Biblio

In this paper is devoted a creation cryptographic protocol for the division of mutual authentication and session key. For secure protocols, suitable cryptographic algorithms were monitored.

Aiming at ensure the security and self-control of heterogeneous alliance network, this paper proposes a novel structure of identity authentication based on domestic commercial cryptography with blockchain in the heterogeneous alliance network. The domestic commercial cryptography, such as SM2, SM3, SM4, SM9 and ZUC, is adopted to solve the encryption, decryption, signature and verification of blockchain, whose key steps of data layer are solved by using domestic commercial cryptographic algorithms. In addition, it is the distributed way to produce the public key and private key for the security of the keys. Therefore, the cross domain identity authentication in the heterogeneous alliance network can be executed safely and effectively.

UPI (Unified Payments Interface) is a framework in India wherein customers can send payments to merchants from their smartphones. The framework consists of UPI servers that are connected to the banks at the sender and receiver ends. To send and receive payments, customers and merchants would have to first register themselves with UPI servers by executing a registration protocol using payment apps such as BHIM, PayTm, Google Pay, and PhonePe. Weaknesses were recently reported on these protocols that allow attackers to make money transfers on behalf of innocent customers and even empty their bank accounts. But the reported weaknesses were found after informal and manual analysis. However, as history has shown, formal analysis of cryptographic protocols often reveals flaws that could not be discovered with manual inspection. In this paper, we model UPI protocols in the pattern of traditional cryptographic protocols such that they can be rigorously studied and analyzed using formal methods. The modeling simplifies many of the complexities in the protocols, making it suitable to analyze and verify UPI protocols with popular analysis and verification tools such as the Constraint Solver, ProVerif and Tamarin. Our modeling could also be used as a general framework to analyze and verify many other financial payment protocols than just UPI protocols, giving it a broader applicability.

OAuth 2.0 is one of the most widely used Internet protocols for authorization/single sign-on (SSO) and is also the foundation of the new SSO protocol OpenID Connect. Due to its complexity and its flexibility, it is difficult to comprehensively analyze the security of the OAuth 2.0 standard, yet it is critical to obtain practical security guarantees for OAuth 2.0. In this paper, we present the first computationally sound security analysis of OAuth 2.0. First, we introduce a new primitive, the three-party authenticated secret distribution (3P-ASD for short) protocol, which plays the role of issuing the secret and captures the token issue process of OAuth 2.0. As far as we know, this is the first attempt to formally abstract the authorization technology into a general primitive and then define its security. Then, we present a sufficiently rich three-party security model for OAuth protocols, covering all kinds of authorization flows, providing reasonably strong security guarantees and moreover capturing various web features. To confirm the soundness of our model, we also identify the known attacks against OAuth 2.0 in the model. Furthermore, we prove that two main modes of OAuth 2.0 can achieve our desired security by abstracting the token issue process into a 3P-ASD protocol. Our analysis is not only modular which can reflect the compositional nature of OAuth 2.0, but also fine-grained which can evaluate how the intermediate parameters affect the final security of OAuth 2.0.

Cryptographic protocols are utilized for establishing a secure session between “honest” agents which communicate strictly according to the protocol rules as well as for ensuring the authenticated and confidential transmission of messages. The specification of a cryptographic protocol is usually presented as a set of requirements for the sequences of transmitted messages including the format of such messages. Note that protocol can describe several execution scenarios. All these requirements lead to a huge formal specification for a real cryptographic protocol and therefore, it is difficult to verify the security of the whole cryptographic protocol at once. In this paper, to overcome this problem, we suggest verifying the protocol security for its fragments. Namely, we verify the security properties for a special set of so-called traces of the cryptographic protocol. Intuitively, a trace of the cryptographic protocol is a sequence of computations, value checks, and transmissions on the sides of “honest” agents permitted by the protocol. In order to choose such set of traces, we introduce an Adversary model and the notion of a similarity relation for traces. We then verify the security properties of selected traces with Tamarin Prover. Experimental results for the EAP and Noise protocols clearly show that this approach can be promising for automatic verification of large protocols.

