Two-Party Authenticated Key Agreement in Certificateless Public Key Cryptography

Certificateless public key cryptography was introduced to overcome the key escrow limitation of the identity-based cryptography. It combines the advantages of the identity-based cryptography and the traditional PKI. Many certificateless public key encryption and signature schemes have been proposed. However, the key agreement in CL-PKE is seldom discussed. In this paper, we present a new certificateless two party authentication key agreement protocol and prove its security attributes. Compared with the existing protocol, our protocol is more efficient.

Certificateless Public Key Encryption with Keyword Search

Public Key Encryption with Keyword Search （PEKS）, an indispensable part of searchable encryption, is stock-in- trade for both protecting data and providing operability of encrypted data. So far most of PEKS schemes have been established on Identity-Based Cryptography （IBC） with key escrow problem inherently. Such problem severely restricts the promotion of IBC-based Public Key Infrastructure including PEKS component. Hence, Certificateless Public Key Cryptography （CLPKC） is efficient to remove such problem. CLPKC is introduced into PEKS, and a general model of Certificateless PEKS （CLPEKS） is formalized. In addition, a practical CLPEKS scheme is constructed with security and efficiency analyses. The proposal is secure channel free, and semantically secure against adaptive chosen keyword attack and keyword guessing attack. To illustrate the superiority, massive experiments are conducted on Enron Email dataset which is famous in information retrieval field. Compared with existed constructions, CLPEKS improves the efficiency in theory and removes the key escrow problem.

Public Key Cryptography Based on Ergodic Matrices over Finite Field

A new public key encryption scheme is proposed in this paper, which is based on a hard problem over ergodic matrices. The security of this scheme is equal to the MQ-problem： multivariate quadratic equations over finite fields. This problem has been shown to be NP-complete and can＇t be solved with polynomial time algorithm.

Constructing Certificateless Encryption with Keyword Search against Outside and Inside Keyword Guessing Attacks

Searchable public key encryption is a useful cryptographic paradigm that enables an untrustworthy server to retrieve the encrypted data without revealing the contents of the data. It offers a promising solution to encrypted data retrieval in cryptographic cloud storage. Certificateless public key cryptography (CLPKC) is a novel cryptographic primitive that has many merits. It overcomes the key escrow problem in identity-based cryptography (IBC) and the cumbersome certificate problem in conventional public key cryptography (PKC). Motivated by the appealing features of CLPKC, several certificateless encryption with keyword search (CLEKS) schemes have been presented in the literature. But, our cryptanalysis demonstrates that the previously proposed CLEKS frameworks suffer from the security vulnerability caused by the keyword guessing attack. To remedy the security weakness in the previous frameworks and provide resistance against both inside and outside keyword guessing attacks, we propose a new CLEKS framework. Under the new framework, we design a concrete CLEKS scheme and formally prove its security in the random oracle model. Compared with previous two CLEKS schemes, the proposed scheme has better overall performance while offering stronger security guarantee as it withstands the existing known types of keyword guessing attacks.

A Multivariate Public Key Cryptographic Scheme

This paper presents a multivariate public key cryptographic scheme over a finite field with odd prime characteristic.The idea of embedding and layering is manifested in its construction.The security of the scheme is analyzed in detail,and this paper indicates that the scheme can withstand the up to date differential cryptanalysis.We give heuristic arguments to show that this scheme resists all known attacks.

A New Fast Modular Arithmetic Method in Public Key Cryptography

Modular arithmetic is a fundamental operation and plays an important role in public key cryptosystem. A new method and its theory evidence on the basis of modular arithmetic with large integer modulus-changeable modulus algorithm is proposed to improve the speed of the modular arithmetic in the presented paper. For changeable modulus algorithm, when modular computation of modulo n is difficult, it can be realized by computation of modulo n-1 and n-2 on the perquisite of easy modular computations of modulo n-1 and modulo n-2. The conclusion is that the new method is better than the direct method by computing the modular arithmetic operation with large modulus. Especially, when computations of modulo n-1 and modulo n-2 are easy and computation of modulo n is difficult, this new method will be faster and has more advantages than other algorithms on modular arithmetic. Lastly, it is suggested that the proposed method be applied in public key cryptography based on modular multiplication and modular exponentiation with large integer modulus effectively

