Tight Security Research Articles

Tightly CCA-secure identity-based encryption with ciphertext pseudorandomness

Affine message authentication code (MAC) and delegatable affine MAC turn out to be useful tools for constructing identity-based encryption (IBE) and hierarchical IBE (HIBE), as shown in Blazy, Kiltz and Pan’s (BKP) creative work in CRYPTO (2014). An important result obtained by BKP is IBE of tight PR-ID-CPA security, i.e., tight IND-ID-CPA security together with ciphertext pseudorandomness (PR). However, the problem of designing tightly PR-ID-CCA2 secure IBE remains open. We note that the CHK transformation does not preserve ciphertext pseudorandomness when converting IND-ID-CPA secure 2-level HIBE to IND-ID-CCA2 secure IBE. In this paper, we solve this problem with a new approach. We introduce a new concept called De-randomized delegatable affine MAC and define for it weak APR-CMA security. We construct such a MAC with a tight security reduction to the Matrix DDH assumption, which includes the k-Linear and DDH assumptions. We present a paradigm for constructing PR-ID-CCA2 secure IBE, which enjoys both ciphertext pseudorandomness and IND-ID-CCA2 security, from De-randomized delegatable affine MAC and Chameleon hashing. The security reduction is tightness preserving. It provides another approach to IND-ID-CCA2 security besides the CHK transformation. By instantiating the paradigm with our specific De-randomized delegatable affine MAC, we obtain the first IBE of tight PR-ID-CCA2 security from the Matrix DDH assumption over pairing groups of prime order. Our IBE also serves as the first tightly IND-ID-CCA2 secure IBE with anonymous recipient (ANON-ID-CCA2) from the Matrix DDH assumption. Our IBE further implies the first tightly IND-ID-CCA2 secure extractable IBE based on the Matrix DDH assumption. The latter can be used to get IBE of simulation-based selective opening CCA2 (SIM-SO-CCA2) security (due to Lai et al. in EUROCRYPT, 2014). The tight security of our IBE leads to a tighter reduction of the SIM-SO-CCA2 security.

EFFECTS OF INTERNET BANKING ON FINANCIAL PERFORMANCE OF LISTED COMMERCIAL BANKS IN KENYA

Purpose: The purpose of this study was to establish the effect of Internet Banking on the financial performance of listed commercial banks in Kenya.Methodology: This study used descriptive survey design. The target population was all employees of listed commercial banks in Kenya. Simple random sampling method was used to identify the study respondents. Primary sources of information were used and were gathered using questionnaires. Finally data from the questionnaires was sorted, coded and input into a software for analysis. Data was analysed using statistical package for the social sciences (SPSS) to generate diagrams, frequencies, descriptive statistics and inferential statistics.Results: The key finding of the study revealed that internet backing has positive influence on bank incomes, operating costs, loan book and customer deposits.Unique contribution to theory, practice and policy: Due to the growing demand for the internet as a key service delivery, it is recommended to bank management to ensure that there is tight security of data and information being operated on the internet bank platform. The study also recommends that the bank managers should emphasize on training their clients on use of internet banking via advertisements as this will make ease on communication. Commercial banks need to emphasize the use of internet banking as this will enhance banks growth and customers saving on much time which they could have wasted on queues to be attended the traditional way.

New Security Proof for the Boneh-Boyen IBE: Tight Reduction in Unbounded Multi-Challenge Security

Identity-based encryption IBE is an advanced form of public key encryption and one of the most important cryptographic primitives. Of the many constructions of IBE schemes, the one proposed by Boneh and Boyen in Eurocrypt 2004 is quite important from both practical and theoretical points of view. The scheme was standardized as IEEE P1363.3 and is the basis for many subsequent constructions. In this paper, we investigate its multi-challenge security, which means that an adversary is allowed to query challenge ciphertexts multiple times rather than only once. Since single-challenge security implies multi-challenge security, and since Boneh and Boyen provided a security proof for the scheme in the single-challenge setting, the scheme is also secure in the multi-challenge setting. However, this reduction results in a large security loss. Instead, we give tight security reduction for the scheme in the multi-challenge setting. Our reduction is tight even if the number of challenge queries is not fixed in advance that is, the queries are unbounded. Unfortunately, we are only able to prove the security in a selective setting and rely on a non-standard parameterized assumption. Nevertheless, we believe that our new security proof is of interest and provides new insight into the security of the Boneh-Boyen IBE scheme.

