Biblio
Technology development has led to rapid increase in demands for multimedia applications. Due to this demand, digital archives are increasingly used to store these multimedia contents. Cloud is the commonly used archive to store, transmit, receive and share multimedia contents. Cloud makes use of internet to perform these tasks due to which data becomes more prone to attacks. Data security and privacy are compromised. This can be avoided by limiting data access to authenticated users and by hiding the data from cloud services that cannot be trusted. Hiding data from the cloud services involves encrypting the data before storing it into the cloud. Data to be shared with other users can be encrypted by utilizing Cipher Text-Policy Attribute Based Encryption (CP-ABE). CP-ABE is used which is a cryptographic technique that controls access to the encrypted data. The pairing-based computation based on bilinearity is used in ABE due to which the requirements for resources like memory and power supply increases rapidly. Most of the devices that we use today have limited memory. Therefore, an efficient pairing free CP- ABE access control scheme using elliptic curve cryptography has been used. Pairing based computation is replaced with scalar product on elliptic curves that reduces the necessary memory and resource requirements for the users. Even though pairing free CP-ABE is used, it is easier to retrieve the plaintext of a secret message if cryptanalysis is used. Therefore, this paper proposes to combine cryptography with steganography in such a way by embedding crypto text into an image to provide increased level of data security and data ownership for sub-optimal multimedia applications. It makes it harder for a cryptanalyst to retrieve the plaintext of a secret message from a stego-object if steganalysis were not used. This scheme significantly improved the data security as well as data privacy.
Public key cryptography plays a vital role in many information and communication systems for secure data transaction, authentication, identification, digital signature, and key management purpose. Elliptic curve cryptography (ECC) is a widely used public key cryptographic algorithm. In this paper, we propose a hardware-software codesign implementation of the ECC cipher. The algorithm is modelled in C language. Compute-intensive components are identified for their efficient hardware implementations. In the implementation, residue number system (RNS) with projective coordinates are utilized for performing the required arithmetic operations. To manage the hardware-software codeign in an integrated fashion Xilinx platform studio tool and Virtex-5 xc5vfx70t device based platform is utilized. An application of the implementation is demonstrated for encryption of text and its respective decryption over prime fields. The design is useful for providing an adequate level of security for IoTs.
Elliptical curve cryptography (ECC) is being used more and more in public key cryptosystems. Its main advantage is that, at a given security level, key sizes are much smaller compared to classical asymmetric cryptosystems like RSA. Smaller keys imply less power consumption, less cryptographic computation and require less memory. Besides performance, security is another major problem in embedded devices. Cryptosystems, like ECC, that are considered mathematically secure, are not necessarily considered safe when implemented in practice. An attacker can monitor these interactions in order to mount attacks called fault attacks. A number of countermeasures have been developed to protect Montgomery Scalar Multiplication algorithm against fault attacks. In this work, we proposed an efficient countermeasure premised on duplication scheme and the scrambling technique for Montgomery Scalar Multiplication algorithm against fault attacks. Our approach is simple and easy to hardware implementation. In addition, we perform injection-based error simulations and demonstrate that the error coverage is about 99.996%.
Elliptic curve cryptography (ECC) is a relatively newer form of public key cryptography that provides more security per bit than other forms of cryptography still being used today. We explore the mathematical structure and operations of elliptic curves and how those properties make curves suitable tools for cryptography. A brief historical context is given followed by the safety of usage in production, as not all curves are free from vulnerabilities. Next, we compare ECC with other popular forms of cryptography for both key exchange and digital signatures, in terms of security and speed. Traditional applications of ECC, both theoretical and in-practice, are presented, including key exchange for web browser usage and DNSSEC. We examine multiple uses of ECC in a mobile context, including cellular phones and the Internet of Things. Modern applications of curves are explored, such as iris recognition, RFID, smart grid, as well as an application for E-health. Finally, we discuss how ECC stacks up in a post-quantum cryptography world.
Now-a-days security is a challenging task in different types of networks, such as Mobile Networks, Wireless Sensor Networks (WSN) and Radio Frequency Identifications Systems (RFIS) etc, to overcome these challenges we use sincryption. Signcryption is a new public key cryptographic primitive that performs the functions of digital signature and encryption in single logical step. The main contribution of signcrytion scheme, it is more suitable for low constrained environment. Moreover some signcryption schemes based on RSA, Elliptic Curve (EC) and Hyper Elliptic Curve (HEC). This paper contains a critical review of signcryption schemes based on hyper elliptic curve, since it reduce communication and computational costs for low constrained devices. It also explores advantages and disadvantages of different signcryption schemes based on HEC.
