Secure SSL/TLS Communication System Based on Quantum Keys

Secure Sockets Layer(SSL)and Transport Layer Security(TLS)protocols facilitates a secure framework for identity authentication,data encryption,and message integrity verification.However,with the recent development in quantum computing technology,the security of conventional key-based SSL/TLS protocols faces vulnerabilities.In this paper,we propose a scheme by integrating the quantum key into the SSL/TLS framework.Furthermore,the application of post-quantum algorithms is used to enhance and complement the existing encryption suites.Experimental results show that the proposed SSL/TLS communication system based on quantum keys exhibits high performance in latency and throughput.Moreover,the proposed system showcases good resilience against quantum attacks.

Development of a Post Quantum Encryption Key Generation Algorithm Using Electromagnetic Wave Propagation Theory

In today’s rapid widespread of digital technologies into all live aspects to enhance efficiency and productivity on the one hand and on the other hand ensure customer engagement, personal data counterfeiting has become a major concern for businesses and end-users. One solution to ensure data security is encryption, where keys are central. There is therefore a need to find robusts key generation implementation that is effective, inexpensive and non-invasive for protecting and preventing data counterfeiting. In this paper, we use the theory of electromagnetic wave propagation to generate encryption keys.

FORMAL PROOF OF RELATIVE STRENGTH OF SECURITY AMONG ECK2007 MODEL AND OTHER PROOF MODELS FOR KEY AGREEMENT PROTOCOLS

The differences among the extended Canetti ＆ Krawezyk 2007 model （ECK2007） and other four models, i.e., the Bellare ＆ Rogaway （1993, 1995）models （BR93,BR95）, the Bellare, Pointcheval ＆ Rogaway （2000） model （BPR2000） and the Canetti ＆ Krawczyk （2001） model （CK2001） are given. The relative strength of security among these models is analyzed. To support the implication or non-implication relation among these models, the formal proof or the counter-example is provided.

Efficient Authenticated Key Agreement Protocol Using Self-Certified Public Keys from Pairings

An efficient authenticated key agreement protocol is proposed, which makesuse of bilinear pairings and self-certificd public keys. Its security is based on the securityassumptions of the bilinear Diff ie-Hellman problem and the computational Diffie-Hellman problem.Users can choose their private keys independently. The public keys and identities of users can beverified implicitly when the session key being generating in a logically single step. A trusted KeyGeneration Center is no longer requiredas in the ID-based authenticated key agreement protocolsCompared with existing authenticated key agreement protocols from pairings, the. new proposedprotocol is more efficient and secure.

A Resistant Quantum Key Exchange Protocol and Its Corresponding Encryption Scheme

The emergence of quantum computer will threaten the security of existing public-key cryptosystems, including the Diffie Hellman key exchange protocol, encryption scheme and etc, and it makes the study of resistant quantum cryptography very urgent. This motivate us to design a new key exchange protocol and eneryption scheme in this paper. Firstly, some acknowledged mathematical problems was introduced, such as ergodic matrix problem and tensor decomposition problem, the two problems have been proved to NPC hard. From the computational complexity prospective, NPC problems have been considered that there is no polynomial-time quantum algorithm to solve them. From the algebraic structures prospective, non-commutative cryptography has been considered to resist quantum. The matrix and tensor operator we adopted also satisfied with this non-commutative algebraic structures, so they can be used as candidate problems for resisting quantum from perspective of computational complexity theory and algebraic structures. Secondly, a new problem was constructed based on the introduced problems in this paper, then a key exchange protocol and a public key encryption scheme were proposed based on it. Finally the security analysis, efficiency, recommended parameters, performance evaluation and etc. were also been given. The two schemes has the following characteristics, provable security,security bits can be scalable, to achieve high efficiency, quantum resistance, and etc.

