首页 > 最新文献

IET Inf. Secur.最新文献

英文 中文
Visual secret sharing for general access structures by random grids 基于随机网格的通用访问结构的可视化秘密共享
Pub Date : 2012-12-01 DOI: 10.1049/iet-ifs.2012.0046
Xiaotian Wu, Wei Sun
Visual secret sharing (VSS) is a way to protect a secret image among a group of participants by using the notions of perfect ciphers and secret sharing. However, each share generated by conventional VSS is m times as big as the original secret image, where m is called pixel expansion. Random grid (RG) is an alternative approach to implement VSS without pixel expansion. However, reported RG-based VSS methods are threshold schemes. In this study, RG-based VSS for general access structures is presented. Secret image is encoded into n RGs while qualified sets can recover the secret visually and forbidden sets cannot. The proposed scheme is a generalisation of the threshold methods, where those reported RG-based schemes can be considered as the special cases of the proposed scheme. Experimental results are provided, demonstrating the effectiveness and advantages of the proposed scheme.
视觉秘密共享(Visual secret sharing, VSS)是利用完美密码和秘密共享的概念,在一组参与者中保护秘密图像的一种方法。然而,传统VSS生成的每个共享是原始秘密图像的m倍,其中m称为像素扩展。随机网格(RG)是一种无需像素扩展的VSS实现方法。然而,报道的基于rg的VSS方法是阈值方案。本研究提出了一种基于rg的通用存取结构VSS。将秘密图像编码为n个RGs,限定集可以直观地恢复秘密图像,而禁止集则不能。建议的方案是阈值方法的概括,其中那些报告的基于rg的方案可以被视为建议方案的特殊情况。实验结果证明了该方案的有效性和优越性。
{"title":"Visual secret sharing for general access structures by random grids","authors":"Xiaotian Wu, Wei Sun","doi":"10.1049/iet-ifs.2012.0046","DOIUrl":"https://doi.org/10.1049/iet-ifs.2012.0046","url":null,"abstract":"Visual secret sharing (VSS) is a way to protect a secret image among a group of participants by using the notions of perfect ciphers and secret sharing. However, each share generated by conventional VSS is m times as big as the original secret image, where m is called pixel expansion. Random grid (RG) is an alternative approach to implement VSS without pixel expansion. However, reported RG-based VSS methods are threshold schemes. In this study, RG-based VSS for general access structures is presented. Secret image is encoded into n RGs while qualified sets can recover the secret visually and forbidden sets cannot. The proposed scheme is a generalisation of the threshold methods, where those reported RG-based schemes can be considered as the special cases of the proposed scheme. Experimental results are provided, demonstrating the effectiveness and advantages of the proposed scheme.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"74 1","pages":"299-309"},"PeriodicalIF":0.0,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80631509","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 44
On hardware-oriented message authentication 关于面向硬件的消息身份验证
Pub Date : 2012-12-01 DOI: 10.1049/iet-ifs.2011.0221
Martin Ågren, Martin Hell, T. Johansson
We consider hardware-oriented message authentication, more specifically universal hash functions. We propose a new type of constructions that appear promising. These constructions are based on the framework of universal hash functions, Toeplitz matrices and epsilon-biased sample spaces. Some new theoretical results in this area are derived. The new constructions come at the price of not being able to prove the exact substitution probability. The expected probability is examined both through theoretical methods as well asthrough simulation.
