We introduce the
linear centralizer method
, and use it to devise a provable polynomial-time solution of the Commutator Key Exchange Problem, the computational problem on which, in the passive ...adversary model, the security of the Anshel–Anshel–Goldfeld (Anshel et al., Math. Res. Lett. 6:287–291,
1999
)
Commutator
key exchange protocol is based. We also apply this method to solve, in polynomial time, the computational problem underlying the
Centralizer
key exchange protocol, introduced by Shpilrain and Ushakov in (Contemp. Math. 418:161–167,
2006
).
This is the first provable polynomial-time cryptanalysis of the Commutator key exchange protocol, hitherto the most important key exchange protocol in the realm of noncommutative algebraic cryptography, and the first cryptanalysis (of any kind) of the Centralizer key exchange protocol. Unlike earlier cryptanalyses of the Commutator key exchange protocol, our cryptanalyses cannot be foiled by changing the distributions used in the protocol.
Fog computing architecture is used in various environments such as smart manufacturing, vehicular ad hoc networks. However, as an extension of cloud computing, inheriting security challenges of cloud ...computing is inevitable. Recently, Jia et al. proposed an authenticated key exchange scheme for fog-driven IoT health care systems. Unfortunately, we discovered their scheme is vulnerable to an ephemeral secret leakage attack. In this paper, we propose an authenticated key exchange scheme for fog computing. Compared with previous schemes, our proposed scheme performs better in terms of performance and security.
Hierarchical ID-based authenticated key exchange (HID-AKE) is a cryptographic protocol to establish a common session key between parties with authentication based on their IDs with the hierarchical ...delegation of key generation functionality. All existing HID-AKE schemes are selective ID secure, and the only known standard model scheme relies on a non-standard assumption such as the q-type assumption. In this paper, we propose a generic construction of HID-AKE that is adaptive ID secure in the HID-eCK model (maximal-exposure-resilient security model) without random oracles. One of the concrete instantiations of our generic construction achieves the first adaptive ID secure HID-AKE scheme under the (standard) k-lin assumption in the standard model. Furthermore, it has the advantage that the computational complexity of pairing and exponentiation operations and the communication complexity do not depend on the depth of the hierarchy. Also, the other concrete instantiation achieves the first HID-AKE scheme based on lattices (i.e., post-quantum).
Security in Industrial Internet of Things (IIoT) is of vital importance as there are some cases where IIoT devices collect sensory information for crucial social production and life. Thus, designing ...secure and efficient communication channels is always a research hotspot. However, end devices have limitations in memory, computation, and power-supplying capacities. Moreover, perfect forward secrecy (PFS), which means that long-term key exposure cannot disclose previous session keys, is a critical security property for authentication and key exchange (AKE). In this paper, we propose an AKE protocol named SAKE* for the IIoT environment, where PFS is provided by two types of keys (i.e., a master key and an evolution key). In addition, the SAKE* protocol merely uses concatenation, XOR, and hash function operations to achieve lightweight authentication, key exchange, and message integrity. We also compare the SAKE* protocol with seven recent and IoT-related authentication protocols in terms of security properties and performance. Comparison results indicate that the SAKE* protocol consumes the least computation resource and third least communication cost among eight AKE protocols while equipping with twelve security properties.
Abstract
Forward security ensures that compromise of entities today does not impact the security of cryptographic primitives employed in the past. Such a form of security is regarded as increasingly ...important in the modern world due to the existence of adversaries with mass storage capabilities and powerful infiltration abilities. Although the idea of forward security has been known for over 30 years, current understanding of what it really should mean is limited due to the prevalence of new techniques and inconsistent terminology. We survey existing methods for achieving forward security for different cryptographic primitives and propose new definitions and terminology aimed at a unified treatment of the notion.
IoT devices provide a significant medium for distributed denial-of-service (DDoS) attacks. In 2016, a large-scale DDoS attack, named Dyn, caused massive damage to several well-known companies. One ...effective countermeasure is observing previous network traffic information or abnormal behavior determined by the host machines and determining the latest DDoS-attack IP addresses. Because of the lack of a fair exchange mechanism, most security operation centers (SOCs) are unwilling to share their real-time DDoS data. In this article, we propose a decentralized DDoS data exchange platform, namely SOChain, using blockchain technology to overcome the trust and fairness issues. The platform incentivizes SOCs through the DDoS_coin token. The more DDoS information an SOC contributes, the more coins it earns. To confirm the validity of uploaded information, we enlist a content verifier to examine uploaded abnormal IP addresses. Moreover, the verifier is incentivized by the DDoS_coin . To decrease the management effort, the entire flow is automatically executed in smart contract deployed onto the blockchain system. To address the issue of privacy in smart contracts, we devise a novel dual-level Bloom filter to enable efficient searches with privacy protection. Herein, a verifiable method is designed without revealing the information to public.
In the unreliable domain of data communication, safeguarding information from unauthorized access is imperative. Given the widespread application of images across various fields, ensuring the ...confidentiality of image data holds paramount importance. This study centers on the session keys concept, addressing the challenge of key exchange between communicating parties through the development of a random-number generator based on the Linear Feedback Shift Register. Both encryption and decryption hinge on the Secure Force algorithm, supported by a generator. The proposed system outlined in this paper focuses on three key aspects. First, it addresses the generation of secure and randomly generated symmetric encryption keys. Second, it involves the ciphering of the secret image using the SF algorithm. Last, it deals with the extraction of the image by deciphering its encrypted version. The system’s performance is evaluated using image quality metrics, including histograms, peak signal-to-noise ratio, mean square error, normalized correlation, and normalized absolute error (NAE). These metrics provide insights into both encrypted and decrypted images, analyzing the extent to which the system preserves image quality. This assessment underscores the system’s capability to safeguard and maintain the confidentiality of images during data transmission.
Authenticated Key Exchange (AKE) is a cryptographic protocol to share a common session key among multiple parties. Usually, PKI-based AKE schemes are designed to guarantee secrecy of the session key ...and mutual authentication. However, in practice, there are many cases where mutual authentication is undesirable such as in anonymous networks like Tor and Riffle, or difficult to achieve due to the certificate management at the user level such as the Internet. Goldberg et al. formulated a model of anonymous one-sided AKE which guarantees the anonymity of the client by allowing only the client to authenticate the server, and proposed a concrete scheme. However, existing anonymous one-sided AKE schemes are only known to be secure in the random oracle model. In this paper, we propose generic constructions of anonymous one-sided AKE in the random oracle model and in the standard model, respectively. Our constructions allow us to construct the first post-quantum anonymous one-sided AKE scheme from isogenies in the standard model.
The article presents a real-time image encryption using a modified approach of Vigenère cipher and the chaotic maps with an efficient key management. The modification is provided to Vigenère cipher ...through the key expansion procedure. The proposed encryption chooses four random keys of 8-tuples to expand into the
initial key block. Thereafter, the Vigenère cipher encrypts the pixels blocks using the initial key block and the next blocks through key updation using the XOR operation and the Arnold transform. Later, the partially encrypted image is further scrambled through the Baker map to increase the randomness and unpredictability of the data. The chosen secret key parameters are exchanged publicly through the Diffie-Hellman key exchange agreement. Simulation results and comparison analysis of some extant systems ensure that the proposed algorithm is secure against cryptanalytic attacks and efficient in real-time image processing. Further, the average execution time for encryption and decryption of an image with size
is 0.4926 which is very efficient than a typical and recent encryption scheme.