Since the end of the 1990s,cryptosystems implemented on smart cards have had to deal with two main categories of attacks:side-channel attacks and fault injection attacks.Countermeasures have been developed and validat...Since the end of the 1990s,cryptosystems implemented on smart cards have had to deal with two main categories of attacks:side-channel attacks and fault injection attacks.Countermeasures have been developed and validated against these two types of attacks,taking into account a well-defined attacker model.This work focuses on small vulnerabilities and countermeasures related to the Elliptic Curve Digital Signature Algorithm(ECDSA)algorithm.The work done in this paper focuses on protecting the ECDSA algorithm against fault-injection attacks.More precisely,we are interested in the countermeasures of scalar multiplication in the body of the elliptic curves to protect against attacks concerning only a few bits of secret may be sufficient to recover the private key.ECDSA can be implemented in different ways,in software or via dedicated hardware or a mix of both.Many different architectures are therefore possible to implement an ECDSA-based system.For this reason,this work focuses mainly on the hardware implementation of the digital signature ECDSA.In addition,the proposed ECDSA architecture with and without fault detection for the scalar multiplication have been implemented on Xilinxfield programmable gate arrays(FPGA)platform(Virtex-5).Our implementation results have been compared and discussed.Our area,frequency,area overhead and frequency degradation have been compared and it is shown that the proposed architecture of ECDSA with fault detection for the scalar multiplication allows a trade-off between the hardware overhead and the security of the ECDSA.展开更多
Based on elliptic curve Diffie-Hellman algorithm, an Elliptic Curve Authenticated Key Agreement (ECAKA) protocol with pre-shared password is proposed. Its security relies on the Elliptic Curve Discrete Logarithm Probl...Based on elliptic curve Diffie-Hellman algorithm, an Elliptic Curve Authenticated Key Agreement (ECAKA) protocol with pre-shared password is proposed. Its security relies on the Elliptic Curve Discrete Logarithm Problem (ECDLP). It provides identity authentication, key validation and perfect forward secrecy, and it can foil man-in-the-middle attacks.展开更多
Elliptic curve cryptography is one of the most important public-key cryptography.The Koblitz Curve is a special kind of elliptic curve in ECC and its security mainly depends on the base field.Based on Evolutionary Cry...Elliptic curve cryptography is one of the most important public-key cryptography.The Koblitz Curve is a special kind of elliptic curve in ECC and its security mainly depends on the base field.Based on Evolutionary Cryptography theory,which becomes a principal concept for cryptography design and cryptanalysis,we propose a new algorithm for secure EC generation based on Ant Colony Optimization(ACO)to accelerate the search process of safe base field.We preliminarily deal with secure Koblitz curve selecting over the field F(2800).Experiments show that the base field and base point of secure curves generated by ant colony algorithm have gone beyond the parameter range of Koblitz curves recommended by NIST.We can present many new secure Koblitz curves,including base field and base point,which are not recommended by NIST.The maximum size of our secure Koblitz curve has gone beyond 700bit.The algorithm in this paper follows the same cryptography criteria recommended by the ANSI.So,it can resist current attacks.Theoretical analysis and experimental results prove that the new algorithm is effective and successful,and it is the first successful practice of Evolutionary Cryptography theory in public cryptography research.展开更多
In the literature, several dynamic ID-based remote user mutual authentication schemes are implemented using password, smartcard and Elliptic Curve Cryptography(ECC), however, none of them provides resilience against d...In the literature, several dynamic ID-based remote user mutual authentication schemes are implemented using password, smartcard and Elliptic Curve Cryptography(ECC), however, none of them provides resilience against different attacks. Therefore, there is a great need to design an efficient scheme for practical applications. In this paper, we proposed such a scheme in order to provide desired security attributes and computation efficiencies. Compared with other existing techniques, our scheme is more efficient and secured. In addition, our scheme is provably secure in the random oracle model under the hardness assumption of computational Diffie-Hellman problem.展开更多
