The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Isolated Execution Environments (IEEs), such as ARM TrustZone and Intel SGX, offer the possibility to execute sensitive code in isolation from other malicious programs, running on the same machine, or a potentially corrupted OS. A key feature of IEEs is the ability to produce reports binding cryptographically a message to the program that produced it, typically ensuring that this message is the result...
The ever-increasing variety of services built on top of the Controller Area Network (CAN), along with the recent discovery of vulnerabilities in CAN-based automotive systems (some of them demonstrated in practice), stimulated a renewed attention to security-oriented enhancements of the CAN protocol. The issue is further compounded nowadays because, unlike in the past, security can no longer be enforced...
In this paper will be described a new way of using cognitive approaches in personalized cryptography algorithms. Personal information may be used in creation advanced security protocols, as well as personal keys for cryptosystems, and information encoding procedures. Such protocols may play important role in advanced secure management applications. Additionally some behavioral features allow to generate...
Witness functions have recently been introduced in cryptographic protocols' literature as a new powerful way to prove protocol correctness with respect to secrecy. In this paper, we extend them to the property of authentication. We show how to use them safely and we run an analysis on a modified version of the Woo-Lam protocol. We show that it is correct with respect to authentication.
This paper considers game-theoretic security of bit commitment protocols under a realistic cost model. Higo et. al (IWSEC 2013) proved equivalence of game-theoretic security and cryptographic security of bit commitment protocols under an ideal cost model. Their model assumes that there is no cost for communication and computation. Under a realistic model that cost for communication and computation...
We present novel security requirements for second price auctions and a simple, efficient and practical protocol that provably maintains these requirements. Novel requirements are needed because commonly used requirements, such as the indistinguishability-based secrecy requirement of encryption schemes presented by (Goldwasser and Micali, 1982), do not fit properly in the second price auctions context...
Credit analysis is used by financial companies to grant credit to customers. The analysis is expensive, bureaucratic, and requires the collection of customer personal information. However, shopping malls are selling goods in several installments and need a simple, fast, and cheap process to grant credit to their customers. One way to improve the efficiency of this process is to facilitate the sharing...
In this paper, we use the witness-functions to analyze cryptographic protocols for secrecy under nonempty equational theories. The witness-functions are safe metrics used to compute security. An analysis with a witness-function consists in making sure that the security of every atomic message does not decrease during its lifecycle in the protocol. The analysis gets more difficult under nonempty equational...
Nowadays, mobile phones are equipped with enhanced short-range communication functionality called Near Field Communication (or NFC for short). NFC requires no pairing between devices and suitable for transferring small amount of data in very limited area. A number of researchers proposed authentication techniques for NFC communications but they still lack some necessary security properties, especially...
The increasingly popular paradigm of Cloud computing brings about many benefits both for clients and providers, but it also introduces privacy risks associated to outsourcing data and processes to an untrustworthy environment. In particular, the multi-user computing scenario is especially difficult to tackle from a privacy-preserving point of view, seeking to protect data from different users while...
A Secret Handshake protocol provides a method of mutual authentication and key agreement which preserves users' anonymity, and prevents any information leakage to an unauthorized participant as well. Although in recent studies some schemes with desirable properties of “Unlinkability” and “Revocability” were proposed, in most of them unlinkability of revoked credentials or co-called “Backward Unlinkability”...
In recent years, in order to provide secure communication between Radio Frequency Identification (RFID) users different RFID authentication protocols have been proposed. In this paper, we investigate weaknesses of two newfound RFID authentication protocols that proposed by Shi et al. and Liu et al. in 2014. The Ouafi-Phan privacy model is used for privacy analysis. We show that these two protocols...
In this paper we present an optimistic fair exchange (OFE) protocol for proxy signatures. This protocol is useful in scenarios that a signer cannot participate in an OFE protocol himself and he needs to delegate his signing power to another one. We give a new security model for this type of protocols because the best and the most complete model until now does not consider all security aspects of this...
In our paper will be presented some advances in procedures used for encryption and division of secret data, as well as modern approaches for management of divided information. Computer techniques for secret information sharing aim to secure information against disclosure to unauthorized persons. The paper will describe algorithms allowing for visual information division and sharing on the basis of...
The paper presents new solutions in the area of application cryptographic protocols for strategic or personal information protection and management. Computer techniques for classified information protection and distribution will be described in the context of application for security purposes personal or biometric information. Such techniques may also support the management processes of confidential...
Password Authenticated Key Exchange (PAKE) protocols permit two entities to generate a large common session key and authenticate each other based on a pre-shared human memorable password. In 2006, Strangio proposed the DH-BPAKE protocol and claimed that the mentioned protocol is provably secure against several attacks. In this paper, it is shown that the DH-BPAKE protocol is vulnerable to password...
This paper proposes a new offline TTP-based fair exchange protocol. The protocol will allow customers to buy physical products (such as computers, furniture, and so forth) from merchants online. The protocol will ensure fairness for both customer and merchant. That is, the customer will get the physical product and the merchant will get the payment or neither does. Only six messages to be exchanged...
Nowadays, an agent-based mobile pa yment has become more popular. However, existing payment systems still lack of necessary mobile payment properties. Especially, they should be shorter and lightweight for making payment on the move. This paper introduces a new secure lightweight mobile bill payment protocol with assistance of an intermediary acting as an agent to collect and process payment requests...
We present a solution which improves the level of privacy possible in location based services (LBS). A core component of LBS is proximity testing of users. Alice wants to know if she is near to Bob (or generally some location). The presented solution support private proximity testing and is actively secure meaning it prevents a number of attacks possible in existing protocols for private proximity...
Message freshness and time synchronization are nowadays essential services in secure communication. Many network protocols can work correctly only when freshness of messages sent between participants is assured and when internal clocks protocol's parties are adjusted. In this paper we present a novel, secure and fast procedure which can be used to ensure data freshness and clock synchronization between...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.