kirchhoff-Law-Johnson-noise scheme.

Science.gov (United States)

Kish, Laszlo B; Abbott, Derek; Granqvist, Claes G

2013-01-01

Recently, Bennett and Riedel (BR) (http://arxiv.org/abs/1303.7435v1) argued that thermodynamics is not essential in the Kirchhoff-law-Johnson-noise (KLJN) classical physical cryptographic exchange method in an effort to disprove the security of the KLJN scheme. They attempted to demonstrate this by introducing a dissipation-free deterministic key exchange method with two batteries and two switches. In the present paper, we first show that BR's scheme is unphysical and that some elements of its assumptions violate basic protocols of secure communication. All our analyses are based on a technically unlimited Eve with infinitely accurate and fast measurements limited only by the laws of physics and statistics. For non-ideal situations and at active (invasive) attacks, the uncertainly principle between measurement duration and statistical errors makes it impossible for Eve to extract the key regardless of the accuracy or speed of her measurements. To show that thermodynamics and noise are essential for the security, we crack the BR system with 100% success via passive attacks, in ten different ways, and demonstrate that the same cracking methods do not function for the KLJN scheme that employs Johnson noise to provide security underpinned by the Second Law of Thermodynamics. We also present a critical analysis of some other claims by BR; for example, we prove that their equations for describing zero security do not apply to the KLJN scheme. Finally we give mathematical security proofs for each BR-attack against the KLJN scheme and conclude that the information theoretic (unconditional) security of the KLJN method has not been successfully challenged.

European Society of Gastrointestinal Endoscopy - Establishing the key unanswered research questions within gastrointestinal endoscopy

DEFF Research Database (Denmark)

Rees, Colin J; Ngu, Wee Sing; Regula, Jaroslaw

2016-01-01

Background and study aim: Gastrointestinal endoscopy is a rapidly evolving research field. The European Society of Gastrointestinal Endoscopy (ESGE) plays a key role in shaping opinion and endoscopy activity throughout Europe and further afield. Establishing key unanswered questions within the fi...

Critical analysis of the Bennett-Riedel attack on secure cryptographic key distributions via the Kirchhoff-Law-Johnson-noise scheme.

Directory of Open Access Journals (Sweden)

Laszlo B Kish

Full Text Available Recently, Bennett and Riedel (BR (http://arxiv.org/abs/1303.7435v1 argued that thermodynamics is not essential in the Kirchhoff-law-Johnson-noise (KLJN classical physical cryptographic exchange method in an effort to disprove the security of the KLJN scheme. They attempted to demonstrate this by introducing a dissipation-free deterministic key exchange method with two batteries and two switches. In the present paper, we first show that BR's scheme is unphysical and that some elements of its assumptions violate basic protocols of secure communication. All our analyses are based on a technically unlimited Eve with infinitely accurate and fast measurements limited only by the laws of physics and statistics. For non-ideal situations and at active (invasive attacks, the uncertainly principle between measurement duration and statistical errors makes it impossible for Eve to extract the key regardless of the accuracy or speed of her measurements. To show that thermodynamics and noise are essential for the security, we crack the BR system with 100% success via passive attacks, in ten different ways, and demonstrate that the same cracking methods do not function for the KLJN scheme that employs Johnson noise to provide security underpinned by the Second Law of Thermodynamics. We also present a critical analysis of some other claims by BR; for example, we prove that their equations for describing zero security do not apply to the KLJN scheme. Finally we give mathematical security proofs for each BR-attack against the KLJN scheme and conclude that the information theoretic (unconditional security of the KLJN method has not been successfully challenged.

Key Distribution and Changing Key Cryptosystem Based on Phase Retrieval Algorithm and RSA Public-Key Algorithm

Directory of Open Access Journals (Sweden)

Tieyu Zhao

2015-01-01

Full Text Available The optical image encryption has attracted more and more researchers’ attention, and the various encryption schemes have been proposed. In existing optical cryptosystem, the phase functions or images are usually used as the encryption keys, and it is difficult that the traditional public-key algorithm (such as RSA, ECC, etc. is used to complete large numerical key transfer. In this paper, we propose a key distribution scheme based on the phase retrieval algorithm and the RSA public-key algorithm, which solves the problem for the key distribution in optical image encryption system. Furthermore, we also propose a novel image encryption system based on the key distribution principle. In the system, the different keys can be used in every encryption process, which greatly improves the security of the system.

Robust Multiparty Quantum Secret Key Sharing Over Two Collective-Noise Channels via Three-Photon Mixed States

International Nuclear Information System (INIS)

Wang Zhangyin; Yuan Hao; Gao Gan; Shi Shouhua

2006-01-01

We present a robust (n,n)-threshold scheme for multiparty quantum secret sharing of key over two collective-noise channels (i.e., the collective dephasing channel and the collective rotating channel) via three-photon mixed states. In our scheme, only if all the sharers collaborate together can they establish a joint key with the message sender and extract the secret message from the sender's encrypted message. This scheme can be implemented using only a Bell singlet, a one-qubit state and polarization identification of single photon, so it is completely feasible according to the present-day technique.

A Key Establishment Protocol for RFID User in IPTV Environment

Science.gov (United States)

Jeong, Yoon-Su; Kim, Yong-Tae; Sohn, Jae-Min; Park, Gil-Cheol; Lee, Sang-Ho

In recent years, the usage of IPTV (Internet Protocol Television) has been increased. The reason is a technological convergence of broadcasting and telecommunication delivering interactive applications and multimedia content through high speed Internet connections. The main critical point of IPTV security requirements is subscriber authentication. That is, IPTV service should have the capability to identify the subscribers to prohibit illegal access. Currently, IPTV service does not provide a sound authentication mechanism to verify the identity of its wireless users (or devices). This paper focuses on a lightweight authentication and key establishment protocol based on the use of hash functions. The proposed approach provides effective authentication for a mobile user with a RFID tag whose authentication information is communicated back and forth with the IPTV authentication server via IPTV set-top box (STB). That is, the proposed protocol generates user's authentication information that is a bundle of two public keys derived from hashing user's private keys and RFID tag's session identifier, and adds 1bit to this bundled information for subscriber's information confidentiality before passing it to the authentication server.

A Polynomial Subset-Based Efficient Multi-Party Key Management System for Lightweight Device Networks.

Science.gov (United States)

Mahmood, Zahid; Ning, Huansheng; Ghafoor, AtaUllah

2017-03-24

Wireless Sensor Networks (WSNs) consist of lightweight devices to measure sensitive data that are highly vulnerable to security attacks due to their constrained resources. In a similar manner, the internet-based lightweight devices used in the Internet of Things (IoT) are facing severe security and privacy issues because of the direct accessibility of devices due to their connection to the internet. Complex and resource-intensive security schemes are infeasible and reduce the network lifetime. In this regard, we have explored the polynomial distribution-based key establishment schemes and identified an issue that the resultant polynomial value is either storage intensive or infeasible when large values are multiplied. It becomes more costly when these polynomials are regenerated dynamically after each node join or leave operation and whenever key is refreshed. To reduce the computation, we have proposed an Efficient Key Management (EKM) scheme for multiparty communication-based scenarios. The proposed session key management protocol is established by applying a symmetric polynomial for group members, and the group head acts as a responsible node. The polynomial generation method uses security credentials and secure hash function. Symmetric cryptographic parameters are efficient in computation, communication, and the storage required. The security justification of the proposed scheme has been completed by using Rubin logic, which guarantees that the protocol attains mutual validation and session key agreement property strongly among the participating entities. Simulation scenarios are performed using NS 2.35 to validate the results for storage, communication, latency, energy, and polynomial calculation costs during authentication, session key generation, node migration, secure joining, and leaving phases. EKM is efficient regarding storage, computation, and communication overhead and can protect WSN-based IoT infrastructure.

An Energy-Efficient Secure Routing and Key Management Scheme for Mobile Sinks in Wireless Sensor Networks Using Deployment Knowledge

Directory of Open Access Journals (Sweden)

Le Xuan Hung

2008-12-01

Full Text Available For many sensor network applications such as military or homeland security, it is essential for users (sinks to access the sensor network while they are moving. Sink mobility brings new challenges to secure routing in large-scale sensor networks. Previous studies on sink mobility have mainly focused on efficiency and effectiveness of data dissemination without security consideration. Also, studies and experiences have shown that considering security during design time is the best way to provide security for sensor network routing. This paper presents an energy-efficient secure routing and key management for mobile sinks in sensor networks, called SCODEplus. It is a significant extension of our previous study in five aspects: (1 Key management scheme and routing protocol are considered during design time to increase security and efficiency; (2 The network topology is organized in a hexagonal plane which supports more efficiency than previous square-grid topology; (3 The key management scheme can eliminate the impacts of node compromise attacks on links between non-compromised nodes; (4 Sensor node deployment is based on Gaussian distribution which is more realistic than uniform distribution; (5 No GPS or like is required to provide sensor node location information. Our security analysis demonstrates that the proposed scheme can defend against common attacks in sensor networks including node compromise attacks, replay attacks, selective forwarding attacks, sinkhole and wormhole, Sybil attacks, HELLO flood attacks. Both mathematical and simulation-based performance evaluation show that the SCODEplus significantly reduces the communication overhead, energy consumption, packet delivery latency while it always delivers more than 97 percent of packets successfully.

Manet key management via Mobile Ficlke Key protocol (MFK ...

African Journals Online (AJOL)

Manet key management via Mobile Ficlke Key protocol (MFK) ... Journal of Fundamental and Applied Sciences. Journal Home · ABOUT THIS JOURNAL ... No Abstract. Keywords: MANET; key management scheme; simulation environment ...

Trading scheme 'key' to low-carbon economy

International Nuclear Information System (INIS)

2006-01-01

Federal Opposition Leader Kim Beazley has emphasised the importance of getting the economics of environmental policy right by introducing market-based mechanisms for pricing emissions. 'Market-based mechanisms such as emissions trading are central to moving to a low-carbon economy,' he said in his latest blueprint. 'A functioning carbon market will deliver a price signal, so there is a long-term incentive to cut emissions further, and a mechanism for trading, so that energy can be allocated efficiently in the economy. It will also encourage greater private investment in clean energy technology.' Mr Beazley said the new market would also reward the many companies who were already adapting to a carbon-constrained world. 'This includes those global companies in Australia that already operate in emissions trading markets overseas. An effective price signal for carbon in Australia will allow these companies to benefit directly from their good corporate citizenship and long-term vision.' Mr Beazley has committed a federal Labor government to work with state governments and business to establish the national trading scheme. He also criticised the Federal Government for refusing to ratify the Kyoto Protocol, which he argued excluded Australian businesses from participating in the emerging global carbon trade. This made it harder for businesses to break into the market for cleaner production technologies overseas. While again admitting Kyoto was not perfect, Mr Beazley said ratification would see Australia part of what would potentially be 'the biggest market in the world by 2020'. He said the recent Asia Pacific Climate Change Pact was a positive step but was not an alternative to Kyoto. 'Above all, it has no economic mechanisms to drive further change. 'Without ratifying Kyoto some of our businesses are missing out on effective participation in international schemes that offer substantial financial rewards for greenhouse gas reductions. 'By ratifying Kyoto and adopting

Establishing the long-term fuel management scheme using point reactivity model

International Nuclear Information System (INIS)

Park, Yong-Soo; Kim, Jae-Hak; Lee, Young-Ouk; Song, Jae-Woong; Zee, Sung-Kyun

1994-01-01

A new approach to establish the long-term fuel management scheme is presented in this paper. The point reactivity model is used to predict the core average reactivity. An attempt to calculate batchwise power fraction is introduced through the two-dimensional nodal power algorithm based on the modified one-group diffusion equation and the number of fuel assemblies on the core periphery. Suggested is an empirical formula to estimate the radial leakage reactivity with ripe core design experience reflected. This approach predicts the cycle lengths and the discharge burnups of individual fuel batches up to an equilibrium core when the proper input data such as batch enrichment, batch size, type and content of burnable poison and reloading strategies are given. Eight benchmark calculations demonstrate that the new approach used in this study is reasonably accurate and highly efficient for the purpose of scoping calculation when compared with design code predictions. (author)

Experimental aspects of deterministic secure quantum key distribution

Energy Technology Data Exchange (ETDEWEB)

Walenta, Nino; Korn, Dietmar; Puhlmann, Dirk; Felbinger, Timo; Hoffmann, Holger; Ostermeyer, Martin [Universitaet Potsdam (Germany). Institut fuer Physik; Bostroem, Kim [Universitaet Muenster (Germany)

2008-07-01

Most common protocols for quantum key distribution (QKD) use non-deterministic algorithms to establish a shared key. But deterministic implementations can allow for higher net key transfer rates and eavesdropping detection rates. The Ping-Pong coding scheme by Bostroem and Felbinger[1] employs deterministic information encoding in entangled states with its characteristic quantum channel from Bob to Alice and back to Bob. Based on a table-top implementation of this protocol with polarization-entangled photons fundamental advantages as well as practical issues like transmission losses, photon storage and requirements for progress towards longer transmission distances are discussed and compared to non-deterministic protocols. Modifications of common protocols towards a deterministic quantum key distribution are addressed.

Digital chaos-masked optical encryption scheme enhanced by two-dimensional key space

Science.gov (United States)

Liu, Ling; Xiao, Shilin; Zhang, Lu; Bi, Meihua; Zhang, Yunhao; Fang, Jiafei; Hu, Weisheng

2017-09-01

A digital chaos-masked optical encryption scheme is proposed and demonstrated. The transmitted signal is completely masked by interference chaotic noise in both bandwidth and amplitude with analog method via dual-drive Mach-Zehnder modulator (DDMZM), making the encrypted signal analog, noise-like and unrecoverable by post-processing techniques. The decryption process requires precise matches of both the amplitude and phase between the cancellation and interference chaotic noises, which provide a large two-dimensional key space with the help of optical interference cancellation technology. For 10-Gb/s 16-quadrature amplitude modulation (QAM) orthogonal frequency division multiplexing (OFDM) signal over the maximum transmission distance of 80 km without dispersion compensation or inline amplifier, the tolerable mismatch ranges of amplitude and phase/delay at the forward error correction (FEC) threshold of 3.8×10-3 are 0.44 dB and 0.08 ns respectively.

Signature scheme based on bilinear pairs

Science.gov (United States)

Tong, Rui Y.; Geng, Yong J.

2013-03-01

An identity-based signature scheme is proposed by using bilinear pairs technology. The scheme uses user's identity information as public key such as email address, IP address, telephone number so that it erases the cost of forming and managing public key infrastructure and avoids the problem of user private generating center generating forgery signature by using CL-PKC framework to generate user's private key.

Quantum key management

Energy Technology Data Exchange (ETDEWEB)

Hughes, Richard John; Thrasher, James Thomas; Nordholt, Jane Elizabeth

2016-11-29

Innovations for quantum key management harness quantum communications to form a cryptography system within a public key infrastructure framework. In example implementations, the quantum key management innovations combine quantum key distribution and a quantum identification protocol with a Merkle signature scheme (using Winternitz one-time digital signatures or other one-time digital signatures, and Merkle hash trees) to constitute a cryptography system. More generally, the quantum key management innovations combine quantum key distribution and a quantum identification protocol with a hash-based signature scheme. This provides a secure way to identify, authenticate, verify, and exchange secret cryptographic keys. Features of the quantum key management innovations further include secure enrollment of users with a registration authority, as well as credential checking and revocation with a certificate authority, where the registration authority and/or certificate authority can be part of the same system as a trusted authority for quantum key distribution.

Semi-quantum communication: protocols for key agreement, controlled secure direct communication and dialogue

Science.gov (United States)

Shukla, Chitra; Thapliyal, Kishore; Pathak, Anirban

2017-12-01

Semi-quantum protocols that allow some of the users to remain classical are proposed for a large class of problems associated with secure communication and secure multiparty computation. Specifically, first-time semi-quantum protocols are proposed for key agreement, controlled deterministic secure communication and dialogue, and it is shown that the semi-quantum protocols for controlled deterministic secure communication and dialogue can be reduced to semi-quantum protocols for e-commerce and private comparison (socialist millionaire problem), respectively. Complementing with the earlier proposed semi-quantum schemes for key distribution, secret sharing and deterministic secure communication, set of schemes proposed here and subsequent discussions have established that almost every secure communication and computation tasks that can be performed using fully quantum protocols can also be performed in semi-quantum manner. Some of the proposed schemes are completely orthogonal-state-based, and thus, fundamentally different from the existing semi-quantum schemes that are conjugate coding-based. Security, efficiency and applicability of the proposed schemes have been discussed with appropriate importance.

Diffie-Hellman Key Based Authentication in Proxy Mobile IPv6

Directory of Open Access Journals (Sweden)

HyunGon Kim

2010-01-01

Full Text Available Wireless communication service providers have been showing strong interest in Proxy Mobile IPv6 for providing network-based IP mobility management. This could be a prominent way to support IP mobility to mobile nodes, because Proxy Mobile IPv6 requires minimal functionalities on the mobile node. While several extensions for Proxy Mobile IPv6 are being developed in the Internet Engineering Task Force, there has been little attentions paid to developing efficient authentication mechanisms. An authentication scheme for a mobility protocol must protect signaling messages against various security threats, e.g., session stealing attack, intercept attack by redirection, replay attack, and key exposure, while minimizing authentication latency. In this paper, we propose a Diffie-Hellman key based authentication scheme that utilizes the low layer signaling to exchange Diffie-Hellman variables and allows mobility service provisioning entities to exchange mobile node's profile and ongoing sessions securely. By utilizing the low layer signaling and context transfer between relevant nodes, the proposed authentication scheme minimizes authentication latency when the mobile node moves across different networks. In addition, thanks to the use of the Diffie-Hellman key agreement, pre-established security associations between mobility service provisioning entities are not required in the proposed authentication scheme so that network scalability in an operationally efficient manner is ensured. To ascertain its feasibility, security analysis and performance analysis are presented.

Signature Schemes Secure against Hard-to-Invert Leakage

DEFF Research Database (Denmark)

Faust, Sebastian; Hazay, Carmit; Nielsen, Jesper Buus

2012-01-01

of the secret key. As a second contribution, we construct a signature scheme that achieves security for random messages assuming that the adversary is given a polynomial-time hard to invert function. Here, polynomial-hardness is required even when given the entire public-key – so called weak auxiliary input......-theoretically reveal the entire secret key. In this work, we propose the first constructions of digital signature schemes that are secure in the auxiliary input model. Our main contribution is a digital signature scheme that is secure against chosen message attacks when given an exponentially hard-to-invert function...... security. We show that such signature schemes readily give us auxiliary input secure identification schemes...

Cost Comparison Among Provable Data Possession Schemes

Science.gov (United States)

2016-03-01

of Acronyms and Abbreviations AE authenticated encryption AWS Amazon Web Services CIO Chief Information Officer DISA Defense Information Systems Agency...the number of possible challenges, H be a cryptographic hash function, AE be an authenticated encryption scheme, f be a keyed pseudo-random function...key kenc R←− Kenc for symmetric encryption scheme Enc, and a random HMAC key kmac R←− Kmac. The secret key is sk = 〈kenc, kmac〉 and public key is pk

A no-key-exchange secure image sharing scheme based on Shamir's three-pass cryptography protocol and the multiple-parameter fractional Fourier transform.

Science.gov (United States)

Lang, Jun

2012-01-30

In this paper, we propose a novel secure image sharing scheme based on Shamir's three-pass protocol and the multiple-parameter fractional Fourier transform (MPFRFT), which can safely exchange information with no advance distribution of either secret keys or public keys between users. The image is encrypted directly by the MPFRFT spectrum without the use of phase keys, and information can be shared by transmitting the encrypted image (or message) three times between users. Numerical simulation results are given to verify the performance of the proposed algorithm.

Key factors for the implementation of successful, stand-alone village electrification schemes in Peru

Science.gov (United States)

Sanchez-Campos, Teodoro

The hypothesis of this work is that there are social, financial, technical, managerial institutional and political key factors that may either support or prevent the success of small stand alone energy systems in rural areas. This research work aims at contributing to the identification of such factors and study their relevance to the performance and sustainability of stand alone energy systems in rural areas; to meet its purpose, a wide range of literature was reviewed including rural electrification programmes and projects, research and development projects on access to electricity in rural areas, impact studies and others, and a field research survey was done the Andes and Upper Jungle regions in Peru. Nineteen possible critical factors were identified, thirteen with relevance at the local context (the community or village), and six with relevance at the national (or wider) context. From literature review it was found that the possible local critical factors were relevant only to four categories of factors instead of the six considered initially (i.e. social, financial, technological and managerial): the other two categories, political and institutional were found to be more relevant to the national context, therefore those were included in the group of possible critical factors of wider context. A series of questionnaires were designed to collect field data information, which was later used to analyse and establish the relation of each identified factor with the success of the systems studied. The survey research was implemented in 14 villages, 7 with small diesel sets and 7 with small hydropower schemes, all spread in the Andes and Upper Jungle of Peru, which were carefully selected to be representative of regions with isolated stand alone systems and with different socioeconomic background. Out of the 13 possible critical factors of local context, it was found that only 3 are really critical, the others are important but not critical; one of them (technical

The ultimate security bounds of quantum key distribution protocols

International Nuclear Information System (INIS)

Nikolopoulos, G.M.; Alber, G.

2005-01-01

Full text: Quantum key distribution (QKD) protocols exploit quantum correlations in order to establish a secure key between two legitimate users. Recent work on QKD has revealed a remarkable link between quantum and secret correlations. In this talk we report on recent results concerning the ultimate upper security bounds of various QKD schemes (i.e., the maximal disturbance up to which the two legitimate users share quantum correlations) under the assumption of general coherent attacks. In particular, we derive an analytic expression for the ultimate upper security bound of QKD schemes that use two mutually unbiased bases. As long as the two legitimate users focus on the sifted key and treat each pair of data independently during the post processing, our results are valid for arbitrary dimensions of the information carriers. The bound we have derived is well below the predictions of optimal cloning machines. The possibility of extraction of a secret key beyond entanglement distillation is also discussed. In the case of qutrits we argue that any eavesdropping strategy is equivalent to a symmetric one. For higher dimensions, however, such equivalence is generally no longer valid. (author)

A Secure and Efficient Certificateless Short Signature Scheme

Directory of Open Access Journals (Sweden)

Lin Cheng

2013-07-01

Full Text Available Certificateless public key cryptography combines advantage of traditional public key cryptography and identity-based public key cryptography as it avoids usage of certificates and resolves the key escrow problem. In 2007, Huang et al. classified adversaries against certificateless signatures according to their attack power into normal, strong and super adversaries (ordered by their attack power. In this paper, we propose a new certificateless short signature scheme and prove that it is secure against both of the super type I and the super type II adversaries. Our new scheme not only achieves the strongest security level but also has the shortest signature length (one group element. Compared with the other short certificateless signature schemes which have a similar security level, our new scheme has less operation cost.

Establishment of a Molecular Serotyping Scheme and a Multiplexed Luminex-Based Array for Enterobacter aerogenes.

Science.gov (United States)

Guo, Xi; Wang, Min; Wang, Lu; Wang, Yao; Chen, Tingting; Wu, Pan; Chen, Min; Liu, Bin; Feng, Lu

2018-01-01

Serotyping based on surface polysaccharide antigens is important for the clinical detection and epidemiological surveillance of pathogens. Polysaccharide gene clusters (PSgcs) are typically responsible for the diversity of bacterial surface polysaccharides. Through whole-genome sequencing and analysis, eight putative PSgc types were identified in 23 Enterobacter aerogenes strains from several geographic areas, allowing us to present the first molecular serotyping system for E. aerogenes . A conventional antigenic scheme was also established and correlated well with the molecular serotyping system that was based on PSgc genetic variation, indicating that PSgc-based molecular typing and immunological serology provide equally valid results. Further, a multiplex Luminex-based array was developed, and a double-blind test was conducted with 97 clinical specimens from Shanghai, China, to validate our array. The results of these analyses indicated that strains containing PSgc4 and PSgc7 comprised the predominant groups. We then examined 86 publicly available E. aerogenes strain genomes and identified an additional seven novel PSgc types, with PSgc10 being the most abundant type. In total, our study identified 15 PSgc types in E. aerogenes , providing the basis for a molecular serotyping scheme. From these results, differing epidemic patterns were identified between strains that were predominant in different regions. Our study highlights the feasibility and reliability of a serotyping system based on PSgc diversity, and for the first time, presents a molecular serotyping system, as well as an antigenic scheme for E. aerogenes , providing the basis for molecular diagnostics and epidemiological surveillance of this important emerging pathogen.

What are key determinants of hospital admissions, readmission rate and day case rate within the South African medical schemes population?

Directory of Open Access Journals (Sweden)

Nondumiso Gugu Khumalo

2012-06-01

Full Text Available  BACKGROUND: In South Africa, private hospitals absorb a high proportion of the total health expenditure on private health care. Between 2008-2010 private hospital expenditure which includes ward fees, theatre fees, consumables, medicines and per diem arrangements consumed between 40.5% and 40.9% of the total benefits paid by medical schemes from the risk pool, whilst in-hospital managed care fees ranged between 1.8% and 2.8% for the equivalent years.OBJECTIVE: The aim of this paper is to highlight key factors contributing to utilisation of hospital services within the medical schemes population and to recommend “appropriate” and cost effective strategies on hospital utilisation management.METHODS: A cross sectional survey informed by retrospective analysis of quantitative data was used. Researchers also triangulated quantitative data with systematic review of literature.RESULTS: The results show that demographic indicators such as age profile, dependency ratio, pensioner ratio and prevalence of chronic conditions are not the only key factors influencing hospital admissions, but rather the effectiveness of each medical scheme in containing hospital admissions is also influenced by available technical capacity on utilisation review and audit as well as the managed care methodology including the philosophy underpinning benefit option design.CONCLUSION: This study highlights the importance of “value based” managed care programs linked to benefit option design in health care utilisation management. The choice of one managed care program over the other often leads to tradeoffs whereby unintended consequences emanate. Medical schemes are therefore encouraged to continuously review their managed care programs to ensure value for money as well as better access and health outcomes.http://dx.doi.org/10.7175/fe.v13i2.207

QIM blind video watermarking scheme based on Wavelet transform and principal component analysis

Directory of Open Access Journals (Sweden)

Nisreen I. Yassin

2014-12-01

Full Text Available In this paper, a blind scheme for digital video watermarking is proposed. The security of the scheme is established by using one secret key in the retrieval of the watermark. Discrete Wavelet Transform (DWT is applied on each video frame decomposing it into a number of sub-bands. Maximum entropy blocks are selected and transformed using Principal Component Analysis (PCA. Quantization Index Modulation (QIM is used to quantize the maximum coefficient of the PCA blocks of each sub-band. Then, the watermark is embedded into the selected suitable quantizer values. The proposed scheme is tested using a number of video sequences. Experimental results show high imperceptibility. The computed average PSNR exceeds 45 dB. Finally, the scheme is applied on two medical videos. The proposed scheme shows high robustness against several attacks such as JPEG coding, Gaussian noise addition, histogram equalization, gamma correction, and contrast adjustment in both cases of regular videos and medical videos.

An Efficient V2I Authentication Scheme for VANETs

Directory of Open Access Journals (Sweden)

Yousheng Zhou

2018-01-01

Full Text Available The advent of intelligent transportation system has a crucial impact on the traffic safety and efficiency. To cope with security issues such as spoofing attack and forgery attack, many authentication schemes for vehicular ad hoc networks (VANETs have been developed, which are based on the hypothesis that secret keys are kept perfectly secure. However, key exposure is inevitable on account of the openness of VANET environment. To address this problem, key insulation is introduced in our proposed scheme. With a helper device, vehicles could periodically update their own secret keys. In this way, the forward and backward secrecy has been achieved. In addition, the elliptic curve operations have been integrated to improve the performance. The random oracle model is adopted to prove the security of the proposed scheme, and the experiment has been conducted to demonstrate the comparison between our scheme and the existing similar schemes.

Quantum signature scheme for known quantum messages

International Nuclear Information System (INIS)

Kim, Taewan; Lee, Hyang-Sook

2015-01-01

When we want to sign a quantum message that we create, we can use arbitrated quantum signature schemes which are possible to sign for not only known quantum messages but also unknown quantum messages. However, since the arbitrated quantum signature schemes need the help of a trusted arbitrator in each verification of the signature, it is known that the schemes are not convenient in practical use. If we consider only known quantum messages such as the above situation, there can exist a quantum signature scheme with more efficient structure. In this paper, we present a new quantum signature scheme for known quantum messages without the help of an arbitrator. Differing from arbitrated quantum signature schemes based on the quantum one-time pad with the symmetric key, since our scheme is based on quantum public-key cryptosystems, the validity of the signature can be verified by a receiver without the help of an arbitrator. Moreover, we show that our scheme provides the functions of quantum message integrity, user authentication and non-repudiation of the origin as in digital signature schemes. (paper)

Anonymity-Preserving Public-Key Encryption

DEFF Research Database (Denmark)

Kohlweiss, Markulf; Maurer, Ueli; Onete, Cristina

2013-01-01

security properties have been proposed. We investigate constructions as well as limitations for preserving receiver anonymity when using public-key encryption (PKE). We use the constructive cryptography approach by Maurer and Renner and interpret cryptographic schemes as constructions of a certain ideal...... literature (IND-CCA, key-privacy, weak robustness). We also show that a desirable stronger variant, preventing the adversary from selective ”trial-deliveries” of messages, is unfortunately unachievable by any PKE scheme, no matter how strong. The constructive approach makes the guarantees achieved...... by applying a cryptographic scheme explicit in the constructed (ideal) resource; this specifies the exact requirements for the applicability of a cryptographic scheme in a given context. It also allows to decide which of the existing security properties of such a cryptographic scheme are adequate...

Quantum Watermarking Scheme Based on INEQR

Science.gov (United States)

Zhou, Ri-Gui; Zhou, Yang; Zhu, Changming; Wei, Lai; Zhang, Xiafen; Ian, Hou

2018-04-01

Quantum watermarking technology protects copyright by embedding invisible quantum signal in quantum multimedia data. In this paper, a watermarking scheme based on INEQR was presented. Firstly, the watermark image is extended to achieve the requirement of embedding carrier image. Secondly, the swap and XOR operation is used on the processed pixels. Since there is only one bit per pixel, XOR operation can achieve the effect of simple encryption. Thirdly, both the watermark image extraction and embedding operations are described, where the key image, swap operation and LSB algorithm are used. When the embedding is made, the binary image key is changed. It means that the watermark has been embedded. Of course, if the watermark image is extracted, the key's state need detected. When key's state is |1>, this extraction operation is carried out. Finally, for validation of the proposed scheme, both the Signal-to-noise ratio (PSNR) and the security of the scheme are analyzed.

A full quantum network scheme

International Nuclear Information System (INIS)

Ma Hai-Qiang; Wei Ke-Jin; Yang Jian-Hui; Li Rui-Xue; Zhu Wu

2014-01-01

We present a full quantum network scheme using a modified BB84 protocol. Unlike other quantum network schemes, it allows quantum keys to be distributed between two arbitrary users with the help of an intermediary detecting user. Moreover, it has good expansibility and prevents all potential attacks using loopholes in a detector, so it is more practical to apply. Because the fiber birefringence effects are automatically compensated, the scheme is distinctly stable in principle and in experiment. The simple components for every user make our scheme easier for many applications. The experimental results demonstrate the stability and feasibility of this scheme. (general)

Establishing an external quality assessment scheme for point-of-care international normalized ratio in Thailand.

Science.gov (United States)

Tientadakul, P; Chuntarut, A

2015-08-01

Effective warfarin therapy management has gained national interest, resulting in the increased use of point-of-care testing (POCT) for international normalized ratio (INR). External quality assessment (EQA) is recommended to ensure quality of the testing. CoaguChek XS and CoaguChek XS Plus are the only commonly available POCT INR monitors in Thailand. Therefore, Thailand NEQAS for Blood Coagulation initiated the scheme for POCT INR in 2013, including only hospitals using these devices. Questionnaires were sent to the hospitals, enquiring about their interest in EQA participation. Two surveys were distributed; each included five certified European Concerted Action on Anticoagulation (ECAA) INR plasma sets. Unsatisfactory performance was indicated by a 15% deviation from the certified mean INR value. There were 156 hospitals using the devices. Thirty-five hospitals responded to the questionnaires. Medical personnel undertaking POCT INR were limited to laboratory staff in 29 (83%) of these centers, and 31 hospitals actually participated. The medians of results from participants were the same or nearly the same as the certified mean INRs. External quality assessment for POCT INR in Thailand is feasible using the ECAA plasmas as control materials. The results therefore appear encouraging to other developing countries to establish their own EQA schemes. © 2014 John Wiley & Sons Ltd.

Fine-Grained Forward-Secure Signature Schemes without Random Oracles

DEFF Research Database (Denmark)

Camenisch, Jan; Koprowski, Maciej

2006-01-01

We propose the concept of fine-grained forward-secure signature schemes. Such signature schemes not only provide nonrepudiation w.r.t. past time periods the way ordinary forward-secure signature schemes do but, in addition, allow the signer to specify which signatures of the current time period...... remain valid when revoking the public key. This is an important advantage if the signer produces many signatures per time period as otherwise the signer would have to re-issue those signatures (and possibly re-negotiate the respective messages) with a new key.Apart from a formal model for fine......-grained forward-secure signature schemes, we present practical schemes and prove them secure under the strong RSA assumption only, i.e., we do not resort to the random oracle model to prove security. As a side-result, we provide an ordinary forward-secure scheme whose key-update time is significantly smaller than...

On the diversity-multiplexing tradeoff of secret-key agreement over multiple-antenna channels

KAUST Repository

Zorgui, Marwen

2014-09-01

We consider secret-key agreement with public discussion over Rayleigh fading quasi-static channels. First, the secret-key diversity gain and the secret-key multiplexing gain are defined. Then, the secret-key diversity multiplexing tradeoff (DMT) is established. The eavesdropper is shown to \\'steal\\' only transmit antennas. We show that likewise the DMT without secrecy constraint, the secret-key DMT is the same either with or without full channel state information (CSI) at the transmitter (CSI-T). This insensitivity of secret-key DMT toward CSI-T highlights a fundamental difference between secret-key agreement and the wiretap channel whose secret DMT depends crucially on CSI-T. Several secret-key DMT-achieving schemes are presented in case of full CSI-T.

On the diversity-multiplexing tradeoff of secret-key agreement over multiple-antenna channels

KAUST Repository

Zorgui, Marwen; Rezki, Zouheir; Alomair, Basel; Alouini, Mohamed-Slim

2014-01-01

We consider secret-key agreement with public discussion over Rayleigh fading quasi-static channels. First, the secret-key diversity gain and the secret-key multiplexing gain are defined. Then, the secret-key diversity multiplexing tradeoff (DMT) is established. The eavesdropper is shown to 'steal' only transmit antennas. We show that likewise the DMT without secrecy constraint, the secret-key DMT is the same either with or without full channel state information (CSI) at the transmitter (CSI-T). This insensitivity of secret-key DMT toward CSI-T highlights a fundamental difference between secret-key agreement and the wiretap channel whose secret DMT depends crucially on CSI-T. Several secret-key DMT-achieving schemes are presented in case of full CSI-T.

A Digital Signature Scheme Based on MST3 Cryptosystems

Directory of Open Access Journals (Sweden)

Haibo Hong

2014-01-01

Full Text Available As special types of factorization of finite groups, logarithmic signature and cover have been used as the main components of cryptographic keys for secret key cryptosystems such as PGM and public key cryptosystems like MST1, MST2, and MST3. Recently, Svaba et. al proposed a revised MST3 encryption scheme with greater security. Meanwhile, they put forward an idea of constructing signature schemes on the basis of logarithmic signatures and random covers. In this paper, we firstly design a secure digital signature scheme based on logarithmic signatures and random covers. In order to complete the task, we devise a new encryption scheme based on MST3 cryptosystems.

