Results 1  10
of
170
Plutus: Scalable secure file sharing on untrusted storage
, 2003
"... Plutus is a cryptographic storage system that enables secure file sharing without placing much trust on the file servers. In particular, it makes novel use of cryptographic primitives to protect and share files. Plutus features highly scalable key management while allowing individual users to retain ..."
Abstract

Cited by 212 (2 self)
 Add to MetaCart
(Show Context)
Plutus is a cryptographic storage system that enables secure file sharing without placing much trust on the file servers. In particular, it makes novel use of cryptographic primitives to protect and share files. Plutus features highly scalable key management while allowing individual users to retain direct control over who gets access to their files. We explain the mechanisms in Plutus to reduce the number of cryptographic keys exchanged between users by using filegroups, distinguish file read and write access, handle user revocation efficiently, and allow an untrusted server to authorize file writes. We have built a prototype of Plutus on OpenAFS. Measurements of this prototype show that Plutus achieves strong security with overhead comparable to systems that encrypt all network traffic.
An algebraic method for publickey cryptography
 MATHEMATICAL RESEARCH LETTERS
, 1999
"... Algebraic key establishment protocols based on the difficulty of solving equations over algebraic structures are described as a theoretical basis for constructing publickey cryptosystems. ..."
Abstract

Cited by 151 (2 self)
 Add to MetaCart
Algebraic key establishment protocols based on the difficulty of solving equations over algebraic structures are described as a theoretical basis for constructing publickey cryptosystems.
Tinypk: securing sensor networks with public key technology
 In SASN ’04: Proceedings of the 2nd ACM Workshop on Security of Ad Hoc and Sensor Networks
, 2004
"... Wireless networks of miniaturized, lowpower sensor/actuator devices are poised to become widely used in commercial and military environments. The communication security problems for these networks are exacerbated by the limited power and energy of the sensor devices. In this paper, we describe the ..."
Abstract

Cited by 147 (0 self)
 Add to MetaCart
(Show Context)
Wireless networks of miniaturized, lowpower sensor/actuator devices are poised to become widely used in commercial and military environments. The communication security problems for these networks are exacerbated by the limited power and energy of the sensor devices. In this paper, we describe the design and implementation of publickey(PK)based protocols that allow authentication and key agreement between a sensor network and a third party as well as between two sensor networks. Our work is novel in that PK technology was commonly believed to be too inefficient for use on lowpower devices. As part of our solution, we exploit the efficiency of public operations in the RSA cryptosystem and design protocols that place the computationally expensive operations on the parties external to the sensor network, when possible. Our protocols have been implemented on UC Berkeley MICA2 motes using the TinyOS development environment.
New Publickey Cryptosystem Using Braid Groups
 Advances in cryptology—CRYPTO 2000 (Santa Barbara, CA), 166–183, Lecture Notes in Comput. Sci. 1880
, 2000
"... Abstract. The braid groups are infinite noncommutative groups naturally arising from geometric braids. The aim of this article is twofold. One is to show that the braid groups can serve as a good source to enrich cryptography. The feature that makes the braid groups useful to cryptography includes ..."
Abstract

Cited by 125 (4 self)
 Add to MetaCart
Abstract. The braid groups are infinite noncommutative groups naturally arising from geometric braids. The aim of this article is twofold. One is to show that the braid groups can serve as a good source to enrich cryptography. The feature that makes the braid groups useful to cryptography includes the followings: (i) The word problem is solved via a fast algorithm which computes the canonical form which can be efficiently manipulated by computers. (ii) The group operations can be performed efficiently. (iii) The braid groups have many mathematically hard problems that can be utilized to design cryptographic primitives. The other is to propose and implement a new key agreement scheme and public key cryptosystem based on these primitives in the braid groups. The efficiency of our systems is demonstrated by their speed and information rate. The security of our systems is based on topological, combinatorial and grouptheoretical problems that are intractible according to our current mathematical knowledge. The foundation of our systems is quite different from widely used cryptosystems based on number theory, but there are some similarities in design. Key words: public key cryptosystem, braid group, conjugacy problem, key exchange, hard problem, noncommutative group, oneway function, public key infrastructure 1
Treebased group key agreement
 ACM Transactions on Information and System Security
, 2004
"... Abstract. Secure and reliable group communication is an active area of research. Its popularity is caused by the growing importance of grouporiented and collaborative applications. The central research challenge is secure and efficient group key management. While centralized methods are often appro ..."
Abstract