Breaking and Repairing the Certificateless Key Agreement Protocol from ASIAN 2006

The certificateless authenticated key agreement protocol proposed by Mandt et al does not haVE the property of key-compromise impersonation （K-CI） resilience. An improved protocol with a simple modification of their protocol is proposed in this paper. In particular, our improved protocol is proved to be immune to the K-CI attack and at the same time possess other security properties.

Universally Composable Three Party Password-based Key Exchange Protocol

Within the framework of universal composability,an appropriate ideal functionality that captures the basic security requirements of three party password-based key exchange was defined. An efficient real-word three party password-based key exchange protocol was also proposed.This protocol securely realizes the ideal functionality with respect to static party corruption.Thus it provides security guarantees under arbitrary composition with other protocols.

Quantum key distribution series network protocol with M-classical Bobs

Secure key distribution among classical parties is impossible both between two parties and in a network. In this paper, we present a quantum key distribution （QKD） protocol to distribute secure key bits among one quantum party and numerous classical parties who have no quantum capacity. We prove that our protocol is completely robust, i.e., any eavesdropping attack should be detected with nonzero probability. Our calculations show that our protocol may be secure against Eve＇s symmetrically individual attack.

Two Modifications on IKE Protocol with Pre-shared Key Authentication

This paper proposed two modifications on IKE protocol with pre-shared key authentication. The first modification can improve its immunity against DDoS attack by authenticating the initiator before the responder generates the computation-intensive Diffie-Hellman public value. The second modification can improve its efficiency when the attack on messages occurs because it can detect the attack quickly by replacing the centralized authentication in origical IKE protocol with immediate authentication. In addition, the two modifications can be integrated into one protocol compactly.

A Composed Protocol of Quantum Identity Authentication Plus Quantum Key Distribution Based on Squeezed States

It is established that a single quantum cryptography protocol usually cooperates with other cryptographicsystems,such as an authentication system,in the real world.However,few protocols have been proposed on how tocombine two or more quantum protocols.To fill this gap,we propose a composed quantum protocol,containing bothquantum identity authentication and quantum key distribution,using squeezed states.Hence,not only the identity canbe verified,but also a new private key can be generated by our new protocol.We also analyze the security under anoptimal attack,and the efficiency,which is defined by the threshold of the tolerant error rate,using Gaussian errorfunction.

New semi-quantum key agreement protocol based on high-dimensional single-particle states

A new efficient two-party semi-quantum key agreement protocol is proposed with high-dimensional single-particle states.Different from the previous semi-quantum key agreement protocols based on the two-level quantum system,the propounded protocol makes use of the advantage of the high-dimensional quantum system,which possesses higher efficiency and better robustness against eavesdropping.Besides,the protocol allows the classical participant to encode the secret key with qudit shifting operations without involving any quantum measurement abilities.The designed semi-quantum key agreement protocol could resist both participant attacks and outsider attacks.Meanwhile,the conjoint analysis of security and efficiency provides an appropriate choice for reference on the dimension of single-particle states and the number of decoy states.

An Efficient Lightweight Authentication and Key Agreement Protocol for Patient Privacy

Tele-medical information system provides an efficient and convenient way to connect patients at home with medical personnel in clinical centers.In this system,service providers consider user authentication as a critical requirement.To address this crucial requirement,various types of validation and key agreement protocols have been employed.The main problem with the two-way authentication of patients and medical servers is not built with thorough and comprehensive analysis that makes the protocol design yet has flaws.This paper analyzes carefully all aspects of security requirements including the perfect forward secrecy in order to develop an efficient and robust lightweight authentication and key agreement protocol.The secureness of the proposed protocol undergoes an informal analysis,whose findings show that different security features are provided,including perfect forward secrecy and a resistance to DoS attacks.Furthermore,it is simulated and formally analyzed using Scyther tool.Simulation results indicate the protocol’s robustness,both in perfect forward security and against various attacks.In addition,the proposed protocol was compared with those of other related protocols in term of time complexity and communication cost.The time complexity of the proposed protocol only involves time of performing a hash function Th,i.e.,:O(12Th).Average time required for executing the authentication is 0.006 seconds;with number of bit exchange is 704,both values are the lowest among the other protocols.The results of the comparison point to a superior performance by the proposed protocol.

