To see the other types of publications on this topic, follow the link: Bilinear pairing.
Dissertations / Theses on the topic 'Bilinear pairing'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 37 dissertations / theses for your research on the topic 'Bilinear pairing.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Gagne, Martin. "Applications of Bilinear Maps in Cryptography." Thesis, University of Waterloo, 2002. http://hdl.handle.net/10012/1134.
Full textAbstract:
It was recently discovered by Joux [30] and Sakai, Ohgishi and Kasahara [47] that bilinear maps could be used to construct cryptographic schemes. Since then, bilinear maps have been used in applications as varied as identity-based encryption, short signatures and one-round tripartite key agreement.
This thesis explains the notion of bilinear maps and surveys the applications of bilinear maps in the three main fields of cryptography: encryption, signature and key agreement. We also show how these maps can be constructed using the Weil and Tate pairings in elliptic curves.
2
Alanazi, Faisal. "Secure Ecient Identity-Based Conditional Privacy-Preserving Authentication Protocol for Vehicular Status Message Broadcasting without Bilinear Pairing." The Ohio State University, 2018. http://rave.ohiolink.edu/etdc/view?acc_num=osu1531779812827079.
Full text
3
Varga, Ondrej. "Efektivní schémata digitálních podpisů." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2011. http://www.nusl.cz/ntk/nusl-219303.
Full textAbstract:
Digital signatures, which take the properties of classical signatures, are used to secure the actual content of documents, which can be modified during transmission over an insecure channel. The problems of security and protection of communicating participants are solved by cryptographic techniques. Identity verification, message integrity, credibility, the ownership of documents, and the secure transmission of information over an unsecured channel, are all dealt with in secure communications - Public Key Infrastructure, which uses digital signatures. Nowadays digital signatures are often used to secure data in communication over an unsecured channel. The aim of the following master’s thesis is to familiarize readers with the necessary technological aspects of digital signatures, as well as their advantages and disadvantages. By the time digital signatures are being used they will have to be improved and modified to be secure against more sophisticated attacks. In this paper, proposals of new efficient digital signature schemes and their comparison with current ones are described. Also are examined their implications for computationally weak devices, or deployment in low speed channel transmission systems. After an explanation of cryptography and a description of its basic subjects, digital signatures are introduced. The first chapter describes the possible formatting and architecture of the digital signature. The second part of this master’s thesis is about current digital signature schemes and their properties. Chapter 3 describes some proposals of new efficient digital signature schemes and their comparison to those currently in use. In the practical part, the implementations (in the environment .NET in C#) of two effective digital signature schemes as part of a client-server application are presented and described (Chapter 4). In the last chapter the comparison and analysis of the implemented signature schemes are provided.
4
Sangalli, Leandro Aparecido 1988. "Avaliação do custo computacional de emparelhamentos bilineares sobre curvas elípticas Barreto-Naehrig." [s.n.], 2014. http://repositorio.unicamp.br/jspui/handle/REPOSIP/259577.
Full textAbstract:
Orientador: Marco Aurélio Amaral HenriquesDissertação (mestrado) - Universidade Estadual de Campinas, Faculdade de Engenharia Elétrica e de Computação
Made available in DSpace on 2018-08-26T04:02:15Z (GMT). No. of bitstreams: 1 Sangalli_LeandroAparecido1988-_M.pdf: 2889538 bytes, checksum: 474d1ae695fc20d0f0b214ac8ba4716f (MD5) Previous issue date: 2014
Resumo: Emparelhamentos bilineares sobre curvas elípticas são funções matemáticas que podem viabilizar protocolos criptográficos promissores. Porém, um fato que enfraquece o desenvolvimento destes protocolos é o alto custo computacional para calcular estes emparelhamentos. Diversas técnicas de otimização foram propostas nos últimos anos para realizar este cálculo de forma mais eficiente. Dentre estas técnicas existem as que mudam o tipo de emparelhamentos, o tipo de curvas elípticas ou a forma de cálculo dos emparelhamentos. As curvas Barreto-Naehrig são conhecidas como curvas amigáveis para emparelhamentos, pois se destacam para aplicações que buscam eficiência no cálculo dos mesmos. Este trabalho avalia em detalhes o custo das operações presentes no cálculo de alguns dos emparelhamentos mais utilizados atualmente definidos sobre curvas Barreto-Naehrig. Por meio desta análise, foi possível realizar uma comparação destes emparelhamentos no nível de operações de adição, multiplicação, quadrado, inversão e redução modular sobre um corpo finito primo e sobre um processador genérico. Os resultados mostram que de acordo com os parâmetros adotados, um dos emparelhamentos mais utilizados (Optimal Ate) pode não apresentar o melhor desempenho entre os analisados. Além disso, foi possível avaliar como o cálculo dos emparelhamentos é afetado pela adoção de diferentes processadores, desde aqueles com palavras curtas até aqueles que no futuro poderão ter palavras muito longas
Abstract: Bilinear pairings over elliptic curves are functions that support promising cryptographic protocols. However, a fact that hinders the development of these protocols is their high computational cost. Many techniques seeking more efficiency in the calculation of pairings have been proposed in the last years. Among these techniques are those that change the pairing type, the curve type and/or the pairing calculation method. Barreto-Naehrig curves are known as pairing-friendly curves, because they perform well in applications that require more efficiency in the pairing calculation. This work evaluates the cost of operations present in the most used pairings that are based on Barreto-Naehrig curves. With this evaluation, it was possible to compare these pairings at the level of basic operations as addition, multiplication, square, inversion and modular reduction over a prime finite field in a generic processor. The results show that, for the security parameters adopted in this work, one of the most used pairing algorithms (Optimal Ate) is not the fastest among those evaluated. Moreover, this work estimates the impact caused in the pairing calculation by different processors, ranging from the current short-medium word processors to the future very long word ones
Mestrado
Engenharia de Computação
Mestre em Engenharia Elétrica
5
Malina, Lukáš. "Kryptografické protokoly s ochranou soukromí pro zabezpečení heterogenních sítí." Doctoral thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2014. http://www.nusl.cz/ntk/nusl-233671.
Full textAbstract:
Disertační práce se zabývá kryptografickými protokoly poskytující ochranu soukromí, které jsou určeny pro zabezpečení komunikačních a informačních systémů tvořících heterogenní sítě. Práce se zaměřuje především na možnosti využití nekonvenčních kryptografických prostředků, které poskytují rozšířené bezpečnostní požadavky, jako je například ochrana soukromí uživatelů komunikačního systému. V práci je stanovena výpočetní náročnost kryptografických a matematických primitiv na různých zařízeních, které se podílí na zabezpečení heterogenní sítě. Hlavní cíle práce se zaměřují na návrh pokročilých kryptografických protokolů poskytujících ochranu soukromí. V práci jsou navrženy celkově tři protokoly, které využívají skupinových podpisů založených na bilineárním párování pro zajištění ochrany soukromí uživatelů. Tyto navržené protokoly zajišťují ochranu soukromí a nepopiratelnost po celou dobu datové komunikace spolu s autentizací a integritou přenášených zpráv. Pro navýšení výkonnosti navržených protokolů je využito optimalizačních technik, např. dávkového ověřování, tak aby protokoly byly praktické i pro heterogenní sítě.
6
Goya, Denise Hideko. ""Proposta de esquemas de criptografia e de assinatura sob modelo de criptografia de chave pública sem certificado"." Universidade de São Paulo, 2006. http://www.teses.usp.br/teses/disponiveis/45/45134/tde-28072006-142410/.
