Provably secure and high-rate quantum key distribution with time-bin qudits

PubMed Central

Islam, Nurul T.; Lim, Charles Ci Wen; Cahall, Clinton; Kim, Jungsang; Gauthier, Daniel J.

2017-01-01

The security of conventional cryptography systems is threatened in the forthcoming era of quantum computers. Quantum key distribution (QKD) features fundamentally proven security and offers a promising option for quantum-proof cryptography solution. Although prototype QKD systems over optical fiber have been demonstrated over the years, the key generation rates remain several orders of magnitude lower than current classical communication systems. In an effort toward a commercially viable QKD system with improved key generation rates, we developed a discrete-variable QKD system based on time-bin quantum photonic states that can generate provably secure cryptographic keys at megabit-per-second rates over metropolitan distances. We use high-dimensional quantum states that transmit more than one secret bit per received photon, alleviating detector saturation effects in the superconducting nanowire single-photon detectors used in our system that feature very high detection efficiency (of more than 70%) and low timing jitter (of less than 40 ps). Our system is constructed using commercial off-the-shelf components, and the adopted protocol can be readily extended to free-space quantum channels. The security analysis adopted to distill the keys ensures that the demonstrated protocol is robust against coherent attacks, finite-size effects, and a broad class of experimental imperfections identified in our system. PMID:29202028

Provably secure and high-rate quantum key distribution with time-bin qudits.

PubMed

Islam, Nurul T; Lim, Charles Ci Wen; Cahall, Clinton; Kim, Jungsang; Gauthier, Daniel J

2017-11-01

The security of conventional cryptography systems is threatened in the forthcoming era of quantum computers. Quantum key distribution (QKD) features fundamentally proven security and offers a promising option for quantum-proof cryptography solution. Although prototype QKD systems over optical fiber have been demonstrated over the years, the key generation rates remain several orders of magnitude lower than current classical communication systems. In an effort toward a commercially viable QKD system with improved key generation rates, we developed a discrete-variable QKD system based on time-bin quantum photonic states that can generate provably secure cryptographic keys at megabit-per-second rates over metropolitan distances. We use high-dimensional quantum states that transmit more than one secret bit per received photon, alleviating detector saturation effects in the superconducting nanowire single-photon detectors used in our system that feature very high detection efficiency (of more than 70%) and low timing jitter (of less than 40 ps). Our system is constructed using commercial off-the-shelf components, and the adopted protocol can be readily extended to free-space quantum channels. The security analysis adopted to distill the keys ensures that the demonstrated protocol is robust against coherent attacks, finite-size effects, and a broad class of experimental imperfections identified in our system.

Provably secure and high-rate quantum key distribution with time-bin qudits

DOE Office of Scientific and Technical Information (OSTI.GOV)

Islam, Nurul T.; Lim, Charles Ci Wen; Cahall, Clinton

The security of conventional cryptography systems is threatened in the forthcoming era of quantum computers. Quantum key distribution (QKD) features fundamentally proven security and offers a promising option for quantum-proof cryptography solution. Although prototype QKD systems over optical fiber have been demonstrated over the years, the key generation rates remain several orders of magnitude lower than current classical communication systems. In an effort toward a commercially viable QKD system with improved key generation rates, we developed a discrete-variable QKD system based on time-bin quantum photonic states that can generate provably secure cryptographic keys at megabit-per-second rates over metropolitan distances. Wemore » use high-dimensional quantum states that transmit more than one secret bit per received photon, alleviating detector saturation effects in the superconducting nanowire single-photon detectors used in our system that feature very high detection efficiency (of more than 70%) and low timing jitter (of less than 40 ps). Our system is constructed using commercial off-the-shelf components, and the adopted protocol can be readily extended to free-space quantum channels. In conclusion, the security analysis adopted to distill the keys ensures that the demonstrated protocol is robust against coherent attacks, finite-size effects, and a broad class of experimental imperfections identified in our system.« less

Secure Communication via Key Generation with Quantum Measurement Advantage in the Telecom Band

DTIC Science & Technology

2013-10-30

II: Summary of Project In this basic research program we proposed to investigate the use of keyed communication in quantum noise as a key generation...implement quantum limited detection in our running-code OCDMA experiment to demonstrate (a) quantum measurement advantage creation between two users, (b...neither is adequate against known-plaintext attacks. This is a serious security problem facing the whole field of quantum cryptography in regard to both

Securing health sensing using integrated circuit metric.

