On Protocols for Information Security Services

Now-a-days, organizations are becoming more and more dependent on their information systems due to the availability of high technology environment. Information is also treated as vital like other important assets of an organization. Thus, we require Information Security Services (ISS) protocols to protect this commodity. In this thesis, investigations have been made to protect information by developing some ISS protocols. A key management protocol, which stores one-way hash of the password at the server, instead of storing plaintext version of password has been explained. A unique asymmetric cryptosystem for encrypting large messages has been described, which is not only efficient but also secure as compared to other asymmetric cryptosystems.Blind Signature Schemes (BSS) facilitate a requester to obtain signature from a signer on any document, in such a way that the signer cant know anything about the message that is being signed. Four BSS have been described which are based on Elliptic Curve Discrete Logarithm Problem (ECDLP).A remote user authentication scheme based on ECDLP has been described.

[1]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[2]  Tzong-Chen Wu,et al.  Remote login authentication scheme based on a geometric approach , 1995, Comput. Commun..

[3]  Jun Yang,et al.  A New Variant of the Diffie-Hellman Key-Exchange Protocol Based on Block Triangular Matrix Groups , 2008, 2008 International Conference on Intelligent Information Hiding and Multimedia Signal Processing.

[4]  Jan Camenisch,et al.  Fair Blind Signatures , 1995, EUROCRYPT.

[5]  Shiuh-Pyng Shieh,et al.  Password authentication schemes with smart cards , 1999, Comput. Secur..

[6]  David Chaum,et al.  Blinding for Unanticipated Signatures , 1987, EUROCRYPT.

[7]  Kefei Chen,et al.  Cryptanalysis of a timestamp-based password authentication scheme , 2004, IACR Cryptol. ePrint Arch..

[8]  Li Gong,et al.  Optimal authentification protocols resistant to password guessing attacks , 1995, Proceedings The Eighth IEEE Computer Security Foundations Workshop.

[9]  Daniel R. L. Brown Generic Groups, Collision Resistance, and ECDSA , 2002, Des. Codes Cryptogr..

[10]  Cheng-Chi Lee,et al.  Traceability on RSA-based partially signature with low computation , 2003, Appl. Math. Comput..

[11]  Yi-Shiung Yeh,et al.  Randomization enhanced Chaum's blind signature scheme , 2000, Comput. Commun..

[12]  Lin-Chuan Wu Analysis of traceability attack on Camenisch et al.'s blind signature schemes , 2006, ASIACCS '06.

[13]  Ji-Hye Park,et al.  A Secure Remote User Authentication Scheme , 2008, 2008 Third International Conference on Convergence and Hybrid Information Technology.

[14]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[15]  Lihua Liu,et al.  A Strong RSA Signature Scheme and Its Application , 2007, Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (SNPD 2007).

[16]  Peter Wayner,et al.  Digital cash - commerce on the net , 1995 .

[17]  Taekyoung Kwon,et al.  An adaptable and reliable authentication protocol for communication networks , 1997, Proceedings of INFOCOM '97.

[18]  Anton Stiglic,et al.  Security Issues in the Diffie-Hellman Key Agreement Protocol , 2001 .

[19]  Jan Camenisch,et al.  Blind Signatures Based on the Discrete Logarithm Problem , 1994, EUROCRYPT.

[20]  Behrouz A. Forouzan Cryptography & Network Security , 2007 .

[21]  Chin-Laung Lei,et al.  Low-computation partially blind signatures for electronic cash , 1998 .

[22]  Steven M. Bellovin,et al.  Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise , 1993, CCS '93.

[23]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[24]  Cheng-Chi Lee,et al.  Untraceable Blind Signature Schemes Based on Discrete Logarithm Problem , 2002, Fundam. Informaticae.

[25]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[26]  Hung-Min Sun,et al.  Three-party encrypted key exchange: attacks and a solution , 2000, OPSR.

[27]  Jianping Yin,et al.  An Anonymous Digital Cash and Fair Payment Protocol Utilizing Smart Card in Mobile Environments , 2006, 2006 Fifth International Conference on Grid and Cooperative Computing Workshops.

