Certificateless one-round key exchange(CL-ORKE)protocols enable each participant to share a common key with only one round of communication which greatly saves communication cost.CLORKE protocols can be applied to sce...Certificateless one-round key exchange(CL-ORKE)protocols enable each participant to share a common key with only one round of communication which greatly saves communication cost.CLORKE protocols can be applied to scenarios with limited communication,such as space communication.Although CL-ORKE protocols have been researched for years,lots of them only consider what secrets can be compromised but ignore the time when the secrets have been corrupted.In CL-ORKE protocols,the reveal of the long-term key attacks can be divided into two different attacks according to the time of the long-term key revealed:the attack to weak Forward Security(wFS)and the attack to strong Forward Security(sFS).Many CLKE protocols did not take into account the sFS property or considered sFS as wFS.In this paper,we first propose a new security model for CL-ORKE protocols which considers the sFS property as well as the Ephemeral Key Reveal attack.Then,we give a CL-ORKE protocol which is called CLORKE-SFS.CLORKE-SFS is provably secure under the proposed model provided the Elliptic Curve Computational Diffie-Hellman(ECCDH)and the Bilinear Computational Diffie-Hellman problem(BCDH)assumption hold.The security model and the protocol may give inspiration for constructing oneround key exchange protocols with perfect forward security in certificateless scenarios.展开更多
Group key exchange protocols are basic protocols to provide privacy and integrity in secure group communication. This paper discusses the security of one type of group key exchange protocols and defines the kind of pr...Group key exchange protocols are basic protocols to provide privacy and integrity in secure group communication. This paper discusses the security of one type of group key exchange protocols and defines the kind of protocols as broadcaster group protocols. It points out two attacks on this kind of protocols. The first attack can be avoided by using fresh values in each action during one session of the group protocol. The second attack should be related with concrete application. It also proposes a dynamic key agreement protocol as an example of solutions at the last part of the paper.展开更多
Combined public key (CPK) cryptography does not need certificates to guarantee the authenticity of public keys and avoids the inherent key escrow problem of identity-based cryptography. Based on the efficient CPK sc...Combined public key (CPK) cryptography does not need certificates to guarantee the authenticity of public keys and avoids the inherent key escrow problem of identity-based cryptography. Based on the efficient CPK scheme, we present an efficient three-round two-party authenticated key exchange protocol with strong security, which is provably secure in the standard model under the decisional Diffie-Hellman (DDH) assumption. The protocol can keep the session key secret from the adversary except that one party's ephemeral private key and static private key are all revealed to the adversary. Compared to the existing protocols, this protocol not only assures strong security but also is more efficient.展开更多
Canetti and Herzog have already proposed universally composable symbolic analysis(UCSA) to analyze mutual authentication and key exchange protocols. However,they do not analyze group key exchange protocol. Therefore,t...Canetti and Herzog have already proposed universally composable symbolic analysis(UCSA) to analyze mutual authentication and key exchange protocols. However,they do not analyze group key exchange protocol. Therefore,this paper explores an approach to analyze group key exchange protocols,which realize automation and guarantee the soundness of cryptography. Considered that there exist many kinds of group key exchange protocols and the participants’ number of each protocol is arbitrary. So this paper takes the case of Burmester-Desmedt(BD) protocol with three participants against passive adversary(3-BD-Passive) . In a nutshell,our works lay the root for analyzing group key exchange protocols automatically without sacrificing soundness of cryptography.展开更多
Cloud computing has reached the peak of Gartner hype cycle,and now the focus of the whole telecom industry is the ability to scale data storage with minimal investment.But data privacy and communication issues will oc...Cloud computing has reached the peak of Gartner hype cycle,and now the focus of the whole telecom industry is the ability to scale data storage with minimal investment.But data privacy and communication issues will occur with the increment of the cloud data storage.The key privacy concern for scalability is caused by the dynamic membership allocation and multi-owner data sharing.This paper addresses the issues faced by multiple owners through a mutual authentication mechanism using the Enhanced Elliptic Curve Diffie-Hellman(EECDH)key exchange protocol along with the Elliptic Curve Digital Signature Algorithm(ECDSA).The proposed EECDH scheme is used to exchange the secured shared key among multiple owners and also to eliminate the Man-In-The-Middle(MITM)attacks with less computational complexity.By leveraging these algorithms,the integrity of data sharing among multiple owners is ensured.The EECDH improves the level of security only slightly increasing the time taken to encrypt and decrypt the data,and it is secured against the MITM attacks,which is experimented using the AVISPA tool.展开更多