PubMed

Tahir, Ruhma; Tahir, Hasan; McDonald-Maier, Klaus

2015-10-20

Convergence of technologies from several domains of computing and healthcare have aided in the creation of devices that can help health professionals in monitoring their patients remotely. An increase in networked healthcare devices has resulted in incidents related to data theft, medical identity theft and insurance fraud. In this paper, we discuss the design and implementation of a secure lightweight wearable health sensing system. The proposed system is based on an emerging security technology called Integrated Circuit Metric (ICMetric) that extracts the inherent features of a device to generate a unique device identification. In this paper, we provide details of how the physical characteristics of a health sensor can be used for the generation of hardware "fingerprints". The obtained fingerprints are used to deliver security services like authentication, confidentiality, secure admission and symmetric key generation. The generated symmetric key is used to securely communicate the health records and data of the patient. Based on experimental results and the security analysis of the proposed scheme, it is apparent that the proposed system enables high levels of security for health monitoring in resource optimized manner.

Securing Health Sensing Using Integrated Circuit Metric

PubMed Central

Tahir, Ruhma; Tahir, Hasan; McDonald-Maier, Klaus

2015-01-01

Convergence of technologies from several domains of computing and healthcare have aided in the creation of devices that can help health professionals in monitoring their patients remotely. An increase in networked healthcare devices has resulted in incidents related to data theft, medical identity theft and insurance fraud. In this paper, we discuss the design and implementation of a secure lightweight wearable health sensing system. The proposed system is based on an emerging security technology called Integrated Circuit Metric (ICMetric) that extracts the inherent features of a device to generate a unique device identification. In this paper, we provide details of how the physical characteristics of a health sensor can be used for the generation of hardware “fingerprints”. The obtained fingerprints are used to deliver security services like authentication, confidentiality, secure admission and symmetric key generation. The generated symmetric key is used to securely communicate the health records and data of the patient. Based on experimental results and the security analysis of the proposed scheme, it is apparent that the proposed system enables high levels of security for health monitoring in resource optimized manner. PMID:26492250

Intrusion detection using secure signatures

DOE Office of Scientific and Technical Information (OSTI.GOV)

Nelson, Trent Darnel; Haile, Jedediah

A method and device for intrusion detection using secure signatures comprising capturing network data. A search hash value, value employing at least one one-way function, is generated from the captured network data using a first hash function. The presence of a search hash value match in a secure signature table comprising search hash values and an encrypted rule is determined. After determining a search hash value match, a decryption key is generated from the captured network data using a second hash function, a hash function different form the first hash function. One or more of the encrypted rules of themore » secure signatures table having a hash value equal to the generated search hash value are then decrypted using the generated decryption key. The one or more decrypted secure signature rules are then processed for a match and one or more user notifications are deployed if a match is identified.« less

Enhancing Heart-Beat-Based Security for mHealth Applications.

PubMed

Seepers, Robert M; Strydis, Christos; Sourdis, Ioannis; De Zeeuw, Chris I

2017-01-01

In heart-beat-based security, a security key is derived from the time difference between consecutive heart beats (the inter-pulse interval, IPI), which may, subsequently, be used to enable secure communication. While heart-beat-based security holds promise in mobile health (mHealth) applications, there currently exists no work that provides a detailed characterization of the delivered security in a real system. In this paper, we evaluate the strength of IPI-based security keys in the context of entity authentication. We investigate several aspects that should be considered in practice, including subjects with reduced heart-rate variability (HRV), different sensor-sampling frequencies, intersensor variability (i.e., how accurate each entity may measure heart beats) as well as average and worst-case-authentication time. Contrary to the current state of the art, our evaluation demonstrates that authentication using multiple, less-entropic keys may actually increase the key strength by reducing the effects of intersensor variability. Moreover, we find that the maximal key strength of a 60-bit key varies between 29.2 bits and only 5.7 bits, depending on the subject's HRV. To improve security, we introduce the inter-multi-pulse interval (ImPI), a novel method of extracting entropy from the heart by considering the time difference between nonconsecutive heart beats. Given the same authentication time, using the ImPI for key generation increases key strength by up to 3.4 × (+19.2 bits) for subjects with limited HRV, at the cost of an extended key-generation time of 4.8 × (+45 s).