[28]  Rajeev Kumar,et al.  Formulation of an encryption algorithm on the basis of molecular genetics and image patterns , 1999, Proceedings Third International Conference on Computational Intelligence and Multimedia Applications. ICCIMA'99 (Cat. No.PR00300).

[29]  Lina Wang,et al.  A More Effective Voting Scheme based on Blind Signature , 2006, 2006 International Conference on Computational Intelligence and Security.

[30]  Hirohito Inagaki,et al.  A Password Authentication Method for Contents Communications on the Internet , 1998 .

[31]  Eli Biham,et al.  Differential-Linear Cryptanalysis of Serpent , 2003, FSE.

[32]  Kyung-Sang Sung,et al.  XML Document Encrypt Implementation Using Elliptic Curve Cryptosystem , 2007, 2007 International Conference on Convergence Information Technology (ICCIT 2007).

[33]  Zulfikar Amin Ramzan,et al.  Group blind digital signatures : theory and applications , 1999 .

[34]  Hung-Yu Chien,et al.  RSA-based partially blind signature with low computation , 2001, Proceedings. Eighth International Conference on Parallel and Distributed Systems. ICPADS 2001.

[35]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .

[36]  Eun-Jun Yoon,et al.  A New Secure Key Exchange Protocol Between STB and Smart Card in DTV Broadcasting , 2006, WISI.

[37]  Alfred Menezes,et al.  Key Agreement Protocols and Their Security Analysis , 1997, IMACC.

[38]  Steven M. Bellovin,et al.  Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[39]  Chin-Laung Lei,et al.  Partially Blind Threshold signatures Based on Discrete Logarithm , 1999, Comput. Commun..

[40]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[41]  Adi Shamir,et al.  An efficient signature scheme based on quadratic equations , 1984, STOC '84.

[42]  Vijay Laxmi,et al.  Buyer seller watermarking protocol for digital rights management , 2009, SIN '09.

[43]  Shibao Zheng,et al.  Secure communication between set-top box and smart card in DTV broadcasting , 2004, IEEE Transactions on Consumer Electronics.

[44]  Sanjay Kumar Jena,et al.  A novel and efficient cryptosystem for large message encryption , 2011, Int. J. Inf. Commun. Technol..

[45]  Gene Tsudik,et al.  Refinement and extension of encrypted key exchange , 1995, OPSR.

[46]  Jin-Young Choi,et al.  Cryptanalysis of Secure Key Exchange Protocol between STB and Smart Card in IPTV Broadcasting , 2009, ISA.

[47]  F. Rodriguez-Henriquez,et al.  A comparative performance analysis of several blind signature schemes , 2008, 2008 5th International Conference on Electrical Engineering, Computing Science and Automatic Control.

[48]  Gene Tsudik,et al.  On simple and secure key distribution , 1993, CCS '93.

[49]  David Naccache,et al.  On blind signatures and perfect crimes , 1992, Comput. Secur..

[50]  Min-Shiang Hwang,et al.  Cryptanalysis of a remote login authentication scheme , 1999, Comput. Commun..

[51]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[52]  Jean-Sébastien Coron,et al.  On the Security of RSA Padding , 1999, CRYPTO.

[53]  Neil Haller,et al.  The S/KEY One-Time Password System , 1995, RFC.

[54]  Giovanni Maria Sacco,et al.  Timestamps in key distribution protocols , 1981, CACM.

[55]  Kai-Yeung Siu,et al.  Efficient protocols secure against guessing and replay attacks , 1995, Proceedings of Fourth International Conference on Computer Communications and Networks - IC3N'95.

[56]  Cheng-Chi Lee,et al.  An Untraceable Blind Signature Scheme , 2003, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[57]  Hung-Min Sun,et al.  Simple authenticated key agreement protocol resistant to password guessing attacks , 2002, OPSR.

[58]  Behnam Kharchineh,et al.  A New Electronic Voting Protocol Using a New Blind Signature Scheme , 2010, 2010 Second International Conference on Future Networks.

