The certificate-based cryptosystems is traditional way in providing the system parameters. Identity-based
cryptography is more efficient than certificate-based cryptosystems. Each user in identity-based
cryptography uses any arbitrary string that uniquely identifies him as his public key. This paper proposes
a new identity-based tripartite signcryption scheme based on the elliptic curve discrete logarithm problem.
The proposed id-based tripartite signcryption scheme does not use the bilinear pairings in both the
Signcryption and unsigncryption phases. The proposed scheme used to reduce the communication over
head when three entities wants to communicate securely as in authentication protocol in GSM and in ecommerce.
The proposed scheme satisfies various desirable security properties. Also, the performance of
the proposed scheme is tested.
AN EFFICIENT PROXY SIGNCRYPTION SCHEME BASED ON THE DISCRETE LOGARITHM PROBLEMZac Darcy
Signcryption is a cryptographic primitive which simultaneously provides both confidentiality and
authenticity in a single logical step. In a proxy signature scheme, an original signer delegates his signing
power to a proxy agent, who signs a message on behalf of him. This paper introduces a new proxy
signcryption scheme based on the Discrete Logarithm Problem (DLP) with a reduced computational
complexity compared to other schemes in literature. In this proposed scheme, the receiver is the only one
who can verify the origin of the ciphertext. Moreover, in this scheme, an authorized proxy signcrypter can
create valid proxy signatures after verifying the identity of the original signcrypter. The proposed scheme
achieves the various desirable security requirements. An elliptic curve based version of the proposed proxy
signcryption scheme has been implemented using Mathematica for realistic (256-bit) parameters to
emphasize the ease of its practical use.
AN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECCijcisjournal
Digital Signatures play a crucial role today as it ensures authentication, integrity and non-repudiation of a digital message. Many researches are ongoing based on elliptic curve cryptography due to its significant high performance. In this paper we propose an efficient and secure digital multi-signature protocol based on elliptic curve cryptography. The proposed protocol is efficient with reduced time complexity as compared to Chen et al.[14], Sahu and Sharma [18] and Chande and Thakur’s [20] digital multi-signature schemes. Also the proposed protocol overcomes the insider attack as specified by Liu et al. [19] in the Chen et.al’s digital multi-signature scheme.
Multiple Encryption using ECC and Its Time Complexity AnalysisIJCERT
Rapid growth of information technology in present era, secure communication, strong data encryption technique and trusted third party are considered to be major topics of study. Robust encryption algorithm development to secure sensitive data is of great significance among researchers at present. The conventional methods of encryption used as of today may not sufficient and therefore new ideas for the purpose are to be design, analyze and need to be fit into the existing system of security to provide protection of our data from unauthorized access. An effective encryption/ decryption algorithm design to enhance data security is a challenging task while computation, complexity, robustness etc. are concerned. The multiple encryption technique is a process of applying encryption over a single encryption process in a number of iteration. Elliptic Curve Cryptography (ECC) is well known and well accepted cryptographic algorithm and used in many application as of today. In this paper, we discuss multiple encryptions and analyze the computation overhead in the process and study the feasibility of practical application. In the process we use ECC as a multiple-ECC algorithm and try to analyze degree of security, encryption/decryption computation time and complexity of the algorithm. Performance measure of the algorithm is evaluated by analyzing encryption time as well as decryption time in single ECC as well as multiple-ECC are compared with the help of various examples.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
AN EFFICIENT PROXY SIGNCRYPTION SCHEME BASED ON THE DISCRETE LOGARITHM PROBLEMZac Darcy
Signcryption is a cryptographic primitive which simultaneously provides both confidentiality and
authenticity in a single logical step. In a proxy signature scheme, an original signer delegates his signing
power to a proxy agent, who signs a message on behalf of him. This paper introduces a new proxy
signcryption scheme based on the Discrete Logarithm Problem (DLP) with a reduced computational
complexity compared to other schemes in literature. In this proposed scheme, the receiver is the only one
who can verify the origin of the ciphertext. Moreover, in this scheme, an authorized proxy signcrypter can
create valid proxy signatures after verifying the identity of the original signcrypter. The proposed scheme
achieves the various desirable security requirements. An elliptic curve based version of the proposed proxy
signcryption scheme has been implemented using Mathematica for realistic (256-bit) parameters to
emphasize the ease of its practical use.
AN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECCijcisjournal
Digital Signatures play a crucial role today as it ensures authentication, integrity and non-repudiation of a digital message. Many researches are ongoing based on elliptic curve cryptography due to its significant high performance. In this paper we propose an efficient and secure digital multi-signature protocol based on elliptic curve cryptography. The proposed protocol is efficient with reduced time complexity as compared to Chen et al.[14], Sahu and Sharma [18] and Chande and Thakur’s [20] digital multi-signature schemes. Also the proposed protocol overcomes the insider attack as specified by Liu et al. [19] in the Chen et.al’s digital multi-signature scheme.
Multiple Encryption using ECC and Its Time Complexity AnalysisIJCERT
Rapid growth of information technology in present era, secure communication, strong data encryption technique and trusted third party are considered to be major topics of study. Robust encryption algorithm development to secure sensitive data is of great significance among researchers at present. The conventional methods of encryption used as of today may not sufficient and therefore new ideas for the purpose are to be design, analyze and need to be fit into the existing system of security to provide protection of our data from unauthorized access. An effective encryption/ decryption algorithm design to enhance data security is a challenging task while computation, complexity, robustness etc. are concerned. The multiple encryption technique is a process of applying encryption over a single encryption process in a number of iteration. Elliptic Curve Cryptography (ECC) is well known and well accepted cryptographic algorithm and used in many application as of today. In this paper, we discuss multiple encryptions and analyze the computation overhead in the process and study the feasibility of practical application. In the process we use ECC as a multiple-ECC algorithm and try to analyze degree of security, encryption/decryption computation time and complexity of the algorithm. Performance measure of the algorithm is evaluated by analyzing encryption time as well as decryption time in single ECC as well as multiple-ECC are compared with the help of various examples.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
On the Usage of Chained Codes in CryptographyCSCJournals
We discuss the chained randomized linear code and their use in cryptography. We show that the adoption of randomized chained codes in the framework of McEliece cryptosystem expose the cryptosystem to some new attacks.