Wireless Sensor Networks (WSNs) are being deployed for a wide variety of applications and the security problems of them have received considerable attention. Considering the limitations of power, computation capabilit...Wireless Sensor Networks (WSNs) are being deployed for a wide variety of applications and the security problems of them have received considerable attention. Considering the limitations of power, computation capability and storage resources, this paper proposed an efficient defense against collusion scheme based on elliptic curve cryptography for wireless sensor networks in order to solve the problems that sensor node-key leaking and adversaries make compromised nodes as their collusions to launch new attack. In the proposed scheme, the group-key distribution strategy is employed to compute the private key of each sensor node, and the encryption and decryption algorithms are constructed based on Elliptic Curve Cryptography (ECC). The command center (node) only needs to broadcast a controlling header with three group elements, and the authorized sensor node can correctly recover the session key and use it to decrypt the broadcasting message. Analysis and proof of the proposed scheme's efficiency and security show that the proposed scheme can resist the k-collusion attack efficiently.展开更多
The mathematical theory for elliptic curve encryption based on optimal normal basis(ONB) over F_2~m is introduced.Then an elliptic curve cryptography(ECC) based encryption scheme isanalyzed and designed.The mechanism ...The mathematical theory for elliptic curve encryption based on optimal normal basis(ONB) over F_2~m is introduced.Then an elliptic curve cryptography(ECC) based encryption scheme isanalyzed and designed.The mechanism for key exchange based on Diffie-Hellman is described in detailsfor further applications.Based on these theoretic foundations,the software based on ECC is developedand an application is provided.The software is characterized by excellent security as well as highefficiency.展开更多
门限密码学提供了建立入侵容忍应用的新方法。文中在介绍并分析了基于ECC的ElGamal数字签名方案和t out of n秘密共享方案的基础上,提出了一个基于ECC的零知识证明方法和一个基于ECC的门限数字签名方案;研究了该方法和方案在建立入侵容...门限密码学提供了建立入侵容忍应用的新方法。文中在介绍并分析了基于ECC的ElGamal数字签名方案和t out of n秘密共享方案的基础上,提出了一个基于ECC的零知识证明方法和一个基于ECC的门限数字签名方案;研究了该方法和方案在建立入侵容忍CA中的应用。最后,对比ITTC项目中关于入侵容忍CA设计的方案,分析显示该方案在安全性、效率和可用性方面具有良好的性能。展开更多
基金The funding was provided by the Deanship of Scientific Research at King Khalid University through Research Group Project[grant number RGP.1/157/42].
文摘Since the end of the 1990s,cryptosystems implemented on smart cards have had to deal with two main categories of attacks:side-channel attacks and fault injection attacks.Countermeasures have been developed and validated against these two types of attacks,taking into account a well-defined attacker model.This work focuses on small vulnerabilities and countermeasures related to the Elliptic Curve Digital Signature Algorithm(ECDSA)algorithm.The work done in this paper focuses on protecting the ECDSA algorithm against fault-injection attacks.More precisely,we are interested in the countermeasures of scalar multiplication in the body of the elliptic curves to protect against attacks concerning only a few bits of secret may be sufficient to recover the private key.ECDSA can be implemented in different ways,in software or via dedicated hardware or a mix of both.Many different architectures are therefore possible to implement an ECDSA-based system.For this reason,this work focuses mainly on the hardware implementation of the digital signature ECDSA.In addition,the proposed ECDSA architecture with and without fault detection for the scalar multiplication have been implemented on Xilinxfield programmable gate arrays(FPGA)platform(Virtex-5).Our implementation results have been compared and discussed.Our area,frequency,area overhead and frequency degradation have been compared and it is shown that the proposed architecture of ECDSA with fault detection for the scalar multiplication allows a trade-off between the hardware overhead and the security of the ECDSA.
基金Supported by "973" Program of China (No.G1999035805), "863" Program of China(No.2002AA143041), and RGC Project (No.HKU/7144/03E) of the Hong Kong SpecialAdministrative Region, China.
