In this paper we present an attack upon the Needham Schroeder public key authentication protocol The attack allows an intruder to impersonate another agent

This paper investigates the role of trust metrics in attack-resistant public key certification. We present an analytical framework for understanding the effectiveness of trust metrics in resisting attacks, including a characterization of the space of possible attacks. Within this framework, we establish the theoretical best case for a trust metric. Finally, we present a practical trust metric b...

94.7 Steganography...................................................................... 1260 94.8 Key Distribution .................................................................. 1260 94.9 Key Management ................................................................. 1260 94.10 Public versus Proprietary Algorithms and Systems.......... 1260 94.11 Classic Attacks..............................

Denial of Service (DoS) attacks pose a fast-growing threat to network services in the Internet, but also corporate Intranets and public local area networks like Wi-Fi hotspots may be affected. Especially protocols that perform authentication and key exchange relying on expensive public key cryptography are likely to be preferred targets. A well-known countermeasure against resource depletion at...

In open network, cryptographic operations are often performed on insecure, unprotected, and easily-stolen devices, therefore the threat of secret key exposure becomes more and more acute. The paradigm of forward security provides a promising approach to deal with the secret key exposure. This new paradigm guarantees that the compromise of current secret keys does not compromise past secret keys...

In this paper, we present an efficient attack on the multivariate Quadratic Quasigroups (MQQ) public key cryptosystem. Our cryptanalysis breaks the MQQ cryptosystem by solving a system of multivariate quadratic polynomial equations using both the MutantXL algorithm and the F4 algorithm. We present the experimental results that show that MQQ systems is broken up to size n equal to 300. Based on ...

We construct two identity-based encryption (IBE) schemes. The first one is IBE satisfying key dependent message (KDM) security for user secret keys. The second one is IBE satisfying simulation-based receiver selective opening (RSO) security. Both schemes are secure against adaptive-ID attacks and do not have any a-priori bound on the number of challenge identities queried by adversaries in the ...

Secured password authentication and update of passwords are two essential requirements for remote login over unreliable networks. In this paper, an elliptic curve cryptography (ECC) based technique has been proposed that not only satisfies the above two requirements, but also provides additional security requirements that are not available in some schemes proposed so far. For instances, the Pey...

We show that HILA5 is not secure against chosen-ciphertext attacks. Specifically, we demonstrate a key-recovery attack on HILA5 using an active attack on reused keys. The attack works around the error correction in HILA5. The attack applies to the HILA5 key-encapsulation mechanism (KEM), and also to the public-key encryption mechanism (PKE) obtained by NIST’s procedure for combining the KEM wit...

A new public key encryption scheme, along with several variants, is proposed and analyzed. The scheme and its variants are quite practical, and are proved secure against adaptive chosen ciphertext attack under standard intractability assumptions. These appear to be the first publickey encryption schemes in the literature that are simultaneously practical and provably secure. This paper is a sig...