Key distribution system based on identification information

A key distribution system (KDS) based on identification information (ID-based KDS) is presented. The system is founded on the Diffie-Hellman public key distribution scheme and has an identity authentication function. It uses an individual user's identification information instead of the public file used in the Diffie-Hellman scheme. It does not require any services of a center to distribute work keys or users to keep directories of key-encrypting keys. Therefore, key management in cryptosystems can be simplified by adopting the ID-based KDS. Two kinds of identity-based key distribution system are proposed and applied to actual communication networks. One uses two-way (interactive) communication to distribute work keys, while the other uses one-way communication. Modular exponentiations of large numbers, used in the systems, are implemented with digital signal processors.<>     

A conference key distribution system

Encryption is used in a communication system to safeguard information in the transmitted messages from anyone other than the intended receiver(s). To perform the encryption and decryption the transmitter and receiver(s) ought to have matching encryption and decryption keys. A clever way to generate these keys is to use the public key distribution system invented by Diffie and Hellman. That system, however, admits only one pair of communication stations to share a particular pair of encryption and decryption keys, The public key distribution system is generalized to a conference key distribution system (CKDS) which admits any group of stations to share the same encryption and decryption keys. The analysis reveals two important aspects of any conference key distribution system. One is the multitap resistance, which is a measure of the information security in the communication system. The other is the separation of the problem into two parts: the choice of a suitable symmetric function of the private keys and the choice of a suitable one-way mapping thereof. We have also shown how to use CKDS in connection with public key ciphers and an authorization scheme.     

无线传感器网络中一种基于公钥的密钥分配方案

针对基于对称密钥的密钥分配技术无法彻底解决无线传感器网络中密钥分配的安全问题,提出了一种基于公钥的密钥预分配方案,基站利用一系列原始公钥和单向散列函数产生公钥集合,并为每个节点随机分配公私钥对和公钥集合的子集。由于私钥的唯一性,采用该方案不仅能够提高网络的安全性能,而且可以改善网络的存储开销。利用随机图论的相关原理证明,该方案与传统的密钥预分配方案相比,既保证了网络的安全,又兼顾了网络和节点资源有限的实际,在连通性不变的前提下,其网络安全性和网络的扩展性大幅度提高。     

Encryption and Authentication in On-Board Processing Satellite Communication Systems

Encryption is an efficient method for information protection in communication links which are subject to wiretapping. In this paper we discuss the application of encryption to satellite communication systems in which the satellite has on-board processing capability. The on-board processor can be used in the key distribution process. Two examples of such processes are described. The first requires the storage in the satellite of one key for each user of the communication system. These are used together with a conventional encryption algorithm (DES, for example) to distribute communication keys to the users. The communication keys are then used to encrypt and decrypt information. The other key distribution process utilizes a trap-door one-way function, whose inverse is implemented in the satellite. The need for storage space in the satellite is smaller than that with the first method.     

Batch Private Keys Generation for RSA in Security Communication Systems

RSA public key cryptosystem is extensively used in information security systems.However, key generation for RSA cryptosystem requires multiplicative inversion over finite field, which has higher computational complexity, compared with either multiplication in common sense or modular multiplication over fnite field. In order to improve the performance of key generation, we propose a batch private keys generation method in this paper. The method derives efficiency from cutting down multiplicative inversions over finite field. Theoretical analysis shows that the speed of batch private keys generation for s users is faster than that of s times solo private key generation. It is suitable for applications in those systems with large amount of users.     

