Results 1  10
of
35
A survey of algebraic properties used in cryptographic protocols
 JOURNAL OF COMPUTER SECURITY
"... Cryptographic protocols are successfully analyzed using formal methods. However, formal approaches usually consider the encryption schemes as black boxes and assume that an adversary cannot learn anything from an encrypted message except if he has the key. Such an assumption is too strong in general ..."
Abstract

Cited by 69 (20 self)
 Add to MetaCart
(Show Context)
Cryptographic protocols are successfully analyzed using formal methods. However, formal approaches usually consider the encryption schemes as black boxes and assume that an adversary cannot learn anything from an encrypted message except if he has the key. Such an assumption is too strong in general since some attacks exploit in a clever way the interaction between protocol rules and properties of cryptographic operators. Moreover, the executability of some protocols relies explicitly on some algebraic properties of cryptographic primitives such as commutative encryption. We give a list of some relevant algebraic properties of cryptographic operators, and for each of them, we provide examples of protocols or attacks using these properties. We also give an overview of the existing methods in formal approaches for analyzing cryptographic proto
Secure kNN Computation on Encrypted Databases
"... Service providers like Google and Amazon are moving into the SaaS (Software as a Service) business. They turn their huge infrastructure into a cloudcomputing environment and aggressively recruit businesses to run applications on their platforms. To enforce security and privacy on such a service mod ..."
Abstract

Cited by 57 (0 self)
 Add to MetaCart
Service providers like Google and Amazon are moving into the SaaS (Software as a Service) business. They turn their huge infrastructure into a cloudcomputing environment and aggressively recruit businesses to run applications on their platforms. To enforce security and privacy on such a service model, we need to protect the data running on the platform. Unfortunately, traditional encryption methods that aim at providing “unbreakable ” protection are often not adequate because they do not support the execution of applications such as database queries on the encrypted data. In this paper we discuss the general problem of secure computation on an encrypted database and propose a SCONEDB (Secure Computation ON an Encrypted DataBase) model, which captures the execution and security requirements. As a case study, we focus on the problem of knearest neighbor (kNN) computation on an encrypted database. We develop a new asymmetric scalarproductpreserving encryption (ASPE) that preserves a special type of scalar product. We use APSE to construct two secure schemes that support kNN computation on encrypted data; each of these schemes is shown to resist practical attacks of a different background knowledge level, at a different overhead cost. Extensive performance studies are carried out to evaluate the overhead and the efficiency of the schemes.
Hash function balance and its impact on birthday attacks
 Advances in Cryptology – EUROCRYPT ’04, Lecture Notes in Computer Science
, 2004
"... Abstract. Textbooks tell us that a birthday attack on a hash function h with range size r requires r 1/2 trials (hash computations) to find a collision. But this is quite misleading, being true only if h is regular, meaning all points in the range have the same number of preimages under h; if h is ..."
Abstract

Cited by 34 (2 self)
 Add to MetaCart
(Show Context)
Abstract. Textbooks tell us that a birthday attack on a hash function h with range size r requires r 1/2 trials (hash computations) to find a collision. But this is quite misleading, being true only if h is regular, meaning all points in the range have the same number of preimages under h; if h is not regular, fewer trials may be required. But how much fewer? This paper addresses this question by introducing a measure of the “amount of regularity ” of a hash function that we call its balance, and then providing estimates of the successrate of the birthday attack, and the expected number of trials to find a collision, as a function of the balance of the hash function being attacked. In particular, we will see that the number of trials can be significantly less than r 1/2 for hash functions of low balance. This leads us to examine popular design principles, such as the MD (MerkleDamg˚ard) transform, from the point of view of balance preservation, and to mount experiments to determine the balance of popular hash functions. 1
Optimal Locally Repairable and Secure Codes for Distributed Storage Systems
, 2013
"... This paper aims to go beyond resilience into the study of security and localrepairability for distributed storage systems (DSS). Security and localrepairability are both important as features of an efficient storage system, and this paper aims to understand the tradeoffs between resilience, sec ..."
Abstract