Among the signature schemes most widely deployed in practice are the DSA (Digital Signature Algorithm) and its elliptic curves variant ECDSA. They are represented in many international standards, including IEEE P1363, ANSI X9.62, and FIPS 186-4. Their popularity stands in stark contrast to the absence of rigorous security analyses: Previous works either study modified versions of (EC)DSA or provide a security analysis of unmodified ECDSA in the generic group model. Unfortunately, works following the latter approach assume abstractions of non-algebraic functions over generic groups for which it remains unclear how they translate to the security of ECDSA in practice. For instance, it has been pointed out that prior results in the generic group model actually establish strong unforgeability of ECDSA, a property that the scheme de facto does not possess. As, further, no formal results are known for DSA, understanding the security of both schemes remains an open problem. In this work we propose GenericDSA, a signature framework that subsumes both DSA and ECDSA in unmodified form. It carefully models the "modulo q" conversion function of (EC)DSA as a composition of three independent functions. The two outer functions mimic algebraic properties in the function's domain and range, the inner one is modeled as a bijective random oracle. We rigorously prove results on the security of GenericDSA that indicate that forging signatures in (EC)DSA is as hard as solving discrete logarithms. Importantly, our proofs do not assume generic group behavior.
In December 2015, Juniper Networks announced multiple security vulnerabilities stemming from unauthorized code in ScreenOS, the operating system for their NetScreen VPN routers. The more sophisticated of these vulnerabilities was a passive VPN decryption capability, enabled by a change to one of the elliptic curve points used by the Dual EC pseudorandom number generator. In this paper, we describe the results of a full independent analysis of the ScreenOS randomness and VPN key establishment protocol subsystems, which we carried out in response to this incident. While Dual EC is known to be insecure against an attacker who can choose the elliptic curve parameters, Juniper had claimed in 2013 that ScreenOS included countermeasures against this type of attack. We find that, contrary to Juniper's public statements, the ScreenOS VPN implementation has been vulnerable since 2008 to passive exploitation by an attacker who selects the Dual EC curve point. This vulnerability arises due to apparent flaws in Juniper's countermeasures as well as a cluster of changes that were all introduced concurrently with the inclusion of Dual EC in a single 2008 release. We demonstrate the vulnerability on a real NetScreen device by modifying the firmware to install our own parameters, and we show that it is possible to passively decrypt an individual VPN session in isolation without observing any other network traffic. We investigate the possibility of passively fingerprinting ScreenOS implementations in the wild. This incident is an important example of how guidelines for random number generation, engineering, and validation can fail in practice.
This paper presents implementation results of several side channel countermeasures for protecting the scalar multiplication of ECC (Elliptic Curve Cryptography) implemented on an ARM Cortex M3 processor that is used in security sensitive wireless sensor nodes. Our implementation was done for the ECC curves P-256, brainpool256r1, and Ed25519. Investigated countermeasures include Double-And-Add Always, Montgomery Ladder, Scalar Randomization, Randomized Scalar Splitting, Coordinate Randomization, and Randomized Sliding Window. Practical side channel tests for SEMA (Simple Electromagnetic Analysis) and MESD (Multiple Exponent, Single Data) are included. Though more advanced side channel attacks are not evaluated, yet, our results show that an appropriate level of resistance against the most relevant attacks can be reached.
We present a method for key compression in quantumresistant isogeny-based cryptosystems, which allows a reduction in and transmission costs of per-party public information by a factor of two, with no e ect on security. We achieve this reduction by associating a canonical choice of elliptic curve to each j-invariant, and representing elements on the curve as linear combinations with respect to a canonical choice of basis. This method of compressing public information can be applied to numerous isogeny-based protocols, such as key exchange, zero-knowledge identi cation, and public-key encryption. We performed personal computer and ARM implementations of the key exchange with compression and decompression in C and provided timing results, showing the computational cost of key compression and decompression at various security levels. Our results show that isogeny-based cryptosystems achieve by far the smallest possible key sizes among all existing families of post-quantum cryptosystems at practical security levels; e.g. 3073-bit public keys at the quantum 128-bit security level, comparable to (non-quantum) RSA key sizes.
In this paper we analyse possibilities of application of post-quantum code based signature schemes for message authentication purposes. An error-correcting code based digital signature algorithm is presented. There also shown results of computer simulation for this algorithm in case of Reed-Solomon codes and the estimated efficiency of its software implementation. We consider perspectives of error-correcting codes for message authentication and outline further research directions.