SA-IBE:一种安全可追责的基于身份加密方案

基于身份加密(Identity-Based Encryption, IBE)方案中,用户公钥直接由用户身份得到,可以避免公钥基础设施(Public Key Infrastructure, PKI)系统的证书管理负担。但IBE存在密钥托管问题,即私钥生成器(Private Key Generator, PKG)能够解密用户密文或泄漏用户私钥,而现有解决方案一般需要安全信道传输私钥,且存在用户身份认证开销大或不能彻底解决密钥托管问题的缺陷。该文提出一种安全可追责的基于身份加密方案,即SA-IBE方案,用户原私钥由PKG颁发,然后由多个密钥隐私机构并行地加固私钥隐私,使得各机构无法获取用户私钥,也不能单独解密用户密文;设计了高效可追责的单点PKG认证方案;并采用遮蔽技术取消了传输私钥的安全信道。文中基于标准的Diffie-Hellman假设证明了SA-IBE方案的安全性、解决密钥托管问题的有效性以及身份认证的可追责性。     

Zero-Knowledge Authentication Scheme with Secret Key Exchange

In this paper we formally define proof systems for functions and develop an example of such a proof with a constant number of rounds, which we modify (at no extra communication cost) into an identification scheme with secret key exchange for subsequent conventional encryption. Implemented on a standard 32-bit chip or similar, the whole protocol, which involves mutual identification of two users, exchange of a random common secret key, and verification of certificates for the public keys (RSA, 512 bits) takes less than 3/4 second. Received 1 July 1989 and revised 15 January 1996     

A Flexible Privacy-Enhanced Location-Based Services System Framework and Practice

Location based services(LBS) are becoming increasingly important to the success and attractiveness of next generation wireless systems. However, a natural tension arises between the need for user privacy and the flexible use of location information. In this paper we present a framework to support privacy enhanced location based services. We classify the services according to several basic criteria and we propose a hierarchical key distribution method to support these services. The key idea behind the system is to hierarchically encrypt location information under different keys, and distribute the appropriate keys only to group members with the necessary permission. Four methods are proposed to deliver hierarchical location information while maintaining privacy. We propose a key tree rebalancing algorithm to maintain the re-keying performance of the group key management. Furthermore, we present a practical LBS system implementation. Hierarchical location information coding offers flexible location information access which enables a rich set of location based services. Our load tests show such a system is highly practical with good efficiency and scalability.     

基于智能卡的RSA数字签名实现关键问题解析

数字签名是一种应用于网络安全的重要安全机制,智能卡或Token是用来实现数字签名验证的安全硬件载体,如何在硬件载体上实现数字签名是一个较为关键的问题.本文根据接触式智能卡系列标准及PKCS (Public Key Cryptographic Standard)系列相关标准,成功实现了智能卡操作系统上的RSA(一种非对称公钥密码算法)算法下的数字签名、身份认证、信息加解密、密钥分配,并着重解析了应用中智能卡RSA算法实现方面的关键问题,提出了若干解决方案.     

Non-Interactive Authenticated Key Agreement over the Mobile Communication Network

A key agreement scheme is an important technique to establish a common secret over an insecure communication environment such as the Internet. In this paper, we elaborate on the merits of self-certified public key systems and bilinear pairing cryptosystems to propose an efficient and secure non-interactive authenticated key agreement (NI-AKA) scheme. The security of our scheme is proved to be computationally equivalent to the bilinear Diffie-Hellman problem (BDHP). In addition, the proposed scheme has the following advantages: (i) Two participants can easily establish a shared secret key between them without further interactions, so as to greatly reduce the possibility of leaking any security information of the shared secret key. (ii) Combining with self-certified public key systems, the proposed scheme makes it unnecessary to verify each other’s public key in advance, since the authenticity of the public keys is simultaneously validated when the mutually shared secret key is correctly established. (iii) Based on the bilinear pairing cryptosystems over elliptic curves, our scheme is suitable for mobile applications with limited computing power and insufficient storage space, such as PDAs and cellular phones, etc.     

An overview of PKI trust models

If Alice and Bob each know their own private key and the other's public key, they can communicate securely, through any number of public key based protocols such as IPSec, PGP, S/MIME, or SSL. However, how do they know each other's public keys? The goal of a public key infrastructure (PKI) is to enable secure, convenient, and efficient discovery of public keys. It should be applicable within as well as between organizations, and scalable to support the Internet. There are various types of PKI that are widely deployed or have been proposed. They differ in the configuration information required, trust rules, and flexibility. There are standards such as X.509 and PKIX, but these are sufficiently flexible so that almost any model of PKI can be supported. We describe several types of PKI and discuss the advantages and disadvantages of each. We argue against several popular and widely deployed models as being insecure, unscalable, or overly inconvenient. We also recommend a particular model     

