The Experts below are selected from a list of 234 Experts worldwide ranked by ideXlab platform
Jennifer Seberry - One of the best experts on this subject based on the ideXlab platform.
-
Immunizing public key cryptosystems against chosen ciphertext attacks
IEEE Journal on Selected Areas in Communications, 1993Co-Authors: Yuliang Zheng, Jennifer SeberryAbstract:Three methods for strengthening public key cryptosystems in such a way that they become secure against adaptively chosen ciphertext attacks are presented. In an adaptively chosen ciphertext attack, an attacker can query the deciphering algorithm with any ciphertext except for the exact object ciphertext to be cryptanalyzed. The first strengthening method is based on the use of one-way hash functions, the second on the use of universal hash functions, and the third on the use of digital signature schemes. Each method is illustrated by an example of a public key cryptosystem based on the intractability of computing discrete logarithms in finite fields. Security of the three example cryptosystems is formally proved. Two other issues, namely, applications of the methods to public key cryptosystems based on other intractable problems and enhancement of information Authentication Capability to the cryptosystems, are also discussed. >
-
CRYPTO - Practical Approaches to Attaining Security Against Adaptively Chosen Ciphertext Attacks (Extended Abstract)
1992Co-Authors: Yuliang Zheng, Jennifer SeberryAbstract:This paper presents three methods for strengthening public key cryptosystems in such a way that they become secure against daptively chosen ciphertext attacks. In an adaptively chosen ciphertext attack, an attacker can query the deciphering algorithm with any cipher-texts, except for the exact object ciphertext to be cryptanalyzed. The first strengthening method is based on the use of one-way hash functions, the second on the use of universal hash functions and the third on the use of digital signature schemes. Each method is illustrated by an example of a public key cryptosystem based on the intractability of computing discrete logarithms in finite fields. Two other issues, namely applications of the methods to public key cryptosystems based on other intractable problems and enhancement of information Authentication Capability to the cryptosystems, are also discussed.
-
Error-correcting codes for Authentication and subliminal channels
IEEE Transactions on Information Theory, 1991Co-Authors: R.s. Safavi-naini, Jennifer SeberryAbstract:The application of coding theory to security scenarios is studied. Authentication systems are introduced that are based on algebraic codes and provide high protection against an intruder's impersonation and substitution attacks. It is shown that a subliminal channel can be embedded into these systems and that there is a trade-off between the Authentication Capability, subliminal capacity, and error protection Capability. >
-
Practical Approaches to Attaining Security against Adaptively Chosen Ciphertext Attacks
Advances in Cryptology — CRYPTO’ 92, 1Co-Authors: Yuliang Zheng, Jennifer SeberryAbstract:This paper presents three methods for strengthening public key cryptosystems in such a way that they become secure against adaptively chosen ciphertext attacks. In an adaptively chosen ciphertext attack, an attacker can query the deciphering algorithm with any ciphertexts, except for the exact object ciphertext to be cryptanalyzed. The first strengthening method is based on the use of one-way hash functions, the second on the use of universal hash functions and the third on the use of digital signature schemes. Each method is illustrated by an example of a public key cryptosystem based on the intractability of computing discrete logarithms in finite fields. Two other issues, namely applications of the methods to public key cryptosystems based on other intractable problems and enhancement of information Authentication Capability to the cryptosystems, are also discussed.
Robert H. Deng - One of the best experts on this subject based on the ideXlab platform.
-
Security analysis on a family of ultra-lightweight RFID Authentication protocols
Journal of Software, 2008Co-Authors: Guilin Wang, Robert H. DengAbstract:In this paper, we analyze the security vulnerabilities of a family of ultra-lightweight RFID mutual Authentication protocols: LMAP, M2AP and EMAP, which are recently proposed by Peris-Lopez et al. We identify two effective attacks, namely de-synchronization attack and full-disclosure attack, against their protocols. The former permanently disables the Authentication Capability of a RFID tag by destroying synchronization between the tag and the RFID reader. It can be carried out in just single round of interaction in the Authentication protocols. The latter completely compromises a tag by extracting all the secret information stored in the tag. It is accomplished across several runs of the protocols. Moreover, we point out the potential countermeasures to improve the security of above protocols.
