摘要 :
This study discusses the problem of key distribution protocol in IoT systems especially smart grids for two modes of communication: Unicast and multicast. In the present paper, we suggested two protocols for key distribution for b...
展开
This study discusses the problem of key distribution protocol in IoT systems especially smart grids for two modes of communication: Unicast and multicast. In the present paper, we suggested two protocols for key distribution for both unicast and multicast communication. The proposed schemes are based on symmetric key encryption with cryptographic primitives: Hashes and nonces. In addition, the multicast key distribution protocol is based on a logical key hierarchy to reduce communication and computation overheads in case of any member change. The proposed solutions are compared to other protocols based on communication and computation overheads, and the ability to resist well-known attacks. The comparison shows that the proposed protocols have the lowest overheads while resisting known attacks. To ensure the correctness and security of the proposed protocol, it is analyzed using a logical tool (BAN logic). The analysis illustrates that the proposed protocols are free from bugs or redundancies.
收起
摘要 :
In this report we try to modify the secret-key reconciliation protocol Cascade so as to reduce the number of publicly exchanged bits. The performance of the proposed scheme is shown by means of computer simulation. We give upper b...
展开
In this report we try to modify the secret-key reconciliation protocol Cascade so as to reduce the number of publicly exchanged bits. The performance of the proposed scheme is shown by means of computer simulation. We give upper bound of the probability that the proposed protocol fails.
收起
摘要 :
Probabilistic key predistribution schemes (P-KPSs) which place modest demands on hardware are good candidates for securing interactions between resource limited computers. Collusion susceptible P-KPSs are trade-offs between secur...
展开
Probabilistic key predistribution schemes (P-KPSs) which place modest demands on hardware are good candidates for securing interactions between resource limited computers. Collusion susceptible P-KPSs are trade-offs between security and complexity. Some facets of complexity include computation, bandwidth, and storage overhead. Metrics for security include resistance to passive eavesdropping attacks, and active message injection attacks. The contributions of this paper are three-fold: 1) a novel P-KPS, the subset keys and identity tickets (SKIT) scheme; 2) a generic KPS model to facilitate comparison of various facets of the complexity of key predistribution schemes; and 3) a new security model to describe the resistance of P-KPSs to active message-injection attacks. The two models are used to show why SKIT has many compelling advantages over existing P-KPSs in the literature. In particular, while placing lower demands on computation, bandwidth and storage overhead, SKIT realizes substantial improvements in resistance to passive and active attacks.
收起
摘要 :
Group key management (GKM) is one of the most important issues in secure group communication (SGC). The existing GKM protocols fall into three typical classes: centralized group key distribution (CGKD), decentralized group key man...
展开
Group key management (GKM) is one of the most important issues in secure group communication (SGC). The existing GKM protocols fall into three typical classes: centralized group key distribution (CGKD), decentralized group key management (DGKM), and distributed/contributory group key agreement (CGKA). Serious problems remains in these protocols, as they require existence of central trusted entities (such as group controller or subgroup controllers), relaying of messages (by subgroup controllers), or strict member synchronization (for multiple round stepwise key agreement), thus suffering from the single point of failure and attack, performance bottleneck, or misoperations in the situation of transmission delay or network failure. We proposed a new class of GKM protocols: distributed group key distribution (DGKD) [1]. The new DGKD protocol solves the above problems and surpasses the existing GKM protocols in terms of simplicity, efficiency, scalability, and robustness. In this paper, we extend the conference paper [1] with detailed experiments and discussions. Also based on DGKD, we propose a new distributed dynamic conferencing scheme which enforces group/conference membership management. Due to its distributed feature without the requirement of a central control, the proposed scheme is well suited in wireless networks such as Mobile Ad-hoc Networks (MANETs).
收起
摘要 :
QUANTUM INFORMATION WILL not only reformulate our view of the nature of computation and communication but will also open up fundamentally new possibilities for realizing high-performance computer architecture and telecommunication...
展开
QUANTUM INFORMATION WILL not only reformulate our view of the nature of computation and communication but will also open up fundamentally new possibilities for realizing high-performance computer architecture and telecommunication networks. Since our data will no longer remain safe in the traditional Internet when commercial quantum computers become fully available,(1,2,8,15,34) there will be a need for a fundamentally different network structure: the quantum Internet.(22,25,32,33,45,47) While quantum computational supremacy refers to tasks and problems that quantum computers can solve but are beyond the capability of classical computers, the quantum supremacy of the quantum Internet identifies the properties and attributes that the quantum Internet offers but are unavailable in the traditional Internet.