How to Integrate Abstract Algebra and Number Theory in the Teaching of Public Key Cryptography Elegantly

Different from traditional symmetric cryptography, public key cryptography allows each user to own a pair of public/private key pair. Given the public key of one user and the data to be encrypted, a ciphertext can be generated such that only the intended user is able to recover the data using his/her private key associated with public key involved in the encryption process. To really understand the philosophy behind the public key cryptography is not an easy task and sometimes it seems somewhat difficult, if not impossible, for the beginners without the knowledge of the abstract algebra and number theory. In this paper, we introduce briefly the basic definition of public key cryptography as well as the corresponding mathematical hard problems. Besides, we explain why the mathematical backgrounds, especially abstract algebra and number theory, matter in the study of public key cryptography.

Efficient Certificateless Authenticated Key Agreement Protocol from Pairings

In the area of secure Web information system, mutual authentication and key agreement are essential between Web clients and servers. An efficient certificateless authenticated key agreement protocol for Web client/server setting is proposed, which uses pairings on certain elliptic curves. We show that the newly proposed key agreement protocol is practical and of great efficiency, meanwhile, it satisfies every desired security require ments for key agreement protocols.

Provable Efficient Certificateless Group Key Exchange Protocol

Certificateless public key cryptography （CL-PKC） avoids the inherent escrow of identity-based cryptography and does not require certificates to guarantee the authenticity of public keys. Based on CL-PKC, we present an efficient constant-round group key exchange protocol, which is provably secure under the intractability of computation Diffie-Hellman problem. Our protocol is a contributory key exchange with perfect forward secrecy and has only two communication rounds. So it is more efficient than other protocols. Moreover, our protocol provides a method to design efficient constant-round group key exchange protocols and most secret sharing schemes could be adopted to construct our protocol.

A New Proxy Signature Scheme with Message Recovery Using Self-Certified Public Key

A proxy signature scheme with message recovery using self-certified public key is proposed, which withstands public key substitution attacks, active attacks, and forgery attacks. The proposed scheme accomplishes the tasks of public key verification, proxy signature verification, and message recovery in a logically single step. In addition, the proposed scheme satisfies all properties of strong proxy signature and does not use secure channel in the communication between the original signer and the proxy signature signer.

Multivariate Public-Key Encryption Scheme Based on Error Correcting Codes

Advances in quantum computers pose potential threats to the currently used public-key cryptographic algorithms such as RSA and ECC.As a promising candidate against attackers equipped with quantum computational power,Multivariate Public-Key Cryptosystems(MPKCs)has attracted increasing attention in recently years.Unfortunately,the existing MPKCs can only be used as multivariate signature schemes,and the way to construct an efficient MPKC enabling secure encryption remains unknown.By employing the basic MQ-trapdoors,this paper proposes a novel multivariate encryption scheme by combining MPKCs and code-based public-key encryption schemes.Our new construction gives a positive response to the challenges in multivariate public key cryptography.Thorough analysis shows that our scheme is secure and efficient,and its private key size is about 10 times smaller than that of McEliece-type cryptosystems.

A novel mutual authentication and key agreement protocol based on NTRU cryptography for wireless communications

In this paper, the authors present a novel mutual authentication and key agreement protocol based on the Number Theory Research Unit (NTRU) public key cryptography. The symmetric encryption, hash and “challenge-response” techniques were adopted to build their protocol. To implement the mutual authentication and session key agreement, the proposed protocol contains two stages: namely initial procedure and real execution stage. Since the lightweight NTRU public key cryptography is employed, their protocol can not only overcome the security flaws of secret-key based authentication protocols such as those used in Global System for Mobile Communications (GSM) and Universal Mobile Telecommunications System (UMTS), but also provide greater security and lower computational complexity in comparison with currently well-known public key based wireless authentication schemes such as Beller-Yacobi and M.Aydos protocols.