Introduction to Public key Cryptosystems with block diagrams
Reference : Cryptography and Network Security Principles and Practice , Sixth Edition , William Stalling
EFFICIENT CONDITIONAL PROXY REENCRYPTION WITH CHOSEN CIPHER TEXT SECURITYIJNSA Journal
In a proxy re-encryption (PRE) scheme, Alice gives a special information to a proxy that allows it to transform messages encrypted under Alice's public key into a encryption under Bob's public key such that the message is not revealed to the proxy. In [14], Jian Weng and others introduced the notion of conditional proxy re-encryption (C-PRE) with bilinear pairings. Later, a break for the same was published in [17] and a new C-PRE scheme with bilinear pairings was introduced. In C-PRE, the proxy also needs to have the right condition key to transform the ciphertext (associated with a condition set by Alice) under Alice's public key into ciphertext under Bob's public key, so that Bob can decrypt it. In this paper, we propose an efficient C-PRE scheme which uses substantially less number of bilinear pairings when compared to the existing one [17]. We then prove its chosen-ciphertext security under modified Computational Diffie-Hellman (mCDH) and modified Computational Bilinear Diffie-Hellman (mCBDH) assumptions in the random oracle model.
Different types of Authentications described in different scenarios. Basically a survey paper on Different kinds of authentications in different scenarios.
Chaotic Rivest-Shamir-Adlerman Algorithm with Data Encryption Standard Schedu...journalBEEI
Cryptography, which involves the use of a cipher, describes a process of encrypting information so that its meaning is hidden and thus, secured from those who do not know how to decrypt the information. Cryptography algorithms come with the various types including the symmetric key algorithms and asymmetric key algorithms. In this paper, the authors applied the most commonly used algorithm, which is the RSA algorithm together with the Chaos system and the basic security device employed in the worldwide organizations which is the Data Encryption Standard (DES) with the objective to make a hybrid data encryption. The advantage of a chaos system which is its unpredictability through the use of multiple keys and the secrecy of the RSA which is based on integer factorization’s difficulty is combined for a more secure and reliable cryptography. The key generation was made more secure by applying the DES schedule to change the keys for encryption. The main strength of the proposed system is the chaotic variable key generator that chages the value of encrypted message whenever a different number of key is used. Using the provided examples the strength of security of the proposed system was tested and demonstrated.
Automatic tempest test and analysis systemijcisjournal
Today, it is clearly known that the electronic devices generate electromagnetic radiations unintentionally,
which may contain critical information called compromising emanations (CE). CE is also known as
TEMPEST radiation, which is a code name firstly used by an U.S government program. Every developed
country has a TEMPEST Test Laboratory (TTL) connected to their National Security Agency (NSA). The
main objective of these laboratories is to investigate equipment, systems, and platforms processing
cryptographic information in terms of CE. TEMPEST tests might take very long time depending on the item
under test. In this paper, a complete Automatic TEMPEST Test and Analysis System (ATTAS) developed in
TUBITAK, BILGEM TTL is introduced. The system has the following properties, which are automatic
system calibration unit, automatic test matrix generator based on the SDIP-27/1 standard, implementation
of tunable and nontunable tests, automatic CE investigations, rendering of the CE of video display units,
playing of the CE of audio signals, measurement of detection system sensitivity, zoning of TEMPEST
equipment based on SDIP-28 standard, and generation of graphical results.
Design of Processing Element (PE3) for Implementing Pipeline FFT Processor ijcisjournal
Multiplexing is a method by which multiple analog message signals or digital data streams are combined
into one signal over a shared medium. In communication, different multiplexing schemes are used. To
achieve higher data rates, Orthogonal Frequency Division Multiplexing (OFDM) is used due to its high
spectral efficiency. OFDM became a serious alternative for modern digital signal processing methods
based on the Fast Fourier Transform (FFT).The problems with Orthogonal subcarriers can be addressed
with FFT in communication applications. An 8-bit processing element (PE3), used in the execution of a
pipeline FFT processoris designed and presented in this paper. Simulations are carried out using Mentor
Graphics tools in 130nm technology.
On the Usage of Chained Codes in CryptographyCSCJournals
We discuss the chained randomized linear code and their use in cryptography. We show that the adoption of randomized chained codes in the framework of McEliece cryptosystem expose the cryptosystem to some new attacks.
Introduction to Public key Cryptosystems with block diagrams
Reference : Cryptography and Network Security Principles and Practice , Sixth Edition , William Stalling
EFFICIENT CONDITIONAL PROXY REENCRYPTION WITH CHOSEN CIPHER TEXT SECURITYIJNSA Journal
In a proxy re-encryption (PRE) scheme, Alice gives a special information to a proxy that allows it to transform messages encrypted under Alice's public key into a encryption under Bob's public key such that the message is not revealed to the proxy. In [14], Jian Weng and others introduced the notion of conditional proxy re-encryption (C-PRE) with bilinear pairings. Later, a break for the same was published in [17] and a new C-PRE scheme with bilinear pairings was introduced. In C-PRE, the proxy also needs to have the right condition key to transform the ciphertext (associated with a condition set by Alice) under Alice's public key into ciphertext under Bob's public key, so that Bob can decrypt it. In this paper, we propose an efficient C-PRE scheme which uses substantially less number of bilinear pairings when compared to the existing one [17]. We then prove its chosen-ciphertext security under modified Computational Diffie-Hellman (mCDH) and modified Computational Bilinear Diffie-Hellman (mCBDH) assumptions in the random oracle model.
Different types of Authentications described in different scenarios. Basically a survey paper on Different kinds of authentications in different scenarios.
Chaotic Rivest-Shamir-Adlerman Algorithm with Data Encryption Standard Schedu...journalBEEI
Cryptography, which involves the use of a cipher, describes a process of encrypting information so that its meaning is hidden and thus, secured from those who do not know how to decrypt the information. Cryptography algorithms come with the various types including the symmetric key algorithms and asymmetric key algorithms. In this paper, the authors applied the most commonly used algorithm, which is the RSA algorithm together with the Chaos system and the basic security device employed in the worldwide organizations which is the Data Encryption Standard (DES) with the objective to make a hybrid data encryption. The advantage of a chaos system which is its unpredictability through the use of multiple keys and the secrecy of the RSA which is based on integer factorization’s difficulty is combined for a more secure and reliable cryptography. The key generation was made more secure by applying the DES schedule to change the keys for encryption. The main strength of the proposed system is the chaotic variable key generator that chages the value of encrypted message whenever a different number of key is used. Using the provided examples the strength of security of the proposed system was tested and demonstrated.