Secure key distribution by swapping quantum entanglement

International Nuclear Information System (INIS)

Song, Daegene

2004-01-01

We report two key distribution schemes achieved by swapping quantum entanglement. Using two Bell states, two bits of secret key can be shared between two distant parties that play symmetric and equal roles. We also address eavesdropping attacks against the schemes

Security and efficiency data sharing scheme for cloud storage

International Nuclear Information System (INIS)

Han, Ke; Li, Qingbo; Deng, Zhongliang

2016-01-01

With the adoption and diffusion of data sharing paradigm in cloud storage, there have been increasing demands and concerns for shared data security. Ciphertext Policy Attribute-Based Encryption (CP-ABE) is becoming a promising cryptographic solution to the security problem of shared data in cloud storage. However due to key escrow, backward security and inefficiency problems, existing CP-ABE schemes cannot be directly applied to cloud storage system. In this paper, an effective and secure access control scheme for shared data is proposed to solve those problems. The proposed scheme refines the security of existing CP-ABE based schemes. Specifically, key escrow and conclusion problem are addressed by dividing key generation center into several distributed semi-trusted parts. Moreover, secrecy revocation algorithm is proposed to address not only back secrecy but efficient problem in existing CP-ABE based scheme. Furthermore, security and performance analyses indicate that the proposed scheme is both secure and efficient for cloud storage.

A New Quantum Communication Scheme by Using Bell States

International Nuclear Information System (INIS)

Cao Haijing; Chen Jing; Song Heshan

2006-01-01

A new quantum communication scheme based on entanglement swapping is presented. Simplified calculation symbols are adopted to realize the process. Quantum key distribution and quantum secure direct communication can be simultaneously accomplished in the scheme. Two legitimate communicators can secretly share four certain key bits and four random key bits via three EPR pairs (quantum channels).

Breaking a chaos-noise-based secure communication scheme

Science.gov (United States)

Li, Shujun; Álvarez, Gonzalo; Chen, Guanrong; Mou, Xuanqin

2005-03-01

This paper studies the security of a secure communication scheme based on two discrete-time intermittently chaotic systems synchronized via a common random driving signal. Some security defects of the scheme are revealed: 1) The key space can be remarkably reduced; 2) the decryption is insensitive to the mismatch of the secret key; 3) the key-generation process is insecure against known/chosen-plaintext attacks. The first two defects mean that the scheme is not secure enough against brute-force attacks, and the third one means that an attacker can easily break the cryptosystem by approximately estimating the secret key once he has a chance to access a fragment of the generated keystream. Yet it remains to be clarified if intermittent chaos could be used for designing secure chaotic cryptosystems.

Password-based authenticated key exchange scheme using smart card

Science.gov (United States)

Liu, Hui; Zhong, Shaojun

2013-03-01

A protocol that allows any two entities to negotiate a shared session key is commonly called a key exchange protocol. If the protocol provides a function to authenticate each other, we call the protocol authenticated key exchange protocol (AKE). Password authentication key exchange (PAKE) is the AKE protocol in which the two entities share a humanmemorable password. Most of current PAKE relies on the existence of a public key infrastructure, which sometime is impossible for a certain environments such as low computational device due to the computation overhead. In this paper, we propose password-based authenticated key exchange using smart card. Compared to previous PAKE, our protocol is more efficient because our protocol is based on ECC. Thereby, the proposed protocol can be well applied to low computation device.

Efficient multiparty quantum-secret-sharing schemes

International Nuclear Information System (INIS)

Xiao Li; Deng Fuguo; Long Guilu; Pan Jianwei

2004-01-01

In this work, we generalize the quantum-secret-sharing scheme of Hillery, Buzek, and Berthiaume [Phys. Rev. A 59, 1829 (1999)] into arbitrary multiparties. Explicit expressions for the shared secret bit is given. It is shown that in the Hillery-Buzek-Berthiaume quantum-secret-sharing scheme the secret information is shared in the parity of binary strings formed by the measured outcomes of the participants. In addition, we have increased the efficiency of the quantum-secret-sharing scheme by generalizing two techniques from quantum key distribution. The favored-measuring-basis quantum-secret-sharing scheme is developed from the Lo-Chau-Ardehali technique [H. K. Lo, H. F. Chau, and M. Ardehali, e-print quant-ph/0011056] where all the participants choose their measuring-basis asymmetrically, and the measuring-basis-encrypted quantum-secret-sharing scheme is developed from the Hwang-Koh-Han technique [W. Y. Hwang, I. G. Koh, and Y. D. Han, Phys. Lett. A 244, 489 (1998)] where all participants choose their measuring basis according to a control key. Both schemes are asymptotically 100% in efficiency, hence nearly all the Greenberger-Horne-Zeilinger states in a quantum-secret-sharing process are used to generate shared secret information

Quantum Encryption Minimising Key Leakage under Known Plaintext Attacks

DEFF Research Database (Denmark)

Pedersen, Thomas Brochmann

2006-01-01

, or interactive encryption schemes, where the interaction does not need to occur online. In our model we show that the amount of key leaked under a known plaintext attack can be made arbitrarily small even in non-interactive encryption schemes. We also give an encryption scheme where eavesdropping can be detected....... In this encryption scheme the entire key can be safely recycled when no eavesdropping is detected....

FPGA BASED HARDWARE KEY FOR TEMPORAL ENCRYPTION

Directory of Open Access Journals (Sweden)

B. Lakshmi

2010-09-01

Full Text Available In this paper, a novel encryption scheme with time based key technique on an FPGA is presented. Time based key technique ensures right key to be entered at right time and hence, vulnerability of encryption through brute force attack is eliminated. Presently available encryption systems, suffer from Brute force attack and in such a case, the time taken for breaking a code depends on the system used for cryptanalysis. The proposed scheme provides an effective method in which the time is taken as the second dimension of the key so that the same system can defend against brute force attack more vigorously. In the proposed scheme, the key is rotated continuously and four bits are drawn from the key with their concatenated value representing the delay the system has to wait. This forms the time based key concept. Also the key based function selection from a pool of functions enhances the confusion and diffusion to defend against linear and differential attacks while the time factor inclusion makes the brute force attack nearly impossible. In the proposed scheme, the key scheduler is implemented on FPGA that generates the right key at right time intervals which is then connected to a NIOS – II processor (a virtual microcontroller which is brought out from Altera FPGA that communicates with the keys to the personal computer through JTAG (Joint Test Action Group communication and the computer is used to perform encryption (or decryption. In this case the FPGA serves as hardware key (dongle for data encryption (or decryption.

Bit-Oriented Quantum Public-Key Cryptosystem Based on Bell States

Science.gov (United States)

Wu, WanQing; Cai, QingYu; Zhang, HuanGuo; Liang, XiaoYan

2018-06-01

Quantum public key encryption system provides information confidentiality using quantum mechanics. This paper presents a quantum public key cryptosystem ( Q P K C) based on the Bell states. By H o l e v o' s theorem, the presented scheme provides the security of the secret key using one-wayness during the QPKC. While the QPKC scheme is information theoretic security under chosen plaintext attack ( C P A). Finally some important features of presented QPKC scheme can be compared with other QPKC scheme.

Revocable Key-Aggregate Cryptosystem for Data Sharing in Cloud

Directory of Open Access Journals (Sweden)

Qingqing Gan

2017-01-01

Full Text Available With the rapid development of network and storage technology, cloud storage has become a new service mode, while data sharing and user revocation are important functions in the cloud storage. Therefore, according to the characteristics of cloud storage, a revocable key-aggregate encryption scheme is put forward based on subset-cover framework. The proposed scheme not only has the key-aggregate characteristics, which greatly simplifies the user’s key management, but also can revoke user access permissions, realizing the flexible and effective access control. When user revocation occurs, it allows cloud server to update the ciphertext so that revoked users can not have access to the new ciphertext, while nonrevoked users do not need to update their private keys. In addition, a verification mechanism is provided in the proposed scheme, which can verify the updated ciphertext and ensure that the user revocation is performed correctly. Compared with the existing schemes, this scheme can not only reduce the cost of key management and storage, but also realize user revocation and achieve user’s access control efficiently. Finally, the proposed scheme can be proved to be selective chosen-plaintext security in the standard model.

An Improved and Secure Biometric Authentication Scheme for Telecare Medicine Information Systems Based on Elliptic Curve Cryptography.

Science.gov (United States)

Chaudhry, Shehzad Ashraf; Mahmood, Khalid; Naqvi, Husnain; Khan, Muhammad Khurram

2015-11-01

Telecare medicine information system (TMIS) offers the patients convenient and expedite healthcare services remotely anywhere. Patient security and privacy has emerged as key issues during remote access because of underlying open architecture. An authentication scheme can verify patient's as well as TMIS server's legitimacy during remote healthcare services. To achieve security and privacy a number of authentication schemes have been proposed. Very recently Lu et al. (J. Med. Syst. 39(3):1-8, 2015) proposed a biometric based three factor authentication scheme for TMIS to confiscate the vulnerabilities of Arshad et al.'s (J. Med. Syst. 38(12):136, 2014) scheme. Further, they emphasized the robustness of their scheme against several attacks. However, in this paper we establish that Lu et al.'s scheme is vulnerable to numerous attacks including (1) Patient anonymity violation attack, (2) Patient impersonation attack, and (3) TMIS server impersonation attack. Furthermore, their scheme does not provide patient untraceability. We then, propose an improvement of Lu et al.'s scheme. We have analyzed the security of improved scheme using popular automated tool ProVerif. The proposed scheme while retaining the plusses of Lu et al.'s scheme is also robust against known attacks.

Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks.

Science.gov (United States)

Chang, I-Pin; Lee, Tian-Fu; Lin, Tsung-Hung; Liu, Chuan-Ming

2015-11-30

Key agreements that use only password authentication are convenient in communication networks, but these key agreement schemes often fail to resist possible attacks, and therefore provide poor security compared with some other authentication schemes. To increase security, many authentication and key agreement schemes use smartcard authentication in addition to passwords. Thus, two-factor authentication and key agreement schemes using smartcards and passwords are widely adopted in many applications. Vaidya et al. recently presented a two-factor authentication and key agreement scheme for wireless sensor networks (WSNs). Kim et al. observed that the Vaidya et al. scheme fails to resist gateway node bypassing and user impersonation attacks, and then proposed an improved scheme for WSNs. This study analyzes the weaknesses of the two-factor authentication and key agreement scheme of Kim et al., which include vulnerability to impersonation attacks, lost smartcard attacks and man-in-the-middle attacks, violation of session key security, and failure to protect user privacy. An efficient and secure authentication and key agreement scheme for WSNs based on the scheme of Kim et al. is then proposed. The proposed scheme not only solves the weaknesses of previous approaches, but also increases security requirements while maintaining low computational cost.

Fault tolerant control schemes using integral sliding modes

CERN Document Server

Hamayun, Mirza Tariq; Alwi, Halim

2016-01-01

The key attribute of a Fault Tolerant Control (FTC) system is its ability to maintain overall system stability and acceptable performance in the face of faults and failures within the feedback system. In this book Integral Sliding Mode (ISM) Control Allocation (CA) schemes for FTC are described, which have the potential to maintain close to nominal fault-free performance (for the entire system response), in the face of actuator faults and even complete failures of certain actuators. Broadly an ISM controller based around a model of the plant with the aim of creating a nonlinear fault tolerant feedback controller whose closed-loop performance is established during the design process. The second approach involves retro-fitting an ISM scheme to an existing feedback controller to introduce fault tolerance. This may be advantageous from an industrial perspective, because fault tolerance can be introduced without changing the existing control loops. A high fidelity benchmark model of a large transport aircraft is u...

Extensible router for a quantum key distribution network

International Nuclear Information System (INIS)

Zhang Tao; Mo Xiaofan; Han Zhengfu; Guo Guangcan

2008-01-01

Building a quantum key distribution network is crucial for practical quantum cryptography. We present a scheme to build a star topology quantum key distribution network based on wavelength division multiplexing which, with current technology, can connect at least a hundred users. With the scheme, a 4-user demonstration network was built up and key exchanges were performed

An adaptive secret key-directed cryptographic scheme for secure transmission in wireless sensor networks

International Nuclear Information System (INIS)

Muhammad, K.; Jan, Z.; Khan, Z

2015-01-01

Wireless Sensor Networks (WSNs) are memory and bandwidth limited networks whose main goals are to maximize the network lifetime and minimize the energy consumption and transmission cost. To achieve these goals, different techniques of compression and clustering have been used. However, security is an open and major issue in WSNs for which different approaches are used, both in centralized and distributed WSNs' environments. This paper presents an adaptive cryptographic scheme for secure transmission of various sensitive parameters, sensed by wireless sensors to the fusion center for further processing in WSNs such as military networks. The proposed method encrypts the sensitive captured data of sensor nodes using various encryption procedures (bitxor operation, bits shuffling, and secret key based encryption) and then sends it to the fusion center. At the fusion center, the received encrypted data is decrypted for taking further necessary actions. The experimental results with complexity analysis, validate the effectiveness and feasibility of the proposed method in terms of security in WSNs. (author)

Establishment of water quality classification scheme: a case study of ...

African Journals Online (AJOL)

A water quality classification scheme based on 11 routinely measured physicochemical variables has been developed for the Calabar River Estuary. The variables considered include water temperature, pH. Eh, DO, DO saturation, BOD5, COD, TSS, turbidity, NH4-N and electrical conductivity. Classification of water source ...

An enhanced biometric authentication scheme for telecare medicine information systems with nonce using chaotic hash function.

Science.gov (United States)

Das, Ashok Kumar; Goswami, Adrijit

2014-06-01

Recently, Awasthi and Srivastava proposed a novel biometric remote user authentication scheme for the telecare medicine information system (TMIS) with nonce. Their scheme is very efficient as it is based on efficient chaotic one-way hash function and bitwise XOR operations. In this paper, we first analyze Awasthi-Srivastava's scheme and then show that their scheme has several drawbacks: (1) incorrect password change phase, (2) fails to preserve user anonymity property, (3) fails to establish a secret session key beween a legal user and the server, (4) fails to protect strong replay attack, and (5) lacks rigorous formal security analysis. We then a propose a novel and secure biometric-based remote user authentication scheme in order to withstand the security flaw found in Awasthi-Srivastava's scheme and enhance the features required for an idle user authentication scheme. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks, including the replay and man-in-the-middle attacks. Our scheme is also efficient as compared to Awasthi-Srivastava's scheme.

The Diversity-Multiplexing Tradeoff of Secret-Key Agreement over Multiple-Antenna Channels

KAUST Repository

Zorgui, Marwen; Rezki, Zouheir; Alomair, Basel; Alouini, Mohamed-Slim

2015-01-01

We study the problem of secret-key agreement between two legitimate parties, Alice and Bob, in presence an of eavesdropper Eve. There is a public channel with unlimited capacity that is available to the legitimate parties and is also observed by Eve. Our focus is on Rayleigh fading quasi-static channels. The legitimate receiver and the eavesdropper are assumed to have perfect channel knowledge of their channels. We study the system in the high-power regime. First, we define the secret-key diversity gain and the secret-key multiplexing gain. Second, we establish the secret-key diversity multiplexing tradeoff (DMT) under no channel state information (CSI) at the transmitter (CSI-T). The eavesdropper is shown to “steal” only transmit antennas. We show that, likewise the DMT without secrecy constraint, the secret-key DMT is the same either with or without full channel state information at the transmitter. This insensitivity of secret-key DMT toward CSI-T features a fundamental difference between secret-key agreement and the wiretap channel, in which secret DMT depends heavily on CSI-T. Finally, we present several secret-key DMT-achieving schemes in case of full CSI-T. We argue that secret DMT-achieving schemes are also key DMT-achieving. Moreover, we show formally that artificial noise (AN), likewise zero-forcing (ZF), is DMT-achieving. We also show that the public feedback channel improves the outage performance without having any effect on the DMT.

The Diversity-Multiplexing Tradeoff of Secret-Key Agreement over Multiple-Antenna Channels

KAUST Repository

Zorgui, Marwen

2015-10-26

We study the problem of secret-key agreement between two legitimate parties, Alice and Bob, in presence an of eavesdropper Eve. There is a public channel with unlimited capacity that is available to the legitimate parties and is also observed by Eve. Our focus is on Rayleigh fading quasi-static channels. The legitimate receiver and the eavesdropper are assumed to have perfect channel knowledge of their channels. We study the system in the high-power regime. First, we define the secret-key diversity gain and the secret-key multiplexing gain. Second, we establish the secret-key diversity multiplexing tradeoff (DMT) under no channel state information (CSI) at the transmitter (CSI-T). The eavesdropper is shown to “steal” only transmit antennas. We show that, likewise the DMT without secrecy constraint, the secret-key DMT is the same either with or without full channel state information at the transmitter. This insensitivity of secret-key DMT toward CSI-T features a fundamental difference between secret-key agreement and the wiretap channel, in which secret DMT depends heavily on CSI-T. Finally, we present several secret-key DMT-achieving schemes in case of full CSI-T. We argue that secret DMT-achieving schemes are also key DMT-achieving. Moreover, we show formally that artificial noise (AN), likewise zero-forcing (ZF), is DMT-achieving. We also show that the public feedback channel improves the outage performance without having any effect on the DMT.

Certificateless short sequential and broadcast multisignature schemes using elliptic curve bilinear pairings

Directory of Open Access Journals (Sweden)

SK Hafizul Islam

2014-01-01

Full Text Available Several certificateless short signature and multisignature schemes based on traditional public key infrastructure (PKI or identity-based cryptosystem (IBC have been proposed in the literature; however, no certificateless short sequential (or serial multisignature (CL-SSMS or short broadcast (or parallel multisignature (CL-SBMS schemes have been proposed. In this paper, we propose two such new CL-SSMS and CL-SBMS schemes based on elliptic curve bilinear pairing. Like any certificateless public key cryptosystem (CL-PKC, the proposed schemes are free from the public key certificate management burden and the private key escrow problem as found in PKI- and IBC-based cryptosystems, respectively. In addition, the requirements of the expected security level and the fixed length signature with constant verification time have been achieved in our schemes. The schemes are communication efficient as the length of the multisignature is equivalent to a single elliptic curve point and thus become the shortest possible multisignature scheme. The proposed schemes are then suitable for communication systems having resource constrained devices such as PDAs, mobile phones, RFID chips, and sensors where the communication bandwidth, battery life, computing power and storage space are limited.

A combined spectrum sensing and OFDM demodulation scheme

NARCIS (Netherlands)

Heskamp, M.; Slump, Cornelis H.

2009-01-01

In this paper we propose a combined signaling and spectrum sensing scheme for cognitive radio that can detect in-band primary users while the networks own signal is active. The signaling scheme uses OFDM with phase shift keying modulated sub-carriers, and the detection scheme measures the deviation

Securing information using optically generated biometric keys

Science.gov (United States)

Verma, Gaurav; Sinha, Aloka

2016-11-01

In this paper, we present a new technique to obtain biometric keys by using the fingerprint of a person for an optical image encryption system. The key generation scheme uses the fingerprint biometric information in terms of the amplitude mask (AM) and the phase mask (PM) of the reconstructed fingerprint image that is implemented using the digital holographic technique. Statistical tests have been conducted to check the randomness of the fingerprint PM key that enables its usage as an image encryption key. To explore the utility of the generated biometric keys, an optical image encryption system has been further demonstrated based on the phase retrieval algorithm and the double random phase encoding scheme in which keys for the encryption are used as the AM and the PM key. The advantage associated with the proposed scheme is that the biometric keys’ retrieval requires the simultaneous presence of the fingerprint hologram and the correct knowledge of the reconstruction parameters at the decryption stage, which not only verifies the authenticity of the person but also protects the valuable fingerprint biometric features of the keys. Numerical results are carried out to prove the feasibility and the effectiveness of the proposed encryption system.

Single-quadrature continuous-variable quantum key distribution

DEFF Research Database (Denmark)

Gehring, Tobias; Jacobsen, Christian Scheffmann; Andersen, Ulrik Lund

2016-01-01

Most continuous-variable quantum key distribution schemes are based on the Gaussian modulation of coherent states followed by continuous quadrature detection using homodyne detectors. In all previous schemes, the Gaussian modulation has been carried out in conjugate quadratures thus requiring two...... commercialization of continuous-variable quantum key distribution, provided that the low noise requirement can be achieved....

Quantum Communication Scheme Using Non-symmetric Quantum Channel

International Nuclear Information System (INIS)

Cao Haijing; Chen Zhonghua; Song Heshan

2008-01-01

A theoretical quantum communication scheme based on entanglement swapping and superdense coding is proposed with a 3-dimensional Bell state and 2-dimensional Bell state function as quantum channel. quantum key distribution and quantum secure direct communication can be simultaneously accomplished in the scheme. The scheme is secure and has high source capacity. At last, we generalize the quantum communication scheme to d-dimensional quantum channel

A New Privacy-Preserving Handover Authentication Scheme for Wireless Networks.

Science.gov (United States)

Wang, Changji; Yuan, Yuan; Wu, Jiayuan

2017-06-20

Handover authentication is a critical issue in wireless networks, which is being used to ensure mobile nodes wander over multiple access points securely and seamlessly. A variety of handover authentication schemes for wireless networks have been proposed in the literature. Unfortunately, existing handover authentication schemes are vulnerable to a few security attacks, or incur high communication and computation costs. Recently, He et al. proposed a handover authentication scheme PairHand and claimed it can resist various attacks without rigorous security proofs. In this paper, we show that PairHand does not meet forward secrecy and strong anonymity. More seriously, it is vulnerable to key compromise attack, where an adversary can recover the private key of any mobile node. Then, we propose a new efficient and provably secure handover authentication scheme for wireless networks based on elliptic curve cryptography. Compared with existing schemes, our proposed scheme can resist key compromise attack, and achieves forward secrecy and strong anonymity. Moreover, it is more efficient in terms of computation and communication.

Key management issue in SCADA networks: A review

Directory of Open Access Journals (Sweden)

Abdalhossein Rezai

2017-02-01

Full Text Available Supervisory Control And Data Acquisition (SCADA networks have a vital role in Critical Infrastructures (CIs such as public transports, power generation systems, gas, water and oil industries, so that there are concerns on security issues in these networks. The utilized Remote Terminal Units (RTUs and Intelligence Electronic Devices (IEDs in these networks have resource limitations, which make security applications a challenging issue. Efficient key management schemes are required besides lightweight ciphers for securing the SCADA communications. Many key management schemes have been developed to address the tradeoff between SCADA constrain and security, but which scheme is the most effective is still debatable. This paper presents a review of the existing key management schemes in SCADA networks, which provides directions for further researches in this field.

A scheme of hidden-structure attribute-based encryption with multiple authorities

Science.gov (United States)

Ling, J.; Weng, A. X.

2018-05-01

In the most of the CP-ABE schemes with hidden access structure, both all the user attributes and the key generation are managed by only one authority. The key generation efficiency will decrease as the number of user increases, and the data will encounter security issues as the only authority is attacked. We proposed a scheme of hidden-structure attribute-based encryption with multiple authorities, which introduces multiple semi-trusted attribute authorities, avoiding the threat even though one or more authorities are attacked. We also realized user revocation by managing a revocation list. Based on DBDH assumption, we proved that our scheme is of IND-CMA security. The analysis shows that our scheme improves the key generation efficiency.

BossPro: a biometrics-based obfuscation scheme for software protection

Science.gov (United States)

Kuseler, Torben; Lami, Ihsan A.; Al-Assam, Hisham

2013-05-01

This paper proposes to integrate biometric-based key generation into an obfuscated interpretation algorithm to protect authentication application software from illegitimate use or reverse-engineering. This is especially necessary for mCommerce because application programmes on mobile devices, such as Smartphones and Tablet-PCs are typically open for misuse by hackers. Therefore, the scheme proposed in this paper ensures that a correct interpretation / execution of the obfuscated program code of the authentication application requires a valid biometric generated key of the actual person to be authenticated, in real-time. Without this key, the real semantics of the program cannot be understood by an attacker even if he/she gains access to this application code. Furthermore, the security provided by this scheme can be a vital aspect in protecting any application running on mobile devices that are increasingly used to perform business/financial or other security related applications, but are easily lost or stolen. The scheme starts by creating a personalised copy of any application based on the biometric key generated during an enrolment process with the authenticator as well as a nuance created at the time of communication between the client and the authenticator. The obfuscated code is then shipped to the client's mobile devise and integrated with real-time biometric extracted data of the client to form the unlocking key during execution. The novelty of this scheme is achieved by the close binding of this application program to the biometric key of the client, thus making this application unusable for others. Trials and experimental results on biometric key generation, based on client's faces, and an implemented scheme prototype, based on the Android emulator, prove the concept and novelty of this proposed scheme.

Butterfly Encryption Scheme for Resource-Constrained Wireless Networks

Directory of Open Access Journals (Sweden)

Raghav V. Sampangi

2015-09-01

Full Text Available Resource-constrained wireless networks are emerging networks such as Radio Frequency Identification (RFID and Wireless Body Area Networks (WBAN that might have restrictions on the available resources and the computations that can be performed. These emerging technologies are increasing in popularity, particularly in defence, anti-counterfeiting, logistics and medical applications, and in consumer applications with growing popularity of the Internet of Things. With communication over wireless channels, it is essential to focus attention on securing data. In this paper, we present an encryption scheme called Butterfly encryption scheme. We first discuss a seed update mechanism for pseudorandom number generators (PRNG, and employ this technique to generate keys and authentication parameters for resource-constrained wireless networks. Our scheme is lightweight, as in it requires less resource when implemented and offers high security through increased unpredictability, owing to continuously changing parameters. Our work focuses on accomplishing high security through simplicity and reuse. We evaluate our encryption scheme using simulation, key similarity assessment, key sequence randomness assessment, protocol analysis and security analysis.

Butterfly Encryption Scheme for Resource-Constrained Wireless Networks.

Science.gov (United States)

Sampangi, Raghav V; Sampalli, Srinivas

2015-09-15

Resource-constrained wireless networks are emerging networks such as Radio Frequency Identification (RFID) and Wireless Body Area Networks (WBAN) that might have restrictions on the available resources and the computations that can be performed. These emerging technologies are increasing in popularity, particularly in defence, anti-counterfeiting, logistics and medical applications, and in consumer applications with growing popularity of the Internet of Things. With communication over wireless channels, it is essential to focus attention on securing data. In this paper, we present an encryption scheme called Butterfly encryption scheme. We first discuss a seed update mechanism for pseudorandom number generators (PRNG), and employ this technique to generate keys and authentication parameters for resource-constrained wireless networks. Our scheme is lightweight, as in it requires less resource when implemented and offers high security through increased unpredictability, owing to continuously changing parameters. Our work focuses on accomplishing high security through simplicity and reuse. We evaluate our encryption scheme using simulation, key similarity assessment, key sequence randomness assessment, protocol analysis and security analysis.

A continuous variable quantum deterministic key distribution based on two-mode squeezed states

International Nuclear Information System (INIS)

Gong, Li-Hua; Song, Han-Chong; Liu, Ye; Zhou, Nan-Run; He, Chao-Sheng

2014-01-01

The distribution of deterministic keys is of significance in personal communications, but the existing continuous variable quantum key distribution protocols can only generate random keys. By exploiting the entanglement properties of two-mode squeezed states, a continuous variable quantum deterministic key distribution (CVQDKD) scheme is presented for handing over the pre-determined key to the intended receiver. The security of the CVQDKD scheme is analyzed in detail from the perspective of information theory. It shows that the scheme can securely and effectively transfer pre-determined keys under ideal conditions. The proposed scheme can resist both the entanglement and beam splitter attacks under a relatively high channel transmission efficiency. (paper)

Improvement of One Quantum Encryption Scheme

Science.gov (United States)

Cao, Zhengjun; Liu, Lihua

2012-01-01

Zhou et al. proposed a quantum encryption scheme based on quantum computation in 2006 [N. Zhou et al., Physica A362 (2006) 305]. Each qubit of the ciphertext is constrained to two pairs of conjugate states. So, its implementation is feasible with the existing technology. But it is inefficient since it entails six key bits to encrypt one message bit, and the resulting ciphertext for one message bit consists of three qubits. In addition, its security cannot be directly reduced to the well-known BB84 protocol. In this paper, we improve it using the technique developed in BB84 protocol. The new scheme entails only two key bits to encrypt one message bit. The resulting ciphertext is just composed of two qubits. It saves about a half cost without the loss of security. Moreover, the new scheme is probabilistic instead of deterministic.

Symmetric autocompensating quantum key distribution

Science.gov (United States)

Walton, Zachary D.; Sergienko, Alexander V.; Levitin, Lev B.; Saleh, Bahaa E. A.; Teich, Malvin C.

2004-08-01

We present quantum key distribution schemes which are autocompensating (require no alignment) and symmetric (Alice and Bob receive photons from a central source) for both polarization and time-bin qubits. The primary benefit of the symmetric configuration is that both Alice and Bob may have passive setups (neither Alice nor Bob is required to make active changes for each run of the protocol). We show that both the polarization and the time-bin schemes may be implemented with existing technology. The new schemes are related to previously described schemes by the concept of advanced waves.

Four-state discrimination scheme beyond the heterodyne limit

DEFF Research Database (Denmark)

Muller, C. R.; Castaneda, Mario A. Usuga; Wittmann, C.

2012-01-01

We propose and experimentally demonstrate a hybrid discrimination scheme for the quadrature phase shift keying protocol, which outperforms heterodyne detection for any signal power. The discrimination is composed of a quadrature measurement, feed forward and photon detection.......We propose and experimentally demonstrate a hybrid discrimination scheme for the quadrature phase shift keying protocol, which outperforms heterodyne detection for any signal power. The discrimination is composed of a quadrature measurement, feed forward and photon detection....

An authentication scheme for secure access to healthcare services.

Science.gov (United States)

Khan, Muhammad Khurram; Kumari, Saru

2013-08-01

Last few decades have witnessed boom in the development of information and communication technologies. Health-sector has also been benefitted with this advancement. To ensure secure access to healthcare services some user authentication mechanisms have been proposed. In 2012, Wei et al. proposed a user authentication scheme for telecare medical information system (TMIS). Recently, Zhu pointed out offline password guessing attack on Wei et al.'s scheme and proposed an improved scheme. In this article, we analyze both of these schemes for their effectiveness in TMIS. We show that Wei et al.'s scheme and its improvement proposed by Zhu fail to achieve some important characteristics necessary for secure user authentication. We find that security problems of Wei et al.'s scheme stick with Zhu's scheme; like undetectable online password guessing attack, inefficacy of password change phase, traceability of user's stolen/lost smart card and denial-of-service threat. We also identify that Wei et al.'s scheme lacks forward secrecy and Zhu's scheme lacks session key between user and healthcare server. We therefore propose an authentication scheme for TMIS with forward secrecy which preserves the confidentiality of air messages even if master secret key of healthcare server is compromised. Our scheme retains advantages of Wei et al.'s scheme and Zhu's scheme, and offers additional security. The security analysis and comparison results show the enhanced suitability of our scheme for TMIS.

A study on different thermodynamic cycle schemes coupled with a high temperature gas-cooled reactor

International Nuclear Information System (INIS)

Qu, Xinhe; Yang, Xiaoyong; Wang, Jie

2017-01-01

Highlights: • The features of three different power generation schemes, including closed Brayton cycle, non-reheating combined cycle and reheating combined cycle, coupled with high temperature gas-cooled reactor (HTGR) were investigated and compared. • The effects and mechanism of reactor core outlet temperature, compression ratio and other key parameters over cycle characteristics were analyzed by the thermodynamic models.. • It is found that reheated combined cycle has the highest efficiency. Reactor outlet temperature and main steam parameters are key factors to improve the cycle’s performance. - Abstract: With gradual increase in reactor outlet temperature, the efficient power conversion technology has become one of developing trends of (very) high temperature gas-cooled reactors (HTGRs). In this paper, different cycle power generation schemes for HTGRs were systematically studied. Physical and mathematical models were established for these three cycle schemes: closed Brayton cycle, simple combined cycle, and reheated combined cycle. The effects and mechanism of key parameters such as reactor core outlet temperature, reactor core inlet temperature and compression ratio on the features of these cycles were analyzed. Then, optimization results were given with engineering restrictive conditions, including pinch point temperature differences. Results revealed that within the temperature range of HTGRs (700–900 °C), the reheated combined cycle had the highest efficiency, while the simple combined cycle had the lowest efficiency (900 °C). The efficiencies of the closed Brayton cycle, simple combined cycle and reheated combined cycle are 49.5%, 46.6% and 50.1%, respectively. These results provide insights on the different schemes of these cycles, and reveal the effects of key parameters on performance of these cycles. It could be helpful to understand and develop a combined cycle coupled with a high temperature reactor in the future.

A group signature scheme based on quantum teleportation

International Nuclear Information System (INIS)

Wen Xiaojun; Tian Yuan; Ji Liping; Niu Xiamu

2010-01-01

In this paper, we present a group signature scheme using quantum teleportation. Different from classical group signature and current quantum signature schemes, which could only deliver either group signature or unconditional security, our scheme guarantees both by adopting quantum key preparation, quantum encryption algorithm and quantum teleportation. Security analysis proved that our scheme has the characteristics of group signature, non-counterfeit, non-disavowal, blindness and traceability. Our quantum group signature scheme has a foreseeable application in the e-payment system, e-government, e-business, etc.

A group signature scheme based on quantum teleportation

Energy Technology Data Exchange (ETDEWEB)

Wen Xiaojun; Tian Yuan; Ji Liping; Niu Xiamu, E-mail: wxjun36@gmail.co [Information Countermeasure Technique Research Institute, Harbin Institute of Technology, Harbin 150001 (China)

2010-05-01

In this paper, we present a group signature scheme using quantum teleportation. Different from classical group signature and current quantum signature schemes, which could only deliver either group signature or unconditional security, our scheme guarantees both by adopting quantum key preparation, quantum encryption algorithm and quantum teleportation. Security analysis proved that our scheme has the characteristics of group signature, non-counterfeit, non-disavowal, blindness and traceability. Our quantum group signature scheme has a foreseeable application in the e-payment system, e-government, e-business, etc.

Device-independent secret-key-rate analysis for quantum repeaters

Science.gov (United States)

Holz, Timo; Kampermann, Hermann; Bruß, Dagmar

2018-01-01

The device-independent approach to quantum key distribution (QKD) aims to establish a secret key between two or more parties with untrusted devices, potentially under full control of a quantum adversary. The performance of a QKD protocol can be quantified by the secret key rate, which can be lower bounded via the violation of an appropriate Bell inequality in a setup with untrusted devices. We study secret key rates in the device-independent scenario for different quantum repeater setups and compare them to their device-dependent analogon. The quantum repeater setups under consideration are the original protocol by Briegel et al. [Phys. Rev. Lett. 81, 5932 (1998), 10.1103/PhysRevLett.81.5932] and the hybrid quantum repeater protocol by van Loock et al. [Phys. Rev. Lett. 96, 240501 (2006), 10.1103/PhysRevLett.96.240501]. For a given repeater scheme and a given QKD protocol, the secret key rate depends on a variety of parameters, such as the gate quality or the detector efficiency. We systematically analyze the impact of these parameters and suggest optimized strategies.

Quantum dense key distribution

International Nuclear Information System (INIS)

Degiovanni, I.P.; Ruo Berchera, I.; Castelletto, S.; Rastello, M.L.; Bovino, F.A.; Colla, A.M.; Castagnoli, G.

2004-01-01

This paper proposes a protocol for quantum dense key distribution. This protocol embeds the benefits of a quantum dense coding and a quantum key distribution and is able to generate shared secret keys four times more efficiently than the Bennet-Brassard 1984 protocol. We hereinafter prove the security of this scheme against individual eavesdropping attacks, and we present preliminary experimental results, showing its feasibility

Quantum attack-resistent certificateless multi-receiver signcryption scheme.