Authenticated key agreement without using one-way hash functions

The MQV key agreement protocol has been adopted by the IEEE P1363 Committee to become a standard. The MQV protocol used a digital signature to sign the Diffie-Hellman public keys without using any one-way function. Here, the MQV protocol is generalised in three respects. First, signature variants for Diffie-Hellman public keys developed previously are employed in the new protocol. Secondly, two communication entities are allowed to establish multiple secret keys in a single round of message exchange. Thirdly, the key computations are simplified     

Modeling Pairwise Key Establishment for Random Key Predistribution in Large-Scale Sensor Networks

Sensor networks are composed of a large number of low power sensor devices. For secure communication among sensors, secret keys are required to be established between them. Considering the storage limitations and the lack of post-deployment configuration information of sensors, random key predistribution schemes have been proposed. Due to limited number of keys, sensors can only share keys with a subset of the neighboring sensors. Sensors then use these neighbors to establish pairwise keys with the remaining neighbors. In order to study the communication overhead incurred due to pairwise key establishment, we derive probability models to design and analyze pairwise key establishment schemes for large-scale sensor networks. Our model applies the binomial distribution and a modified binomial distribution and analyzes the key path length in a hop-by-hop fashion. We also validate our models through a systematic validation procedure. We then show the robustness of our results and illustrate how our models can be used for addressing sensor network design problems.     

系统中心控制和多方参与的安全盲签名

为了满足电子现金、电子招投标等特殊系统的安全性需求,在研究分析椭圆曲线密码、自认证公钥、位委托协议和Nyberg-Rueppel签名方案的基础上,设计了一种系统中心控制和多方参与的安全盲签名方案,并对该方案的正确性、安全性进行了必要分析和证明。     

Compromise‐Resistant Pairwise Key Establishments for Mobile Ad hoc Networks

This letter presents a pairwise key establishment scheme that is robust against the compromise of nodes in mobile ad hoc networks. Each node establishes local keys with its neighbor nodes that are at most three hops away at network boot‐up time. When any two nodes establish a pairwise key, they receive the secret information from the nodes on the route between them, and construct the pairwise key using the secret information. Here, the local keys are utilized by the nodes on the route to send the secret information securely. The simulation results have proven that the proposed scheme provides better security than the key pre‐distribution‐based scheme.     

基于矢量分解和相位截取Gyrator变换的图像加密

为了提高光学图像加密系统的安全性,采用了矢量分解和相位截取Gyrator变换进行图像加密。原始图像和随机相位函数叠加后做Gyrator变换,矢量分解将Gyrator变换域信息分解为一个随机相位函数和一个复函数。随机相位函数和复函数分别做不同变换角度的Gyrator变换后截取相位得到一个公钥和加密图像,截取振幅得到两个非对称相位密钥。进行了理论分析和数值验证,同时,设计了解密光学装置。结果表示:两个非对称相位密钥做为私钥,三个Gyrator变换角度做为额外密钥,这对增强系统的安全性是有帮助的。     

A group key exchange and secure data sharing based on privacy protection for federated learning in edge-cloud collaborative computing environment

Federated learning (FL) is widely used in internet of things (IoT) scenarios such as health research, automotive autopilot, and smart home systems. In the process of model training of FL, each round of model training requires rigorous decryption training and encryption uploading steps. The efficiency of FL is seriously affected by frequent encryption and decryption operations. A scheme of key computation and key management with high efficiency is urgently needed. Therefore, we propose a group key agreement technique to keep private information and confidential data from being leaked, which is used to encrypt and decrypt the transmitted data among IoT terminals. The key agreement scheme includes hidden attribute authentication, multipolicy access, and ciphertext storage. Key agreement is designed with edge-cloud collaborative network architecture. Firstly, the terminal generates its own public and private keys through the key algorithm then confirms the authenticity and mapping relationship of its private and public keys to the cloud server. Secondly, IoT terminals can confirm their cryptographic attributes to the cloud and obtain the permissions corresponding to each attribute by encrypting the attributes. The terminal uses these permissions to encrypt the FL model parameters and uploads the secret parameters to the edge server. Through the storage of the edge server, these ciphertext decryption parameters are shared with the other terminal models of FL. Finally, other terminal models are trained by downloading and decrypting the shared model parameters for the purpose of FL. The performance analysis shows that this model has a better performance in computational complexity and computational time compared with the cited literature.     