Full textAbstract:
Sob o modelo de criptografia de chave pública baseada em identidades (ID-PKC), a própria identidade dos usuários é usada como chave pública, de modo a dispensar a necessidade de uma infra-estrutura de chaves públicas (ICP), na qual o gerenciamento de certificados digitais é complexo. Por outro lado, sistemas nesse modelo requerem uma entidade capaz de gerar chaves secretas. Essa entidade é conhecida por PKG (Private Key Generator); ela possui uma chave-mestra e mantém custódia das chaves secretas geradas a partir dessa chave-mestra. Naturalmente, a custódia de chaves é indesejável em muitas aplicações. O conceito de Criptografia de Chave Pública sem Certificado, ou Certificateless Public Key Cryptography (CL-PKC), foi proposto para que a custódia de chaves fosse eliminada, mantendo, porém, as características de interesse: a não necessidade de uma ICP e a eliminação de certificados digitais. CL-PKC deixa de ser um sistema baseado em identidades, pois é introduzida uma chave pública, gerada a partir de uma informação secreta do usuário. Nesta dissertação, apresentamos a construção de dois esquemas, um CL-PKE e um CL-PKS, baseados em emparelhamentos bilineares sobre curvas elípticas. Ambas propostas: (1) eliminam custódia de chaves; (2) dispensam certificados digitais; (3) são mais eficientes, sob certos aspectos, que esquemas anteriormente publicados; (4) e são seguros contra ataques adaptativos de texto cifrado escolhido (em CL-PKE) e contra ataques adaptativos de mensagem escolhida (em CL-PKS), sob o modelo de oráculos aleatórios.Under the model of Identity Based Cryptography (ID-PKC), the public key can be the user's identity, therefore it does not require a Public Key Infrastructure (PKI) with its complex management of Digital Certificates. On the other hand, this system requires a Private Key Generator (PKG), a trusted authority who is in possession of a master key and can generate any of the private keys. In this way, PKG can exercise the so-called key escrow, which is undesirable in many applications. The concept of Certificateless Public Key Cryptography (CL-PKC) was proposed in order to remove the key escrow characteristic of IBC, while it does not require PKI neither Digital Certificates to certify the public keys. CL-PKC is no more an IBC because public keys are introduced, to bind the identities with its secret keys. In this thesis we construct two schemes, one CL-PKE and one CL-PKS, based on bilinear pairing functions which: (1) does not allow key escrow by the PKG; (2) does not require Digital Certificates; (3) is more efficient, in some aspects, than previously published CL-PKE and CL-PKS schemes; (4) and is secure in the sense that it is strong against adaptive chosen ciphertext attacks (in CL-PKE) and adaptive chosen message attacks (in CL-PKS), under Random Oracle Model.
7
Mailloux, Nicholas J. "Group key agreement from bilinear pairings." Thesis, University of Ottawa (Canada), 2009. http://hdl.handle.net/10393/28296.
Full textAbstract:
The use of bilinear pairings as a building block for cryptographic protocols, most notably in the construction of identity-based cryptosystems, is a very popular area of cryptographic research. In this thesis, we provide a novel classification of pairing-based group key agreement (GKA) from current literature. We propose a new framework for constructing secure and efficient computationally asymmetric authenticated GKA protocols from identity-based signcryption schemes and adapt this framework to construct a novel identity-based authenticated GKA protocol with perfect forward secrecy. To the best of our knowledge, our protocol is the first that maintains perfect forward secrecy in the presence of auxiliary key agreement protocols. We formally prove the security of our protocols in the random oracle model and show that they are communication and computationally efficient in comparison to the pairing-based protocols from the literature.
8
Araujo, Rafael Will Macedo de. "Autenticação e comunicação segura em dispositivos móveis de poder computacional restrito." Universidade de São Paulo, 2013. http://www.teses.usp.br/teses/disponiveis/45/45134/tde-18122013-014306/.
Full textAbstract:
Protocolos de autenticação e de estabelecimento de chaves são peças fundamentais em implementações de segurança para comunicação de dispositivos eletrônicos. Em aplicações que envolvam dispositivos com poder computacional restrito (tais como smartphones ou tablets) comunicando-se com um servidor, é primordial a escolha de protocolos eficientes e que necessitem de uma infraestrutura mais simples. Neste trabalho selecionamos e implementamos protocolos de acordo de chave seguros nos modelos de criptografia de chave pública baseado em identidade (ID-based) e sem certificado (Certificateless) em plataformas com processadores ARM. Comparamos tempos de execução, utilização de memória e uso do canal de comunicação.Protocols for authentication and key establishment are fundamental parts in security implementations for electronic devices communication. In applications involving devices with limited computational power (such as smartphones and tablets) communicating with a server, the choice of efficient protocols that require a simpler infrastructure is essential. In this work we select and implement secure key agreement protocols in ID-based and Certificateless public key cryptography models on ARM processor platforms. We also compare running times, memory and network usage.
9
Chow, Sze-ming Sherman. "Forward security from bilinear pairings signcryption and threshold signature /." Click to view the E-thesis via HKUTO, 2004. http://sunzi.lib.hku.hk/hkuto/record/B30679424.
Full text
10
Chow, Sze-ming Sherman, and 周斯明. "Forward security from bilinear pairings: signcryption and threshold signature." Thesis, The University of Hong Kong (Pokfulam, Hong Kong), 2004. http://hub.hku.hk/bib/B30679424.
Full text
11
Goya, Denise Hideko. "Criptografia de chave pública sem certificado." Universidade de São Paulo, 2011. http://www.teses.usp.br/teses/disponiveis/45/45134/tde-02082012-191831/.
Full textAbstract:
A criptografia de chave pública sem certificado (certificateless) é uma alternativa ao modelo convencional de criptografia assimétrica, pois a autenticação da chave pública ocorre implicitamente durante a execução dos protocolos, sem a necessidade de gerenciamento e distribuição de certificados digitais. Potencialmente reduz custos computacionais e o nível de segurança alcançado é maior quando comparado ao modelo baseado em identidade. Nesta tese de doutorado, modelos formais de segurança para acordo de chave com autenticação sem certificado são aprimorados visando dois objetivos paralelos: (1) aumentar o nível de confiança que usuários podem depositar na autoridade geradora de chaves secretas parciais e (2) viabilizar protocolos que sejam eficientes computacionalmente e com propriedades de segurança relevantes, dentre as quais se inclui resistência a ataques de adversários que têm total controle do canal de comunicação e que podem substituir chaves públicas de usuários por valores arbitrários. Para atestar que as melhorias efetuadas são praticáveis e possibilitam que os objetivos sejam alcançados, novos protocolos são propostos para o caso que envolve dois participantes na comunicação. Os protocolos são provados seguros, usando-se técnica de redução de problemas computacionais.Certificateless public key cryptography is an alternative model to traditional asymmetric key cryptography, because the public key authentication occurs implicitly during a protocol run, with no need of digital certificates management and distribution. It has the potential to reduce computing costs, and it allows a higher security level than the one in the identity-based model. In this PhD thesis, formal security models for certificateless authenticated key agreement are improved with two independent objectives: (1) to increase the trust level for the partial secret key generating authority on which users rely, and (2) to enable computationally efficient protocols, with significant security properties, such as resistance against attacks from adversaries with full control of the communication channel, and from adversaries who are able to replace users\' public keys by any chosen value. In order to demonstrate that these improvements made are feasible and achieve the objectives, new protocols are proposed in the two-party case. These protocols are proved secure by using reduction techniques for provable security.
12
Gouvêa, Conrado Porto Lopes 1984. "Software implementation of cryptography for wireless sensors and mobile processors = Implementação em software de criptografia para sensores sem fio e processadores móveis." [s.n.], 2013. http://repositorio.unicamp.br/jspui/handle/REPOSIP/275612.
