This paper considers security analysis of a cross-realm client-to-client password-authenticated key exchange (C2C-PAKE) protocol with indirect communication structure that was proposed for secure email. The protocol does not need any public key infrastructure (PKI) and was designed to enable senders and recipients of emails to register at different mail servers. However, mail servers require sh...

We proposed a new type of ID-based encryption scheme. Our scheme is different from other schemes on that we use tamper resistant smart card to store the private key and do the decryption job for the users. The user knows nothing about the private key. Our scheme is identical to ElGamal encryption scheme, but using RSA framework to avoid ID replacement attack. In a way, our scheme can be regarde...

Certificateless cryptography has attracted much attention due to its distinctive features. By eliminating the certification costs in traditional public key cryptography and addressing the private key escrow problem in identity-based cryptography, certificateless cryptography has become a mesmeric paradigm for developing various cryptographic primitives. Digital signatures with short signature l...

In this paper we address the problem of secure communication and authentication in ad-hoc wireless networks. This is a difficult problem, as it involves bootstrapping trust between strangers. We present a user-friendly solution, which provides secure authentication using almost any established public-key-based key exchange protocol, as well as inexpensive hash-based alternatives. In our approac...

In order to protect Mobile Internet Protocol Version 6 (MIPv6), considerable researches have been made, consequently followed by various security protocols, which are based on public key cryptography. Especially, depending on a proper address based public key method, these protocols use each node’s address as a public key certificate to authenticate its public key because no global public key i...

The issue of certificate masquerading against the SSL protocol is pointed out in [4]. In [4], various forms of server certificate masquerading are identified. It should also be noted that the attack described is a man-in-themiddle (MITM) attack that requires direct manipulation of the SSL protocol. This paper is a mirror of [4] and involves client certificate masquerading. The motivation for th...

Password-based key-server protocols are susceptible to password chaining attacks, in which an enemy uses knowledge of a user's current password to learn all future passwords. As a result, the exposure of a single password eeectively compromises all future communications by that user. The same protocols also tend to be vulnerable to dictionary attacks against user passwords. Bellovin and Merritt...

This document describes how to further extend the Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) extension [RFC4556] to exchange an opaque data blob which a KDC can validate to ensure that the client is currently in possession of the private key during a PKInit AS exchange.

Relative location information is very useful in vehicular networks although it is vulnerable to various attacks. Many techniques have been proposed for relative positioning and location verification. Due to the high speed and the strict security requirements, the existing relative positioning and location verification techniques are not directly applicable to vehicular networks. Hence we presen...