Next Issue
Volume 7, June
Previous Issue
Volume 6, December
 
 

Cryptography, Volume 7, Issue 1 (March 2023) – 15 articles

Cover Story (view full-size image): Traditional password authentication methods have raised many issues in the past, including insecure practices, so it comes as no surprise that the evolution of authentication should arrive in the form of password-less solutions. This research aims to explore the problems that password authentication and password policies present and aims to deploy Windows Hello for Business (WHFB) on-premises. It was concluded that many organizations still use password authentication as their primary authentication method for accessing devices and applications. Larger organizations such as Microsoft and Google support the adoption of password-less authentication for end-users, and the current usage of password-less authentication shared by both organizations is encouraged. View this paper
  • Issues are regarded as officially published after their release is announced to the table of contents alert mailing list.
  • You may sign up for e-mail alerts to receive table of contents of newly released issues.
  • PDF is the official format for papers published in both, html and pdf forms. To view the papers in pdf format, click on the "PDF Full-text" link, and use the free Adobe Reader to open them.
Order results
Result details
Section
Select all
Export citation of selected articles as:
13 pages, 3471 KiB  
Article
Cybersecurity Test Bed for Smart Contracts
by Casimer DeCusatis, Brian Gormanly, John Iacino, Reed Percelay, Alex Pingue and Justin Valdez
Cryptography 2023, 7(1), 15; https://doi.org/10.3390/cryptography7010015 - 10 Mar 2023
Cited by 1 | Viewed by 2884
Abstract
Blockchain, smart contracts, and related concepts have emerged in recent years as a promising technology for cryptocurrency, NFTs, and other areas. However, there are still many security issues that must be addressed as these technologies evolve. This paper reviews some of the leading [...] Read more.
Blockchain, smart contracts, and related concepts have emerged in recent years as a promising technology for cryptocurrency, NFTs, and other areas. However, there are still many security issues that must be addressed as these technologies evolve. This paper reviews some of the leading social engineering attacks on smart contracts, as well as several vulnerabilities which result from insecure code development. A smart contract test bed is constructed using Solidity and a Metamask wallet to evaluate vulnerabilities such as insecure arithmetic, denial of service, and re-entrancy attacks. Cross-chain vulnerabilities and potential vulnerabilities resulting from layer 2 side-chain processing were also investigated. Mitigation best practices are proposed based on the experimental results. Full article
(This article belongs to the Special Issue Emerging Topics in Blockchain Security and Privacy)
Show Figures

Figure 1

27 pages, 600 KiB  
Article
Models for Generation of Proof Forest in zk-SNARK Based Sidechains
by Yuri Bespalov, Lyudmila Kovalchuk, Hanna Nelasa, Roman Oliynykov and Rob Viglione
Cryptography 2023, 7(1), 14; https://doi.org/10.3390/cryptography7010014 - 07 Mar 2023
Cited by 2 | Viewed by 2259
Abstract
Sidechains are among the most promising scalability and extended functionality solutions for blockchains. Application of zero knowledge techniques (Latus, Mina) allows for reaching high level security and general throughput, though it brings new challenges on keeping decentralization where significant effort is required for [...] Read more.
Sidechains are among the most promising scalability and extended functionality solutions for blockchains. Application of zero knowledge techniques (Latus, Mina) allows for reaching high level security and general throughput, though it brings new challenges on keeping decentralization where significant effort is required for robust computation of zk-proofs. We consider a simultaneous decentralized creation of various zk-proof trees that form proof-trees sequences in sidechains in the model that combines behavior of provers, both deterministic (mutually consistent) or stochastic (independent) and types of proof trees. We define the concept of efficiency of such process, introduce its quantity measure and recommend parameters for tree creation. In deterministic cases, the sequences of published trees are ultimately periodic and ensure the highest possible efficiency (no collisions in proof creation). In stochastic cases, we obtain a universal measure of prover efficiencies given by the explicit formula in one case or calculated by a simulation model in another case. The optimal number of allowed provers’ positions for a step can be set for various sidechain parameters, such as number of provers, number of time steps within one block, etc. Benefits and restrictions for utilization of non-perfect binary proof trees are also explicitly presented. Full article
(This article belongs to the Special Issue Emerging Topics in Blockchain Security and Privacy)
Show Figures