Full textAbstract:
Orientador: Julio César López HernándezTese (doutorado) - Universidade Estadual de Campinas, Instituto de Computação
Made available in DSpace on 2018-08-24T00:18:34Z (GMT). No. of bitstreams: 1 Gouvea_ConradoPortoLopes_D.pdf: 3342900 bytes, checksum: b3a072bdbc369f1a1fffd95e1c1f4365 (MD5) Previous issue date: 2013
Resumo: A implementação eficiente e segura de esquemas criptográficos é um aspecto importante da criptografia aplicada. Neste trabalho, foca-se na implementação em software de algoritmos relevantes da criptografia de curvas elípticas (CCE), criptografia baseada em emparelhamentos (CBE), e de cifração autenticada (CA). Duas plataformas computacionais modernas foram utilizadas: o microcontrolador MSP430, bastante utilizado em redes de sensores sem fio, e o processador ARM, amplamente empregado por dispositivos móveis como smartphones e tablets que estão se tornando cada vez mais populares. Técnicas para a melhoria de desempenho em software utilizando conjuntos de instruções, periféricos e melhorias algorítmicas são descritas. A implementação segura, cujo objetivo é prevenir certos ataques de canais secundários, também é estudada e novas técnicas são providas para reduzir seu impacto na velocidade em processadores ARM. Tais resultados contribuem para a construção eficiente e segura de sistemas criptográficos em sensores sem fio e processadores móveis
Abstract: The efficient and secure implementation of cryptographic schemes is an important aspect of practical cryptography. In this work, we focus on the software implementation of relevant algorithms in elliptic curve cryptography (ECC), pairing-based cryptography (PBC) and in authenticated encryption (AE). Two modern computational platforms were targeted: the MSP430 microcontroller often used in wireless sensor networks, and the ARM processor, widely employed in mobile devices such as smartphones and tablets which are increasingly becoming ubiquitous. Techniques for improving the software performance by taking advantage of instruction sets, peripherals and algorithmic enhancements are described. The secure implementation, which aims at thwarting common side-channel attacks, is also studied and new techniques are provided for improving its efficiency on ARM processors. These results contribute to the building of efficient and secure cryptographic systems on wireless sensors and mobile processors
Doutorado
Ciência da Computação
Doutor em Ciência da Computação
13
Dzurenda, Petr. "Kryptografická ochrana digitální identity." Doctoral thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2019. http://www.nusl.cz/ntk/nusl-403859.
Full textAbstract:
Dizertační práce se zabývá kryptografickými schématy zvyšující ochranu soukromí uživatelů v systémech řízení přístupu a sběru dat. V současnosti jsou systémy fyzického řízení přístupu na bázi čipových karet využívány téměř dennodenně většinou z nás, například v zaměstnání, ve veřejné dopravě a v hotelech. Tyto systémy však stále neposkytují dostatečnou kryptografickou ochranu a tedy bezpečnost. Uživatelské identifikátory a klíče lze snadno odposlechnout a padělat. Funkce, které by zajišťovaly ochranu soukromí uživatele, téměř vždy chybí. Proto je zde reálné riziko možného sledovaní lidí, jejich pohybu a chovaní. Poskytovatelé služeb nebo případní útočníci, kteří odposlouchávají komunikaci, mohou vytvářet profily uživatelů, ví, co dělají, kde se pohybují a o co se zajímají. Za účelem zlepšení tohoto stavu jsme navrhli čtyři nová kryptografická schémata založená na efektivních důkazech s nulovou znalostí a kryptografii eliptických křivek. Konkrétně dizertační práce prezentuje tři nová autentizační schémata pro využití v systémech řízení přístupu a jedno nové schéma pro využití v systémech sběru dat. První schéma využívá distribuovaný autentizační přístup vyžadující spolupráci více RFID prvků v autentizačním procesu. Tato vlastnost je výhodná zvláště v případech řízení přístupu do nebezpečných prostor, kdy pro povolení přístupu uživatele je nezbytné, aby byl uživatel vybaven ochrannými pomůckami (se zabudovanými RFID prvky). Další dvě schémata jsou založena na atributovém způsobu ověření, tj. schémata umožňují anonymně prokázat vlastnictví atributů uživatele, jako je věk, občanství a pohlaví. Zatím co jedno schéma implementuje efektivní revokační a identifikační mechanismy, druhé schéma poskytuje nejrychlejší verifikaci držení uživatelských atributů ze všech současných řešení. Poslední, čtvrté schéma reprezentuje schéma krátkého skupinového podpisu pro scénář sběru dat. Schémata sběru dat se používají pro bezpečný a spolehlivý přenos dat ze vzdálených uzlů do řídící jednotky. S rostoucím významem chytrých měřičů v energetice, inteligentních zařízení v domácnostech a rozličných senzorových sítí, se potřeba bezpečných systémů sběru dat stává velmi naléhavou. Tato schémata musí podporovat nejen standardní bezpečnostní funkce, jako je důvěrnost a autentičnost přenášených dat, ale také funkce nové, jako je silná ochrana soukromí a identity uživatele či identifikace škodlivých uživatelů. Navržená schémata jsou prokazatelně bezpečná a nabízí celou řadu funkcí rozšiřující ochranu soukromí a identity uživatele, jmenovitě se pak jedná o zajištění anonymity, nesledovatelnosti a nespojitelnosti jednotlivých relací uživatele. Kromě úplné kryptografické specifikace a bezpečnostní analýzy navržených schémat, obsahuje tato práce také výsledky měření implementací jednotlivých schémat na v současnosti nejpoužívanějších zařízeních v oblasti řízení přístupu a sběru dat.
14
Deusajute, Alexandre Machado. "Proposta de um mecanismo de segurança alternativo para o SIP utilizando o protocolo Massey-Omura aperfeiçoado com o uso de emparelhamentos bilineares." Universidade de São Paulo, 2010. http://www.teses.usp.br/teses/disponiveis/3/3141/tde-20122010-155116/.
Full textAbstract:
Voz sobre IP (ou VoIP) vem sendo adotada progressivamente não apenas por um grande número de empresas mas também por um número expressivo de pessoas, no Brasil e em outros países. Entretanto, essa crescente adoção de VoIP no mundo traz consigo algumas preocupações tais como ameaças e riscos de segurança, sobretudo no que diz respeito à autenticidade, privacidade e integridade da comunicação. Para proteger a sessão de mídia existem protocolos muito eficientes, como o Secure Real-time Transport Protocol (SRTP). Mas ele depende de uma chave secreta para tornar a comunicação segura de fato. Assim, uma boa estratégia é aproveitar o processo de sinalização que estabelece a sessão de mídia e negociar uma chave secreta de sessão que seja comum às partes comunicantes. Esse processo de sinalização é realizado por tipos específicos de protocolo tais como o Session Initiation Protocol (SIP), um protocolo de sinalização muito importante e que vem sendo usado cada vez mais por softphones para comunicação na Internet. Todavia, os riscos e ameaças mencionados já existem no próprio processo de sinalização e, dentre eles, o ataque do tipo man-in-the-middle é o mais perigoso, devido aos prejuízos que ele pode causar. Depois de fazer uma revisão bibliográfica dos riscos e ameaças inerentes ao SIP, bem como de seus mecanismos de segurança (analisando os pontos fortes e de atenção deles), foi possível originar um novo mecanismo de segurança, o qual é apresentado neste trabalho. O mecanismo proposto usa um protocolo para troca segura de informações o protocolo Massey-Omura o qual, quando combinado com emparelhamentos bilineares, provê ao SIP um melhor nível de segurança em todos os aspectos (autenticidade, privacidade e integridade). Além disso, o novo mecanismo é avaliado através de uma prova de conceito, na qual utilizou-se um softphone SIP funcional. A análise de segurança realizada e os resultados obtidos da prova de conceito fazem do mecanismo de segurança proposto uma alternativa viável para o SIP.Voice over IP (or VoIP) has been progressively adopted not only by a great number of companies but also by an expressive number of people, in Brazil and in other countries. However, this increasing adoption of VoIP in the world brings some concerns such as security risks and threats, mainly on the authenticity, privacy and integrity of the communication. In order to protect the media session, efficient protocols like the Secure Real-time Transport Protocol (SRTP) have been used. However, it depends on a secret key to make the communication secure. Thus, a good strategy is to take advantage of the signaling process to establish the media session, and agree on a common secret session key between the communicating parties. This signaling process is performed by specific types of protocols such as the Session Initiation Protocol (SIP), a very important signaling protocol, which has been used more and more by softphones in the Internet communication. Nevertheless, those risks and threats already exist in the own signaling process and, among them, the man-in-the-middle attack is the worst of all due to its high danger degree. After doing a bibliographical revision of the SIP security risks and threats, as well as its security mechanisms (analyzing their advantages and drawbacks), it was possible to generate a new security mechanism, which is presented in this work. The proposed mechanism uses a protocol for secure information exchange the Massey-Omura protocol which, when combined with bilinear pairings, provides a better security level for SIP in all its aspects (authenticity, privacy and integrity). Besides this, the new mechanism is evaluated by a proof of concept, in the which a functional SIP softphone was used. The security analysis and the results obtained from the proof of concept, make the proposed security mechanism a viable alternative for SIP.
