The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
In order to ensure that the message is fresh, both the identity of the communication and the shared key in the session are reliable, while avoiding the defects of the old message retransmission attack and identity posing in the native NS protocol, the optimized protocol adopts the means by which the receiver communicates with the key distribution center, and add the sender's identity and the temporary...
The SSL protocol has been widely used for verifying digital identities and to secure Internet traffic since the early days of the web. Although X.509 certificates have been in existence for more than two decades, individual user uptake has been low due to the high cost of issuance and maintenance of such certs. This has led to a situation whereby users are able to verify the identity of an organization...
Cooperative spectrum sensing is often necessary in cognitive radios systems to localize a transmitter by fusing the measurements from multiple sensing radios. However, revealing spectrum sensing information also generally leaks information about the location of the radio that made those measurements. We propose a protocol for performing cooperative spectrum sensing while preserving the privacy of...
In the last decade, we have seen the emergence of the Bitcoin crypto-currency, where the Blockchain technology builds trust transaction after transaction through a validation process. Academics focused their research on security flaws or improvement, but we identify a lack of literature on how the validation of transaction and block proceeds. In fact, understanding the validation will help the conception...
Authentication is significant not only to data transmission operations but also network organizational functions in wireless sensor networks. Recently data authentication has been the focus of the research community in wireless sensor networks. Wireless sensor network (WSN) nodes are inherently resource constrained: they have restricted communication bandwidth, storage capacity, and processing speed...
The universal composability (UC) framework enables the modular design of cryptographic protocols by allowing arbitrary compositions of lower-level building blocks. Public-key encryption is unarguably a very important such building block. However, so far no UC-functionality exists that offers non-interactive encryption necessary for modular protocol construction. We provide an ideal functionality for...
The security of almost any real-world distributed system today depends on the participants having some "reasonably accurate" sense of current real time. Indeed, to name one example, the very authenticity of practically any communication on the Internet today hinges on the ability of the parties to accurately detect revocation of certificates, or expiration of passwords or shared keys.,,However,...
We use symbolic formal models to study the composition of public key-based protocols with public key infrastructures (PKIs). We put forth a minimal set of requirements which a PKI should satisfy and then identify several reasons why composition may fail. Our main results are positive and offer various trade-offs which align the guarantees provided by the PKI with those required by the analysis of...
A service may be implemented over several servers, and those servers may become compromised by an attacker, e.g. through software vulnerabilities. When this happens, the service manager will remove the vulnerabilities and re-instate the server. Typically, this will involve regenerating the public key by which clients authenticate the service, and revoking the old one. This paper presents a scheme...
We present the first formal analysis of two avionic protocols that aim to secure air-ground communications, the ARINC823 public-key and shared-key protocols. We verify these protocols both in the symbolic model of cryptography, using ProVerif, and in the computational model, using CryptoVerif. While we confirm many security properties of these protocols, we also find several weaknesses, attacks, and...
In this paper we have proposed a new algorithm of encrypting and decrypting images and text files. The proposed method is implemented by combining the concepts of Diffie Hellman algorithm and Blowfish algorithm. In this new technique at first a computer user will encrypt a file using a secret key generated by blowfish algorithm. Then using Diffie-Hellman protocol a shared private key will be generated...
In this paper we have proposed an innovative way to modify RSA algorithm in order to improve the security level of this scheme. The two-variable bijective mapping is utilized in this scope. A mathematical background of bijective function is discussed in order to understand the proposed technique. First of all the original RSA algorithm is discussed then the proposed modification methodology is explained...
User authentication in computer systems has been a cornerstone of computer security for decades. However, the existing user authentication schemes either require human cognitive ability to remember numerous complex id and password, or rely on a trusted third party which could fail due to technical failure or denial-of-service attacks. In this paper, we design a fully distributed user authentication...
Key management is required to secure the smart home application in the context of Internet of Things (IoT). But, these applications might be unable to use existing Internet key management protocols because of the presence of resource limited nodes. In this paper, we propose a lightweight and secure key management scheme for smart homes. This solution is based on an existing collaborative scheme used...
DNS provides a global-scale distributed lookup service to retrieve data of all types for a given name, be it IP addresses, service records, or cryptographic keys. This service has proven essential in today's operational Internet. Our experience with the design and development of Named Data Networking (NDN) suggests the need for a similar always-on lookup service. To fulfill this need we have designed...
Cooperative Intelligent Transportation Systems are rapidly gaining momentum in the scenario of modern wireless communications. Within these environments, messages are exchanged continuously. The latter should be secure and ensure users' privacy. Public Key Infrastructures (PKIs) represent the major solution to meet security needs. On the other hand, communications between the PKI and the vehicle stations...
E-Assessment is an innovative form for the evaluation of learners' knowledge and skills in online education, as well as in blended-learning environments, where part of the assessment activities is carried out online. As e-assessment involves online communication channel between learners and educators, as well as data transfer and storage, security measures are required to protect the environment against...
Typical protocols for password-based authentication assume a single server which stores all the information (e.g., the password) necessary to authenticate a user. Unfortunately, an inherent limitation of this approach (assuming low-entropy passwords are used) is that the user's password is exposed if this server is ever compromised. To address this issue, it has been suggested to share a user's password...
The TLS protocol is the primary technology used for securing web transactions. It is based on X.509 certificates that are used for binding the identity of web servers' owners to their public keys. Web browsers perform the validation of X.509 certificates on behalf of web users. Our previous research in 2009 showed that the validation process of web browsers is inconsistent and flawed. We showed how...
In this paper, a mutual authentication protocol based on ECC is designed for RFID systems. This protocol is described in detail and the performance of this protocol is analyzed. The results show that the protocol has many advantages, such as mutual authentication, confidentiality, anonymity, availability, forward security, scalability and so on, which can resist camouflage attacks, tracking attacks,...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.