Directory of Open Access Journals (Sweden)

Huixian Li

Full Text Available The existing certificateless signcryption schemes were designed mainly based on the traditional public key cryptography, in which the security relies on the hard problems, such as factor decomposition and discrete logarithm. However, these problems will be easily solved by the quantum computing. So the existing certificateless signcryption schemes are vulnerable to the quantum attack. Multivariate public key cryptography (MPKC, which can resist the quantum attack, is one of the alternative solutions to guarantee the security of communications in the post-quantum age. Motivated by these concerns, we proposed a new construction of the certificateless multi-receiver signcryption scheme (CLMSC based on MPKC. The new scheme inherits the security of MPKC, which can withstand the quantum attack. Multivariate quadratic polynomial operations, which have lower computation complexity than bilinear pairing operations, are employed in signcrypting a message for a certain number of receivers in our scheme. Security analysis shows that our scheme is a secure MPKC-based scheme. We proved its security under the hardness of the Multivariate Quadratic (MQ problem and its unforgeability under the Isomorphism of Polynomials (IP assumption in the random oracle model. The analysis results show that our scheme also has the security properties of non-repudiation, perfect forward secrecy, perfect backward secrecy and public verifiability. Compared with the existing schemes in terms of computation complexity and ciphertext length, our scheme is more efficient, which makes it suitable for terminals with low computation capacity like smart cards.

Optimal placement of combined heat and power scheme (cogeneration): application to an ethylbenzene plant

International Nuclear Information System (INIS)

Zainuddin Abd Manan; Lim Fang Yee

2001-01-01

Combined heat and power (CHP) scheme, also known as cogeneration is widely accepted as a highly efficient energy saving measure, particularly in medium to large scale chemical process plants. To date, CHP application is well established in the developed countries. The advantage of a CHP scheme for a chemical plant is two-fold: (i) drastically cut down on the electricity bill from on-site power generation (ii) to save the fuel bills through recovery of the quality waste heat from power generation for process heating. In order to be effective, a CHP scheme must be placed at the right temperature level in the context of the overall process. Failure to do so might render a CHP venture worthless. This paper discusses the procedure for an effective implementation of a CHP scheme. An ethylbenzene process is used as a case study. A key visualization tool known as the grand composite curves is used to provide an overall picture of the process heat source and heat sink profiles. The grand composite curve, which is generated based on the first principles of Pinch Analysis enables the CHP scheme to be optimally placed within the overall process scenario. (Author)

A new access scheme in OFDMA systems

Institute of Scientific and Technical Information of China (English)

GU Xue-lin; YAN Wei; TIAN Hui; ZHANG Ping

2006-01-01

This article presents a dynamic random access scheme for orthogonal frequency division multiple access (OFDMA) systems. The key features of the proposed scheme are:it is a combination of both the distributed and the centralized schemes, it can accommodate several delay sensitivity classes,and it can adjust the number of random access channels in a media access control (MAC) frame and the access probability according to the outcome of Mobile Terminals access attempts in previous MAC frames. For floating populated packet-based networks, the proposed scheme possibly leads to high average user satisfaction.

Entangled quantum key distribution with a biased basis choice

International Nuclear Information System (INIS)

Erven, Chris; Ma Xiongfeng; Laflamme, Raymond; Weihs, Gregor

2009-01-01

We investigate a quantum key distribution (QKD) scheme that utilizes a biased basis choice in order to increase the efficiency of the scheme. The optimal bias between the two measurement bases, a more refined error analysis and finite key size effects are all studied in order to assure the security of the final key generated with the system. We then implement the scheme in a local entangled QKD system that uses polarization entangled photon pairs to securely distribute the key. A 50/50 non-polarizing beamsplitter (BS) with different optical attenuators is used to simulate a variable BS in order to allow us to study the operation of the system for different biases. Over 6 h of continuous operation with a total bias of 0.9837/0.0163 (Z/X), we were able to generate 0.4567 secure key bits per raw key bit as compared to 0.2550 secure key bits per raw key bit for the unbiased case. This represents an increase in the efficiency of the key generation rate by 79%.

Resonance ionization scheme development for europium

Energy Technology Data Exchange (ETDEWEB)

Chrysalidis, K., E-mail: katerina.chrysalidis@cern.ch; Goodacre, T. Day; Fedosseev, V. N.; Marsh, B. A. [CERN (Switzerland); Naubereit, P. [Johannes Gutenberg-Universität, Institiut für Physik (Germany); Rothe, S.; Seiffert, C. [CERN (Switzerland); Kron, T.; Wendt, K. [Johannes Gutenberg-Universität, Institiut für Physik (Germany)

2017-11-15

Odd-parity autoionizing states of europium have been investigated by resonance ionization spectroscopy via two-step, two-resonance excitations. The aim of this work was to establish ionization schemes specifically suited for europium ion beam production using the ISOLDE Resonance Ionization Laser Ion Source (RILIS). 13 new RILIS-compatible ionization schemes are proposed. The scheme development was the first application of the Photo Ionization Spectroscopy Apparatus (PISA) which has recently been integrated into the RILIS setup.

A digital memories based user authentication scheme with privacy preservation.

Directory of Open Access Journals (Sweden)

JunLiang Liu

Full Text Available The traditional username/password or PIN based authentication scheme, which still remains the most popular form of authentication, has been proved insecure, unmemorable and vulnerable to guessing, dictionary attack, key-logger, shoulder-surfing and social engineering. Based on this, a large number of new alternative methods have recently been proposed. However, most of them rely on users being able to accurately recall complex and unmemorable information or using extra hardware (such as a USB Key, which makes authentication more difficult and confusing. In this paper, we propose a Digital Memories based user authentication scheme adopting homomorphic encryption and a public key encryption design which can protect users' privacy effectively, prevent tracking and provide multi-level security in an Internet & IoT environment. Also, we prove the superior reliability and security of our scheme compared to other schemes and present a performance analysis and promising evaluation results.

Wind power and market integration, comparative study of financing schemes

International Nuclear Information System (INIS)

2013-10-01

The financing scheme of renewable energies is a key factor for their development pace and cost. As some countries like France, Germany or Spain have chosen a Feed-in Tariff (FiT) scheme, there are in fact four possible financing schemes: FiT, ex-post prime, ex-ante prime, and quotas (green certificates). A market convergence is then supposed to meet two main objectives: the control of market distortions related to wind energy development, and the optimization of wind energy production with respect to market signals. The authors analyse the underlying economic challenges and the ability of financing schemes to meet these objectives within a short term horizon (2015). They present the different financing schemes, analyse the impact of three key economic factors (market distortion, production optimization, financing costs)

Efficient biometric authenticated key agreements based on extended chaotic maps for telecare medicine information systems.

Science.gov (United States)

Lou, Der-Chyuan; Lee, Tian-Fu; Lin, Tsung-Hung

2015-05-01

Authenticated key agreements for telecare medicine information systems provide patients, doctors, nurses and health visitors with accessing medical information systems and getting remote services efficiently and conveniently through an open network. In order to have higher security, many authenticated key agreement schemes appended biometric keys to realize identification except for using passwords and smartcards. Due to too many transmissions and computational costs, these authenticated key agreement schemes are inefficient in communication and computation. This investigation develops two secure and efficient authenticated key agreement schemes for telecare medicine information systems by using biometric key and extended chaotic maps. One scheme is synchronization-based, while the other nonce-based. Compared to related approaches, the proposed schemes not only retain the same security properties with previous schemes, but also provide users with privacy protection and have fewer transmissions and lower computational cost.

Method for adding nodes to a quantum key distribution system

Science.gov (United States)

Grice, Warren P

2015-02-24

An improved quantum key distribution (QKD) system and method are provided. The system and method introduce new clients at intermediate points along a quantum channel, where any two clients can establish a secret key without the need for a secret meeting between the clients. The new clients perform operations on photons as they pass through nodes in the quantum channel, and participate in a non-secret protocol that is amended to include the new clients. The system and method significantly increase the number of clients that can be supported by a conventional QKD system, with only a modest increase in cost. The system and method are compatible with a variety of QKD schemes, including polarization, time-bin, continuous variable and entanglement QKD.

Communication key using delay times in time-delayed chaos synchronization

International Nuclear Information System (INIS)

Kim, Chil-Min; Kye, Won-Ho; Rim, Sunghwan; Lee, Soo-Young

2004-01-01

We propose an efficient key scheme, which can generate a great number of communication keys, for communication using chaos synchronization. We have attained the keys from delay times of time-delay coupled chaotic systems. We explain the scheme and the efficiency by coupling Henon and logistic maps and illustrate them by coupling Navier-Stokes and Lorenz equations as a continuous system

Text analysis of MEDLINE for discovering functional relationships among genes: evaluation of keyword extraction weighting schemes.

Science.gov (United States)

Liu, Ying; Navathe, Shamkant B; Pivoshenko, Alex; Dasigi, Venu G; Dingledine, Ray; Ciliax, Brian J

2006-01-01

One of the key challenges of microarray studies is to derive biological insights from the gene-expression patterns. Clustering genes by functional keyword association can provide direct information about the functional links among genes. However, the quality of the keyword lists significantly affects the clustering results. We compared two keyword weighting schemes: normalised z-score and term frequency-inverse document frequency (TFIDF). Two gene sets were tested to evaluate the effectiveness of the weighting schemes for keyword extraction for gene clustering. Using established measures of cluster quality, the results produced from TFIDF-weighted keywords outperformed those produced from normalised z-score weighted keywords. The optimised algorithms should be useful for partitioning genes from microarray lists into functionally discrete clusters.

VerSAMI: Versatile and Scalable key management for Smart Grid AMI systems

OpenAIRE

Benmalek , Mourad; Challal , Yacine; Derhab , Abdelouahid; Bouabdallah , Abdelmadjid

2018-01-01

International audience; In this paper, we propose four new key management schemes for Advanced Metering Infrastructure (AMI) to secure data communications in the Smart Grid (SG). The schemes are based on individual and batch rekeying operations using a novel multi-group key graph structure, are also versatile in the sense that they can support broadcast, unicast, as well as multicast communications. Security analysis shows that our schemes satisfy key management security properties. Furthermo...

Color encryption scheme based on adapted quantum logistic map

Science.gov (United States)

Zaghloul, Alaa; Zhang, Tiejun; Amin, Mohamed; Abd El-Latif, Ahmed A.

2014-04-01

This paper presents a new color image encryption scheme based on quantum chaotic system. In this scheme, a new encryption scheme is accomplished by generating an intermediate chaotic key stream with the help of quantum chaotic logistic map. Then, each pixel is encrypted by the cipher value of the previous pixel and the adapted quantum logistic map. The results show that the proposed scheme has adequate security for the confidentiality of color images.

The Victorian government`s clean technology incentive scheme

Energy Technology Data Exchange (ETDEWEB)

Connor, M A [Melbourne Univ., Parkville, VIC (Australia). Dept. of Chemical Engineering; Reeve, D [Environment Protection Authority, Melbourne, VIC (Australia)

1994-12-31

Over the past decade environment policies have placed increasing emphasis on waste minimization and cleaner production techniques. The Environment Protection Authority in Victoria, Australia, has sought to encourage waste minimization by establishing a Clean Technology Incentive Scheme. The Scheme was established in 1988 and since then 35 offers of loans have been made. Results to date are encouraging. In this work, case studies of three especially successful projects are presented. 2 refs.

The Victorian government`s clean technology incentive scheme

Energy Technology Data Exchange (ETDEWEB)

Connor, M.A. [Melbourne Univ., Parkville, VIC (Australia). Dept. of Chemical Engineering; Reeve, D. [Environment Protection Authority, Melbourne, VIC (Australia)

1993-12-31

Over the past decade environment policies have placed increasing emphasis on waste minimization and cleaner production techniques. The Environment Protection Authority in Victoria, Australia, has sought to encourage waste minimization by establishing a Clean Technology Incentive Scheme. The Scheme was established in 1988 and since then 35 offers of loans have been made. Results to date are encouraging. In this work, case studies of three especially successful projects are presented. 2 refs.

A provably-secure ECC-based authentication scheme for wireless sensor networks.

Science.gov (United States)

Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

2014-11-06

A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes.

A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks

Science.gov (United States)

Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

2014-01-01

A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes. PMID:25384009

A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Junghyun Nam

2014-11-01

Full Text Available A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000. Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC, and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure schemes.

Secure image retrieval with multiple keys

Science.gov (United States)

Liang, Haihua; Zhang, Xinpeng; Wei, Qiuhan; Cheng, Hang

2018-03-01

This article proposes a secure image retrieval scheme under a multiuser scenario. In this scheme, the owner first encrypts and uploads images and their corresponding features to the cloud; then, the user submits the encrypted feature of the query image to the cloud; next, the cloud compares the encrypted features and returns encrypted images with similar content to the user. To find the nearest neighbor in the encrypted features, an encryption with multiple keys is proposed, in which the query feature of each user is encrypted by his/her own key. To improve the key security and space utilization, global optimization and Gaussian distribution are, respectively, employed to generate multiple keys. The experiments show that the proposed encryption can provide effective and secure image retrieval for each user and ensure confidentiality of the query feature of each user.

A joint asymmetric watermarking and image encryption scheme

Science.gov (United States)

Boato, G.; Conotter, V.; De Natale, F. G. B.; Fontanari, C.

2008-02-01

Here we introduce a novel watermarking paradigm designed to be both asymmetric, i.e., involving a private key for embedding and a public key for detection, and commutative with a suitable encryption scheme, allowing both to cipher watermarked data and to mark encrypted data without interphering with the detection process. In order to demonstrate the effectiveness of the above principles, we present an explicit example where the watermarking part, based on elementary linear algebra, and the encryption part, exploiting a secret random permutation, are integrated in a commutative scheme.

A novel secret image sharing scheme based on chaotic system

Science.gov (United States)

Li, Li; Abd El-Latif, Ahmed A.; Wang, Chuanjun; Li, Qiong; Niu, Xiamu

2012-04-01

In this paper, we propose a new secret image sharing scheme based on chaotic system and Shamir's method. The new scheme protects the shadow images with confidentiality and loss-tolerance simultaneously. In the new scheme, we generate the key sequence based on chaotic system and then encrypt the original image during the sharing phase. Experimental results and analysis of the proposed scheme demonstrate a better performance than other schemes and confirm a high probability to resist brute force attack.

A Hash Based Remote User Authentication and Authenticated Key Agreement Scheme for the Integrated EPR Information System.

Science.gov (United States)

Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi; Wang, Chun-Cheng

2015-11-01

To protect patient privacy and ensure authorized access to remote medical services, many remote user authentication schemes for the integrated electronic patient record (EPR) information system have been proposed in the literature. In a recent paper, Das proposed a hash based remote user authentication scheme using passwords and smart cards for the integrated EPR information system, and claimed that the proposed scheme could resist various passive and active attacks. However, in this paper, we found that Das's authentication scheme is still vulnerable to modification and user duplication attacks. Thereafter we propose a secure and efficient authentication scheme for the integrated EPR information system based on lightweight hash function and bitwise exclusive-or (XOR) operations. The security proof and performance analysis show our new scheme is well-suited to adoption in remote medical healthcare services.

Key Recovery Using Noised Secret Sharing with Discounts over Large Clouds

OpenAIRE

JAJODIA , Sushil; Litwin , Witold; Schwarz , Thomas

2013-01-01

Encryption key loss problem is the Achilles's heel of cryptography. Key escrow helps, but favors disclosures. Schemes for recoverable encryption keys through noised secret sharing alleviate the dilemma. Key owner escrows a specifically encrypted backup. The recovery needs a large cloud. Cloud cost, money trail should rarefy illegal attempts. We now propose noised secret sharing schemes supporting discounts. The recovery request with discount code lowers the recovery complexity, easily by orde...

Key on demand (KoD) for software-defined optical networks secured by quantum key distribution (QKD).

Science.gov (United States)

Cao, Yuan; Zhao, Yongli; Colman-Meixner, Carlos; Yu, Xiaosong; Zhang, Jie

2017-10-30

Software-defined optical networking (SDON) will become the next generation optical network architecture. However, the optical layer and control layer of SDON are vulnerable to cyberattacks. While, data encryption is an effective method to minimize the negative effects of cyberattacks, secure key interchange is its major challenge which can be addressed by the quantum key distribution (QKD) technique. Hence, in this paper we discuss the integration of QKD with WDM optical networks to secure the SDON architecture by introducing a novel key on demand (KoD) scheme which is enabled by a novel routing, wavelength and key assignment (RWKA) algorithm. The QKD over SDON with KoD model follows two steps to provide security: i) quantum key pools (QKPs) construction for securing the control channels (CChs) and data channels (DChs); ii) the KoD scheme uses RWKA algorithm to allocate and update secret keys for different security requirements. To test our model, we define a security probability index which measures the security gain in CChs and DChs. Simulation results indicate that the security performance of CChs and DChs can be enhanced by provisioning sufficient secret keys in QKPs and performing key-updating considering potential cyberattacks. Also, KoD is beneficial to achieve a positive balance between security requirements and key resource usage.

Verifier-based three-party authentication schemes using extended chaotic maps for data exchange in telecare medicine information systems.

Science.gov (United States)

Lee, Tian-Fu

2014-12-01

Telecare medicine information systems provide a communicating platform for accessing remote medical resources through public networks, and help health care workers and medical personnel to rapidly making correct clinical decisions and treatments. An authentication scheme for data exchange in telecare medicine information systems enables legal users in hospitals and medical institutes to establish a secure channel and exchange electronic medical records or electronic health records securely and efficiently. This investigation develops an efficient and secure verified-based three-party authentication scheme by using extended chaotic maps for data exchange in telecare medicine information systems. The proposed scheme does not require server's public keys and avoids time-consuming modular exponential computations and scalar multiplications on elliptic curve used in previous related approaches. Additionally, the proposed scheme is proven secure in the random oracle model, and realizes the lower bounds of messages and rounds in communications. Compared to related verified-based approaches, the proposed scheme not only possesses higher security, but also has lower computational cost and fewer transmissions. Copyright © 2014 Elsevier Ireland Ltd. All rights reserved.

A User Authentication Scheme Based on Elliptic Curves Cryptography for Wireless Ad Hoc Networks.

Science.gov (United States)

Chen, Huifang; Ge, Linlin; Xie, Lei

2015-07-14

The feature of non-infrastructure support in a wireless ad hoc network (WANET) makes it suffer from various attacks. Moreover, user authentication is the first safety barrier in a network. A mutual trust is achieved by a protocol which enables communicating parties to authenticate each other at the same time and to exchange session keys. For the resource-constrained WANET, an efficient and lightweight user authentication scheme is necessary. In this paper, we propose a user authentication scheme based on the self-certified public key system and elliptic curves cryptography for a WANET. Using the proposed scheme, an efficient two-way user authentication and secure session key agreement can be achieved. Security analysis shows that our proposed scheme is resilient to common known attacks. In addition, the performance analysis shows that our proposed scheme performs similar or better compared with some existing user authentication schemes.

A Novel Iris Segmentation Scheme

Directory of Open Access Journals (Sweden)

Chen-Chung Liu

2014-01-01

Full Text Available One of the key steps in the iris recognition system is the accurate iris segmentation from its surrounding noises including pupil, sclera, eyelashes, and eyebrows of a captured eye-image. This paper presents a novel iris segmentation scheme which utilizes the orientation matching transform to outline the outer and inner iris boundaries initially. It then employs Delogne-Kåsa circle fitting (instead of the traditional Hough transform to further eliminate the outlier points to extract a more precise iris area from an eye-image. In the extracted iris region, the proposed scheme further utilizes the differences in the intensity and positional characteristics of the iris, eyelid, and eyelashes to detect and delete these noises. The scheme is then applied on iris image database, UBIRIS.v1. The experimental results show that the presented scheme provides a more effective and efficient iris segmentation than other conventional methods.

Security of helper data Schemes for SRAM-PUF in multiple enrollment scenarios

NARCIS (Netherlands)

Kusters, C.J.; Ignatenko, T.; Maes, R.; van der Sluis, E.; Selimis, G.; Willems, F.M.J.

2017-01-01

Fuzzy commitment and syndrome-based schemes are two well-known helper data schemes used to bind and generate, respectively, a secret key to/from SRAM-PUF observations. To allow the decoder to reconstruct this secret key from a new (verification) observation of an SRAM-PUF, an encoder has to generate

A Spatial Domain Quantum Watermarking Scheme

International Nuclear Information System (INIS)

Wei Zhan-Hong; Chen Xiu-Bo; Niu Xin-Xin; Yang Yi-Xian; Xu Shu-Jiang

2016-01-01

This paper presents a spatial domain quantum watermarking scheme. For a quantum watermarking scheme, a feasible quantum circuit is a key to achieve it. This paper gives a feasible quantum circuit for the presented scheme. In order to give the quantum circuit, a new quantum multi-control rotation gate, which can be achieved with quantum basic gates, is designed. With this quantum circuit, our scheme can arbitrarily control the embedding position of watermark images on carrier images with the aid of auxiliary qubits. Besides reversely acting the given quantum circuit, the paper gives another watermark extracting algorithm based on quantum measurements. Moreover, this paper also gives a new quantum image scrambling method and its quantum circuit. Differ from other quantum watermarking schemes, all given quantum circuits can be implemented with basic quantum gates. Moreover, the scheme is a spatial domain watermarking scheme, and is not based on any transform algorithm on quantum images. Meanwhile, it can make sure the watermark be secure even though the watermark has been found. With the given quantum circuit, this paper implements simulation experiments for the presented scheme. The experimental result shows that the scheme does well in the visual quality and the embedding capacity. (paper)

Symmetric weak ternary quantum homomorphic encryption schemes

Science.gov (United States)

Wang, Yuqi; She, Kun; Luo, Qingbin; Yang, Fan; Zhao, Chao

2016-03-01

Based on a ternary quantum logic circuit, four symmetric weak ternary quantum homomorphic encryption (QHE) schemes were proposed. First, for a one-qutrit rotation gate, a QHE scheme was constructed. Second, in view of the synthesis of a general 3 × 3 unitary transformation, another one-qutrit QHE scheme was proposed. Third, according to the one-qutrit scheme, the two-qutrit QHE scheme about generalized controlled X (GCX(m,n)) gate was constructed and further generalized to the n-qutrit unitary matrix case. Finally, the security of these schemes was analyzed in two respects. It can be concluded that the attacker can correctly guess the encryption key with a maximum probability pk = 1/33n, thus it can better protect the privacy of users’ data. Moreover, these schemes can be well integrated into the future quantum remote server architecture, and thus the computational security of the users’ private quantum information can be well protected in a distributed computing environment.

A Non-symmetric Digital Image Secure Communication Scheme Based on Generalized Chaos Synchronization System

International Nuclear Information System (INIS)

Zhang Xiaohong; Min Lequan

2005-01-01

Based on a generalized chaos synchronization system and a discrete Sinai map, a non-symmetric true color (RGB) digital image secure communication scheme is proposed. The scheme first changes an ordinary RGB digital image with 8 bits into unrecognizable disorder codes and then transforms the disorder codes into an RGB digital image with 16 bits for transmitting. A receiver uses a non-symmetric key to verify the authentication of the received data origin, and decrypts the ciphertext. The scheme can encrypt and decrypt most formatted digital RGB images recognized by computers, and recover the plaintext almost without any errors. The scheme is suitable to be applied in network image communications. The analysis of the key space, sensitivity of key parameters, and correlation of encrypted images imply that this scheme has sound security.

An Efficient Diffusion Scheme for Chaos-Based Digital Image Encryption

Directory of Open Access Journals (Sweden)

Jun-xin Chen

2014-01-01

Full Text Available In recent years, amounts of permutation-diffusion architecture-based image cryptosystems have been proposed. However, the key stream elements in the diffusion procedure are merely depending on the secret key that is usually fixed during the whole encryption process. Cryptosystems of this type suffer from unsatisfactory encryption speed and are considered insecure upon known/chosen plaintext attacks. In this paper, an efficient diffusion scheme is proposed. This scheme consists of two diffusion procedures, with a supplementary diffusion procedure padded after the normal diffusion. In the supplementary diffusion module, the control parameter of the selected chaotic map is altered by the resultant image produced after the normal diffusion operation. As a result, a slight difference in the plain image can be transferred to the chaotic iteration and bring about distinct key streams, and hence totally different cipher images will be produced. Therefore, the scheme can remarkably accelerate the diffusion effect of the cryptosystem and will effectively resist known/chosen plaintext attacks. Theoretical analyses and experimental results prove the high security performance and satisfactory operation efficiency of the proposed scheme.

Finite key analysis in quantum cryptography

International Nuclear Information System (INIS)

Meyer, T.

2007-01-01

In view of experimental realization of quantum key distribution schemes, the study of their efficiency becomes as important as the proof of their security. The latter is the subject of most of the theoretical work about quantum key distribution, and many important results such as the proof of unconditional security have been obtained. The efficiency and also the robustness of quantum key distribution protocols against noise can be measured by figures of merit such as the secret key rate (the fraction of input signals that make it into the key) and the threshold quantum bit error rate (the maximal error rate such that one can still create a secret key). It is important to determine these quantities because they tell us whether a certain quantum key distribution scheme can be used at all in a given situation and if so, how many secret key bits it can generate in a given time. However, these figures of merit are usually derived under the ''infinite key limit'' assumption, that is, one assumes that an infinite number of quantum states are send and that all sub-protocols of the scheme (in particular privacy amplification) are carried out on these infinitely large blocks. Such an assumption usually eases the analysis, but also leads to (potentially) too optimistic values for the quantities in question. In this thesis, we are explicitly avoiding the infinite key limit for the analysis of the privacy amplification step, which plays the most important role in a quantum key distribution scheme. We still assume that an optimal error correction code is applied and we do not take into account any statistical errors that might occur in the parameter estimation step. Renner and coworkers derived an explicit formula for the obtainable key rate in terms of Renyi entropies of the quantum states describing Alice's, Bob's, and Eve's systems. This results serves as a starting point for our analysis, and we derive an algorithm that efficiently computes the obtainable key rate for any

Finite key analysis in quantum cryptography

Energy Technology Data Exchange (ETDEWEB)

Meyer, T.

2007-10-31

In view of experimental realization of quantum key distribution schemes, the study of their efficiency becomes as important as the proof of their security. The latter is the subject of most of the theoretical work about quantum key distribution, and many important results such as the proof of unconditional security have been obtained. The efficiency and also the robustness of quantum key distribution protocols against noise can be measured by figures of merit such as the secret key rate (the fraction of input signals that make it into the key) and the threshold quantum bit error rate (the maximal error rate such that one can still create a secret key). It is important to determine these quantities because they tell us whether a certain quantum key distribution scheme can be used at all in a given situation and if so, how many secret key bits it can generate in a given time. However, these figures of merit are usually derived under the ''infinite key limit'' assumption, that is, one assumes that an infinite number of quantum states are send and that all sub-protocols of the scheme (in particular privacy amplification) are carried out on these infinitely large blocks. Such an assumption usually eases the analysis, but also leads to (potentially) too optimistic values for the quantities in question. In this thesis, we are explicitly avoiding the infinite key limit for the analysis of the privacy amplification step, which plays the most important role in a quantum key distribution scheme. We still assume that an optimal error correction code is applied and we do not take into account any statistical errors that might occur in the parameter estimation step. Renner and coworkers derived an explicit formula for the obtainable key rate in terms of Renyi entropies of the quantum states describing Alice's, Bob's, and Eve's systems. This results serves as a starting point for our analysis, and we derive an algorithm that efficiently computes

Multiple image encryption scheme based on pixel exchange operation and vector decomposition

Science.gov (United States)

Xiong, Y.; Quan, C.; Tay, C. J.

2018-02-01

We propose a new multiple image encryption scheme based on a pixel exchange operation and a basic vector decomposition in Fourier domain. In this algorithm, original images are imported via a pixel exchange operator, from which scrambled images and pixel position matrices are obtained. Scrambled images encrypted into phase information are imported using the proposed algorithm and phase keys are obtained from the difference between scrambled images and synthesized vectors in a charge-coupled device (CCD) plane. The final synthesized vector is used as an input in a random phase encoding (DRPE) scheme. In the proposed encryption scheme, pixel position matrices and phase keys serve as additional private keys to enhance the security of the cryptosystem which is based on a 4-f system. Numerical simulations are presented to demonstrate the feasibility and robustness of the proposed encryption scheme.

A Classification Scheme for Literary Characters

Directory of Open Access Journals (Sweden)

Matthew Berry

2017-10-01

Full Text Available There is no established classification scheme for literary characters in narrative theory short of generic categories like protagonist vs. antagonist or round vs. flat. This is so despite the ubiquity of stock characters that recur across media, cultures, and historical time periods. We present here a proposal of a systematic psychological scheme for classifying characters from the literary and dramatic fields based on a modification of the Thomas-Kilmann (TK Conflict Mode Instrument used in applied studies of personality. The TK scheme classifies personality along the two orthogonal dimensions of assertiveness and cooperativeness. To examine the validity of a modified version of this scheme, we had 142 participants provide personality ratings for 40 characters using two of the Big Five personality traits as well as assertiveness and cooperativeness from the TK scheme. The results showed that assertiveness and cooperativeness were orthogonal dimensions, thereby supporting the validity of using a modified version of TK’s two-dimensional scheme for classifying characters.

Efficient key management for cryptographically enforced access control

NARCIS (Netherlands)

Zych, Anna; Petkovic, Milan; Jonker, Willem

Cryptographic enforcement of access control mechanisms relies on encrypting protected data with the keys stored by authorized users. This approach poses the problem of the distribution of secret keys. In this paper, a key management scheme is presented where each user stores a single key and is

Securing Body Sensor Networks with Biometric Methods: A New Key Negotiation Method and a Key Sampling Method for Linear Interpolation Encryption

OpenAIRE

Zhao, Huawei; Chen, Chi; Hu, Jiankun; Qin, Jing

2015-01-01

We present two approaches that exploit biometric data to address security problems in the body sensor networks: a new key negotiation scheme based on the fuzzy extractor technology and an improved linear interpolation encryption method. The first approach designs two attack games to give the formal definition of fuzzy negotiation that forms a new key negotiation scheme based on fuzzy extractor technology. According to the definition, we further define a concrete structure of fuzzy negotiation...

ESS-FH: Enhanced Security Scheme for Fast Handover in Hierarchical Mobile IPv6

Science.gov (United States)

You, Ilsun; Lee, Jong-Hyouk; Sakurai, Kouichi; Hori, Yoshiaki

Fast Handover for Hierarchical Mobile IPv6 (F-HMIPv6) that combines advantages of Fast Handover for Mobile IPv6 (FMIPv6) and Hierarchical Mobile IPv6 (HMIPv6) achieves the superior performance in terms of handover latency and signaling overhead compared with previously developed mobility protocols. However, without being secured, F-HMIPv6 is vulnerable to various security threats. In 2007, Kang and Park proposed a security scheme, which is seamlessly integrated into F-HMIPv6. In this paper, we reveal that Kang-Park's scheme cannot defend against the Denial of Service (DoS) and redirect attacks while largely relying on the group key. Then, we propose an Enhanced Security Scheme for F-HMIPv6 (ESS-FH) that achieves the strong key exchange and the key independence as well as addresses the weaknesses of Kang-Park's scheme. More importantly, it enables fast handover between different MAP domains. The proposed scheme is formally verified based on BAN-logic, and its handover latency is analyzed and compared with that of Kang-Park's scheme.

Enhancing the performance of the measurement-device-independent quantum key distribution with heralded pair-coherent sources

Energy Technology Data Exchange (ETDEWEB)

Zhu, Feng; Zhang, Chun-Hui; Liu, Ai-Ping [Institute of Signal Processing Transmission, Nanjing University of Posts and Telecommunications, Nanjing 210003 (China); Key Lab of Broadband Wireless Communication and Sensor Network Technology, Nanjing University of Posts and Telecommunications, Ministry of Education, Nanjing 210003 (China); Wang, Qin, E-mail: qinw@njupt.edu.cn [Institute of Signal Processing Transmission, Nanjing University of Posts and Telecommunications, Nanjing 210003 (China); Key Lab of Broadband Wireless Communication and Sensor Network Technology, Nanjing University of Posts and Telecommunications, Ministry of Education, Nanjing 210003 (China); Key Laboratory of Quantum Information, University of Science and Technology of China, Hefei 230026 (China)

2016-04-01

In this paper, we propose to implement the heralded pair-coherent source into the measurement-device-independent quantum key distribution. By comparing its performance with other existing schemes, we demonstrate that our new scheme can overcome many shortcomings existing in current schemes, and show excellent behavior in the quantum key distribution. Moreover, even when taking the statistical fluctuation into account, we can still obtain quite high key generation rate at very long transmission distance by using our new scheme. - Highlights: • Implement the heralded pair-coherent source into the measurement-device-independent quantum key distribution. • Overcome many shortcomings existing in current schemes and show excellent behavior. • Obtain quite high key generation rate even when taking statistical fluctuation into account.

Revocable identity-based proxy re-signature against signing key exposure.

Science.gov (United States)

Yang, Xiaodong; Chen, Chunlin; Ma, Tingchun; Wang, Jinli; Wang, Caifen

2018-01-01

Identity-based proxy re-signature (IDPRS) is a novel cryptographic primitive that allows a semi-trusted proxy to convert a signature under one identity into another signature under another identity on the same message by using a re-signature key. Due to this transformation function, IDPRS is very useful in constructing privacy-preserving schemes for various information systems. Key revocation functionality is important in practical IDPRS for managing users dynamically; however, the existing IDPRS schemes do not provide revocation mechanisms that allow the removal of misbehaving or compromised users from the system. In this paper, we first introduce a notion called revocable identity-based proxy re-signature (RIDPRS) to achieve the revocation functionality. We provide a formal definition of RIDPRS as well as its security model. Then, we present a concrete RIDPRS scheme that can resist signing key exposure and prove that the proposed scheme is existentially unforgeable against adaptive chosen identity and message attacks in the standard model. To further improve the performance of signature verification in RIDPRS, we introduce a notion called server-aided revocable identity-based proxy re-signature (SA-RIDPRS). Moreover, we extend the proposed RIDPRS scheme to the SA-RIDPRS scheme and prove that this extended scheme is secure against adaptive chosen message and collusion attacks. The analysis results show that our two schemes remain efficient in terms of computational complexity when implementing user revocation procedures. In particular, in the SA-RIDPRS scheme, the verifier needs to perform only a bilinear pairing and four exponentiation operations to verify the validity of the signature. Compared with other IDPRS schemes in the standard model, our SA-RIDPRS scheme greatly reduces the computation overhead of verification.

Ponzi scheme diffusion in complex networks

Science.gov (United States)

Zhu, Anding; Fu, Peihua; Zhang, Qinghe; Chen, Zhenyue

2017-08-01

Ponzi schemes taking the form of Internet-based financial schemes have been negatively affecting China's economy for the last two years. Because there is currently a lack of modeling research on Ponzi scheme diffusion within social networks yet, we develop a potential-investor-divestor (PID) model to investigate the diffusion dynamics of Ponzi scheme in both homogeneous and inhomogeneous networks. Our simulation study of artificial and real Facebook social networks shows that the structure of investor networks does indeed affect the characteristics of dynamics. Both the average degree of distribution and the power-law degree of distribution will reduce the spreading critical threshold and will speed up the rate of diffusion. A high speed of diffusion is the key to alleviating the interest burden and improving the financial outcomes for the Ponzi scheme operator. The zero-crossing point of fund flux function we introduce proves to be a feasible index for reflecting the fast-worsening situation of fiscal instability and predicting the forthcoming collapse. The faster the scheme diffuses, the higher a peak it will reach and the sooner it will collapse. We should keep a vigilant eye on the harm of Ponzi scheme diffusion through modern social networks.

Small private key MQPKS on an embedded microprocessor.