Certificateless threshold signature from lattice

Threshold signature has been widely used in electronic wills,electronic elections,cloud computing,secure multiparty computation and other fields.Until now,certificateless threshold signature schemes are all based on traditional mathematic theory,so they cannot resist quantum computing attacks.In view of this,we combine the advantages of lattice-based cryptosystem and certificateless cryptosystem to construct a certificateless threshold signature from lattice(LCLTS)that is efficient and resistant to quantum algorithm attacks.LCLTS has the threshold characteristics and can resist the quantum computing attacks,and the analysis shows that it is unforgeable against the adaptive Chosen-Message Attacks(UF-CMA)with the difficulty of Inhomogeneous Small Integer Solution(ISIS)problem.In addition,LCLTS solves the problems of the certificate management through key escrow.

A New Self-Generated-Certificate Public Key Encryption Scheme with Flexible Public Key

Self-Generated-Certificate Public Key Cryptography(SGC-PKC) ,is the enhanced version of Certificateless Public Key Cryptography(CL-PKC) . It preserves all advantages of CL-PKC. Similar to CL-PKC,every user is given a partial private key by the KGC and generates his own private key and corresponding public key. In addition,it can defend against the Denial-of-Decryption(DoD) Attack. In this paper,we propose a new approach to construction SGC-PKE scheme that derived from a new application of chameleon hash and give a concrete scheme. It is the first scheme which has flexible public key and reaches Girault's trusted level 3,the same level as is enjoyed in a traditional PKI.

Applying Evolutionary Algorithm to Public Key Cryptosystems

A best algorithm generated scheme is proposed in the paper by making use of the thought of evolutionary algorithm, which can generate dynamically the best algorithm of generating primes in RSA cryptography under different conditions. Taking into account the factors of time, space and security integrated, this scheme possessed strong practicability. The paper also proposed a model of multi-degree parallel evolutionary algorithm to evaluate synthetically the efficiency and security of the public key cryptography. The model contributes to designing public key cryptography system too.

Hash Function Based Keyword Searchable Encryption Framework in Cloud Server Using MD5 and MECC

Cloud Computing expands its usability to various fields that utilize data and store it in a common space that is required for computing and the purpose of analysis as like the IoT devices.These devices utilize the cloud for storing and retrieving data since the devices are not capable of storing processing data on its own.Cloud Computing provides various services to the users like the IaaS,PaaS and SaaS.The major drawback that is faced by cloud computing include the Utilization of Cloud services for the storage of data that could be accessed by all the users related to cloud.The use of Public Key Encryptions with keyword search(PEKS)provides security against the untrustworthy third-party search capability on publicly encryption keys without revealing the data’s contents.But the Security concerns of PEKs arise when Inside Keywords Guessing attacks(IKGA),is identified in the system due to the untrusted server presume the keyword in trapdoor.This issue could be solved by using various algorithms like the Certificateless Hashed Public Key Authenticated Encryption with Keyword Search(CL-HPAEKS)which utilizes the Modified Elliptic Curve Cryptography(MECC)along with the Mutation Centred flower pollinations algorithm(CM-FPA)that is used in enhancing the performance of the algorithm using the Optimization in keys.The additional use of Message Digests 5(MD5)hash function in the system enhances the security Level that is associated with the system.The system that is proposed achieves the security level performance of 96 percent and the effort consumed by the algorithm is less compared to the other encryption techniques.

NTRU_SSS:Anew Method Signcryption Post Quantum Cryptography Based on Shamir’s Secret Sharing