收起
摘要 :
The concept of symmetric extendibility has recently drawn attention in the context of tolerable error rates in quantum cryptography, where it can be used to decide whether quantum states shared between two parties can be purified ...
展开
The concept of symmetric extendibility has recently drawn attention in the context of tolerable error rates in quantum cryptography, where it can be used to decide whether quantum states shared between two parties can be purified by means of entanglement purification with one-way classical communication only. Unfortunately, at present there exists no simple general criterion to decide whether a state possesses a symmetric extension or not. In this paper, we derive criteria for symmetric extendibility within subclasses of all two-qudit states. Using these criteria, we can completely solve the problem for a two-parameter family of two-qudit states, which includes the isotropic states as a subclass.
收起
摘要 :
In practical quantum cryptography, the source sometimes produces multiphoton pulses, thus enabling the eavesdropper Eve to perform the powerful photon-number-splitting (PNS) attack. Recently, it was shown by Curty and Lutkenhaus [...
展开
In practical quantum cryptography, the source sometimes produces multiphoton pulses, thus enabling the eavesdropper Eve to perform the powerful photon-number-splitting (PNS) attack. Recently, it was shown by Curty and Lutkenhaus [Phys. Rev. A 69, 042321 (2004)] that the PNS attack is not always the optimal attack when two photons are present: if errors are present in the correlations Alice-Bob and if Eve cannot modify Bob's detection efficiency, Eve gains a larger amount of information using another attack based on a 2 -> 3 cloning machine. In this work, we extend this analysis to all distances Alice-Bob. We identify a new incoherent 2 -> 3 cloning attack which performs better than those described before. Using it, we confirm that, in the presence of errors, Eve's better strategy uses 2 -> 3 cloning attacks instead of the PNS. However, this improvement is very small for the implementations of the Bennett-Brassard 1984 (BB84) protocol. Thus, the existence of these new attacks is conceptually interesting but basically does not change the value of the security parameters of BB84. The main results are valid both for Poissonian and sub-Poissonian sources.
收起
摘要 :
On the basis of entanglement swapping of Bell states, Hwang et al. proposed a probabilistic quantum key distribution (PQKD) protocol Quantum Inf. Comput. 11(7-8), 615-637 (2011). Recently, Lin et al. Quantum Inf. Comput. 14(9-10),...
展开
On the basis of entanglement swapping of Bell states, Hwang et al. proposed a probabilistic quantum key distribution (PQKD) protocol Quantum Inf. Comput. 11(7-8), 615-637 (2011). Recently, Lin et al. Quantum Inf. Comput. 14(9-10), 757-762 (2014) proposed a unitary operation attack on Hwang et al.'s PQKD. However, unlike the unitary operation attack, this work points out that a malicious participant in Hwang et al.'s PQKD protocol can manipulate the secret key. As a result, the security requirements of a PQKD protocol, i.e., fairness, cannot be satisfied in their protocol. Moreover, the same attack can also crack the fairness requirement of the existing quantum key agreement (QKA) protocols. To overcome both problems, this paper proposes a new PQKD protocol based on the order rearrangement of the transmitted photons. Furthermore, the rearrangement method can also solve the key manipulation attack in QKA protocols.
收起
摘要 :
A new family of broadcast encryption schemes, which well be called linear broadcast encryption schemes (LBESs), is presented in this paper by using linear algebraic techniques. This family generalizes most previous proposals and p...
展开
A new family of broadcast encryption schemes, which well be called linear broadcast encryption schemes (LBESs), is presented in this paper by using linear algebraic techniques. This family generalizes most previous proposals and provides a general framework to the study of broadcast encryption schemes. We present a method to construct, for a general specification structure, LBESs with a good trade-off between the amount of secret information stored by every user and the length of the broadcast message. In this way, we are able to find schemes that fit in situations that have not been considered before.
收起
摘要 :
This paper presents a server-based hybrid cryptographic protocol, using quantum and classical resources, to generate a key for authentication and optionally for encryption in a network. A novel feature of the protocol is that it c...
展开
This paper presents a server-based hybrid cryptographic protocol, using quantum and classical resources, to generate a key for authentication and optionally for encryption in a network. A novel feature of the protocol is that it can detect a compromised server. Additional advantages are that it avoids the requirement for timestamps used in classical protocols, guarantees that the trusted server cannot know the authentication key, can provide resistance to multiple photon attacks, and can be used with BB84 or other quantum key distribution protocols. Each resource shares a previously distributed secret key with the trusted server, and resources can communicate with the server using both classical and quantum channels. Resources do not share secret keys with each other, so that the key distribution problem for the network is reduced from O(n(2)) to O(n).
收起