Catálogo de publicaciones - libros

Elliptic (ECC) and hyperelliptic curve cryptosystems (HECC) have emerged as cryptosystems for small hand-held and mobile devices. Extensive research has been carried out for their secure and efficient implementation on these devices. These devices come with very low amount of resources, efficient memory management is an important issue in all such implementations. HECC arithmetic is now generally performed using so called explicit formulas. The main goal of these formulas is to reduce the number of finite field operations (multiplications and squarings). On the other hand, reducing the memory requirement is also important. To the best of our knowledge, the literature on HECC implementation does not seriously consider this aspect. This is the first work to obtain memory efficient versions of various explicit formulas appearing in the literature. In certain cases, we are also able to determine the minimum memory requirement and obtain a memory optimal implementation. We believe that these formulas will be extremely useful to designers of HECC. Our basic technique is essentially an exhaustive search with heuristic strategies for improving the run-time.

Considerable research and experiment results in recent years have shown that the server-proxy-user architecture represents an efficient and scalable new paradigm for multimedia content delivery. However, not much effort has been spent on the security issues in such systems. In this paper, we study data authentication in multimedia content delivery, and in particular, we focus on achieving end-to-end authentication from the multimedia server to end users in the server-proxy-user architecture where intermediary proxies transcode multimedia content dynamically. We present a formal model for the end-to-end authentication problem, and propose a basic construction for generic data modality and prove its security. We further extend and tailor our basic technique to authenticate specific multimedia format, JPEG2000 code-streams.

The group key management is one of the most crucial problems in group communication. In dynamic and large-scale groups, the overhead of key generating and key updating is usually relevant to the group size, which becomes a performance bottleneck in achieving scalability. Therefore, scalable group key management protocol, which is independent from group size, is the basis for wide applications of group communication. The paper proposes a novel group key management protocol, which designates un-trusted routers over Internet as transmitting nodes to organize a key material transmitting tree for transmitting key material. Members in group that are partitioned into subgroups attach to different transmitting nodes, and compute SEK using received key material and own secret parameter. The overhead of key management can be shared by the transmitting nodes which can not reveal the data of group communications, and the overhead for key management of each transmitting node is independent of the group size. In addition, the new protocol conduces to constant computation and communication overhead during key updating.

It is not easy to achieve secure key establishment in wireless sensor networks without public key cryptography. Many key management protocols have been proposed for the purpose. Among them, LEAP is a simple and elegant protocol that establishes multi-level keys in an efficient way, but its security mainly relies on that of a single initialization key. Though it is assumed that the initial deployment phase is secure and the key is erased from sensor nodes after the initialization in LEAP, the assumption could not be viable for two reasons. First, the same key should be used again for node addition after the initialization phase whereas the new node can be captured before removing the key. Second, the initial deployment of dense networks may not take short as LEAP expected in many cases. This paper rethinks the security of LEAP and proposes a more secure scheme with a new notion of probabilistic time intervals. Rather we localize the impact of key compromise within the time intervals.

We present an identity-based threshold decryption scheme, which is secure against adaptive chosen ciphertext attack (IND-CCA) in the random oracle and generic model (ROM+GM). In our scheme, a one-time Schnorr signature is used for public checkability of ciphertexts, and a new method was proposed to distribute the shares of the decryption key to decrease the number of bilinear pairings involved. Hence our scheme is more efficient than the recent proposals by Baek and Zheng in [1] and by Kiltz and Galindo in [13].

A new construction of visual cryptography scheme (VCS) with dihedral group access structure for two shares and many secret images is proposed. Let be a dihedral group of order 2, and let { () |  ∈ } be 2 secret images corresponding to . In a VCS with dihedral group access structure, two shares (two transparencies) and are constructed so that for any element of , and () reconstruct the secret image (). This new VCS is perfect and has contrast 1/(6).