Automatic tempest test and analysis systemijcisjournal
Today, it is clearly known that the electronic devices generate electromagnetic radiations unintentionally,
which may contain critical information called compromising emanations (CE). CE is also known as
TEMPEST radiation, which is a code name firstly used by an U.S government program. Every developed
country has a TEMPEST Test Laboratory (TTL) connected to their National Security Agency (NSA). The
main objective of these laboratories is to investigate equipment, systems, and platforms processing
cryptographic information in terms of CE. TEMPEST tests might take very long time depending on the item
under test. In this paper, a complete Automatic TEMPEST Test and Analysis System (ATTAS) developed in
TUBITAK, BILGEM TTL is introduced. The system has the following properties, which are automatic
system calibration unit, automatic test matrix generator based on the SDIP-27/1 standard, implementation
of tunable and nontunable tests, automatic CE investigations, rendering of the CE of video display units,
playing of the CE of audio signals, measurement of detection system sensitivity, zoning of TEMPEST
equipment based on SDIP-28 standard, and generation of graphical results.
Design of Processing Element (PE3) for Implementing Pipeline FFT Processor ijcisjournal
Multiplexing is a method by which multiple analog message signals or digital data streams are combined
into one signal over a shared medium. In communication, different multiplexing schemes are used. To
achieve higher data rates, Orthogonal Frequency Division Multiplexing (OFDM) is used due to its high
spectral efficiency. OFDM became a serious alternative for modern digital signal processing methods
based on the Fast Fourier Transform (FFT).The problems with Orthogonal subcarriers can be addressed
with FFT in communication applications. An 8-bit processing element (PE3), used in the execution of a
pipeline FFT processoris designed and presented in this paper. Simulations are carried out using Mentor
Graphics tools in 130nm technology.
RSA ALGORITHM WITH A NEW APPROACH ENCRYPTION AND DECRYPTION MESSAGE TEXT BY A...ijcisjournal
In many research works, there has been an orientation to studying and developing many of the applications of public-key cryptography to secure the data while transmitting in the systems, In this paper we present an approach to encrypt and decrypt the message text according to the ASCII(American Standard Code for Information Interchange) and RSA algorithm by converting the message text into binary representation and dividing this representation to bytes(8s of 0s and 1s) and applying a bijective function between the group of those bytes and the group of characters of ASCII and then using this mechanism to be compatible with using RSA algorithm, finally, Java application was built to apply this approach directly.
Secure routing path using trust values forijcisjournal
Traditional cryptography-based security mechanisms such as authentication and authorization are not
effective against insider attacks like wormhole, sinkhole, selective forwarding attacks, etc., Trust based
approaches have been widely used to counter insider attacks in wireless sensor networks. It provides a
quantitative way to evaluate the trustworthiness of sensor nodes. An untrustworthy node can wreak
considerable damage and adversely affect the quality and reliability of data. Therefore, analyzing the trust
level of a node is important. In this paper we focused about indirect trust mechanism, in which each node
monitors the forwarding behavior of its neighbors in order to detect any node that behaves selfishly and
does not forward the packets it receives. For this, we used a link state routing protocol based indirect
trusts which forms the shortest route and finds the best trustworthy route among them by comparing the
values of all the calculated route trusts as for each route present in the network. And finally, we compare
our work with similar routing protocols and show its advantages over them.
Error Correction for Parallel FIR Filters Using Hamming Codesijcisjournal
In this paper ,we propose a error correction for parallel FIR filters using Hamming code in which single
parallel FIR filter is taken as a bit in ECC technique. In many complex circuits, reliability plays a crucial
role and it requires fault tolerant filter implementations. Now a days, technology grows up, the complex
system use many filters which operates simultaneously. Consider an example in which same parallel filter
is applied to different inputs. To achieve fault tolerance, an ECC technique uses the presence of parallel
filters are considered. The ECC technique provides protection where more number of parallel filters are
used by using the case study, the effectiveness in error correction and circuit design cost is evaluated.
Performance Analysis of CRT for Image Encryption ijcisjournal
With the fast advancements of information technology, the security of image data transmitted or stored over
internet is become very difficult. To hide the details, an effective method is encryption, so that only
authorized persons can decrypt the image with the keys available. Since the default features of digital
image such as high capacity data, large redundancy and large similarities among pixels, the conventional
encryption algorithms such as AES, , DES, 3DES, and Blow Fish, are not applicable for real time image
encryption. This paper presents the performance of CRT for image encryption to secure storage and
transmission of image over internet.
Shift Invarient and Eigen Feature Based Image Fusion ijcisjournal
Image fusion is a technique of fusing multiple images for better information and more accurate image
compared input images. Image fusion has applications in biomedical imaging, remote sensing, pattern
recognition, multi-focus image integration, and modern military. The proposed methodology uses benefits
of Stationary Wavelet Transform (SWT) and Principal Component Analysis (PCA) to fuse the two images.
The obtained results are compared with exiting methodologies and shows robustness in terms of entropy,
Peak Signal to Noise Ratio (PSNR) and standard deviation.
Global stabilization of a class of nonlinear system based on reduced order st...ijcisjournal
The problem of global stabilization for a class of nonlinear system is considered in this paper.The sufficient
condition of the global stabilization of this class of system is obtained by deducing thestabilization of itself
from the stabilization of its subsystems. This paper will come up with a designmethod of state feedback
control law to make this class of nonlinear system stable, and indicate the efficiency of the conclusion of
this paper via a series of examples and simulations at the end. Theresults presented in this paper improve
and generalize the corresponding results of recent works.
PERFORMANCE ANALYSIS OF SHA-2 AND SHA-3 FINALISTSijcisjournal
National Institute of Science and Technology (NIST) published the first Secure Hash Standard SHA-0 in
1993 as Federal Information Processing Standard publication (FIPS PUBS) which two years later was
replaced by SHA-1 to improve the original design and added SHA-2 family by subsequent revisions of the
FIPS. Most of the widely used cryptographic hash functions are under attack today. With the need to
maintain a certain level of security, NIST had selected new cryptographic hash function through public
competition. The winning algorithm, Keccak will not only have to establish a strong security, but also has
to exhibit good performance and capability to run. In this context, we have analysed SHA-3 finalists along
with the used standard SHA-2. The performances of respective algorithms are evaluated by computing
cycles per byte. The empirical analysis shows that two SHA-3 finalists viz. Skein and BLAKE perform better
which are nearly same as the performance of SHA-2.
