Biblio
In quantum cryptography research area, quantum digital signature is an important research field. To provide a better privacy for users in constructing quantum digital signature, the stronger anonymity of quantum digital signatures is required. Quantum ring signature scheme focuses on anonymity in certain scenarios. Using quantum ring signature scheme, the quantum message signer hides his identity into a group. At the same time, there is no need for any centralized organization when the user uses the quantum ring signature scheme. The group used to hide the signer identity can be immediately selected by the signer himself, and no collaboration between users.Since the quantum finite automaton signature scheme is very efficient quantum digital signature scheme, based on it, we propose a new quantum ring signature scheme. We also showed that the new scheme we proposed is of feasibility, correctness, anonymity, and unforgeability. And furthermore, the new scheme can be implemented only by logical operations, so it is easy to implement.
The signcryption technique was first proposed by Y. Zheng, where two cryptographic operations digital signature and message encryption are made combinedly. We cryptanalyze the technique and observe that the signature and encryption become vulnerable if the forged public keys are used. This paper proposes an improvement using modified DSS (Digital Signature Standard) version of ElGamal signature and DHP (Diffie-Hellman key exchange protocol), and shows that the vulnerabilities in both the signature and encryption methods used in Zheng's signcryption are circumvented. DHP is used for session symmetric key establishment and it is combined with the signature in such a way that the vulnerabilities of DHP can be avoided. The security and performance analysis of our signcryption technique are provided and found that our scheme is secure and designed using minimum possible operations with comparable computation cost of Zheng's scheme.
With the rapid development of Internet of Things technology and sensor networks, large amount of data is facing security challenges in the transmission process. In the process of data transmission, the standardization and authentication of data sources are very important. A digital signature scheme based on bilinear pairing problem is designed. In this scheme, by signing the authorization mechanism, the management node can control the signature process and distribute data. The use of private key segmentation mechanism can reduce the performance requirements of sensor nodes. The reasonable combination of timestamp mechanism can ensure the time limit of signature and be verified after the data is sent. It is hoped that the implementation of this scheme can improve the security of data transmission on the Internet of things environment.
In this paper, we extend the existing classification of signature models by Cao. To do so, we present a new signature classification framework and migrate the original classification to build an easily extendable faceted signature classification. We propose 20 new properties, 7 property families, and 1 signature classification type. With our classification, theoretically, up to 11 541 420 signature classes can be built, which should cover almost all existing signature schemes.
Although many digital signature algorithms are available nowadays, the speed of signing and/or verifying a digital signature is crucial for different applications. Some algorithms are fast for signing but slow for verification, but others are the inverse. Research efforts for an algorithm being fast in both signing and verification is essential. The traditional GOST algorithm has the shortest signing time but longest verification time compared with other DSA algorithms. Hence an improvement in its signature verification time is sought in this work. A modified GOST digital signature algorithm variant is developed improve the signature verification speed by reducing the computation complexity as well as benefiting from its efficient signing speed. The obtained signature verification execution speed for this variant was 1.5 time faster than that for the original algorithm. Obviously, all parameters' values used, such as public and private key, random numbers, etc. for both signing and verification processes were the same. Hence, this algorithm variant will prove suitable for applications that require short time for both, signing and verification processes. Keywords— Discrete Algorithms, Authentication, Digital Signature Algorithms DSA, GOST, Data Integrity
In cyberspace, a digital signature is a mathematical technique that plays a significant role, especially in validating the authenticity of digital messages, emails, or documents. Furthermore, the digital signature mechanism allows the recipient to trust the authenticity of the received message that is coming from the said sender and that the message was not altered in transit. Moreover, a digital signature provides a solution to the problems of tampering and impersonation in digital communications. In a real-life example, it is equivalent to a handwritten signature or stamp seal, but it offers more security. This paper proposes a scheme to enable users to digitally sign their communications by validating their identity through users’ mobile devices. This is done by utilizing the user’s ambient Wi-Fi-enabled devices. Moreover, the proposed scheme depends on something that a user possesses (i.e., Wi-Fi-enabled devices), and something that is in the user’s environment (i.e., ambient Wi-Fi access points) where the validation process is implemented, in a way that requires no effort from users and removes the "weak link" from the validation process. The proposed scheme was experimentally examined.
With the emergence of quantum computers, traditional digital signature schemes based on problems such as large integer solutions and discrete logarithms will no longer be secure, and it is urgent to find effective digital signature schemes that can resist quantum attacks. Lattice cryptography has the advantages of computational simplicity and high security. In this paper, we propose an identity-based digital signature scheme based on the rejection sampling algorithm. Unlike most schemes that use a common Gaussian distribution, this paper uses a bimodal Gaussian distribution, which improves efficiency. The identity-based signature scheme is more convenient for practical application than the traditional certificate-based signature scheme.