The KryptoKnight family of light-weight protocols forauthentication and key distribution

An essential function for achieving security in computer networks is reliable authentication of communicating parties and network components. Such authentication typically relies on exchanges of cryptographic messages between the involved parties, which in turn implies that these parties be able to acquire shared secret keys or certified public keys. Provision of authentication and key distribution functions in the primitive and resource-constrained environments of low-function networking mechanisms, portable, or wireless devices presents challenges in terms of resource usage, system management, ease of use, efficiency, and flexibility that are beyond the capabilities of previous designs such as Kerberos or X.509. This paper presents a family of light-weight authentication and key distribution protocols suitable for use in the low layers of network architectures. All the protocols are built around a common two-way authentication protocol. The paper argues that key distribution may require substantially different approaches in different network environments and shows that the proposed family of protocols offers a flexible palette of compatible solutions addressing many different networking scenarios. The mechanisms are minimal in cryptographic processing and message size, yet they are strong enough to meet the needs of secure key distribution for network entity authentication. The protocols presented have been implemented as part of comprehensive security subsystem prototype called KryptoKnight     

双向中继稀疏多径信道密钥生成与分发

本文利用时分系统无线多径信道的互易性,提取信道相位信息作为密钥,实现双向中继信道的密钥生成与分发。由于信道的稀疏多径特性,采用基于压缩感知的重构算法对信道状态信息进行估计。端节点采用正交导频设计,将双向中继信道分解为两个点对点的信道;而中继采用物理层网络编码的思想,广播导频和密钥比特的异或。这样,仅用2个时隙就实现了密钥生成与分发,还保证了密钥的安全,且无需预先进行密钥的分配。仿真结果表明,本文所提方案可以有效的实现双向中继信道的密钥生成与分发,保证了物理层的安全通信。      

Design and implementation analysis of a public key infrastructure‐enabled security framework for ZigBee sensor networks

ZigBee is a wireless network technology suitable for applications requiring lower bandwidth, low energy consumption and small packet size. Security has been one of the challenges in ZigBee networks. Public Key Infrastructure (PKI) provides a binding of entities with public keys through a Certifying Authority (CA). Public key cryptography using public–private key pairs can be used for ensuring secure transmission in a network. But large size of public and private keys and memory limitations in ZigBee devices pose a problem for using PKI to secure communication in ZigBee networks. In this paper, we propose a PKI enabled secure communication schema for ZigBee networks. Limited memory and power constraints of end devices restrict them from storing public keys of all other devices in the network. Large keys cannot be communicated due to limited power of the nodes and small transmission packet size. The proposed schema addresses these limitations. We propose two algorithms for sending and receiving the messages. The protocols for intercommunication between the network entities are also presented. Minor changes have been introduced in the capabilities of devices used in the ZigBee networks to suit our proposed scheme. Network adaptations depending on different scenarios are discussed. The approach adopted in this paper is to alter the communication flow so as to necessitate minimum memory and computational requirements at the resource starved end points. In the proposed PKI implementation, end devices store the public keys of only the coordinator which in turn holds public keys of all devices in the network. All communication in our scheme is through the coordinator, which in the event of failure is re‐elected through an election mechanism. The performance of the proposed scheme was evaluated using a protocol analyzer in home automation and messenger applications. Results indicate that depending on the type of application, only a marginal increase in latency of 2 to 5 ms is introduced for the added security. Layer wise traffic and packets captured between devices were analyzed. Channel utilization, message length distribution and message types were also evaluated. The proposed protocol's performance was found to be satisfactory on the two tested applications. Copyright © 2014 John Wiley & Sons, Ltd.