Dissertations / Theses on the topic 'Strong Key Agreement Scheme'

Telemetry system, Optimisation, Sensoric networks, Smart Grid, Internet of Things, Sensors, Information security, Cryptography, Cryptography algorithms, Cryptosystem, Confidentiality, Integrity, Authentication, Data freshness, Non-Repudiation.

Non-Interactive Key Agreement (NIKA) is a cryptographic primitive which allows two parties to agree on a shared secret key without any interaction. Identity-based Non-Interactive Key Agreement (ID-NIKA) allows each party to compute shared secret key using its own secret key and the peer's identity. ID-NIKA can be used to establish shared secret keys in ad-hoc networks using minimal battery power and communication. Mobile Ad-hoc NETwork (MANET) is a network of mobile and moderately resource constrained devices communicating through a wireless medium. Examples of standard MANET devices are laptops, cellphones etc. Due to the inherent characteristics like mobility, dynamic topology and lack of centralized infrastructure, MANETs face some serious security issues. We are particularly interested about ID-NIKA in MANETs. This is of crucial interest for secure communication between two nodes in MANETs. In 2008, Gennaro et al. introduced a scheme called Hybrid Hierarchical Key Agreement Scheme (HH-KAS). HH-KAS uses subset based key agreement scheme at the non-leaf levels and a key agreement scheme due to Sakai et al. (referred as SOK-KAS) at the leaf level. HHKAS is (i) non-interactive, (ii) identity-based, (iii) hierarchical and (iv) fully resilient against node compromises at leaf level and resilient against node compromises upto certain threshold values in non-leaf levels. Thus one can say that HH-KAS is partially resilient against node compromises. In their paper the authors claim that there is no key agreement scheme for MANETs in the literature, with all above four properties. This was motivated as an interesting open problem in this area. Guo et al. proposed a scheme known as Strong Key Agreement Scheme (SKAS) in 2011. The authors claimed it as a potential solution to the open problem posed by Gennaro et al. in their work. However, in 2014, Zhu et al. showed a concrete attack on SKAS. This attack makes SKAS practically useless for real life applications. Our main contribution is a hybrid scheme using two already existing schemes. Our scheme uses a deterministic key pre-distribution scheme by Lee and Stinson termed as Basic Id Oneway function Scheme (BIOS) at level 1 (where root is at level 0). Beyond level 1, we use SOK-KAS for key agreement. We refer our scheme as BIOS-SOK key agreement. BIOS and SOK schemes satisfy properties (i), (ii) and (iv) but none of them is hierarchical in nature. In our work we have made an amalgam of both schemes which is hierarchical in nature. Thus, BIOS-SOK scheme satis es (i), (ii), (iii) and is also fully resilient against arbitrary number of node compromises at any level. BIOS-SOK scheme also possesses the bene ts of low space requirement, low shared key computation time and better scalability for many real-life applications when compared with the scheme of Gennaro et al. In HH-KAS, the key agreement is carried out only at the leaf level. In BIOS-SOK scheme, any two nodes in the hierarchy (at same or di erent levels) can compute shared secret key. We also provide a rigorous security analysis for our scheme in a stronger security model compared to the security model used for HH-KAS.

碩士
國立臺灣科技大學
資訊管理系
104
Because of growing demand of the group-oriented applications, the secure and reliable group communication increases popularity in mobile networks. For securing group communications, a number of authenticated group key agreement (AGKA) schemes have been proposed based on certificateless public key cryptography (CL-PKC). AGKA scheme ensures group members to communicate with each other securely over insecure networks. However, the most of the AGKA schemes are implemented using bilinear pairing and without consideration of the user anonymity feature. In this thesis, the author proposed an anonymous certificateless authenticated group key agreement scheme without using bilinear pairing for resource-limited mobile devices due to the heavy computational overhead. The proposed scheme also provides join and leave procedures to enable the dynamic group operations by adopting Huffman key tree in order to minimize the negotiation rounds and reduce computational costs. This thesis analyzed the security of the proposed scheme and the proposed scheme obtains the desired security attributes with anonymity. Moreover, the security of proposed scheme was also evaluated by using BAN logic which shows that each group members generate a fresh, common and secure shared group key. Finally, the proposed scheme has relatively efficient performance in terms of communication and computation overheads than the others existing CL-PKC schemes. Hence, the proposed scheme is suitable to be used for resource-limited mobile devices.

碩士
國立臺灣科技大學
資訊管理系
95
Communicating and exchanging information with others by using third generation mobile communication (3G) is the future trend. However, the third generation mobile telecommunication system security is only limited to user-to-network or vice versa. It can not provide end-to-end protection. Mutual authentication and session key establishment can be achieved by authenticated key agreement scheme. Unfortunately, we still need to increase some modules to the current 3G system in order to implement the published low-power device key agreement schemes. Hence we use XOR, one-way hash function and one-way functions existing in the current third generation communication system to design key agreement scheme for 3G. We also propose a group key agreement scheme for the application of group communication. Our scheme will satisfy the following properties: (1) Implement on 3G system easily. (2) Achieve authentication and key agreement to ensure confidentiality of conferences. (3) Establish group key. (4) Ensure privacy of conferees’ locations. (5) Detect fake devices and avoid replay attack. (6) Has session key that is of nondisclosure, independence and integrity.