Development of protected endorsement for online banking using mobile phones

NASA Astrophysics Data System (ADS)

Narayana, Galla; Venkateswarlu, Tammineni; Kumar, G. S. P.; Padmavathamma, Mokkala; Sreekanth, G.; Delhibabu, K.; Prasad, A. R.

2013-03-01

Securing Online Banking transactions for customer is the primary goal of financial institutions that provides Internet banking facility. Mobile phones play an important role in our society as more and more functions having been integrated within mobile phones, such as Internet browsing, mobile banking, and shopping. Mobiles phones can be used to secure ATM card pins by sending to the customer directly rather than in emails or by other means which has a possibility of hacking. In this paper we have proposed method of generating a Private Key Security Token by bank authentication servers which uses IMSI registers and IMEI number of client's mobile registered. The key is generated by implementing RIPE MD160 and Hex Encode Algorithm. Token received is valid only for that client mobile only and can be generated upon request by customer dynamically. The client is given a PIN and a Master Key when registered to the Online Banking Services. If in case a client's mobile is lost, authentication is done using Unique Master Key, else the Private Key Token is used there by making transactions secured and simple without the need of carrying any USB Tokens. The additional functionality provides the client more security on their transactions. Due to this Phishing attacks by the hackers is avoided.

Security of six-state quantum key distribution protocol with threshold detectors

PubMed Central

Kato, Go; Tamaki, Kiyoshi

2016-01-01

The security of quantum key distribution (QKD) is established by a security proof, and the security proof puts some assumptions on the devices consisting of a QKD system. Among such assumptions, security proofs of the six-state protocol assume the use of photon number resolving (PNR) detector, and as a result the bit error rate threshold for secure key generation for the six-state protocol is higher than that for the BB84 protocol. Unfortunately, however, this type of detector is demanding in terms of technological level compared to the standard threshold detector, and removing the necessity of such a detector enhances the feasibility of the implementation of the six-state protocol. Here, we develop the security proof for the six-state protocol and show that we can use the threshold detector for the six-state protocol. Importantly, the bit error rate threshold for the key generation for the six-state protocol (12.611%) remains almost the same as the one (12.619%) that is derived from the existing security proofs assuming the use of PNR detectors. This clearly demonstrates feasibility of the six-state protocol with practical devices. PMID:27443610

FREE-SPACE QUANTUM CRYPTOGRAPHY IN DAYLIGHT

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hughes, R.J.; Buttler, W.T.

2000-01-01

Quantum cryptography is an emerging technology in which two parties may simultaneously generate shared, secret cryptographic key material using the transmission of quantum states of light. The security of these transmissions is based on the inviolability of the laws of quantum mechanics and information-theoretically secure post-processing methods. An adversary can neither successfully tap the quantum transmissions, nor evade detection, owing to Heisenberg's uncertainty principle. In this paper we describe the theory of quantum cryptography, and the most recent results from our experimental free-space system with which we have demonstrated for the first time the feasibility of quantum key generation overmore » a point-to-point outdoor atmospheric path in daylight. We achieved a transmission distance of 0.5 km, which was limited only by the length of the test range. Our results provide strong evidence that cryptographic key material could be generated on demand between a ground station and a satellite (or between two satellites), allowing a satellite to be securely re-keyed on orbit. We present a feasibility analysis of surface-to-satellite quantum key generation.« less

Security of Y-00 and Similar Quantum Cryptographic Protocols

DTIC Science & Technology

2004-11-16

security of Y-00 type protocols is clarified. Key words: Quantum cryptography PACS: 03.67.Dd Anew approach to quantum cryptog- raphy called KCQ, ( keyed ...classical- noise key generation [2] or the well known BB84 quantum protocol [3]. A special case called αη (or Y-00 in Japan) has been experimentally in... quantum noise for typical op- erating parameters. It weakens both the data and key security , possibly information-theoretically and cer- tainly

Key on demand (KoD) for software-defined optical networks secured by quantum key distribution (QKD).