15
Pereira, Geovandro Carlos Crepaldi Firmino. "Parametrização e otimização de criptografia de curvas elípticas amigáveis a emparelhamentos." Universidade de São Paulo, 2011. http://www.teses.usp.br/teses/disponiveis/3/3141/tde-13062011-144903/.
Full textAbstract:
A tendência para o futuro da tecnologia é a produção de dispositivos eletrônicos e de computação cada vez menores. Em curto e médio prazos, ainda há poucos recursos de memória e processamento neste ambiente. A longo prazo, conforme a Física, a Química e a Microeletrônica se desenvolvem, constata-se significativo aumento na capacidade de tais dispositivos. No intervalo de curto e médio prazos, entre 20 e 50 anos, até que a tecnologia tenha avanços, soluções leves de software se vêem necessárias. No Brasil, o protocolo de assinatura digital RSA é o mais amplamente adotado, sendo obsolescente como padrão. O problema é que os avanços tecnológicos impõem um aumento considerável no tamanho das chaves criptográficas para que se mantenha um nível de segurança adequado, resultando efeitos indesejáveis em tempo de processamento, largura de banda e armazenamento. Como solução imediata, temos a criptografia de curvas elípticas sendo mais adequada para utilização por órgãos públicos e empresas. Dentro do estudo de curvas elípticas, este trabalho contribui especificamente com a introdução de uma nova subfamília das curvas amigáveis a emparelhamento Barreto-Naehrig (BN). A subfamília proposta tem uma descrição computacionalmente simples, tornando-a capaz de oferecer oportunidades de implementação eficiente. A escolha das curvas BN também se baseia no fato de possibilitarem uma larga faixa de níveis práticos de segurança. A partir da subfamília introduzida foram feitas algumas implementações práticas começando com algoritmos mais básicos de operações em corpos de extensão, passando por algoritmos de aritmética elíptica e concluindo com o cálculo da função de emparelhamento. A combinação da nova subfamília BN com a adoção de técnicas de otimização, cuidadosamente escolhidas, permitiu a mais eficiente implementação do emparelhamento Ate ótimo, operação bastante útil em aplicações criptográficas práticas.The trend for the future consists of steadfast shrinking of electrical and computing devices. In the short to medium term, one will still find constrained storage and processing resources in that environment. In the long run, as Physics, Chemistry and Microelectronics progress, the capabilities of such devices are likely to increase. In 20 to 50 years from now, until technology has firm advances, lightweight software solutions will be needed. In Brazil, the most widely adopted signature protocol, the RSA scheme, is obsolescent as a standard. The problem is that technological advances impose a considerable increase in cryptographic key sizes in order to maintain a suitable security level, bringing about undesirable effects in processing time, bandwidth occupation and storage requirements. As an immediate solution, we have the Elliptic Curve Cryptography which is more suitable for utilization in public agencies and industry. In the field of elliptic curves, this work contributes specifically with the introduction of a new subfamily of the pairing-friendly Barreto-Naehrig (BN) curves. The proposed subfamily has a computationally simple description, and makes it able to offer opportunities for efficient implementation. The choice of the BN curves is also based on the fact that they allow a range of practical security levels. Furthermore, there were made practical implementations from the introduced subfamily, like the most basic extension fields algorithms, elliptic curve arithmetic and pairing computation. The adoption of the new BN subfamily with carefully chosen optimization techniques allowed the most efficient implementation of the optimal Ate pairing, which is a very useful operation in many practical cryptographic applications.
16
Aranha, Diego de Freitas 1982. "Implementação eficiente em software de curvas elípticas e emparelhamentos bilineares." [s.n.], 2011. http://repositorio.unicamp.br/jspui/handle/REPOSIP/275735.
Full textAbstract:
Orientador: Júlio César Lopez HernándezTese (doutorado) - Universidade Estadual de Campinas, Instituto de Computação
Made available in DSpace on 2018-08-19T05:47:42Z (GMT). No. of bitstreams: 1 Aranha_DiegodeFreitas_D.pdf: 2545815 bytes, checksum: b630a80d0f8be161e6cb7519072882ed (MD5) Previous issue date: 2011
Resumo: O advento da criptografia assimétrica ou de chave pública possibilitou a aplicação de criptografia em novos cenários, como assinaturas digitais e comércio eletrônico, tornando-a componente vital para o fornecimento de confidencialidade e autenticação em meios de comunicação. Dentre os métodos mais eficientes de criptografia assimétrica, a criptografia de curvas elípticas destaca-se pelos baixos requisitos de armazenamento para chaves e custo computacional para execução. A descoberta relativamente recente da criptografia baseada em emparelhamentos bilineares sobre curvas elípticas permitiu ainda sua flexibilização e a construção de sistemas criptográficos com propriedades inovadoras, como sistemas baseados em identidades e suas variantes. Porém, o custo computacional de criptossistemas baseados em emparelhamentos ainda permanece significativamente maior do que os assimétricos tradicionais, representando um obstáculo para sua adoção, especialmente em dispositivos com recursos limitados. As contribuições deste trabalho objetivam aprimorar o desempenho de criptossistemas baseados em curvas elípticas e emparelhamentos bilineares e consistem em: (i) implementação eficiente de corpos binários em arquiteturas embutidas de 8 bits (microcontroladores presentes em sensores sem fio); (ii) formulação eficiente de aritmética em corpos binários para conjuntos vetoriais de arquiteturas de 64 bits e famílias mais recentes de processadores desktop dotadas de suporte nativo à multiplicação em corpos binários; (iii) técnicas para implementação serial e paralela de curvas elípticas binárias e emparelhamentos bilineares simétricos e assimétricos definidos sobre corpos primos ou binários. Estas contribuições permitiram obter significativos ganhos de desempenho e, conseqüentemente, uma série de recordes de velocidade para o cálculo de diversos algoritmos criptográficos relevantes em arquiteturas modernas que vão de sistemas embarcados de 8 bits a processadores com 8 cores
Abstract: The development of asymmetric or public key cryptography made possible new applications of cryptography such as digital signatures and electronic commerce. Cryptography is now a vital component for providing confidentiality and authentication in communication infra-structures. Elliptic Curve Cryptography is among the most efficient public-key methods because of its low storage and computational requirements. The relatively recent advent of Pairing-Based Cryptography allowed the further construction of flexible and innovative cryptographic solutions like Identity-Based Cryptography and variants. However, the computational cost of pairing-based cryptosystems remains significantly higher than traditional public key cryptosystems and thus an important obstacle for adoption, specially in resource-constrained devices. The main contributions of this work aim to improve the performance of curve-based cryptosystems, consisting of: (i) efficient implementation of binary fields in 8-bit microcontrollers embedded in sensor network nodes; (ii) efficient formulation of binary field arithmetic in terms of vector instructions present in 64-bit architectures, and on the recently-introduced native support for binary field multiplication in the latest Intel microarchitecture families; (iii) techniques for serial and parallel implementation of binary elliptic curves and symmetric and asymmetric pairings defined over prime and binary fields. These contributions produced important performance improvements and, consequently, several speed records for computing relevant cryptographic algorithms in modern computer architectures ranging from embedded 8-bit microcontrollers to 8-core processors
Doutorado
Ciência da Computação
Doutor em Ciência da Computação
17
Kirna, Aurelijus. "Kriptoschemos identifikacinės informacijos pagrindu." Master's thesis, Lithuanian Academic Libraries Network (LABT), 2006. http://vddb.library.lt/obj/LT-eLABa-0001:E.02~2006~D_20060608_154838-90936.