In STOC 1988, Ben-Or, Goldwasser, and Wigderson (BGW) established an important milestone in the fields of cryptography and distributed computing by showing that every functionality can be computed with perfect (information-theoretic and error-free) security at the presence of an active (aka Byzantine) rushing adversary that controls up to n/3 of the parties. We study the round complexity of general secure multiparty computation in the BGW model. Our main result shows that every functionality can be realized in only four rounds of interaction, and that some functionalities cannot be computed in three rounds. This completely settles the round-complexity of perfect actively-secure optimally-resilient MPC, resolving a long line of research. Our lower-bound is based on a novel round-reduction technique that allows us to lift existing three-round lower-bounds for verifiable secret sharing to four-round lower-bounds for general MPC. To prove the upper-bound, we develop new round-efficient protocols for computing degree-2 functionalities over large fields, and establish the completeness of such functionalities. The latter result extends the recent completeness theorem of Applebaum, Brakerski and Tsabary (TCC 2018, Eurocrypt 2019) that was limited to the binary field.

Modern verifiers for cryptographic protocols can analyze sophisticated designs automatically, but require the entire code of the protocol to operate. Compositional techniques, by contrast, allow us to verify each system component separately, against its own guarantees and assumptions about other components and the environment. Compositionality helps protocol design because it explains how the design can evolve and when it can run safely along other protocols and programs. For example, it might say that it is safe to add some functionality to a server without having to patch the client. Unfortunately, while compositional frameworks for protocol verification do exist, they require non-trivial human effort to identify specifications for the components of the system, thus hindering their adoption. To address these shortcomings, we investigate techniques for automated, compositional analysis of authentication protocols, using automata-learning techniques to synthesize assumptions for protocol components. We report preliminary results on the Needham-Schroeder-Lowe protocol, where our synthesized assumption was capable of lowering verification time while also allowing us to verify protocol variants compositionally.

In this paper we consider the pollution attack in network coded systems where network nodes are computationally limited. We consider the combined use of cryptographic signature based security and information theoretic network error correction and propose a fountain-like network error correction code construction suitable for this purpose.

This paper analyzes the formalizations of information-theoretic security for the fundamental primitives in cryptography: symmetric-key encryption and key agreement. Revisiting the previous results, we can formalize information-theoretic security using different methods, by extending Shannon's perfect secrecy, by information-theoretic analogues of indistinguishability and semantic security, and by the frameworks for composability of protocols. We show the relationships among the security formalizations and obtain the following results. First, in the case of encryption, there are significant gaps among the formalizations, and a certain type of relaxed perfect secrecy or a variant of information-theoretic indistinguishability is the strongest notion. Second, in the case of key agreement, there are significant gaps among the formalizations, and a certain type of relaxed perfect secrecy is the strongest notion. In particular, in both encryption and key agreement, the formalization of composable security is not stronger than any other formalizations. Furthermore, as an application of the relationships in encryption and key agreement, we simultaneously derive a family of lower bounds on the size of secret keys and security quantities required under the above formalizations, which also implies the importance and usefulness of the relationships.

In the increasingly diverse information age, various kinds of personal information security problems continue to break out. According to the idea of combination of identity authentication and encryption services, this paper proposes a personal identity access management model based on the OIDC protocol. The model will integrate the existing personal security information and build a set of decentralized identity authentication and access management application cluster. The advantage of this model is to issue a set of authentication rules, so that all users can complete the authentication of identity access of all application systems in the same environment at a lower cost, and can well compatible and expand more categories of identity information. Therefore, this method not only reduces the number of user accounts, but also provides a unified and reliable authentication service for each application system.

As the computer architecture technology evolves, communication protocols have been demanded not only having reliable security but also flexible functionality. Advanced cryptography has been expected as a new generation cryptography which suffices such the requirements. A pairing is one of the key technologies of the cryptography and the pairing has been known as having a substantial amount of construction parameters. Recently, the elliptic curve with embedding degree 14 is evaluated as one of the efficient curves for pairing. In the paper, we implement an optimal ate pairing on the elliptic curve by applying several variants of multiplication algorithms of extension field of degree 7 on multiple devices. The best multiplication algorithm among the candidates is derived. Besides, for efficient calculations, we propose a pseudo 7-sparse algorithm and a fast calculation method of final exponentiation. As a result, we discover the proper multiplication algorithm bases on the rate of addition and multiplications on several different computer platforms. Our proposed pseudo 7-sparse algorithm is approximately 1.54% faster than a regular algorithm on almost all tested platforms. Eventually, for the total execution time of pairing we record 9.33ms on Corei5-9500.

