Abstract: The Elliptic Curve Digital Signature algorithm-based X509v3 certificates are becoming more popular due to their short public and private key sizes. Moreover, these certificates can be stored in Internet of Things (IoT) devices, with limited resources, using less memory and transmitted in network security protocols, such as Internet Key Exchange (IKE), Transport Layer Security (TLS) and Secure Shell (SSH) with less bandwidth. The proposed method gives another advantage, in that it increases the performance of the above-mentioned protocols in terms of key exchange by saving one scalar multiplication operation.
Abstract: Since the presence of Next Generation Air Transportation System (NextGen), Automatic Dependent Surveillance-Broadcast (ADS-B) has raised specific concerns related to the privacy and security, due to its vulnerable, low-level of security and limited payload. In this paper, the authors introduce and analyze the combination of Pulse Amplitude Modulation (PAM) and Phase Shift Keying (PSK) Modulation in conventional ADS-B, forming Secure ADS-B (SADS-B) avionics. In order to demonstrate the potential of this combination, Hardware-in-the-loop (HIL) simulation was used. The tests' results show that, on the one hand, SADS-B can offer five times the payload as its predecessor. This additional payload of SADS-B can be used in various applications, therefore enhancing the ability and efficiency of the current ADS-B. On the other hand, by using the extra phase modulated bits as a digital signature to authenticate ADS-B messages, SADS-B can increase the security of ADS-B, thus ensure a more secure aviation as well. More importantly, SADS-B is compatible with the current ADS-B In and Out. Hence, no significant modifications will be needed to implement this idea. As a result, SADS-B can be considered the most promising approach to enhance the capability and security of ADS-B.
Abstract: When communicating using private and secure keys, there is always the doubt as to the identity of the message creator. We introduce an algorithm that uses the personal typing rhythm (keystroke dynamics) of the message originator to increase the trust of the authenticity of the message originator by the message recipient. The methodology proposes the use of a Rhythm Certificate Authority (RCA) to validate rhythm information. An illustrative example of the communication between Bob and Alice and the RCA is included. An algorithm of how to communicate with the RCA is presented. This RCA can be an independent authority or an enhanced Certificate Authority like the one used in public key infrastructure (PKI).
Abstract: A digital signature is an electronic signature form used by an original signer to sign a specific document. When the original signer is not in his office or when he/she travels outside, he/she delegates his signing capability to a proxy signer and then the proxy signer generates a signing message on behalf of the original signer. The two parties must be able to authenticate one another and agree on a secret encryption key, in order to communicate securely over an unreliable public network. Authenticated key agreement protocols have an important role in building a secure communications network between the two parties. In this paper, we present a secure proxy signature scheme over an efficient and secure authenticated key agreement protocol based on factoring and discrete logarithm problem.
Abstract: The Radio Frequency Identification (RFID) technology
has a diverse base of applications, but it is also prone to security
threats. There are different types of security attacks which limit the
range of the RFID applications. For example, deploying the RFID
networks in insecure environments could make the RFID system
vulnerable to many types of attacks such as spoofing attack, location
traceability attack, physical attack and many more. Therefore, security
is often an important requirement for RFID systems. In this paper,
RFID mutual authentication protocol is implemented based on mobile
agent technology and timestamp, which are used to provide strong
authentication and integrity assurances to both the RFID readers and
their corresponding RFID tags. The integration of mobile agent
technology and timestamp provides promising results towards
achieving this goal and towards reducing the security threats in RFID
systems.
Abstract: With increase in the unauthorized users access, it is required to increase the security in the Near Field Communication (NFC). In the paper we propose a user behavior based enhanced protocol entitled ‘User Behavior based Enhanced Protocol (UBEP)’ to increase the security in NFC enabled devices. The UBEP works on the history of interaction of a user with system.The propose protocol considers four different factors (touch, time and distance & angle) of user behavior to know the authenticity or authorization of the users. These factors can be same for a user during interaction with the system. The UBEP uses two phase user verification system to authenticate a user. Firstly the acquisition phase is used to acquire and store the user interaction with NFC device and the same information is used in future to detect the authenticity of the user. The second phase (recognition) uses analysis of current and previous scenario of user interaction and digital signature verification system to finally authenticate user. The analysis of user based input makes a NFC transaction more advance and secure. This security is very tactical because it is completely depends on usage of the device.
Abstract: This paper presents a smart-card applet that is able to
verify X.509 certificates and to use the public key contained in the
certificate for verifying digital signatures that have been created
using the corresponding private key, e.g. for the purpose of authenticating
the certificate owner against the card. The approach has been
implemented as an operating prototype on Java cards.
Abstract: Digital signature is a useful primitive to attain the integrity and authenticity in various wire or wireless communications. Proxy signature is one type of the digital signatures. It helps the proxy signer to sign messages on behalf of the original signer. It is very useful when the original signer (e.g. the president of a company) is not available to sign a specific document. If the original signer can not forge valid proxy signatures through impersonating the proxy signer, it will be robust in a virtual environment; thus the original signer can not shift any illegal action initiated by herself to the proxy signer. In this paper, we propose a new proxy signature scheme. The new scheme can prevent the original signer from impersonating the proxy signer to sign messages. The proposed scheme is based on the regular ElGamal signature. In addition, the fair privacy of the proxy signer is maintained. That means, the privacy of the proxy signer is preserved; and the privacy can be revealed when it is necessary.
