Topic
Strong key
About: Strong key is a research topic. Over the lifetime, 60 publications have been published within this topic receiving 911 citations.
Papers published on a yearly basis
Papers
6 Jan 2003
TL;DR: A construction of a strong (t,N)-signature scheme whose security may be based on the discrete logarithm assumption in the random oracle model is given, which offers faster signing and verification than the generic construction, at the expense of O(t) key update time and key length.
Abstract: Signature computation is frequently performed on insecure devices -- e.g., mobile phones -- operating in an environment where the private (signing) key is likely to be exposed. Strong key-insulated signature schemes are one way to mitigate the damage done when this occurs. In the key-insulated model [6], the secret key stored on an insecure device is refreshed at discrete time periods via interaction with a physically-secure device which stores a "master key". All signing is still done by the insecure device, and the public key remains fixed throughout the lifetime of the protocol. In a strong (t,N)-key-insulated scheme, an adversary who compromises the insecure device and obtains secret keys for up to t periods is unable to forge signatures for any of the remaining N-t periods. Furthermore, the physically-secure device (or an adversary who compromises only this device) is unable to forge signatures for any time period.We present here constructions of strong key-insulated signature schemes based on a variety of assumptions. First, we demonstrate a generic construction of a strong (N - 1,N)-key-insulated signature scheme using any standard signature scheme. We then give a construction of a strong (t,N)-signature scheme whose security may be based on the discrete logarithm assumption in the random oracle model. This construction offers faster signing and verification than the generic construction, at the expense of O(t) key update time and key length. Finally, we construct strong (N - 1,N)-key-insulated schemes based on any "trapdoor signature scheme" (a notion we introduce here); our resulting construction in fact serves as an identity-based signature scheme as well. This leads to very efficient solutions based on, e.g., the RSA assumption in the random oracle model.
302 citations
TL;DR: This paper proposes a new efficient and secure biometrics-based multi- server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem (ECC) without verification table to minimize the complexity of hash operation among all users and fit multi-server communication environments.
Abstract: Conventional single-server authentication schemes suffer a significant shortcoming. If a remote user wishes to use numerous network services, he/she must register his/her identity and password at these servers. It is extremely tedious for users to register numerous servers. In order to resolve this problem, various multi-server authentication schemes recently have been proposed. However, these schemes are insecure against some cryptographic attacks or inefficiently designed because of high computation costs. Moreover, these schemes do not provide strong key agreement function which can provide perfect forward secrecy. Based on these motivations, this paper proposes a new efficient and secure biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem (ECC) without verification table to minimize the complexity of hash operation among all users and fit multi-server communication environments. By adopting the biometrics technique, the proposed scheme can provide more strong user authentication function. By adopting the ECC technique, the proposed scheme can provide strong key agreement function with the property of perfect forward secrecy to reduce the computation loads for smart cards. As a result, compared with related multi-serve authentication schemes, the proposed scheme has strong security and enhanced computational efficiency. Thus, the proposed scheme is extremely suitable for use in distributed multi-server network environments such as the Internet and in limited computations and communication resource environments to access remote information systems since it provides security, reliability, and efficiency.
195 citations
TL;DR: A hierarchical key assignment scheme based on linear-geometry as the solution of flexible and fine-grained hierarchical access control in cloud computing and provides strong key indistinguishability under the assumption of pseudorandom functions.
Abstract: Access control is an indispensable security component of cloud computing, and hierarchical access control is of particular interest since in practice one is entitled to different access privileges. This paper presents a hierarchical key assignment scheme based on linear-geometry as the solution of flexible and fine-grained hierarchical access control in cloud computing. In our scheme, the encryption key of each class in the hierarchy is associated with a private vector and a public vector, and the inner product of the private vector of an ancestor class and the public vector of its descendant class can be used to derive the encryption key of that descendant class. The proposed scheme belongs to direct access schemes on hierarchical access control, namely each class at a higher level in the hierarchy can directly derive the encryption key of its descendant class without the need of iterative computation. In addition to this basic hierarchical key derivation, we also give a dynamic key management mechanism to efficiently address potential changes in the hierarchy. Our scheme only needs light computations over finite field and provides strong key indistinguishability under the assumption of pseudorandom functions. Furthermore, the simulation shows that our scheme has an optimized trade-off between computation consumption and storage space.
64 citations
TL;DR: In this article, the authors analyze the security of hierarchical key assignment schemes according to different notions: security with respect to key indistinguishability and against key recovery, as well as the two recently proposed notions of security in hierarchical key assignments against strong key recovery.
Abstract: A hierarchical key assignment scheme is a method to assign some private information and encryption keys to a set of classes in a partially ordered hierarchy, in such a way that the private information of a higher class can be used to derive the keys of all classes lower down in the hierarchy. In this paper we analyze the security of hierarchical key assignment schemes according to different notions: security with respect to key indistinguishability and against key recovery , as well as the two recently proposed notions of security with respect to strong key indistinguishability and against strong key recovery . We first explore the relations between all security notions and, in particular, we prove that security with respect to strong key indistinguishability is not stronger than the one with respect to key indistinguishability. Afterwards, we propose a general construction yielding a hierarchical key assignment scheme offering security against strong key recovery, given any hierarchical key assignment scheme which guarantees security against key recovery.
48 citations
15 Dec 2011
TL;DR: The paper introduces a new secret data communication system that employs the usage of two state-of-the art cryptographic algorithms (RSA with asymmetric keys and AES with symmetric key) together with steganography to build a robust Steganography-based communication system capable of withstanding multiple types of attacks, detection and reverse engineering.
Abstract: The paper introduces a new secret data communication system that employs the usage of two state-of-the art cryptographic algorithms (RSA with asymmetric keys and AES with symmetric key) together with steganography. The joining of these three techniques builds a robust steganography-based communication system capable of withstanding multiple types of attacks, detection and reverse engineering. Our system was designed in a way that offers a solution to the major flaws presented in other steganographic communication systems [2][4][5][6]. The secret data is encrypted using AES with a strong key prior to being embedded using a steganographic algorithm [1]. The key used for the data encryption uses a combination between a random generated sequence and a hash of the cover image's color information that remains untouched throughout the entire embedding process. The secret data and the key used for encryption both pass multiple levels of security checks that assure the integrity, authenticity and security, making this a reliable communication channel for sensitive data. While all encryption stages assure that the secret data becomes obsolete without the proper decryption perquisites (keys), the steganographic algorithm introduces an additional level of security: stealth.
38 citations
Related Topics (5)
Performance Metrics
| Year | Papers |
|---|---|
| 2021 | 5 |
| 2020 | 2 |
| 2019 | 5 |
| 2018 | 6 |
| 2017 | 5 |
| 2016 | 5 |