Figure 1

15 pages, 4175 KiB  
Article
A Decentralized COVID-19 Vaccine Tracking System Using Blockchain Technology
by Atsuki Koyama, Van Chuong Tran, Manato Fujimoto, Vo Nguyen Quoc Bao and Thi Hong Tran
Cryptography 2023, 7(1), 13; https://doi.org/10.3390/cryptography7010013 - 06 Mar 2023
Cited by 2 | Viewed by 3098
Abstract
Coronavirus disease 2019 (COVID-19) vaccines play a crucial role in preventing the spread of the disease. However, the circulation of low-quality and counterfeit vaccines seriously affects human health and the reputation of real vaccine manufacturers (VMs) and increases the amount of fear concerning [...] Read more.
Coronavirus disease 2019 (COVID-19) vaccines play a crucial role in preventing the spread of the disease. However, the circulation of low-quality and counterfeit vaccines seriously affects human health and the reputation of real vaccine manufacturers (VMs) and increases the amount of fear concerning vaccination. In this study, we address this problem by developing a blockchain-based COVID-19 vaccine tracking system called “Vacchain”. Our Vacchain allows users (USERs) to track and trace the route of vaccines. We propose three mechanisms, namely, a system manager (SYS-MAN), a mutual agreement concerning vaccine ownership, and vaccine passports, to enhance the security and reliability of data recorded in the Vacchain ledger. We develop this system on the Substrate platform with the Rust language. Our implementation, evaluation, and analysis have shown that Vacchain can trace and track vaccines smoothly. In addition, data security and reliability are enhanced by the abovementioned three mechanisms. The proposed system is expected to contribute to preventing the spread of COVID-19. Full article
(This article belongs to the Special Issue Emerging Topics in Blockchain Security and Privacy)
Show Figures

Figure 1

17 pages, 4007 KiB  
Article
Dynamic Multimedia Encryption Using a Parallel File System Based on Multi-Core Processors
by Osama A. Khashan, Nour M. Khafajah, Waleed Alomoush, Mohammad Alshinwan, Sultan Alamri, Samer Atawneh and Mutasem K. Alsmadi
Cryptography 2023, 7(1), 12; https://doi.org/10.3390/cryptography7010012 - 06 Mar 2023
Cited by 6 | Viewed by 1943
Abstract
Securing multimedia data on disk drives is a major concern because of their rapidly increasing volumes over time, as well as the prevalence of security and privacy problems. Existing cryptographic schemes have high computational costs and slow response speeds. They also suffer from [...] Read more.
Securing multimedia data on disk drives is a major concern because of their rapidly increasing volumes over time, as well as the prevalence of security and privacy problems. Existing cryptographic schemes have high computational costs and slow response speeds. They also suffer from limited flexibility and usability from the user side, owing to continuous routine interactions. Dynamic encryption file systems can mitigate the negative effects of conventional encryption applications by automatically handling all encryption operations with minimal user input and a higher security level. However, most state-of-the-art cryptographic file systems do not provide the desired performance because their architectural design does not consider the unique features of multimedia data or the vulnerabilities related to key management and multi-user file sharing. The recent move towards multi-core processor architecture has created an effective solution for reducing the computational cost and maximizing the performance. In this paper, we developed a parallel FUSE-based encryption file system called ParallelFS for storing multimedia files on a disk. The developed file system exploits the parallelism of multi-core processors and implements a hybrid encryption method for symmetric and asymmetric ciphers. Usability is significantly enhanced by performing encryption, decryption, and key management in a manner that is fully dynamic and transparent to users. Experiments show that the developed ParallelFS improves the reading and writing performances of multimedia files by approximately 35% and 22%, respectively, over the schemes using normal sequential encryption processing. Full article
Show Figures

Figure 1

16 pages, 3444 KiB  
Article
Data Sharing Privacy Metrics Model Based on Information Entropy and Group Privacy Preference
by Yihong Guo, Jinxin Zuo, Ziyu Guo, Jiahao Qi and Yueming Lu
Cryptography 2023, 7(1), 11; https://doi.org/10.3390/cryptography7010011 - 03 Mar 2023
Cited by 1 | Viewed by 1900
Abstract
With the development of the mobile internet, service providers obtain data and resources through a large number of terminal user devices. They use private data for business empowerment, which improves the user experience while causing users’ privacy disclosure. Current research ignores the impact [...] Read more.
With the development of the mobile internet, service providers obtain data and resources through a large number of terminal user devices. They use private data for business empowerment, which improves the user experience while causing users’ privacy disclosure. Current research ignores the impact of disclosing user non-sensitive attributes under a single scenario of data sharing and lacks consideration of users’ privacy preferences. This paper constructs a data-sharing privacy metrics model based on information entropy and group privacy preferences. Use information theory to model the correlation of the privacy metrics problem, the improved entropy weight algorithm to measure the overall privacy of the data, and the analytic hierarchy process to correct user privacy preferences. Experiments show that this privacy metrics model can better quantify data privacy than conventional methods, provide a reliable evaluation mechanism for privacy security in data sharing and publishing scenarios, and help to enhance data privacy protection. Full article
(This article belongs to the Special Issue Applied Cryptography, Network Security, and Privacy Protection)
Show Figures