With the advent of quantum computing,numerous efforts have been made to standardize post-quantum cryptosystems with the intention of(eventually)replacing Elliptic Curve Cryptography(ECC)and Rivets-Shamir-Adelman(RSA).A modified version of the traditional N-Th Degree Truncated Polynomial Ring(NTRU)cryptosystem called NTRU Prime has been developed to reduce the attack surface.In this paper,the Signcryption scheme was proposed,and it is most efficient than others since it reduces the complexity and runs the time of the code execution,and at the same time,provides a better security degree since it ensures the integrity of the sent message,confidentiality of the data,forward secrecy when using refreshed parameters for each session.Unforgeability to prevent the man-in-the-middle attack from being active or passive,and non-repudiation when the sender can’t deny the recently sent message.This study aims to create a novel NTRU cryptography algorithm system that takes advantage of the security features of curve fitting operations and the valuable characteristics of chaotic systems.The proposed algorithm combines the(NTRU Prime)and Shamir’s Secret Sharing(SSS)features to improve the security of the NTRU encryption and key generation stages that rely on robust polynomial generation.Based on experimental results and a comparison of the time required for crucial exchange between NTRU-SSS and the original NTRU,this study shows a rise in complexity with a decrease in execution time in the case when compared to the original NTRU.It’s encouraging to see signs that the suggested changes to the NTRU work to increase accuracy and efficiency.

Constructing pairing-free certificateless public key encryption with keyword search

Searchable public key encryption enables a storage server to retrieve the publicly encrypted data without revealing the original data contents.It offers a perfect cryptographic solution to encrypted data retrieval in encrypted data storage systems.Certificateless cryptography(CLC)is a novel cryptographic primitive that has many merits.It overcomes the key escrow problem in identity-based cryptosystems and the cumbersome certificate problem in conventional public key cryptosystems.Motivated by the appealing features of CLC,three certificateless encryption with keyword search(CLEKS)schemes were presented in the literature.However,all of them were constructed with the costly bilinear pairing and thus are not suitable for the devices that have limited computing resources and battery power.So,it is interesting and worthwhile to design a CLEKS scheme without using bilinear pairing.In this study,we put forward a pairing-free CLEKS scheme that does not exploit bilinear pairing.We strictly prove that the scheme achieves keyword ciphertext indistinguishability against adaptive chosen-keyword attacks under the complexity assumption of the computational Diffie-Hellman problem in the random oracle model.Efficiency comparison and the simulation show that it enjoys better performance than the previous pairing-based CLEKS schemes.In addition,we briefly introduce three extensions of the proposed CLEKS scheme.

Hyper Elliptic Curve Based Certificateless Signcryption Scheme for Secure IIoT Communications

Industrial internet of things (IIoT) is the usage of internet of things(IoT) devices and applications for the purpose of sensing, processing andcommunicating real-time events in the industrial system to reduce the unnecessary operational cost and enhance manufacturing and other industrial-relatedprocesses to attain more profits. However, such IoT based smart industriesneed internet connectivity and interoperability which makes them susceptibleto numerous cyber-attacks due to the scarcity of computational resourcesof IoT devices and communication over insecure wireless channels. Therefore, this necessitates the design of an efficient security mechanism for IIoTenvironment. In this paper, we propose a hyperelliptic curve cryptography(HECC) based IIoT Certificateless Signcryption (IIoT-CS) scheme, with theaim of improving security while lowering computational and communicationoverhead in IIoT environment. HECC with 80-bit smaller key and parameterssizes offers similar security as elliptic curve cryptography (ECC) with 160-bitlong key and parameters sizes. We assessed the IIoT-CS scheme security byapplying formal and informal security evaluation techniques. We used Realor Random (RoR) model and the widely used automated validation of internet security protocols and applications (AVISPA) simulation tool for formalsecurity analysis and proved that the IIoT-CS scheme provides resistance tovarious attacks. Our proposed IIoT-CS scheme is relatively less expensivecompared to the current state-of-the-art in terms of computational cost andcommunication overhead. Furthermore, the IIoT-CS scheme is 31.25% and 51.31% more efficient in computational cost and communication overhead,respectively, compared to the most recent protocol.

A New Certificateless Public Key Encryption Scheme

Certificateless public key cryptography （CL-PKC） enjoys the advantage of identity based cryptography without suffering from its inherent key escrow problem. In this paper, a new efficient certificateless public key encryption scheme is proposed and its security can reach chosen-ciphertext （CCA2） secure in the random oracle model assuming the CDH and p-BDHI problem are difficult. A comparison shows that the efficiency of the proposed scheme is better than all known paring-based certificateless public key encryption schemes in the random oracle model.