An oblivious signature is a digital signature with some property. The oblivious signature scheme has two parties, the signer and the receiver. First, the receiver can choose one and get one of n valid signatures without knowing the signer’s private key. Second, the signer does not know which signature is chosen by the receiver. In this paper, we propose the oblivious signature which is combined with blind signature and zero-knowledge set membership. The property of blind signature makes sure that the signer does not know the message of the signature by the receiver chosen, on the other hand, the property of the zero-knowledge set membership makes sure that the message of the signature by the receiver chosen is one of the set original messages.
This article is focused on industrial networks and their security. An industrial network typically works with older devices that do not provide security at the level of today's requirements. Even protocols often do not support security at a sufficient level. It is necessary to deal with these security issues due to digitization. It is therefore required to provide other techniques that will help with security. For this reason, it is possible to deploy additional elements that will provide additional security and ensure the monitoring of the network, such as the Intrusion Detection System. These systems recognize identified signatures and anomalies. Methods of detecting security incidents by detecting anomalies in network traffic are described. The proposed methods are focused on detecting DoS attacks in the industrial Modbus protocol and operations performed outside the standard interval in the Distributed Network Protocol 3. The functionality of the performed methods is tested in the IDS system Zeek.
Technology advancement also increases the risk of a computer's security. As we can have various mechanisms to ensure safety but still there have flaws. The main concerned area is user authentication. For authentication, various biometric applications are used but once authentication is done in the begging there was no guarantee that the computer system is used by the authentic user or not. The intrusion detection system (IDS) is a particular procedure that is used to identify intruders by analyzing user behavior in the system after the user logged in. Host-based IDS monitors user behavior in the computer and identify user suspicious behavior as an intrusion or normal behavior. This paper discusses how an expert system detects intrusions using a set of rules as a pattern recognized engine. We propose a PIDE (Pattern Based Intrusion Detection) model, which is verified previously implemented SBID (Statistical Based Intrusion Detection) model. Experiment results indicate that integration of SBID and PBID approach provides an extensive system to detect intrusion.
Preserving medical data is of utmost importance to stake holders. There are not many laws in India about preservation, usability of patient records. When data is transmitted across the globe there are chances of data getting tampered intentionally or accidentally. Tampered data loses its authenticity for diagnostic purpose, research and various other reasons. This paper proposes an authenticity based ECDSA algorithm by signature verification to identify the tampering of medical image files and alerts by the rules of authenticity. The algorithm can be used by researchers, doctors or any other educated person in order to maintain the authenticity of the record. Presently it is applied on medical related image files like DICOM. However, it can support any other medical related image files and still preserve the authenticity.
Zero-day Web attacks are arguably the most serious threats to Web security, but are very challenging to detect because they are not seen or known previously and thus cannot be detected by widely-deployed signature-based Web Application Firewalls (WAFs). This paper proposes ZeroWall, an unsupervised approach, which works with an existing WAF in pipeline, to effectively detecting zero-day Web attacks. Using historical Web requests allowed by an existing signature-based WAF, a vast majority of which are assumed to be benign, ZeroWall trains a self-translation machine using an encoder-decoder recurrent neural network to capture the syntax and semantic patterns of benign requests. In real-time detection, a zero-day attack request (which the WAF fails to detect), not understood well by self-translation machine, cannot be translated back to its original request by the machine, thus is declared as an attack. In our evaluation using 8 real-world traces of 1.4 billion Web requests, ZeroWall successfully detects real zero-day attacks missed by existing WAFs and achieves high F1-scores over 0.98, which significantly outperforms all baseline approaches.
The exchange of data has expanded utilizing the web nowadays, but it is not dependable because, during communication on the cloud, any malicious client can alter or steal the information or misuse it. To provide security to the data during transmission is becoming hot research and quite challenging topic. In this work, our proposed algorithm enhances the security of the keys by increasing its complexity, so that it can't be guessed, breached or stolen by the third party and hence by this, the data will be concealed while sending between the users. The proposed algorithm also provides more security and authentication to the users during cloud communication, as compared to the previously existing algorithm.
The use of public key cryptosystems ranges from securely encrypting bitcoin transactions and creating digital signatures for non-repudiation. The cryptographic systems security of public key depends on the complexity in solving mathematical problems. Quantum computers pose a threat to the current day algorithms used. This research presents analysis of two Hash-based Signature Schemes (MSS and W-OTS) and provides a comparative analysis of them. The comparisons are based on their efficiency as regards to their key generation, signature generation and verification time. These algorithms are compared with two classical algorithms (RSA and ECDSA) used in bitcoin transaction security. The results as shown in table II indicates that RSA key generation takes 0.2012s, signature generation takes 0.0778s and signature verification is 0.0040s. ECDSA key generation is 0.1378s, signature generation takes 0.0187s, and verification time for the signature is 0.0164s. The W-OTS key generation is 0.002s. To generate a signature in W-OTS, it takes 0.001s and verification time for the signature is 0.0002s. Lastly MSS Key generation, signature generation and verification has high values which are 16.290s, 17.474s, and 13.494s respectively. Based on the results, W-OTS is recommended for bitcoin transaction security because of its efficiency and ability to resist quantum computer attacks on the bitcoin network.