文摘Based on elliptic curve Diffie-Hellman algorithm, an Elliptic Curve Authenticated Key Agreement (ECAKA) protocol with pre-shared password is proposed. Its security relies on the Elliptic Curve Discrete Logarithm Problem (ECDLP). It provides identity authentication, key validation and perfect forward secrecy, and it can foil man-in-the-middle attacks.
基金National Natural Science Foundation of China under Grant No. 60970006, 60970115, 91018008Key Laboratory Open Fund of Sky Information Security and Trusted Computing under Grant No. AISTC2009 04Shanghai Key Subject and Committee of Science and Technology of Key Laboratory under Grant No. S30108,08DZ2231100
文摘Elliptic curve cryptography is one of the most important public-key cryptography.The Koblitz Curve is a special kind of elliptic curve in ECC and its security mainly depends on the base field.Based on Evolutionary Cryptography theory,which becomes a principal concept for cryptography design and cryptanalysis,we propose a new algorithm for secure EC generation based on Ant Colony Optimization(ACO)to accelerate the search process of safe base field.We preliminarily deal with secure Koblitz curve selecting over the field F(2800).Experiments show that the base field and base point of secure curves generated by ant colony algorithm have gone beyond the parameter range of Koblitz curves recommended by NIST.We can present many new secure Koblitz curves,including base field and base point,which are not recommended by NIST.The maximum size of our secure Koblitz curve has gone beyond 700bit.The algorithm in this paper follows the same cryptography criteria recommended by the ANSI.So,it can resist current attacks.Theoretical analysis and experimental results prove that the new algorithm is effective and successful,and it is the first successful practice of Evolutionary Cryptography theory in public cryptography research.
文摘In the literature, several dynamic ID-based remote user mutual authentication schemes are implemented using password, smartcard and Elliptic Curve Cryptography(ECC), however, none of them provides resilience against different attacks. Therefore, there is a great need to design an efficient scheme for practical applications. In this paper, we proposed such a scheme in order to provide desired security attributes and computation efficiencies. Compared with other existing techniques, our scheme is more efficient and secured. In addition, our scheme is provably secure in the random oracle model under the hardness assumption of computational Diffie-Hellman problem.
基金Supported by the Six Great Talent Peak Plan of Jiangsu Province (No.06-E-044)the "Qinlan Project" Plan of Jiangsu Province 2006
文摘Wireless Sensor Networks (WSNs) are being deployed for a wide variety of applications and the security problems of them have received considerable attention. Considering the limitations of power, computation capability and storage resources, this paper proposed an efficient defense against collusion scheme based on elliptic curve cryptography for wireless sensor networks in order to solve the problems that sensor node-key leaking and adversaries make compromised nodes as their collusions to launch new attack. In the proposed scheme, the group-key distribution strategy is employed to compute the private key of each sensor node, and the encryption and decryption algorithms are constructed based on Elliptic Curve Cryptography (ECC). The command center (node) only needs to broadcast a controlling header with three group elements, and the authorized sensor node can correctly recover the session key and use it to decrypt the broadcasting message. Analysis and proof of the proposed scheme's efficiency and security show that the proposed scheme can resist the k-collusion attack efficiently.
基金Supported by National 863 Plan Project (No. 2002AA142040)
文摘The mathematical theory for elliptic curve encryption based on optimal normal basis(ONB) over F_2~m is introduced.Then an elliptic curve cryptography(ECC) based encryption scheme isanalyzed and designed.The mechanism for key exchange based on Diffie-Hellman is described in detailsfor further applications.Based on these theoretic foundations,the software based on ECC is developedand an application is provided.The software is characterized by excellent security as well as highefficiency.
文摘门限密码学提供了建立入侵容忍应用的新方法。文中在介绍并分析了基于ECC的ElGamal数字签名方案和t out of n秘密共享方案的基础上,提出了一个基于ECC的零知识证明方法和一个基于ECC的门限数字签名方案;研究了该方法和方案在建立入侵容忍CA中的应用。最后,对比ITTC项目中关于入侵容忍CA设计的方案,分析显示该方案在安全性、效率和可用性方面具有良好的性能。