Full textAbstract:
Identy based cryptography has been, for a few recent years, the most active area of research and currently is of a great interest to the researchers groups. In general case the root of ID based cryptography is that user identifying data is used like a public key and so is no need of certificates for the user authentification. In this work we survey a few basic the most influent cryptoschemes. We attempt to answer what is needed for constructing an efficient IBE scheme. There are trustworthy cryptoschemes that uses elliptic curves and bilinear pairings in nowadays. We use these mathematical implements for efficient cryptoscheme too. And finally, there is a pilot software realization for this scheme.
18
Cheng, Jiin-Chiou, and 鄭錦楸. "Cryptographic Protocols Based on Bilinear Pairing." Thesis, 2009. http://ndltd.ncl.edu.tw/handle/93494854819239964084.
Full textAbstract:
博士國立成功大學
電機工程學系碩博士班
97
Koblitz and Miller had suggested a cryptosystem based on discrete logarithm over a elliptic curve (ECDL) individually since 1985. From that, numerous applications about signature and encryption based on ECDL have been raised. Cryptography over ECDL possesses the advantage of shorter length key on the same level of security while compared with ElGamal and RSA. Therefore, these applications based on ECDL are suitable for mobile devices with less system resource. In 1993, however, Menezes, Okamoto, and Vanstone utilized the mapping of Weil pairing to analyze ECDL and found out that some cryptosystems created from specific supersingular elliptic curve are insecure, which is named as MOV attack. But, due to the discovery of the insecurity, the vigorous developments of pairing-based cryptosystem have been brought about. The computation of pairing in pairing-based cryptosystem is consuming. There are two kinds of pairings – Weil pairing and Tate pairing. The amount of computation of a Tate pairing is half of that of a Weil pairing. The appropriate selection of specific elliptic curve also improves the performance of the computation of pairing. In this dissertation we adopt the Weierstrass equation as our elliptic curve E(Fp): y²=x³+1, where the prime p=2 mod 3 and p=6q-1 for some large prime q. Pairing is equipped with three attractive features: (i) bilinearity (ii) non-degeneracy (iii) commutativity. The protocols which are hard to be constructed in the past can easily be built now with the help of the mapping of pairing. The attainments are attributed to the three features of pairing. Therefore, cryptosystems based on pairing are becoming more and more inspiring. In this dissertation we first raise two cryptosystem based on bilinear pairing -- ID-based cryptosystem and Certificate-based cryptosystem, which are usually seen among many applications. To be familiar with the techniques applied in these cryptosystem will be helpful to design more complicated protocol for us. Next, we propose three application protocols based on bilinear pairing: (1) Conference key agreement protocol: The protocol is to emphasize to resist against the malicious attack from the participating conferee. Such malicious attack may is raised by means of the improper message contributed by the conferee at the initial setup phase. The attack will influence the establishment of conference key and then the start of the conference. The protocol suggests a skill over elliptic curve to verify the message coming from the participating conferee at the initial setup phase without any interaction between the conferees. Compared with the past literature, our protocol is superior to other protocols on the consideration of the existence of malicious conferee. (2) Metering scheme: The main goal of the protocol is to count the amount of the visitors calling on some portal website. According the amount of the visitors, the portal website may ask the advertising agency to pay the distinct advertisement fee. Our ambition is to achieve the validity and fairness of impact account. Besides, for convenience, the visitors in our protocol can refresh his secret shadow without any interaction with the trusted audit agency at the new period of time, where the secret shadow will be asked while visiting a portal website. (3) Proxy re-encryption scheme: The scheme may delegate the operation of decryption to some user via the procedure of re-encryption of ciphertext by some proxy. Our scheme improves the proxy re-encryption suggested by Ateniese et al. For the latter, two types of ciphertext are required – re-encryptable type and non- re-encryptable type for the need of the different scenarios. In our scheme, we need only one type of ciphertext. Moreover, Our scheme satisfies all the nine requirements suggested by Ateniese et al, where the requirements are essential elements while constructing proxy re-encryption scheme, and they are not all satisfied by Ateniese et al’s scheme. The above protocols carry out three applications which can not be approached easily in terns of traditional manner based on solving discrete logarithm and factorial. Besides, systems designed with bilinear pairing do not pay more computation while compared with ones constructed by traditional manner under the same level of security. Therefore, pairing-based cryptosystem is worthy to be researched continuously.
19
Chung, Jui-Ting, and 鍾瑞婷. "Group-Oriented Cryptosystem Based on Bilinear Pairing." Thesis, 2006. http://ndltd.ncl.edu.tw/handle/57725653473221573077.
Full textAbstract:
碩士國立成功大學
資訊工程學系碩博士班
94
Since encryption skills can make electric documents have the properties of privacy and integrity, it is an important and basic skills in the field of cryptography. Cryptosystems for a user are often applied in individual-oriented environments. However, a modern society is a society of group, in which cryptosystems for a group are investigated and named group-oriented cryptosystems. In such a system, the sender can send a document for a group, and only the authorized subsets in the group can cooperatively decrypt the ciphertext, while invalid subsets cannot decrypt it successfully. The group discussed in this thesis is a hybrid group which consists of homogeneous memberships and heterogeneous memberships simultaneously. According to the importance of the document, the sender can dynamically determine the receiver to be a specific user, or to be all users, or to be a specific authorized subset, or to be all authorized subsets in the group environment. However, existing group-oriented cryptosystems, most of which discussed only one situation, cannot satisfy the multi requirements of the hybrid group. Thus, this thesis proposes a group-oriented cryptosystem based on bilinear pairing. The proposed scheme not only realizes the above scenario, but also makes each user keep only one private key to ease the key management. In this thesis, the three schemes are introduced. They are named generalized threshold cryptosystem based on bilinear pairing, hybrid group-oriented cryptosystem, and group-oriented cryptosystem based on bilinear pairing, respectively. Also, the proposed cryptosystem is provably secure under the random oracle model.
20
Lin, Chih-Hsun, and 林志訓. "Privacy-Preserving Record Linkage via Bilinear Pairing Approach." Thesis, 2018. http://ndltd.ncl.edu.tw/handle/8eg367.
Full textAbstract:
碩士國立中興大學
資訊科學與工程學系
106
In the era of big data, people are increasingly focusing on the useful information of various sources and looking for potential relation hidden in the data. Privacy-preserving record linkage (PPRL) is a means for finding the correspondence of records from different datasets with the guarantee of no privacy leakage from individuals. Here, we propose a simple yet effective PPRL protocol as a platform for the information mining in the real world. We perform an implementation to test the feasibility and efficiency of our proposed protocol. Besides, due to the property of the bilinear pairing that does not contain the non-deterministic mathematical formula. We modify the mathematical algorithm to fit the GPU implementation, that is, to reduce the frequency of the branch instruction in the division and quadratic residue.
21
Lin, Guang-Long, and 林光隆. "Efficient and Secure ID-based Ring Authenticated Encryption From Bilinear Pairing." Thesis, 2004. http://ndltd.ncl.edu.tw/handle/23462987751036141381.