我们考虑面向硬件的消息身份验证,更具体地说,是通用散列函数。我们提出了一种看起来很有前途的新型结构。这些构造是基于普适哈希函数、Toeplitz矩阵和epsilon偏置样本空间的框架。在这方面得到了一些新的理论结果。新构造的代价是无法证明确切的替代概率。通过理论方法和仿真方法对期望概率进行了检验。
{"title":"On hardware-oriented message authentication","authors":"Martin Ågren, Martin Hell, T. Johansson","doi":"10.1049/iet-ifs.2011.0221","DOIUrl":"https://doi.org/10.1049/iet-ifs.2011.0221","url":null,"abstract":"We consider hardware-oriented message authentication, more specifically universal hash functions. We propose a new type of constructions that appear promising. These constructions are based on the framework of universal hash functions, Toeplitz matrices and epsilon-biased sample spaces. Some new theoretical results in this area are derived. The new constructions come at the price of not being able to prove the exact substitution probability. The expected probability is examined both through theoretical methods as well as\u0000through simulation.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"4 1","pages":"329-336"},"PeriodicalIF":0.0,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83401461","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Deniable message transmission authenticator based on weak signature schemes 基于弱签名方案的可否认消息传输验证器
Pub Date : 2012-12-01 DOI: 10.1049/iet-ifs.2011.0139
Haibo Tian
This study shows how to use signature schemes for deniable authentication. Deniable authentication means that a message receiver R, although receiving a message m from a sender S, cannot convince a third party that the sender S has sent R the message m. If signature schemes are secure against selective forgery, the authors can construct a full deniable authentication protocol. The protocol is presented in the extension framework of Raimondo et al. as a deniable message transmission authenticator.
本研究展示了如何使用签名方案进行可否认身份验证。可否认认证意味着消息接收者R,虽然从发送者S那里收到了消息m,但不能使第三方相信发送者S已经向R发送了消息m。如果签名方案是安全的,可以防止选择性伪造,作者可以构造一个完整的可否认认证协议。该协议在Raimondo等人的扩展框架中作为可否认的消息传输验证器提出。
{"title":"Deniable message transmission authenticator based on weak signature schemes","authors":"Haibo Tian","doi":"10.1049/iet-ifs.2011.0139","DOIUrl":"https://doi.org/10.1049/iet-ifs.2011.0139","url":null,"abstract":"This study shows how to use signature schemes for deniable authentication. Deniable authentication means that a message receiver R, although receiving a message m from a sender S, cannot convince a third party that the sender S has sent R the message m. If signature schemes are secure against selective forgery, the authors can construct a full deniable authentication protocol. The protocol is presented in the extension framework of Raimondo et al. as a deniable message transmission authenticator.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"64 1","pages":"258-263"},"PeriodicalIF":0.0,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87724295","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Mobile encryption for laptop data protection (MELP) 用于笔记本电脑数据保护的移动加密(MELP)
Pub Date : 2012-12-01 DOI: 10.1049/IET-IFS.2011.0347
Yung-Wei Kao, Xin Zhang, Ahren Studer, A. Perrig
Based on the advances in laptop technologies and the mobility characteristics, laptops have become a vital device used at various places. Usually, numerous sensitive files such as credit card numbers and Web cookies are stored on laptops for convenient usage. However, if a laptop is stolen, the data stored on it is easily leaked; which may cause serious consequences. Encrypting files by encryption keys is a general solution; however, if the decryption keys are also stored on laptops, the files can also be decrypted by adversaries easily. To solve this problem, this paper proposes the Mobile Encryption for Laptop data Protection (MELP) system. MELP includes the design of an online server and mobile phone, and encrypts each sensitive file by a file system encryption key, which is further sequentially encrypted twice by the phone's and server's encryption keys. The reason of adopting a mobile phone is that at least one simple confirmation of execution must be performed by a user, and the reason of adopting an online server is that if both user's laptop and mobile phone are stolen, users can still disable the online decryption process on the server.