-
The security and improvement of an ultra‐lightweight RFID Authentication protocol
Security and Communication Networks, 2008Co-Authors: Robert H. Deng, Guilin WangAbstract:It is very challenging on designing cryptographically strong security functions that can be incorporated into low-cost radio frequency identification (RFID) tags. Some RFID Authentication protocols were proposed using only ultra-lightweight primitives, while the security of them must be scrutinized before being put forth into any real application. In this paper, we present two effective attacks, namely de-synchronization attack and full-disclosure attack, against an efficient ultra-lightweight RFID mutual Authentication protocol: LMAP 2, which is recently proposed by Peris-Lopez et al. These active attacks are so serious as they cannot only disable the Authentication Capability of an RFID tag by destroying synchronization between the tag and the RFID reader, but also disclose all secret values stored in the tag. We point out the design flaws of the protocol and based on that, we improve the protocol with a stateful variant (SLMAP). The improved protocol is more secure in sense of tag anonymity, man-in-the-middle (MITM) resistance, and forgery prevention as shown in our analysis, and is more compact due to reduced operations and memory usage on implementing such a tag. Copyright © 2008 John Wiley & Sons, Ltd.
-
ARES - Vulnerability Analysis of EMAP-An Efficient RFID Mutual Authentication Protocol
The Second International Conference on Availability Reliability and Security (ARES'07), 2007Co-Authors: Robert H. DengAbstract:In this paper, we analyze the security vulnerabilities of EMAP, an efficient RFID mutual Authentication protocol recently proposed by Peris-Lopez et al. (2006). We present two effective attacks, a de-synchronization attack and a full-disclosure attack, against the protocol. The former permanently disables the Authentication Capability of a RFID tag by destroying synchronization between the tag and the RFID reader. The latter completely compromises a tag by extracting all the secret information stored in the tag. The de-synchronization attack can be carried out in just round of interaction in EMAP while the full-disclosure attack is accomplished across several runs of EMAP. We also discuss ways to counter the attacks
Albert Martinez - One of the best experts on this subject based on the ideXlab platform.
-
PATMOS - A comparison of two approaches providing data encryption and Authentication on a processor memory bus
Lecture Notes in Computer Science, 2006Co-Authors: Reouven Elbaz, Lionel Torres, Gilles Sassatelli, Pierre Guillemin, Michel Bardouillet, Albert MartinezAbstract:This paper presents a comparison of two engines providing encryption and Authentication of data exchanged between a System on Chip (SoC) and its external memory. The first engine is based on a generic composition scheme, meaning that each required security service, confidentiality and Authentication, is guaranteed by a dedicated algorithm i.e. respectively AES (Advanced Encryption Standard) and CBC-MAC (Message Authentication Code). The second one, called PE-ICE (Parallelized Encryption and Integrity Checking Engine), uses AES encryption to provide both properties to data by adding the Authentication Capability to block cipher. Performance evaluations show that our scheme PE-ICE always outperforms the combination of AES encryption and CBC-MAC.
-
A Comparison of Two Approaches Providing Data Encryption and Authentication on a Processor Memory Bus
Lecture Notes in Computer Science, 2006Co-Authors: Reouven Elbaz, Lionel Torres, Gilles Sassatelli, Pierre Guillemin, Michel Bardouillet, Albert MartinezAbstract:This paper presents a comparison of two engines providing encryption and Authentication of data exchanged between a System on Chip (SoC) and its external memory. The first engine is based on a generic composition scheme. meaning that each required security service, confidentiality and Authentication, is guaranteed by a dedicated algorithm i.e. respectively AES (Advanced Encryption Standard) and CBC-MAC (Message Authentication Code). The second one, called PE-1CE (Parallelized Encryption and Integrity Checking Engine), uses AES encryption to provide both properties to data by adding the Authentication Capability to block cipher. Performance evaluations show that our scheme PE-ICE always outperforms the combination of AES encryption and CBC-MAC.