A Novel Approach towards Cost Effective Region-Based Group Key Agreement Protocol for Ad Hoc Networks Using Elliptic Curve Cryptography

This paper addresses an interesting security problem in wireless ad hoc networks: the dynamic group key agreement key establishment. For secure group communication in an ad hoc network, a group key shared by all group members is required. This group key should be updated when there are membership changes (when the new member joins or current member leaves) in the group. In this paper, we propose a novel, secure, scalable and efficient region-based group key agreement protocol for ad hoc networks. This is implemented by a two-level structure and a new scheme of group key update. The idea is to divide the group into subgroups, each maintaining its subgroup keys using group elliptic curve diffie-hellman (GECDH) Protocol and links with other subgroups in a tree structure using tree-based group elliptic curve diffie-hellman (TGECDH) protocol. By introducing region-based approach, messages and key updates will be limited within subgroup and outer group;hence computation load is distributed to many hosts. Both theoretical analysis and experimental results show that this Region-based key agreement protocol performs well for the key establishment problem in ad hoc network in terms of memory cost, computation cost and communication cost.

Twin-Field Quantum Key Distribution Protocol Based on Wavelength-Division-Multiplexing Technology

Quantum key distribution(QKD) generates information-theoretical secret keys between two parties based on the physical laws of quantum mechanics. Following the advancement in quantum communication networks, it becomes feasible and economical to combine QKD with classical optical communication through the same fiber using dense wavelength division multiplexing(DWDM) technology. This study proposes a detailed scheme of TF-QKD protocol with DWDM technology and analyzes its performance, considering the influence of quantum channel number and adjacent quantum crosstalk on the secret key rates. The simulation results show that the scheme further increases the secret key rate of TF-QKD and its variants. Therefore, this scheme provides a method for improving the secret key rate for practical quantum networks.

A secure key agreement protocol based on chaotic maps

To guarantee the security of communication in the public channel, many key agreement protocols have been proposed. Recently, Gong et al. proposed a key agreement protocol based on chaotic maps with password sharing. In this paper, Gong et al.＇s protocol is analyzed, and we find that this protocol exhibits key management issues and potential security problems. Furthermore, the paper presents a new key agreement protocol based on enhanced Chebyshev polynomials to overcome these problems. Through our analysis, our key agreement protocol not only provides mutual authentication and the ability to resist a variety of conarnon attacks, but also solve the problems of key management and security issues existing in Gong et al.＇ s protocol.

Universally Composable Symbolic Analysis of Group Key Exchange Protocol

Canetti and Herzog have already proposed universally composable symbolic analysis(UCSA) to analyze mutual authentication and key exchange protocols. However,they do not analyze group key exchange protocol. Therefore,this paper explores an approach to analyze group key exchange protocols,which realize automation and guarantee the soundness of cryptography. Considered that there exist many kinds of group key exchange protocols and the participants’ number of each protocol is arbitrary. So this paper takes the case of Burmester-Desmedt(BD) protocol with three participants against passive adversary(3-BD-Passive) . In a nutshell,our works lay the root for analyzing group key exchange protocols automatically without sacrificing soundness of cryptography.