The modular exponentiation is crucial to the RSA cryptographic protocol, and variants inspired by the Montgomery ladder have been studied to provide more secure algorithms. In this paper, we abstract away the iterative conditional branching used in the Montgomery ladder, and formalize systems of equations necessary to obtain what we call the semi-interleaved and fully-interleaved ladder properties. In particular, we design fault-injection attacks able to obtain bits of the secret against semi-interleaved ladders, including the Montgomery ladder, but not against fully-interleaved ladders that are more secure. We also apply these equations to extend the Montgomery ladder for both the semi- and fully-interleaved cases, thus proposing novel and more secure algorithms to compute the modular exponentiation.

We present CrypTFlow, a first of its kind system that converts TensorFlow inference code into Secure Multi-party Computation (MPC) protocols at the push of a button. To do this, we build three components. Our first component, Athos, is an end-to-end compiler from TensorFlow to a variety of semihonest MPC protocols. The second component, Porthos, is an improved semi-honest 3-party protocol that provides significant speedups for TensorFlow like applications. Finally, to provide malicious secure MPC protocols, our third component, Aramis, is a novel technique that uses hardware with integrity guarantees to convert any semi-honest MPC protocol into an MPC protocol that provides malicious security. The malicious security of the protocols output by Aramis relies on integrity of the hardware and semi-honest security of MPC. Moreover, our system matches the inference accuracy of plaintext TensorFlow.We experimentally demonstrate the power of our system by showing the secure inference of real-world neural networks such as ResNet50 and DenseNet121 over the ImageNet dataset with running times of about 30 seconds for semi-honest security and under two minutes for malicious security. Prior work in the area of secure inference has been limited to semi-honest security of small networks over tiny datasets such as MNIST or CIFAR. Even on MNIST/CIFAR, CrypTFlow outperforms prior work.

Once constellation of satellites are working in a collaborative manner, the security of their messages would have to be highly secure from all angles of scenarios by which the praxis of eavesdropping constitutes a constant thread for the instability of the different tasks and missions. In this paper we employ the Bennet-Brassard commonly known as the BB84 protocol in conjunction to the technique of Cognitive Radio applied to the Internet of Space Things to build a prospective technology to guarantee the communications among geocentric orbital satellites. The simulations have yielded that for a constellation of 5 satellites, the probability of successful of completion the communication might be of order of 75% ±5%.

This paper deals with novel group-based Authentication and Key Agreement protocol for Internet of Things(IoT) enabled LTE/LTE-A network to overcome the problems of computational overhead, complexity and problem of heterogeneous devices, where other existing methods are lagging behind in attaining security requirements and computational overhead. In this work, two Groups are created among Machine Type Communication Devices (MTCDs) on the basis of device type to reduce complexity and problems of heterogeneous devices. This paper fulfills all the security requirements such as preservation, mutual authentication, confidentiality. Bio-metric authentication has been used to enhance security level of the network. The security and performance analysis have been verified through simulation results. Moreover, the performance of the proposed Novel Group-Based Authentication and key Agreement(AKA) Protocol is analyzed with other existing IoT enabled LTE/LTE-A protocol.

With the help of technological advancements in the last decade, it has become much easier to extensively and remotely observe medical conditions of the patients through wearable biosensors that act as connected nodes on Body Area Networks (BANs). Sensitive nature of the critical data captured and communicated via wireless medium makes it extremely important to process it as securely as possible. In this regard, lightweight security mechanisms are needed to overcome the hardware resource restrictions of biosensors. Random and secure cryptographic key generation and agreement among the biosensors take place at the core of these security mechanisms. In this paper, we propose the SKA-PSAR (Augmented Randomness for Secure Key Agreement using Physiological Signals) system to produce highly random cryptographic keys for the biosensors to secure communication in BANs. Similar to its predecessor SKA-PS protocol by Karaoglan Altop et al., SKA-PSAR also employs physiological signals, such as heart rate and blood pressure, as inputs for the keys and utilizes the set reconciliation mechanism as basic building block. Novel quantization and binarization methods of the proposed SKA-PSAR system distinguish it from SKA-PS by increasing the randomness of the generated keys. Additionally, SKA-PSAR generated cryptographic keys have distinctive and time variant characteristics as well as long enough bit sizes that provides resistance against cryptographic attacks. Moreover, correct key generation rate is above 98% with respect to most of the system parameters, and false key generation rate of 0% have been obtained for all system parameters.