Chitosan-functionalized poly(lactide-co-glycolide) nanoparticles: breaking through the brain’s tight security gateway

Despite the development of several progressive treatments, many effective anticancer drugs have failed in clinical examinations due to the inability to penetrate across the blood–brain barrier. For this reason, the local and controlled delivery of anticancer drugs using biodegradable polymeric nanoparticles is attracting increasing attention as a viable therapy for treating brain tumors. In the present study, poly(lactide-co-glycolide) (PLGA) nanoparticles (NPs) with high emulsifying effects were prepared in conjunction with vitamin E d-α-tocopheryl polyethylene glycol 1000 succinate (TGPS) and chitosan, which imparted the desired surface morphology and particle size. The particle sizes, the surface morphology and the phase composition were correlated with the loaded amount of chitosan and operating pH. The laboratory cytotoxicity of the particles was investigated using the PC12 cell line. An increase in the chitosan content decreased the particle sizes of the NPs in a semilinear pattern and increased the potential therapeutic effects as indicated by high cell viability. These chitosan surface-modified PLGA NPs could be used for local drug delivery, thereby greatly expanding the spectrum of drugs available for the treatment of brain tumors.

A System and Method for Authentication in Wireless Local Area Networks (WLANs)

Wireless local area networks (WLANs) are widely used in airports, enterprises, schools, shops etc. Now a day, WLANs are growing very fast in aforesaid sectors and others. In their, security (specially authentication) is a vital issue because of the wireless medium being available to everybody in open space. The users of wireless network today aspire to have a tight security and good performance equivalent to those of the wired networks. As such, we have many authentication procedure for WLAN like Wired Equivalent Privacy, IEEE 802.1x etc. provides security and good authentication support. However 802.11i is having the problem of Denial of Service attacks, and Man in the Middle attack high delay in the authentication and a complicated key distribution procedure as well as appreciable computational load on the access point. The current paper attempts to provide such authentication procedure which is characterized with improved security along with minimized the authentication delay.

Efficient key encapsulation mechanisms with tight security reductions to standard assumptions in the two security models

AbstractIn this paper, we propose two new practical constructions of chosen ciphertext attack secure (CCA secure) key encapsulation mechanisms (KEM, which is the main building block for public key encryption in hybrid encryption), with remarkable security features: Our KEMs can be proved not only to satisfy CCA security (or constrained CCA security introduced by Hofheinz and Kiltz at CRYPTO'07) in the standard model with a tight security reduction to a basic indistinguishability‐type assumption but also to be CCA secure in the random oracle model with a tight security reduction to a basic computational‐type assumption. Our first construction is based on the Diffie–Hellman‐type assumptions, and compared with the KEM by Shoup at EUROCRYPT'00 that has security reductions in two security models (but its security proof in the random model is a loose reduction), our proposed KEM has a smaller ciphertext size with the same computational costs, and more importantly, ours has a tight security reduction also in the random oracle model. Our second construction is based on assumptions related to integer factoring, and compared with the KEM by Hofheinz and Kiltz at CRYPTO'99 that also has tight security reductions in two security models to factoring‐related assumptions, our proposed KEM has similar efficiency (both ciphertext size and computational costs) and bases the security on incomparable assumptions. Copyright © 2016 John Wiley & Sons, Ltd.