Cited by 108 (5 self)
 Add to MetaCart
Abstract. Secure and reliable group communication is an active area of research. Its popularity is caused by the growing importance of grouporiented and collaborative applications. The central research challenge is secure and efficient group key management. While centralized methods are often appropriate for key distribution in large multicaststyle groups, many collaborative group settings require distributed key agreement techniques. This work investigates a novel group key agreement approach which blends socalled key trees with DiffieHellman key exchange. It yields a secure protocol suite (TGDH) that is both simple and faulttolerant. Moreover, the efficiency of TGDH appreciably surpasses that of prior art. 1
The OneMoreRSAInversion Problems and the Security of Chaum’s Blind Signature Scheme
 Journal of Cryptology
, 2003
"... Abstract We introduce a new class of computational problems which we call the "onemoreRSAinversion " problems. Our main result is that two problems in this class, which we call the chosentarget and knowntarget inversion problems respectively, have polynomiallyequivalent comput ..."
Abstract

Cited by 92 (5 self)
 Add to MetaCart
(Show Context)
Abstract We introduce a new class of computational problems which we call the &quot;onemoreRSAinversion &quot; problems. Our main result is that two problems in this class, which we call the chosentarget and knowntarget inversion problems respectively, have polynomiallyequivalent computational complexity. We show how this leads to a proof of security for Chaum's RSAbased blind signature scheme in the random oracle model based on the assumed hardness of either of these problems. We define and prove analogous results for &quot;onemorediscretelogarithm &quot; problems. Since the appearence of the preliminary version of this paper, the new problems we have introduced have found other uses as well.
The two faces of lattices in cryptology
 Cryptography and lattices conference  CaLC 2001
, 2001
"... ..."
(Show Context)
FloatingPoint LLL Revisited
, 2005
"... The LenstraLenstraLovász lattice basis reduction algorithm (LLL or L³) is a very popular tool in publickey cryptanalysis and in many other fields. Given an integer ddimensional lattice basis with vectors of norm less than B in an ndimensional space, L³ outputs a socalled L³reduced basis in po ..."
Abstract

Cited by 53 (7 self)
 Add to MetaCart
(Show Context)
The LenstraLenstraLovász lattice basis reduction algorithm (LLL or L³) is a very popular tool in publickey cryptanalysis and in many other fields. Given an integer ddimensional lattice basis with vectors of norm less than B in an ndimensional space, L³ outputs a socalled L³reduced basis in polynomial time O(d 5 n log³ B), using arithmetic operations on integers of bitlength O(d log B). This worstcase complexity is problematic for lattices arising in cryptanalysis where d or/and log B are often large. As a result, the original L³ is almost never used in practice. Instead, one applies floatingpoint variants of L³, where the longinteger arithmetic required by GramSchmidt orthogonalisation (central in L³) is replaced by floatingpoint arithmetic. Unfortunately, this is known to be unstable in the worstcase: the usual floatingpoint L³ is not even guaranteed to terminate, and the output basis may not be L³reduced at all. In this article, we introduce the L² algorithm, a new and natural floatingpoint variant of L³ which provably outputs L 3reduced bases in polynomial time O(d 4 n(d + log B) log B). This is the first L³ algorithm whose running time (without fast integer arithmetic) provably grows only quadratically with respect to log B, like the wellknown Euclidean and Gaussian algorithms, which it generalizes.
On the performance of group key agreement protocols
 ACM Transactions on Information and System Security
, 2002
"... ..."