CLORKE-SFS:Certificateless One-Round Key Exchange Protocol with Strong Forward Security in Limited Communication Scenarios

Certificateless one-round key exchange(CL-ORKE)protocols enable each participant to share a common key with only one round of communication which greatly saves communication cost.CLORKE protocols can be applied to scenarios with limited communication,such as space communication.Although CL-ORKE protocols have been researched for years,lots of them only consider what secrets can be compromised but ignore the time when the secrets have been corrupted.In CL-ORKE protocols,the reveal of the long-term key attacks can be divided into two different attacks according to the time of the long-term key revealed:the attack to weak Forward Security(wFS)and the attack to strong Forward Security(sFS).Many CLKE protocols did not take into account the sFS property or considered sFS as wFS.In this paper,we first propose a new security model for CL-ORKE protocols which considers the sFS property as well as the Ephemeral Key Reveal attack.Then,we give a CL-ORKE protocol which is called CLORKE-SFS.CLORKE-SFS is provably secure under the proposed model provided the Elliptic Curve Computational Diffie-Hellman(ECCDH)and the Bilinear Computational Diffie-Hellman problem(BCDH)assumption hold.The security model and the protocol may give inspiration for constructing oneround key exchange protocols with perfect forward security in certificateless scenarios.

An efficient three-party password-based key agreement protocol using extended chaotic maps

Three-party password-based key agreement protocols allow two users to authenticate each other via a public channel and establish a session key with the aid of a trusted server. Recently, Farash et al. [Farash M S, Attari M A 2014 ＂An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps＂, Nonlinear Dynamics 77（7）： 399-411] proposed a three-party key agreement protocol by using the extended chaotic maps. They claimed that their protocol could achieve strong security. In the present paper, we analyze Farash et al.＇s protocol and point out that this protocol is vulnerable to off-line password guessing attack and suffers communication burden. To handle the issue, we propose an efficient three-party password-based key agreement protocol using extended chaotic maps, which uses neither symmetric cryptosystems nor the server＇s public key. Compared with the relevant schemes, our protocol provides better performance in terms of computation and communication. Therefore, it is suitable for practical applications.

New protocols for non-orthogonal quantum key distribution

Combining the passive decoy-state idea with the active decoy-state idea, a non-orthogonal （SARG04） decoy-state protocol with one vacuum and two weak decoy states is introduced based on a heralded pair coherent state photon source for quantum key distribution. Two special cases of this protocol are deduced, i.e., a one-vacuum-and-one-weak-decoy-state protocol and a one-weak-decoy-state protocol. In these protocols, the sender prepares decoy states actively, which avoids the crude estimation of parameters in the SARG04 passive decoy-state method. With the passive decoy-state idea, the detection events on Bob＇s side that are non-triggered on Alice＇s side are not discarded, but used to estimate the fractions of single-photon and two-photon pulses, which offsets the limitation of the detector＇s low efficiency and overcomes the shortcoming that the performance of the active decoy-state protocol critically depends on the efficiency of detector. The simulation results show that the combination of the active and passive decoy-state ideas increases the key generation rate. With a one-vacuum-and-two-weak-decoy-state protocol, one can achieve a key generation rate that is close to the theoretical limit of an infinite decoy-state protocol. The performance of the other two protocols is a little less than with the former, but the implementation is easier. Under the same condition of implementation, higher key rates can be obtained with our protocols than with existing methods.

Improved Key Agreement Based Kerberos Protocol for M-Health Security

The development of wireless sensor network with Internet of Things(IoT)predicts various applications in the field of healthcare and cloud computing.This can give promising results on mobile health care(M-health)and Telecare medicine information systems.M-health system on cloud Internet of Things(IoT)through wireless sensor network(WSN)becomes the rising research for the need of modern society.Sensor devices attached to the patients’body which is connected to the mobile device can ease the medical services.Security is the key connect for optimal performance of the m-health system that share the data of patients in wireless networks in order to maintain the anonymity of the patients.This paper proposed a secure transmission of M-health data in wireless networks using proposed key agreement based Kerberos protocol.The patients processed data are stored in cloud server and accessed by doctors and caregivers.The data transfer between the patients,server and the doctors are accessed with proposed protocol in order to maintain the confidentiality and integrity of authentication.The efficiency of the proposed algorithm is compared with the existing protocols.For computing 100 devices it consumes only 91milllisecond for computation.