Science.gov (United States)

Seo, Hwajeong; Kim, Jihyun; Choi, Jongseok; Park, Taehwan; Liu, Zhe; Kim, Howon

2014-03-19

Multivariate quadratic (MQ) cryptography requires the use of long public and private keys to ensure a sufficient security level, but this is not favorable to embedded systems, which have limited system resources. Recently, various approaches to MQ cryptography using reduced public keys have been studied. As a result of this, at CHES2011 (Cryptographic Hardware and Embedded Systems, 2011), a small public key MQ scheme, was proposed, and its feasible implementation on an embedded microprocessor was reported at CHES2012. However, the implementation of a small private key MQ scheme was not reported. For efficient implementation, random number generators can contribute to reduce the key size, but the cost of using a random number generator is much more complex than computing MQ on modern microprocessors. Therefore, no feasible results have been reported on embedded microprocessors. In this paper, we propose a feasible implementation on embedded microprocessors for a small private key MQ scheme using a pseudo-random number generator and hash function based on a block-cipher exploiting a hardware Advanced Encryption Standard (AES) accelerator. To speed up the performance, we apply various implementation methods, including parallel computation, on-the-fly computation, optimized logarithm representation, vinegar monomials and assembly programming. The proposed method reduces the private key size by about 99.9% and boosts signature generation and verification by 5.78% and 12.19% than previous results in CHES2012.

Small Private Key PKS on an Embedded Microprocessor

Science.gov (United States)

Seo, Hwajeong; Kim, Jihyun; Choi, Jongseok; Park, Taehwan; Liu, Zhe; Kim, Howon

2014-01-01

Multivariate quadratic ( ) cryptography requires the use of long public and private keys to ensure a sufficient security level, but this is not favorable to embedded systems, which have limited system resources. Recently, various approaches to cryptography using reduced public keys have been studied. As a result of this, at CHES2011 (Cryptographic Hardware and Embedded Systems, 2011), a small public key scheme, was proposed, and its feasible implementation on an embedded microprocessor was reported at CHES2012. However, the implementation of a small private key scheme was not reported. For efficient implementation, random number generators can contribute to reduce the key size, but the cost of using a random number generator is much more complex than computing on modern microprocessors. Therefore, no feasible results have been reported on embedded microprocessors. In this paper, we propose a feasible implementation on embedded microprocessors for a small private key scheme using a pseudo-random number generator and hash function based on a block-cipher exploiting a hardware Advanced Encryption Standard (AES) accelerator. To speed up the performance, we apply various implementation methods, including parallel computation, on-the-fly computation, optimized logarithm representation, vinegar monomials and assembly programming. The proposed method reduces the private key size by about 99.9% and boosts signature generation and verification by 5.78% and 12.19% than previous results in CHES2012. PMID:24651722

Two-level schemes for the advection equation

Science.gov (United States)

Vabishchevich, Petr N.

2018-06-01

The advection equation is the basis for mathematical models of continuum mechanics. In the approximate solution of nonstationary problems it is necessary to inherit main properties of the conservatism and monotonicity of the solution. In this paper, the advection equation is written in the symmetric form, where the advection operator is the half-sum of advection operators in conservative (divergent) and non-conservative (characteristic) forms. The advection operator is skew-symmetric. Standard finite element approximations in space are used. The standard explicit two-level scheme for the advection equation is absolutely unstable. New conditionally stable regularized schemes are constructed, on the basis of the general theory of stability (well-posedness) of operator-difference schemes, the stability conditions of the explicit Lax-Wendroff scheme are established. Unconditionally stable and conservative schemes are implicit schemes of the second (Crank-Nicolson scheme) and fourth order. The conditionally stable implicit Lax-Wendroff scheme is constructed. The accuracy of the investigated explicit and implicit two-level schemes for an approximate solution of the advection equation is illustrated by the numerical results of a model two-dimensional problem.

Harmonisation between National and International Tradeable Permit Schemes. CATEP Synthesis Paper

International Nuclear Information System (INIS)

Haites, E.

2003-01-01

It is technically possible to link national emissions trading schemes with widely divergent designs. Where design differences create potential problems, technical solutions are available. The greater the similarity of their designs, the easier schemes are to link. During the 2005 - 2007 period the EU Directive, if it is adopted, will lead to the establishment of at least 25 national emissions trading schemes. The Directive specifies many of the design features of these schemes, but leaves the allocation of allowances, rules for banking allowances into the commitment period, use of the opt-out provision, and a few other design features to Member States. The resulting differences among Member State schemes are unlikely to undermine the links between the schemes established by the Directive. The Community may enter into agreements with non-members for mutual recognition of allowances between their emissions trading schemes, but few, if any, links of this type are expected prior to 2008 for practical reasons. Beginning in 2008, Article 17 of the Kyoto Protocol establishes an international emissions trading scheme that can link the national trading schemes of Annex I Parties. It imposes no requirements for harmonisation on the national emissions trading schemes linked. Some design differences could create technical problems, although solutions are available and at least one of the governments involved has an incentive to solve the problem. Adverse competitiveness impacts due to differences in the distribution of allowances across national schemes may need to be addressed through institutions such as the WTO. Most of the national trading schemes will also be subject to the EU Directive and be subject to greater harmonisation after 2008. The result is likely to be a progressive expansion and integration of greenhouse gas allowance markets over the next decade

Quality Index Method (QIM) scheme developed for farmed Atlantic salmon ( Salmo salar )

DEFF Research Database (Denmark)

Sveinsdóttir, K.; Hyldig, Grethe; Martinsdóttir, E.

2003-01-01

The aim of the study was to develop 'Quality Index Method (QIM) scheme for raw, farmed Atlantic salmon (Salmo salar) and to evaluate the scheme. in a shelf life study. QIM is based on the evaluation of key parameters in the deterioration of seafood's. Demerit points are assigned to selected...... parameters according to their importance and a Quality Index (QI) is established by cumulating the resulting scores. The maximum storage time in ice was determined with Quantitative Descriptive Analysis (QDA) of the salmon after cooking and found to be 20-21 days. This was used as a reference to enable...... prediction of the remaining storage time of raw salmon in ice with QIM. The calculated QI evolved linearly with storage time in ice (QI=0.82x (days in ice)+0.18, R-2=0.97). Individual salmon varied in QI within each storage day. However, the multivariate analysis (PLS1) demonstrated that storage time could...

Integrating a Trust Framework with a Distributed Certificate Validation Scheme for MANETs

Directory of Open Access Journals (Sweden)

Marias Giannis F

2006-01-01

Full Text Available Many trust establishment solutions in mobile ad hoc networks (MANETs rely on public key certificates. Therefore, they should be accompanied by an efficient mechanism for certificate revocation and validation. Ad hoc distributed OCSP for trust (ADOPT is a lightweight, distributed, on-demand scheme based on cached OCSP responses, which provides certificate status information to the nodes of a MANET. In this paper we discuss the ADOPT scheme and issues on its deployment over MANETs. We present some possible threats to ADOPT and suggest the use of a trust assessment and establishment framework, named ad hoc trust framework (ATF, to support ADOPT's robustness and efficiency. ADOPT is deployed as a trust-aware application that provides feedback to ATF, which calculates the trustworthiness of the peer nodes' functions and helps ADOPT to improve its performance by rapidly locating valid certificate status information. Moreover, we introduce the TrustSpan algorithm to reduce the overhead that ATF produces, and the TrustPath algorithm to identify and use trusted routes for propagating sensitive information, such as third parties' accusations. Simulation results show that ATF adds limited overhead compared to its efficiency in detecting and isolating malicious and selfish nodes. ADOPT's reliability is increased, since it can rapidly locate a legitimate response by using information provided by ATF.

Current use of impact models for agri-environment schemes and potential for improvements of policy design and assessment.

Science.gov (United States)

Primdahl, Jørgen; Vesterager, Jens Peter; Finn, John A; Vlahos, George; Kristensen, Lone; Vejre, Henrik

2010-06-01

Agri-Environment Schemes (AES) to maintain or promote environmentally-friendly farming practices were implemented on about 25% of all agricultural land in the EU by 2002. This article analyses and discusses the actual and potential use of impact models in supporting the design, implementation and evaluation of AES. Impact models identify and establish the causal relationships between policy objectives and policy outcomes. We review and discuss the role of impact models at different stages in the AES policy process, and present results from a survey of impact models underlying 60 agri-environmental schemes in seven EU member states. We distinguished among three categories of impact models (quantitative, qualitative or common sense), depending on the degree of evidence in the formal scheme description, additional documents, or key person interviews. The categories of impact models used mainly depended on whether scheme objectives were related to natural resources, biodiversity or landscape. A higher proportion of schemes dealing with natural resources (primarily water) were based on quantitative impact models, compared to those concerned with biodiversity or landscape. Schemes explicitly targeted either on particular parts of individual farms or specific areas tended to be based more on quantitative impact models compared to whole-farm schemes and broad, horizontal schemes. We conclude that increased and better use of impact models has significant potential to improve efficiency and effectiveness of AES. (c) 2009 Elsevier Ltd. All rights reserved.

Randomness determines practical security of BB84 quantum key distribution

Science.gov (United States)

Li, Hong-Wei; Yin, Zhen-Qiang; Wang, Shuang; Qian, Yong-Jun; Chen, Wei; Guo, Guang-Can; Han, Zheng-Fu

2015-11-01

Unconditional security of the BB84 quantum key distribution protocol has been proved by exploiting the fundamental laws of quantum mechanics, but the practical quantum key distribution system maybe hacked by considering the imperfect state preparation and measurement respectively. Until now, different attacking schemes have been proposed by utilizing imperfect devices, but the general security analysis model against all of the practical attacking schemes has not been proposed. Here, we demonstrate that the general practical attacking schemes can be divided into the Trojan horse attack, strong randomness attack and weak randomness attack respectively. We prove security of BB84 protocol under randomness attacking models, and these results can be applied to guarantee the security of the practical quantum key distribution system.

An efficient three-party password-based key agreement protocol using extended chaotic maps

International Nuclear Information System (INIS)

Shu Jian

2015-01-01

Three-party password-based key agreement protocols allow two users to authenticate each other via a public channel and establish a session key with the aid of a trusted server. Recently, Farash et al. [Farash M S, Attari M A 2014 “An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps”, Nonlinear Dynamics 77(7): 399–411] proposed a three-party key agreement protocol by using the extended chaotic maps. They claimed that their protocol could achieve strong security. In the present paper, we analyze Farash et al.’s protocol and point out that this protocol is vulnerable to off-line password guessing attack and suffers communication burden. To handle the issue, we propose an efficient three-party password-based key agreement protocol using extended chaotic maps, which uses neither symmetric cryptosystems nor the server’s public key. Compared with the relevant schemes, our protocol provides better performance in terms of computation and communication. Therefore, it is suitable for practical applications. (paper)

The practicalities and pitfalls of establishing a policy-relevant and cost-effective soil biological monitoring scheme

NARCIS (Netherlands)

Faber, J.H.; Creamer, R.E.; Mulder, C.; Römbke, J.; Rutgers, M.; Sousa, J.P.; Stone, D.; Griffiths, B.S.

2013-01-01

A large number of biological indicators have been proposed over the years for assessing soil quality. Although many of those have been applied in monitoring schemes across Europe, no consensus exists on the extent to which these indicators might perform best and how monitoring schemes can be further

Arbitrated quantum signature scheme based on χ-type entangled states

International Nuclear Information System (INIS)

Zuo, Huijuan; Huang, Wei; Qin, Sujuan

2013-01-01

An arbitrated quantum signature scheme, which is mainly applied in electronic-payment systems, is proposed and investigated. The χ-type entangled states are used for quantum key distribution and quantum signature in this protocol. Compared with previous quantum signature schemes which also utilize χ-type entangled states, the proposed scheme provides higher efficiency. Finally, we also analyze its security under various kinds of attacks. (paper)

Cryptanalysis on a parallel keyed hash function based on chaotic maps

International Nuclear Information System (INIS)

Guo Wei; Wang Xiaoming; He Dake; Cao Yang

2009-01-01

This Letter analyzes the security of a novel parallel keyed hash function based on chaotic maps, proposed by Xiao et al. to improve the efficiency in parallel computing environment. We show how to devise forgery attacks on Xiao's scheme with differential cryptanalysis and give the experiment results of two kinds of forgery attacks firstly. Furthermore, we discuss the problem of weak keys in the scheme and demonstrate how to utilize weak keys to construct collision.

Small Private Key MQPKS on an Embedded Microprocessor

Directory of Open Access Journals (Sweden)

Hwajeong Seo

2014-03-01

Full Text Available Multivariate quadratic (MQ cryptography requires the use of long public and private keys to ensure a sufficient security level, but this is not favorable to embedded systems, which have limited system resources. Recently, various approaches to MQ cryptography using reduced public keys have been studied. As a result of this, at CHES2011 (Cryptographic Hardware and Embedded Systems, 2011, a small public key MQ scheme, was proposed, and its feasible implementation on an embedded microprocessor was reported at CHES2012. However, the implementation of a small private key MQ scheme was not reported. For efficient implementation, random number generators can contribute to reduce the key size, but the cost of using a random number generator is much more complex than computing MQ on modern microprocessors. Therefore, no feasible results have been reported on embedded microprocessors. In this paper, we propose a feasible implementation on embedded microprocessors for a small private key MQ scheme using a pseudo-random number generator and hash function based on a block-cipher exploiting a hardware Advanced Encryption Standard (AES accelerator. To speed up the performance, we apply various implementation methods, including parallel computation, on-the-fly computation, optimized logarithm representation, vinegar monomials and assembly programming. The proposed method reduces the private key size by about 99.9% and boosts signature generation and verification by 5.78% and 12.19% than previous results in CHES2012.

Near-optimal labeling schemes for nearest common ancestors

DEFF Research Database (Denmark)

Alstrup, Stephen; Bistrup Halvorsen, Esben; Larsen, Kasper Green

2014-01-01

and Korman (STOC'10) established that labels in ancestor labeling schemes have size log n + Θ(log log n), our new lower bound separates ancestor and NCA labeling schemes. Our upper bound improves the 10 log n upper bound by Alstrup, Gavoille, Kaplan and Rauhe (TOCS'04), and our theoretical result even...

An efficient quantum scheme for Private Set Intersection

Science.gov (United States)

Shi, Run-hua; Mu, Yi; Zhong, Hong; Cui, Jie; Zhang, Shun

2016-01-01

Private Set Intersection allows a client to privately compute set intersection with the collaboration of the server, which is one of the most fundamental and key problems within the multiparty collaborative computation of protecting the privacy of the parties. In this paper, we first present a cheat-sensitive quantum scheme for Private Set Intersection. Compared with classical schemes, our scheme has lower communication complexity, which is independent of the size of the server's set. Therefore, it is very suitable for big data services in Cloud or large-scale client-server networks.

Delay and cost performance analysis of the diffie-hellman key exchange protocol in opportunistic mobile networks

Science.gov (United States)

Soelistijanto, B.; Muliadi, V.

2018-03-01

Diffie-Hellman (DH) provides an efficient key exchange system by reducing the number of cryptographic keys distributed in the network. In this method, a node broadcasts a single public key to all nodes in the network, and in turn each peer uses this key to establish a shared secret key which then can be utilized to encrypt and decrypt traffic between the peer and the given node. In this paper, we evaluate the key transfer delay and cost performance of DH in opportunistic mobile networks, a specific scenario of MANETs where complete end-to-end paths rarely exist between sources and destinations; consequently, the end-to-end delays in these networks are much greater than typical MANETs. Simulation results, driven by a random node movement model and real human mobility traces, showed that DH outperforms a typical key distribution scheme based on the RSA algorithm in terms of key transfer delay, measured by average key convergence time; however, DH performs as well as the benchmark in terms of key transfer cost, evaluated by total key (copies) forwards.

A Key Management Method for Cryptographically Enforced Access Control

NARCIS (Netherlands)

Zych, Anna; Petkovic, Milan; Jonker, Willem; Fernández-Medina, Eduardo; Yagüe, Mariemma I.

Cryptographic enforcement of access control mechanisms relies on encrypting protected data with the keys stored by authorized users. This approach poses the problem of the distribution of secret keys. In this paper, a key management scheme is presented where each user stores a single key and is

A Robust SRAM-PUF Key Generation Scheme Based on Polar Codes

OpenAIRE

Chen, Bin; Ignatenko, Tanya; Willems, Frans M. J.; Maes, Roel; van der Sluis, Erik; Selimis, Georgios

2017-01-01

Physical unclonable functions (PUFs) are relatively new security primitives used for device authentication and device-specific secret key generation. In this paper we focus on SRAM-PUFs. The SRAM-PUFs enjoy uniqueness and randomness properties stemming from the intrinsic randomness of SRAM memory cells, which is a result of manufacturing variations. This randomness can be translated into the cryptographic keys thus avoiding the need to store and manage the device cryptographic keys. Therefore...

Navigators’ Behavior in Traffic Separation Schemes

Directory of Open Access Journals (Sweden)

Zbigniew Pietrzykowski

2015-03-01

Full Text Available One of the areas of decision support in the navigational ship conduct process is a Traffic Separation Scheme. TSSs are established in areas with high traffic density, often near the shore and in port approaches. The main purpose of these schemes is to improve maritime safety by channeling vessel traffic into streams. Traffic regulations as well as ships behavior in real conditions in chosen TSSs have been analyzed in order to develop decision support algorithms.

Quantum key distribution without alternative measurements

CERN Document Server

Cabello, A

2000-01-01

Entanglement swapping between Einstein-Podolsky-Rosen (EPR) pairs can be used to generate the same sequence of random bits in two remote places. A quantum key distribution protocol based on this idea is described. The scheme exhibits the following features. (a) It does not require that Alice and Bob choose between alternative measurements, therefore improving the rate of generated bits by transmitted qubit. (b) It allows Alice and Bob to generate a key of arbitrary length using a single quantum system (three EPR pairs), instead of a long sequence of them. (c) Detecting Eve requires the comparison of fewer bits. (d) Entanglement is an essential ingredient. The scheme assumes reliable measurements of the Bell operator. (20 refs).

Secure Trust Based Key Management Routing Framework for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Jugminder Kaur

2016-01-01

Full Text Available Security is always a major concern in wireless sensor networks (WSNs. Several trust based routing protocols are designed that play an important role in enhancing the performance of a wireless network. However they still have some disadvantages like limited energy resources, susceptibility to physical capture, and little protection against various attacks due to insecure wireless communication channels. This paper presents a secure trust based key management (STKF routing framework that establishes a secure trustworthy route depending upon the present and past node to node interactions. This route is then updated by isolating the malicious or compromised nodes from the route, if any, and a dedicated link is created between every pair of nodes in the selected route with the help of “q” composite random key predistribution scheme (RKPS to ensure data delivery from source to destination. The performance of trust aware secure routing framework (TSRF is compared with the proposed routing scheme. The results indicate that STKF provides an effective mechanism for finding out a secure route with better trustworthiness than TSRF which avoids the data dropping, thereby increasing the data delivery ratio. Also the distance required to reach the destination in the proposed protocol is less hence effectively utilizing the resources.

Continuous variable quantum key distribution with modulated entangled states

DEFF Research Database (Denmark)

Madsen, Lars S; Usenko, Vladyslav C.; Lassen, Mikael

2012-01-01

Quantum key distribution enables two remote parties to grow a shared key, which they can use for unconditionally secure communication over a certain distance. The maximal distance depends on the loss and the excess noise of the connecting quantum channel. Several quantum key distribution schemes...... based on coherent states and continuous variable measurements are resilient to high loss in the channel, but are strongly affected by small amounts of channel excess noise. Here we propose and experimentally address a continuous variable quantum key distribution protocol that uses modulated fragile...... entangled states of light to greatly enhance the robustness to channel noise. We experimentally demonstrate that the resulting quantum key distribution protocol can tolerate more noise than the benchmark set by the ideal continuous variable coherent state protocol. Our scheme represents a very promising...

Short-term incentive schemes for hospital managers

Directory of Open Access Journals (Sweden)

Lucas Malambe

2013-10-01

Full Text Available Orientation: Short-term incentives, considered to be an extrinsic motivation, are commonly used to motivate performance. This study explored hospital managers’ perceptions of short term incentives in maximising performance and retention. Research purpose: The study explored the experiences, views and perceptions of private hospital managers in South Africa regarding the use of short-term incentives to maximise performance and retention, as well as the applicability of the findings to public hospitals. Motivation for the study: Whilst there is an established link between performance reward schemes and organisational performance, there is little understanding of the effects of short term incentives on the performance and retention of hospital managers within the South African context. Research design, approach, and method: The study used a qualitative research design: interviews were conducted with a purposive sample of 19 hospital managers, and a thematic content analysis was performed. Main findings: Short-term incentives may not be the primary motivator for hospital managers, but they do play a critical role in sustaining motivation. Participants indicated that these schemes could also be applicable to public hospitals. Practical/managerial implications: Hospital managers are inclined to be more motivated by intrinsic than extrinsic factors. However, hospital managers (as middle managers also seem to be motivated by short-term incentives. A combination of intrinsic and extrinsic motivators should thus be used to maximise performance and retention. Contribution/value-add: Whilst the study sought to explore hospital managers’ perceptions of short-term incentives, it also found that an adequate balance between internal and external motivators is key to implementing an effective short-term incentive scheme.

Comparative evaluation of remote maintenance schemes for fusion DEMO reactor

Energy Technology Data Exchange (ETDEWEB)

Utoh, Hiroyasu, E-mail: uto.hiroyasu@jaea.go.jp; Tobita, Kenji; Someya, Youji; Asakura, Nobuyuki; Sakamoto, Yoshiteru; Hoshino, Kazuo; Nakamura, Makoto

2015-10-15

Highlights: • Various remote maintenance schemes for DEMO were comparatively assessed based on requirements for DEMO remote maintenance. • The banana shape segment transport using all vertical maintenance ports would be more probable DEMO reactor maintenance scheme. • The key engineering issues are in-vessel transferring mechanism of segment, pipe connection and conducting shell design for plasma vertical stability. - Abstract: Maintenance schemes are one of the critical issues in DEMO design, significantly affecting the configuration of in-vessel components, the size of toroidal field (TF) coil, the arrangement of poloidal field (PF) coils, reactor building, hot cell and so forth. Therefore, the maintenance schemes should satisfy many design requirements and criteria to assure reliable and safe plant operation and to attain reasonable plant availability. The plant availability depends on reliability of remote maintenance scheme, inspection of pipe connection and plasma operation. In this paper, various remote maintenance schemes for DEMO were comparatively assessed based on requirements for DEMO remote maintenance. From the view points of the reliability of inspection on hot cell, TF coil size, stored energy of PF coil and portability of segment, the banana shape segment transport using all vertical maintenance ports would be more probable DEMO reactor maintenance scheme, and it has key engineering issues such as in-vessel transferring mechanism of segment, pipe connection and conducting shell design for plasma vertical stability.

Comparative evaluation of remote maintenance schemes for fusion DEMO reactor

International Nuclear Information System (INIS)

Utoh, Hiroyasu; Tobita, Kenji; Someya, Youji; Asakura, Nobuyuki; Sakamoto, Yoshiteru; Hoshino, Kazuo; Nakamura, Makoto

2015-01-01

Highlights: • Various remote maintenance schemes for DEMO were comparatively assessed based on requirements for DEMO remote maintenance. • The banana shape segment transport using all vertical maintenance ports would be more probable DEMO reactor maintenance scheme. • The key engineering issues are in-vessel transferring mechanism of segment, pipe connection and conducting shell design for plasma vertical stability. - Abstract: Maintenance schemes are one of the critical issues in DEMO design, significantly affecting the configuration of in-vessel components, the size of toroidal field (TF) coil, the arrangement of poloidal field (PF) coils, reactor building, hot cell and so forth. Therefore, the maintenance schemes should satisfy many design requirements and criteria to assure reliable and safe plant operation and to attain reasonable plant availability. The plant availability depends on reliability of remote maintenance scheme, inspection of pipe connection and plasma operation. In this paper, various remote maintenance schemes for DEMO were comparatively assessed based on requirements for DEMO remote maintenance. From the view points of the reliability of inspection on hot cell, TF coil size, stored energy of PF coil and portability of segment, the banana shape segment transport using all vertical maintenance ports would be more probable DEMO reactor maintenance scheme, and it has key engineering issues such as in-vessel transferring mechanism of segment, pipe connection and conducting shell design for plasma vertical stability.

Does the operations of the National Health Insurance Scheme (NHIS) in Ghana align with the goals of Primary Health Care? Perspectives of key stakeholders in northern Ghana.

Science.gov (United States)

Awoonor-Williams, John Koku; Tindana, Paulina; Dalinjong, Philip Ayizem; Nartey, Harry; Akazili, James

2016-09-05

In 2005, the World Health Assembly (WHA) of the World Health Organization (WHO) urged member states to aim at achieving affordable universal coverage and access to key promotive, preventive, curative, rehabilitative and palliative health interventions for all their citizens on the basis of equity and solidarity. Since then, some African countries, including Ghana, have taken steps to introduce national health insurance reforms as one of the key strategies towards achieving universal health coverage (UHC). The aim of this study was to get a better understanding of how Ghana's health insurance institutions interact with stakeholders and other health sector programmes in promoting primary health care (PHC). Specifically, the study identified the key areas of misalignment between the operations of the NHIS and that of PHC. Using qualitative and survey methods, this study involved interviews with various stakeholders in six selected districts in the Upper East region of Ghana. The key stakeholders included the National Health Insurance Authority (NHIA), district coordinators of the National Health Insurance Schemes (NHIS), the Ghana Health Service (GHS) and District Health Management Teams (DHMTs) who supervise the district hospitals, health centers/clinics and the Community-based Health and Planning Services (CHPS) compounds as well as other public and private PHC providers. A stakeholders' workshop was organized to validate the preliminary results which provided a platform for stakeholders to deliberate on the key areas of misalignment especially, and to elicit additional information, ideas and responses, comments and recommendations from respondents for the achievement of the goals of UHC and PHC. The key areas of misalignments identified during this pilot study included: delays in reimbursements of claims for services provided by health care providers, which serves as a disincentive for service providers to support the NHIS; inadequate coordination among

An optimized encoding method for secure key distribution by swapping quantum entanglement and its extension

International Nuclear Information System (INIS)

Gao Gan

2015-01-01

Song [Song D 2004 Phys. Rev. A 69 034301] first proposed two key distribution schemes with the symmetry feature. We find that, in the schemes, the private channels which Alice and Bob publicly announce the initial Bell state or the measurement result through are not needed in discovering keys, and Song’s encoding methods do not arrive at the optimization. Here, an optimized encoding method is given so that the efficiencies of Song’s schemes are improved by 7/3 times. Interestingly, this optimized encoding method can be extended to the key distribution scheme composed of generalized Bell states. (paper)

Time-and-ID-Based Proxy Reencryption Scheme

Directory of Open Access Journals (Sweden)

Kambombo Mtonga

2014-01-01

Full Text Available Time- and ID-based proxy reencryption scheme is proposed in this paper in which a type-based proxy reencryption enables the delegator to implement fine-grained policies with one key pair without any additional trust on the proxy. However, in some applications, the time within which the data was sampled or collected is very critical. In such applications, for example, healthcare and criminal investigations, the delegatee may be interested in only some of the messages with some types sampled within some time bound instead of the entire subset. Hence, in order to carter for such situations, in this paper, we propose a time-and-identity-based proxy reencryption scheme that takes into account the time within which the data was collected as a factor to consider when categorizing data in addition to its type. Our scheme is based on Boneh and Boyen identity-based scheme (BB-IBE and Matsuo’s proxy reencryption scheme for identity-based encryption (IBE to IBE. We prove that our scheme is semantically secure in the standard model.

Asynchronous Channel-Hopping Scheme under Jamming Attacks

Directory of Open Access Journals (Sweden)

Yongchul Kim

2018-01-01

Full Text Available Cognitive radio networks (CRNs are considered an attractive technology to mitigate inefficiency in the usage of licensed spectrum. CRNs allow the secondary users (SUs to access the unused licensed spectrum and use a blind rendezvous process to establish communication links between SUs. In particular, quorum-based channel-hopping (CH schemes have been studied recently to provide guaranteed blind rendezvous in decentralized CRNs without using global time synchronization. However, these schemes remain vulnerable to jamming attacks. In this paper, we first analyze the limitations of quorum-based rendezvous schemes called asynchronous channel hopping (ACH. Then, we introduce a novel sequence sensing jamming attack (SSJA model in which a sophisticated jammer can dramatically reduce the rendezvous success rates of ACH schemes. In addition, we propose a fast and robust asynchronous rendezvous scheme (FRARS that can significantly enhance robustness under jamming attacks. Our numerical results demonstrate that the performance of the proposed scheme vastly outperforms the ACH scheme when there are security concerns about a sequence sensing jammer.

Analysis and improvement for the performance of Baptista's cryptographic scheme

International Nuclear Information System (INIS)

Wei Jun; Liao Xiaofeng; Wong, K.W.; Zhou Tsing; Deng Yigui

2006-01-01

Based on Baptista's chaotic cryptosystem, we propose a secure and robust chaotic cryptographic scheme after investigating the problems found in this cryptosystem as well as its variants. In this proposed scheme, a subkey array generated from the key and the plaintext is adopted to enhance the security. Some methods are introduced to increase the efficiency. Theoretical analyses and numerical simulations indicate that the proposed scheme is secure and efficient for practical use

Pilot-multiplexed continuous-variable quantum key distribution with a real local oscillator

Science.gov (United States)

Wang, Tao; Huang, Peng; Zhou, Yingming; Liu, Weiqi; Zeng, Guihua

2018-01-01

We propose a pilot-multiplexed continuous-variable quantum key distribution (CVQKD) scheme based on a local local oscillator (LLO). Our scheme utilizes time-multiplexing and polarization-multiplexing techniques to dramatically isolate the quantum signal from the pilot, employs two heterodyne detectors to separately detect the signal and the pilot, and adopts a phase compensation method to almost eliminate the multifrequency phase jitter. In order to analyze the performance of our scheme, a general LLO noise model is constructed. Besides the phase noise and the modulation noise, the photon-leakage noise from the reference path and the quantization noise due to the analog-to-digital converter (ADC) are also considered, which are first analyzed in the LLO regime. Under such general noise model, our scheme has a higher key rate and longer secure distance compared with the preexisting LLO schemes. Moreover, we also conduct an experiment to verify our pilot-multiplexed scheme. Results show that it maintains a low level of the phase noise and is expected to obtain a 554-Kbps secure key rate within a 15-km distance under the finite-size effect.

Efficient and Provable Secure Pairing-Free Security-Mediated Identity-Based Identification Schemes

Directory of Open Access Journals (Sweden)

Ji-Jian Chin

2014-01-01

Full Text Available Security-mediated cryptography was first introduced by Boneh et al. in 2001. The main motivation behind security-mediated cryptography was the capability to allow instant revocation of a user’s secret key by necessitating the cooperation of a security mediator in any given transaction. Subsequently in 2003, Boneh et al. showed how to convert a RSA-based security-mediated encryption scheme from a traditional public key setting to an identity-based one, where certificates would no longer be required. Following these two pioneering papers, other cryptographic primitives that utilize a security-mediated approach began to surface. However, the security-mediated identity-based identification scheme (SM-IBI was not introduced until Chin et al. in 2013 with a scheme built on bilinear pairings. In this paper, we improve on the efficiency results for SM-IBI schemes by proposing two schemes that are pairing-free and are based on well-studied complexity assumptions: the RSA and discrete logarithm assumptions.

Efficient and provable secure pairing-free security-mediated identity-based identification schemes.

Science.gov (United States)

Chin, Ji-Jian; Tan, Syh-Yuan; Heng, Swee-Huay; Phan, Raphael C-W

2014-01-01

Security-mediated cryptography was first introduced by Boneh et al. in 2001. The main motivation behind security-mediated cryptography was the capability to allow instant revocation of a user's secret key by necessitating the cooperation of a security mediator in any given transaction. Subsequently in 2003, Boneh et al. showed how to convert a RSA-based security-mediated encryption scheme from a traditional public key setting to an identity-based one, where certificates would no longer be required. Following these two pioneering papers, other cryptographic primitives that utilize a security-mediated approach began to surface. However, the security-mediated identity-based identification scheme (SM-IBI) was not introduced until Chin et al. in 2013 with a scheme built on bilinear pairings. In this paper, we improve on the efficiency results for SM-IBI schemes by proposing two schemes that are pairing-free and are based on well-studied complexity assumptions: the RSA and discrete logarithm assumptions.

Studying and comparing spectrum efficiency and error probability in GMSK and DBPSK modulation schemes

Directory of Open Access Journals (Sweden)

Juan Mario Torres Nova

2008-09-01

Full Text Available Gaussian minimum shift keying (GMSK and differential binary phase shift keying (DBPSK are two digital modulation schemes which are -frequently used in radio communication systems; however, there is interdependence in the use of its benefits (spectral efficiency, low bit error rate, low inter symbol interference, etc. Optimising one parameter creates problems for another; for example, the GMSK scheme succeeds in reducing bandwidth when introducing a Gaussian filter into an MSK (minimum shift ke-ying modulator in exchange for increasing inter-symbol interference in the system. The DBPSK scheme leads to lower error pro-bability, occupying more bandwidth; it likewise facilitates synchronous data transmission due to the receiver’s bit delay when re-covering a signal.

Development of the Latvian scheme for energy auditing of buildings and inspection of boilers and air-conditioning systems. Final report institutional set-up

Energy Technology Data Exchange (ETDEWEB)

NONE

2004-12-01

To implement EU directive 93/76/EEC on reduction of carbon dioxide emission by increasing energy efficiency and EU directive 2002/91/EC on building energy efficiency, Latvia must establish and institutional scheme and define all the organisations involved. From a general perspective the institutional scheme must as a minimum include the following four key players: the administrator, the operating unit, the auditors or independent experts, and finally the client. Furthermore, institutions dealing with financing of energy efficiency improvement activities, training and certification of experts, information about auditing and energy efficiency etc. need to be involved. At present there is no governmental or private Latvian organisation that could fully rearrange and assume the duties of an energy audit scheme secretariat. It is therefore recommended initially to place the secretariat as a separate, new unit within the Ministry of Economy, financed by the Ministry of Economy, with the intention of establishing at a later stage (after e.g. 5 years) a separate, new agency, an Energy Efficiency Agency partly financed by the incomes from the energy audit and boiler inspection schemes. The Secretariat should, both in its initial phase and later, assign the tasks of training, information campaigns, quality assurance and evaluation to external organisations. (BA)

Generalization of binary tensor product schemes depends upon four parameters

International Nuclear Information System (INIS)

Bashir, R.; Bari, M.; Mustafa, G.

2018-01-01

This article deals with general formulae of parametric and non parametric bivariate subdivision scheme with four parameters. By assigning specific values to those parameters we get some special cases of existing tensor product schemes as well as a new proposed scheme. The behavior of schemes produced by the general formulae is interpolating, approximating and relaxed. Approximating bivariate subdivision schemes produce some other surfaces as compared to interpolating bivariate subdivision schemes. Polynomial reproduction and polynomial generation are desirable properties of subdivision schemes. Capability of polynomial reproduction and polynomial generation is strongly connected with smoothness, sum rules, convergence and approximation order. We also calculate the polynomial generation and polynomial reproduction of 9-point bivariate approximating subdivision scheme. Comparison of polynomial reproduction, polynomial generation and continuity of existing and proposed schemes has also been established. Some numerical examples are also presented to show the behavior of bivariate schemes. (author)

An Attribute Involved Public Key Cryptosystem Based on P-Sylow Subgroups and Randomization

Directory of Open Access Journals (Sweden)

Sumalatha GUNNALA

2018-04-01

Full Text Available The Asymmetric Key Cryptosystem (AKC or Public Key Encryption (PKE is a mechanism used to encrypt the messages by using public key and decrypt the enciphered messages by using private key. Of late, the Attribute-Based Encryption (ABE is an expansion of asymmetric key encryption scheme that allows users to encrypt and decrypt the plaintext messages using the key based on the user’s credentials, called attributes, like social security number, PAN (Permanent Account Number, email ids or Aadhar number etc. Most of the existing ABE schemes rely on the multiple attributes from which the access control policies are derived. These policies define the users’ private keys, required for the decryption process and access to the confidential information. In this paper, we proposed a new attribute based asymmetric cryptosystem that uses the features of both the schemes: PKE and ABE. Here, we used a value of an attribute, personal to the user, for the encryption and the decryption process. This scheme assures that the receiver will only be able to access the secret data if recipient is shared with the valid attribute value. The asymmetric nature is this scheme is based on the concept of p-sylow sub-group assumption. In addition, the randomization factor is used in the encipherment process to strengthen the cipher further. The development of this cryptosystem is an embodiment where the merits of randomized asymmetric encryption technique and the attribute based encryption are integrated to achieve the authentication on top of confidentiality to secure the information transmission over the public networks.

A keyword searchable attribute-based encryption scheme with attribute update for cloud storage.

Science.gov (United States)

Wang, Shangping; Ye, Jian; Zhang, Yaling

2018-01-01

Ciphertext-policy attribute-based encryption (CP-ABE) scheme is a new type of data encryption primitive, which is very suitable for data cloud storage for its fine-grained access control. Keyword-based searchable encryption scheme enables users to quickly find interesting data stored in the cloud server without revealing any information of the searched keywords. In this work, we provide a keyword searchable attribute-based encryption scheme with attribute update for cloud storage, which is a combination of attribute-based encryption scheme and keyword searchable encryption scheme. The new scheme supports the user's attribute update, especially in our new scheme when a user's attribute need to be updated, only the user's secret key related with the attribute need to be updated, while other user's secret key and the ciphertexts related with this attribute need not to be updated with the help of the cloud server. In addition, we outsource the operation with high computation cost to cloud server to reduce the user's computational burden. Moreover, our scheme is proven to be semantic security against chosen ciphertext-policy and chosen plaintext attack in the general bilinear group model. And our scheme is also proven to be semantic security against chosen keyword attack under bilinear Diffie-Hellman (BDH) assumption.

A Price-Based Demand Response Scheme for Discrete Manufacturing in Smart Grids

Directory of Open Access Journals (Sweden)

Zhe Luo

2016-08-01

Full Text Available Demand response (DR is a key technique in smart grid (SG technologies for reducing energy costs and maintaining the stability of electrical grids. Since manufacturing is one of the major consumers of electrical energy, implementing DR in factory energy management systems (FEMSs provides an effective way to manage energy in manufacturing processes. Although previous studies have investigated DR applications in process manufacturing, they were not conducted for discrete manufacturing. In this study, the state-task network (STN model is implemented to represent a discrete manufacturing system. On this basis, a DR scheme with a specific DR algorithm is applied to a typical discrete manufacturing—automobile manufacturing—and operational scenarios are established for the stamping process of the automobile production line. The DR scheme determines the optimal operating points for the stamping process using mixed integer linear programming (MILP. The results show that parts of the electricity demand can be shifted from peak to off-peak periods, reducing a significant overall energy costs without degrading production processes.

On the “Cracking” Scheme in the Paper “A Directional Coupler Attack Against the Kish Key Distribution System” by Gunn, Allison and Abbott

Directory of Open Access Journals (Sweden)

Chen Hsien-Pu

2014-08-01

Full Text Available Recently, Gunn, Allison and Abbott (GAA [http://arxiv.org/pdf/1402.2709v2.pdf] proposed a new scheme to utilize electromagnetic waves for eavesdropping on the Kirchhoff-law-Johnson-noise (KLJN secure key distribution. We proved in a former paper [Fluct. Noise Lett. 13 (2014 1450016] that GAA’s mathematical model is unphysical. Here we analyze GAA’s cracking scheme and show that, in the case of a loss-free cable, it provides less eavesdropping information than in the earlier (Bergou-Scheuer-Yariv mean-square-based attack [Kish LB, Scheuer J, Phys. Lett. A 374:2140-2142 (2010], while it offers no information in the case of a lossy cable. We also investigate GAA’s claim to be experimentally capable of distinguishing—using statistics over a few correlation times only—the distributions of two Gaussian noises with a relative variance difference of less than 10-8. Normally such distinctions would require hundreds of millions of correlations times to be observable. We identify several potential experimental artifacts as results of poor KLJN design, which can lead to GAA’s assertions: deterministic currents due to spurious harmonic components caused by ground loops, DC offset, aliasing, non-Gaussian features including non-linearities and other non-idealities in generators, and the timederivative nature of GAA’s scheme which tends to enhance all of these artifacts.

Decoy-state quantum key distribution with two-way classical postprocessing

International Nuclear Information System (INIS)

Ma Xiongfeng; Fung, C.-H.F.; Chen Kai; Lo, H.-K.; Dupuis, Frederic; Tamaki, Kiyoshi

2006-01-01

Decoy states have recently been proposed as a useful method for substantially improving the performance of quantum key distribution (QKD) protocols when a coherent-state source is used. Previously, data postprocessing schemes based on one-way classical communications were considered for use with decoy states. In this paper, we develop two data postprocessing schemes for the decoy-state method using two-way classical communications. Our numerical simulation (using parameters from a specific QKD experiment as an example) results show that our scheme is able to extend the maximal secure distance from 142 km (using only one-way classical communications with decoy states) to 181 km. The second scheme is able to achieve a 10% greater key generation rate in the whole regime of distances. We conclude that decoy-state QKD with two-way classical postprocessing is of practical interest

Enhanced Key Management Protocols for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Baojiang Cui

2015-01-01

Full Text Available With rapid development and extensive use of wireless sensor networks (WSNs, it is urgent to enhance the security for WSNs, in which key management is an effective way to protect WSNs from various attacks. However, different types of messages exchanged in WSNs typically have different security requirements which cannot be satisfied by a single keying mechanism. In this study, a basic key management protocol is described for WSNs based on four kinds of keys, which can be derived from an initial master key, and an enhanced protocol is proposed based on Diffie-Hellman algorithm. The proposed scheme restricts the adverse security impact of a captured node to the rest of WSNs and meets the requirement of energy efficiency by supporting in-network processing. The master key protection, key revocation mechanism, and the authentication mechanism based on one-way hash function are, respectively, discussed. Finally, the performance of the proposed scheme is analyzed from the aspects of computational efficiency, storage requirement and communication cost, and its antiattack capability in protecting WSNs is discussed under various attack models. In this paper, promising research directions are also discussed.

A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care.

Science.gov (United States)

Das, Ashok Kumar; Goswami, Adrijit

2013-06-01

Connected health care has several applications including telecare medicine information system, personally controlled health records system, and patient monitoring. In such applications, user authentication can ensure the legality of patients. In user authentication for such applications, only the legal user/patient himself/herself is allowed to access the remote server, and no one can trace him/her according to transmitted data. Chang et al. proposed a uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care (Chang et al., J Med Syst 37:9902, 2013). Their scheme uses the user's personal biometrics along with his/her password with the help of the smart card. The user's biometrics is verified using BioHashing. Their scheme is efficient due to usage of one-way hash function and exclusive-or (XOR) operations. In this paper, we show that though their scheme is very efficient, their scheme has several security weaknesses such as (1) it has design flaws in login and authentication phases, (2) it has design flaws in password change phase, (3) it fails to protect privileged insider attack, (4) it fails to protect the man-in-the middle attack, and (5) it fails to provide proper authentication. In order to remedy these security weaknesses in Chang et al.'s scheme, we propose an improvement of their scheme while retaining the original merit of their scheme. We show that our scheme is efficient as compared to Chang et al.'s scheme. Through the security analysis, we show that our scheme is secure against possible attacks. Further, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. In addition, after successful authentication between the user and the server, they establish a secret session key shared between them for future secure communication.

Network-based Arbitrated Quantum Signature Scheme with Graph State

Science.gov (United States)

Ma, Hongling; Li, Fei; Mao, Ningyi; Wang, Yijun; Guo, Ying

2017-08-01

Implementing an arbitrated quantum signature(QAS) through complex networks is an interesting cryptography technology in the literature. In this paper, we propose an arbitrated quantum signature for the multi-user-involved networks, whose topological structures are established by the encoded graph state. The determinative transmission of the shared keys, is enabled by the appropriate stabilizers performed on the graph state. The implementation of this scheme depends on the deterministic distribution of the multi-user-shared graph state on which the encoded message can be processed in signing and verifying phases. There are four parties involved, the signatory Alice, the verifier Bob, the arbitrator Trent and Dealer who assists the legal participants in the signature generation and verification. The security is guaranteed by the entanglement of the encoded graph state which is cooperatively prepared by legal participants in complex quantum networks.

Three-Factor User Authentication and Key Agreement Using Elliptic Curve Cryptosystem in Wireless Sensor Networks.

Science.gov (United States)

Park, YoHan; Park, YoungHo

2016-12-14

Secure communication is a significant issue in wireless sensor networks. User authentication and key agreement are essential for providing a secure system, especially in user-oriented mobile services. It is also necessary to protect the identity of each individual in wireless environments to avoid personal privacy concerns. Many authentication and key agreement schemes utilize a smart card in addition to a password to support security functionalities. However, these schemes often fail to provide security along with privacy. In 2015, Chang et al. analyzed the security vulnerabilities of previous schemes and presented the two-factor authentication scheme that provided user privacy by using dynamic identities. However, when we cryptanalyzed Chang et al.'s scheme, we found that it does not provide sufficient security for wireless sensor networks and fails to provide accurate password updates. This paper proposes a security-enhanced authentication and key agreement scheme to overcome these security weaknesses using biometric information and an elliptic curve cryptosystem. We analyze the security of the proposed scheme against various attacks and check its viability in the mobile environment.

Three-Factor User Authentication and Key Agreement Using Elliptic Curve Cryptosystem in Wireless Sensor Networks

Science.gov (United States)

Park, YoHan; Park, YoungHo

2016-01-01

Secure communication is a significant issue in wireless sensor networks. User authentication and key agreement are essential for providing a secure system, especially in user-oriented mobile services. It is also necessary to protect the identity of each individual in wireless environments to avoid personal privacy concerns. Many authentication and key agreement schemes utilize a smart card in addition to a password to support security functionalities. However, these schemes often fail to provide security along with privacy. In 2015, Chang et al. analyzed the security vulnerabilities of previous schemes and presented the two-factor authentication scheme that provided user privacy by using dynamic identities. However, when we cryptanalyzed Chang et al.’s scheme, we found that it does not provide sufficient security for wireless sensor networks and fails to provide accurate password updates. This paper proposes a security-enhanced authentication and key agreement scheme to overcome these security weaknesses using biometric information and an elliptic curve cryptosystem. We analyze the security of the proposed scheme against various attacks and check its viability in the mobile environment. PMID:27983616

Reinforcement Learning Based Data Self-Destruction Scheme for Secured Data Management

Directory of Open Access Journals (Sweden)

Young Ki Kim

2018-04-01

Full Text Available As technologies and services that leverage cloud computing have evolved, the number of businesses and individuals who use them are increasing rapidly. In the course of using cloud services, as users store and use data that include personal information, research on privacy protection models to protect sensitive information in the cloud environment is becoming more important. As a solution to this problem, a self-destructing scheme has been proposed that prevents the decryption of encrypted user data after a certain period of time using a Distributed Hash Table (DHT network. However, the existing self-destructing scheme does not mention how to set the number of key shares and the threshold value considering the environment of the dynamic DHT network. This paper proposes a method to set the parameters to generate the key shares needed for the self-destructing scheme considering the availability and security of data. The proposed method defines state, action, and reward of the reinforcement learning model based on the similarity of the graph, and applies the self-destructing scheme process by updating the parameter based on the reinforcement learning model. Through the proposed technique, key sharing parameters can be set in consideration of data availability and security in dynamic DHT network environments.

Trojan horse attacks on counterfactual quantum key distribution

Energy Technology Data Exchange (ETDEWEB)

Yang, Xiuqing, E-mail: xqqyang@163.com [School of Science, Beijing Jiaotong University, Beijing 100044 (China); College of Science, Inner Mongolia University of Technology, 010051 Hohhot (China); Wei, Kejin; Ma, Haiqiang [School of Science, Beijing University of Posts and Telecommunications, Beijing 100876 (China); Sun, Shihai, E-mail: shsun@nudt.edu.cn [Department of Physics, National University of Defense Technology, Changsha 410073 (China); Du, Yungang [College of Science, Inner Mongolia University of Technology, 010051 Hohhot (China); Wu, Lingan [Laboratory of Optical Physics, Institute of Physics, Chinese Academy of Sciences, Beijing 100080 (China)

2016-04-22

There has been much interest in “counterfactual quantum cryptography” (T.-G. Noh, 2009 [10]). It seems that the counterfactual quantum key distribution protocol without any photon carrier through the quantum channel provides practical security advantages. However, we show that it is easy to break counterfactual quantum key distribution systems in practical situations. We introduce the two types of Trojan horse attacks that are available for the two-way protocol and become possible for practical counterfactual systems with our eavesdropping schemes. - Highlights: • We find the attacks available for the two-way protocol become possible for the practical counterfactual systems. • It does not require the assumption that it works on the counterfactual systems only in a finite key scenario. • Compared to the other attack models, our scheme is relatively simple for an eavesdropper.

a Thtee-Dimensional Variational Assimilation Scheme for Satellite Aod

Science.gov (United States)

Liang, Y.; Zang, Z.; You, W.

2018-04-01

A three-dimensional variational data assimilation scheme is designed for satellite AOD based on the IMPROVE (Interagency Monitoring of Protected Visual Environments) equation. The observation operator that simulates AOD from the control variables is established by the IMPROVE equation. All of the 16 control variables in the assimilation scheme are the mass concentrations of aerosol species from the Model for Simulation Aerosol Interactions and Chemistry scheme, so as to take advantage of this scheme in providing comprehensive analyses of species concentrations and size distributions as well as be calculating efficiently. The assimilation scheme can save computational resources as the IMPROVE equation is a quadratic equation. A single-point observation experiment shows that the information from the single-point AOD is effectively spread horizontally and vertically.

An efficient and provable secure revocable identity-based encryption scheme.

Directory of Open Access Journals (Sweden)

Changji Wang

Full Text Available Revocation functionality is necessary and crucial to identity-based cryptosystems. Revocable identity-based encryption (RIBE has attracted a lot of attention in recent years, many RIBE schemes have been proposed in the literature but shown to be either insecure or inefficient. In this paper, we propose a new scalable RIBE scheme with decryption key exposure resilience by combining Lewko and Waters' identity-based encryption scheme and complete subtree method, and prove our RIBE scheme to be semantically secure using dual system encryption methodology. Compared to existing scalable and semantically secure RIBE schemes, our proposed RIBE scheme is more efficient in term of ciphertext size, public parameters size and decryption cost at price of a little looser security reduction. To the best of our knowledge, this is the first construction of scalable and semantically secure RIBE scheme with constant size public system parameters.

An improved biometrics-based authentication scheme for telecare medical information systems.

Science.gov (United States)

Guo, Dianli; Wen, Qiaoyan; Li, Wenmin; Zhang, Hua; Jin, Zhengping

2015-03-01

Telecare medical information system (TMIS) offers healthcare delivery services and patients can acquire their desired medical services conveniently through public networks. The protection of patients' privacy and data confidentiality are significant. Very recently, Mishra et al. proposed a biometrics-based authentication scheme for telecare medical information system. Their scheme can protect user privacy and is believed to resist a range of network attacks. In this paper, we analyze Mishra et al.'s scheme and identify that their scheme is insecure to against known session key attack and impersonation attack. Thereby, we present a modified biometrics-based authentication scheme for TMIS to eliminate the aforementioned faults. Besides, we demonstrate the completeness of the proposed scheme through BAN-logic. Compared to the related schemes, our protocol can provide stronger security and it is more practical.

Quantum Key Distribution Using Four-Qubit W State

International Nuclear Information System (INIS)

Cai Haijing; Song Heshan

2006-01-01

A new theoretical quantum key distribution scheme based on entanglement swapping is proposed, where four-qubit symmetric W state functions as quantum channel. It is shown that two legitimate users can secretly share a series of key bits by using Bell-state measurements and classical communication.

Collaboration: the Key to Establishing Community Networks in Regional Australia

Directory of Open Access Journals (Sweden)

Wal Taylor

2002-01-01

Full Text Available Despite the promise of community involvement, cohesion and empowerment offered by local community networks (CN using Internet Technologies, few communities in regional Australia have been able to demonstrate sustainable and vibrant CN which demonstrate increased social, cultural or self-reliance capital. The Faculty of Informatics and Communication at Central Queensland University (CQU and a local council have established a formal alliance to establish the COIN (Community Informatics projects to research issues around this topic. This paper presents the initial findings from this work and draws conclusions for possible comparison with other international experience. The research focuses attention on community understanding and cohesion, local government priorities in a community with relatively low diffusion of the Internet and the competing demands in a regional university between traditional service provision in an increasingly competitive market and the needs of establishing outreach research for altruistic, industry establishment and commercial rationale.

Image encryption using fingerprint as key based on phase retrieval algorithm and public key cryptography

Science.gov (United States)

Zhao, Tieyu; Ran, Qiwen; Yuan, Lin; Chi, Yingying; Ma, Jing

2015-09-01

In this paper, a novel image encryption system with fingerprint used as a secret key is proposed based on the phase retrieval algorithm and RSA public key algorithm. In the system, the encryption keys include the fingerprint and the public key of RSA algorithm, while the decryption keys are the fingerprint and the private key of RSA algorithm. If the users share the fingerprint, then the system will meet the basic agreement of asymmetric cryptography. The system is also applicable for the information authentication. The fingerprint as secret key is used in both the encryption and decryption processes so that the receiver can identify the authenticity of the ciphertext by using the fingerprint in decryption process. Finally, the simulation results show the validity of the encryption scheme and the high robustness against attacks based on the phase retrieval technique.

BARI+: a biometric based distributed key management approach for wireless body area networks.

Science.gov (United States)

Muhammad, Khaliq-ur-Rahman Raazi Syed; Lee, Heejo; Lee, Sungyoung; Lee, Young-Koo

2010-01-01

Wireless body area networks (WBAN) consist of resource constrained sensing devices just like other wireless sensor networks (WSN). However, they differ from WSN in topology, scale and security requirements. Due to these differences, key management schemes designed for WSN are inefficient and unnecessarily complex when applied to WBAN. Considering the key management issue, WBAN are also different from WPAN because WBAN can use random biometric measurements as keys. We highlight the differences between WSN and WBAN and propose an efficient key management scheme, which makes use of biometrics and is specifically designed for WBAN domain.

Performance investigation of advanced adsorption desalination cycle with condenser-evaporator heat recovery scheme

KAUST Repository

Thu, Kyaw; Kim, Youngdeuk; Myat, Aung; Chakraborty, Anutosh; Ng, K. C.

2013-01-01

Energy or heat recovery schemes are keys for the performance improvement of any heat-activated cycles such as the absorption and adsorption cycles. We present two innovative heat recovery schemes between the condensing and evaporating units

An Implicit Scheme of Lattice Boltzmann Method for Sine-Gordon Equation

International Nuclear Information System (INIS)

Hui-Lin, Lai; Chang-Feng, Ma

2008-01-01

We establish an implicit scheme of lattice Boltzmann method for simulating the sine-Gordon equation, which can be transformed into the explicit one, so the computation of the scheme is simple. Moreover, the parameter θ of the implicit scheme is independent of the relaxation time, which makes the model more flexible. The numerical results show that this method is very effective. (fundamental areas of phenomenology (including applications))

A New Proxy Electronic Voting Scheme Achieved by Six-Particle Entangled States

Science.gov (United States)

Cao, Hai-Jing; Ding, Li-Yuan; Jiang, Xiu-Li; Li, Peng-Fei

2018-03-01

In this paper, we use quantum proxy signature to construct a new secret electronic voting scheme. In our scheme, six particles entangled states function as quantum channels. The voter Alice, the Vote Management Center Bob, the scrutineer Charlie only perform two particles measurements on the Bell bases to realize the electronic voting process. So the scheme reduces the technical difficulty and increases operation efficiency. We use quantum key distribution and one-time pad to guarantee its unconditional security. The significant advantage of our scheme is that transmitted information capacity is twice as much as the capacity of other schemes.

Additive operator-difference schemes splitting schemes

CERN Document Server

Vabishchevich, Petr N

2013-01-01

Applied mathematical modeling isconcerned with solving unsteady problems. This bookshows how toconstruct additive difference schemes to solve approximately unsteady multi-dimensional problems for PDEs. Two classes of schemes are highlighted: methods of splitting with respect to spatial variables (alternating direction methods) and schemes of splitting into physical processes. Also regionally additive schemes (domain decomposition methods)and unconditionally stable additive schemes of multi-component splitting are considered for evolutionary equations of first and second order as well as for sy

Secure privacy-preserving biometric authentication scheme for telecare medicine information systems.

Science.gov (United States)

Li, Xuelei; Wen, Qiaoyan; Li, Wenmin; Zhang, Hua; Jin, Zhengping

2014-11-01

Healthcare delivery services via telecare medicine information systems (TMIS) can help patients to obtain their desired telemedicine services conveniently. However, information security and privacy protection are important issues and crucial challenges in healthcare information systems, where only authorized patients and doctors can employ telecare medicine facilities and access electronic medical records. Therefore, a secure authentication scheme is urgently required to achieve the goals of entity authentication, data confidentiality and privacy protection. This paper investigates a new biometric authentication with key agreement scheme, which focuses on patient privacy and medical data confidentiality in TMIS. The new scheme employs hash function, fuzzy extractor, nonce and authenticated Diffie-Hellman key agreement as primitives. It provides patient privacy protection, e.g., hiding identity from being theft and tracked by unauthorized participant, and preserving password and biometric template from being compromised by trustless servers. Moreover, key agreement supports secure transmission by symmetric encryption to protect patient's medical data from being leaked. Finally, the analysis shows that our proposal provides more security and privacy protection for TMIS.

Location-Aware Dynamic Session-Key Management for Grid-Based Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

I-Hsien Lin

2010-08-01

Full Text Available Security is a critical issue for sensor networks used in hostile environments. When wireless sensor nodes in a wireless sensor network are distributed in an insecure hostile environment, the sensor nodes must be protected: a secret key must be used to protect the nodes transmitting messages. If the nodes are not protected and become compromised, many types of attacks against the network may result. Such is the case with existing schemes, which are vulnerable to attacks because they mostly provide a hop-by-hop paradigm, which is insufficient to defend against known attacks. We propose a location-aware dynamic session-key management protocol for grid-based wireless sensor networks. The proposed protocol improves the security of a secret key. The proposed scheme also includes a key that is dynamically updated. This dynamic update can lower the probability of the key being guessed correctly. Thus currently known attacks can be defended. By utilizing the local information, the proposed scheme can also limit the flooding region in order to reduce the energy that is consumed in discovering routing paths.

Symmetric Key Authentication Services Revisited

NARCIS (Netherlands)

Crispo, B.; Popescu, B.C.; Tanenbaum, A.S.

2004-01-01

Most of the symmetric key authentication schemes deployed today are based on principles introduced by Needham and Schroeder [15] more than twenty years ago. However, since then, the computing environment has evolved from a LAN-based client-server world to include new paradigms, including wide area

Long-distance quantum key distribution with imperfect devices

International Nuclear Information System (INIS)

Lo Piparo, Nicoló; Razavi, Mohsen

2014-01-01

Quantum key distribution over probabilistic quantum repeaters is addressed. We compare, under practical assumptions, two such schemes in terms of their secure key generation rate per memory, R QKD . The two schemes under investigation are the one proposed by Duan et al. in [Nat. 414, 413 (2001)] and that of Sangouard et al. proposed in [Phys. Rev. A 76, 050301 (2007)]. We consider various sources of imperfections in the latter protocol, such as a nonzero double-photon probability for the source, dark count per pulse, channel loss and inefficiencies in photodetectors and memories, to find the rate for different nesting levels. We determine the maximum value of the double-photon probability beyond which it is not possible to share a secret key anymore. We find the crossover distance for up to three nesting levels. We finally compare the two protocols

Renewing membership in three community-based health insurance schemes in rural India

NARCIS (Netherlands)

P. Panda (Pradeep); A. Chakraborty (Arpita); W.A. Raza (Wameq); A.S. Bedi (Arjun Singh)

2015-01-01

textabstractLow renewal rate is a key challenge facing the sustainability of Community-based Health Insurance (CBHI) schemes. While there is a large literature on initial enrolment into such schemes, there is limited evidence on the factors that impede renewal. This paper uses longitudinal data to

A semi-automatic 2D-to-3D video conversion with adaptive key-frame selection

Science.gov (United States)

Ju, Kuanyu; Xiong, Hongkai

2014-11-01

To compensate the deficit of 3D content, 2D to 3D video conversion (2D-to-3D) has recently attracted more attention from both industrial and academic communities. The semi-automatic 2D-to-3D conversion which estimates corresponding depth of non-key-frames through key-frames is more desirable owing to its advantage of balancing labor cost and 3D effects. The location of key-frames plays a role on quality of depth propagation. This paper proposes a semi-automatic 2D-to-3D scheme with adaptive key-frame selection to keep temporal continuity more reliable and reduce the depth propagation errors caused by occlusion. The potential key-frames would be localized in terms of clustered color variation and motion intensity. The distance of key-frame interval is also taken into account to keep the accumulated propagation errors under control and guarantee minimal user interaction. Once their depth maps are aligned with user interaction, the non-key-frames depth maps would be automatically propagated by shifted bilateral filtering. Considering that depth of objects may change due to the objects motion or camera zoom in/out effect, a bi-directional depth propagation scheme is adopted where a non-key frame is interpolated from two adjacent key frames. The experimental results show that the proposed scheme has better performance than existing 2D-to-3D scheme with fixed key-frame interval.

BARI+: A Biometric Based Distributed Key Management Approach for Wireless Body Area Networks

Directory of Open Access Journals (Sweden)

Syed Muhammad Khaliq-ur-Rahman Raazi

2010-04-01

Full Text Available Wireless body area networks (WBAN consist of resource constrained sensing devices just like other wireless sensor networks (WSN. However, they differ from WSN in topology, scale and security requirements. Due to these differences, key management schemes designed for WSN are inefficient and unnecessarily complex when applied to WBAN. Considering the key management issue, WBAN are also different from WPAN because WBAN can use random biometric measurements as keys. We highlight the differences between WSN and WBAN and propose an efficient key management scheme, which makes use of biometrics and is specifically designed for WBAN domain.

Security bound of two-basis quantum-key-distribution protocols using qudits

International Nuclear Information System (INIS)

Nikolopoulos, Georgios M.; Alber, Gernot

2005-01-01

We investigate the security bounds of quantum-cryptographic protocols using d-level systems. In particular, we focus on schemes that use two mutually unbiased bases, thus extending the Bennett-Brassard 1984 quantum-key-distribution scheme to higher dimensions. Under the assumption of general coherent attacks, we derive an analytic expression for the ultimate upper security bound of such quantum-cryptography schemes. This bound is well below the predictions of optimal cloning machines. The possibility of extraction of a secret key beyond entanglement distillation is discussed. In the case of qutrits we argue that any eavesdropping strategy is equivalent to a symmetric one. For higher dimensions such an equivalence is generally no longer valid

On reciprocal Baecklund transformations of inverse scattering schemes

International Nuclear Information System (INIS)

Rogers, C.; Wong, P.

1984-01-01

The notion of reciprocally related inverse scattering schemes is introduced and is shown to be a key component in the link between the AKNS and WKI schemes. Reciprocal auto-Baecklund transformations are represented both for a generalised Harry-Dym equation and an equation descriptive of nonlinear oscillation of elastic beams. Further, the N-loop soliton solution of the KIW equation is generated in a convenient parametric form via reciprocal Baecklund transformations. Finally, an important reduction to canonical spectral form is shown to be a reciprocal transformation. (Auth.)

Random-Resistor-Random-Temperature Kirchhoff-Law-Johnson-Noise (RRRT-KLJN Key Exchange

Directory of Open Access Journals (Sweden)

Kish Laszlo B.

2016-03-01

Full Text Available We introduce two new Kirchhoff-law-Johnson-noise (KLJN secure key distribution schemes which are generalizations of the original KLJN scheme. The first of these, the Random-Resistor (RR- KLJN scheme, uses random resistors with values chosen from a quasi-continuum set. It is well-known since the creation of the KLJN concept that such a system could work in cryptography, because Alice and Bob can calculate the unknown resistance value from measurements, but the RR-KLJN system has not been addressed in prior publications since it was considered impractical. The reason for discussing it now is the second scheme, the Random Resistor Random Temperature (RRRT- KLJN key exchange, inspired by a recent paper of Vadai, Mingesz and Gingl, wherein security was shown to be maintained at non-zero power flow. In the RRRT-KLJN secure key exchange scheme, both the resistances and their temperatures are continuum random variables. We prove that the security of the RRRT-KLJN scheme can prevail at a non-zero power flow, and thus the physical law guaranteeing security is not the Second Law of Thermodynamics but the Fluctuation-Dissipation Theorem. Alice and Bob know their own resistances and temperatures and can calculate the resistance and temperature values at the other end of the communication channel from measured voltage, current and power-flow data in the wire. However, Eve cannot determine these values because, for her, there are four unknown quantities while she can set up only three equations. The RRRT-KLJN scheme has several advantages and makes all former attacks on the KLJN scheme invalid or incomplete.

An enhanced biometric-based authentication scheme for telecare medicine information systems using elliptic curve cryptosystem.

Science.gov (United States)

Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Yang, Yixian

2015-03-01

The telecare medical information systems (TMISs) enable patients to conveniently enjoy telecare services at home. The protection of patient's privacy is a key issue due to the openness of communication environment. Authentication as a typical approach is adopted to guarantee confidential and authorized interaction between the patient and remote server. In order to achieve the goals, numerous remote authentication schemes based on cryptography have been presented. Recently, Arshad et al. (J Med Syst 38(12): 2014) presented a secure and efficient three-factor authenticated key exchange scheme to remedy the weaknesses of Tan et al.'s scheme (J Med Syst 38(3): 2014). In this paper, we found that once a successful off-line password attack that results in an adversary could impersonate any user of the system in Arshad et al.'s scheme. In order to thwart these security attacks, an enhanced biometric and smart card based remote authentication scheme for TMISs is proposed. In addition, the BAN logic is applied to demonstrate the completeness of the enhanced scheme. Security and performance analyses show that our enhanced scheme satisfies more security properties and less computational cost compared with previously proposed schemes.

Forcing scheme in pseudopotential lattice Boltzmann model for multiphase flows.

Science.gov (United States)

Li, Q; Luo, K H; Li, X J

2012-07-01

The pseudopotential lattice Boltzmann (LB) model is a widely used multiphase model in the LB community. In this model, an interaction force, which is usually implemented via a forcing scheme, is employed to mimic the molecular interactions that cause phase segregation. The forcing scheme is therefore expected to play an important role in the pseudoepotential LB model. In this paper, we aim to address some key issues about forcing schemes in the pseudopotential LB model. First, theoretical and numerical analyses will be made for Shan-Chen's forcing scheme [Shan and Chen, Phys. Rev. E 47, 1815 (1993)] and the exact-difference-method forcing scheme [Kupershtokh et al., Comput. Math. Appl. 58, 965 (2009)]. The nature of these two schemes and their recovered macroscopic equations will be shown. Second, through a theoretical analysis, we will reveal the physics behind the phenomenon that different forcing schemes exhibit different performances in the pseudopotential LB model. Moreover, based on the analysis, we will present an improved forcing scheme and numerically demonstrate that the improved scheme can be treated as an alternative approach to achieving thermodynamic consistency in the pseudopotential LB model.

Boudot's Range-Bounded Commitment Scheme Revisited

Science.gov (United States)

Cao, Zhengjun; Liu, Lihua

Checking whether a committed integer lies in a specific interval has many cryptographic applications. In Eurocrypt'98, Chan et al. proposed an instantiation (CFT Proof). Based on CFT, Boudot presented a popular range-bounded commitment scheme in Eurocrypt'2000. Both CFT Proof and Boudot Proof are based on the encryption E(x, r)=g^xh^r mod n, where n is an RSA modulus whose factorization is unknown by the prover. They did not use a single base as usual. Thus an increase in cost occurs. In this paper, we show that it suffices to adopt a single base. The cost of the modified Boudot Proof is about half of that of the original scheme. Moreover, the key restriction in the original scheme, i.e., both the discrete logarithm of g in base h and the discrete logarithm of h in base g are unknown by the prover, which is a potential menace to the Boudot Proof, is definitely removed.

How update schemes influence crowd simulations

International Nuclear Information System (INIS)

Seitz, Michael J; Köster, Gerta

2014-01-01

Time discretization is a key modeling aspect of dynamic computer simulations. In current pedestrian motion models based on discrete events, e.g. cellular automata and the Optimal Steps Model, fixed-order sequential updates and shuffle updates are prevalent. We propose to use event-driven updates that process events in the order they occur, and thus better match natural movement. In addition, we present a parallel update with collision detection and resolution for situations where computational speed is crucial. Two simulation studies serve to demonstrate the practical impact of the choice of update scheme. Not only do density-speed relations differ, but there is a statistically significant effect on evacuation times. Fixed-order sequential and random shuffle updates with a short update period come close to event-driven updates. The parallel update scheme overestimates evacuation times. All schemes can be employed for arbitrary simulation models with discrete events, such as car traffic or animal behavior. (paper)

Improved two-way six-state protocol for quantum key distribution

International Nuclear Information System (INIS)

Shaari, J.S.; Bahari, Asma' Ahmad

2012-01-01

A generalized version for a qubit based two-way quantum key distribution scheme was first proposed in the paper [Phys. Lett. A 358 (2006) 85] capitalizing on the six quantum states derived from three mutually unbiased bases. While boasting of a higher level of security, the protocol was not designed for ease of practical implementation. In this work, we propose modifications to the protocol, resulting not only in improved security but also in a more efficient and practical setup. We provide comparisons for calculated secure key rates for the protocols in noisy and lossy channels. -- Highlights: ► Modification for efficient generalized two-way QKD is proposed. ► Calculations include secure key rates in noisy and lossy channels for selected attack scenario. ► Resulting proposal provides for higher secure key rate in selected attack scheme.

Improved two-way six-state protocol for quantum key distribution

Energy Technology Data Exchange (ETDEWEB)

Shaari, J.S., E-mail: jesni_shamsul@yahoo.com [Faculty of Science, International Islamic University Malaysia (IIUM), Jalan Sultan Ahmad Shah, Bandar Indera Mahkota, 25200 Kuantan, Pahang (Malaysia); Bahari, Asma' Ahmad [Faculty of Science, International Islamic University Malaysia (IIUM), Jalan Sultan Ahmad Shah, Bandar Indera Mahkota, 25200 Kuantan, Pahang (Malaysia)

2012-10-01

A generalized version for a qubit based two-way quantum key distribution scheme was first proposed in the paper [Phys. Lett. A 358 (2006) 85] capitalizing on the six quantum states derived from three mutually unbiased bases. While boasting of a higher level of security, the protocol was not designed for ease of practical implementation. In this work, we propose modifications to the protocol, resulting not only in improved security but also in a more efficient and practical setup. We provide comparisons for calculated secure key rates for the protocols in noisy and lossy channels. -- Highlights: ► Modification for efficient generalized two-way QKD is proposed. ► Calculations include secure key rates in noisy and lossy channels for selected attack scenario. ► Resulting proposal provides for higher secure key rate in selected attack scheme.