由于笔记本电脑技术的进步和便携性的特点,笔记本电脑已经成为人们在各种场合使用的重要设备。通常,为了方便使用,信用卡号码和Web cookie等许多敏感文件都存储在笔记本电脑上。然而,如果笔记本电脑被盗,存储在其中的数据很容易泄露;这可能会造成严重的后果。通过加密密钥加密文件是一种通用的解决方案;然而,如果解密密钥也存储在笔记本电脑上,那么这些文件也可以很容易地被对手解密。为了解决这一问题,本文提出了移动加密笔记本电脑数据保护(MELP)系统。MELP包括在线服务器和手机的设计,通过文件系统加密密钥对每个敏感文件进行加密,再通过手机和服务器的加密密钥依次加密两次。采用手机的原因是用户必须至少进行一次简单的执行确认,采用在线服务器的原因是如果用户的笔记本电脑和手机都被盗,用户仍然可以在服务器上禁用在线解密过程。
{"title":"Mobile encryption for laptop data protection (MELP)","authors":"Yung-Wei Kao, Xin Zhang, Ahren Studer, A. Perrig","doi":"10.1049/IET-IFS.2011.0347","DOIUrl":"https://doi.org/10.1049/IET-IFS.2011.0347","url":null,"abstract":"Based on the advances in laptop technologies and the mobility characteristics, laptops have become a vital device used at various places. Usually, numerous sensitive files such as credit card numbers and Web cookies are stored on laptops for convenient usage. However, if a laptop is stolen, the data stored on it is easily leaked; which may cause serious consequences. Encrypting files by encryption keys is a general solution; however, if the decryption keys are also stored on laptops, the files can also be decrypted by adversaries easily. To solve this problem, this paper proposes the Mobile Encryption for Laptop data Protection (MELP) system. MELP includes the design of an online server and mobile phone, and encrypts each sensitive file by a file system encryption key, which is further sequentially encrypted twice by the phone's and server's encryption keys. The reason of adopting a mobile phone is that at least one simple confirmation of execution must be performed by a user, and the reason of adopting an online server is that if both user's laptop and mobile phone are stolen, users can still disable the online decryption process on the server.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"50 1","pages":"291-298"},"PeriodicalIF":0.0,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75274794","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Security analysis of Kulseng et al.'s mutual authentication protocol for RFID systems Kulseng等人的RFID系统相互认证协议的安全性分析
Pub Date : 2012-12-01 DOI: 10.1049/iet-ifs.2010.0230
Y. Yang, J. Gu, C. Lv, Qi Jiang, W. Ma
The authors describe three attacks against an efficient lightweight mutual authentication protocol recently proposed by Kulseng et al. These attacks are unique as they are closely related and must be performed in order, one after another. They break the untraceability, confidentiality and mutual authentication properties of the protocol, and show, for the first time, that breaking the privacy property may lead to attacks on the security properties of radio frequency identification (RFID) authentication protocols. Finally, we present a countermeasure to fix the flaws and make a brief security analysis of the improved protocol.
作者描述了针对Kulseng等人最近提出的高效轻量级相互认证协议的三种攻击。这些攻击是独一无二的,因为它们密切相关,必须按顺序执行,一个接一个。他们打破了协议的不可追溯性、保密性和互认证特性,并首次表明,打破隐私特性可能导致射频识别(RFID)认证协议的安全特性受到攻击。最后,我们提出了修复漏洞的对策,并对改进后的协议进行了简要的安全性分析。
{"title":"Security analysis of Kulseng et al.'s mutual authentication protocol for RFID systems","authors":"Y. Yang, J. Gu, C. Lv, Qi Jiang, W. Ma","doi":"10.1049/iet-ifs.2010.0230","DOIUrl":"https://doi.org/10.1049/iet-ifs.2010.0230","url":null,"abstract":"The authors describe three attacks against an efficient lightweight mutual authentication protocol recently proposed by Kulseng et al. These attacks are unique as they are closely related and must be performed in order, one after another. They break the untraceability, confidentiality and mutual authentication properties of the protocol, and show, for the first time, that breaking the privacy property may lead to attacks on the security properties of radio frequency identification (RFID) authentication protocols. Finally, we present a countermeasure to fix the flaws and make a brief security analysis of the improved protocol.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"45 1","pages":"239-248"},"PeriodicalIF":0.0,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85677907","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Improved one-to-many authentication scheme for access control in pay-TV systems 付费电视系统访问控制中改进的一对多认证方案
Pub Date : 2012-12-01 DOI: 10.1049/iet-ifs.2011.0281
Huaqun Wang, Bo Qin
Mutual authentication is important in a mobile pay-TV system. Traditional authentication schemes make use of one-to-one delivery, that is, one authentication message per request is delivered from a head-end system to subscriber. This delivery occupies too much bandwidth and therefore is inefficient and costly. One-to-many authentication scheme for access control in mobile pay-TV systems was proposed by Sun et al. in 2009. In one-to-many authentication scheme, only one authentication message for multiple requests is broadcasted from the head-end system (HES) to subscribers. Sun et al. claimed that their scheme is secure and provides anonymous authentication for protecting user privacy. However, the authors demonstrate that their scheme has a critical weakness. An attacker without any secret information can not only successfully impersonate mobile set (MS) to cheat the HES but also impersonate HES to cheat MS. The authors result is important for security engineers who design and develop user authentication systems. Afterwards, the authors design a novel one-to-many authentication scheme from bilinear pairings. They give the formal security proof in the random oracle model. In addition, they present the performance analysis of our scheme. The analysis results showed that their novel authentication scheme has shorter transmission message and can be applied in the environment which has limited bandwidth. At the same time, their scheme is also the first secure one-to-many authentication scheme for access control in pay-TV systems.