Design of Mobile Public Key Infrastructure (M-PKI) Using Elliptic Curve Crypt...ijcisjournal
Recently the demand of mobile phones and their applications are increasing rapidly and as a result, it
becomes essential to design and/or improve the existing PKI (Public Key Infrastructure) useful for mobile
phones or devices. Since a mobile phone has small screen, low computing power, small storage capacity
etc, the present paper proposes an ECC-based mobile-PKI that overcomes these limitations and supports
various mobile-based applications, because the use of ECC significantly reduces the computation cost,
message size and transmission overhead over RSA based PKI as 160-bit key-size in ECC provides
comparable security with 1024-bit key in RSA. Also the proposed method includes a Mobile Home Agent
(MHA) per user and a Registration Authority (RA) that further minimize the major work/processing loads
of mobile phone and Certificate Authority (CA), respectively. This paper addresses a secure
implementation of the proposed M-PKI, whose security analysis against different attacks shows that all
attacks are protected. Finally, a comparative study of the M-PKI with the existing PKI is done, which gives
satisfactory performance.
A proposed assessment metrics for image steganographyijcisjournal
Data security has become an important problem in the communication systems. Steganography is used to
hide existence of a secret-message. In this article a modified Steganography algorithm will be proposed
depending on decomposition principle of both secret-message and cover-image. A fuzzification is
performed in the secret message to optimize the decomposed coefficients before embedding in the coverimage
to get a Stego Image. The well known metrics (Cor., MSE, PSNR, and Entropy) were used to
evaluate the modified algorithm. Also, a trade-off factor was introduced to determine an optimum value for
the embedding strength factor to get an acceptable degradation. Moreover to evaluate and assess the
modified algorithm and any Steganography algorithms, a new histogram metrics are proposed which
represents the relative frequency occurrence of the various images.
In this paper we analyze the cryptanalysis of the simplified data encryption standard algorithm using metaheuristics
and in particular genetic algorithms. The classic fitness function when using such an algorithm
is to compare n-gram statistics of a the decrypted message with those of the target message. We show that
using such a function is irrelevant in case of Genetic Algorithm, simply because there is no correlation
between the distance to the real key (the optimum) and the value of the fitness, in other words, there is no
hidden gradient. In order to emphasize this assumption we experimentally show that a genetic algorithm
perform worse than a random search on the cryptanalysis of the simplified data encryption standard
algorithm.
Compact Coding Using Multi-Photon Tolerant Quantum Protocols For Quantum Comm...ijcisjournal
This paper presents a new encryption scheme called Compact Coding that encodes information in time, phase, and intensity domains, simultaneously. While these approaches have previously been used one at a time, the proposed scheme brings to bear for the first time their strengths simultaneously leading to an increase in the secure information transfer rate. The proposed scheme is applicable to both optical fibers and free space optics, and can be considered as an alternative to polarization coding. This paper applies the proposed compact coding scheme to multi-photon tolerant quantum protocols in order to produce quantum-level security during information transfer. We present the structure of the proposed coding scheme in a multi-photon environment and address its operation.
Randomness evaluation framework of cryptographic algorithmsijcisjournal
Nowadays, computer systems are developing very rapidly and become more and more complex, which
leads to the necessity to provide security for them. This paper is intended to present software for testing
and evaluating cryptographic algorithms. When evaluating block and stream ciphers one of the most basic
property expected from them is to pass statistical randomness testing, demonstrating in this way their
suitability to be random number generators. The primary goal of this paper is to propose a new framework
to evaluate the randomness of cryptographic algorithms: based only on a .dll file which offers access to the
encryption function, the decryption function and the key schedule function of the cipher that has to be tested
(block cipher or stream cipher), the application evaluates the randomness and provides an interpretation of
the results. For this, all nine tests used for evaluation of AES candidate block ciphers and three NIST
statistical tests are applied to the algorithm being tested. In this paper, we have evaluated Tiny Encryption
Algorithm (block cipher), Camellia (block cipher) and LEX (stream cipher) to determine if they pass
statistical randomness testing.
Framework for Securing Educational E-Government Serviceijcisjournal
Enhancement in technology is leading to a change in the way governments, individuals, institutions and
business entities provide quality services to the citizen. Today's education system plays crucial role for
developing cognizance in society so e-government service is obliged to integrate with educational system.
In this work we proposed a novel framework for integrating educational service within e-government
services. One of the main tasks of this paper is to explore or propose a Secure Examination Management
System (SEMS). The system has been designed using cryptographic primitives, which enables students to
take the exam from anywhere. The student is allowed to take the exam after he gives his necessary
authentication details. In SEMS, it is important to exclude false students while ensuring the privacy for the
honest students. It allows evaluators to share student examination papers for evaluation with proper
authentication. This is done using digital signatures, authentication and confidentiality provided by public
key cryptographic system.
Nowadays, the information processing system plays crucial part in the internet. Online information security
has become the top priority in all sectors. Failing to provide online information security may cause loss of
critical information or someone may use or distribute such information for malicious purpose. Recently QR
barcodes have been used as an effective way to securely share information. This paper presents the survey
on information hiding techniques which can share high security information over network using QR
barcode
A Secure Color Image Steganography in Transform Domain ijcisjournal
Steganography is the art and science of covert communication. The secret information can be concealed in content such as image, audio, or video. This paper provides a novel image steganography technique to hide both image and key in color cover image using Discrete Wavelet Transform (DWT) and Integer Wavelet Transform (IWT). There is no visual difference between the stego image and the cover image. The extracted image is also similar to the secret image. This is proved by the high PSNR (Peak Signal to Noise Ratio), value for both stego and extracted secret image. The results are compared with the results of similar techniques and it is found that the proposed technique is simple and gives better PSNR values than others.
