nach oben

World Wide Web

Erschienen in:

22.08.2019

Secure limitation analysis of public-key cryptography for smart card settings

verfasst von: Youliang Tian, Qiuxian Li, Jia Hu, Hui Lin

Erschienen in: World Wide Web | Ausgabe 2/2020

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Smart cards are widely used in high security applications due to their self-contained nature. At the same time, the security of smart card has become an urgent problem in the field of intelligent environment. Public-key Cryptography is the main means to solve the security problems based on smart card password authentication and identity authentication protocol. This paper reviews the security issues of public key cryptography used in smart cards from the perspective of information theory. By constructing a attackers channel, we model the Public-key Cryptography process in the way of an adversary to capture the attack ability in the Public-key Cryptography setting. Then, we convert the secure problems of Public-key Cryptography into the attack channels capacity of adversaries that the maximum value of the average mutual information is the secure limitations of a Public-key Cryptography scheme, which is a reachable theoretic limitation of secure communication parties. Finally, we give the bounds of insecure for public-key encryption and signature in different secure levels, and analyze and discuss the secure limitation.

Vorheriger Artikel Master data management for manufacturing big data: a method of evaluation for data network

Nächster Artikel A survey on data provenance in IoT

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Bellare, M., Boldyreva, A., Desai, A., Pointcheval, D.: Key-privacy in public-key encryption. In: Proceedings of the 7th international conference on the theory and application of cryptology and information security: Advances in cryptology. pp. 566–582. ASIACRYPT ’01. http://dl.acm.org/citation.cfm?id=647097.717024. Springer-Verlag, Berlin (2001)CrossRef

Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: Proceedings of the 1st ACM conference on computer and communications security. pp. 62–73. CCS ’93. https://doi.org/10.1145/168588.168596. ACM, New York (1993)

Boyen, X., Mei, Q., Waters, B.: Direct chosen ciphertext security from identity-based techniques. In: Proceedings of the 12th ACM conference on computer and communications security. pp. 320–329. CCS ’05. https://doi.org/10.1145/1102120.1102162. ACM, New York (2005)

Camenisch, J., Shoup, V.: Practical verifiable encryption and decryption of discrete logarithms. In: Boneh, D. (ed.) Advances in cryptology - CRYPTO 2003, pp 126–144. Springer Berlin Heidelberg, Berlin (2003)CrossRef

Chang, C. C., Wu, T. C.: Remote password authentication with smart cards. IEEE Proc.-E 138(3), 165–168 (1991)

Chien, H. Y., Jan, J. K., Tseng, Y. M.: An efficient and practical solution to remote authentication: Smart card. Comput. Secur. 21(4), 372–375 (2002)CrossRef

Coron, J.: Resistance against differential power analysis for elliptic curve cryptosystems. In: International workshop on cryptographic hardware and embedded systems (1999)CrossRef

Cramer, R., Shoup, V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Krawczyk, H (ed.) Advances in Cryptology — CRYPTO ’98, pp 13–25. Springer, Berlin (1998)CrossRef

Cramer, R., Hanaoka, G., Hofheinz, D., Imai, H., Kiltz, E., Pass, R., Shelat, A., Vaikuntanathan, V.: Bounded cca2-secure encryption. In: Proceedings of the advances in crypotology 13th international conference on theory and application of cryptology and information security. pp. 502–518. ASIACRYPT’07. http://dl.acm.org/citation.cfm?id=1781454.1781497. Springer-Verlag, Berlin (2007)CrossRef

10.

Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976). https://doi.org/10.1109/TIT.1976.1055638 MathSciNetCrossRef

11.

Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: Concrete results. Ches May 2162, 251–261 (2001)MATH

12.

Hsiang, H. C., Shih, W. K.: Improvement of the secure dynamic id based remote user authentication scheme for multi-server environment. Computer Standards and Interfaces 31(6), 1118–1123 (2009)CrossRef

13.

Izu, T., Takagi T.: A fast parallel elliptic curve multiplication resistant against side channel attacks (2002)CrossRef

14.

Jiang, Q., Ni, J., Ma, J., Yang, L., Shen, X.: Integrated authentication and key agreement framework for vehicular cloud computing. IEEE Netw. 32(3), 28–35 (2018). https://doi.org/10.1109/MNET.2018.1700347 CrossRef

15.