碩士
國立中興大學
資訊科學與工程學系
102
The Key agreement protocol allows two or more parties to establish a shared session key by exchanging messages over an open network. In 1976, Diffie and Hellman proposed the first key agreement protocol which enables two parties to establish a shared session key. Such protocol does not provide authentication of the communicating parties and is thus vulnerable to man-in-the-middle attack. In 2000, Joux proposed the first one round tripartite key agreement protocol. In fact, their protocol is also suffering from man-in-the-middle attack. Over the years, different approaches with authentication have been widely proposed to slove the problem. To overcome the drawbacks of managing certificates in traditional public key infrastructure and solving the key escrow problem in ID-based cryptosystem. Al-Riyami and Paterson first invented certificateless public key cryptography in 2003. Later on, Gao et al. proposed the first certificateless authenticated tripartite key agreement protocol. In this thesis, we present an efficient authenticated tripartite key agreement scheme based on certificateless public key cryptography. Our protocol is more efficient than Gao et al.’s, and we also show that the proposed scheme can meet the security requirements.

碩士
中國文化大學
資訊管理學系
105
With the evolution of Network and Information technology, the smart card makes us more convenience in daily life. The remote user and server are often using smart cards for authentication. In order to protect the privacy of users, the security of using smart card are becoming more and more important. In 2015, Chaudhry et al. proposed that Kumari et al.’s scheme has weaknesses, and proposed an improved scheme. They indicate their scheme can against many attack. However, we find that the Chaudhry et al.’s scheme is still with security problem. In 2015, Shi et al. also proposed that Kumari et al.’s other authentication scheme had many security problems, and proposed an improved scheme, but we find that scheme was still insecure. In this paper, we will analyze that weaknesses of Chaudhry et al.’s and Shi et al’s scheme, and improve Chaudhry et al.’s scheme to avoid their security problems. We also apply the security analysis and security comparison and efficiency analysis with other schemes that prove our scheme is secure and can apply it in everyday life.

碩士
朝陽科技大學
資訊工程系碩士班
97
E-mail has become an irreplaceable mean of communication in the era of Internet age. Yet, since the early days, when e-mails were exchanged as normal text files without any safety mechanism, safety and privacy has always been a crucial agenda for e-mail exchanges. This paper, with modern cryptography, would discuss an e-mail protocol for better safety and privacy, as one of the key issues for e-mail security is to assure the identity of the destined recipient. In such a forward secrecy protocol, PGP (pretty Good Privacy) encryption is not included because of its high system demand for calculation capacity, and instead of session keys, passwords play the main part of identity verification; so the protocol discussed here would be suitable for mobile devices. As for the security issue, such protocol would be built on discreet logarithms so that attackers do not have access to the user privacy in the public information. Secondary, there are more and more services that can be obtained from servers with easy access, which means such accesses are opened for attacked, such as user privacy, attacks and hacks on server, and consequently brought the disruption to such services. This paper would discuss an efficient key agreement protocol that requires the user to use password, or finger-print recognition system to obtain mutual authentication with the server, and the session key. For its security measure, this forward-secrecy protocol can resist against stolen-verifier attack, Denial of Service DoS, and known-key attack, so the users can obtain services from servers via the internet securely.

碩士
國立中山大學
資訊工程學系研究所
100
Vehicular ad-hoc network (VANETs) has been a hot research topic in recent years. In this environment, each vehicle can broadcast messages to other vehicles and inform drivers to change their route right away in order to enhance the efficiency of driving and to avoid accidents. Since vehicles communicate through wireless tunnel, many malicious attacks may occur during the transmission of messages. Consequently, ensuring the correctness of receiving messages and verifying the authenticity of the sender is necessary. Besides, we also need to protect the real identities of vehicles from revealing to guarantee the privacy. To satisfy these security properties, many related researches have been proposed. However, they all have some drawbacks. For example: 1. The cost of the certificate management and the exposure problem of the certificate. 2. Waiting for RSU to verify the messages: Once more vehicles need RSU, RSU will have much more overhead and it can’t achieve real-time authentication. In this thesis, we come up with an anonymous authentication and key agreement scheme based on chameleon hashing and ID-based cryptography in the vehicular communication environment. In our scheme, every vehicle can generate many different chameleon hash values to represent itself, and others can prove the ownership of chameleon hash value. Furthermore, unlike other pseudonymous authentication schemes, we also achieve one-to-one private communication via ID-based cryptography. Finally, we not only overcome some problems in previous works but also fulfill some necessary security requirements in vehicular communication environment.