Full textAbstract:
碩士國立中興大學
資訊科學研究所
93
In 2004, Lv、Ren、Chen、and Kim proposed a new type-Ring Authenticated Encryption .By using their scheme, a user can sign and encrypt a message to a reliable receiver. Additionally, they offer two abilities in their scheme-how to prove the receive’s and signer’s identity. By revealing some parameters to someone who owns the signature, it is very easy to discover the actual receiver’s or signer’s identity . In 2005, Cao、Lin、and Xue also proposed a Ring Authenticated Encryption based on Elliptic Curve Discrete Logarithm Problem. In their scheme, the receiver does not have to request any public keys for CA or store any public keys. However, we find that there are some security weaknesses in these schemes. In Lv-Ren-Chen-Kim’s method, we find that any ring member who owns someone’s secret information for signer can forge his signature. In Cao-Lin-Xue’s method, we find that it does not satisfy signer ambiguity in their scheme. Anyone ,without getting secret parameters from signer, can understand the actual signer’s identity .In this thesis, we propose a Ring Authenticated Encryption scheme. It satisfies the basic requirements and it’s performance for signing and verification is better than the other scheme.
22
Chiu, Te-Chih, and 邱德治. "Certificate-based Trusted-linkage Key Exchange based on the Bilinear Pairing." Thesis, 2011. http://ndltd.ncl.edu.tw/handle/g6w46c.
Full textAbstract:
碩士臺中技術學院
資訊工程系碩士班
99
In this thesis, a study of information security techniques by applying certificated-based key is proposed. Nowadays, messages are sent with each other in a public communication channel widely. In exchangeability messages, to encrypt messages are necessary by using a certified-based key can be authenticated for keeping the messages secret. Thus, the certified-based key achieves messages security. First, a key agreement based anonymity scheme is proposed. By using Diffie-Hellman technique to share secrets before exchanging messages with each other. The secrets can be generated a session key from information composition or decomposition. The proposed scheme can effectively improve key authentication and anonymity. This thesis proposed a certificated-based public-key scheme based on bilinear pairing which is provided a convenient and secure computation environment. A protocol-specified trusted third party publishes a certificate by applying Diffie-Hellman. A user applies for a certificate based on the trusted third and the user can compute a public key of the certificate. Therefore, the third party can establish a trusted linkage with the user. When, the one of users wants to send a message with each other, he can authenticate key accuracy by using the certificate and public key from the other user and himself, respectively. The proposed scheme can achieve key authentication. Finally, this thesis proposes the security of each proposed schemes.
23
Wen, Hsiang-An, and 溫翔安. "Provably Secure Password-based Authenticated Key Exchange Protocols Using Bilinear Pairing." Thesis, 2005. http://ndltd.ncl.edu.tw/handle/83827500837509148572.
Full textAbstract:
博士國立成功大學
資訊工程學系碩博士班
93
Due to the rapid development of computer network, information security becomes more and more significant recently. In order to secure network communications, numerous security protocols have been proposed to achieve different purposes. Most of these protocols have to satisfy two security criteria - user authentication and data confidentiality. User authentication stipulates that a communicating entity can ensure the identity of his or her communication partners so that no malicious users will be able to cheat the communicating entity by impersonating. Data confidentiality stipulates that no one except the real communicating entities can obtain the content of the transmitted data from networks. Therefore, the privacy of the communications can be guaranteed. Password-based mechanisms are the most popular for authenticating users because they are easy to use and cost-efficient. Additionally, these mechanisms allow people to select their own passwords without using any assistant device to generate or store it. In 1992, Bellovin and Merritt introduced the concept of Password-based Authenticated Key Exchange (PAKE) protocol. PAKE protocols can satisfy simultaneously the requirements of user authentication and data confidentiality using memorable password. Conventionally, the PAKE protocol can be classified into two categories - Two-party Password-based Authenticated Key Exchange (Two-PAKE) protocols and TTP-based Two-party Password-based Authenticated Key Exchange (TTP-Two-PAKE) protocols. Two-PAKE protocols, which allow two communicating entities to authenticate each other and establish a session key for securing later communication via a shared password, are quite useful for the client-server architecture. A server can use the passwords to authenticate its users and then securely communicate with them. On the other hand, TTP-Two-PAKE protocols are suitable for large-scale client-to-client communication environments. TTP-Two-PAKE protocols require each communicating entity to share a password with a trusted third party. Therefore, each pair of communicating entities can achieve mutual authentication and secure communication via the help of the TTP. An electronic conference, which enables a group of communicating entities to hold a conference, can be exploited in various applications. A group-authenticated key exchange protocol enables a group of communicating entities to authenticate one another and agree upon a conference key that can be implemented to secure an electronic conference. Bresson et al. proposed a Group Password-based Authenticated Key Exchange (G-PAKE). In Bresson et al.'s protocol, all communicating entities may hold a secure electronic conference using a pre-shared common password. Joux introduced some useful characteristics of bilinear pairing over the elliptic curve in 2000. The bilinear pairing can be used to construct a Gap Diffie-Hellman group, which provides an interesting property that does not appear in ordinary finite groups. The property is: the Computational Gap Diffie-Hellman (CGDH) problem is hard to solve but the Decision Gap Diffie-Hellman (DGDH) problem is easy to solve. This new property can be considered a new cryptographic primitive to develop new security protocols. Unfortunately, bilinear pairing is still not utilized in password-based communication protocols thus far. In particular, can one apply the property of the Gap Diffie-Hellman group as discussed early to implement PAKE protocols more nicely? This question still remains open. According to the above discussion, this thesis proposes several provably secure PAKE protocols using bilinear pairing for various environments and applications. First of all, two Two-PAKE protocols based on bilinear pairing are proposed for the client-server architecture. Then, two TTP-Two-PAKE protocols based on bilinear pairing are designed to simplify the key management problem of the large-scale client-to-client communication environment. The proposed TTP-Two-PAKE protocols require only four communication steps, whereas previous results require at least five communication steps. In order to reduce the communication time, this thesis further presents an augmented TTP-Two-PAKE protocol, which can be completed in three rounds. Finally, this thesis extends the proposed TTP-Two-PAKE protocols to the TTP-based G-PAKE protocols to secure electronic conferences. In the proposed TTP-based G-PAKE protocols, each communicating entity shares a password with the trusted third party. A group of the communicating entities can authenticate one another and establish a conference key through the TTP. Furthermore, the proposed G-PAKE protocols apply the property of Gap Diffie-Hellman group to efficiently detect and exclude the failed communicating entities from the conference, providing fault tolerance. Provable security has recently become the main method to evaluate the security of a protocol because it formally analyzes the security of a protocol by mathematical reduction, which is more reliable than traditional heuristic security. Therefore, the security of the proposed protocols is formally proven in the random oracle model and ideal cipher model.
24
Mansur, Ahmad Wafa, and Ahmad Wafa Mansur. "Securing Wireless Sensor Network using Short Signcryption based on Elliptic Curve Bilinear Pairing." Thesis, 2016. http://ndltd.ncl.edu.tw/handle/33314851847439541701.
Full textAbstract:
碩士國立臺灣科技大學
資訊管理系
104
Wireless sensor network is one part of the IoT which has limited processing capability, storage, and energy. Given these limitations, WSN needs the lightweight schemes to secure the communication between sensors. Signcryption enables user to perform digital signature and public key encryption in a logical single step with a lower cost than sign-then-encryption approach. The uses of Elliptic Curve Cryptography (ECC) can make such a lightweight scheme, since ECC can attain a desired security level with smaller key size than other public key cryptography schemes. Bilinear pairing can be used to compute short signature scheme, although the computational cost from bilinear pairings are higher than another operation. In this thesis we propose new signcryption and multi-signcryption schemes based on Elliptic Curve Bilinear Pairing to secure wireless sensor network, then evaluate them using formal (BAN Logic) and informal security analysis. We also give the efficiency analysis about our proposed schemes compared to previous schemes. Conclusions are then drawn about formal proof of correctness from our proposed schemes using BAN Logic. It also shows that our proposed schemes meet the security requirement of authenticity, unforgeability, confidentiality, and non-repudiation. In terms of efficiency; it shows that our proposed schemes are very efficient.
25
Tsai, Yu-Ting, and 蔡雨庭. "A Bilinear Pairing-Based Dynamic Key Management and Authentication Protocol for Wireless Sensor Networks." Thesis, 2013. http://ndltd.ncl.edu.tw/handle/25264569182610100522.