A chaotic cryptography scheme for generating short ciphertext

International Nuclear Information System (INIS)

Wong, Kwok-Wo; Ho, Sun-Wah; Yung, Ching-Ki

2003-01-01

Recently, we have proposed a chaotic cryptographic scheme based on iterating the logistic map and updating the look-up table dynamically. The encryption and decryption processes become faster as the number of iterations required is reduced. However, the length of the ciphertext is still at least twice that of the original message. This may result in huge ciphertext files and hence long transmission time when encrypting large multimedia files. In this Letter, we modify the chaotic cryptographic scheme proposed previously so as to reduce the length of the ciphertext to the level slightly longer than that of the original message. Moreover, a session key is introduced in the cryptographic scheme so that the ciphertext length for a given message is not fixed

Detector decoy quantum key distribution

International Nuclear Information System (INIS)

Moroder, Tobias; Luetkenhaus, Norbert; Curty, Marcos

2009-01-01

Photon number resolving detectors can enhance the performance of many practical quantum cryptographic setups. In this paper, we employ a simple method to estimate the statistics provided by such a photon number resolving detector using only a threshold detector together with a variable attenuator. This idea is similar in spirit to that of the decoy state technique, and is especially suited to those scenarios where only a few parameters of the photon number statistics of the incoming signals have to be estimated. As an illustration of the potential applicability of the method in quantum communication protocols, we use it to prove security of an entanglement-based quantum key distribution scheme with an untrusted source without the need for a squash model and by solely using this extra idea. In this sense, this detector decoy method can be seen as a different conceptual approach to adapt a single-photon security proof to its physical, full optical implementation. We show that in this scenario, the legitimate users can now even discard the double click events from the raw key data without compromising the security of the scheme, and we present simulations on the performance of the BB84 and the 6-state quantum key distribution protocols.

A secure transmission scheme of streaming media based on the encrypted control message

Science.gov (United States)

Li, Bing; Jin, Zhigang; Shu, Yantai; Yu, Li

2007-09-01

As the use of streaming media applications increased dramatically in recent years, streaming media security becomes an important presumption, protecting the privacy. This paper proposes a new encryption scheme in view of characteristics of streaming media and the disadvantage of the living method: encrypt the control message in the streaming media with the high security lever and permute and confuse the data which is non control message according to the corresponding control message. Here the so-called control message refers to the key data of the streaming media, including the streaming media header and the header of the video frame, and the seed key. We encrypt the control message using the public key encryption algorithm which can provide high security lever, such as RSA. At the same time we make use of the seed key to generate key stream, from which the permutation list P responding to GOP (group of picture) is derived. The plain text of the non-control message XORs the key stream and gets the middle cipher text. And then obtained one is permutated according to P. In contrast the decryption process is the inverse process of the above. We have set up a testbed for the above scheme and found our scheme is six to eight times faster than the conventional method. It can be applied not only between PCs but also between handheld devices.

Design of an image encryption scheme based on a multiple chaotic map

Science.gov (United States)

Tong, Xiao-Jun

2013-07-01

In order to solve the problem that chaos is degenerated in limited computer precision and Cat map is the small key space, this paper presents a chaotic map based on topological conjugacy and the chaotic characteristics are proved by Devaney definition. In order to produce a large key space, a Cat map named block Cat map is also designed for permutation process based on multiple-dimensional chaotic maps. The image encryption algorithm is based on permutation-substitution, and each key is controlled by different chaotic maps. The entropy analysis, differential analysis, weak-keys analysis, statistical analysis, cipher random analysis, and cipher sensibility analysis depending on key and plaintext are introduced to test the security of the new image encryption scheme. Through the comparison to the proposed scheme with AES, DES and Logistic encryption methods, we come to the conclusion that the image encryption method solves the problem of low precision of one dimensional chaotic function and has higher speed and higher security.

Parametric Human Body Reconstruction Based on Sparse Key Points.

Science.gov (United States)

Cheng, Ke-Li; Tong, Ruo-Feng; Tang, Min; Qian, Jing-Ye; Sarkis, Michel

2016-11-01

We propose an automatic parametric human body reconstruction algorithm which can efficiently construct a model using a single Kinect sensor. A user needs to stand still in front of the sensor for a couple of seconds to measure the range data. The user's body shape and pose will then be automatically constructed in several seconds. Traditional methods optimize dense correspondences between range data and meshes. In contrast, our proposed scheme relies on sparse key points for the reconstruction. It employs regression to find the corresponding key points between the scanned range data and some annotated training data. We design two kinds of feature descriptors as well as corresponding regression stages to make the regression robust and accurate. Our scheme follows with dense refinement where a pre-factorization method is applied to improve the computational efficiency. Compared with other methods, our scheme achieves similar reconstruction accuracy but significantly reduces runtime.

Code-Hopping Based Transmission Scheme for Wireless Physical-Layer Security

Directory of Open Access Journals (Sweden)

Liuguo Yin

2018-01-01

Full Text Available Due to the broadcast and time-varying natures of wireless channels, traditional communication systems that provide data encryption at the application layer suffer many challenges such as error diffusion. In this paper, we propose a code-hopping based secrecy transmission scheme that uses dynamic nonsystematic low-density parity-check (LDPC codes and automatic repeat-request (ARQ mechanism to jointly encode and encrypt source messages at the physical layer. In this scheme, secret keys at the transmitter and the legitimate receiver are generated dynamically upon the source messages that have been transmitted successfully. During the transmission, each source message is jointly encoded and encrypted by a parity-check matrix, which is dynamically selected from a set of LDPC matrices based on the shared dynamic secret key. As for the eavesdropper (Eve, the uncorrectable decoding errors prevent her from generating the same secret key as the legitimate parties. Thus she cannot select the correct LDPC matrix to recover the source message. We demonstrate that our scheme can be compatible with traditional cryptosystems and enhance the security without sacrificing the error-correction performance. Numerical results show that the bit error rate (BER of Eve approaches 0.5 as the number of transmitted source messages increases and the security gap of the system is small.

Practical and Secure Recovery of Disk Encryption Key Using Smart Cards

Science.gov (United States)

Omote, Kazumasa; Kato, Kazuhiko

In key-recovery methods using smart cards, a user can recover the disk encryption key in cooperation with the system administrator, even if the user has lost the smart card including the disk encryption key. However, the disk encryption key is known to the system administrator in advance in most key-recovery methods. Hence user's disk data may be read by the system administrator. Furthermore, if the disk encryption key is not known to the system administrator in advance, it is difficult to achieve a key authentication. In this paper, we propose a scheme which enables to recover the disk encryption key when the user's smart card is lost. In our scheme, the disk encryption key is not preserved anywhere and then the system administrator cannot know the key before key-recovery phase. Only someone who has a user's smart card and knows the user's password can decrypt that user's disk data. Furthermore, we measured the processing time required for user authentication in an experimental environment using a virtual machine monitor. As a result, we found that this processing time is short enough to be practical.

Quality Assurance in Engineering Education: Comparison of Accreditation Schemes and ISO 9001.

Science.gov (United States)

Karapetrovic, Stanislav; Rajamani, Divakar; Willborn, Walter

1998-01-01

Outlines quality assurance schemes for distance-education technologies that are based on the ISO 9000 family of international quality-assurance standards. Argues that engineering faculties can establish such systems on the basis of and integrated with accreditation schemes. Contains 34 references. (DDR)

Non-interactive and Reusable Non-malleable Commitment Schemes

DEFF Research Database (Denmark)

Damgård, Ivan Bjerre; Groth, Jens

2003-01-01

version based on the strong RSA assumption. For UC commitments, we show that existence of a UC commitment scheme in the CRS model (interactive or not) implies key exchange and - for a uniform reference string - even implies oblivious transfer. This indicates that UC commitment is a strictly stronger...... primitive than NM. Finally, we show that our strong RSA based construction can be used to improve the most efficient known UC commitment scheme so it can work with a CRS of size independent of the number of players, without loss of efficiency....

Small Private Key PKS on an Embedded Microprocessor

OpenAIRE

Seo, Hwajeong; Kim, Jihyun; Choi, Jongseok; Park, Taehwan; Liu, Zhe; Kim, Howon

2014-01-01

Multivariate quadratic (MQ) cryptography requires the use of long public and private keys to ensure a sufficient security level, but this is not favorable to embedded systems, which have limited system resources. Recently, various approaches to MQ cryptography using reduced public keys have been studied. As a result of this, at CHES2011 (Cryptographic Hardware and Embedded Systems, 2011), a small public key MQ scheme, was proposed, and its feasible implementation on an embedded microprocessor...

Chaotic maps and biometrics-based anonymous three-party authenticated key exchange protocol without using passwords

International Nuclear Information System (INIS)

Xie Qi; Hu Bin; Chen Ke-Fei; Liu Wen-Hao; Tan Xiao

2015-01-01

In three-party password authenticated key exchange (AKE) protocol, since two users use their passwords to establish a secure session key over an insecure communication channel with the help of the trusted server, such a protocol may suffer the password guessing attacks and the server has to maintain the password table. To eliminate the shortages of password-based AKE protocol, very recently, according to chaotic maps, Lee et al. [2015 Nonlinear Dyn. 79 2485] proposed a first three-party-authenticated key exchange scheme without using passwords, and claimed its security by providing a well-organized BAN logic test. Unfortunately, their protocol cannot resist impersonation attack, which is demonstrated in the present paper. To overcome their security weakness, by using chaotic maps, we propose a biometrics-based anonymous three-party AKE protocol with the same advantages. Further, we use the pi calculus-based formal verification tool ProVerif to show that our AKE protocol achieves authentication, security and anonymity, and an acceptable efficiency. (paper)

Biometrics based key management of double random phase encoding scheme using error control codes

Science.gov (United States)

Saini, Nirmala; Sinha, Aloka

2013-08-01

In this paper, an optical security system has been proposed in which key of the double random phase encoding technique is linked to the biometrics of the user to make it user specific. The error in recognition due to the biometric variation is corrected by encoding the key using the BCH code. A user specific shuffling key is used to increase the separation between genuine and impostor Hamming distance distribution. This shuffling key is then further secured using the RSA public key encryption to enhance the security of the system. XOR operation is performed between the encoded key and the feature vector obtained from the biometrics. The RSA encoded shuffling key and the data obtained from the XOR operation are stored into a token. The main advantage of the present technique is that the key retrieval is possible only in the simultaneous presence of the token and the biometrics of the user which not only authenticates the presence of the original input but also secures the key of the system. Computational experiments showed the effectiveness of the proposed technique for key retrieval in the decryption process by using the live biometrics of the user.

Information Security Scheme Based on Computational Temporal Ghost Imaging.

Science.gov (United States)

Jiang, Shan; Wang, Yurong; Long, Tao; Meng, Xiangfeng; Yang, Xiulun; Shu, Rong; Sun, Baoqing

2017-08-09

An information security scheme based on computational temporal ghost imaging is proposed. A sequence of independent 2D random binary patterns are used as encryption key to multiply with the 1D data stream. The cipher text is obtained by summing the weighted encryption key. The decryption process can be realized by correlation measurement between the encrypted information and the encryption key. Due to the instinct high-level randomness of the key, the security of this method is greatly guaranteed. The feasibility of this method and robustness against both occlusion and additional noise attacks are discussed with simulation, respectively.

Chaos-based partial image encryption scheme based on linear fractional and lifting wavelet transforms

Science.gov (United States)

Belazi, Akram; Abd El-Latif, Ahmed A.; Diaconu, Adrian-Viorel; Rhouma, Rhouma; Belghith, Safya

2017-01-01

In this paper, a new chaos-based partial image encryption scheme based on Substitution-boxes (S-box) constructed by chaotic system and Linear Fractional Transform (LFT) is proposed. It encrypts only the requisite parts of the sensitive information in Lifting-Wavelet Transform (LWT) frequency domain based on hybrid of chaotic maps and a new S-box. In the proposed encryption scheme, the characteristics of confusion and diffusion are accomplished in three phases: block permutation, substitution, and diffusion. Then, we used dynamic keys instead of fixed keys used in other approaches, to control the encryption process and make any attack impossible. The new S-box was constructed by mixing of chaotic map and LFT to insure the high confidentiality in the inner encryption of the proposed approach. In addition, the hybrid compound of S-box and chaotic systems strengthened the whole encryption performance and enlarged the key space required to resist the brute force attacks. Extensive experiments were conducted to evaluate the security and efficiency of the proposed approach. In comparison with previous schemes, the proposed cryptosystem scheme showed high performances and great potential for prominent prevalence in cryptographic applications.

Quantum dual signature scheme based on coherent states with entanglement swapping

International Nuclear Information System (INIS)

Liu Jia-Li; Shi Rong-Hua; Shi Jin-Jing; Lv Ge-Li; Guo Ying

2016-01-01

A novel quantum dual signature scheme, which combines two signed messages expected to be sent to two diverse receivers Bob and Charlie, is designed by applying entanglement swapping with coherent states. The signatory Alice signs two different messages with unitary operations (corresponding to the secret keys) and applies entanglement swapping to generate a quantum dual signature. The dual signature is firstly sent to the verifier Bob who extracts and verifies the signature of one message and transmits the rest of the dual signature to the verifier Charlie who verifies the signature of the other message. The transmission of the dual signature is realized with quantum teleportation of coherent states. The analysis shows that the security of secret keys and the security criteria of the signature protocol can be greatly guaranteed. An extensional multi-party quantum dual signature scheme which considers the case with more than three participants is also proposed in this paper and this scheme can remain secure. The proposed schemes are completely suited for the quantum communication network including multiple participants and can be applied to the e-commerce system which requires a secure payment among the customer, business and bank. (paper)

A General Construction of IND-CCA2 Secure Public Key Encryption

DEFF Research Database (Denmark)

Kiltz, Eike; Malone-Lee, John

2003-01-01

We propose a general construction for public key encryption schemes that are IND-CCA2 secure in the random oracle model. We show that the scheme proposed in [1, 2] fits our general framework and moreover that our method of analysis leads to a more efficient security reduction....

Performance comparison of binary modulation schemes for visible light communication

KAUST Repository

Park, Kihong

2015-09-11

In this paper, we investigate the power spectral density of several binary modulation schemes including variable on-off keying, variable pulse position modulation, and pulse dual slope modulation which were previously proposed for visible light communication with dimming control. We also propose a novel slope-based modulation called differential chip slope modulation (DCSM) and develop a chip-based hard-decision receiver to demodulate the resulting signal, detect the chip sequence, and decode the input bit sequence. We show that the DCSM scheme can exploit spectrum density more efficiently than the reference schemes while providing an error rate performance comparable to them. © 2015 IEEE.

Optimal attacks on qubit-based Quantum Key Recycling

Science.gov (United States)

Leermakers, Daan; Škorić, Boris

2018-03-01

Quantum Key Recycling (QKR) is a quantum cryptographic primitive that allows one to reuse keys in an unconditionally secure way. By removing the need to repeatedly generate new keys, it improves communication efficiency. Škorić and de Vries recently proposed a QKR scheme based on 8-state encoding (four bases). It does not require quantum computers for encryption/decryption but only single-qubit operations. We provide a missing ingredient in the security analysis of this scheme in the case of noisy channels: accurate upper bounds on the required amount of privacy amplification. We determine optimal attacks against the message and against the key, for 8-state encoding as well as 4-state and 6-state conjugate coding. We provide results in terms of min-entropy loss as well as accessible (Shannon) information. We show that the Shannon entropy analysis for 8-state encoding reduces to the analysis of quantum key distribution, whereas 4-state and 6-state suffer from additional leaks that make them less effective. From the optimal attacks we compute the required amount of privacy amplification and hence the achievable communication rate (useful information per qubit) of qubit-based QKR. Overall, 8-state encoding yields the highest communication rates.

Secure Hybrid Encryption from Weakened Key Encapsulation

NARCIS (Netherlands)

D. Hofheinz (Dennis); E. Kiltz (Eike); A. Menezes

2007-01-01

textabstractWe put forward a new paradigm for building hybrid encryption schemes from constrained chosen-ciphertext secure (CCCA) key-encapsulation mechanisms (KEMs) plus authenticated symmetric encryption. Constrained chosen-ciphertext security is a new security notion for KEMs that we propose. It

Separable Reversible Data Hiding in Encrypted Signals with Public Key Cryptography

Directory of Open Access Journals (Sweden)

Wei-Liang Tai

2018-01-01

Full Text Available We propose separable reversible data hiding in an encrypted signal with public key cryptography. In our separable framework, the image owner encrypts the original image by using a public key. On receipt of the encrypted signal, the data-hider embeds data in it by using a data-hiding key. The image decryption and data extraction are independent and separable at the receiver side. Even though the receiver, who has only the data-hiding key, does not learn about the decrypted content, he can extract data from the received marked encrypted signal. However, the receiver who has only the private key cannot extract the embedded data, but he can directly decrypt the received marked encrypted signal to obtain the original image without any error. Compared with other schemes using a cipher stream to encrypt the image, the proposed scheme is more appropriate for cloud services without degrading the security level.

Autonomy and Financial Sources, Key Factors in the Performance of Health Insurance Scheme: Case of Albania

Directory of Open Access Journals (Sweden)

Enkelejda Avdi

2013-12-01

Full Text Available Autonomy of public health insurance scheme comprises political, financial, organizational, normative and contractual aspects. The paper analyses the role and position of a health insurance scheme (HIS within the overall healthcare system in Albania, the relationship to all other institutions, stakeholders and actors. By analyesing published literature and collected data through secondary sources, the paper focuses on financial autonomy, which refers first of all to a certain level of budgetary independence regarding source generation and spending on health services. For assuring effective and efficient performance of the single payer for health care services in Albania, need effective changes in the legislation do take into account the various levels of autonomy mentioned above.

Group key management

Energy Technology Data Exchange (ETDEWEB)

Dunigan, T.; Cao, C.

1997-08-01

This report describes an architecture and implementation for doing group key management over a data communications network. The architecture describes a protocol for establishing a shared encryption key among an authenticated and authorized collection of network entities. Group access requires one or more authorization certificates. The implementation includes a simple public key and certificate infrastructure. Multicast is used for some of the key management messages. An application programming interface multiplexes key management and user application messages. An implementation using the new IP security protocols is postulated. The architecture is compared with other group key management proposals, and the performance and the limitations of the implementation are described.

Passive measurement-device-independent quantum key distribution with orbital angular momentum and pulse position modulation

Science.gov (United States)

Wang, Lian; Zhou, Yuan-yuan; Zhou, Xue-jun; Chen, Xiao

2018-03-01

Based on the orbital angular momentum and pulse position modulation, we present a novel passive measurement-device-independent quantum key distribution (MDI-QKD) scheme with the two-mode source. Combining with the tight bounds of the yield and error rate of single-photon pairs given in our paper, we conduct performance analysis on the scheme with heralded single-photon source. The numerical simulations show that the performance of our scheme is significantly superior to the traditional MDI-QKD in the error rate, key generation rate and secure transmission distance, since the application of orbital angular momentum and pulse position modulation can exclude the basis-dependent flaw and increase the information content for each single photon. Moreover, the performance is improved with the rise of the frame length. Therefore, our scheme, without intensity modulation, avoids the source side channels and enhances the key generation rate. It has greatly utility value in the MDI-QKD setups.

Rural health prepayment schemes in China: towards a more active role for government.

Science.gov (United States)

Bloom, G; Shenglan, T

1999-04-01

A large majority of China's rural population were members of health prepayment schemes in the 1970's. Most of these schemes collapsed during the transition to a market economy. Some localities subsequently reestablished schemes. In early 1997 a new government policy identified health prepayment as a major potential source of rural health finance. This paper draws on the experience of existing schemes to explore how government can support implementation of this policy. The decision to support the establishment of health prepayment schemes is part of the government's effort to establish new sources of finance for social services. It believes that individuals are more likely to accept voluntary contributions to a prepayment scheme than tax increases. The voluntary nature of the contributions limits the possibilities for risk-sharing and redistribution between rich and poor. This underlines the need for the government to fund a substantial share of health expenditure out of general revenues, particularly in poor localities. The paper notes that many successful prepayment schemes depend on close supervision by local political leaders. It argues that the national programme will have to translate these measures into a regulatory system which defines the responsibilities of scheme management bodies and local governments. A number of prepayment schemes have collapsed because members did not feel they got value for money. Local health bureaux will have to cooperate with prepayment schemes to ensure that health facilities provide good quality services at a reasonable cost. Users' representatives can also monitor performance. The paper concludes that government needs to clarify the relationship between health prepayment schemes and other actors in rural localities in order to increase the chance that schemes will become a major source rural health finance.

A Secure and Scalable Data Communication Scheme in Smart Grids

Directory of Open Access Journals (Sweden)

Chunqiang Hu

2018-01-01

Full Text Available The concept of smart grid gained tremendous attention among researchers and utility providers in recent years. How to establish a secure communication among smart meters, utility companies, and the service providers is a challenging issue. In this paper, we present a communication architecture for smart grids and propose a scheme to guarantee the security and privacy of data communications among smart meters, utility companies, and data repositories by employing decentralized attribute based encryption. The architecture is highly scalable, which employs an access control Linear Secret Sharing Scheme (LSSS matrix to achieve a role-based access control. The security analysis demonstrated that the scheme ensures security and privacy. The performance analysis shows that the scheme is efficient in terms of computational cost.

Energy-preserving H1-Galerkin schemes for shallow water wave equations with peakon solutions

International Nuclear Information System (INIS)

Miyatake, Yuto; Matsuo, Takayasu

2012-01-01

New energy-preserving Galerkin schemes for the Camassa–Holm and the Degasperis–Procesi equations which model shallow water waves are presented. The schemes can be implemented only with cheap H 1 elements, which is expected to be sufficient to catch the characteristic peakon solutions. The keys of the derivation are the Hamiltonian structures of the equations and an L 2 -projection technique newly employed in the present Letter to mimic the Hamiltonian structures in a discrete setting, so that the desired energy-preserving property rightly follows. Numerical examples confirm the effectiveness of the schemes. -- Highlights: ► Numerical integration of the Camassa–Holm and Degasperis–Procesi equation. ► New energy-preserving Galerkin schemes for these equations are proposed. ► They can be implemented only with P1 elements. ► They well capture the characteristic peakon solutions over long time. ► The keys are the Hamiltonian structures and L 2 -projection technique.

Applying LU Decomposition of Matrices to Design Anonymity Bilateral Remote User Authentication Scheme

Directory of Open Access Journals (Sweden)

Xiong Li

2013-01-01

Full Text Available We apply LU decomposition of matrices to present an anonymous bilateral authentication scheme. This paper aims at improving security and providing more excellent performances for remote user authentication scheme. The proposed scheme can provide bilateral authentication and session key agreement, can quickly check the validity of the input password, and can really protect the user anonymity. The security of the proposed scheme is based on the discrete logarithm problem (DLP, Diffie-Hellman problem (DHP, and the one-way hash function. It can resist various attacks such as insider attack, impersonation attack, server spoofing attack, and stolen smart card attack. Moreover, the presented scheme is computationally efficient for real-life implementation.

Password Authenticated Key Exchange and Protected Password Change Protocols

Directory of Open Access Journals (Sweden)

Ting-Yi Chang

2017-07-01

Full Text Available In this paper, we propose new password authenticated key exchange (PAKE and protected password change (PPC protocols without any symmetric or public-key cryptosystems. The security of the proposed protocols is based on the computational Diffie-Hellman assumption in the random oracle model. The proposed scheme can resist both forgery server and denial of service attacks.

The same number of optimized parameters scheme for determining intermolecular interaction energies

DEFF Research Database (Denmark)

Kristensen, Kasper; Ettenhuber, Patrick; Eriksen, Janus Juul

2015-01-01

We propose the Same Number Of Optimized Parameters (SNOOP) scheme as an alternative to the counterpoise method for treating basis set superposition errors in calculations of intermolecular interaction energies. The key point of the SNOOP scheme is to enforce that the number of optimized wave...... as numerically. Numerical results for second-order Møller-Plesset perturbation theory (MP2) and coupled-cluster with single, double, and approximate triple excitations (CCSD(T)) show that the SNOOP scheme in general outperforms the uncorrected and counterpoise approaches. Furthermore, we show that SNOOP...

On a two-pass scheme without a faraday mirror for free-space relativistic quantum cryptography

Energy Technology Data Exchange (ETDEWEB)

Kravtsov, K. S.; Radchenko, I. V. [Russian Academy of Sciences, Prokhorov General Physics Institute (Russian Federation); Korol' kov, A. V. [Academy of Cryptography (Russian Federation); Kulik, S. P., E-mail: sergei.kulik@gmail.com [Moscow State University (Russian Federation); Molotkov, S. N., E-mail: sergei.molotkov@gmail.com [Academy of Cryptography (Russian Federation)

2013-05-15

The stability of destructive interference independent of the input polarization and the state of a quantum communication channel in fiber optic systems used in quantum cryptography plays a principal role in providing the security of communicated keys. A novel optical scheme is proposed that can be used both in relativistic quantum cryptography for communicating keys in open space and for communicating them over fiber optic lines. The scheme ensures stability of destructive interference and admits simple automatic balancing of a fiber interferometer.

On a two-pass scheme without a faraday mirror for free-space relativistic quantum cryptography

International Nuclear Information System (INIS)

Kravtsov, K. S.; Radchenko, I. V.; Korol’kov, A. V.; Kulik, S. P.; Molotkov, S. N.

2013-01-01

The stability of destructive interference independent of the input polarization and the state of a quantum communication channel in fiber optic systems used in quantum cryptography plays a principal role in providing the security of communicated keys. A novel optical scheme is proposed that can be used both in relativistic quantum cryptography for communicating keys in open space and for communicating them over fiber optic lines. The scheme ensures stability of destructive interference and admits simple automatic balancing of a fiber interferometer.

A Novel Image Encryption Scheme Based on Intertwining Chaotic Maps and RC4 Stream Cipher

Science.gov (United States)

Kumari, Manju; Gupta, Shailender

2018-03-01

As the systems are enabling us to transmit large chunks of data, both in the form of texts and images, there is a need to explore algorithms which can provide a higher security without increasing the time complexity significantly. This paper proposes an image encryption scheme which uses intertwining chaotic maps and RC4 stream cipher to encrypt/decrypt the images. The scheme employs chaotic map for the confusion stage and for generation of key for the RC4 cipher. The RC4 cipher uses this key to generate random sequences which are used to implement an efficient diffusion process. The algorithm is implemented in MATLAB-2016b and various performance metrics are used to evaluate its efficacy. The proposed scheme provides highly scrambled encrypted images and can resist statistical, differential and brute-force search attacks. The peak signal-to-noise ratio values are quite similar to other schemes, the entropy values are close to ideal. In addition, the scheme is very much practical since having lowest time complexity then its counterparts.

Quality control scheme for thyroid related hormones measured by radioimmunoassay

International Nuclear Information System (INIS)

Kamel, R.S.

1989-09-01

A regional quality control scheme for thyroid related hormones measured by radioimmunoassay is being established in the Middle East. The scheme started in January 1985, with eight laboratories which were all from Iraq. At the present nineteen laboratories from Iraq, Jordan, Kuwait, Saudi Arabia and United Arab Emirates (Dubai) are now participating in the scheme. The scheme was supported by the International Atomic Energy Agency. All participants received monthly three freeze dried quality control samples for assay. Results for T3, T4 and TSH received from participants are analysed statistically batch by batch and returned to the participants. Laboratories reporting quite marked bias results were contacted to check the assay performance for that particular batch and to define the weak points. Clinical interpretation for certain well defined samples were reported. A regular case study report is recently introduced to the scheme and will be distributed regularly as one of the guidelines in establishing a trouble shooting programme throughout the scheme. The overall mean between the laboratory performance showed a good result for the T4, moderate but acceptable for T3 and poor for TSH. The statistical analysis of the results based on the concept of a ''target'' value is derived from the believed correct value the ''Median''. The overall mean bias values (ignoring signs) for respectively low, normal and high concentration samples were for T4 18.0 ± 12.5, 11.2 ± 6.4 and 11.2 ± 6.4, for T3 28.8 ± 23.5, 11.2 ± 8.4 and 13.4 ± 9.0 and for TSH 46.3 ± 50.1, 37.2 ± 28.5 and 19.1 ± 12.1. The scheme proved to be effective not only in improving the overall performance but also it helped to develop awareness of the need for internal quality control programmes and gave confidence in the results of the participants. The scheme will continue and will be expanded to involve more laboratories in the region. Refs, fig and tabs

QoS Support Polling Scheme for Multimedia Traffic in Wireless LAN MAC Protocol

Institute of Scientific and Technical Information of China (English)

YANG Zhijun; ZHAO Dongfeng

2008-01-01

Quality of service (QoS) support is a key attribute for multimedia traffic including video, voice, and data in wireless local area networks (LANs) but is limited in 802.11-based wireless LANs. A polling-based scheme called the point coordination function (PCF) was developed for 802.11 LANs to support the trans-mission of multimedia traffic. However, the PCF is not able to meet the desired practical traffic differentiation requirements for real-time data. This paper describes a QoS support polling scheme based on the IEEE 802.11 medium access control (MAC) protocol. The scheme uses a two-level polling mechanism with the QoS classes differentiated by two different access policies. Stations with higher priority traffic such as key or real-time data form the first level and can access the common channel through an exhaustive access policy. Other stations with lower priority traffic form the second level and can access the channel through a gated access policy. A system model based on imbedded Markov chain theory and a generation function were setup to explicitly analyze the mean information packet waiting time of the two-level polling scheme. Theo-retical and simulation results show that the new scheme efficiently differentiates services to guarantee better QoS and system stability.

Partial Key Grouping: Load-Balanced Partitioning of Distributed Streams

OpenAIRE

Nasir, Muhammad Anis Uddin; Morales, Gianmarco De Francisci; Garcia-Soriano, David; Kourtellis, Nicolas; Serafini, Marco

2015-01-01

We study the problem of load balancing in distributed stream processing engines, which is exacerbated in the presence of skew. We introduce PARTIAL KEY GROUPING (PKG), a new stream partitioning scheme that adapts the classical “power of two choices” to a distributed streaming setting by leveraging two novel techniques: key splitting and local load estimation. In so doing, it achieves better load balancing than key grouping while being more scalable than shuffle grouping. We test PKG on severa...

Boosting up quantum key distribution by learning statistics of practical single-photon sources

International Nuclear Information System (INIS)

Adachi, Yoritoshi; Yamamoto, Takashi; Koashi, Masato; Imoto, Nobuyuki

2009-01-01

We propose a simple quantum-key-distribution (QKD) scheme for practical single-photon sources (SPSs), which works even with a moderate suppression of the second-order correlation g (2) of the source. The scheme utilizes a passive preparation of a decoy state by monitoring a fraction of the signal via an additional beam splitter and a detector at the sender's side to monitor photon-number splitting attacks. We show that the achievable distance increases with the precision with which the sub-Poissonian tendency is confirmed in higher photon-number distribution of the source, rather than with actual suppression of the multiphoton emission events. We present an example of the secure key generation rate in the case of a poor SPS with g (2) =0.19, in which no secure key is produced with the conventional QKD scheme, and show that learning the photon-number distribution up to several numbers is sufficient for achieving almost the same distance as that of an ideal SPS.

A semi-symmetric image encryption scheme based on the function projective synchronization of two hyperchaotic systems.

Directory of Open Access Journals (Sweden)

Xiaoqiang Di

Full Text Available Both symmetric and asymmetric color image encryption have advantages and disadvantages. In order to combine their advantages and try to overcome their disadvantages, chaos synchronization is used to avoid the key transmission for the proposed semi-symmetric image encryption scheme. Our scheme is a hybrid chaotic encryption algorithm, and it consists of a scrambling stage and a diffusion stage. The control law and the update rule of function projective synchronization between the 3-cell quantum cellular neural networks (QCNN response system and the 6th-order cellular neural network (CNN drive system are formulated. Since the function projective synchronization is used to synchronize the response system and drive system, Alice and Bob got the key by two different chaotic systems independently and avoid the key transmission by some extra security links, which prevents security key leakage during the transmission. Both numerical simulations and security analyses such as information entropy analysis, differential attack are conducted to verify the feasibility, security, and efficiency of the proposed scheme.

Enabling an Integrated Rate-temporal Learning Scheme on Memristor

Science.gov (United States)

He, Wei; Huang, Kejie; Ning, Ning; Ramanathan, Kiruthika; Li, Guoqi; Jiang, Yu; Sze, Jiayin; Shi, Luping; Zhao, Rong; Pei, Jing

2014-04-01

Learning scheme is the key to the utilization of spike-based computation and the emulation of neural/synaptic behaviors toward realization of cognition. The biological observations reveal an integrated spike time- and spike rate-dependent plasticity as a function of presynaptic firing frequency. However, this integrated rate-temporal learning scheme has not been realized on any nano devices. In this paper, such scheme is successfully demonstrated on a memristor. Great robustness against the spiking rate fluctuation is achieved by waveform engineering with the aid of good analog properties exhibited by the iron oxide-based memristor. The spike-time-dependence plasticity (STDP) occurs at moderate presynaptic firing frequencies and spike-rate-dependence plasticity (SRDP) dominates other regions. This demonstration provides a novel approach in neural coding implementation, which facilitates the development of bio-inspired computing systems.

A Fingerprint Encryption Scheme Based on Irreversible Function and Secure Authentication

Directory of Open Access Journals (Sweden)

Yijun Yang

2015-01-01

Full Text Available A fingerprint encryption scheme based on irreversible function has been designed in this paper. Since the fingerprint template includes almost the entire information of users’ fingerprints, the personal authentication can be determined only by the fingerprint features. This paper proposes an irreversible transforming function (using the improved SHA1 algorithm to transform the original minutiae which are extracted from the thinned fingerprint image. Then, Chinese remainder theorem is used to obtain the biokey from the integration of the transformed minutiae and the private key. The result shows that the scheme has better performance on security and efficiency comparing with other irreversible function schemes.

On Converting Secret Sharing Scheme to Visual Secret Sharing Scheme

Directory of Open Access Journals (Sweden)

Wang Daoshun

2010-01-01

Full Text Available Abstract Traditional Secret Sharing (SS schemes reconstruct secret exactly the same as the original one but involve complex computation. Visual Secret Sharing (VSS schemes decode the secret without computation, but each share is m times as big as the original and the quality of the reconstructed secret image is reduced. Probabilistic visual secret sharing (Prob.VSS schemes for a binary image use only one subpixel to share the secret image; however the probability of white pixels in a white area is higher than that in a black area in the reconstructed secret image. SS schemes, VSS schemes, and Prob. VSS schemes have various construction methods and advantages. This paper first presents an approach to convert (transform a -SS scheme to a -VSS scheme for greyscale images. The generation of the shadow images (shares is based on Boolean XOR operation. The secret image can be reconstructed directly by performing Boolean OR operation, as in most conventional VSS schemes. Its pixel expansion is significantly smaller than that of VSS schemes. The quality of the reconstructed images, measured by average contrast, is the same as VSS schemes. Then a novel matrix-concatenation approach is used to extend the greyscale -SS scheme to a more general case of greyscale -VSS scheme.

A Provably-Secure Transmission Scheme for Wireless Body Area Networks.

Science.gov (United States)

Omala, Anyembe Andrew; Robert, Niyifasha; Li, Fagen

2016-11-01

Wireless body area network (WBANs) is composed of sensors that collect and transmit a person's physiological data to health-care providers in real-time. In order to guarantee security of this data over open networks, a secure data transmission mechanism between WBAN and application provider's servers is of necessity. Modified medical data does not provide a true reflection of an individuals state of health and its subsequent use for diagnosis could lead to an irreversible medical condition. In this paper, we propose a lightweight certificateless signcryption scheme for secure transmission of data between WBAN and servers. Our proposed scheme not only provides confidentiality of data and authentication in a single logical step, it is lightweight and resistant to key escrow attacks. We further provide security proof that our scheme provides indistinguishability against adaptive chosen ciphertext attack and unforgeability against adaptive chosen message attack in random oracle model. Compared with two other Diffie-Hellman based signcryption schemes proposed by Barbosa and Farshim (BF) and another by Yin and Liang (YL), our scheme consumes 46 % and 8 % less energy during signcryption than BF and YL scheme respectively.