A NEW ATTACK ON RSA WITH A COMPOSED DECRYPTION EXPONENTijcisjournal
In this paper, we consider an RSA modulus N=pq, where the prime factors p, q are of the same size. We
present an attack on RSA when the decryption exponent d is in the form d=Md1+d0 where M is a given
positive integer and d1 and d0 are two suitably small unknown integers. In 1999, Boneh and Durfee
presented an attack on RSA when
0.292 d < N . When d=Md1+d0, our attack enables one to overcome
Boneh and Durfee's bound and to factor the RSA modulus
UNIT - 2
SYMMETRIC CIPHERS: Symmetric Cipher Model, Substitution Techniques,
Transposition Techniques, Simplified DES, Data encryption standard (DES), The strength of
DES, Differential and Linear Cryptanalysis, Block Cipher Design Principles and Modes of
Operation, Evaluation Criteria for Advanced Encryption Standard, The AES Cipher.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
“Proposed Model for Network Security Issues Using Elliptical Curve Cryptography”IOSR Journals
Abstract: Elliptic Curve Cryptography (ECC) plays an important role in today’s public key based security
systems. . ECC is a faster and more secure method of encryption as compared to other Public Key
Cryptographic algorithms. This paper focuses on the performance advantages of using ECC in the wireless
network. So in this paper its algorithm has been implemented and analyzed for various bit length inputs. The
Private key is known only to sender and receiver and hence data transmission is secure.
SCHEME OF ENCRYPTION FOR BLOCK CIPHERS AND MULTI CODE GENERATION BASED ON SEC...IJNSA Journal
In this paper we propose a scheme of encryption for Block ciphers in N-alphabet, where every member of any m-block of plain text is enciphered by different permutations which are generated by the help of a secret key word. Further we extend this method to multicode encryption using the fact that encrypting each member differently is the basis of multicode encryption.
Novel construction of Secure RFID Authentication ProtocolCSCJournals
This article proposes an efficient and secure authentication protocol for secure and low-cost RFID systems in random oracles. Security is one of the prime concerns of RFID system. Proposed protocol relies on Elliptic Curve Discrete Logarithm Problem (ECDLP) to achieve security. The protocol achieves the most important security goals scalability, anonymity and anti-cloning for RFID system. A password based protocol has vulnerability on fixed password. This can be exploited by threats. In the proposed protocol, there is a provision to change the password of the Tags. Hence the vulnerability can be reduced in an acceptable level. Computation cost is very less as compare to the other protocols.
Guillou-quisquater protocol for user authentication based on zero knowledge p...TELKOMNIKA JOURNAL
Authentication is the act of confirming the validity of someone’s personal data. In the traditional
authentication system, username and password are sent to the server for verification. However, this
scheme is not secure, because the password can be sniffed. In addition, the server will keep the user’s
password for the authentication. This makes the system vulnerable when the database server is hacked.
Zero knowledge authentication allows server to authenticate user without knowing the user’s password. In
this research, this scheme was implemented with Guillou-Quisquater protocol. Two login mechanisms
were used: file-based certificate with key and local storage. Testing phase was carried out based on the
Open Web Application Security Project (OWASP) penetration testing scheme. Furthermore, penetration
testing was also performed by an expert based on Acunetix report. Three potential vulnerabilities were
found and risk estimation was calculated. According to OWASP risk rating, these vulnerabilities were at the
medium level.
PROVABLE SECURE IDENTITY BASED SIGNCRYPTION SCHEMES WITHOUT RANDOM ORACLESIJNSA Journal
Signcryption is a cryptographic primitive which performs encryption and signature in a single logical step with the cost lower than signature-then-encryption approach. Recently, Li et al. [35] proposed the first provable secure identity based signcryption without random oracles. In their scheme sender signs the ciphertext. However, in [11] Boyen showed that non-repudiation is easily achieved if the sender sign the plaintext rather than ciphertext. In this paper we proposed an identity based signcryption scheme without random oracles, which provides the non-repudiation with respect to plaintext. We also proposed an identity based public verifiable signcryption scheme with third party verification in the standard model.
The Security Problem
Program Threats
System and Network Threats
Cryptography as a Security Tool
User Authentication
Implementing Security Defenses
Firewalling to Protect Systems and Networks
Computer-Security Classifications
An Example: Windows XP
Three Party Authenticated Key Distribution using Quantum CryptographyIJMER
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
International Journal of Modern Engineering Research (IJMER) covers all the fields of engineering and science: Electrical Engineering, Mechanical Engineering, Civil Engineering, Chemical Engineering, Computer Engineering, Agricultural Engineering, Aerospace Engineering, Thermodynamics, Structural Engineering, Control Engineering, Robotics, Mechatronics, Fluid Mechanics, Nanotechnology, Simulators, Web-based Learning, Remote Laboratories, Engineering Design Methods, Education Research, Students' Satisfaction and Motivation, Global Projects, and Assessment…. And many more.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Key Trends Shaping the Future of Infrastructure.pdf
A PAIRING-FREE IDENTITY BASED TRIPARTITE SIGNCRYPTION SCHEME
1. International Journal on Cryptography and Information Security (IJCIS), Vol.3, No. 4, December 2013
A PAIRING-FREE IDENTITY BASED TRIPARTITE
SIGNCRYPTION SCHEME
Hassan M. Elkamchouchi 1, Eman F. Abou Elkheir2 and Yasmine Abouelseoud3
1
2
Elec. Eng. Dept, Fac. of Eng., Alexandria University.
Elec. Eng. Dept, Fac. of Eng., Kafr El-Sheikh University.
3
Math. Eng. Dept, Fac. of Eng., Alexandria University.
ABSTRACT
The certificate-based cryptosystems is traditional way in providing the system parameters. Identity-based
cryptography is more efficient than certificate-based cryptosystems. Each user in identity-based
cryptography uses any arbitrary string that uniquely identifies him as his public key. This paper proposes
a new identity-based tripartite signcryption scheme based on the elliptic curve discrete logarithm problem.
The proposed id-based tripartite signcryption scheme does not use the bilinear pairings in both the
Signcryption and unsigncryption phases. The proposed scheme used to reduce the communication over
head when three entities wants to communicate securely as in authentication protocol in GSM and in ecommerce. The proposed scheme satisfies various desirable security properties. Also, the performance of
the proposed scheme is tested.
KEYWORDS
Tripartite, Signcryption, Without Bilinear Pairing, ECDLP, Identity Based, Security Requirements
1. INTRODUCTION
Confidentiality and authenticity are the most important security goals. Traditionally, these two
goals are separately examined, the encryption schemes supports the confidentiality and digital
signature schemes provide the authenticity [1]. The sender first digitally signs the message using
his private key then encrypts the digitally signed message using his public key, under the
consideration of using public key cryptography. The encrypted (message + signature) is then sent
together with the receiver that decrypt the message then verify the signature [2].