Abstract: ebXML (Electronic Business using eXtensible
Markup Language) is an e-business standard, sponsored by
UN/CEFACT and OASIS, which enables enterprises to exchange
business messages, conduct trading relationships, communicate
data in common terms and define and register business
processes. While there is tremendous e-business value in the
ebXML, security remains an unsolved problem and one of the
largest barriers to adoption. XML security technologies emerging
recently have extensibility and flexibility suitable for security
implementation such as encryption, digital signature, access
control and authentication.
In this paper, we propose ebXML business transaction models
that allow trading partners to securely exchange XML based
business transactions by employing XML security technologies.
We show how each XML security technology meets the ebXML
standard by constructing the test software and validating messages
between the trading partners.
Abstract: Many Wireless Sensor Network (WSN) applications necessitate secure multicast services for the purpose of broadcasting delay sensitive data like video files and live telecast at fixed time-slot. This work provides a novel method to deal with end-to-end delay and drop rate of packets. Opportunistic Routing chooses a link based on the maximum probability of packet delivery ratio. Null Key Generation helps in authenticating packets to the receiver. Markov Decision Process based Adaptive Scheduling algorithm determines the time slot for packet transmission. Both theoretical analysis and simulation results show that the proposed protocol ensures better performance in terms of packet delivery ratio, average end-to-end delay and normalized routing overhead.
Abstract: Network exchange is now widely used. However, it still
cannot avoid the problems evolving from network exchange. For
example. A buyer may not receive the order even if he/she makes the
payment. For another example, the seller possibly get nothing even
when the merchandise is sent. Some studies about the fair exchange
have proposed protocols for the design of efficiency and exploited the
signature property to specify that two parties agree on the exchange.
The information about purchased item and price are disclosed in
this way. This paper proposes a new fair network payment protocol
with off-line trusted third party. The proposed protocol can protect
the buyers- purchase message from being traced. In addition, the
proposed protocol can meet the proposed requirements. The most
significant feature is Non-transfer property we achieved.
Abstract: Since 1984 many schemes have been proposed for
digital signature protocol, among them those that based on discrete
log and factorizations. However a new identification scheme based
on iterated function (IFS) systems are proposed and proved to be
more efficient. In this study the proposed identification scheme is
transformed into a digital signature scheme by using a one way hash
function. It is a generalization of the GQ signature schemes. The
attractor of the IFS is used to obtain public key from a private one,
and in the encryption and decryption of a hash function. Our aim is
to provide techniques and tools which may be useful towards
developing cryptographic protocols. Comparisons between the
proposed scheme and fractal digital signature scheme based on RSA
setting, as well as, with the conventional Guillou-Quisquater
signature, and RSA signature schemes is performed to prove that, the
proposed scheme is efficient and with high performance.
Abstract: This paper makes an attempt to solve the problem of
searching and retrieving of similar MRI photos via Internet services
using morphological features which are sourced via the original
image. This study is aiming to be considered as an additional tool of
searching and retrieve methods. Until now the main way of the
searching mechanism is based on the syntactic way using keywords.
The technique it proposes aims to serve the new requirements of
libraries. One of these is the development of computational tools for
the control and preservation of the intellectual property of digital
objects, and especially of digital images. For this purpose, this paper
proposes the use of a serial number extracted by using a previously
tested semantic properties method. This method, with its center being
the multi-layers of a set of arithmetic points, assures the following
two properties: the uniqueness of the final extracted number and the
semantic dependence of this number on the image used as the
method-s input. The major advantage of this method is that it can
control the authentication of a published image or its partial
modification to a reliable degree. Also, it acquires the better of the
known Hash functions that the digital signature schemes use and
produces alphanumeric strings for cases of authentication checking,
and the degree of similarity between an unknown image and an
original image.
Abstract: In this paper we propose two first non-generic constructions
of multisignature scheme based on coding theory. The
first system make use of the CFS signature scheme and is secure
in random oracle while the second scheme is based on the KKS
construction and is a few times. The security of our construction relies
on a difficult problems in coding theory: The Syndrome Decoding
problem which has been proved NP-complete [4].
Abstract: The Elliptic Curve Digital Signature Algorithm
(ECDSA) is the elliptic curve analogue of DSA, where it is a digital
signature scheme designed to provide a digital signature based on a
secret number known only to the signer and also on the actual
message being signed. These digital signatures are considered the
digital counterparts to handwritten signatures, and are the basis for
validating the authenticity of a connection. The security of these
schemes results from the infeasibility to compute the signature
without the private key. In this paper we introduce a proposed to
development the original ECDSA with more complexity.
Abstract: Groups where the discrete logarithm problem (DLP) is believed to be intractable have proved to be inestimable building blocks for cryptographic applications. They are at the heart of numerous protocols such as key agreements, public-key cryptosystems, digital signatures, identification schemes, publicly verifiable secret sharings, hash functions and bit commitments. The search for new groups with intractable DLP is therefore of great importance.The goal of this article is to study elliptic curves over the ring Fq[], with Fq a finite field of order q and with the relation n = 0, n ≥ 3. The motivation for this work came from the observation that several practical discrete logarithm-based cryptosystems, such as ElGamal, the Elliptic Curve Cryptosystems . In a first time, we describe these curves defined over a ring. Then, we study the algorithmic properties by proposing effective implementations for representing the elements and the group law. In anther article we study their cryptographic properties, an attack of the elliptic discrete logarithm problem, a new cryptosystem over these curves.