A Remote User Authentication Scheme with Anonymity for Mobile Devices

Directory of Open Access Journals (Sweden)

Soobok Shin

2012-04-01

Full Text Available With the rapid growth of information technologies, mobile devices have been utilized in a variety of services such as e-commerce. When a remote server provides such e-commerce services to a user, it must verify the legitimacy of the user over an insecure communication channel. Therefore, remote user authentication has been widely deployed to verify the legitimacy of remote user login requests using mobile devices like smart cards. In this paper we propose a smart card-based authentication scheme that provides both user anonymity and mutual authentication between a remote server and a user. The proposed authentication scheme is a simple and efficient system applicable to the limited resource and low computing performance of the smart card. The proposed scheme provides not only resilience to potential attacks in the smart card-based authentication scheme, but also secure authentication functions. A smart card performs a simple one-way hash function, the operations of exclusive-or and concatenation in the authentication phase of the proposed scheme. The proposed scheme also provides user anonymity using a dynamic identity and key agreement, and secure password change.

Security analysis and improvements of two-factor mutual authentication with key agreement in wireless sensor networks.

Science.gov (United States)

Kim, Jiye; Lee, Donghoon; Jeon, Woongryul; Lee, Youngsook; Won, Dongho

2014-04-09

User authentication and key management are two important security issues in WSNs (Wireless Sensor Networks). In WSNs, for some applications, the user needs to obtain real-time data directly from sensors and several user authentication schemes have been recently proposed for this case. We found that a two-factor mutual authentication scheme with key agreement in WSNs is vulnerable to gateway node bypassing attacks and user impersonation attacks using secret data stored in sensor nodes or an attacker's own smart card. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in unique ciphertext form in each node. In addition, our proposed scheme should provide not only security, but also efficiency since sensors in a WSN operate with resource constraints such as limited power, computation, and storage space. Therefore, we also analyze the performance of the proposed scheme by comparing its computation and communication costs with those of other schemes.

Security Analysis and Improvements of Two-Factor Mutual Authentication with Key Agreement in Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Jiye Kim

2014-04-01

Full Text Available User authentication and key management are two important security issues in WSNs (Wireless Sensor Networks. In WSNs, for some applications, the user needs to obtain real-time data directly from sensors and several user authentication schemes have been recently proposed for this case. We found that a two-factor mutual authentication scheme with key agreement in WSNs is vulnerable to gateway node bypassing attacks and user impersonation attacks using secret data stored in sensor nodes or an attacker’s own smart card. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in unique ciphertext form in each node. In addition, our proposed scheme should provide not only security, but also efficiency since sensors in a WSN operate with resource constraints such as limited power, computation, and storage space. Therefore, we also analyze the performance of the proposed scheme by comparing its computation and communication costs with those of other schemes.

A multi-criteria evaluation framework for tradable white certificate schemes

International Nuclear Information System (INIS)

Mundaca, Luis; Neij, Lena

2009-01-01

Recent years have witnessed regained political momentum on energy efficiency and interest in establishing markets is growing. As a result, Tradable White Certificate (TWC) schemes of differing design have been implemented in Great Britain, Italy and France. Much attention is being paid to justifying and evaluating such schemes. In this paper, we develop and apply a multi-criteria framework for evaluating TWC schemes-an approach that attempts to cover their individual design features. A broad evaluation is conducted regarding energy-saving and environmental effectiveness, economic efficiency, cost-effectiveness, transaction costs, political feasibility, administrative burden and technical change. The results show the design and performance of TWC schemes to be case and context-specific, and generalisations are thus inappropriate. This evaluation supports the cost-effectiveness modelled for the British scheme and the assumption that a TWC scheme is an economically efficient policy instrument. For the other, more complex TWC schemes, more data and experience are needed to judge their ex-post merit. On the whole, the proposed multi-criteria evaluation requires considerable data and complementary methods. However, the framework improves the understanding of the broad effects and attributes of TWC schemes. It deals with various empirical and normative aspects that can be applied in their evaluation.

A robust SRAM-PUF key generation scheme based on polar codes

NARCIS (Netherlands)

Chen, Bin; Ignatenko, Tanya; Willems, Frans M.J.; Maes, Roel; van der Sluis, Erik; Selimis, Georgios

2017-01-01

Physical unclonable functions (PUFs) are relatively new security primitives used for device authentication and device-specific secret key generation. In this paper we focus on SRAM- PUFs. The SRAM-PUFs enjoy uniqueness and randomness properties stemming from the intrinsic randomness of SRAM memory

Secure Data Aggregation in Wireless Sensor Network-Fujisaki Okamoto(FO) Authentication Scheme against Sybil Attack.

Science.gov (United States)

Nirmal Raja, K; Maraline Beno, M

2017-07-01

In the wireless sensor network(WSN) security is a major issue. There are several network security schemes proposed in research. In the network, malicious nodes obstruct the performance of the network. The network can be vulnerable by Sybil attack. When a node illicitly assertions multiple identities or claims fake IDs, the WSN grieves from an attack named Sybil attack. This attack threatens wireless sensor network in data aggregation, synchronizing system, routing, fair resource allocation and misbehavior detection. Henceforth, the research is carried out to prevent the Sybil attack and increase the performance of the network. This paper presents the novel security mechanism and Fujisaki Okamoto algorithm and also application of the work. The Fujisaki-Okamoto (FO) algorithm is ID based cryptographic scheme and gives strong authentication against Sybil attack. By using Network simulator2 (NS2) the scheme is simulated. In this proposed scheme broadcasting key, time taken for different key sizes, energy consumption, Packet delivery ratio, Throughput were analyzed.

A light weight secure image encryption scheme based on chaos & DNA computing

Directory of Open Access Journals (Sweden)

Bhaskar Mondal

2017-10-01

Full Text Available This paper proposed a new light weight secure cryptographic scheme for secure image communication. In this scheme the plain image is permuted first using a sequence of pseudo random number (PRN and encrypted by DeoxyriboNucleic Acid (DNA computation. Two PRN sequences are generated by a Pseudo Random Number Generator (PRNG based on cross coupled chaotic logistic map using two sets of keys. The first PRN sequence is used for permuting the plain image whereas the second PRN sequence is used for generating random DNA sequence. The number of rounds of permutation and encryption may be variable to increase security. The scheme is proposed for gray label images but the scheme may be extended for color images and text data. Simulation results exhibit that the proposed scheme can defy any kind of attack.

Bleeding risk in 'real world' patients with atrial fibrillation: comparison of two established bleeding prediction schemes in a nationwide cohort

DEFF Research Database (Denmark)

Olesen, J B; Lip, G Y H; Hansen, P R

2011-01-01

Oral anticoagulation (OAC) in patients with atrial fibrillation (AF) is a double-edged sword, because it decreases the risk of stroke at the cost of an increased risk of bleeding. We compared the performance of a new bleeding prediction scheme, HAS-BLED, with an older bleeding prediction scheme...

NFC Secure Payment and Verification Scheme with CS E-Ticket

Directory of Open Access Journals (Sweden)

Kai Fan

2017-01-01

Full Text Available As one of the most important techniques in IoT, NFC (Near Field Communication is more interesting than ever. NFC is a short-range, high-frequency communication technology well suited for electronic tickets, micropayment, and access control function, which is widely used in the financial industry, traffic transport, road ban control, and other fields. However, NFC is becoming increasingly popular in the relevant field, but its secure problems, such as man-in-the-middle-attack and brute force attack, have hindered its further development. To address the security problems and specific application scenarios, we propose a NFC mobile electronic ticket secure payment and verification scheme in the paper. The proposed scheme uses a CS E-Ticket and offline session key generation and distribution technology to prevent major attacks and increase the security of NFC. As a result, the proposed scheme can not only be a good alternative to mobile e-ticket system but also be used in many NFC fields. Furthermore, compared with other existing schemes, the proposed scheme provides a higher security.

Self-match based on polling scheme for passive optical network monitoring

Science.gov (United States)

Zhang, Xuan; Guo, Hao; Jia, Xinhong; Liao, Qinghua

2018-06-01

We propose a self-match based on polling scheme for passive optical network monitoring. Each end-user is equipped with an optical matcher that exploits only the specific length patchcord and two different fiber Bragg gratings with 100% reflectivity. The simple and low-cost scheme can greatly simplify the final recognition processing of the network link status and reduce the sensitivity of the photodetector. We analyze the time-domain relation between reflected pulses and establish the calculation model to evaluate the false alarm rate. The feasibility of the proposed scheme and the validity of the time-domain relation analysis are experimentally demonstrated.

The generation of shared cryptographic keys through channel impulse response estimation at 60 GHz.

Energy Technology Data Exchange (ETDEWEB)

Young, Derek P.; Forman, Michael A.; Dowdle, Donald Ryan

2010-09-01

Methods to generate private keys based on wireless channel characteristics have been proposed as an alternative to standard key-management schemes. In this work, we discuss past work in the field and offer a generalized scheme for the generation of private keys using uncorrelated channels in multiple domains. Proposed cognitive enhancements measure channel characteristics, to dynamically change transmission and reception parameters as well as estimate private key randomness and expiration times. Finally, results are presented on the implementation of a system for the generation of private keys for cryptographic communications using channel impulse-response estimation at 60 GHz. The testbed is composed of commercial millimeter-wave VubIQ transceivers, laboratory equipment, and software implemented in MATLAB. Novel cognitive enhancements are demonstrated, using channel estimation to dynamically change system parameters and estimate cryptographic key strength. We show for a complex channel that secret key generation can be accomplished on the order of 100 kb/s.

An Efficient and Practical Smart Card Based Anonymity Preserving User Authentication Scheme for TMIS using Elliptic Curve Cryptography.

Science.gov (United States)

Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Kumar, Neeraj

2015-11-01

In the last few years, numerous remote user authentication and session key agreement schemes have been put forwarded for Telecare Medical Information System, where the patient and medical server exchange medical information using Internet. We have found that most of the schemes are not usable for practical applications due to known security weaknesses. It is also worth to note that unrestricted number of patients login to the single medical server across the globe. Therefore, the computation and maintenance overhead would be high and the server may fail to provide services. In this article, we have designed a medical system architecture and a standard mutual authentication scheme for single medical server, where the patient can securely exchange medical data with the doctor(s) via trusted central medical server over any insecure network. We then explored the security of the scheme with its resilience to attacks. Moreover, we formally validated the proposed scheme through the simulation using Automated Validation of Internet Security Schemes and Applications software whose outcomes confirm that the scheme is protected against active and passive attacks. The performance comparison demonstrated that the proposed scheme has lower communication cost than the existing schemes in literature. In addition, the computation cost of the proposed scheme is nearly equal to the exiting schemes. The proposed scheme not only efficient in terms of different security attacks, but it also provides an efficient login, mutual authentication, session key agreement and verification and password update phases along with password recovery.

Asynchronous Group Key Distribution on top of the CC2420 Security Mechanisms for Sensor Networks

DEFF Research Database (Denmark)

Hansen, Morten Tranberg

2009-01-01

scheme with no time synchronization requirements. The scheme decreases the number of key updates by providing them on an as needed basis according to the amount of network traffic. We evaluate the CC2420 radio security mechanism and show how to use it as a basis to implement secure group communication......A sensor network is a network consisting of small, inexpensive, low-powered sensor nodes that communicate to complete a common task. Sensor nodes are characterized by having limited communication and computation capabilities, energy, and storage. They often are deployed in hostile environments...... creating a demand for encryption and authentication of the messages sent between them. Due to severe resource constraints on the sensor nodes, efficient key distribution schemes and secure communication protocols with low overhead are desired. In this paper we present an asynchronous group key distribution...

A Scenario-Based Protocol Checker for Public-Key Authentication Scheme

Science.gov (United States)

Saito, Takamichi

Security protocol provides communication security for the internet. One of the important features of it is authentication with key exchange. Its correctness is a requirement of the whole of the communication security. In this paper, we introduce three attack models realized as their attack scenarios, and provide an authentication-protocol checker for applying three attack-scenarios based on the models. We also utilize it to check two popular security protocols: Secure SHell (SSH) and Secure Socket Layer/Transport Layer Security (SSL/TLS).

Public Key Encryption Supporting Plaintext Equality Test and User-Specified Authorization

NARCIS (Netherlands)

Tang, Qiang

2011-01-01

In this paper we investigate a category of public key encryption schemes which supports plaintext equality test and user-specified authorization. With this new primitive, two users, who possess their own public/private key pairs, can issue token(s) to a proxy to authorize it to perform plaintext

Identity based Encryption and Biometric Authentication Scheme for Secure Data Access in Cloud Computing

DEFF Research Database (Denmark)

Cheng, Hongbing; Rong, Chunming; Tan, Zheng-Hua

2012-01-01

Cloud computing will be a main information infrastructure in the future; it consists of many large datacenters which are usually geographically distributed and heterogeneous. How to design a secure data access for cloud computing platform is a big challenge. In this paper, we propose a secure data...... access scheme based on identity-based encryption and biometric authentication for cloud computing. Firstly, we describe the security concern of cloud computing and then propose an integrated data access scheme for cloud computing, the procedure of the proposed scheme include parameter setup, key...... distribution, feature template creation, cloud data processing and secure data access control. Finally, we compare the proposed scheme with other schemes through comprehensive analysis and simulation. The results show that the proposed data access scheme is feasible and secure for cloud computing....

Privacy protection schemes for fingerprint recognition systems

Science.gov (United States)

Marasco, Emanuela; Cukic, Bojan

2015-05-01

The deployment of fingerprint recognition systems has always raised concerns related to personal privacy. A fingerprint is permanently associated with an individual and, generally, it cannot be reset if compromised in one application. Given that fingerprints are not a secret, potential misuses besides personal recognition represent privacy threats and may lead to public distrust. Privacy mechanisms control access to personal information and limit the likelihood of intrusions. In this paper, image- and feature-level schemes for privacy protection in fingerprint recognition systems are reviewed. Storing only key features of a biometric signature can reduce the likelihood of biometric data being used for unintended purposes. In biometric cryptosystems and biometric-based key release, the biometric component verifies the identity of the user, while the cryptographic key protects the communication channel. Transformation-based approaches only a transformed version of the original biometric signature is stored. Different applications can use different transforms. Matching is performed in the transformed domain which enable the preservation of low error rates. Since such templates do not reveal information about individuals, they are referred to as cancelable templates. A compromised template can be re-issued using a different transform. At image-level, de-identification schemes can remove identifiers disclosed for objectives unrelated to the original purpose, while permitting other authorized uses of personal information. Fingerprint images can be de-identified by, for example, mixing fingerprints or removing gender signature. In both cases, degradation of matching performance is minimized.

Design and Implementation of a Chaotic Scheme in Additive White Gaussian Noise Channel

Directory of Open Access Journals (Sweden)

Nizar Al Bassam

2016-01-01

Full Text Available A new chaotic scheme named Flipped Chaotic On-Off Keying (FCOOK is proposed for binary transmission. In FCOOK, the low correlation value between the stationary signal and its mirrored version is utilized. Transmitted signal for binary 1 is a chaotic segment added to its time flipped (mirrored version within one bit duration, while in binary 0, no transmission takes place within the same bit duration. The proposed scheme is compared with the standard chaotic systems: Differential Chaos Shift Keying (DCSK and Correlation Delay Shift Keying (CDSK. The Bit Error Rate (BER of FCOOK is studied analytically based on Gaussian approximation method. Results show that the BER performance of FCOOK outperforms DCSK and CDSK in AWGN channel environment and with various Eb/No levels. Additionally, FCOOK offers a double bit rate compared with the standard DCSK.

A national quality control scheme for serum HGH assays

International Nuclear Information System (INIS)

Hunter, W.M.; McKenzie, I.

1979-01-01

In the autumn of 1975 the Supraregional Assay Service established a Quality Control Sub-Committee and the intra-laboratory QC Scheme for Growth Hormone (HGH) assays which is described here has served, in many respects, as a pilot scheme for protein RIA. Major improvements in accuracy, precision and between-laboratory agreement can be brought about by intensively interactive quality control schemes. A common standard is essential and should consist of ampoules used for one or only a small number of assays. Accuracy and agreement were not good enough to allow the overall means to serve as target values but a group of 11 laboratories were sufficiently accurate to provide a 'reference group mean' to so serve. Gross non-specificity was related to poor assay design and was quickly eliminated. Within-laboratory between-batch variability was much worse than that normally claimed for simple protein hormone RIA. A full report on this Scheme will appear shortly in Annals of Clinical Biochemistry. (Auth.)

Quantum dual signature scheme based on coherent states with entanglement swapping

Science.gov (United States)

Liu, Jia-Li; Shi, Rong-Hua; Shi, Jin-Jing; Lv, Ge-Li; Guo, Ying

2016-08-01

A novel quantum dual signature scheme, which combines two signed messages expected to be sent to two diverse receivers Bob and Charlie, is designed by applying entanglement swapping with coherent states. The signatory Alice signs two different messages with unitary operations (corresponding to the secret keys) and applies entanglement swapping to generate a quantum dual signature. The dual signature is firstly sent to the verifier Bob who extracts and verifies the signature of one message and transmits the rest of the dual signature to the verifier Charlie who verifies the signature of the other message. The transmission of the dual signature is realized with quantum teleportation of coherent states. The analysis shows that the security of secret keys and the security criteria of the signature protocol can be greatly guaranteed. An extensional multi-party quantum dual signature scheme which considers the case with more than three participants is also proposed in this paper and this scheme can remain secure. The proposed schemes are completely suited for the quantum communication network including multiple participants and can be applied to the e-commerce system which requires a secure payment among the customer, business and bank. Project supported by the National Natural Science Foundation of China (Grant Nos. 61272495, 61379153, and 61401519) and the Research Fund for the Doctoral Program of Higher Education of China (Grant No. 20130162110012).

High-dimensional quantum key distribution with the entangled single-photon-added coherent state

Energy Technology Data Exchange (ETDEWEB)

Wang, Yang [Zhengzhou Information Science and Technology Institute, Zhengzhou, 450001 (China); Synergetic Innovation Center of Quantum Information and Quantum Physics, University of Science and Technology of China, Hefei, Anhui 230026 (China); Bao, Wan-Su, E-mail: 2010thzz@sina.com [Zhengzhou Information Science and Technology Institute, Zhengzhou, 450001 (China); Synergetic Innovation Center of Quantum Information and Quantum Physics, University of Science and Technology of China, Hefei, Anhui 230026 (China); Bao, Hai-Ze; Zhou, Chun; Jiang, Mu-Sheng; Li, Hong-Wei [Zhengzhou Information Science and Technology Institute, Zhengzhou, 450001 (China); Synergetic Innovation Center of Quantum Information and Quantum Physics, University of Science and Technology of China, Hefei, Anhui 230026 (China)

2017-04-25

High-dimensional quantum key distribution (HD-QKD) can generate more secure bits for one detection event so that it can achieve long distance key distribution with a high secret key capacity. In this Letter, we present a decoy state HD-QKD scheme with the entangled single-photon-added coherent state (ESPACS) source. We present two tight formulas to estimate the single-photon fraction of postselected events and Eve's Holevo information and derive lower bounds on the secret key capacity and the secret key rate of our protocol. We also present finite-key analysis for our protocol by using the Chernoff bound. Our numerical results show that our protocol using one decoy state can perform better than that of previous HD-QKD protocol with the spontaneous parametric down conversion (SPDC) using two decoy states. Moreover, when considering finite resources, the advantage is more obvious. - Highlights: • Implement the single-photon-added coherent state source into the high-dimensional quantum key distribution. • Enhance both the secret key capacity and the secret key rate compared with previous schemes. • Show an excellent performance in view of statistical fluctuations.

High-dimensional quantum key distribution with the entangled single-photon-added coherent state

International Nuclear Information System (INIS)

Wang, Yang; Bao, Wan-Su; Bao, Hai-Ze; Zhou, Chun; Jiang, Mu-Sheng; Li, Hong-Wei

2017-01-01

High-dimensional quantum key distribution (HD-QKD) can generate more secure bits for one detection event so that it can achieve long distance key distribution with a high secret key capacity. In this Letter, we present a decoy state HD-QKD scheme with the entangled single-photon-added coherent state (ESPACS) source. We present two tight formulas to estimate the single-photon fraction of postselected events and Eve's Holevo information and derive lower bounds on the secret key capacity and the secret key rate of our protocol. We also present finite-key analysis for our protocol by using the Chernoff bound. Our numerical results show that our protocol using one decoy state can perform better than that of previous HD-QKD protocol with the spontaneous parametric down conversion (SPDC) using two decoy states. Moreover, when considering finite resources, the advantage is more obvious. - Highlights: • Implement the single-photon-added coherent state source into the high-dimensional quantum key distribution. • Enhance both the secret key capacity and the secret key rate compared with previous schemes. • Show an excellent performance in view of statistical fluctuations.

Sectoral approaches establishment for climate change mitigation in Thailand upstream oil and gas industry

International Nuclear Information System (INIS)

Chaiyapa, Warathida; Esteban, Miguel; Kameyama, Yasuko

2016-01-01

Understanding the upstream oil and gas (O&G) industry's responses to climate change and what factors can be influential to trigger their mitigation strategies is crucial for policy-makers to harness the huge resources that this industry can mobilize towards environmental protection. Considering that individual climate change efforts are unlikely to affect global mitigation paths, the study investigates the possibility that sectoral approaches can help in the reduction of greenhouse gas emissions, using Thailand as a case study. It conducted online questionnaire surveys and semi-structured interviews to acquire primary data from companies and key informants from the government, NGOs, NPOs and academics. The results suggested that, among three possible groups of factors that could affect company decisions on whether to promote sectoral approaches, domestic politics (particularly the Thai government) is the most important, though other factors also play important and interrelated roles. The most welcomed type of scheme that could be envisaged would appear to be a sectoral agreement between government and industry. Finally, the authors provide two main policy recommendations, namely the establishment of an industrial association of O&G companies and for it to target how to start looking at measures to reduce greenhouse gas emissions amongst large companies in the sector. - Highlights: •Examining the possibility of establishing a sectoral approach Thailand's upstream O&G industry. •Analytical framework was constructed to ascertain most influential factors. •Questionnaires and interviews were employed with companies, government, NGOs and academic. •Domestic politics is the most determining factor, but other factors have strong interrelation. •Sectoral agreement between government and industry is the most likely scheme to be established.

Information verification cryptosystem using one-time keys based on double random phase encoding and public-key cryptography

Science.gov (United States)

Zhao, Tieyu; Ran, Qiwen; Yuan, Lin; Chi, Yingying; Ma, Jing

2016-08-01

A novel image encryption system based on double random phase encoding (DRPE) and RSA public-key algorithm is proposed. The main characteristic of the system is that each encryption process produces a new decryption key (even for the same plaintext), thus the encryption system conforms to the feature of the one-time pad (OTP) cryptography. The other characteristic of the system is the use of fingerprint key. Only with the rightful authorization will the true decryption be obtained, otherwise the decryption will result in noisy images. So the proposed system can be used to determine whether the ciphertext is falsified by attackers. In addition, the system conforms to the basic agreement of asymmetric cryptosystem (ACS) due to the combination with the RSA public-key algorithm. The simulation results show that the encryption scheme has high robustness against the existing attacks.

Security enhanced multi-factor biometric authentication scheme using bio-hash function.

Directory of Open Access Journals (Sweden)

Younsung Choi

Full Text Available With the rapid development of personal information and wireless communication technology, user authentication schemes have been crucial to ensure that wireless communications are secure. As such, various authentication schemes with multi-factor authentication have been proposed to improve the security of electronic communications. Multi-factor authentication involves the use of passwords, smart cards, and various biometrics to provide users with the utmost privacy and data protection. Cao and Ge analyzed various authentication schemes and found that Younghwa An's scheme was susceptible to a replay attack where an adversary masquerades as a legal server and a user masquerading attack where user anonymity is not provided, allowing an adversary to execute a password change process by intercepting the user's ID during login. Cao and Ge improved upon Younghwa An's scheme, but various security problems remained. This study demonstrates that Cao and Ge's scheme is susceptible to a biometric recognition error, slow wrong password detection, off-line password attack, user impersonation attack, ID guessing attack, a DoS attack, and that their scheme cannot provide session key agreement. Then, to address all weaknesses identified in Cao and Ge's scheme, this study proposes a security enhanced multi-factor biometric authentication scheme and provides a security analysis and formal analysis using Burrows-Abadi-Needham logic. Finally, the efficiency analysis reveals that the proposed scheme can protect against several possible types of attacks with only a slightly high computational cost.

Security enhanced multi-factor biometric authentication scheme using bio-hash function.

Science.gov (United States)

Choi, Younsung; Lee, Youngsook; Moon, Jongho; Won, Dongho

2017-01-01

With the rapid development of personal information and wireless communication technology, user authentication schemes have been crucial to ensure that wireless communications are secure. As such, various authentication schemes with multi-factor authentication have been proposed to improve the security of electronic communications. Multi-factor authentication involves the use of passwords, smart cards, and various biometrics to provide users with the utmost privacy and data protection. Cao and Ge analyzed various authentication schemes and found that Younghwa An's scheme was susceptible to a replay attack where an adversary masquerades as a legal server and a user masquerading attack where user anonymity is not provided, allowing an adversary to execute a password change process by intercepting the user's ID during login. Cao and Ge improved upon Younghwa An's scheme, but various security problems remained. This study demonstrates that Cao and Ge's scheme is susceptible to a biometric recognition error, slow wrong password detection, off-line password attack, user impersonation attack, ID guessing attack, a DoS attack, and that their scheme cannot provide session key agreement. Then, to address all weaknesses identified in Cao and Ge's scheme, this study proposes a security enhanced multi-factor biometric authentication scheme and provides a security analysis and formal analysis using Burrows-Abadi-Needham logic. Finally, the efficiency analysis reveals that the proposed scheme can protect against several possible types of attacks with only a slightly high computational cost.

Security enhanced multi-factor biometric authentication scheme using bio-hash function

Science.gov (United States)

Lee, Youngsook; Moon, Jongho

2017-01-01

With the rapid development of personal information and wireless communication technology, user authentication schemes have been crucial to ensure that wireless communications are secure. As such, various authentication schemes with multi-factor authentication have been proposed to improve the security of electronic communications. Multi-factor authentication involves the use of passwords, smart cards, and various biometrics to provide users with the utmost privacy and data protection. Cao and Ge analyzed various authentication schemes and found that Younghwa An’s scheme was susceptible to a replay attack where an adversary masquerades as a legal server and a user masquerading attack where user anonymity is not provided, allowing an adversary to execute a password change process by intercepting the user’s ID during login. Cao and Ge improved upon Younghwa An’s scheme, but various security problems remained. This study demonstrates that Cao and Ge’s scheme is susceptible to a biometric recognition error, slow wrong password detection, off-line password attack, user impersonation attack, ID guessing attack, a DoS attack, and that their scheme cannot provide session key agreement. Then, to address all weaknesses identified in Cao and Ge’s scheme, this study proposes a security enhanced multi-factor biometric authentication scheme and provides a security analysis and formal analysis using Burrows-Abadi-Needham logic. Finally, the efficiency analysis reveals that the proposed scheme can protect against several possible types of attacks with only a slightly high computational cost. PMID:28459867

Genotyping of B. licheniformis based on a novel multi-locus sequence typing (MLST scheme

Directory of Open Access Journals (Sweden)

Madslien Elisabeth H

2012-10-01

Full Text Available Abstract Background Bacillus licheniformis has for many years been used in the industrial production of enzymes, antibiotics and detergents. However, as a producer of dormant heat-resistant endospores B. licheniformis might contaminate semi-preserved foods. The aim of this study was to establish a robust and novel genotyping scheme for B. licheniformis in order to reveal the evolutionary history of 53 strains of this species. Furthermore, the genotyping scheme was also investigated for its use to detect food-contaminating strains. Results A multi-locus sequence typing (MLST scheme, based on the sequence of six house-keeping genes (adk, ccpA, recF, rpoB, spo0A and sucC of 53 B. licheniformis strains from different sources was established. The result of the MLST analysis supported previous findings of two different subgroups (lineages within this species, named “A” and “B” Statistical analysis of the MLST data indicated a higher rate of recombination within group “A”. Food isolates were widely dispersed in the MLST tree and could not be distinguished from the other strains. However, the food contaminating strain B. licheniformis NVH1032, represented by a unique sequence type (ST8, was distantly related to all other strains. Conclusions In this study, a novel and robust genotyping scheme for B. licheniformis was established, separating the species into two subgroups. This scheme could be used for further studies of evolution and population genetics in B. licheniformis.

Image Encryption Scheme Based on Balanced Two-Dimensional Cellular Automata

Directory of Open Access Journals (Sweden)

Xiaoyan Zhang

2013-01-01

Full Text Available Cellular automata (CA are simple models of computation which exhibit fascinatingly complex behavior. Due to the universality of CA model, it has been widely applied in traditional cryptography and image processing. The aim of this paper is to present a new image encryption scheme based on balanced two-dimensional cellular automata. In this scheme, a random image with the same size of the plain image to be encrypted is first generated by a pseudo-random number generator with a seed. Then, the random image is evoluted alternately with two balanced two-dimensional CA rules. At last, the cipher image is obtained by operating bitwise XOR on the final evolution image and the plain image. This proposed scheme possesses some advantages such as very large key space, high randomness, complex cryptographic structure, and pretty fast encryption/decryption speed. Simulation results obtained from some classical images at the USC-SIPI database demonstrate the strong performance of the proposed image encryption scheme.

Self-referenced continuous-variable measurement-device-independent quantum key distribution

Science.gov (United States)

Wang, Yijun; Wang, Xudong; Li, Jiawei; Huang, Duan; Zhang, Ling; Guo, Ying

2018-05-01

We propose a scheme to remove the demand of transmitting a high-brightness local oscillator (LO) in continuous-variable measurement-device-independent quantum key distribution (CV-MDI QKD) protocol, which we call as the self-referenced (SR) CV-MDI QKD. We show that our scheme is immune to the side-channel attacks, such as the calibration attacks, the wavelength attacks and the LO fluctuation attacks, which are all exploiting the security loopholes introduced by transmitting the LO. Besides, the proposed scheme waives the necessity of complex multiplexer and demultiplexer, which can greatly simplify the QKD processes and improve the transmission efficiency. The numerical simulations under collective attacks show that all the improvements brought about by our scheme are only at the expense of slight transmission distance shortening. This scheme shows an available method to mend the security loopholes incurred by transmitting LO in CV-MDI QKD.

A novel image authentication scheme based on hyper-chaotic cell neural network

International Nuclear Information System (INIS)

Gao Tiegang; Gu Qiaolun; Emmanuel, Sabu

2009-01-01

This paper presents a new image authentication scheme based on cell neural network with hyper-chaos characteristics (HCCNN). In the scheme, the authentication code, which is used as secret key and the pixel values of image are used for the input of HCCNN. The secret information that HCCNN produces is transmitted to the receiving end through secret channel. The receiver can then use the received secret information to authenticate the suspect image by comparing the original authentication code with that calculated from the suspect image. Simulations show that the suggested image authentication algorithm has the advantages of large key space and high security, and moreover, it can detect and locate the position of any slightly tampered parts of a suspect image.

Atomic Weapons Establishment Bill [Money

International Nuclear Information System (INIS)

Bennett, A.F.; Cryer, Bob; Carlisle, Kenneth; Dean, Paul.

1990-01-01

The debate concerns the authorisation of payment of the money required to reorganise the atomic weapons establishment in the United Kingdom provided for in the Atomic Weapons Establishment Bill in progress through Parliament. In the Bill the contractorisation of the establishment is recommended and some sort of Government owned company operated scheme set up. The debate lasted about half an hour and is reported verbatim. The issues raised concerned the actual sums likely to be incurred in the formation of a Company to carry out the designated activities of the Bill. These are connected with the research, development, production or maintenance of nuclear devices and the premises needed. The government spokesman suggested the sums required to support the Bill would not be large and the resolution was agreed to without a vote. (UK)

Predicting establishment of non-native fishes in Greece: identifying key features

Directory of Open Access Journals (Sweden)

Christos Gkenas

2015-11-01

Full Text Available Non-native fishes are known to cause economic damage to human society and are considered a major threat to biodiversity loss in freshwater ecosystems. The growing concern about these impacts has driven to an investigation of the biological traits that facilitate the establishment of non-native fish. However, invalid assessment in choosing the appropriate statistical model can lead researchers to ambiguous conclusions. Here, we present a comprehensive comparison of traditional and alternative statistical methods for predicting fish invasions using logistic regression, classification trees, multicorrespondence analysis and random forest analysis to determine characteristics of successful and failed non-native fishes in Hellenic Peninsula through establishment. We defined fifteen categorical predictor variables with biological relevance and measures of human interest. Our study showed that accuracy differed according to the model and the number of factors considered. Among all the models tested, random forest and logistic regression performed best, although all approaches predicted non-native fish establishment with moderate to excellent results. Detailed evaluation among the models corresponded with differences in variables importance, with three biological variables (parental care, distance from nearest native source and maximum size and two variables of human interest (prior invasion success and propagule pressure being important in predicting establishment. The analyzed statistical methods presented have a high predictive power and can be used as a risk assessment tool to prevent future freshwater fish invasions in this region with an imperiled fish fauna.

Participation in the National Health Insurance Scheme Among ...

African Journals Online (AJOL)

Background: The National Health Insurance Scheme was established under Act 35 of 1999 by the Federal Government of Nigeria and is aimed at providing easy access to health care for all Nigerians at an affordable cost through various prepayment systems. It is totally committed to achieving universal coverage and ...

Two-way quantum key distribution at telecommunication wavelength

International Nuclear Information System (INIS)

Kumar, Rupesh; Lucamarini, Marco; Di Giuseppe, Giovanni; Natali, Riccardo; Mancini, Giorgio; Tombesi, Paolo

2008-01-01

We report on a quantum key distribution effected with a two-way deterministic protocol over a standard telecommunication fiber. Despite the common belief of a prohibitive loss rate for such a scheme, our results show its feasibility on distances of few tenths of kilometers

A new Identity Based Encryption (IBE) scheme using extended Chebyshev polynomial over finite fields Zp

International Nuclear Information System (INIS)

Benasser Algehawi, Mohammed; Samsudin, Azman

2010-01-01

We present a method to extract key pairs needed for the Identity Based Encryption (IBE) scheme from extended Chebyshev polynomial over finite fields Z p . Our proposed scheme relies on the hard problem and the bilinear property of the extended Chebyshev polynomial over Z p . The proposed system is applicable, secure, and reliable.

Incentive schemes in development of socio-economic systems

Science.gov (United States)

Grachev, V. V.; Ivushkin, K. A.; Myshlyaev, L. P.

2018-05-01

The paper is devoted to the study of incentive schemes when developing socio-economic systems. The article analyzes the existing incentive schemes. It is established that the traditional incentive mechanisms do not fully take into account the specifics of the creation of each socio-economic system and, as a rule, are difficult to implement. The incentive schemes based on the full-scale simulation approach, which allow the most complete information from the existing projects of creation of socio-economic systems to be extracted, are proposed. The statement of the problem is given, the method and algorithm of the full-scale simulation study of the efficiency of incentive functions is developed. The results of the study are presented. It is shown that the use of quadratic and piecewise linear functions of incentive allows the time and costs for creating social and economic systems to be reduced by 10%-15%.

