While the need for data and message confidentiality is well known, the need to protect against traffic analysis on networks, including unclassified networks, is less widely recognized. Tor is a circuit-based low-latency anonymous communication service that resists traffic analysis. This second-generation Onion Routing system adds to the first-generation design with perfect forward secrecy, cong...

A secure and versatile key exchange protocol for key management over Internet is presented. SKEME constitutes a compact protocol that supports a variety of realistic scenarios and security models over Internet. It provides clear tradeoos between security and performance as required by the diierent scenarios without incurring in unnecessary system complexity. The protocol supports key exchange b...

In this paper, the individual secrecy of two-way wiretap channel is investigated, where two legitimate users’ messages are separately guaranteed secure against an external eavesdropper. For one thing, in some communication scenarios, the joint secrecy is impossible to achieve both positive secrecy rates of two users. For another, the individual secrecy satisfies the secrecy demand of many pract...

Let S = 〈L, S〉 be a deductive system. An S -secrecy logic is a quadruple K = 〈FmL(V ),K,B, S〉 , where FmL(V ) is the algebra of L-formulas, K,B are S -theories, with B ⊆ K and S ⊆ K such that S ∩ B = ∅ . K corresponds to information deducible from a knowledge base, B to information deducible from the publicly accessible (or browsable) part of the knowledge base and S is a secret set, a set of s...

Both mutual authentication and generation of session keys can be accomplished by an authenticated key exchange (AKE) protocol. Let us consider the following situation: (1) a client, who communicates with many different servers, remembers only one password and has insecure devices (e.g., mobile phones or PDAs) with very-restricted computing power and built-in memory capacity; (2) the counterpart...

A cancelable biometric scheme called correlation-invariant random filtering (CIRF) is known as a promising template protection scheme. This scheme transforms a biometric feature represented as an image via the 2D number theoretic transform (NTT) and random filtering. CIRF has perfect secrecy in that the transformed feature leaks no information about the original feature. However, CIRF cannot be...

The Session Initiation Protocol (SIP) is an extensive and esteemed communication protocol employed to regulate signaling as well as for controlling multimedia communication sessions. Recently, Kumari et al. proposed an improved smart card based authentication scheme for SIP based on Farash's scheme. Farash claimed that his protocol is resistant against various known attacks. But, we observe som...

In this paper, the one-sided secrecy of two-way wiretap channel with feedback is investigated, where the confidential messages of one user through multiple transmissions is guaranteed secure against an external eavesdropper. For one thing, one-sided secrecy satisfies the secure demand of many practical scenarios. For another, the secrecy is measured over many blocks since the correlation betwee...

To reduce the chance of being compromised, digital evidence must be preserved in a secure way when it is generated. The preservation must assure confidentiality, integrity, and survivability of the digital evidence. Some generic storage systems have been proposed. However, they cannot meet the critical requirements for digital evidence preservation. This paper introduces a secure distributed di...

Just Fast Keying (JFK) is a simple, efficient and secure key exchange protocol proposed by Aiello et al. (ACM TISSEC, 2004). JFK is well known for its novel design features, notably its resistance to denialof-service (DoS) attacks. Using Meadows’ cost-based framework, we identify a new DoS vulnerability in JFK. The JFK protocol is claimed secure in the Canetti-Krawczyk model under the Decisiona...