[59]  Stefan Lucks,et al.  Open Key Exchange: How to Defeat Dictionary Attacks Without Encrypting Public Keys , 1997, Security Protocols Workshop.

[60]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[61]  Craig Metz,et al.  One-Time Passwords in Everything (OPIE): Experiences with Building and Using Strong Authentication , 1995, USENIX Security Symposium.

[62]  Zuowen Tan Improvement on a Generalized Scheme of Proxy Signature Based on Elliptic Curves , 2007, 2007 International Conference on Computational Intelligence and Security (CIS 2007).

[63]  Patrick Horster,et al.  Undetectable on-line password guessing attacks , 1995, OPSR.

[64]  L. Harn Cryptanalysis of the blind signatures based on the discrete logarithm problem , 1995 .

[65]  C. Lei,et al.  Efficient blind signature scheme based on quadratic residues , 1996 .

[66]  Ching-Nung Yang,et al.  Visual Cryptography Schemes with Reversing , 2008, Comput. J..

[67]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice , 1995 .

[68]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[69]  Chin-Laung Lei,et al.  User efficient blind signatures , 1998 .

[70]  Im-yeong Lee,et al.  A Study on the Electronic Voting System using blind Signature for Anonymity , 2006, 2006 International Conference on Hybrid Information Technology.

[71]  Subariah Ibrahim,et al.  Secure E-voting with blind signature , 2003, 4th National Conference of Telecommunication Technology, 2003. NCTT 2003 Proceedings..

[72]  Chris J. Mitchell,et al.  Comments on the S/KEY user authentication scheme , 1996, OPSR.

[73]  Rajwinder Singh,et al.  SECURITY SCHEME FOR MOBILE AGENT SYSTEM IN E-COMMERCE SCENARIO , 2005 .

[74]  R. A. Rueppel,et al.  Message recovery for signature schemes based on the discrete logarithm problem , 1994, EUROCRYPT.

[75]  Nevenko Zunic,et al.  Methods for Protecting Password Transmission , 2000, Comput. Secur..

[76]  C. Popescu,et al.  An Off-line Electronic Cash System Based on Bilinear Pairings , 2007, 2007 14th International Workshop on Systems, Signals and Image Processing and 6th EURASIP Conference focused on Speech and Image Processing, Multimedia Communications and Services.

[77]  William M. Daley,et al.  Digital Signature Standard (DSS) , 2000 .

[78]  Maurizio Kliban Boyarsky,et al.  Public-key cryptography and password protocols: the multi-user case , 1999, CCS '99.

[79]  David P. Jablon Extended password key exchange protocols immune to dictionary attack , 1997, Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises.

[80]  Min-Shiang Hwang,et al.  A new remote user authentication scheme using smart cards , 2000, IEEE Trans. Consumer Electron..

[81]  Chin-Laung Lei,et al.  Cryptanalysis on improved user efficient blind signatures , 2001 .

[82]  Sanjay Kumar Jena,et al.  A Novel Protocol for Smart Card Using ECDLP , 2008, 2008 First International Conference on Emerging Trends in Engineering and Technology.

[83]  C.-C.,et al.  Remote password authentication with smart cards , 2004 .

[84]  Xiaobo Peng,et al.  The challenges of international computer-supported collaboration , 2004, 34th Annual Frontiers in Education, 2004. FIE 2004..

[85]  Cheng-Chi Lee,et al.  Traceability on Low-Computation Partially Blind Signatures for Electronic Cash , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[86]  Zhenfu Cao,et al.  Cryptanalysis and improvement of an elliptic curve Diffie-Hellman key agreement protocol , 2008, IEEE Communications Letters.

[87]  Christof Paar,et al.  Efficient Implementation of Elliptic Curve Cryptosystems on the TI MSP 430x33x Family of Microcontrollers , 2001, Public Key Cryptography.

[88]  Hung-Min Sun,et al.  An efficient remote use authentication scheme using smart cards , 2000, IEEE Trans. Consumer Electron..