相互认证在移动付费电视系统中非常重要。传统的身份验证方案使用一对一的传递,即每个请求都有一个身份验证消息从前端系统传递到订阅者。这种传输占用太多带宽,因此效率低下且成本高昂。针对移动付费电视系统的访问控制,Sun等人于2009年提出了一对多认证方案。在一对多身份验证方案中,对于多个请求,从前端系统(HES)只向订阅者广播一条身份验证消息。Sun等人声称他们的方案是安全的,并提供匿名认证以保护用户隐私。然而,作者证明了他们的方案有一个致命的弱点。攻击者在没有任何秘密信息的情况下,不仅可以成功地模拟移动设备(MS)来欺骗HES,而且可以模拟HES来欺骗MS。本文的研究结果对设计和开发用户认证系统的安全工程师具有重要的指导意义。在此基础上,设计了一种基于双线性对的一对多认证方案。在随机oracle模型中给出了形式化的安全性证明。此外,还对该方案进行了性能分析。分析结果表明,该认证方案传输消息短,可以应用于带宽有限的环境中。同时,该方案也是付费电视系统中第一个安全的一对多访问控制认证方案。
{"title":"Improved one-to-many authentication scheme for access control in pay-TV systems","authors":"Huaqun Wang, Bo Qin","doi":"10.1049/iet-ifs.2011.0281","DOIUrl":"https://doi.org/10.1049/iet-ifs.2011.0281","url":null,"abstract":"Mutual authentication is important in a mobile pay-TV system. Traditional authentication schemes make use of one-to-one delivery, that is, one authentication message per request is delivered from a head-end system to subscriber. This delivery occupies too much bandwidth and therefore is inefficient and costly. One-to-many authentication scheme for access control in mobile pay-TV systems was proposed by Sun et al. in 2009. In one-to-many authentication scheme, only one authentication message for multiple requests is broadcasted from the head-end system (HES) to subscribers. Sun et al. claimed that their scheme is secure and provides anonymous authentication for protecting user privacy. However, the authors demonstrate that their scheme has a critical weakness. An attacker without any secret information can not only successfully impersonate mobile set (MS) to cheat the HES but also impersonate HES to cheat MS. The authors result is important for security engineers who design and develop user authentication systems. Afterwards, the authors design a novel one-to-many authentication scheme from bilinear pairings. They give the formal security proof in the random oracle model. In addition, they present the performance analysis of our scheme. The analysis results showed that their novel authentication scheme has shorter transmission message and can be applied in the environment which has limited bandwidth. At the same time, their scheme is also the first secure one-to-many authentication scheme for access control in pay-TV systems.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"22 1","pages":"281-290"},"PeriodicalIF":0.0,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81129173","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 22
Agent-based honeynet framework for protecting servers in campus networks 校园网服务器保护的基于代理的蜜网框架
Pub Date : 2012-09-01 DOI: 10.1049/iet-ifs.2011.0154
Iksu Kim, M. Kim
Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) that use signatures cannot protect servers from new types of internet worms. Therefore it is important to collect information about new attacks because the detection rules employed by IDSs and IPSs are formulated using this information. Honeypots are valuable security resources that act as baits for attackers. They can monitor intrusions by being probed, attacked or compromised and can detect zero-day attacks and provide researchers intending to improve security with information about the attacks. However, it is almost impossible to immediately generate detection rules from the information collected by honeypots. This study presents an agent-based honeynet framework for protecting servers in a campus network. In this framework, agents remove malicious processes and executable files on servers infected by zero-day attacks as soon as the honeynet detects them. The proposed framework provides a novel defense mechanism that protects servers from new types of internet worms effectively, without the use of signatures.