Figure 1

25 pages, 407 KiB  
Article
Selection Strategy of F4-Style Algorithm to Solve MQ Problems Related to MPKC
by Takashi Kurokawa, Takuma Ito, Naoyuki Shinohara, Akihiro Yamamura and Shigenori Uchiyama
Cryptography 2023, 7(1), 10; https://doi.org/10.3390/cryptography7010010 - 27 Feb 2023
Viewed by 1579
Abstract
Multivariate public-key cryptosystems are potential candidates for post-quantum cryptography. The security of multivariate public-key cryptosystems relies on the hardness of solving a system of multivariate quadratic polynomial equations. Faugère’s F4 algorithm is one of the solution techniques based on the theory of Gröbner [...] Read more.
Multivariate public-key cryptosystems are potential candidates for post-quantum cryptography. The security of multivariate public-key cryptosystems relies on the hardness of solving a system of multivariate quadratic polynomial equations. Faugère’s F4 algorithm is one of the solution techniques based on the theory of Gröbner bases and selects critical pairs to compose the Macaulay matrix. Reducing the matrix size is essential. Previous research has not fully examined how many critical pairs it takes to reduce to zero when echelonizing the Macaulay matrix in rows. Ito et al. (2021) proposed a new critical-pair selection strategy for solving multivariate quadratic problems associated with encryption schemes. Instead, this paper extends their selection strategy for solving the problems associated with digital signature schemes. Using the OpenF4 library, we compare the software performance between the integrated F4-style algorithm of the proposed methods and the original F4-style algorithm. Our experimental results demonstrate that the proposed methods can reduce the processing time of the F4-style algorithm by up to a factor of about seven under certain specific parameters. Moreover, we compute the minimum number of critical pairs to reduce to zero and propose their extrapolation outside our experimental scope for further research. Full article
Show Figures

Figure 1

22 pages, 5893 KiB  
Article
Attacking Windows Hello for Business: Is It What We Were Promised?
by Joseph Haddad, Nikolaos Pitropakis, Christos Chrysoulas, Mouad Lemoudden and William J. Buchanan
Cryptography 2023, 7(1), 9; https://doi.org/10.3390/cryptography7010009 - 14 Feb 2023
Cited by 1 | Viewed by 8631
Abstract
Traditional password authentication methods have raised many issues in the past, including insecure practices, so it comes as no surprise that the evolution of authentication should arrive in the form of password-less solutions. This research aims to explore the problems that password authentication [...] Read more.
Traditional password authentication methods have raised many issues in the past, including insecure practices, so it comes as no surprise that the evolution of authentication should arrive in the form of password-less solutions. This research aims to explore the problems that password authentication and password policies present and aims to deploy Windows Hello for Business (WHFB) on-premises. This includes creating three virtual machines (VMs) and evaluating WHFB as a password-less solution and showing how an attacker with privileged access may retrieve the end user’s domain password from the computer’s memory using Mimikatz and describing the possible results. The conducted research tests are in the form of two attack methods. This was feasible by the creation of three VMs operating in the following way. The first VM will act as a domain controller (DC) and certificate authority server (CA server). The second VM will act as an Active Directory Federation Service (ADFS). The third VM will act as the end-user device. The test findings research summarized that password-less authentication is far more secure than the traditional authentication method; this is evidenced throughout the author’s tests. Within the first test, it was possible to retrieve the password from an enrolled device for WHFB while it was still in the second phase of the deployment. The second test was a brute-force attack on the PIN of WHFB; since WHFB has measures to prevent such attacks, the attack was unsuccessful. However, even though the retrieval of the password was successful, there are several obstacles to achieving this outcome. It was concluded that many organizations still use password authentication as their primary authentication method for accessing devices and applications. Larger organizations such as Microsoft and Google support the adoption of password-less authentication for end-users, and the current usage of password-less authentication shared by both organizations is encouraged. This usually leads organizations to adopt this new solution for their IT infrastructure. This is because it has been used and tested by millions of people and has proven to be safe. This supports the findings of increased usage and the need for password-less authentication by today’s users. Full article
(This article belongs to the Special Issue Privacy-Preserving Techniques in Cloud/Fog and Internet of Things)
Show Figures