Wen-hsiang Tsai - One of the best experts on this subject based on the ideXlab platform.
-
A covert communication method via spreadsheets by secret sharing with a self-Authentication Capability
Journal of Systems and Software, 2013Co-Authors: Che-wei Lee, Wen-hsiang TsaiAbstract:Graphical abstractDisplay Omitted Highlights? A self-Authentication Capability for secrets is developed by using secret sharing. ? A receiver can confirm the correctness of the extracted secret message. ? The method explores a new cover medium to perform covert communication. ? The method is only one having the Capability against active and passive attacks. A new covert communication method with a self-Authentication Capability for secret data hiding in spreadsheets using the information sharing technique is proposed. At the sender site, a secret message is transformed into shares by Shamir's (k, n)-threshold secret sharing scheme with n=k+1, and the generated k+1 shares are embedded into the number items in a spreadsheet as if they are part of the spreadsheet content. And at the receiver site, every k shares among the k+1 ones then are extracted from the stego-spreadsheet to recover k+1 copies of the secret, and the consistency of the k+1 copies in value is checked to determine whether the embedded shares are intact or not, achieving a new type of blind self-Authentication of the embedded secret. By dividing the secret message into segments and applying to each segment the secret sharing scheme, the integrity and fidelity of the hidden secret message can be verified, achieving a covert communication process with the double functions of information hiding and self-Authentication. Experimental results and discussions on data embedding capacity, Authentication precision, and steganalysis issues are also included to show the feasibility of the proposed method.
-
Hiding binary images behind noise with Authentication Capability: a new approach to covert communication
IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology 2003. Proceedings., 1Co-Authors: Chih-hsuan Tzeng, Wen-hsiang TsaiAbstract:A new approach to hiding secret binary images behind noise images for covert communication with a Capability of secret Authentication is proposed. A secret image to be transmitted is transformed into a random noise image at a sender site with a given key, with the aim of both covering the secret and cheating illicit interceptors. Authentication bits are also embedded imperceptibly in the noise image. At the receiver site, the secret image is recovered from the noise image with the same key and verified by checking the existence of the Authentication bits. Experimental results show the feasibility of the approach for real applications.
Gustavus J Simmons - One of the best experts on this subject based on the ideXlab platform.
-
EUROCRYPT - The subliminal channel and digital signatures
Advances in Cryptology, 1Co-Authors: Gustavus J SimmonsAbstract:In a paper entitled "The Prisoners' Problem and the Subliminal Channel" [1], the present author showed that a message Authentication without secrecy channel providing m bits of overt communication and r bits of message Authentication could be perverted to allow an l < r bit covert channel between the transmitter and a designated receiver at the expense of reducing the message Authentication Capability to r-l bits, without affecting the overt channel. It was also shown that under quite reasonable conditions the detection of even the existence of this covert channel could be made as difficult as the underlying cryptoalgorithm was difficult to "break." In view of this open -- but indetectable -- existence, the covert channel was called the "subliminal" channel. The examples constructed in [1], although adequate to prove the existence of such channels, did not appear to be feasible to extend to interesting communications systems. Fortunately, two digital signature schemes have been proposed since Crypto 83 -- one by Ong-Schnorr-Shamir [2] based on the difficulty of factoring sufficiently large composite numbers and one by Gamal [3] based on the difficulty of taking discrete logarithms with respect to a primitive element in a finite field -- that provide ideal bases for implementing practical subliminal channels. This paper reviews briefly the essential features of the subliminal channel and then discusses implementations in both the Ong-Schnorr-Shamir and Gamal digital signature channels.