[89]  David Chaum,et al.  Blind Signature System , 1983, CRYPTO.

[90]  Sanjay Kumar Jena,et al.  A Novel Remote User Authentication Scheme Using Smart Card Based on ECDLP , 2009, 2009 International Conference on Advanced Computer Control.

[91]  Sanjay Kumar Jena,et al.  A Novel Visual Cryptography Scheme , 2009, 2009 International Conference on Advanced Computer Control.

[92]  An-Pin Chen,et al.  A novel blind signature scheme possessed with dual protections , 2003, IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings..

[93]  Mihir Bellare,et al.  Provably secure session key distribution: the three party case , 1995, STOC '95.

[94]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[95]  David P. Jablon Strong password-only authenticated key exchange , 1996, CCRV.

[96]  Laurie Law,et al.  How to Make a Mint: The Cryptography of Anonymous Electronic Cash , 1997 .

[97]  Chin-Chen Chang,et al.  An ElGamal-Like Cryptosystem for Enciphering Large Messages , 2002, IEEE Trans. Knowl. Data Eng..

[98]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[99]  Subhendu Kumar Pani,et al.  A modified remote user authentication scheme using smart card based on ECDLP , 2009, 2009 International Conference on Industrial and Information Systems (ICIIS).

[100]  Sanjay Kumar Jena,et al.  A Novel ECDLP-Based Blind Signature Scheme with an Illustration , 2008 .

[101]  Wu Xiaoping,et al.  New Digital Signature Scheme Based on both ECDLP and IFP , 2009, 2009 2nd IEEE International Conference on Computer Science and Information Technology.

[102]  Silvio Micali,et al.  Fair Public-Key Cryptosystems , 1992, CRYPTO.

[103]  Abdulmotaleb El-Saddik,et al.  Detecting and Preventing IP-spoofed Distributed DoS Attacks , 2008, Int. J. Netw. Secur..

[104]  Neal Koblitz,et al.  CM-Curves with Good Cryptographic Properties , 1991, CRYPTO.

[105]  E. Mohammed,et al.  A blind signature scheme based on ElGamal signature , 2000, IEEE/AFCEA EUROCOMM 2000. Information Systems for Enhanced Public Safety and Security (Cat. No.00EX405).

[106]  Zuhua Shao Improved user efficient blind signatures , 2000 .

[107]  Chang Gui-ran,et al.  A Verifier-Based Key Exchange Protocol in Cross-Realm Setting , 2009, 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing.

[108]  Sanjay Kumar Jena,et al.  A novel and efficient cryptosystem for long message encryption , 2009, 2009 International Conference on Industrial and Information Systems (ICIIS).

[109]  Min-Shiang Hwang,et al.  Traceability on Stadler et al.'s Fair Blind Signature Scheme , 2003, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[110]  Frederic P. Miller,et al.  Advanced Encryption Standard , 2009 .

[111]  Hung-Min Sun,et al.  Three-party encrypted key exchange without server public-keys , 2001, IEEE Communications Letters.

[112]  Cheng-Chi Lee,et al.  A remote user authentication scheme using hash functions , 2002, OPSR.

[113]  D. K. Branstad,et al.  Data Encryption Standard: past and future , 1988, Proc. IEEE.

[114]  Sanjay Kumar Jena,et al.  A Novel Blind Signature Scheme Based on Nyberg-Rueppel Signature Scheme and Applying in Off-Line Digital Cash , 2007 .

[115]  David Paul Maher,et al.  Crypto backup and key escrow , 1996, CACM.

[116]  Zhan-gang Wang,et al.  A Secure Off-Line Electronic Cash Scheme Based on ECDLP , 2009, 2009 First International Workshop on Education Technology and Computer Science.

[117]  Sung-Ming Yen,et al.  Improved Digital Signature Algorithm , 1995, IEEE Trans. Computers.

[118]  Hugo Krawczyk,et al.  Public-key cryptography and password protocols , 1998, CCS '98.

[119]  Sung-Jin Lee,et al.  An electronic voting scheme based on undeniable blind signature scheme , 2003, IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings..