Key Generation Protocol in IBC Author : Dhruti Sharma and Devesh Jinwala 論文報告 2015/12/24 董晏彰 1.

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

Boneh-Franklin Identity-based Encryption. 2 Symmetric bilinear groups G = ágñ, g p = 1 e: G G G t Bilinear i.e. e(u a, v b ) = e(u, v) ab Non-degenerate:
E W H A W U New Nominative Proxy Signature Scheme for Mobile Communication April Seo, Seung-Hyun Dept. of Computer Science and.
Securing Critical Unattended Systems with Identity Based Cryptography A Case Study Johannes Blömer, Peter Günther University of Paderborn Volker Krummel.
An Introduction to Pairing Based Cryptography Dustin Moody October 31, 2008.
BY JYH-HAW YEH COMPUTER SCIENCE DEPT. BOISE STATE UNIVERSITY Proxy Credential Forgery Attack to Two Proxy Signcryption Schemes.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Cryptography and Network Security
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Introduction to Signcryption November 22, /11/2004 Signcryption Public Key (PK) Cryptography Discovering Public Key (PK) cryptography has made.
Certificateless Authenticated Two-Party Key Agreement Protocols
Inter-Domain Identity-Based Authenticated Key Agreement Protocols from Weil Pairing Authors: Hong-bin Tasi, Yun-Peng Chiu and Chin-Laung Lei From:ISC2006.
1 An ID-based multisignature scheme without reblocking and predetermined signing order Chin-Chen Chang, Iuon-Chang Lin, and Kwok-Yan Lam Computer Standards.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
1 Hidden Exponent RSA and Efficient Key Distribution author: He Ge Cryptology ePrint Archive 2005/325 PDFPDF 報告人:陳昱升.
Identity Base Threshold Proxy Signature Jing Xu, Zhenfeng Zhang, and Dengguo Feng Form eprint Presented by 魏聲尊.
1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
ASYMMETRIC CIPHERS.
Public Key Model 8. Cryptography part 2.
By Jyh-haw Yeh Boise State University ICIKM 2013.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Bob can sign a message using a digital signature generation algorithm
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 21 “Public-Key Cryptography.
Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.
1 AN EFFICIENT METHOD FOR FACTORING RABIN SCHEME SATTAR J ABOUD 1, 2 MAMOUN S. AL RABABAA and MOHAMMAD A AL-FAYOUMI 1 1 Middle East University for Graduate.
An Efficient Identity-based Cryptosystem for
Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.
10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.
Cyrtographic Security Identity-based Encryption 1Dennis Kafura – CS5204 – Operating Systems.
Cryptography, Authentication and Digital Signatures
James Higdon, Sameer Sherwani
10. Key Management. Contents Key Management  Public-key distribution  Secret-key distribution via public-key cryptography.
Chapter 21 Public-Key Cryptography and Message Authentication.
Section 4.4: The RSA Cryptosystem Practice HW Handwritten and Maple Exercises p at end of class notes.
1 Public-Key Cryptography and Message Authentication.
Cryptography and Network Security Chapter 13 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Computer and Network Security Rabie A. Ramadan Lecture 6.
Signcryption Parshuram Budhathoki Department of Mathematical Sciences Florida Atlantic University April 18, 2013
Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.
PUBLIC-KEY CRYPTOGRAPH IT 352 : Lecture 2- part3 Najwa AlGhamdi, MSc – 2012 /1433.
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
Linkability of Some Blind Signature Schemes Swee-Huay Heng 1, Wun-She Yap 1 Khoongming Khoo 2 1 Multimedia University, 2 DSO National Laboratories.
Lecture 16: Security CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9.
Cryptanalysis of Some Proxy Signature Schemes without Certificates Wun-She Yap, Swee-Huay Heng Bok-Min Goi Multimedia University.
多媒體網路安全實驗室 Anonymous ID Signature Scheme with Provable Identity Date: Reporter :Chien-Wen Huang 出處: 2008 Second International Conference on Future.
1 Chapter 10: Key Management in Public key cryptosystems Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal,
A new provably secure certificateless short signature scheme Authors: K.Y. Choi, J.H. Park, D.H. Lee Source: Comput. Math. Appl. (IF:1.472) Vol. 61, 2011,
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Cryptographic Security Identity-Based Encryption.
Interleaving and Collusion Attacks on a Dynamic Group Key Agreement Scheme for Low-Power Mobile Devices * Junghyun Nam 1, Juryon Paik 2, Jeeyeon Kim 2,
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Cryptography and Network Security Chapter 10 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Diffie-Hellman Key Exchange first public-key type scheme proposed by Diffie & Hellman in 1976 along with the exposition of public key concepts – note:
9.2 SECURE CHANNELS JEJI RAMCHAND VEDULLAPALLI. Content Introduction Authentication Message Integrity and Confidentiality Secure Group Communications.
Elgamal Public Key Encryption CSCI 5857: Encoding and Encryption.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Cryptography and Network Security Chapter 13
Fourth Edition by William Stallings Lecture slides by Lawrie Brown
Certificateless signature revisited
Identity-based deniable authentication protocol
A Note on Secure Key Issuing in ID-based Cryptography
Presentation transcript:

Key Generation Protocol in IBC Author : Dhruti Sharma and Devesh Jinwala 論文報告 2015/12/24 董晏彰 1

Abstract 2 Identity Based Cryptography (IBC) has an inherent drawback of Key Escrow under which central key generation center is a sole issuing authority of private key and thus could misuse it. We propose an improved version of this protocol by employing clustering approach. With theoretical and empirical analysis, we demonstrate that the proposed approach indeed effectively reduces the communication overheads and improves efficiency of the original secure key issuing protocol.

Introduction 3 Since the KGC is a sole issuing authority of the private key to user, the dreaded key escrow problem occurs. A malicious KGC can decrypt any cipher text and forge the signature for any message, rendering the cryptosystem vulnerable. Hence providing privacy and authenticity are crucial aspects in the IBC. Thus, with this paper, we have proposed a protocol namely Key Generation Protocol with some modifications in SKIP to overcome several limitations of it.

Background - Bilinear Pairing (1) 4 Bilinear pairing is the mathematical primitive that plays a central role in ID based cryptography. Bilinear map: Let G 1 be an additive group of a prime order q and G 2 be a multiplicative group of the same order. Let P be a generator of G 1. Assume that the Discrete Logarithm Problem (DLP) is hard in both G 1 and G 2.

Background - Bilinear Pairing (2) 5 A Mapping ê: G 1 × G 1 -> G 2 satisfying the following properties are called an Admissible Bilinear map.

Background - ID Based Cryptography 6 The notion of Identity Based Cryptography (IBC) was introduced by Shamir in In the basic ID-based scheme, a single central trusted authority known as KGC holds a master key s and issues a private key for user based on his ID. The entire mechanism is divided into four basic steps as follows:

The Proposed Key Generation Protocol 7 To improve efficiency and to prevent collusion attack of SKIP, we have proposed a Key Generation Protocol in IBC which is based on multiple authority approach. Like SKIP, our protocol includes single KGC and multiple KPAs where KGC issues private key and KPA protects privacy to this private key. Our protocol introduces Net-ID based clustering technique for all available KPAs in system which divides n KPAs into m number of clusters ( m < n).

Protocol Description (1) 8 Our proposed protocol works in five phases: System Setup, Public Key Setup, Partial Key Generation, Key Privacy and Private Key Generation. 1) System Setup: The KGC alone is responsible for doing entire system setup.

Protocol Description (2) 9 2) Public Key Setup:

Protocol Description (3) 10 3) Partial Key Generation:

Protocol Description (4) 11 4) Key Privacy:

Protocol Description (5) 12 5) Private Key Generation: The user retrieves his private key D ID by unblinding Q k

Protocol Description (6) 13 (i) Encryption: To perform encryption a sender needs receiver's public key as well as some global system public key.

Protocol Description (7) 14 (ii) Decryption: To decrypt the incoming cipher text, a receiver uses his private key DID as follows.

Timing Analysis 15

Timing Analysis 16

Energy Analysis 17

Energy Analysis 18

Conclusion (1) 19 This paper proposed a new key generation protocol which is based on the existing Secure Key Generation Protocol (SKIP). The proposed protocol improves efficiency of SKIP and thus solves some of the practical problems associated with SKIP.

Conclusion (2) 20 Our theoretical analysis shows that the proposed clustering approach decreases the amount of communication messages in public/private key computation and thus reduces total simulation time and improves the system throughput. As per the detailed protocol description, all the authorities perform user identity verification which provides protection against conspiracy attack done by malicious KGC.