Blockchain, the technology behind the popular Bitcoin, is considered a "security by design" system as it is meant to create security among a group of distrustful parties yet without a central trusted authority. The security of blockchain relies on the premise of honest-majority, namely, the blockchain system is assumed to be secure as long as the majority of consensus voting power is honest. And in the case of proof-of-work (PoW) blockchain, adversaries cannot control more than 50% of the network's gross computing power. However, this 50% threshold is based on the analysis of computing power only, with implicit and idealistic assumptions on the network and node behavior. Recent researches have alluded that factors such as network connectivity, presence of blockchain forks, and mining strategy could undermine the consensus security assured by the honest-majority, but neither concrete analysis nor quantitative evaluation is provided. In this paper we fill the gap by proposing an analytical model to assess the impact of network connectivity on the consensus security of PoW blockchain under different adversary models. We apply our analytical model to two adversarial scenarios: 1) honest-but-potentially-colluding, 2) selfish mining. For each scenario, we quantify the communication capability of nodes involved in a fork race and estimate the adversary's mining revenue and its impact on security properties of the consensus protocol. Simulation results validated our analysis. Our modeling and analysis provide a paradigm for assessing the security impact of various factors in a distributed consensus system.

Payment channel networks have been introduced to mitigate the scalability issues inherent to permissionless decentralized cryptocurrencies such as Bitcoin. Launched in 2018, the Lightning Network (LN) has been gaining popularity and consists today of more than 5000 nodes and 35000 payment channels that jointly hold 965 bitcoins (9.2M USD as of June 2020). This adoption has motivated research from both academia and industryPayment channels suffer from security vulnerabilities, such as the wormhole attack [39], anonymity issues [38], and scalability limitations related to the upper bound on the number of concurrent payments per channel [28], which have been pointed out by the scientific community but never quantitatively analyzedIn this work, we first analyze the proneness of the LN to the wormhole attack and attacks against anonymity. We observe that an adversary needs to control only 2% of nodes to learn sensitive payment information (e.g., sender, receiver, and amount) or to carry out the wormhole attack. Second, we study the management of concurrent payments in the LN and quantify its negative effect on scalability. We observe that for micropayments, the forwarding capability of up to 50% of channels is restricted to a value smaller than the channel capacity. This phenomenon hinders scalability and opens the door for denial-of-service attacks: we estimate that a network-wide DoS attack costs within 1.6M USD, while isolating the biggest community costs only 238k USDOur findings should prompt the LN community to consider the issues studied in this work when educating users about path selection algorithms, as well as to adopt multi-hop payment protocols that provide stronger security, privacy and scalability guarantees.

Password Guessing Attacks, for instance, Brute Force and word reference ambushes on online records are directly wide spread. Guarding the ambushes and giving the accommodating login the genuine customers together is a problematic endeavour. The present structures are lacking to give both the security and solace together. Phishing is a digital assault that targets credulous online clients fooling into uncovering delicate data, for example, username, secret key, standardized savings number or charge card number and so forth. Assailants fool the Internet clients by concealing site page as a dependable or real page to recover individual data. Password Guessing Attacks Resistance Protocol (PGARP) limits the full-scale number of logins attempts from darken remote hosts to as low as a single undertaking for each username, genuine customers all around (e.g., when tries are created utilizing known, occasionally used machines) can make a couple failed login tries before being tried with an ATT. A specific most distant point will be made to oblige the number of failed attempts with the ATT in order to keep the attacks. After the failed login attempt with ATT limit accomplished, an admonition will be sent to the customer concerning the failed login tries have accomplished the best measurement. This admonition will caution the customer and the customer will be urged to change the mystery expression and security question.