Cited by 30 (7 self)
 Add to MetaCart
This paper aims to go beyond resilience into the study of security and localrepairability for distributed storage systems (DSS). Security and localrepairability are both important as features of an efficient storage system, and this paper aims to understand the tradeoffs between resilience, security, and localrepairability in these systems. In particular, this paper first investigates security in the presence of colluding eavesdroppers, where eavesdroppers are assumed to work together in decoding stored information. Second, the paper focuses on coding schemes that enable optimal local repairs. It further brings these two concepts together, to develop locally repairable coding schemes for DSS that are secure against eavesdroppers. The main results of this paper include: a. An improved bound on the secrecy capacity for minimum storage regenerating codes, b. secure coding schemes that achieve the bound for some special cases, c. a new bound on minimum distance for locally repairable codes, d. code construction for locally repairable codes that attain the minimum distance bound, and e. repairbandwidthefficient locally repairable codes with and without security constraints.
Survey Paper: Cryptography Is The Science Of Information Security
"... Cryptography in the past was used in keeping military information, diplomatic correspondence secure and in protecting the national security. However, the use was limited. Nowadays, the range of cryptography applications have been expanded a lot in the modern area after the development of communicati ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
(Show Context)
Cryptography in the past was used in keeping military information, diplomatic correspondence secure and in protecting the national security. However, the use was limited. Nowadays, the range of cryptography applications have been expanded a lot in the modern area after the development of communication means; cryptography is essentially required to ensure that data are protected against penetrations and to prevent espionage. Also, cryptography is a powerful mean in securing ecommerce. Cryptography is used to ensure that the contents of a message are confidentiality transmitted and would not be altered. Confidentiality means nobody can understand the received message except the one who has the decipher key, and data cannot be changed means the original information would not be changed or modified; this is done when the sender includes a cryptographic operation called a hash function in the original message. A hash function is a mathematical representation of the information, when any information arrives at its receiver; the receiver calculates the value of this hash function. If the receiver’s hash function value is equivalent to the sender’s, the integrity of the message is assured. Keyword: Symmetric Encryption, A Symmetric Encryption,Hash Algorithm, Caesar Table. 1.
777—793 Transactions
 on Software Engineering
, 1996
"... Feng, who have raised me to be the person I am today. Thank you for all the unconditional love, guidance, and support that you have always given me. iii The evolution of wireless networks and mobile device technologies has increased concerns about performance and security of mobile systems. We propo ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
Feng, who have raised me to be the person I am today. Thank you for all the unconditional love, guidance, and support that you have always given me. iii The evolution of wireless networks and mobile device technologies has increased concerns about performance and security of mobile systems. We propose a new secured applicationlevel architecture for a twoparty mobile payment transaction that is carried out between a resourcelimited mobile device and a resourcerich computer server over wireless networks. As an example of such transactions, the mobile banking transaction is focused on throughout this thesis. The proposed architecture, namely SA2pMP, employs a lightweight cryptography scheme (combining both a Publickey cryptography algorithm (ECDSA) and a Symmetrickey cryptography algorithm (AES)), a multifactor authentication mechanism, and a transaction log strategy. The proposed architecture is designed to satisfy the four properties of confidentiality, authentication, integrity and nonrepudiation that are required by any secure system. The architecture can be implemented on a Java ME enabled mobile
Implementing Data Security in Student Lifecycle Management System
"... www.unipr.edu/fiek Abstract: In this paper is presented a novel approach for fulfilling the data security criteria in a Student Lifecycle Management System at the University of Prishtina. The four main criteria of data security such as: privacy, authentication, integrity and nonrepudiation are fu ..."
Abstract
 Add to MetaCart
(Show Context)
www.unipr.edu/fiek Abstract: In this paper is presented a novel approach for fulfilling the data security criteria in a Student Lifecycle Management System at the University of Prishtina. The four main criteria of data security such as: privacy, authentication, integrity and nonrepudiation are fulfilled through carefully selected security policies. Student data privacy is achieved using the Secure Socket Layer protocol for web communication with web server. Each user, being student, academic or administrative staff is provided with unique user name and initial password in the Student Lifecycle Management System. Data integrity and nonrepudiation are fulfilled using digital signatures. The novelty of implemented solution is based on extending the subject name in X.509 digital certificates and using this certificate for securing student grades, which is in full compliance with the Kosovo Law on Information Society. Public Key Infrastructure and X.509 digital certificates have been established as the most trustworthy methods for assuring data security criteria in modern software applications. Security policy enforces that digital certificate and its associated private key shall be stored in a smart card. Access to private key stored in a smart card is protected by Personal Identification Number, known only by smart card holder. This implementation was installed at the Faculty of Electrical and Computer Engineering and has successfully passed a six semester testing period and students were, for the first time in the history of the University of Prishtina, able to apply online to take an exam.
Routing Strategy Based on Local Density Sensing in Delay Tolerant Network
"... Abstract—Aiming at the interval connectivity and the limitation of available storage and internodes throughput in delay tolerant network, this paper designs a kind of DensityAware Routing Scheme (DARS) for its messaging service. According to the density of nodes, the direction that messages are for ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract—Aiming at the interval connectivity and the limitation of available storage and internodes throughput in delay tolerant network, this paper designs a kind of DensityAware Routing Scheme (DARS) for its messaging service. According to the density of nodes, the direction that messages are forwarded to the dense area is decided. The change of correlation time between networks is used to evaluate local density and decide how to exchange information with a certain node met in the process of moving. Simulation results show that the proposed scheme has simplicity and low complexity. In the delay tolerant network of nonuniform node distribution, the message transfer rate and communication overhead get fairly good effect.
Signature
, 2008
"... The key substitution property is introduced by BlakeWilson and Menezes [1] and formalized by Menezes and Smart [8] as attacks. The key substitution property is as follow: another person other than true signer can produce another public (and secret) key such that a message and signature pair created ..."
Abstract
 Add to MetaCart
The key substitution property is introduced by BlakeWilson and Menezes [1] and formalized by Menezes and Smart [8] as attacks. The key substitution property is as follow: another person other than true signer can produce another public (and secret) key such that a message and signature pair created by the signer is valid under the public key. The research of the key substitution attacks [8, 6, 10, 2, 11, 12] is only to attack a certain signature scheme or only to detect the attacks so far. In this paper, we introduce keysubstitutable signature scheme. In the keysubstitutable signature scheme, it is basically infeasible to produce a substitute public key, however, an user can create a substituted key pair by interaction with the original signer. We propose the formal model of the keysubstitutable signature scheme and formalize the security requirements, unforgeability and nonsubstitutability. We also propose a construction of keysubstitutable signature scheme based on ElGamal signature scheme and prove that the construction satisfies the all security requirements. Furthermore, we construct a new certifiedsignature scheme achieving higher security based on keysubstitutable signature schemes. We also show that the “traditional ” certifiedsignature scheme in [3] does not satisfy this higher security. Keywords: signature scheme, key substitution attack, certifiedsignature scheme. 1