Full textAbstract:
碩士朝陽科技大學
資訊工程系碩士班
101
In recent years, wireless sensor networks have been used in a variety of environments; a wireless network infrastructure, established to communicate and exchange information in a monitoring area, has also been applied in different environments. However, for sensitive applications, security is the paramount issue. In this thesis, we propose using bilinear pairing to design dynamic key management and authentication protocol for the hierarchical sensor network. We use the dynamic key management and the pairing-based cryptography (PBC) to establish the session key, and the hash message authentication code (HMAC) to support the mutual authentication between the sensors and the base station. In addition, we also embed the capability of the Global Positioning System (GPS) to cluster nodes to find the best path of the sensor network. The proposed scheme can also provide the requisite security of the dynamic key management, mutual authentication and session key protection. Our scheme can defend against impersonation attack, replay attack, wormhole attack and message manipulation attack.
26
Lin, Jyun-yu, and 林峻宇. "Analysis of network security directed user authentication scheme using bilinear pairing over elliptic curves." Thesis, 2006. http://ndltd.ncl.edu.tw/handle/98816025445039993879.
Full textAbstract:
碩士南華大學
資訊管理學研究所
94
The information security with the internet has become a serious issue recently to us. In order to protect the transaction security, many cryptosystem has developed such as RSA which based on the complex discrete logarithm problem. Recently, bilinear pairings such as Weil pairing and Tate pairing defined on elliptic curves were proved and could be applied to cryptography in 2001. It possesses faster computation and fewer bits but remaining the same security level as other public key cryptosystems, like the traditional RSA cryptosystem. In this paper, we review some exist security attributes and point out the current cryptosystem based on bilinear pairings which proposed by Manik which has some weaknesses. After that, we proposed few improvement of their scheme.
27
Kuo, Yan-Sheng, and 郭晏陞. "The research of bilinear pairing-based multisignature and aggregate signature and their applications on e-commerce." Thesis, 2004. http://ndltd.ncl.edu.tw/handle/05895152471727660920.
Full textAbstract:
碩士國立嘉義大學
資訊工程學系研究所
94
In recent years, bilinear pairing has been one of the important tools of cryptography. Since the computational costs of pairing operation take the most part, we need to reduce the number of pairing operations as few as possible. In this thesis, we proposed several PKI-based signature schemes and ID-based signature schemes from bilinear pairings with fewer pairing operations. We further developed several applications on e-commerce. In the basic building blocks, we proposed an ID-based signature scheme, an ID-based multisignature scheme and an ID-based aggregate signature scheme. Our ID-based signature and multisignature schemes are suitable for the devices with low computational ability. Moreover, our ID-based aggregate signature is more efficient than the previous works since the number of pairing operations of our scheme is independent of the number of signers. Furthermore, we proposed a PKI-based blind signature scheme from bilinear pairings, and extended it to be a verifiable encrypted blind signature and an aggregate blind signature. In application, we apply the proposed blind signature to electronic-cash system. By utilizing verifiable encrypted blind signature, the customer and merchant can take what they needs in payment phase. Further, the bank can save the space of its database effectively by aggregating the valid electronic coins as the aggregate blind signature. Additionally, we also proposed an efficient contract signing protocol with off-line STTP using the aggregate signature proposed by Boneh and Gentry. The use of aggregate signature and bilinear pairings will effectually promote system reliability.
28
高俊海. "Proxy Blind Signature from Bilinear Pairings." Thesis, 2004. http://ndltd.ncl.edu.tw/handle/32297880079500992805.
Full text
29
Kroeske, Jens. "Invariant bilinear differential pairings on parabolic geometries." 2008. http://hdl.handle.net/2440/49487.
Full textAbstract:
This thesis is concerned with the theory of invariant bilinear differential pairings on parabolic geometries. It introduces the concept formally with the help of the jet bundle formalism and provides a detailed analysis. More precisely, after introducing the most important notations and definitions, we first of all give an algebraic description for pairings on homogeneous spaces and obtain a first existence theorem. Next, a classification of first order invariant bilinear differential pairings is given under exclusion of certain degenerate cases that are related to the existence of invariant linear differential operators. Furthermore, a concrete formula for a large class of invariant bilinear differential pairings of arbitrary order is given and many examples are computed. The general theory of higher order invariant bilinear differential pairings turns out to be much more intricate and a general construction is only possible under exclusion of finitely many degenerate cases whose significance in general remains elusive (although a result for projective geometry is included). The construction relies on so-called splitting operators examples of which are described for projective geometry, conformal geometry and CR geometry in the last chapter.http://proxy.library.adelaide.edu.au/login?url= http://library.adelaide.edu.au/cgi-bin/Pwebrecon.cgi?BBID=1339548
Thesis (Ph.D.) - University of Adelaide, School of Mathematical Sciences, 2008
30
Huang, Shih-Hao, and 黃世豪. "Proxy Auction Scheme Based on Bilinear Pairings." Thesis, 2009. http://ndltd.ncl.edu.tw/handle/17063427984353578174.
Full text
31
Lin, Chih-Yin, and 林之寅. "Group-oriented Signature Delegation Using Bilinear Pairings." Thesis, 2003. http://ndltd.ncl.edu.tw/handle/52024780252038553001.
Full textAbstract:
博士國立交通大學
資訊管理所
91
Digital signature is one of the main issues in modern cryptographic research. As hand-written signatures and seals do in real life, digital signature provides the functions of endorsement and authorization in the digitalized world of computers and networks. In terms of security services, digital signature achieves message integrity, signer authenticity, and signature undeniability. Under certain circumstances, a signer may not be able to effectively perform his private “signing power”, and has to authorize a proper delegate to sign messages on behalf of him. In this thesis, how to perform such “signature delegation” with a “group-oriented” manner is researched. Two issues are considered herein: how a signer, namely the “authority”, authorizes his signing power to a delegation group; and, how members in the delegation group cooperate to generate valid digital signatures, namely delegated signatures. Regarding all possible scenarios for group-oriented signature delegation, four system models are defined: 〈Loose-authorization model〉The authority chooses a delegation group and allows each group member to independently generate valid delegated signatures. 〈Strict-authorization model〉The authority chooses a delegation group and demands that all group members have to cooperate for generating valid delegated signatures. 〈Threshold-authorization model〉The authority chooses a delegation group of n members and defines a threshold value t < n. Then, any subgroup consisting of t or more group members can generate valid delegated signatures. 〈Generalized-authorization model〉The authority chooses a delegation group and defines qualified subgroups. Then, valid delegated signatures can only be generated via the cooperation of all members from any of the predefined qualified subgroups. In accordance with these system models, five authorization conditions and four security requirements are defined. Then, four concrete schemes are proposed to respectively realize these models. The proposed schemes are based on bilinear pairings and designated for the identity-based public key cryptosystem. Due to the bilinear pairings, the proposed schemes are simple in construction and efficient in performance. Moreover, all schemes are derived from the same basic identity-based signature scheme, and as a result constitute a systematic solution for group-oriented signature delegation.
32
Lin, Ru-Yu, and 林茹玉. "Authenticated Key Agreement Using Bilinear Pairings and Its Applications." Thesis, 2006. http://ndltd.ncl.edu.tw/handle/j3zbt8.
Full textAbstract:
碩士朝陽科技大學
資訊管理系碩士班
94
People used to communicate over the Internet. But the open networks are vulnerable to various attacks. Therefore, the two communicating parties ought to share an authenticated session key, and use the session key to protect the communications from any third party. However, sometimes it is required that a trusted third party is involved in the communications such that he/she can perform the job of auditing and transaction refereeing. But, it is difficult for an auditor or a referee to on-line audit the contents or involve in the communication while the communication is kept confidential from others. This problem has a promising solution, when Joux proposed the first efficient tripartite key agreement protocol that enables three parties (that might include one referee) to establish a secure session key. Even though several tripartite key agreement protocols with pairings have been proposed, the insider impersonation attack has not been noticed. This specific threat applies to those key agreement protocols where there are more than two communicating parties. In this thesis, our study focuses on certificate-based, Identity-based and self-certified based key agreement protocols. We shall go over the previous schemes and their weaknesses. In addition, we design and analyze authenticated key agreement protocols using bilinear pairing. Our protocols include two certificate-based authentication tripartite key protocols and one identity-based two-party key agreement. Our schemes are more efficient and secure than previous schemes. Furthermore, we proposed ID-based security framework for ad hoc network.