Efficient Attribute-Based Encryption Schemes for Secure Communications in Cyber Defense

AbstractHow to securely transmit data over the cyber is an important problem in cyber defense. In this paper, we propose a ciphertext-policy attribute-based encryption (CP-ABE) scheme, in which the messages are encrypted together with access policy, while secret keys are associated with specified sets of attributes, and the secret keys can correctly decrypt the ciphertexts only when the attributes satisfy the associated access policy. Our proposed CP-ABE scheme is provably secure in the full model without random oracles, and has a tight security reduction. We stress that a tight security reduction implies a higher security or the requirement of smaller keys and ciphertext sizes to obtain the same security level, and thus make the scheme more efficient. Thus our scheme can be efficiently used to encrypt the transmitted data over cyber in a fine-grained manner.

Efficient ID-based public auditing for the outsourced data in cloud storage

Cloud storage can make data users store and access their files anytime, from anywhere and with any device. To ensure the security of the outsourced data, data user needs to periodically check data integrity. The existing public auditing schemes are mainly based on the PKI (public key infrastructure). In this infrastructure, the auditor must validate the certificates of data user before auditing data integrity. Thus, it results in a large amount of computation cost. Especially, it brings heavy burden to the auditor in the multi-user setting. To overcome this problem, in this paper, we propose an efficient ID-based auditing protocol for cloud data integrity based on ID-Based Cryptography, which is provably secure in the random oracle model and has tight security reduction. And we also extend it to support batch auditing in the multi-user setting. Finally, extensive security and simulation results show that our ID-based auditing protocols are secure and efficient, especially it reduces the computation cost of the auditor in the multi-user setting. In comparison with Wang et al.’s ID-based remote data possession checking protocol, our protocol is more suitable to the large-scale cloud storage system.

Civil society, democracy and the state in South Korea: a critical dialogue

This review will discuss Hun Joon Kim’s important work on political dissent in the Republic of Korea, The Massacres at Mt. Halla: sixty years of truth-seeking in South Korea (Massacres at Mt. Halla). This book tells the story of the six-decade-long grassroots campaign to establish a truth commission into the events around Jeju 4.3: a series of counterinsurgency actions against armed uprisings that resulted in the large-scale massacre of civilians as well as other atrocities. Political activism looms large in South Korea’s modern political history, making a major contribution to the evolution of democracy in that country. For decades, the main game, and the focus of most academic scholarship, was the establishment of full participatory democracy in the country. Yet, behind the scenes and on the peripheries, many lower profile battles have been fought and the fate of these struggles is in some ways the real test of democracy in South Korea (Republic of Korea or ROK). Drawing together a broad range of primary documentary and interview material, Massacres at Mt. Halla makes a number of important contributions to audiences in Korean Studies, International Relations, and transitional justice. Kim brings to English speakers an unprecedented insight into the uprising, counterinsurgency operations, and activist efforts to bring this chapter of South Korean history to light. Careful archival research is supplemented with detailed personal interview data, the majority of which is in the Korean language and thus previously inaccessible to a wider audience. The value here lies with a detailed narrative that traces grassroots activism from the days of authoritarian government through the varied challenges of a newly democratic nation. In its telling, this story illuminates the ways in which local activism can be derailed or suppressed in a tight security environment. In this case, the backdrop was a political environment strictly managed by the state on the grounds of a fervent anti-communist policy. Anti-communism was in fact the only state-sanctioned ideology, one which had the backing of the ROK’s powerful US military ally. As Kim’s research demonstrates in a clear way, any activism that could be perceived to deviate from this ideology was harshly dealt with. The dawn of progressive government in South Korea in 1997 brought an end to explicit ‘red-baiting’,1 as it was known, but did not overturn altogether the rigid anti-communist structures that had accompanied the development of the modern South Korean state. In the following discussion, I first provide a brief introduction to Kim’s book before focusing my attention in on what Massacres at Mt. Halla tells us about this interaction between national security discourse and civil society activism.

