Aggregate message authentication codes (AMACs) with on-the-fly verification

Aggregate message authentication codes (AMACs) merge multiple authenticators for multiple receivers in multicast networks. We investigate this security notion, revise the definition, derive the lower bound, and present a generic construction through Bloom filters. Different from former research, we especially focus on the new property of AMACs: on-the-fly verification, which means that given the aggregated tag, each single message can be verified without obtaining other messages, i.e., the time for verifying a single message takes time complexity $\mathcal{O }(1)$ O ( 1 ) , compared to regular MAC schemes. We derive the security lower bound of such type of AMACs and present a generic approach to build them from essentially any standard MAC scheme by Bloom filter technique. Moreover, we achieve the theoretical lower bound on security strength by adopting optimal compressed Bloom filters.     

Provably secure and efficient identification and key agreement protocol with user anonymity

Many authentication and key agreement protocols were proposed for protecting communicated messages. In previous protocols, if the user?s identity is transmitted in plaintext, an adversary can tap the communications and employ it to launch some attacks. In most protocols with user anonymity, they focus on satisfaction of several security requirements. From a client?s point of view, those protocols are not admired since the cost of storage, computation and communication is high. In pervasive computing, a client usually uses a limited-resource device to access multiple servers. The storage and computation are very important issues especially in this kind of environments. Also, for a convenience of designing protocol, most protocols use timestamps to prevent the replay attack. As we know, the serious time synchronization problem exists in timestamp-based protocols. Finally, most protocols do not have formal proofs for the security. In this paper, we propose a secure and efficient identification and key agreement protocol with user anonymity based on the difficulty of cracking the elliptic curve Diffie–Hellman assumption. In addition, we also propose an augmented protocol for providing the explicit mutual authentication. Compared with the related protocols, the proposed protocols? computation cost is lower and the key length is shorter. Therefore, our protocols are suitable even for applications in low power computing environments. Finally, we formally prove the security of the proposed protocols by employing the random oracle model.