Figure 1

30 pages, 1681 KiB  
Article
Linear Cryptanalysis of Reduced-Round Simeck Using Super Rounds
by Reham Almukhlifi and Poorvi L. Vora
Cryptography 2023, 7(1), 8; https://doi.org/10.3390/cryptography7010008 - 09 Feb 2023
Cited by 2 | Viewed by 1959
Abstract
The Simeck family of lightweight block ciphers was proposed by Yang et al. in 2015, which combines the design features of the NSA-designed block ciphers Simon and Speck. Previously, we proposed the use of linear cryptanalysis using super-rounds to increase the efficiency of [...] Read more.
The Simeck family of lightweight block ciphers was proposed by Yang et al. in 2015, which combines the design features of the NSA-designed block ciphers Simon and Speck. Previously, we proposed the use of linear cryptanalysis using super-rounds to increase the efficiency of implementing Matsui’s second algorithm and achieved good results on all variants of Simon. The improved linear attacks result from the observation that, after four rounds of encryption, one bit of the left half of the state of the cipher depends on only 17 key bits (19 key bits for the larger variants of the cipher). We were able to follow a similar approach, in all variants of Simeck, with an improvement in Simeck 32 and Simeck 48 by relaxing the previous constraint of a single active bit, using multiple active bits instead. In this paper we present improved linear attacks against all variants of Simeck: attacks on 19-rounds of Simeck 32/64, 28-rounds of Simeck 48/96, and 34-rounds of Simeck 64/128, often with the direct recovery of the full master key without repeating the attack over multiple rounds. We also verified the results of linear cryptanalysis on 8, 10, and 12 rounds for Simeck 32/64. Full article
(This article belongs to the Topic Trends and Prospects in Security, Encryption and Encoding)
Show Figures

Figure 1

16 pages, 6549 KiB  
Article
Privacy Preserved Video Summarization of Road Traffic Events for IoT Smart Cities
by Mehwish Tahir, Yuansong Qiao, Nadia Kanwal, Brian Lee and Mamoona Naveed Asghar
Cryptography 2023, 7(1), 7; https://doi.org/10.3390/cryptography7010007 - 09 Feb 2023
Cited by 4 | Viewed by 2245
Abstract
The purpose of smart surveillance systems for automatic detection of road traffic accidents is to quickly respond to minimize human and financial losses in smart cities. However, along with the self-evident benefits of surveillance applications, privacy protection remains crucial under any circumstances. Hence, [...] Read more.
The purpose of smart surveillance systems for automatic detection of road traffic accidents is to quickly respond to minimize human and financial losses in smart cities. However, along with the self-evident benefits of surveillance applications, privacy protection remains crucial under any circumstances. Hence, to ensure the privacy of sensitive data, European General Data Protection Regulation (EU-GDPR) has come into force. EU-GDPR suggests data minimisation and data protection by design for data collection and storage. Therefore, for a privacy-aware surveillance system, this paper targets the identification of two areas of concern: (1) detection of road traffic events (accidents), and (2) privacy preserved video summarization for the detected events in the surveillance videos. The focus of this research is to categorise the traffic events for summarization of the video content, therefore, a state-of-the-art object detection algorithm, i.e., You Only Look Once (YOLOv5), has been employed. YOLOv5 is trained using a customised synthetic dataset of 600 annotated accident and non-accident video frames. Privacy preservation is achieved in two steps, firstly, a synthetic dataset is used for training and validation purposes, while, testing is performed on real-time data with an accuracy from 55% to 85%. Secondly, the real-time summarized videos (reduced video duration to 42.97% on average) are extracted and stored in an encrypted format to avoid un-trusted access to sensitive event-based data. Fernet, a symmetric encryption algorithm is applied to the summarized videos along with Diffie–Hellman (DH) key exchange algorithm and SHA256 hash algorithm. The encryption key is deleted immediately after the encryption process, and the decryption key is generated at the system of authorised stakeholders, which prevents the key from a man-in-the-middle (MITM) attack. Full article
(This article belongs to the Special Issue Applied Cryptography, Network Security, and Privacy Protection)
Show Figures

