Cloud computing has reached the peak of Gartner hype cycle,and now the focus of the whole telecom industry is the ability to scale data storage with minimal investment.But data privacy and communication issues will oc...Cloud computing has reached the peak of Gartner hype cycle,and now the focus of the whole telecom industry is the ability to scale data storage with minimal investment.But data privacy and communication issues will occur with the increment of the cloud data storage.The key privacy concern for scalability is caused by the dynamic membership allocation and multi-owner data sharing.This paper addresses the issues faced by multiple owners through a mutual authentication mechanism using the Enhanced Elliptic Curve Diffie-Hellman(EECDH)key exchange protocol along with the Elliptic Curve Digital Signature Algorithm(ECDSA).The proposed EECDH scheme is used to exchange the secured shared key among multiple owners and also to eliminate the Man-In-The-Middle(MITM)attacks with less computational complexity.By leveraging these algorithms,the integrity of data sharing among multiple owners is ensured.The EECDH improves the level of security only slightly increasing the time taken to encrypt and decrypt the data,and it is secured against the MITM attacks,which is experimented using the AVISPA tool.展开更多
Public key cryptographic (PKC) algorithms, such as the RSA, elliptic curve digital signature algorithm (ECDSA) etc., are widely used in the secure communication sys- tems, such as OpenSSL, and a variety of in- for...Public key cryptographic (PKC) algorithms, such as the RSA, elliptic curve digital signature algorithm (ECDSA) etc., are widely used in the secure communication sys- tems, such as OpenSSL, and a variety of in- formation security systems. If designer do not securely implement them, the secret key will be easily extracted by side-channel attacks (SCAs) or combinational SCA thus mitigat- ing the security of the entire communication system. Previous countermeasures of PKC im- plementations focused on the core part of the algorithms and ignored the modular inversion which is widely used in various PKC schemes. Many researchers believe that instead of straightforward implementation, constant time modular inversion (CTMI) is enough to resist the attack of simple power analysis combined with lattice analysis. However, we find that the CTMI security can be reduced to a hidden t-bit multiplier problem. Based on this feature, we firstly obtain Hamming weight of interme- diate data through side-channel leakage. Then, we propose a heuristic algorithm to solve the problem by revealing the secret (partial and full) base of CTMI. Comparing previous nec-essary input message for masking filtering, our procedure need not any information about the secret base of the inversion. To our knowl- edge, this is the first time for evaluating the practical security of CTM! and experimental results show the fact that CTMI is not enough for high-level secure communication systems.展开更多
Nowadays, mobile agents are an effective paradigm for accessing the information in distributed applications, especially in a dynamic network environment such as Internet businesses. In such kind of Internet based appl...Nowadays, mobile agents are an effective paradigm for accessing the information in distributed applications, especially in a dynamic network environment such as Internet businesses. In such kind of Internet based applications, access must be secure and authentication takes a vital role to avoid malicious use of the system. This kind of security has been provided by several previously proposed algorithms based on RSA digital signature cryptography. However, the computational time for performing encryption and decryption operations in the past literatures is very high. In this paper, we propose an anonymous authentication scheme which potentially reduces the overall computation time needed for verifying the legitimacy of the users. Comparing with previous anonymous authentication schemes, our proposed scheme provides more security and it is effective in terms of computation cost. The experimental results show that the proposed method authenticates the users with low computational time significantly.展开更多
The concept of batch verifying multiple digital signatures is to find a method by which multiple digital signatures can be verified simultaneously in a lower time complexity than separately verifying all the signature...The concept of batch verifying multiple digital signatures is to find a method by which multiple digital signatures can be verified simultaneously in a lower time complexity than separately verifying all the signatures. In this article, we analyze the complexity of the batch verifying schemes defined by Li, Hwang and Chen in 2010, and propose a new batch verifying multiple digital signature scheme, in two variants: one for RSA - by completing the Harn's schema with an identifying illegal signatures algorithm, and the other adapted for a modified Elliptic Curve Digital Siggnature Algorithm protocol.展开更多
文摘Cloud computing has reached the peak of Gartner hype cycle,and now the focus of the whole telecom industry is the ability to scale data storage with minimal investment.But data privacy and communication issues will occur with the increment of the cloud data storage.The key privacy concern for scalability is caused by the dynamic membership allocation and multi-owner data sharing.This paper addresses the issues faced by multiple owners through a mutual authentication mechanism using the Enhanced Elliptic Curve Diffie-Hellman(EECDH)key exchange protocol along with the Elliptic Curve Digital Signature Algorithm(ECDSA).The proposed EECDH scheme is used to exchange the secured shared key among multiple owners and also to eliminate the Man-In-The-Middle(MITM)attacks with less computational complexity.By leveraging these algorithms,the integrity of data sharing among multiple owners is ensured.The EECDH improves the level of security only slightly increasing the time taken to encrypt and decrypt the data,and it is secured against the MITM attacks,which is experimented using the AVISPA tool.
基金supported by the Key Technology Research and Sample-Chip Manufacture on Resistance to Physical Attacks at Circuit Level(546816170002)
文摘Public key cryptographic (PKC) algorithms, such as the RSA, elliptic curve digital signature algorithm (ECDSA) etc., are widely used in the secure communication sys- tems, such as OpenSSL, and a variety of in- formation security systems. If designer do not securely implement them, the secret key will be easily extracted by side-channel attacks (SCAs) or combinational SCA thus mitigat- ing the security of the entire communication system. Previous countermeasures of PKC im- plementations focused on the core part of the algorithms and ignored the modular inversion which is widely used in various PKC schemes. Many researchers believe that instead of straightforward implementation, constant time modular inversion (CTMI) is enough to resist the attack of simple power analysis combined with lattice analysis. However, we find that the CTMI security can be reduced to a hidden t-bit multiplier problem. Based on this feature, we firstly obtain Hamming weight of interme- diate data through side-channel leakage. Then, we propose a heuristic algorithm to solve the problem by revealing the secret (partial and full) base of CTMI. Comparing previous nec-essary input message for masking filtering, our procedure need not any information about the secret base of the inversion. To our knowl- edge, this is the first time for evaluating the practical security of CTM! and experimental results show the fact that CTMI is not enough for high-level secure communication systems.
文摘Nowadays, mobile agents are an effective paradigm for accessing the information in distributed applications, especially in a dynamic network environment such as Internet businesses. In such kind of Internet based applications, access must be secure and authentication takes a vital role to avoid malicious use of the system. This kind of security has been provided by several previously proposed algorithms based on RSA digital signature cryptography. However, the computational time for performing encryption and decryption operations in the past literatures is very high. In this paper, we propose an anonymous authentication scheme which potentially reduces the overall computation time needed for verifying the legitimacy of the users. Comparing with previous anonymous authentication schemes, our proposed scheme provides more security and it is effective in terms of computation cost. The experimental results show that the proposed method authenticates the users with low computational time significantly.
文摘The concept of batch verifying multiple digital signatures is to find a method by which multiple digital signatures can be verified simultaneously in a lower time complexity than separately verifying all the signatures. In this article, we analyze the complexity of the batch verifying schemes defined by Li, Hwang and Chen in 2010, and propose a new batch verifying multiple digital signature scheme, in two variants: one for RSA - by completing the Harn's schema with an identifying illegal signatures algorithm, and the other adapted for a modified Elliptic Curve Digital Siggnature Algorithm protocol.