共查询到20条相似文献,搜索用时 15 毫秒
1.
The type of centralized group key establishment protocols is the most commonly used one due to its efficiency in computation and communication. A key generation center (KGC) in this type of protocols acts as a server to register users initially. Since the KGC selects a group key for group communication, all users must trust the KGC. Needing a mutually trusted KGC can cause problem in some applications. For example, users in a social network cannot trust the network server to select a group key for a secure group communication. In this paper, we remove the need of a mutually trusted KGC by assuming that each user only trusts himself. During registration, each user acts as a KGC to register other users and issue sub-shares to other users. From the secret sharing homomorphism, all sub-shares of each user can be combined into a master share. The master share enables a pairwise shared key between any pair of users. A verification of master shares enables all users to verify their master shares are generated consistently without revealing the master shares. In a group communication, the initiator can become the server to select a group key and distribute it to each other user over a pairwise shared channel. Our design is unique since the storage of each user is minimal, the verification of master shares is efficient and the group key distribution is centralized. There are public-key based group key establishment protocols without a trusted third party. However, these protocols can only establish a single group key. Our protocol is a non-public-key solution and can establish multiple group keys which is computationally efficient. 相似文献
2.
群组签密既能实现群组签名,又能实现群组加密,但是现有的群组签密方案的发送者和接收者基本上在同一个密码系统中,不能满足现实环境的需求,而且基本上采用的是公钥加密技术,公钥加密技术在加密长消息时效率较低。因此该文提出由基于身份的密码体制(IBC)到无证书密码体制(CLC)的异构密码系统的混合群组签密方案。在该方案中,私钥生成器(PKG)和密钥生成中心(KGC)能够分别在IBC密码体制和CLC密码体制中产生自己的系统主密钥;而且群组成员只有协作才能解签密,提高了方案的安全性;同时在无需更换群组公钥和其他成员私钥的情况下,用户可以动态地加入该群组。所提方案采用了混合签密,具有可加密任意长消息的能力。在随机预言模型下,证明了该文方案在计算Diffie-hellman困难问题下具有保密性和不可伪造性。通过理论和数值实验分析表明该方案具有更高的效率和可行性。 相似文献
3.
4.
Secure E-mail protocols providing perfect forward secrecy 总被引:2,自引:0,他引:2
Electronic mail, E-mail in short, has been used to transfer various types of electronic data on Internet. In order to deliver the E-mail from the sender to the receiver both efficiently and securely, the E-mail system usually employs both conventional and public key cryptographic systems. The basic protection in an E-mail system is to encrypt the bulk mail using a conventional cryptosystem with a short-term key and to protect the short-term key using a public-key cryptosystem with the receiver's public key. However this protection cannot provide perfect forward secrecy because once the receiver's secret key is disclosed, all previous used short-term keys will also be opened and hence all previous E-mails will be learned. Two new E-mail protocols providing perfect forward secrecy are proposed In this work. 相似文献
5.
6.
The security of the Okamoto public-key cryptosystem is analysed. If some secret keys of this system are chosen inadequately, the known-plaintext attack is applicable to obtain all secret keys. To prevent the proposed cryptanalysis, the necessary condition for the secret keys is shown. 相似文献
7.
密钥生成是密码系统的一个重要组成部分,其安全性对整个密码系统的安全性起着至关重要的作用.在群体保密通信、电子商务和面向群体的密码学中,往往需要采用分布式的密钥生成方式.本文对基于向量空间接入结构的分布式密钥生成进行了研究.以向量空间接入结构上信息论安全的一个可验证秘密分享方案为基础,提出了适应于这类接入结构的一个安全高效的分布式密钥生成协议.该协议比常见的基于门限接入结构的分布式密钥生成协议具有更广泛的适用性. 相似文献
8.
Mulan Liu Liangliang Xiao Zhifang Zhang 《IEEE transactions on information theory / Professional Technical Group on Information Theory》2007,53(11):3973-3978
The multiplicative property is important for a linear secret sharing scheme (LSSS) to be used in constructing a multiparty computation (MPC) protocol. In general, an LSSS has to expand its share size to obtain the multiplicative property. In this paper, with respect to an MPC problem based on connectivity of graphs we devise an ideal multiplicative LSSS, that is, the LSSS is of the multiplicative property without expanding its share size. Moreover, it provides a new class of access structures that have ideal multiplicative LSSSs. 相似文献
9.
A Distributed Key Generation (DKG) protocol is an essential component of threshold cryptosystems required to initialize the
cryptosystem securely and generate its private and public keys. In the case of discrete-log-based (dlog-based) threshold signature
schemes (ElGamal and its derivatives), the DKG protocol is further used in the distributed signature generation phase to generate
one-time signature randomizers (r = gk). In this paper we show that a widely used dlog-based DKG protocol suggested by Pedersen does not guarantee a uniformly random
distribution of generated keys: we describe an efficient active attacker controlling a small number of parties which successfully
biases the values of the generated keys away from uniform. We then present a new DKG protocol for the setting of dlog-based
cryptosystems which we prove to satisfy the security requirements from DKG protocols and, in particular, it ensures a uniform
distribution of the generated keys. The new protocol can be used as a secure replacement for the many applications of Pedersen's
protocol. Motivated by the fact that the new DKG protocol incurs additional communication cost relative to Pedersen's original
protocol, we investigate whether the latter can be used in specific applications which require relaxed security properties
from the DKG protocol. We answer this question affirmatively by showing that Pedersen's protocol suffices for the secure implementation
of certain threshold cryptosystems whose security can be reduced to the hardness of the discrete logarithm problem. In particular,
we show Pedersen's DKG to be sufficient for the construction of a threshold Schnorr signature scheme. Finally, we observe
an interesting trade-off between security (reductions), computation, and communication that arises when comparing Pedersen's
DKG protocol with ours. 相似文献
10.