In this paper, a dual-field elliptic curve cryptographic processor is proposed to support arbitrary curves within 576-bit in dual field. Besides, two heterogeneous function units are coupled with the processor for the parallel operations in finite field based on the analysis of the characteristics of elliptic curve cryptographic algorithms. To simplify the hardware complexity, the clustering technology is adopted in the processor. At last, a fast Montgomery modular division algorithm and its implementation is proposed based on the Kaliski's Montgomery modular inversion. Using UMC 90-nm CMOS 1P9M technology, the proposed processor occupied 0.86-mm2 can perform the scalar multiplication in 0.34ms in GF(p160) and 0.22ms in GF(2160), respectively. Compared to other elliptic curve cryptographic processors, our design is advantageous in hardware efficiency and speed moderation.
Elliptic Curve Cryptosystems are very much delicate to attacks or physical attacks. This paper aims to correctly implementing the fault injection attack against Elliptic Curve Digital Signature Algorithm. More specifically, the proposed algorithm concerns to fault attack which is implemented to sufficiently alter signature against vigilant periodic sequence algorithm that supports the efficient speed up and security perspectives with most prominent and well known scalar multiplication algorithm for ECDSA. The purpose is to properly injecting attack whether any probable countermeasure threatening the pseudo code is determined by the attack model according to the predefined methodologies. We show the results of our experiment with bits acquire from the targeted implementation to determine the reliability of our attack.
Cloud computing is becoming the main computing model in the future due to its advantages such as high resource utilization rate and save high cost of performance. The public environments is become necessary to secure their storage and transmission against possible attacks such as known-plain-text attack and semantic security. How to ensure the data security and the privacy preserving, however, becomes a huge obstacle to its development. The traditional way to solve Secure Multiparty Computation (SMC) problem is using Trusted Third Party (TTP), however, TTPs are particularly hard to achieve and compute complexity. To protect user's privacy data, the encrypted outsourcing data are generally stored and processed in cloud computing by applying homomorphic encryption. According to above situation, we propose Elliptic Curve Cryptography (ECC) based homomorphic encryption scheme for SMC problem that is dramatically reduced computation and communication cost. It shows that the scheme has advantages in energy consumption, communication consumption and privacy protection through the comparison experiment between ECC based homomorphic encryption and RSA&Paillier encryption algorithm. Further evidence, the scheme of homomorphic encryption scheme based on ECC is applied to the calculation of GPS data of the earthquake and prove it is proved that the scheme is feasible, excellent encryption effect and high security.
Implementation attacks and more specifically Power Analysis (PA) (the dominant type of side channel attack) and fault injection (FA) attacks constitute a pragmatic hazard for scalar multiplication, the main operation behind Elliptic Curve Cryptography. There exists a wide variety of countermeasures attempting to thwart such attacks that, however, few of them explore the potential of alternative number systems like the Residue Number System (RNS). In this paper, we explore the potential of RNS as an PA-FA countermeasure and propose an PA-FA resistant scalar multiplication algorithm and provide an extensive security analysis against the most effective PA-FA techniques. We argue through a security analysis that combining traditional PA-FA countermeasures with lightweight RNS countermeasures can provide strong PA-FA resistance.
Public-key cryptography schemes are widely used due to their high level of security. As a very efficient one among public-key cryptosystems, elliptic curve cryptography (ECC) has been studied for years. Researchers used to improve the efficiency of ECC through point multiplication, which is the most important and complex operation of ECC. In our research, we use special families of curves and prime fields which have special properties. After that, we introduce the instruction set architecture (ISA) extension method to accelerate this algorithm (192-bit private key) and build an ECC\_ASIP model with six new ECC custom instructions. Finally, the ECC\_ASIP model is implemented in a field-programmable gate array (FPGA) platform. The persuasive experiments have been conducted to evaluate the performance of our new model in the aspects of the performance, the code storage space and hardware resources. Experimental results show that our processor improves 69.6% in the execution efficiency and requires only 6.2% more hardware resources.
Efficient implementation of double point multiplication is crucial for elliptic curve cryptographic systems. We propose efficient algorithms and architectures for the computation of double point multiplication on binary elliptic curves and provide a comparative analysis of their performance for 112-bit security level. To the best of our knowledge, this is the first work in the literature which considers the design and implementation of simultaneous computation of double point multiplication. We first provide algorithmics for the three main double point multiplication methods. Then, we perform data-flow analysis and propose hardware architectures for the presented algorithms. Finally, we implement the proposed state-of-the-art architectures on FPGA platform for the comparison purposes and report the area and timing results. Our results indicate that differential addition chain based algorithms are better suited to compute double point multiplication over binary elliptic curves for high performance applications.