使用签名的入侵检测系统和入侵防御系统无法保护服务器免受新型网络蠕虫的攻击。因此,收集新的攻击信息非常重要,因为ddos和ips的检测规则就是根据这些信息制定的。蜜罐是有价值的安全资源,可以作为攻击者的诱饵。它们可以通过被探测、被攻击或被破坏来监控入侵,还可以检测到零日攻击,并向打算提高安全性的研究人员提供有关攻击的信息。然而,从蜜罐收集的信息中立即生成检测规则几乎是不可能的。本研究提出了一个基于代理的蜜网框架,用于保护校园网中的服务器。在这个框架中,一旦蜜网检测到被零日攻击感染的服务器上的恶意进程和可执行文件,代理就会删除它们。提出的框架提供了一种新的防御机制,可以有效地保护服务器免受新型互联网蠕虫的攻击,而无需使用签名。
{"title":"Agent-based honeynet framework for protecting servers in campus networks","authors":"Iksu Kim, M. Kim","doi":"10.1049/iet-ifs.2011.0154","DOIUrl":"https://doi.org/10.1049/iet-ifs.2011.0154","url":null,"abstract":"Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) that use signatures cannot protect servers from new types of internet worms. Therefore it is important to collect information about new attacks because the detection rules employed by IDSs and IPSs are formulated using this information. Honeypots are valuable security resources that act as baits for attackers. They can monitor intrusions by being probed, attacked or compromised and can detect zero-day attacks and provide researchers intending to improve security with information about the attacks. However, it is almost impossible to immediately generate detection rules from the information collected by honeypots. This study presents an agent-based honeynet framework for protecting servers in a campus network. In this framework, agents remove malicious processes and executable files on servers infected by zero-day attacks as soon as the honeynet detects them. The proposed framework provides a novel defense mechanism that protects servers from new types of internet worms effectively, without the use of signatures.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"22 1","pages":"202-211"},"PeriodicalIF":0.0,"publicationDate":"2012-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78394778","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
HBC entity authentication for low-cost pervasive devices 低成本普及设备的HBC实体身份验证
Pub Date : 2012-09-01 DOI: 10.1049/iet-ifs.2011.0052
Zhijun Li, G. Gong
The HB-like entity authentication protocols for low-cost pervasive devices have attracted a great deal of attention because of their simplicity, computational efficiency and solid security foundation on a well-studied hard problem–learning parity with noise. By far, the most efficient protocol is HB#, which is provably resistant to the GRS attack under the conjecture that it is secure in the DET-model. However, in order to achieve 80-bit security, a typical HB# authentication key comprises over 1000 bits, which imposes considerable storage burdens on resource-constrained devices. In this study, the authors propose a new HB-like protocol: HB. The protocol makes use of a special type of circulant matrix, in contrast to the Toeplitz matrix in HB#, to significantly reduce storage consumption and overcome a subtle security proof inefficacy in HB#. In addition, the authors introduce a masking technique that substantially increases noise level from an adversary's standpoint, and thus improves protocol performance. The authors demonstrate that 613-bit authentication key suffices for 80-bit security in the HB protocol, which is quite competitive and more appealing for low-cost devices.
针对低成本普及设备的类hb实体身份验证协议由于其简单性、计算效率和坚实的安全性基础而引起了人们的广泛关注。到目前为止,最有效的协议是hb#,在假定它在dt模型中是安全的情况下,可以证明它抵抗GRS攻击。然而,为了实现80位的安全性,典型的hb#认证密钥包含超过1000位,这对资源受限的设备造成了相当大的存储负担。在这项研究中,作者提出了一种新的类HB方案:HB。与hb#中的Toeplitz矩阵相比,该协议使用了一种特殊类型的循环矩阵,以显着减少存储消耗并克服hb#中微妙的安全证明无效。此外,作者还介绍了一种掩蔽技术,从对手的角度来看,这种技术大大提高了噪声水平,从而提高了协议的性能。作者论证了HB协议中613位认证密钥足以满足80位安全性,这对低成本设备具有相当的竞争力和吸引力。
{"title":"HBC entity authentication for low-cost pervasive devices","authors":"Zhijun Li, G. Gong","doi":"10.1049/iet-ifs.2011.0052","DOIUrl":"https://doi.org/10.1049/iet-ifs.2011.0052","url":null,"abstract":"The HB-like entity authentication protocols for low-cost pervasive devices have attracted a great deal of attention because of their simplicity, computational efficiency and solid security foundation on a well-studied hard problem–learning parity with noise. By far, the most efficient protocol is HB#, which is provably resistant to the GRS attack under the conjecture that it is secure in the DET-model. However, in order to achieve 80-bit security, a typical HB# authentication key comprises over 1000 bits, which imposes considerable storage burdens on resource-constrained devices. In this study, the authors propose a new HB-like protocol: HB. The protocol makes use of a special type of circulant matrix, in contrast to the Toeplitz matrix in HB#, to significantly reduce storage consumption and overcome a subtle security proof inefficacy in HB#. In addition, the authors introduce a masking technique that substantially increases noise level from an adversary's standpoint, and thus improves protocol performance. The authors demonstrate that 613-bit authentication key suffices for 80-bit security in the HB protocol, which is quite competitive and more appealing for low-cost devices.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"41 1","pages":"212-218"},"PeriodicalIF":0.0,"publicationDate":"2012-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77262164","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Fault-tolerant Gaussian normal basis multiplier over GF(2m) GF(2m)上的容错高斯正态基乘法器
Pub Date : 2012-09-01 DOI: 10.1049/iet-ifs.2011.0190
Tai-Pao Chuang, C. Chiou, Shun-Shii Lin, Chiou-Yng Lee
Fault-tolerant design of a finite field multiplier is an efficient method for resisting fault-based cryptanalysis in Elliptic curve cryptosystems. A novel fault-tolerant bit-parallel Gaussian normal basis (GNB) multiplier with type-t over GF(2m), which can tolerate multiple module failures at one time, is presented. No hardware modification in the proposed GNB multiplier is required to achieve the fault-tolerant function. Hence, the proposed fault-tolerant GNB multiplier has low hardware cost. The reliability of the proposed fault-tolerant GNB multiplier with type-t increases as t increases. However, the behaviour of existing GNB multipliers with concurrent error correction (CEC) resembles triple modular redundancy (TRM) when t>3. In practice, most of suggested m's by NIST use GNB with type-t>3. The proposed fault-tolerant GNB multiplier is an N-modular redundancy (NMR) system with N=t. Thus, the proposed fault-tolerant GNB multiplier with type-t can tolerate at most t/2-1 failed modules simultaneously, while existing GNB multipliers with CEC only can tolerate one failed module. The proposed GNB multiplier requires less extra space and time complexities than similar multipliers. System reliability of the proposed fault-tolerant GNB multiplier is better than that of similar GNB multipliers.
有限域乘法器的容错设计是防止椭圆曲线密码系统中基于错误的密码分析的有效方法。提出了一种新型容错位并行高斯正态基乘法器,其类型为-t / GF(2m),可同时容错多个模块故障。所提出的GNB乘法器不需要修改硬件即可实现容错功能。因此,所提出的容错GNB乘法器具有较低的硬件成本。所提出的t型容错GNB乘法器的可靠性随t的增加而增加。然而,当t>3时,具有并发纠错(CEC)的现有GNB乘法器的行为类似于三模冗余(TRM)。实际上,NIST建议的m大多使用type-t>3的GNB。提出的容错GNB乘法器是一个N=t的N模冗余(NMR)系统。因此,本文提出的容错型GNB乘法器最多可以同时容错t/2-1个失效模块,而现有的带CEC的GNB乘法器只能容错1个失效模块。拟议的GNB乘数比类似的乘数需要更少的额外空间和时间复杂性。所提出的容错GNB乘法器的系统可靠性优于同类GNB乘法器。
