We present chaining techniques for signing/verifying multiple packets using a single signing/verification operation. We then present flow signing and verification procedures based upon a tree chaining technique. Since a single signing/verification operation is amortized over many packets, these procedures improve signing and verification rates by one to two orders of magnitude compared to the approach of signing/verifying packets individually. Our procedures do not depend upon reliable delivery of packets, provide delay-bounded signing, and are thus suitable for delay-sensitive flows and multicast applications. To further improve our procedures, we propose several extensions to the Feige-Fiat-Shamir digital signature scheme to substantially speed up both the signing and verification operations, as well as to allow "adjustable and incremental" verification. The extended scheme, called eFFS, is compared to four other digital signature schemes (RSA, DSA, ElGamal, Rabin). We compare their ...

and the United States Postal Service. The views and conclusions in this document are my own and should not be interpreted as representing the official policies, either expressed or implied, of any supporting organization or the U.S. Government.

Network-based intrusion has become a serious threat to today's highly networked information systems, existing intrusion defense approaches such as intrusion prevention, detection, tolerance and response are ')9assire" in response to network-based intrusions in that their countermeasures are limited to being local to the intrusion target and there is no automated, network-wide counteraction against detected intrusions. While they all play an important role in counteracting network-based intrusion, they do not, however, effectively address the root cause of the problem - intruders.

strong and steady yet unassuming guidance made me what I am today. I miss him dearly. ACKNOWLEDGMENTS I owe a great deal of my success to the values instilled in me by my family. First, I would like to thank my parents, Grace Marie Jones Daniels and Thomas Arthur Daniels, who always encouraged me to make a better life for myself through advancing my education. Second, I would like to thank my uncle and aunt, Clarence and Betty Jones, for stressing that education was the way to go further in life. Third, I thank my in–laws, the Martin and Martha Walker family, for helping my wife and I numerous times during our many years of post-secondary education. Fourth, I thank my uncle and aunt, Jesse and the late Mary Ellen (Daniels) Masters, for their moral and monetary support to continue my education. Finally, I do not know what I would have done without the constant loving support and friendship of my wife, Dr. Jennifer Lea Walker–Daniels. She has given me two wonderful children and the emotional and practical support to complete this work. Many people at the Center for Education and Research in Information Assurance

Nyberg and Ruppel first proposed a signature scheme with message recovery based on DSA in 1993, and the authenticated encryption scheme is a special application of their scheme. Afterward, there are many papers proposed about the authenticated encryption schemes. The signature scheme can reduce the transmitted cost, because the message has been contained in the signature of the message and the signer does not necessary to send the receiver the message and the signature. The scheme is very suitable for the key agreement application, because a key is a small amount of a message. In order to comprehend and interpret the authenticated encryption schemes overall, we discuss the evolution and the existed problems of authenticated encryption schemes.

Abstract not found