Sparse Representations-Based Super-Resolution of Key-Frames Extracted from Frames-Sequences Generated by a Visual Sensor Network

Directory of Open Access Journals (Sweden)

Muhammad Sajjad

2014-02-01

Full Text Available Visual sensor networks (VSNs usually generate a low-resolution (LR frame-sequence due to energy and processing constraints. These LR-frames are not very appropriate for use in certain surveillance applications. It is very important to enhance the resolution of the captured LR-frames using resolution enhancement schemes. In this paper, an effective framework for a super-resolution (SR scheme is proposed that enhances the resolution of LR key-frames extracted from frame-sequences captured by visual-sensors. In a VSN, a visual processing hub (VPH collects a huge amount of visual data from camera sensors. In the proposed framework, at the VPH, key-frames are extracted using our recent key-frame extraction technique and are streamed to the base station (BS after compression. A novel effective SR scheme is applied at BS to produce a high-resolution (HR output from the received key-frames. The proposed SR scheme uses optimized orthogonal matching pursuit (OOMP for sparse-representation recovery in SR. OOMP does better in terms of detecting true sparsity than orthogonal matching pursuit (OMP. This property of the OOMP helps produce a HR image which is closer to the original image. The K-SVD dictionary learning procedure is incorporated for dictionary learning. Batch-OMP improves the dictionary learning process by removing the limitation in handling a large set of observed signals. Experimental results validate the effectiveness of the proposed scheme and show its superiority over other state-of-the-art schemes.

Sparse representations-based super-resolution of key-frames extracted from frames-sequences generated by a visual sensor network.

Science.gov (United States)

Sajjad, Muhammad; Mehmood, Irfan; Baik, Sung Wook

2014-02-21

Visual sensor networks (VSNs) usually generate a low-resolution (LR) frame-sequence due to energy and processing constraints. These LR-frames are not very appropriate for use in certain surveillance applications. It is very important to enhance the resolution of the captured LR-frames using resolution enhancement schemes. In this paper, an effective framework for a super-resolution (SR) scheme is proposed that enhances the resolution of LR key-frames extracted from frame-sequences captured by visual-sensors. In a VSN, a visual processing hub (VPH) collects a huge amount of visual data from camera sensors. In the proposed framework, at the VPH, key-frames are extracted using our recent key-frame extraction technique and are streamed to the base station (BS) after compression. A novel effective SR scheme is applied at BS to produce a high-resolution (HR) output from the received key-frames. The proposed SR scheme uses optimized orthogonal matching pursuit (OOMP) for sparse-representation recovery in SR. OOMP does better in terms of detecting true sparsity than orthogonal matching pursuit (OMP). This property of the OOMP helps produce a HR image which is closer to the original image. The K-SVD dictionary learning procedure is incorporated for dictionary learning. Batch-OMP improves the dictionary learning process by removing the limitation in handling a large set of observed signals. Experimental results validate the effectiveness of the proposed scheme and show its superiority over other state-of-the-art schemes.

Unequal error control scheme for dimmable visible light communication systems

Science.gov (United States)

Deng, Keyan; Yuan, Lei; Wan, Yi; Li, Huaan

2017-01-01

Visible light communication (VLC), which has the advantages of a very large bandwidth, high security, and freedom from license-related restrictions and electromagnetic-interference, has attracted much interest. Because a VLC system simultaneously performs illumination and communication functions, dimming control, efficiency, and reliable transmission are significant and challenging issues of such systems. In this paper, we propose a novel unequal error control (UEC) scheme in which expanding window fountain (EWF) codes in an on-off keying (OOK)-based VLC system are used to support different dimming target values. To evaluate the performance of the scheme for various dimming target values, we apply it to H.264 scalable video coding bitstreams in a VLC system. The results of the simulations that are performed using additive white Gaussian noises (AWGNs) with different signal-to-noise ratios (SNRs) are used to compare the performance of the proposed scheme for various dimming target values. It is found that the proposed UEC scheme enables earlier base layer recovery compared to the use of the equal error control (EEC) scheme for different dimming target values and therefore afford robust transmission for scalable video multicast over optical wireless channels. This is because of the unequal error protection (UEP) and unequal recovery time (URT) of the EWF code in the proposed scheme.

Security bound of continuous-variable quantum key distribution with noisy coherent states and channel

International Nuclear Information System (INIS)

Shen Yong; Yang Jian; Guo Hong

2009-01-01

Security of a continuous-variable quantum key distribution protocol based on noisy coherent states and channel is analysed. Assuming that the noise of coherent states is induced by Fred, a neutral party relative to others, we prove that the prepare-and-measurement scheme (P and M) and entanglement-based scheme (E-B) are equivalent. Then, we show that this protocol is secure against Gaussian collective attacks even if the channel is lossy and noisy, and, further, a lower bound to the secure key rate is derived.

Security bound of continuous-variable quantum key distribution with noisy coherent states and channel

Energy Technology Data Exchange (ETDEWEB)

Shen Yong; Yang Jian; Guo Hong, E-mail: hongguo@pku.edu.c [CREAM Group, State Key Laboratory of Advanced Optical Communication Systems and Networks (Peking University) and Institute of Quantum Electronics, School of Electronics Engineering and Computer Science, Peking University, Beijing 100871 (China)

2009-12-14

Security of a continuous-variable quantum key distribution protocol based on noisy coherent states and channel is analysed. Assuming that the noise of coherent states is induced by Fred, a neutral party relative to others, we prove that the prepare-and-measurement scheme (P and M) and entanglement-based scheme (E-B) are equivalent. Then, we show that this protocol is secure against Gaussian collective attacks even if the channel is lossy and noisy, and, further, a lower bound to the secure key rate is derived.

Enhancement of Training Capabilities in VVER Technology Through Establishment of VVER Training Academy

International Nuclear Information System (INIS)

Ilieva, M.; Miteva, R.

2015-01-01

Education and training (E&T) have always been key factor to the sustainability of the nuclear industry. With regard to E&T it is still the challenge to raise the interest of qualified young people of studies and professions related to nuclear technologies. CORONA Project is established to provide a special purpose structure for training and for gathering the existing and generating new knowledge in the VVER area as well as to contribute to transnational mobility and lifelong learning amongst VVER operating countries. CORONA Project consists of two parts: CORONA I (2011–2014) “Establishment of a regional centre of competence for VVER technology and Nuclear Applications”, co-financed by the EC Framework Programme 7 and CORONA II “Enhancement of training capabilities in VVER technology through establishment of VVER training academy”, co-financed by the EURATOM 2014-2015 Working programme of HORIZON 2020. The project is focused on development of training schemes for VVER nuclear professionals, subcontractors, students and for non-nuclear specialists working in support of nuclear applications as civil engineers, physical protection employees, government employees, secondary school teachers, journalists. Safety culture and soft skills training are incorporated as an integral part of all training schemes because they require continuous consideration. It is vital for the acceptance of nuclear energy by the public and for the safe performance of the nuclear installations. CORONA II project is to proceed with the development of state-of-the-art virtual training centre — CORONA Academy. This objective will be realised through networking between universities, research organizations, regulatory bodies, industry and any other organizations involved in the application of nuclear science, ionising radiation and nuclear safety. It will bring together the most experienced trainers and will allow trainees from different locations to access the needed knowledge on demand

Establishing sustainable performance-based incentive schemes: views of rural health workers from qualitative research in three sub-Saharan African countries.

Science.gov (United States)

Yé, M; Aninanya, G A; Sié, A; Kakoko, D C V; Chatio, S; Kagoné, M; Prytherch, H; Loukanova, S; Williams, J E; Sauerborn, R

2014-01-01

Performance-based incentives (PBIs) are currently receiving attention as a strategy for improving the quality of care that health providers deliver. Experiences from several African countries have shown that PBIs can trigger improvements, particularly in the area of maternal and neonatal health. The involvement of health workers in deciding how their performance should be measured is recommended. Only limited information is available about how such schemes can be made sustainable. This study explored the types of PBIs that rural health workers suggested, their ideas regarding the management and sustainability of such schemes, and their views on which indicators best lend themselves to the monitoring of performance. In this article the authors reported the findings from a cross-country survey conducted in Burkina Faso, Ghana and Tanzania. The study was exploratory with qualitative methodology. In-depth interviews were conducted with 29 maternal and neonatal healthcare providers, four district health managers and two policy makers (total 35 respondents) from one district in each of the three countries. The respondents were purposively selected from six peripheral health facilities. Care was taken to include providers who had a management role. By also including respondents from district and policy level a comparison of perspectives from different levels of the health system was facilitated. The data that was collected was coded and analysed with support of NVivo v8 software. The most frequently suggested PBIs amongst the respondents in Burkina Faso were training with per-diems, bonuses and recognition of work done. The respondents in Tanzania favoured training with per-diems, as well as payment of overtime, and timely promotion. The respondents in Ghana also called for training, including paid study leave, payment of overtime and recognition schemes for health workers or facilities. Respondents in the three countries supported the mobilisation of local resources to

Data-derived symbol synchronization of MASK and QASK signals. [Multilevel and Quadrature Amplitude Shift Keying

Science.gov (United States)

Simon, M. K.

1975-01-01

Much has been said in the literature regarding the problem of establishing symbol synchronization in binary baseband digital communication systems. By comparison, the literature contains little information relating to the extraction of symbol sync from multilevel baseband data. With the recent interest in multilevel amplitude-shift keying (MASK) and quadrature amplitude-shift keying (QASK) as signaling techniques for multilevel digital communications systems, the problem of providing symbol synchronization in the receivers of such systems becomes paramount. This paper presents a technique for extracting symbol sync from a MASK or QASK signal which has been transmitted over an infinite-bandwidth white Gaussian noise channel. The scheme is essentially a generalization of the data transition tracking loop (DTTL) which has heretofore been used in PSK systems. The performance of the loop is analyzed in terms of its mean-squared symbol sync jitter and its effects on the data detection process in MASK and QASK systems.

Complex of Key Instruments of Management of Operation Activity of a Small Business Trade Enterprise

Directory of Open Access Journals (Sweden)

Serdyuk Vira M.

2013-11-01

Full Text Available The article offers a complex of key instruments of management of operation activity of a small business trade enterprise, including: 1 budgeting of operation activity; 2 its accounting by norms and deviations from them; 3 monitoring of operational activity of an enterprise, which envisages analysis of revealed deviations. The article shows the most efficient way of realisation and practical use of the presented concept – application of the “standard-cost” scheme within the framework of which the following tasks are solved: 1 budgeting of income from operational activity; 2 establishment of standards of costs; 3 accumulation of data on factual income and expenditures; 4 analysis of deviations and reporting; and 5 introduction of necessary amendments. The article also offers an imitation model of analysis of dynamics of trade processes, which allows detection of key spheres of management of operation activity of a small trade enterprise and principles of carrying out an efficient and well thought over financial policy.

Construction of a knowledge classification scheme for sharing and usage of knowledge

International Nuclear Information System (INIS)

Yoo, Jae Bok; Oh, Jeong Hoon; Lee, Ji Ho; Ko, Young Chul

2003-12-01

To efficiently share knowledge among our members on the basis of knowledge management system, first of all, we need to systematically design the knowledge classification scheme that we can classify these knowledge well. The objective of this project is to construct the most suitable knowledge classification scheme that all of us can share them in Korea Atomic Energy Research Institute(KAERI). To construct the knowledge classification scheme all over the our organization, we established a few principles to design it and examined related many classification schemes. And we carried out 3 steps to complete the best desirable KAERI's knowledge classification scheme, that is, 1) the step to design a draft of the knowledge classification scheme, 2) the step to revise a draft of the knowledge classification scheme, 3) the step to verify the revised scheme and to decide its scheme. The scheme completed as a results of this project is consisted of total 218 items, that is, sections of 8 items, classes of 43 items and sub-classes of 167 items. We expect that the knowledge classification scheme designed as the results of this project can be played an important role as the frame to share knowledge among our members when we introduce knowledge management system in our organization. In addition, we expect that methods to design its scheme as well as this scheme itself can be applied when design a knowledge classification scheme at the other R and D institutes and enterprises

A comparison of carbon allocation schemes: On the equity-efficiency tradeoff

International Nuclear Information System (INIS)

Pan, Xunzhang; Teng, Fei; Wang, Gehua

2014-01-01

In the long-term stabilization targets of greenhouse gases concentrations, various carbon emission rights allocation schemes have been proposed. To compare and evaluate them, the most essential is the equity-efficiency tradeoff. This paper measures the equity and the efficiency in the global rather than the narrower national perspective. Specifically, the equity of the first allocation is quantified by the carbon Gini coefficient defined by per capita cumulative emission, and the economic efficiency to accomplish obligations is described with the discounted global abatement costs. Under 20 key allocation schemes, the numerical comparison on the equity-efficiency tradeoff side is carried out through the Equitable Access to Sustainable Development model. Our studies indicate that the equity and the efficiency of future emission space allocation approximately show a three-stage relationship. - Highlights: • The equity-efficiency tradeoff among 20 key allocation schemes is carried out. • Both the equity and the efficiency are measured in the global perspective. • The Equitable Access to Sustainable Development model is adopted as the study tool. • A practical trade framework is indispensable to efficiently address climate change. • The equity and the efficiency generally show a three-stage tradeoff relationship

Behavior of temperature dependent SRAM-PUFs, and consequences for secret-key capacity

NARCIS (Netherlands)

Kusters, C.J.; Ignatenko, T.; Willems, F.M.J.

2017-01-01

Physical Unclonable Functions (PUFs) are a resource for generating and sharing secret keys. The mutual information between two respective observations of the same PUF gives an upper bound for the achievable secret-key rate of a secret-sharing scheme that relies on this PUF. This mutual information

Cryptanalysis of a computer cryptography scheme based on a filter bank

International Nuclear Information System (INIS)

Arroyo, David; Li Chengqing; Li Shujun; Alvarez, Gonzalo

2009-01-01

This paper analyzes the security of a recently-proposed signal encryption scheme based on a filter bank. A very critical weakness of this new signal encryption procedure is exploited in order to successfully recover the associated secret key.

Decentralising Zimbabwe’s water management: The case of Guyu-Chelesa irrigation scheme

Science.gov (United States)

Tambudzai, Rashirayi; Everisto, Mapedza; Gideon, Zhou

Smallholder irrigation schemes are largely supply driven such that they exclude the beneficiaries on the management decisions and the choice of the irrigation schemes that would best suit their local needs. It is against this background that the decentralisation framework and the Dublin Principles on Integrated Water Resource Management (IWRM) emphasise the need for a participatory approach to water management. The Zimbabwean government has gone a step further in decentralising the management of irrigation schemes, that is promoting farmer managed irrigation schemes so as to ensure effective management of scarce community based land and water resources. The study set to investigate the way in which the Guyu-Chelesa irrigation scheme is managed with specific emphasis on the role of the Irrigation Management Committee (IMC), the level of accountability and the powers devolved to the IMC. Merrey’s 2008 critique of IWRM also informs this study which views irrigation as going beyond infrastructure by looking at how institutions and decision making processes play out at various levels including at the irrigation scheme level. The study was positioned on the hypothesis that ‘decentralised or autonomous irrigation management enhances the sustainability and effectiveness of irrigation schemes’. To validate or falsify the stated hypothesis, data was gathered using desk research in the form of reviewing articles, documents from within the scheme and field research in the form of questionnaire surveys, key informant interviews and field observation. The Statistical Package for Social Sciences was used to analyse data quantitatively, whilst content analysis was utilised to analyse qualitative data whereby data was analysed thematically. Comparative analysis was carried out as Guyu-Chelesa irrigation scheme was compared with other smallholder irrigation scheme’s experiences within Zimbabwe and the Sub Saharan African region at large. The findings were that whilst the

Breakdown of NpNn scheme in very heavy nuclei

International Nuclear Information System (INIS)

Varshney, A.K.; Singh, M.; Kumar, Rajesh; Gupta, K.K.; Gupta, D.K.

2016-01-01

The proton neutron interaction has been considered the key ingredient in the development of configuration mixing, collectivity and ultimately deformation in atomic nuclei for over five decades. Phenomenologically, the correlation of the integrated valance p - n interaction with the onset of collectivity and deformation has been described in terms of NpNn scheme

The Spanish external quality assessment scheme for mercury in urine.

Science.gov (United States)

Quintana, M J; Mazarrasa, O

1996-01-01

In 1986 the Instituto Nacional de Seguridad e Higiene en el Trabajo (INSHT), established the "Programa interlaboratorios de control de calidad de mercurio en orina (PICC-HgU)". The operation of this scheme is explained, criteria for evaluation of laboratory performance are defined and some results obtained are reviewed. Since the scheme started, an improvement in the overall performance of laboratories has been observed. The differences in the analytical methods used by laboratories do not seem to have a clear influence on the results.

A privacy preserving secure and efficient authentication scheme for telecare medical information systems.

Science.gov (United States)

Mishra, Raghavendra; Barnwal, Amit Kumar

2015-05-01

The Telecare medical information system (TMIS) presents effective healthcare delivery services by employing information and communication technologies. The emerging privacy and security are always a matter of great concern in TMIS. Recently, Chen at al. presented a password based authentication schemes to address the privacy and security. Later on, it is proved insecure against various active and passive attacks. To erase the drawbacks of Chen et al.'s anonymous authentication scheme, several password based authentication schemes have been proposed using public key cryptosystem. However, most of them do not present pre-smart card authentication which leads to inefficient login and password change phases. To present an authentication scheme with pre-smart card authentication, we present an improved anonymous smart card based authentication scheme for TMIS. The proposed scheme protects user anonymity and satisfies all the desirable security attributes. Moreover, the proposed scheme presents efficient login and password change phases where incorrect input can be quickly detected and a user can freely change his password without server assistance. Moreover, we demonstrate the validity of the proposed scheme by utilizing the widely-accepted BAN (Burrows, Abadi, and Needham) logic. The proposed scheme is also comparable in terms of computational overheads with relevant schemes.

BSEA: A Blind Sealed-Bid E-Auction Scheme for E-Commerce Applications

Directory of Open Access Journals (Sweden)

Rohit Kumar Das

2016-12-01

Full Text Available Due to an increase in the number of internet users, electronic commerce has grown significantly during the last decade. Electronic auction (e-auction is one of the famous e-commerce applications. Even so, security and robustness of e-auction schemes still remain a challenge. Requirements like anonymity and privacy of the b i d value are under threat from the attackers. Any auction protocol must not leak the anonymity and the privacy of the b i d value of an honest Bidder. Keeping these requirements in mind, we have firstly proposed a controlled traceable blind signature scheme (CTBSS because e-auction schemes should be able to trace the Bidders. Using CTBSS, a blind sealed-bid electronic auction scheme is proposed (BSEA. We have incorporated the notion of blind signature to e-auction schemes. Moreover, both the schemes are based upon elliptic curve cryptography (ECC, which provides a similar level of security with a comparatively smaller key size than the discrete logarithm problem (DLP based e-auction protocols. The analysis shows that BSEA fulfills all the requirements of e-auction protocol, and the total computation overhead is lower than the existing schemes.

A Novel Quantum Image Steganography Scheme Based on LSB

Science.gov (United States)

Zhou, Ri-Gui; Luo, Jia; Liu, XingAo; Zhu, Changming; Wei, Lai; Zhang, Xiafen

2018-06-01

Based on the NEQR representation of quantum images and least significant bit (LSB) scheme, a novel quantum image steganography scheme is proposed. The sizes of the cover image and the original information image are assumed to be 4 n × 4 n and n × n, respectively. Firstly, the bit-plane scrambling method is used to scramble the original information image. Then the scrambled information image is expanded to the same size of the cover image by using the key only known to the operator. The expanded image is scrambled to be a meaningless image with the Arnold scrambling. The embedding procedure and extracting procedure are carried out by K 1 and K 2 which are under control of the operator. For validation of the presented scheme, the peak-signal-to-noise ratio (PSNR), the capacity, the security of the images and the circuit complexity are analyzed.

A novel image encryption scheme based on the ergodicity of baker map

Science.gov (United States)

Ye, Ruisong; Chen, Yonghong

2012-01-01

Thanks to the exceptionally good properties in chaotic systems, such as sensitivity to initial conditions and control parameters, pseudo-randomness and ergodicity, chaos-based image encryption algorithms have been widely studied and developed in recent years. A novel digital image encryption scheme based on the chaotic ergodicity of Baker map is proposed in this paper. Different from traditional encryption schemes based on Baker map, we permute the pixel positions by their corresponding order numbers deriving from the approximating points in one chaotic orbit. To enhance the resistance to statistical and differential attacks, a diffusion process is suggested as well in the proposed scheme. The proposed scheme enlarges the key space significantly to resist brute-force attack. Additionally, the distribution of gray values in the cipher-image has a random-like behavior to resist statistical analysis. The proposed scheme is robust against cropping, tampering and noising attacks as well. It therefore suggests a high secure and efficient way for real-time image encryption and transmission in practice.

The use and management of water in the Likangala Irrigation Scheme Complex in Southern Malawi

Science.gov (United States)

Mulwafu, Wapulumuka O.; Nkhoma, Bryson G.

This paper examines the uses and management of water for agriculture in Lake Chilwa catchment area in Zomba district of Southern Malawi. It focuses on the Likangala Rice Irrigation Scheme Complex situated along the Likangala River. The scheme is one of the largest government-run schemes. Established in the late 1960s by the government to meet the growing demand for rice, the scheme contributes greatly to the agricultural industry of the country. Besides, the scheme was established to ensure maximum utilization of Malawi's largest wetland, which, due to its hydromorphic soils and the littoral floodplains, does not favour the production of traditional upland seasonal crops such as maize. The scheme's overdependence on water from the Likangala River has attracted a considerable degree of academic interest in the use and management of the river to ensure that there is equity and efficiency for both productive and domestic users. The paper focuses on four main issues: the historical development of the scheme, the distribution of water to farmers, social relations, and the overall contribution of the scheme towards the social and economic development of the area and the country in general. The paper contends that the growing population of the basin and the increase in the number of formal and informal smallholder farmers, contributes greatly to the growth of competition and conflicts over water, which tends to undermine the economic potential of the scheme. Furthermore, the paper provides clearest indication of the need for a realistic and informed water management policy and strategy to solve the growing problem of social inequity without necessarily compromising the production of rice in the scheme.

Strong Authentication Scheme Based on Hand Geometry and Smart Card Factors

Directory of Open Access Journals (Sweden)

Ali A. Yassin

2016-07-01

Full Text Available In 2009, Xu et al. presented a safe, dynamic, id-based on remote user authentication method that has several advantages such as freely chosen passwords and mutual authentication. In this paper, we review the Xu–Zhu–Feng scheme and indicate many shortcomings in their scheme. Impersonation attacks and insider attacks could be effective. To overcome these drawbacks, we propose a secure biometric-based remote authentication scheme using biometric characteristics of hand-geometry, which is aimed at withstanding well-known attacks and achieving good performance. Furthermore, our work contains many crucial merits such as mutual authentication, user anonymity, freely chosen passwords, secure password changes, session key agreements, revocation by using personal biometrics, and does not need extra device or software for hand geometry in the login phase. Additionally, our scheme is highly efficient and withstands existing known attacks like password guessing, server impersonation, insider attacks, denial of service (DOS attacks, replay attacks, and parallel-session attacks. Compared with the other related schemes, our work is powerful both in communications and computation costs.

Overcoming the rate-distance limit of quantum key distribution without quantum repeaters.

Science.gov (United States)

Lucamarini, M; Yuan, Z L; Dynes, J F; Shields, A J

2018-05-01

Quantum key distribution (QKD) 1,2 allows two distant parties to share encryption keys with security based on physical laws. Experimentally, QKD has been implemented via optical means, achieving key rates of 1.26 megabits per second over 50 kilometres of standard optical fibre 3 and of 1.16 bits per hour over 404 kilometres of ultralow-loss fibre in a measurement-device-independent configuration 4 . Increasing the bit rate and range of QKD is a formidable, but important, challenge. A related target, which is currently considered to be unfeasible without quantum repeaters 5-7 , is overcoming the fundamental rate-distance limit of QKD 8 . This limit defines the maximum possible secret key rate that two parties can distil at a given distance using QKD and is quantified by the secret-key capacity of the quantum channel 9 that connects the parties. Here we introduce an alternative scheme for QKD whereby pairs of phase-randomized optical fields are first generated at two distant locations and then combined at a central measuring station. Fields imparted with the same random phase are 'twins' and can be used to distil a quantum key. The key rate of this twin-field QKD exhibits the same dependence on distance as does a quantum repeater, scaling with the square-root of the channel transmittance, irrespective of who (malicious or otherwise) is in control of the measuring station. However, unlike schemes that involve quantum repeaters, ours is feasible with current technology and presents manageable levels of noise even on 550 kilometres of standard optical fibre. This scheme is a promising step towards overcoming the rate-distance limit of QKD and greatly extending the range of secure quantum communications.

A Public-key based Information Management Model for Mobile Agents

OpenAIRE

Rodriguez, Diego; Sobrado, Igor

2000-01-01

Mobile code based computing requires development of protection schemes that allow digital signature and encryption of data collected by the agents in untrusted hosts. These algorithms could not rely on carrying encryption keys if these keys could be stolen or used to counterfeit data by hostile hosts and agents. As a consequence, both information and keys must be protected in a way that only authorized hosts, that is the host that provides information and the server that has sent the mobile a...

An Improvement of Robust and Efficient Biometrics Based Password Authentication Scheme for Telecare Medicine Information Systems Using Extended Chaotic Maps.

Science.gov (United States)

Moon, Jongho; Choi, Younsung; Kim, Jiye; Won, Dongho

2016-03-01

Recently, numerous extended chaotic map-based password authentication schemes that employ smart card technology were proposed for Telecare Medical Information Systems (TMISs). In 2015, Lu et al. used Li et al.'s scheme as a basis to propose a password authentication scheme for TMISs that is based on biometrics and smart card technology and employs extended chaotic maps. Lu et al. demonstrated that Li et al.'s scheme comprises some weaknesses such as those regarding a violation of the session-key security, a vulnerability to the user impersonation attack, and a lack of local verification. In this paper, however, we show that Lu et al.'s scheme is still insecure with respect to issues such as a violation of the session-key security, and that it is vulnerable to both the outsider attack and the impersonation attack. To overcome these drawbacks, we retain the useful properties of Lu et al.'s scheme to propose a new password authentication scheme that is based on smart card technology and requires the use of chaotic maps. Then, we show that our proposed scheme is more secure and efficient and supports security properties.

Key Management for Secure Multicast over IPv6 Wireless Networks

Directory of Open Access Journals (Sweden)

Siddiqi Mohammad Umar

2006-01-01

Full Text Available Multicasting is an efficient method for transmission and routing of packets to multiple destinations using fewer network resources. Along with widespread deployment of wireless networks, secure multicast over wireless networks is an important and challenging goal. In this paper, we extend the scope of a recent new key distribution scheme to a security framework that offers a novel solution for secure multicast over IPv6 wireless networks. Our key management framework includes two scenarios for securely distributing the group key and rekey messages for joining and leaving a mobile host in secure multicast group. In addition, we perform the security analysis and provide performance comparisons between our approach and two recently published scenarios. The benefits of our proposed techniques are that they minimize the number of transmissions required to rekey the multicast group and impose minimal storage requirements on the multicast group. In addition, our proposed schemes are also very desirable from the viewpoint of transmission bandwidth savings since an efficient rekeying mechanism is provided for membership changes and they significantly reduce the required bandwidth due to key updating in mobile networks. Moreover, they achieve the security and scalability requirements in wireless networks.

Experimental demonstration of subcarrier multiplexed quantum key distribution system.

Science.gov (United States)

Mora, José; Ruiz-Alba, Antonio; Amaya, Waldimar; Martínez, Alfonso; García-Muñoz, Víctor; Calvo, David; Capmany, José

2012-06-01

We provide, to our knowledge, the first experimental demonstration of the feasibility of sending several parallel keys by exploiting the technique of subcarrier multiplexing (SCM) widely employed in microwave photonics. This approach brings several advantages such as high spectral efficiency compatible with the actual secure key rates, the sharing of the optical fainted pulse by all the quantum multiplexed channels reducing the system complexity, and the possibility of upgrading with wavelength division multiplexing in a two-tier scheme, to increase the number of parallel keys. Two independent quantum SCM channels featuring a sifted key rate of 10 Kb/s/channel over a link with quantum bit error rate <2% is reported.

Energy-efficient key distribution using electrocardiograph biometric set for secure communications in wireless body healthcare networks.

Science.gov (United States)

Shi, Jinyang; Lam, Kwok-Yan; Gu, Ming; Li, Mingze; Chung, Siu-Leung

2011-10-01

Wireless body sensor network (WBSN) has gained significant interests as an important infrastructure for real-time biomedical healthcare systems, while the security of the sensitive health information becomes one of the main challenges. Due to the constraints of limited power, traditional cryptographic key distribution schemes are not suitable for WBSN. This paper proposes a novel energy-efficient approach, BodyKey, which can distribute the keys using the electrocardiograph biometrics. BodyKey represents the biometric features as ordered set, and deals with the biometric variations using set reconciliation. In this way, only limited necessary information needs to be communicated for key agreement, and the total energy consumption for key distribution can thus be reduced. Experiments on the PhysioBank Database show that BodyKey can perform an energy consumption rate of 0.01 mJ/bit with an equal accuracy rate of 97.28%, allowing the system to be used as an energy-efficient key distribution scheme for secure communications in WBSN.

Security proof of continuous-variable quantum key distribution using three coherent states

Science.gov (United States)

Brádler, Kamil; Weedbrook, Christian

2018-02-01

We introduce a ternary quantum key distribution (QKD) protocol and asymptotic security proof based on three coherent states and homodyne detection. Previous work had considered the binary case of two coherent states and here we nontrivially extend this to three. Our motivation is to leverage the practical benefits of both discrete and continuous (Gaussian) encoding schemes creating a best-of-both-worlds approach; namely, the postprocessing of discrete encodings and the hardware benefits of continuous ones. We present a thorough and detailed security proof in the limit of infinite signal states which allows us to lower bound the secret key rate. We calculate this is in the context of collective eavesdropping attacks and reverse reconciliation postprocessing. Finally, we compare the ternary coherent state protocol to other well-known QKD schemes (and fundamental repeaterless limits) in terms of secret key rates and loss.

Further attacks on Yeung-Mintzer fragile watermarking scheme

Science.gov (United States)

Fridrich, Jessica; Goljan, Miroslav; Memon, Nasir D.

2000-05-01

In this paper, we describe new and improved attacks on the authentication scheme previously proposed by Yeung and Mintzer. Previous attacks assumed that the binary watermark logo inserted in an image for the purposes of authentication was known. Here we remove that assumption and show how the scheme is still vulnerable, even if the binary logo is not known but the attacker has access to multiple images that have been watermarked with the same secret key and contain the same (but unknown) logo. We present two attacks. The first attack infers the secret watermark insertion function and the binary logo, given multiple images authenticated with the same key and containing the same logo. We show that a very good approximation to the logo and watermark insertion function can be constructed using as few as two images. With color images, one needs many more images, nevertheless the attack is still feasible. The second attack we present, which we call the 'collage-attack' is a variation of the Holliman-Memon counterfeiting attack. The proposed variation does not require knowledge of the watermark logo and produces counterfeits of superior quality by means of a suitable dithering process that we develop.

Comparative Study between Two Schemes of Active-Control-Based Mechatronic Inerter

Directory of Open Access Journals (Sweden)

He Lingduo

2017-01-01

Full Text Available Based on force-current analogy and velocity-voltage analogy in the theory of electromechanical analogy, the inerter is a device that corresponded to the capacitor completely where conquers the nature restriction of mass, what’s more, it is significant to improve the ratio of the inerter’s inertance to its mass for mechanical networks synthesis. And according to the principle of active-control-based mechatronic inerter, we present two implementation schemes. One was based on linear motor, and the other was based on the ball screw and rotary motor. We introduced the implementation methods and established theoretical model of the two schemes, then compared the ratio of the inerter’s inertance to its mass for the two schemes. Finally, we consider the scheme is better which was based on the ball screw and rotary motor.

How Governance Regimes Shape the Implementation of Water Reuse Schemes

Directory of Open Access Journals (Sweden)

Jos Frijns

2016-12-01

Full Text Available The governance dimensions of water reuse scheme development and operation, such as policies and regulatory frameworks, and public involvement and stakeholder collaboration, can serve to both facilitate and constrain wider adoption of water reuse practices. This paper explores the significance and underlying structure of the key governance challenges facing the water reuse sector in Europe. It presents empirical evidence from interviews and focus group sessions conducted at four water reuse schemes: an indirect potable reuse scheme at Torreele (Belgium, the urban reuse of treated municipal wastewater at the London Olympic Park (United Kingdom and at Sabadell (Spain, and the reuse of agro-industrial effluent for irrigation at Capitanata (Italy. The findings underscore the importance of clarity in policy arrangements around water reuse, as well as of the financial competitiveness of reuse projects compared to alternative water supply options. Operators of water reuse schemes expressed a preference for water quality standards, which focus on appropriateness for use rather than over-emphasise the waters’ origin so that unnecessary treatment and costs can be avoided. Positive public support was widely acknowledged as an important factor in the success or failure of water reuse schemes. We conclude that constructive institutional relationships underpin many of the challenges faced by reuse scheme operators and that greater emphasis should be given to building confidence and gaining trust in water service providers through early identification of how governance regimes shape the viability of new schemes.

A key distribution scheme using elliptic curve cryptography in wireless sensor networks

CSIR Research Space (South Africa)

Louw, J

2016-12-01

Full Text Available Wireless sensor networks (WSNs) have become increasingly popular in many applications across a broad range of fields. Securing WSNs poses unique challenges mainly due to their resource constraints. Traditional public key cryptography (PKC...

Comparison of two schemes for automatic keyword extraction from MEDLINE for functional gene clustering.

Science.gov (United States)

Liu, Ying; Ciliax, Brian J; Borges, Karin; Dasigi, Venu; Ram, Ashwin; Navathe, Shamkant B; Dingledine, Ray

2004-01-01

One of the key challenges of microarray studies is to derive biological insights from the unprecedented quatities of data on gene-expression patterns. Clustering genes by functional keyword association can provide direct information about the nature of the functional links among genes within the derived clusters. However, the quality of the keyword lists extracted from biomedical literature for each gene significantly affects the clustering results. We extracted keywords from MEDLINE that describes the most prominent functions of the genes, and used the resulting weights of the keywords as feature vectors for gene clustering. By analyzing the resulting cluster quality, we compared two keyword weighting schemes: normalized z-score and term frequency-inverse document frequency (TFIDF). The best combination of background comparison set, stop list and stemming algorithm was selected based on precision and recall metrics. In a test set of four known gene groups, a hierarchical algorithm correctly assigned 25 of 26 genes to the appropriate clusters based on keywords extracted by the TDFIDF weighting scheme, but only 23 og 26 with the z-score method. To evaluate the effectiveness of the weighting schemes for keyword extraction for gene clusters from microarray profiles, 44 yeast genes that are differentially expressed during the cell cycle were used as a second test set. Using established measures of cluster quality, the results produced from TFIDF-weighted keywords had higher purity, lower entropy, and higher mutual information than those produced from normalized z-score weighted keywords. The optimized algorithms should be useful for sorting genes from microarray lists into functionally discrete clusters.

Key handling in wireless sensor networks

International Nuclear Information System (INIS)

Li, Y; Newe, T

2007-01-01

With the rapid growth of Wireless Sensor Networks (WSNs), many advanced application areas have received significant attention. However, security will be an important factor for their full adoption. Wireless sensor nodes pose unique challenges and as such traditional security protocols, used in traditional networks cannot be applied directly. Some new protocols have been published recently with the goal of providing both privacy of data and authentication of sensor nodes for WSNs. Such protocols can employ private-key and/or public key cryptographic algorithms. Public key algorithms hold the promise of simplifying the network infrastructure required to provide security services such as: privacy, authentication and non-repudiation, while symmetric algorithms require less processing power on the lower power wireless node. In this paper a selection of key establishment/agreement protocols are reviewed and they are broadly divided into two categories: group key agreement protocols and pair-wise key establishment protocols. A summary of the capabilities and security related services provided by each protocol is provided