In 1997, Zheng [3] proposed using a single cryptographic primitive to achieve both confidentiality
and authenticity. He called this primitive 'signcryption'. A signcryption scheme typically consists
of three algorithms: Key Generation (Gen), Signcryption (SC), and Unsigncryption (USC).
Key generation phase in which each user generates his key pairs that used in the Signcryption and
unsigncryption phases, signcryption (SC) is normally a probabilistic algorithm in which the
message is signed and encrypted in a single logical step, and unsigncryption (USC) is almost
certainly to be deterministic in which the receiver authenticates the sender then decrypt the
message. Any signcryption scheme should provide the correctness, accuracy and security
requirements as it will demonstrated in the rest of the paper [4].
In 2002, Malone-Lee proposed the first ID-based signcryption scheme [5]. Figure 1 shows the
basic structure of an ID-based signcryption scheme [6]. Since then, many ID-based signcryption
schemes [7-10] have been proposed.
DOI:10.5121/ijcis.2013.3401
1
2. International Journal on Cryptography and Information Security (IJCIS), Vol.3, No. 4, December 2013
IDr Qr
m
Private Key
Generator
Qs IDs
(r,c,s)
Signcrypt
m or⊥
Unsigncrypt
Figure 1. ID-based signcryption scheme structure
When three entities involved in an application as in e-commerce secure electronic transaction
(SET) protocol who are the merchant, the customer and the bank , the tripartite key agreement
protocols are important in providing essential security[11].
A new tripartite signcryption scheme from bilinear pairings based on elliptic curve discrete
logarithm problem developed by Y. Abouelseoud [12]. This tripartite signcryption scheme is used
to reduce the communication overhead in the secure electronic transaction protocol (SET). Also,
H. M. Elkamchouchi, E. Abou El-kheir and Y. Abouelseoud developed a tripartite signcryption
scheme without bilinear pairings [13].
In this paper, a new Id-based tripartite signcryption scheme without bilinear pairings is proposed
and its security and performance are analyzed.
The rest of the paper is organized as follows. Section 2 discusses the security requirements for
any signcryption scheme. Section 3, presents the proposed identity based tripartite scheme
without bilinear pairing is. Section 4, introduces the security analysis of the proposed scheme
followed by section 5 that discusses the proposed scheme performance. Finally, Section 6
concludes the paper.
2. SECURITY REQUIREMENTS FOR ANY SIGNCRYPTION SCHEME
Here, the security requirements for any signcryption scheme are provided [1, 13, 14 ,15]:
2.1 Confidentiality
It means that only the intended recipient of a signcrypted message should be able to read its
contents. That is, upon seeing a signcrypted message, an attacker should learn nothing about the
original message, other than perhaps its length.
2.2 Unforgeability
It refers to the inability of any entity to produce a valid message-signature pair except the
designated signer.
2
3. International Journal on Cryptography and Information Security (IJCIS), Vol.3, No. 4, December 2013
2.3 Public Verifiability
It means that any third party or judge can verify that the signcrypted text is valid or not, without
any requirement for the private key of the sender or the recipient.
2.4 Non-Repudiation
The sender of a message cannot later deny having sent the message. That is, the recipient of a
message can prove to a third party that the sender indeed sent the message.
2.5 Integrity
This means that the recipient should be able to verify that the received message is the original one
that was sent by the sender and it has not been tampered with during transmission.
2.6 Authentication
The receiver needs to authenticate the sender. This identity of the sender is verified through the
key recovery process and the message integrity is checked using a suitable one-way hash
function.
2.7 Forward Secrecy
It refers to the inability of an attacker to read signcrypted messages, even with access to the
sender’s private key. That is, the confidentiality of signcrypted messages is protected, even if the
sender’s private key is compromised.
3. THE PROPOSED PAIRING FREE ID-BASED TRIPARTITE SCHEME
3.1 Setup
Given security parameter l (usually 160), the PKG chooses q a large prime number with q > 2 k ,
(a, b) is a pair of integers which are smaller than q and satisfy ( 4 a 3 + 27 b 2 ) mod q ≠ 0 . E is the
selected elliptic curve over the finite field Fq : y 2 = ( x 3 + ax + b ) mod q . P is the base point or
generator of a group of points on E, denoted as G . Also, O is the point at infinity and n is the
order of the point P, with n being a prime number, n .P = O and n > 2 k . The PKG selects a
cryptographic one way hash function
H : { 0 ,1 }* → Z q . The PKG selects a random number
mk PKG as the master key and computes the master public key R = mk PKG .P . The PKG keeps
mk PKG secret and publishes the system parameters params: { k , E , P , G , R , H }
3.2 Key generation
The PKG generates the secret and public key pairs for the three communicating parties. The PKG
sends the secret keys via a secrete channel and publishes the public keys with user the identities.
The PKG calculates the secret keys of the three communicating parties as follows:
d a = ( H ( ID a ).mk PKG ) mod q , d b = ( H ( IDb ).mk PKG ) mod q
3
4. International Journal on Cryptography and Information Security (IJCIS), Vol.3, No. 4, December 2013
and d c = ( H ( IDc ).mk PKG ) mod q .
The PKG calculates the public keys for entities A, B and C as follows: Qa = d a .R , Qb = d b .R
and Qc = d c .R respectively. Figure 2 shows the id-based tripartite signcryption and
unsigncryption phases.
3.3 Signcryption Phase
A wants to send a message m1 to B and a message m 2 to C. A signcrypts the messages as
follows:
The sender A generates a random number w ∈ [ 1, q − 1 ] and computes:
k 1 = IDa .w.R , k 2 = IDb .w.Qb , and k 3 = IDc .w.Qc , the key used is the x-coordinate
value of the points k 1 , k 2 , k 3
c1 = E k 2 ( m1 ) , and c 2 = E k3 (m 2 )
r = Hash( ID a || IDb || IDc || c || k1 ), c = (c1 || c 2 )
s = ( w − r .d a ) mod q
A sends ( r , c , s ) to both A and B
3.4 Unsigncryption
Receiver B proceeds as follows:
The receiver B uses his/her secret key
k2 ; k2 = db .IDb .( s .R + r .Qa ) = IDb .w.Qb .
db
to recover the encryption key
B recovers k 1 where k 1 = IDa .( s .R + r .Qa ) = IDa .w.R . Thus any third party can
authenticate the sender.
−
−
B computes r = Hash( IDa || IDb || IDc || c || k1 ) , if the equation r = r holds B accepts the
signcrypted-text.