The Canetti-Krawczyk (CK) model is a formalism for the analysis of key-exchange protocols, which can guarantee many security properties for the protocols proved secure by this model. But we find this model lacks the a...The Canetti-Krawczyk (CK) model is a formalism for the analysis of key-exchange protocols, which can guarantee many security properties for the protocols proved secure by this model. But we find this model lacks the ability to guarantee key generation center (KGC) forward secrecy, which is an important security property for key-agreement protocols based on Identity. The essential reason leading to this weakness is that it does not fully consider the attacker's capabilities. In this paper, the CK model is accordingly extended with a new additional attacker's capability of the KGC corruption in Identity-based systems, which enables it to support KGC forward secrecy.展开更多
Advances in quantum computation threaten to break public key eryptosystems that are based on the difficulty of fac- torization or the difficulty of discrete logariths, although , no quantum algorithms have been found ...Advances in quantum computation threaten to break public key eryptosystems that are based on the difficulty of fac- torization or the difficulty of discrete logariths, although , no quantum algorithms have been found to be able to solve certain mathematical problems on non-commutative algebraic structures up to now. The proposed new quasi-inverse based cryptography scheme is vulnerable to a linear algebra attack based on the probable occurrence of weak keys in the generation process. In this paper, we illustrate that two of the quasi-inverse based cryptography are vulnerable to a structural attack and that it only requires polynomial time to obtain the equivalent keys for some given public keys. In addition, we conduct a detailed analysis on attack methods and provide some improved suggestions on these two schemes.展开更多
基金This work was supported by the National Natural Science Foundation of China(NSFC)under Grant(61902049,31960119)Joint Special Fund for Basic Research of Local Undergraduate Universities(Parts)in Yunnan Province under Grant(2018FH001-063,2018FH001-106)Dali University Innovation Team Project(ZKLX2020308).
文摘Certificateless one-round key exchange(CL-ORKE)protocols enable each participant to share a common key with only one round of communication which greatly saves communication cost.CLORKE protocols can be applied to scenarios with limited communication,such as space communication.Although CL-ORKE protocols have been researched for years,lots of them only consider what secrets can be compromised but ignore the time when the secrets have been corrupted.In CL-ORKE protocols,the reveal of the long-term key attacks can be divided into two different attacks according to the time of the long-term key revealed:the attack to weak Forward Security(wFS)and the attack to strong Forward Security(sFS).Many CLKE protocols did not take into account the sFS property or considered sFS as wFS.In this paper,we first propose a new security model for CL-ORKE protocols which considers the sFS property as well as the Ephemeral Key Reveal attack.Then,we give a CL-ORKE protocol which is called CLORKE-SFS.CLORKE-SFS is provably secure under the proposed model provided the Elliptic Curve Computational Diffie-Hellman(ECCDH)and the Bilinear Computational Diffie-Hellman problem(BCDH)assumption hold.The security model and the protocol may give inspiration for constructing oneround key exchange protocols with perfect forward security in certificateless scenarios.
基金Supported by the National Natural Science Foun-dation of China (90104005 ,60473023) the National High Tech-nology Research and Development Programof China (863 Program)(2002AA41051)
文摘Group key exchange protocols are basic protocols to provide privacy and integrity in secure group communication. This paper discusses the security of one type of group key exchange protocols and defines the kind of protocols as broadcaster group protocols. It points out two attacks on this kind of protocols. The first attack can be avoided by using fresh values in each action during one session of the group protocol. The second attack should be related with concrete application. It also proposes a dynamic key agreement protocol as an example of solutions at the last part of the paper.