Tightly-Secure Authenticated Key Exchange without NAXOS’ Approach Based on Decision Linear Problem

Design Secure Authenticated Key Exchange (AKE) protocol without NAXOS approach is remaining as an open problem. NAXOS approach [4] is used to hide the ephemeral secret key from an adversary even if the adversary in somehow may obtain the ephemeral secret key. Using NAXOS approach will cause two main drawbacks: (i) leaking of the static secret key which will be utilized in computing the exponent of the ephemeral public key; (ii) maximization of using random oracle when applying to the exponent of the ephemeral public key and session key derivation. In this paper, we present another AKE-secure without NAXOS approach based on decision linear assumption in the random oracle model. We fasten our security using games sequences tool which gives tight security for our protocol.

Ireland on a Plate: Curating the 2011 State Banquet for Queen Elizabeth II

Ireland on a Plate: Curating the 2011 State Banquet for Queen Elizabeth II

Improving Authentication and Authorization for Identity Based Cloud Environment Using OAUTH with Fuzzy Based Blowfish Algorithm

Cloud computing involves group of remote servers, software, networks, centralized storage, which allows different number of online services and resources to virtualized business environment, individual users and educational institutions. But the main challenges are security between the user information, trust between the user and service provider. In business environment, Private Cloud Model (PCM) provides tight security of the application data even though in cloud, security issues such as authorization, confidentiality still exist. Therefore, the paper focuses on security, authentication and authorization using OAuth protocol. OAuth protocol authorizes the user while accessing the data from one application via another application for managing identities. OAuth HTTP based protocol is used for authorization and security is implemented using Fuzzy based blowfish encryption algorithm (FBFE). In OAuth, authorization is granted in four different ways like authorization code, implicit, resource owner password credential and client credential. OAuth establishes authorization between application and API user using token and redirect URI.

Fully secure fuzzy identity-based encryption for secure IoT communications

How to securely transmit data is an important problem in Internet of Things (IoT). Fuzzy identity-based encryption (FIBE) is a good candidate for resolving this problem. However, existing FIBE schemes suffer from the following disadvantages: rely on random oracle models, merely secure in selective-ID model, long public parameters, and loose security reduction. In this paper, we propose a new FIBE scheme. Our scheme is secure in the full model without random oracles, and at the same time has a tight security reduction and short public parameters. This means that our scheme is quite suitable for secure transmitting data in IOT.

New chosen-ciphertext secure identity-based encryption with tight security reduction to the bilinear Diffie–Hellman problem

We propose a new identity-based encryption (IBE) system that achieves a tight security reduction to the bilinear Diffie–Hellman (BDH) problem in the random oracle model. Tightness indicates that some level of IBE system security can be straightforwardly based on the hardness of the BDH problem at the same security level. Achieving such tightness requires two strategies: (1) a key generation technique for all identities, and (2) a searching method for the solution to the BDH problem. To implement the first strategy, our system relies on a key generation paradigm recently introduced with the Park–Lee IBE system. To implement the second strategy, we base our system on the strong twin BDH problem that includes access to a decision oracle. We compare the efficiency of our system with that of the previous Nishioka IBE system (based on the Katz–Wang key generation paradigm) combined with another tight variant of the Fujisaki–Okamoto transform.

Active citizenship, dissent and civic consciousness: young Muslims redefining citizenship on their own terms

British Muslims have confronted numerous challenges since 9/11 which have rendered their citizenship ‘precarious’ and ‘contingent’, including rampant Islamophobia and a disproportionate impact from tighter security and immigration measures. Additionally, they are also disadvantaged by new forms of governance which promote ‘active citizenship’ based on both neoliberal and resurgent nationalist demands for citizens to be more self-reliant as welfare provision shrinks. This article explores how young British Muslim civil society activists negotiate some of these challenges by analysing their discourses on citizenship and belonging. Based on an ethnographic study, it is suggested that despite experiencing exclusion and marginalisation, young Muslim activists incarnate active citizenship but with reference to a very different set of values and priorities in contrast to nationalist and neoliberal normative ideas. Demonstrating a strong commitment to civic responsibility and participation, these young Muslims defy fears that negative associations with Britishness weaken the value and relevance of citizenship.