{"title":"Fault-tolerant Gaussian normal basis multiplier over GF(2m)","authors":"Tai-Pao Chuang, C. Chiou, Shun-Shii Lin, Chiou-Yng Lee","doi":"10.1049/iet-ifs.2011.0190","DOIUrl":"https://doi.org/10.1049/iet-ifs.2011.0190","url":null,"abstract":"Fault-tolerant design of a finite field multiplier is an efficient method for resisting fault-based cryptanalysis in Elliptic curve cryptosystems. A novel fault-tolerant bit-parallel Gaussian normal basis (GNB) multiplier with type-t over GF(2m), which can tolerate multiple module failures at one time, is presented. No hardware modification in the proposed GNB multiplier is required to achieve the fault-tolerant function. Hence, the proposed fault-tolerant GNB multiplier has low hardware cost. The reliability of the proposed fault-tolerant GNB multiplier with type-t increases as t increases. However, the behaviour of existing GNB multipliers with concurrent error correction (CEC) resembles triple modular redundancy (TRM) when t>3. In practice, most of suggested m's by NIST use GNB with type-t>3. The proposed fault-tolerant GNB multiplier is an N-modular redundancy (NMR) system with N=t. Thus, the proposed fault-tolerant GNB multiplier with type-t can tolerate at most t/2-1 failed modules simultaneously, while existing GNB multipliers with CEC only can tolerate one failed module. The proposed GNB multiplier requires less extra space and time complexities than similar multipliers. System reliability of the proposed fault-tolerant GNB multiplier is better than that of similar GNB multipliers.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"61 1","pages":"157-170"},"PeriodicalIF":0.0,"publicationDate":"2012-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85594717","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
Simultaneously generating multiple keys in a four-terminal network 在四端网络中同时生成多个密钥
Pub Date : 2012-09-01 DOI: 10.1049/iet-ifs.2011.0232
P. Babaheidarian, Somayeh Salimi, M. Aref
A source model including four terminals is considered, where three simultaneously generating three types of keys are intended. Terminals 1, 2 and 3 wish to share a common key, the secret key, which should be kept secret from terminal 4 and simultaneously terminals 1 and 2 intend to share a private key with terminal 3, which should be kept secret from each other. Also, all the keys should be concealed from terminal 4 (the external wiretapper). The authors assume that all terminals including the external wiretapper have access to distinct correlated i.i.d. sources; there is also a noiseless public channel with unlimited capacity among the terminals. The authors have investigated the model on two scenarios of key sharing depending on the direction of the public channel. Rate regions of the keys are derived. It is shown that in some special cases the inner and outer bounds of the capacity regions coincide and the capacity regions are derived.
考虑包含四个终端的源模型,其中三个终端同时生成三种类型的密钥。1号、2号和3号终端希望共享一个公共密钥,即秘密密钥,这应该对4号终端保密,同时,1号和2号终端希望与3号终端共享一个私钥,这应该对彼此保密。此外,所有的钥匙都应该从4号航站楼(外部窃听器)隐藏。作者假设包括外部窃听器在内的所有终端都可以访问不同的相关id源;在终点站之间还有一个容量无限的无噪声公共频道。作者研究了基于公共通道方向的两种密钥共享场景下的模型。导出了键的速率区域。结果表明,在某些特殊情况下,容量区域的内界和外界重合,并导出了容量区域。
{"title":"Simultaneously generating multiple keys in a four-terminal network","authors":"P. Babaheidarian, Somayeh Salimi, M. Aref","doi":"10.1049/iet-ifs.2011.0232","DOIUrl":"https://doi.org/10.1049/iet-ifs.2011.0232","url":null,"abstract":"A source model including four terminals is considered, where three simultaneously generating three types of keys are intended. Terminals 1, 2 and 3 wish to share a common key, the secret key, which should be kept secret from terminal 4 and simultaneously terminals 1 and 2 intend to share a private key with terminal 3, which should be kept secret from each other. Also, all the keys should be concealed from terminal 4 (the external wiretapper). The authors assume that all terminals including the external wiretapper have access to distinct correlated i.i.d. sources; there is also a noiseless public channel with unlimited capacity among the terminals. The authors have investigated the model on two scenarios of key sharing depending on the direction of the public channel. Rate regions of the keys are derived. It is shown that in some special cases the inner and outer bounds of the capacity regions coincide and the capacity regions are derived.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"71 1","pages":"190-201"},"PeriodicalIF":0.0,"publicationDate":"2012-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86248090","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
期刊
IET Inf. Secur.
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1