33
Cheng, Tsai Chieh, and 蔡杰政. "Attack of Tripartite Key Agreement Protocol Based on Bilinear Pairings." Thesis, 2008. http://ndltd.ncl.edu.tw/handle/05978232010309787005.
Full textAbstract:
碩士國立高雄師範大學
數學系
96
In this paper we will show that ID-based tripartite multiple-key agreement protocol of Shim-Woo be insecure against our attack. A malicious adversary can break the key agreement without awareness by using our attack. Although he can not get any information. Thus we call this attack interrupting impersonation attack.
34
Wu, Tsu-Yang, and 吳祖揚. "The Research of ID-based Key Agreement Protocols from Bilinear Pairings." Thesis, 2010. http://ndltd.ncl.edu.tw/handle/96070710170340486498.
Full textAbstract:
博士國立彰化師範大學
數學系所
98
In 1984, Shamir proposed the ID-based public-key system to simplify the certificate management in the traditional public-key systems. However, Shamir’s ID-based system is not easy to realize in practice. After Boneh and Franklin presented a practical ID-based encryption system using the Wail pairing, the ID-based public-key system using bilinear pairings has received much attention from cryptographic researchers. With fast growth of mobile networks, the computational cost on mobile devices is a critical factor to design secure cryptographic schemes and protocols suited for mobile networks. Because the mobile devices provide limited computing capability, most existing cryptographic schemes and protocols do not meet the computational requirement. In the past, many ID-based authenticated key agreement (IDAKA) protocols and remote user authentication schemes from bilinear pairings were proposed. Nevertheless, most IDAKA protocols are not suitable for mobile client-server environments. Though these user authentication schemes are suitable for the mobile client-server environments, they only provide the client side authentication. These schemes do not provide mutual authentication and key exchange between the client and the server. Furthermore, several ID-based authenticated group key exchange (IDAGKE) protocols from bilinear pairings were proposed. However, most IDAGKE protocols suffered from different types of insider (participants) colluding attacks and cannot resist to malicious participants. In this thesis, we study the ID-based key agreement protocol from bilinear pairings, which contains two subjects: (1) ID-based mutual authentication and key exchange (IDMAKE) protocol for mobile client-server environments; (2) ID-based authenticated group key exchange protocol with resisting to malicious participants. In the first subject, we propose two secure IDMAKE protocols. As compared with the recently proposed pairing-based user authentication schemes and ID-based authenticated key agreement protocols, the presented two protocols have the best performance on the client side. Meanwhile, both protocols are well suited to the mobile client-server environments by performance analysis. In the second subject, we first propose security analysis of one recently presented ID-based authenticated group key exchange (IDAGKE) protocol. Then, two robust IDAGKE protocols with resisting malicious participants are proposed. The first protocol adopts the idea of the Katz-Shin complier to detect the existence of malicious participants. The second protocol adopts the confirmed computation property to identify who malicious participants are. In addition, security analysis is given to demonstrate that the proposed four protocols are provably secure against knowing attacks and satisfies the defined security requirements.
35
Chou, Shih-Feng, and 周世峯. "An ID-based Authenticated Tripartite Key Agreement Protocol Based on Bilinear Pairings." Thesis, 2006. http://ndltd.ncl.edu.tw/handle/16307280714674132557.
Full textAbstract:
碩士國立臺灣科技大學
資訊管理系
94
The key agreement (also called key exchange), which allows two or more parties to establish a shared secret by exchanging messages over an insecure network, was first proposed by Diffie and Hellman in 1976. However, the basic Diffie-Hellman protocol does not authenticate the two communication entities in the sense that an active adversary who has control over the channel can mount a man-in-the-middle attack to agree upon two separate keys with the users without the users being aware of this. Recently, there have been proposed several new cryptosystems based on bilinear pairings. Especially in year 2000, Joux showed that the Weil pairing can be used for “good” by using it in a protocol to construct three-party one-round Diffie-Hellman key aggrement. This was one of the breakthroughs in key agreement protocols. However, like the basic Diffie–Hellman key agreement protocol, Joux’s protocol also suffers from the man-in-the-middle attack because it does not attempt to authenticate the communicating entities. Al-Riyami et al. lately presented several protocols to provide authenticity for tripartite key agreement. In 2003, Liu et al. proposed an ID-based one round authenticated tripartite key agreement protocol (LZC protocol) to resist the security flaw appeared in Joux’s protocol which creates eight session keys per one instance. They claimed that their protocol satisfies all the security attributes. But later, Shim et al. pointed out that the LZC protocol is vulnerable to an unknown key-share attack. And then proposed a new protocol to overcome the attack. In this thesis, we propose a new ID-based authenticated tripartite key agreement protocol based on bilinear pairings which satisfies all the required security attributes: implicit key authentication, known-key security, perfect forward secrecy, key-compromise impersonation resilience and unknown key-share resilience. Also, our protocol is more efficient than the previous LZC protocol and Shim-Woo protocol.
36
Chii-Jyh, Guo, and 郭啟志. "Provably Secure Fair Blind Signature Scheme with Message Recovery from Bilinear Pairings." Thesis, 2004. http://ndltd.ncl.edu.tw/handle/06245872092884944065.
Full textAbstract:
碩士大葉大學
資訊管理學系碩士班
92
The blind signature could be used in electronic payment systems to achieve the properties of unlinkability and anonymity. Unfortunately, this characteristic may be perverted the ability of scheme. Accordingly, Lee and Kim proposed a fair blind signature scheme with message recovery in 1999. However, the fairness of blind signature can not be achieved in Lee and Kim’s scheme. In this thesis, the proposed cryptosystem is constructed by using the pairing-based cryptosystem instead of modular exponentiation, and integrating the identity-based public key cryptosystems with the self-certified public key cryptosystems. In addition, we further employ the integrated cryptosystems to design a fair self-certified blind signature scheme with message recovery to improve the drawback on Lee and Kim''s scheme. In the past few years, one of important research topics of network security protocol is security analysis; however, they still employ the method of heuristic security analysis. In fact, once such security analysis method is used, some previously proposed protocols originally judged to be secure may were found security holes later. Hence, we give security proofs on our proposed schemes such that it can withstand attacks by intruders. Finally, we analyze the performance of the proposed scheme and show that it is more efficient than previous other schemes.
37
Nien, Wei-ken, and 粘為亙. "A Study on Secure and Efficient User Authentication and Key Agreement Using Bilinear Pairings." Thesis, 2008. http://ndltd.ncl.edu.tw/handle/sv2cph.
Full textAbstract:
碩士世新大學
資訊管理學研究所(含碩專班)
96
For providing a secure distributed computer environment, efficient and flexible user authentication and key agreement is very important. For providing this security mechanism, we propose efficient and flexible password authenticated key agreement schemes using bilinear pairings. The major advantage for using bilinear pairings is the shorter key length with the same security. It can provide less storage space and computation time. For providing the security mechanisms in different environments, we design security protocols in two-party and three party setting. The main merits in our proposed schemes include: (1) there does not need any password or verification table in the server; (2) users can choose or change his own password freely; (3) both of the server and a user can authenticate each other; (4) the user and the server can generate a session key; (5) it does not have a serious synchronization-clock problem; (6) even if the secret information stored in a smart card is compromised, it can prevent the offline dictionary attack; (7) it can prevent the server compromise in our three-party protocol.