Tightly Secure Signatures From Lossy Identification Schemes

In this paper, we present three digital signature schemes with tight security reductions in the random oracle model. Our first signature scheme is a particularly efficient version of the short exponent discrete log-based scheme of Girault et al. (J Cryptol 19(4):463---487, 2006). Our scheme has a tight reduction to the decisional short discrete logarithm problem, while still maintaining the non-tight reduction to the computational version of the problem upon which the original scheme of Girault et al. is based. The second signature scheme we construct is a modification of the scheme of Lyubashevsky (Advances in Cryptology--ASIACRYPT 2009, vol 5912 of Lecture Notes in Computer Science, pp 598---616, Tokyo, Japan, December 6---10, 2009. Springer, Berlin, 2009) that is based on the worst-case hardness of the shortest vector problem in ideal lattices. And the third scheme is a very simple signature scheme that is based directly on the hardness of the subset sum problem. We also present a general transformation that converts what we term $$lossy $$lossy identification schemes into signature schemes with tight security reductions. We believe that this greatly simplifies the task of constructing and proving the security of such signature schemes.

Tightly secure signatures and public-key encryption

We construct the first public-key encryption (PKE) scheme whose chosen-ciphertext (i.e., IND-CCA) security can be proved under a standard assumption and does not degrade in either the number of users or the number of ciphertexts. In particular, our scheme can be safely deployed in settings in which no a-priori bound on the number of encryptions and/or users is known. As a central technical building block, we devise the first structure-preserving signature scheme with a tight security reduction. (This signature scheme may be of independent interest.) Combining this scheme with Groth---Sahai proofs yields a tightly simulation-sound non-interactive zero-knowledge proof system for group equations. If we use this proof system in the Naor---Yung double encryption scheme, we obtain a tightly IND-CCA secure PKE scheme from the decision linear assumption. We point out that our techniques are not specific to PKE security. Rather, we view our signature scheme and proof system as general building blocks that can help to achieve a tight security reduction.

Identity-based universal re-encryption for mixnets

In order to provide anonymity, universal cryptosystems have been used in various applications, including mixnets with multiple receivers. Unlike ordinary re-encryption cryptosystems, universal cryptosystems for re-encryption of ciphertexts do not require knowledge of the public key of the receiver. Golle et al. introduced universal cryptosystems for public key cryptography. Contrary to public key cryptography, in ID-based cryptography, a public key infrastructure is not needed, which makes it suitable for situations where it is not cost-effective to distribute certificates or establish a public key infrastructure. In this paper, we first generalize the definition of universal cryptosystems and the notion of universal semantic security to ID-based cryptography, then we propose two ID-based universal cryptosystem schemes, and lastly we prove the security of these two schemes. The first scheme has higher efficiency in terms of computation and communication while the second scheme has proof of security in the standard model and has a tighter security band. Copyright © 2015 John Wiley & Sons, Ltd.

An efficient IBE scheme with tight security reduction in the random oracle model

We present a new practical identity-based encryption (IBE) system that can be another candidate for standard IBE techniques. Our construction is based on a new framework for realizing an IBE trapdo...

Security of Continuous-Variable Quantum Key Distribution with Imperfect Phase Compensation

Phase compensation is a necessary procedure in practical application of continuous-variable quantum key distribution (CVQKD) for the reason of unavoidable phase drifts of quantum signals in quantum channel. However, the phase compensation may become imperfect in practical applications. The security of CVQKD scheme with imperfect phase compensation is investigated under realistic conditions of quantum channel and detector. In particular, a tight security bound to the phase noise of the imperfect phase compensation are derived for reverse reconciliation and realistic homodyne detection. Moreover, the phase noise is analyzed experimentally and a practical phase compensation procedure is applied to simulate the imperct processing. The simulation results show its coincidence to the security bound, and reveal the sensitivity of the security of the reverse reconciliation CVQKD protocol to the noise arising from imperfect phase compensation.