B computes
m1 = D k2 (c1 )
The receiver C does the same steps as B:
The receiver C uses his/her secret
key k 3 ; k 3 = d c .IDc .( s .R + r .Qa ) = IDc .w.Qc .
key
to
recover
the
encryption
C recovers k 1 where k 1 = IDa .( s .R + r .Q a ) = IDa .w.R .
−
−
Then C computes r = Hash( IDa || IDb || IDc || c || k 1 ) , if the equation r = r holds B
accepts the signcrypted-text.
Finally, C computes
m2 = Dk3 (c 2 )
4
5. International Journal on Cryptography and Information Security (IJCIS), Vol.3, No. 4, December 2013
3.5 Signature Verification by Any Third Party
Any third party can recover k 1 where k 1 = IDa .( s .R + r .Q a ) = IDa .w.R without using any short
−
or long term secret keys. Then, the third party computes r = Hash( IDa || IDb || IDc || c || k 1 ) , if
−
r = r accepts the signcrypted-text.
Figure 2 The proposed Id-based tripartite signcryption scheme.
4. SECURITY ANALYSIS OF THE PROPOSED SCHEME
4.1 Correctness
•
The correctness of the signature verification:
k 1 = ID a .( s .R + r .Q a ) = ID a .w.R
k 1 = IDa .(( w − r .d a ).R + r .Q a )
k1 = IDa .( w.R − r .d a .R + r .Qa ) = IDa .w.R
•
For the receiver B:
5
6. International Journal on Cryptography and Information Security (IJCIS), Vol.3, No. 4, December 2013
k 2 = d b .IDb .( s .R + r .Q a )
k 2 = IDb .(( w − r .d a ).d b .R + r .d b .Q a )
k 2 = IDb .( w.Qb − r .d b .Q a + r .d b .Q a ) = IDb .w.Qb
•
For the receiver C:
k 3 = IDc .d c .( s .R + r .Q a )
k3 = IDc .(( w − r .d a ).d c .R + r .dc .Qa )
k3 = IDc .( w.Qc − r .d c .Qa + r .d c .Qa ) = IDc .w.Qc
4.2 Security Properties
This section demonstrates that the proposed id-based tripartite signcryption scheme provides the
seven security functions that defined in section 2. The security of the proposed scheme relies on
the elliptic curve discrete logarithm problem (ECDLP) that considered hard computational
problem till now [16].
Definition 1: The Elliptic Curve Discrete Logarithm Problem (ECDLP) is defined as follows. Let
G and Q be two points on an elliptic curve and G is of order n and n is a prime. The point
Q = k .G , where k < n . Given these two points G and Q , find the discrete logarithm of Q to
the base G; that is, k [16].
4.2.1 Confidentiality
If an adversary wants to derive the original message, he must be able to recover k 2 , k 3 to encrypt
the messages or the key k 1 . However, to obtain the secret keys k 1 , k 2 , k 3 is equivalent to solving
the ECDLP. Assume that an adversary tries to compute any of the keys
k 1 = IDa .( s .R + r .Q a ) = IDa .w.R , k 2 = d b .IDb .( s .R + r .Q a ) , k 3 = IDc .d c .( s .R + r .Q a ) , he
must be able to derive the random number w to get the correct k 1 , the receiver's secret key d b ,
where Qb = d b .R , and the receiver's secret key d c , where Qc = d c .R . Therefore to derive
w, d b , d c one needs to solve the ECDLP. Without knowing the secret key of the receiver, no one
can recover the message encryption key. It is only the valid receiver with valid identity with
secret key d b , d c who can recover the key and unsigncrypt the message.
4.2.2 Unforgeability
The signcrypted text is generated using the sender's secret key d a . Also, the sender's secret key is
computed as Qa = d a .R , but computing d a is another elliptic curve discrete logarithm problem
under Definition 1.So, no one can forge signcrypted text without knowing the sender's secret key
da .
If an adversary wants to forge a signcrypted text he proceeds as follow:
•
Generate random number w'
•
k 1 ' = IDa .w'.R , k 2 ' = IDb .w'.Qb , and k 3 ' = IDc .w'.Qc
•
c1 ' = E k 2 ' ( m1 ' ) , and c 2 ' = E k3 ' (m 2 ' )
6
7. International Journal on Cryptography and Information Security (IJCIS), Vol.3, No. 4, December 2013
•
r' = Hash(| IDa . || IDb . || IDc . || c' || k 1 ' ), c' = ( c b ' , c c ' )
•
s' = ( w' − r'.d adv ) mod q , d adv is the attacker secrete key
•
The attacker sends ( r' , c' , s' ) to both A and B
The receiver B and C unsigncrypts the message by recovering the key k' 2 , k' 3 respectively as
follows:
For the receiver B: k 2 ' = IDb .d b .( s'.R + r'.Q a ) = IDb .w.Qb
k 2 ' = IDb .d b .( s'.R + r'.Q a ) = IDb .(( w' − r'.d adv ).Qb + d b .r'.Q a )
k 2 ' = IDb .( w'.Qb − r'.d a .Qb + r'.d b .Q a ) ≠ ( k 2 = IDb .w.Qb )
Then B computes
m1 ≠ Dk2 ' (c1 ) . Also , the same steps are carried out by receiver C. Without
knowing the sender's secret key, no one can generate a valid signcrypted text. Therefore, the
proposed scheme achieves unforgeability.
4.2.3 Authentication
The receiver needs to authenticate the sender. The receiver authenticates the sender through the
key recovery process and the message integrity is checked using a suitable one-way hash
function.
4.2.4 Public Verifiability
Any third party can recover k 1 without using any secret keys as demonstrated in Section 3.5.
4.2.5 Non-Repudiation
The sender cannot deny sending the signcrypted text because any third party can make sure that
the original sender is the one who signcrypted the message. So, the public verifiability property
solves the problem of non-repudiation.
4.2.6 Integrity
The alteration or modification in the ciphertext by any third party can be easily detected because
of the signature part that will need to be changed accordingly.
4.2.7 Forward Secrecy
If the attacker tries to derive the plaintext m, he has to decrypt the associated ciphertext c using
the corresponding secret key. This secret session key involves a random number w that appears in
the computation of the three keys: k 1 = IDa .w.R , k 2 = IDb .w.Qb , and k 3 = IDc .w.Qc . Without
knowing the random number w, even if the long term key of the sender is known, the encryption
key cannot be recovered. In other words, he cannot decrypt the signcrypted text to get a previous
message m. Even if the sender's private key is compromised, the proposed scheme supports the
forward secrecy of message confidentiality.