碩士
南華大學
資訊管理學系
104
Recently, Kumari et al. pointed out that Chang et al.’s “Untraceable dynamic-identity-based remote user authentication scheme with verifiable password update” not only has several drawbacks, but also does not provide any session key agreement. Hence, they proposed an improvement with key agreement on the scheme. After cryptanalysis, they confirmed its security properties. However, we determined that the improved scheme still suffers from both anonymity breach and the smart card loss password guessing attack, which are two of the ten basic requirements in a secure identity authentication protocal using smart card, insisted by Liao et al. Therefore, we modified their improvement to include those desired security functionalities, which are significantly important in a user authentication smart card system.

碩士
國立勤益科技大學
資訊工程系
107
In recent years the influx of mobile communication devices like cellular phones and laptops have made communication and data sharing extremely easier over long distances. These communication technologies have seen the introduction of the internet which is a public network to be frequently used since it is the most cost-effective kind of network. The flexibility of public networks has been adopted by global businesses which has seen the introduction of online/distance learning. When using public networks, the information of the users must be secured at all times. Identity-based authenticated group key agreement (ID-GKA) protocols have been proposed to secure communication over public networks. Many of these previously proposed ID_GKA protocols require bilinear pairings for security, although this is good but it is not suitable for low power devices. Those that do not require pairings do not verify the identity of the user during messages exchanged which exposes the system to user impersonification attacks. In this paper, we propose A Pairing-Free Signature-Verified Cryptonym-Based Group Key Agreement Scheme. The proposed protocol is resilient against a lot of attacks such as known session key security, insider attacks and perfect forward secrecy. In addition, the proposed protocol is suitable for low-power devices as it uses the elliptic curve scalar point multiplication (ECMP).

碩士
國立中央大學
資訊工程學系
106
Private key plays an important character in public key cryptosystem, if private key was exposed, the confidentiality of previous messages would not be guaranteed. With the progress of technology, almost everyone has his/her own mobile device such as cell phone. Signature or decryption are often performed on a mobile device operation in an environment where the private key is likely to be exposed by stealing the mobile device. It is easier to obtain the private key by stealing mobile device than to break the computational assumption on which the security the system is based. In order to reduce the damage of key exposure, Dodis proposed a new paradigm called key-insulation. In the key-insulation cryptosystem, the private key's life time is divided into discrete time periods, and the private key will be updated by interacting with the "auxiliary device" which is placed in safety. It would only cause damage in time period $i$ if the private key exposed in time period $i$, it would not influence any other time periods. The computational cost and communication overhead in key-insulation signature schemes are higher than traditional signature scheme because of updating private key periodically. Signcryption proposed by Zheng can simultaneously achieve both the function of signature and encryption in a logical step, and with more efficient in computational cost and communication overhead than traditional signature-then-encryption. In this thesis, we modified the exsisting key-insulation signature scheme and proposed a new key-insulation signcryption scheme based on elliptic curve with a cost significantly lower than that required by traditional "key-insulation signature-then-encryption" and remains all the properties in key-insulation cryptosystem.

碩士
慈濟大學
醫學資訊學系碩士班
104
The US government enacted Health Insurance Portability and Accountability Act (HIPAA), in which patient control over electronic protected health information (ePHI) is one of the major concerns. There are two major goals -- availability and confidentiality of ePHIs in the privacy regulation and security regulation defined by HIPAA. Most recent authenticated key agreement schemes for HIPAA privacy/security regulations were developed by using time-consuming modular exponential computations or scalar multiplications on elliptic curves in order to have higher security. Thus, these authenticated key agreement schemes either require heavy computational cost or have authorize problems. Recent studies show that cryptosystems using chaotic maps operations are more efficient than those using modular exponential computations and scalar multiplications on elliptic curves. In addition, the enhanced Chebyshev polynomials also provide the semi-group property and the commutative property. Hence, this thesis develops two secure and efficient authenticated key agreement schemes for HIPAA privacy/security regulations by using extended chaotic maps. One is certificate-based, while the other certificateless-based. Compared to related approaches, the proposed schemes not only provide more security functionalities, but also have lower computational cost.

碩士
國立勤益科技大學
資訊工程系
105
With the progress of communication technology, enterprise internal meetings have also entered the cloud era, the meeting environment need to consider the safety and convenience. The cloud conference security has become an important issue. In this thesis, we will design a complete multi-user security authentication mechanism to verify the identity of the meeting members and to avoid malicious attackers steal important meeting content. The contents of these meetings will contain important corporate secrets and new product ideas. In this thesis, the chaotic mapping method implements a set of specific confidential communication. The entire participants need not to provide their personal passwords, just provide a pre-planned personal ID to exchange confidential information. The users participating in the meeting will receive the session key through the exchange of messages. Finally, at the end of the paper, we show that our approach is sufficiently safe and efficient.