Catálogo de publicaciones - libros

The anti-spoofing community has been intensively proposing new methods for defending against new spoofing techniques. It is still challenging for protecting naïve users from advanced spoofing attacks. In this paper, we analyze the problems within those anti-spoofing mechanisms and propose a new Automatic Detecting Security Indicator (ADSI) scheme. This paper describe the trust model in ADSI in detail firstly. In a secure transaction, ADSI may generate a random picture and embed it into the current web browser. This can be triggered by any security relevant event occurred on the browser, and then performs automatic checking on current active security status. When a mismatch of embedded images is detected, an alarm goes off to alert the users. Since an adversary is hard to replace or mimic the randomly generated picture, the web-spoofing attack can not be mounted. In comparison with existing proposals, our scheme has the weakest security assumption and places a very low burden on the computer by automating the process of detection and recognition of the web-spoofing for SSL-enabled communication. Moreover, this scheme has little intrusive on the browser. Finally, this scheme can be implemented in trusted PC at Internet Cafe requiring neither Logo Certification Authority, nor the scheme of personalization.

This paper proposes the improved authentication tests in order to find the potential attacks on security protocols. It is based on the authentication tests theory and enhances the original methods by introducing the notion of message type. Formalized definition of replay attacks have been integrated into the original theoretical models for further verification of security protocols. The thoroughly proof of initial and subsequent authentications in Neuman-Stubblebine protocol shows that the improved authentication tests can find flaws of the protocol more efficiently than the original ones.

A protocol of the member-join in a secret sharing scheme is proposed. The proposed protocol can ensure that the original group members’ keys remain invariable after the fresh member joins in the group. It makes the key management convenience. The original members can’t gain the share key of the new member, and the keys of the original members don’t be leaked out when distributing the share key for the new member. In the key’s distributing process, the behavior of the cheaters can be detected, and the new member himself can verify the validity of his share key.

Secure scalar product protocols provide fundamental security components for distributed data mining with privacy concerns. This paper makes two contributions in the shared-scalar-product protocols. In the first fold, a security model for shared-scalar-product protocols in the malicious model is introduced and formalized. In the second fold, an implementation for shared-scalar-product protocols based on the homomorphic cryptographic primitives is proposed which is provably secure assuming that the underling homomorphic encryption scheme is semantically secure and the homomorphic commitment scheme is statistically hiding and computationally binding in the public reference string model. The potential areas of application of this protocol are numerous (e.g., computation of Euclidean distance, oblivious linear auxiliary information computation and so on...).

In this paper, we present three new public key broadcast encryption ( PKBE ) schemes using the receiver’s particular identifier . Our schemes are based on PKBE schemes (called BGW schemes) introduced by Boneh et al. The first two schemes have a similar structure to the BGW schemes. However, our schemes provide more flexible trade-offs between public key size and ciphertext size because the public keys for each subgroup in the BGW schemes are replaced with group identifiers. In addition, we extend our scheme to the hierarchical structure which can efficiently treat the large number of receivers. Our schemes are provably secure under the BDHE assumption in the random oracle model.

We study the problem of multicasting encryption to some subsets of the privileged users and ensuring that only non-revoked users can decrypt the contents in the context of a single source multicast. We concentrate on large dynamic multicast group case with low-state users or stateless users. We propose a Practical Clumped-tree Multicast Encryption scheme (PCME) based on the idea of two-layer tree (container-tree and clumped-tree) and digital label method. The important feature of this scheme is the separation between the static container-tree and the dynamic clumped-tree. We regard a clumped-tree as an autonomous unit, and do not spread the information about revoked users in a clumped-tree to the container-tree. The separation also provides secure multicast channel for distinct GC to multicast completely different content and for any user to multicast encryption to any collection of intended subtrees. Let n be the number of privileged users. Group center, clumped-tree center and user each stores only n /2^9 –1, (2^12-1)/3+log( n /2^10)+1 and 6 keys independently with revocation cost being only 15 to revoke a user. Digital label method accelerates the collection of privileged subsets and the multicast of encryption, and any subtree or user can determine its size and relative position in the whole tree immediately from its digital label. The PCME scheme is truly realistic: even for an astronomical number of 256,000,000 stateless users, GC storage is less than 4 Mbytes, CC storage is less than 10K bytes, and user storage is less than 100 bytes, while for 512 revocations, message length is only 512. Except for efficiency, PCME scheme is fully scalable and it is resistant to adversarial coalitions of various sizes.

Fragility of quantum private communication based on Einstein-Podosky-Rosen (EPR) pair as pre-shared key against trojan horse attack strategy is investigated in detail. To prevent this kind of attack strategy, the EPR pairs employed in the quantum private communication is transferred into non-orthogonal entangled states by employing unitary transformations which are actually rotation operations on the quantum signal. Analysis show that the improved scheme is robust against the trojan horse attack strategy without reducing the security against other kinds of attack strategies.

In a variety of group-oriented applications cryptographic primitives like group signatures or ring signatures are valuable methods to achieve anonymity of group members. However, in their classical form, these schemes cannot be deployed for applications that simultaneously require (i) to avoid centralized management authority like group manager and (ii) the signer to be anonymous only against non-members while group members have rights to trace and identify the signer. The idea of recently introduced democratic group signatures is to provide these properties. Based on this idea we introduce a group-oriented signature scheme that allows the group members to trace the identity of any other group member who issued a signature while non-members are only able to link the signatures issued by the same signer without tracing. For this purpose the signature scheme assigns to every group member a unique pseudonym that can be used by any non-member verifier to communicate with the anonymous signer from the group. We present several group-oriented application scenarios where this kind of linkability is essential. We propose a concrete linkable democratic group signature scheme for two-parties, prove its security in the random oracle model, and describe how to modularly extend it to the multi-party case.

In most of the existing identity-based key agreement schemes, it is usually assumed that either the communicated parties know each other’s identifier before the protocol starts or their identifiers are transferred along with the protocol messages. However, these schemes are not suitable for use in many real-world applications aimed to achieve unilateral identity privacy, which means that one communicating party does not want to expose his identifier to an outsider while his partner cannot know his identifier in advance. In this paper, we propose an efficient identity-based two-party key agreement scheme with unilateral identity privacy using pairing, and formally analyze its security in a modified Bellare- Rogaway key agreement security model.

The notion of strong designated verifier signature was put forth by Jakobsson, Sako and Impagliazzo in 1996, but the formal definition was defined recently by Saeednia, Kremer and Markowitch in 2003 and revisited by Laguillaumie and Vergnaud in 2004. In this paper, we firstly propose the notion of short strong designated verifier signature scheme, and extend it to the short identity-based strong designated verifier scheme. Then, we propose the first construction of short strong designated verifier signature scheme. We also extend our scheme to construct a short identity-based strong designated verifier signature scheme. The size of the signature of our schemes is the shortest compared to any existing schemes reported in the literature. We provide formal security proofs for our schemes based on the random oracle model. Finally, we also discuss an extension of our scheme to construct a short strong designated verifier signature without random oracle .