7
8. International Journal on Cryptography and Information Security (IJCIS), Vol.3, No. 4, December 2013
5. PERFORMANCE OF THE PROPOSED SCHEME
First, in Table 1, the time abbreviations are listed as will be used in the performance evaluation
table that follows. The performance of the proposed scheme is examined in Table 2, it shows the
number of the computationally operations involved in the proposed identity based tripartite
scheme. In the proposed scheme, the public key generator in set up phase performs 4 scalar point
multiplications over an elliptic curve, 3 hash operations and 3 multiplications over a finite field.
For the sender (A) , it performs 3 scalar point multiplications over an elliptic curve, 2 encryptions,
one hash operation and 4 multiplications over a finite field in the signcryption phase. The
receivers (B , C) , each receiver in unsigncryption phase performs 3 scalar point multiplications
over an elliptic curve, one decryption operation, one hash operation , one addition operation over
an elliptic curve and 2 multiplications over a finite field.
6. CONCLUSION
This paper introduces a new identity based tripartite signcryption scheme without bilinear
pairings. The proposed scheme is efficient in case of sending two different messages. The security
analysis have been proved. Also, the performance of the proposed scheme have been discussed.
The proposed scheme may be used in various applications such as mobile communication , secure
electronic transaction (SET) protocols and e-cash protocol to reduce computations and timing
cost . The proposed Id-based tripartite signcryption scheme can be used between the mobile
communication entities which will reduce the signaling overhead and the computations required.
Table.1Time Abbreviations
Symbol
Operation
TEC-mult
time required for executing the point multiplication operation on elliptic curve E
TEC-add
time required for executing the point addition operation on elliptic curve E
Tmult
Th
time required for executing modulus multiplication in a finite field
time required for executing one way dispersed row function operation
Tencr
time required by the system for executing encryption operation
Tdecr
time required by the system for executing decryption operation
TABLE.2 The performance of the proposed id-based tripartite Signcryption scheme.
Phase
Set Up
Signcryption
Unsigncryption
(for each receiver)
Total
The proposed ID-based tripartite scheme
4TEC-mult+3Th+ 3Tmult
3TEC-mult+1Th+ 4Tmult+ 2 Tencr
3TEC-mult+1TEC-add+2Tmult+ 1Th+ 1 Tdecr
10TEC-mult+1TEC-add+5Th+9Tmult+2 Tencr + 1 Tdecr
8
9. International Journal on Cryptography and Information Security (IJCIS), Vol.3, No. 4, December 2013
REFERENCES
[1]
[2]
[3]
[4]
[5]
[6]
[7]
[8]
[9]
[10]
[11]
[12]
[13]
[14]
[15]
C. D. Smith," Digital Signcryption ", A thesis presented to the University of Waterloo in fulfilment of
the thesis requirement for the degree of Master of Mathematics in Combinatorics and Optimization,
2005.
S. Khullar, V. Richhariya , and V. Richhariya," An Efficient identity based Multi-receiver
Signcryption Scheme using ECC ",International Journal of Advancements in Research &
Technology, Volume 2, Issue4, April-2013
ISSN 2278-7763
Y. Zheng, " Digital Signcryption or How to Achieve Cost (Signature and Encryption) Cost
(Signature) + Cost (Encryption), " Advances in Cryptology, LNCS, Vol. 1294. Springer-Verlag,
pp.165–179, 1997.
M. Toorani, "Cryptanalysis of an Elliptic Curve-based Signcryption Scheme", International Journal of
Network Security, Vol.10, No.1, pp.51–56, Jan. 2010.
J. Malone-Lee, " Identity based Signcryption ", Cryptology ePrintArchive, 2002 http://eprint.
iacr.org/2002/098.pdf.
S. Khullar, V. Richhariya , and V. Richhariya," An Efficient identity based Multi-receiver
Signcryption Scheme using ECC ",International Journal of Advancements in Research &
Technology, Volume 2, Issue4, April-2013
ISSN 2278-7763
X. Boyen, " Multipurpose Identity-Based Sign cryption: a Swiss Army Knife for Identity-based
Cryptography ", LNCS: Advances in Cryptology-Crypto2003, Berlin: Springer-Verlag Press, 2003,
pp.383-399.
M. S. S. Chow,M. S. Yiu, and K. C. Lucas, et al, " Efficient Forward and Provably Secure ID-based
Signcryption Scheme with Public Verifiability and Public Ciphertext Authenticity ", LNCS:
information Security ande Cryptology-ICISC’03, Berlin:Springer-Verlag Press, , 2004, pp.352-269.
L. Chen,and J. Malone-Lee ," Improved Identity-based Signcryption ", LNCS:PKC’05, Berlin:
Springer-Verlag Press, 2005, pp.362-379.
L. Fa-gen, H. Yu-pu and L. Gang, “An efficient identity-based signcryption scheme”, Chinese
Journal of Computers, Vol. 29, No. 6, 2006, pp:1641-1647.
M. Nabil, Y. Abouelseoud, G. Elkobrosy, and A. Abdelrazek ," New Authenticated Key Agreement
Protocols. Proceeding Of The International Multiconference Of Engineers And Computer Scientist
(IMECS 2013 ) Vol. 1, March 13-15 ,2013 , Hong Kong
Y. Abouelseoud.,"A Tripartite Signcryption Scheme with Applications to E-Commerce. International
Journal of Computer Applications (0975 – 8887) Volume 76– No.15, August 2013
H. Elkamchouchi, E. Abou El-kheir, and Y. Abouelseoud, " An Efficient Tripartite Signcryption
Scheme Without Bilinear Pairings ", International Journal of Scientific & Engineering Research,
ISSN 2229-5518, Volume 4, Issue 10, November-2013 X. Boyen, " Multipurpose Identity-Based
Sign cryption: a Swiss Army Knife for Identity-based Cryptography ", LNCS: Advances in
Cryptology-Crypto2003, Berlin: Springer-Verlag Press, 2003, pp.383-399.
http://en.wikipedia.org/wiki/Authentication
D. Johnson, A. Menezes, and S. Vanstone, " The elliptic curve digital signature algorithm (ECDSA)
",International Journal of Information Security 1 (1) (2001) 36–63.
9