11.
12.
13.
14.
Melisa Hajyvahabzadeh Elina Eidkhani Seyedeh Anahita Mortazavi Alireza Nemaney?Pour 《Telecommunication Systems》2012,51(2-3):115-123
This paper presents a new group key management protocol, CKC (Code for Key Calculation) for secure IP multicast. In this protocol which is based on logical key hierarchy, only the group key needs to be sent to new member at join. Then, using the group key current members and the new member calculate the necessary keys by node codes and one-way hash function. A?node code is a random number assigned to each node to help users calculate necessary keys. Again, at leave server just sends the new group key to the remaining members. By this key, members calculate necessary keys using node codes and one-way hash function. The security of the keys is based on one-wayness of hash function. The results show that CKC reduces computational and communication overhead, and message size largely at join without increasing them at leave. 相似文献
15.
基于离散对数问题的两层分散式组密钥管理方案 总被引:2,自引:1,他引:1
该文基于多个解密密钥映射到同一加密密钥的公钥加密算法提出一个组密钥更新协议,结合LKH算法为特定源多播模型设计一个两层分散式组密钥管理方案。证明它具有后向保密性、高概率的前向保密性和抗串谋性。通过上层私钥的长寿性和密钥转换的方法来缓解子组管理者的性能瓶颈及共享组密钥方法中普遍存在的1影响n问题。分析表明,采用混合密码体制的新方案在一定程度上兼备了两类不同组密钥管理方法的优势。 相似文献
16.
17.
Yanjun Liu Lein Harn Chin‐Chen Chang 《International Journal of Communication Systems》2014,27(11):3502-3512
A group key distribution protocol can enable members of a group to share a secret group key and use it for secret communications. In 2010, Harn and Lin proposed an authenticated group key distribution protocol using polynomial‐based secret sharing scheme. Recently, Guo and Chang proposed a similar protocol based on the generalized Chinese remainder theorem. In this paper, we point out that there are some security problems of Guo and Chang's protocol and propose a simpler authenticated group key distribution protocol based on the Chinese remainder theorem. The confidentiality of our proposed protocol is unconditionally secure. Copyright © 2013 John Wiley & Sons, Ltd. 相似文献
18.
文章介绍了REESSE1公钥体制的加密方案,包括密钥生成、加密和解密3个算法.通过对密钥变换公式中杠杆函数(.)为常数或不存在的假设,讨论了连分式攻击,因而从逆否命题的角度证明了(.)对REESSE1体制私钥安全的必要性.作者通过不确定推理、反例列举和参数归约的方法论述了(.)存在时,REESSE1的私钥安全性等价于多变量排列难题、明文安全性大于离散对数难题,从而证明了(.)对REESSE1体制私钥与明文安全的充分性.最后,指出了私钥中包含三个独立参数的REESSE1体制与私钥中仅包含一个或两个参数的MH、RSA和ElGamal体制相比,复杂性得到了显著提高. 相似文献
19.
秘密共享是指将一个秘密按适当的方式进行隐藏或拆分,只有若干个参与者一同协作才能恢复该秘密,该技术在云计算领域中能够确保信息安全和数据保密.提出了一种不使用纠缠态的量子秘密共享协议,通过使用量子密码算法确保系统的安全性.相比其他的秘密共享协议,该协议具有以下优点:与传统的基于数论的秘密共享协议相比,本协议由于使用量子通信的技术,从而能够有效抵抗Shor算法攻击;相比其他的量子秘密共享协议,由于本协议没有使用量子纠缠态,在技术程度上更容易实现;如果存在攻击者或恶意的参与者,该协议能够在秘密恢复过程中迅速发现,避免恢复错误的秘密. 相似文献
20.
An authenticated group key distribution protocol based on the generalized Chinese remainder theorem 下载免费PDF全文
The group key distribution protocol is a mechanism for distributing a group key that is used to encrypt the communication data transmitted in an open group. Recently, a novel group key distribution protocol based on secret sharing was proposed. In their protocol, the group key information is broadcast in an open network environment, and only authorized group members can obtain the group key. However, their protocol requires each group member to broadcast a random challenge to the rest of the group members in the construction of the group key, and this may increase communication cost and cause network traffic congestion. In this paper, we propose an authenticated group key distribution protocol based on the generalized Chinese remainder theorem that drastically reduces communication costs while maintaining at least the same degree of security. Our protocol is built on the secret sharing scheme based on Chinese remainder theorem, which requires fewer computation operations than the previous work. Copyright © 2012 John Wiley & Sons, Ltd. 相似文献