Figure 1

12 pages, 1838 KiB  
Article
High Throughput PRESENT Cipher Hardware Architecture for the Medical IoT Applications
by Jamunarani Damodharan, Emalda Roslin Susai Michael and Nasir Shaikh-Husin
Cryptography 2023, 7(1), 6; https://doi.org/10.3390/cryptography7010006 - 06 Feb 2023
Cited by 2 | Viewed by 2165
Abstract
The Internet of Things (IoT) is an intelligent technology applied to various fields like agriculture, healthcare, automation, and defence. Modern medical electronics is also one such field that relies on IoT. Execution time, data security, power, and hardware utilization are the four significant [...] Read more.
The Internet of Things (IoT) is an intelligent technology applied to various fields like agriculture, healthcare, automation, and defence. Modern medical electronics is also one such field that relies on IoT. Execution time, data security, power, and hardware utilization are the four significant problems that should be addressed in the data communication system between intelligent devices. Due to the risks in the implementation algorithm complexity, certain ciphers are unsuitable for IoT applications. In addition, IoT applications are also implemented on an embedded platform wherein computing resources and memory are limited in number. Here in the research work, a reliable lightweight encryption algorithm with PRESENT has been implemented as a hardware accelerator and optimized for medical IoT-embedded applications. The PRESENT cipher is a reliable, lightweight encryption algorithm in many applications. This paper presents a low latency 32-bit data path of PRESENT cipher architecture that provides high throughput. The proposed hardware architecture has been implemented and tested with XILINX XC7Z030FBG676-2 ZYNQ FPGA board 7000. This work shows an improvement of about 85.54% in throughput with a reasonable trade-off over hardware utilization. Full article
(This article belongs to the Topic Trends and Prospects in Security, Encryption and Encoding)
Show Figures

Figure 1

21 pages, 889 KiB  
Article
Quantum Secret Aggregation Utilizing a Network of Agents
by Michael Ampatzis and Theodore Andronikos
Cryptography 2023, 7(1), 5; https://doi.org/10.3390/cryptography7010005 - 03 Feb 2023
Cited by 5 | Viewed by 1911
Abstract
Suppose that the renowned spymaster Alice controls a network of spies who all happen to be deployed in different geographical locations. Let us further assume that all spies have managed to get their hands on a small, albeit incomplete by itself, secret, which [...] Read more.
Suppose that the renowned spymaster Alice controls a network of spies who all happen to be deployed in different geographical locations. Let us further assume that all spies have managed to get their hands on a small, albeit incomplete by itself, secret, which actually is just a part of a bigger secret. In this work, we consider the following problem: given the above situation, is it possible for the spies to securely transmit all these partial secrets to the spymaster so that they can be combined together in order to reveal the big secret to Alice? We call this problem, which, to the best of our knowledge, is a novel one for the relevant literature, the quantum secret aggregation problem. We propose a protocol, in the form of a quantum game, that addresses this problem in complete generality. Our protocol relies on the use of maximally entangled GHZ tuples, shared among Alice and all her spies. It is the power of entanglement that makes possible the secure transmission of the small partial secrets from the agents to the spymaster. As an additional bonus, entanglement guarantees the security of the protocol, by making it statistically improbable for the notorious eavesdropper Eve to steal the big secret. Full article
Show Figures

Figure 1

18 pages, 3644 KiB  
Article
Early Detection of Clustered Trojan Attacks on Integrated Circuits Using Transition Delay Fault Model
by Navya Mohan and J. P. Anita
Cryptography 2023, 7(1), 4; https://doi.org/10.3390/cryptography7010004 - 28 Jan 2023
Viewed by 1723
Abstract
The chances of detecting a malicious reliability attack induced by an offshore foundry are grim. The hardware Trojans affecting a circuit’s reliability do not tend to alter the circuit layout. These Trojans often manifest as an increased delay in certain parts of the [...] Read more.
The chances of detecting a malicious reliability attack induced by an offshore foundry are grim. The hardware Trojans affecting a circuit’s reliability do not tend to alter the circuit layout. These Trojans often manifest as an increased delay in certain parts of the circuit. These delay faults easily escape during the integrated circuits (IC) testing phase, hence are difficult to detect. If additional patterns to detect delay faults are generated during the test pattern generation stage, then reliability attacks can be detected early without any hardware overhead. This paper proposes a novel method to generate patterns that trigger Trojans without altering the circuit model. The generated patterns’ ability to diagnose clustered Trojans are also analyzed. The proposed method uses only single fault simulation to detect clustered Trojans, thereby reducing the computational complexity. Experimental results show that the proposed algorithm has a detection ratio of 99.99% when applied on ISCAS’89, ITC’99 and IWLS’05 benchmark circuits. Experiments on clustered Trojans indicate a 46% and 34% improvement in accuracy and resolution compared to a standard Automatic Test Pattern Generator (ATPG)Tool. Full article
(This article belongs to the Special Issue Feature Papers in Hardware Security II)
Show Figures