Joye, M., Yen, S. M.: The montgomery powering ladder. In: International workshop on cryptographic hardware and embedded systems (2002)

16.

Kocher, P. C.: Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems. In: International cryptology conference on advances in cryptology (1996)

17.

Kocher, P. C., Jaffe, J., Jun, B.: Differential power analysis. Proc. Crypto. 1666, 388–397 (1999)MATH

18.

Mamiya, H., Miyaji, A., Morimoto, H.: Efficient Countermeasures against RPA, DPA and SPA (2004)

19.

Messerges, T. S.: Using second-order power analysis to attack dpa resistant software. In: International workshop on cryptographic hardware and embedded systems (2000)CrossRef

20.

Messerges, T. S., Dabbish, E. A., Sloan, R. H.: Investigations of power analysis attacks on smartcards. In: Usenix workshop on smartcard technology on usenix workshop on smartcard technology (1999)

21.

Micali, S., Reyzin, L.: Physically observable cryptography (2004)CrossRef

22.

Moebius, N., Stenzel, K., Borek, M., Reif, W.: Incremental development of large, secure smart card applications. In: Workshop on model-driven security (2012)

23.

Nojima, R., Imai, H., Kobara, K., Morozov, K.: Semantic security for the mceliece cryptosystem without random oracles. Des. Codes Cryptogr. 49(1-3), 289–305 (2008). https://doi.org/10.1007/s10623-008-9175-9 MathSciNetCrossRef

24.

Park, J. W., Sherman, M., Colombo, M., Roberts, L. R., Schwartz, M. E., Degos, F., Chen, P. J., Chen, M., Kudo, M., Johnson, P. J., Huang, B., Orsini, L. S.: Observations of hepatocellular carcinoma (hcc) management patterns from the global hcc bridge study: First characterization of the full study population. J. Clin. Oncol. 30(15), 4033–4033 (2012)

25.

Qi, J., Ma, J., Wei, F.: On the security of a privacy-aware authentication scheme for distributed mobile cloud computing services. IEEE Syst. J. PP(99), 1–4 (2016)

26.

Quisquater, J. J., Samyde, D.: Electromagnetic analysis (ema): Measures and counter-measures for smart cards. In: International conference on research in smart cards: Smart card programming and security (2001)

27.

Rivest, R. L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978). https://doi.org/10.1145/359340.359342 MathSciNetCrossRef

28.

Schneier, B.: Applied cryptography: Protocols, Algorithms, and Source Code in C, 2nd edn. John Wiley & Sons, Inc., New York (1995)MATH

29.

Tian, Y., Guo, J., Wu, Y., Lin, H.: Towards attack and defense views of rational delegation of computation. IEEE Access 7, 44037–44049 (2019). https://doi.org/10.1109/ACCESS.2019.2908858 CrossRef

30.

Tunstall, M.: Smart card security. Smart Cards Tokens Security and Applications 3, 195–228 (2014)

31.

Wang, B., Lei, H., Hu, Y.: D-ntru: More efficient and average-case ind-cpa secure ntru variant. Inf. Sci. 438, 15–31 (2018). https://doi.org/10.1016/j.ins.2018.01.037. http://www.sciencedirect.com/science/article/pii/S0020025518300513 MathSciNetCrossRef

32.

Waters, B.: Efficient identity-based encryption without random oracles. In: Proceedings of the 24th annual international conference on theory and applications of cryptographic techniques. pp. 114–127. EUROCRYPT’05. Springer-Verlag, Berlin (2005)

Titel: Secure limitation analysis of public-key cryptography for smart card settings
verfasst von: Youliang Tian
Qiuxian Li
Jia Hu
Hui Lin
Publikationsdatum: 22.08.2019
Verlag: Springer US
Erschienen in: World Wide Web / Ausgabe 2/2020
Print ISSN: 1386-145X
Elektronische ISSN: 1573-1413
DOI: https://doi.org/10.1007/s11280-019-00715-8

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Weitere Artikel der Ausgabe 2/2020

Misinformation-oriented expert finding in social networks

ICFR: An effective incremental collaborative filtering based recommendation architecture for personalized websites

From crowdsourcing to crowdmining: using implicit human intelligence for better understanding of crowdsourced data

A survey on data provenance in IoT

Fault tolerant data transmission reduction method for wireless sensor networks

A QoS-aware virtual machine scheduling method for energy conservation in cloud-based cyber-physical systems

Premium Partner