In this work, we propose a novel approach for decentralized identifier distribution and synchronization in networks. The protocol generates network entity identifiers composed of timestamps and cryptographically secure random values with a significant reduction of collision probability. The distribution is inspired by Unique Universal Identifiers and Timestamp-based Concurrency Control algorithms originating from database applications. We defined fundamental requirements for the distribution, including: uniqueness, accuracy of distribution, optimal timing behavior, scalability, small impact on network load for different operation modes and overall compliance to common network security objectives. An implementation of the proposed approach is evaluated and the results are presented. Originally designed for a domain of proactive defense strategies known as Moving Target Defense, the general architecture of the protocol enables arbitrary applications where identifier distributions in networks have to be decentralized, rapid and secure.

Current physical layer authentication (PLA) mechanisms are mostly designed for static communications, and the accuracy degrades significantly when used in dynamic scenarios, where the network environments and wireless channels change frequently. To improve the authentication performance, it is necessary to update the hypothesis test models and parameters in time, which however brings high computational complexity and authentication delay. In this paper, we propose a lightweight cross-layer authentication scheme for dynamic communication scenarios. We use multiple characteristics based PLA to guarantee the reliability and accuracy of authentication, and propose an upper layer assisted method to ensure the performance stability. Specifically, upper layer authentication (ULA) helps to update the PLA models and parameters. By properly choosing the period of triggering ULA, a balance between complexity and performance can be easily obtained. Simulation results show that our scheme can achieve pretty good authentication performance with reduced complexity.

The world is facing a new revolutionary technology transition, Internet of things (IoT). IoT systems requires secure connectivity of distributed entities, including in-field sensors. For such external devices, Side Channel Analysis poses a potential threat as it does not require complete knowledge about the crypto algorithm. In this work, we perform Horizontal Correlation Power Analysis (HCPA) which is a type of Side Channel Analysis (SCA) over the Elliptic Curve Diffie Hellman (ECDH) key exchange protocol. ChipWhisperer (CW) by NewAE Technologies is an open source toolchain which is utilized to perform the HCPA by using CW toolchain. To best of our knowledge, this is the first attempt to implemented ECDH on Artix-7 FPGA for HCPA. We compare our correlation results with the results from AES -128 bits provided by CW. Our point of attack is the Double and Add algorithm which is used to perform Scalar multiplication in ECC. We obtain a maximum correlation of 7% for the key guess using the HCPA. We also discuss about the possible cause for lower correlation and few potentials ways to improve it. In Addition to HCPA we also perform Simple Power Analysis (SPA) (visual) for ECDH, to guess the trailing zeros in the 128-bit secret key for different power traces.

Most of the authentication protocols assume the existence of a Trusted Third Party (TTP) in the form of a Certificate Authority or as an authentication server. The main objective of this research is to present an autonomous solution where users could store their credentials, without depending on TTPs. For this, the use of an autonomous network is imperative, where users could use their uniqueness in order to identify themselves. We propose the framework “Three Blockchains Identity Management with Elliptic Curve Cryptography (3BI-ECC)”. Our proposed framework is a decentralize identity management system where users' identities are self-generated.

Wireless Sensor Networks (WSNs) are applied in environmental monitoring, military surveillance, etc., whereas these applications focuses on providing security for sensed data and the nodes are available for a long time. Hence, we propose DEAVD protocol for secure data exchange with limited usage of energy. The DEAVD protocol compresses data to reduces the energy consumption and implements an energy efficient encryption and decryption technique using voronoi diagram paradigm. Thus, there is an improvement in the proposed protocol with respect to security due to the concept adapted during data encryption and aggregation.

This paper presents an overhead analysis of the use of digital signature mechanisms in the Message Queue Telemetry Transport (MQTT) protocol for three classes of constrained-device. Because the resources provided by constrained-devices are very limited, the purpose of this overhead analysis is to help find out the advantages and disadvantages of each class of constrained-devices after a security mechanism has been applied, namely by applying a digital signature mechanism. The objective of using this digital signature mechanism is for providing integrity, that if the payload sent and received in its destination is still original and not changed during the transmission process. The overhead analysis aspects performed are including analyzing decryption time, signature verification performance, message delivery time, memory and flash usage in the three classes of constrained-device. Based on the overhead analysis result, it can be seen that for decryption time and signature verification performance, the Class-2 device is the fastest one. For message delivery time, the smallest time needed for receiving the payload is Class-l device. For memory usage, the Class-2 device is providing the biggest available memory and flash.