Figure 1

3 pages, 241 KiB  
Editorial
Acknowledgment to the Reviewers of Cryptography in 2022
by Cryptography Editorial Office
Cryptography 2023, 7(1), 3; https://doi.org/10.3390/cryptography7010003 - 18 Jan 2023
Viewed by 1763
Abstract
High-quality academic publishing is built on rigorous peer review [...] Full article
11 pages, 439 KiB  
Article
Polar Codes for Module-LWE Public Key Encryption: The Case of Kyber
by Iason Papadopoulos and Jiabo Wang
Cryptography 2023, 7(1), 2; https://doi.org/10.3390/cryptography7010002 - 10 Jan 2023
Viewed by 2490
Abstract
In modern society, the Internet is one of the most used means of communication. Thus, secure information transfer is inevitably of major importance. Computers nowadays use encryption methods based on arithmetic operations to turn messages into ciphertexts that are practically impossible for an [...] Read more.
In modern society, the Internet is one of the most used means of communication. Thus, secure information transfer is inevitably of major importance. Computers nowadays use encryption methods based on arithmetic operations to turn messages into ciphertexts that are practically impossible for an attacker to reverse-engineer using a classical computer. Lately, it has been proven that this is possible in a post-quantum setting where quantum computers of considerable size are available to attackers. With the advance of technology of quantum computers, it is now more necessary than ever before to construct encryption schemes that cannot be broken either using a classical or a quantum computer. The National Institute of Technology and Standards (NIST) has orchestrated a competition, and numerous encryption schemes have been proposed. The NIST has identified one algorithm to be standardized for the post-quantum era. This algorithm is called CRYSTALS-Kyber and is based on module learning with errors (MLWE). This paper investigates how to apply error correcting codes in order to create some excess decryption failure rate (DFR) and to take advantage of that in order to re-tune Kyber’s parameters in the pursuit of higher security. By applying Polar Codes, Kyber’s security was managed to be increased by 54.4% under a new set of parameters, while keeping the decryption failure rate well below the upper acceptable bound set by the NIST. Full article
(This article belongs to the Special Issue Security, Privacy, and Robustness of Future Wireless Networks)
Show Figures

Figure 1

13 pages, 333 KiB  
Article
Authenticated Key Exchange Protocol in the Standard Model under Weaker Assumptions
by Janaka Alawatugoda
Cryptography 2023, 7(1), 1; https://doi.org/10.3390/cryptography7010001 - 05 Jan 2023
Viewed by 2275
Abstract
A two-party authenticated key exchange (AKE) protocol allows each of the two parties to share a common secret key over insecure channels, even in the presence of active adversaries who can actively control and modify the exchanged messages. To capture the malicious behaviors [...] Read more.
A two-party authenticated key exchange (AKE) protocol allows each of the two parties to share a common secret key over insecure channels, even in the presence of active adversaries who can actively control and modify the exchanged messages. To capture the malicious behaviors of the adversaries, there have been many efforts to define security models. Amongst them, the extended Canetti–Krawczyk (eCK) security model is considered one of the strongest security models and has been widely adopted. In this paper, we present a simple construction of a pairing-based eCK-secure AKE protocol in the standard model. Our protocol can be instantiated with a suitable signature scheme (i.e., an existentially unforgeable signature scheme against adaptive chosen message attacks). The underlying assumptions of our construction are the decisional bilinear Diffie–Hellman assumption and the existence of a pseudorandom function. Note that the previous eCK-secure protocol constructions either relied on random oracles for their security or used somewhat strong assumptions, such as the existence of strong-pseudorandom functions, target collision-resistant functions, etc., while our protocol construction uses fewer and more-standard assumptions in the standard model. Furthermore, preserving the same security argument, our protocol can be instantiated with any appropriate signature scheme that comes in the future with better efficiency. Full article
Previous Issue
Next Issue
Back to TopTop