基金Supported by the Key Laboratory Foundation of Communication Technology of China (9140C1103040902)
文摘Combined public key (CPK) cryptography does not need certificates to guarantee the authenticity of public keys and avoids the inherent key escrow problem of identity-based cryptography. Based on the efficient CPK scheme, we present an efficient three-round two-party authenticated key exchange protocol with strong security, which is provably secure in the standard model under the decisional Diffie-Hellman (DDH) assumption. The protocol can keep the session key secret from the adversary except that one party's ephemeral private key and static private key are all revealed to the adversary. Compared to the existing protocols, this protocol not only assures strong security but also is more efficient.
基金supported by National Natural Science Foundation of China No.61003262,National Natural Science Foundation of China No.60873237Doctoral Fund of Ministry of Education of China No.20070007071
文摘Canetti and Herzog have already proposed universally composable symbolic analysis(UCSA) to analyze mutual authentication and key exchange protocols. However,they do not analyze group key exchange protocol. Therefore,this paper explores an approach to analyze group key exchange protocols,which realize automation and guarantee the soundness of cryptography. Considered that there exist many kinds of group key exchange protocols and the participants’ number of each protocol is arbitrary. So this paper takes the case of Burmester-Desmedt(BD) protocol with three participants against passive adversary(3-BD-Passive) . In a nutshell,our works lay the root for analyzing group key exchange protocols automatically without sacrificing soundness of cryptography.
文摘Cloud computing has reached the peak of Gartner hype cycle,and now the focus of the whole telecom industry is the ability to scale data storage with minimal investment.But data privacy and communication issues will occur with the increment of the cloud data storage.The key privacy concern for scalability is caused by the dynamic membership allocation and multi-owner data sharing.This paper addresses the issues faced by multiple owners through a mutual authentication mechanism using the Enhanced Elliptic Curve Diffie-Hellman(EECDH)key exchange protocol along with the Elliptic Curve Digital Signature Algorithm(ECDSA).The proposed EECDH scheme is used to exchange the secured shared key among multiple owners and also to eliminate the Man-In-The-Middle(MITM)attacks with less computational complexity.By leveraging these algorithms,the integrity of data sharing among multiple owners is ensured.The EECDH improves the level of security only slightly increasing the time taken to encrypt and decrypt the data,and it is secured against the MITM attacks,which is experimented using the AVISPA tool.
基金supported by the National Natural Science Foundation of China(Grant No.90204012)the National“863”High-tech Project of China(Grant No.2002AA143021)the Excellent Young Teachers Program of MOE,China and the Key Project of Chinese Ministry of Education
文摘The Canetti-Krawczyk (CK) model is a formalism for the analysis of key-exchange protocols, which can guarantee many security properties for the protocols proved secure by this model. But we find this model lacks the ability to guarantee key generation center (KGC) forward secrecy, which is an important security property for key-agreement protocols based on Identity. The essential reason leading to this weakness is that it does not fully consider the attacker's capabilities. In this paper, the CK model is accordingly extended with a new additional attacker's capability of the KGC corruption in Identity-based systems, which enables it to support KGC forward secrecy.
基金Supported by the National Natural Science Foundation of China(61303212,61170080,61202386)the State Key Program of National Natural Science of China(61332019,U1135004)+2 种基金the Major Research Plan of the National Natural Science Foundation of China(91018008)Major State Basic Research Development Program of China(973 Program)(2014CB340600)the Natural Science Foundation of Hubei Province(2011CDB453,2014CFB440)
文摘Advances in quantum computation threaten to break public key eryptosystems that are based on the difficulty of fac- torization or the difficulty of discrete logariths, although , no quantum algorithms have been found to be able to solve certain mathematical problems on non-commutative algebraic structures up to now. The proposed new quasi-inverse based cryptography scheme is vulnerable to a linear algebra attack based on the probable occurrence of weak keys in the generation process. In this paper, we illustrate that two of the quasi-inverse based cryptography are vulnerable to a structural attack and that it only requires polynomial time to obtain the equivalent keys for some given public keys. In addition, we conduct a detailed analysis on attack methods and provide some improved suggestions on these two schemes.
