Non-Interactive Key Exchange and Key Assignment Schemes

نویسنده

  • Eduarda Simões Veloso Freire
چکیده

This thesis is divided into two distinct parts. The first part of this thesis studies noninteractive key exchange schemes in two different settings: the public key setting and the identity-based setting. Loosely speaking, a non-interactive key exchange (NIKE) scheme allows two users to compute a unique shared key without any interaction. Our work is motivated by the scant attention that this primitive has received since the major contribution in the ground-breaking paper of Diffie and Hellman. In the public key setting, we assume that any user can compute a public/private key pair and the public keys are registered with a Certification Authority (CA). A user A can compute a shared key with user B by using its own private key skA and B’s public key pkB, along with some public parameters. We provide different security models for NIKE and explore the relationships between them. Our models consider the challenging setting where an adversary can introduce arbitrary public keys in the system. We give constructions for secure NIKE, with respect to those security models, in the random oracle model based on the hardness of factoring, and in the standard model based on the hardness of a variant of the Decisional Bilinear Diffie-Hellman problem for asymmetric pairings. We also study the relationship between NIKE and public key encryption (PKE), showing that a secure NIKE can be generically converted into an IND-CCA secure PKE scheme. In the identity-based setting, there is a Trusted Authority (TA) who holds a master secret key and a master public key. The public key of a user is some unique information that identifies a user, called the identity. The private key for each user is computed by the TA, who uses its master secret key and master public key together with the user identity to derive the user’s private key. Using multilinear maps, we obtain the first identity-based non-interactive key exchange scheme (IDNIKE) secure in the standard model. The scheme is a standard-model version of the Sakai-Ohgishi-Kasahara ID-NIKE scheme. In addition, we derive a fully-secure hierarchical version of our ID-NIKE scheme. Our hierarchical ID-NIKE scheme is the first such scheme with full security in either the random oracle model or the standard model. The second part of this thesis is concerned with the construction of hierarchical key assignment schemes. Such schemes can be used to enforce access control policies by cryptographic means. We present new, enhanced security models for hierarchical key assignment schemes and give simple, efficient and strongly key indistinguishable

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Efficient and Non-Malleable Proofs of Plaintext

We describe efficient protocols for non-malleable (interactive) proofs of plaintext knowledge for the RSA, Rabin, Paillier, and El Gamal encryption schemes. We also highlight some important applications of these protocols: – Chosen-ciphertext-secure, interactive encryption. In settings where both parties are on-line, an interactive encryption protocol may be used. We construct chosen-ciphertext...

متن کامل

A non-interactive deniable authentication scheme in the standard model

the standard model Bin Wang ,Qing Zhao and Ke Dai Information Engineering College of Yangzhou University No.196 West HuaYang Road, Yangzhou City, Jiangsu Province, P.R.China E-mail: [email protected] Abstract: Deniable authentication protocols enable a sender to authenticate a message to a receiver such that the receiver is unable to prove the identity of the sender to a third party. In contrast...

متن کامل

Universally Composable Non-Interactive Key Exchange

We consider the notion of a non-interactive key exchange (NIKE). A NIKE scheme allows a party A to compute a common shared key with another party B from B’s public key and A’s secret key alone. This computation requires no interaction between A and B, a feature which distinguishes NIKE from regular (i.e., interactive) key exchange not only quantitatively, but also qualitatively. Our first contr...

متن کامل

Efficient and Non-malleable Proofs of Plaintext Knowledge and Applications

We describe very efficient protocols for non-malleable (interactive) proofs of plaintext knowledge for the RSA, Rabin, Paillier, and El-Gamal encryption schemes whose security can be proven in the standard model. We also highlight some important applications of these protocols, where we take care to ensure that our protocols remain secure when run in an asynchronous, concurrent environment: • C...

متن کامل

Forward Secure Non-Interactive Key Exchange

Exposure of secret keys is a major concern when cryptographic protocols are implemented on weakly secure devices. Forward security is thus a way to mitigate damages when such an event occurs. In a forward-secure scheme, the public key is indeed fixed while the secret key is updated with a oneway process at regular time periods so that security of the scheme is ensured for any period prior to th...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2014