PubMed

Cao, Yuan; Zhao, Yongli; Colman-Meixner, Carlos; Yu, Xiaosong; Zhang, Jie

2017-10-30

Software-defined optical networking (SDON) will become the next generation optical network architecture. However, the optical layer and control layer of SDON are vulnerable to cyberattacks. While, data encryption is an effective method to minimize the negative effects of cyberattacks, secure key interchange is its major challenge which can be addressed by the quantum key distribution (QKD) technique. Hence, in this paper we discuss the integration of QKD with WDM optical networks to secure the SDON architecture by introducing a novel key on demand (KoD) scheme which is enabled by a novel routing, wavelength and key assignment (RWKA) algorithm. The QKD over SDON with KoD model follows two steps to provide security: i) quantum key pools (QKPs) construction for securing the control channels (CChs) and data channels (DChs); ii) the KoD scheme uses RWKA algorithm to allocate and update secret keys for different security requirements. To test our model, we define a security probability index which measures the security gain in CChs and DChs. Simulation results indicate that the security performance of CChs and DChs can be enhanced by provisioning sufficient secret keys in QKPs and performing key-updating considering potential cyberattacks. Also, KoD is beneficial to achieve a positive balance between security requirements and key resource usage.

Quantum Cryptography for Secure Communications to Low-Earth Orbit Satellites

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hughes, R.J.; Buttler, W.T.; Kwiat, P.G.

1999-06-03

This is the final report of a three-year, Laboratory Directed Research and Development (LDRD) project at Los Alamos National Laboratory (LANL). Quantum cryptography is an emerging technology in which two parties may simultaneously generate shared, secret cryptographic key material using the transmission of quantum states of light. The security of these transmissions is based on the inviolability of the laws of quantum mechanics. An adversary can neither successfully tap the quantum transmissions, nor evade detection. Key material is built up using the transmission of a single-photon per bit. We have developed an experimental quantum cryptography system based on the transmissionmore » of non-orthogonal single-photon polarization states to generate shared key material over line-of-sight optical links. Our results provide strong evidence that cryptographic key material could be generated on demand between a ground station and a satellite (or between two satellites), allowing a satellite to be securely re-keyed on in orbit.« less

Quantum key distribution with an unknown and untrusted source

NASA Astrophysics Data System (ADS)

Zhao, Yi; Qi, Bing; Lo, Hoi-Kwong

2008-05-01

The security of a standard bidirectional “plug-and-play” quantum key distribution (QKD) system has been an open question for a long time. This is mainly because its source is equivalently controlled by an eavesdropper, which means the source is unknown and untrusted. Qualitative discussion on this subject has been made previously. In this paper, we solve this question directly by presenting the quantitative security analysis on a general class of QKD protocols whose sources are unknown and untrusted. The securities of standard Bennett-Brassard 1984 protocol, weak+vacuum decoy state protocol, and one-decoy state protocol, with unknown and untrusted sources are rigorously proved. We derive rigorous lower bounds to the secure key generation rates of the above three protocols. Our numerical simulation results show that QKD with an untrusted source gives a key generation rate that is close to that with a trusted source.

Unconditional security of time-energy entanglement quantum key distribution using dual-basis interferometry.

PubMed

Zhang, Zheshen; Mower, Jacob; Englund, Dirk; Wong, Franco N C; Shapiro, Jeffrey H

2014-03-28

High-dimensional quantum key distribution (HDQKD) offers the possibility of high secure-key rate with high photon-information efficiency. We consider HDQKD based on the time-energy entanglement produced by spontaneous parametric down-conversion and show that it is secure against collective attacks. Its security rests upon visibility data-obtained from Franson and conjugate-Franson interferometers-that probe photon-pair frequency correlations and arrival-time correlations. From these measurements, an upper bound can be established on the eavesdropper's Holevo information by translating the Gaussian-state security analysis for continuous-variable quantum key distribution so that it applies to our protocol. We show that visibility data from just the Franson interferometer provides a weaker, but nonetheless useful, secure-key rate lower bound. To handle multiple-pair emissions, we incorporate the decoy-state approach into our protocol. Our results show that over a 200-km transmission distance in optical fiber, time-energy entanglement HDQKD could permit a 700-bit/sec secure-key rate and a photon information efficiency of 2 secure-key bits per photon coincidence in the key-generation phase using receivers with a 15% system efficiency.

Experimental extraction of secure correlations from a noisy private state.

PubMed

Dobek, K; Karpiński, M; Demkowicz-Dobrzański, R; Banaszek, K; Horodecki, P

2011-01-21

We report experimental generation of a noisy entangled four-photon state that exhibits a separation between the secure key contents and distillable entanglement, a hallmark feature of the recently established quantum theory of private states. The privacy analysis, based on the full tomographic reconstruction of the prepared state, is utilized in a proof-of-principle key generation. The inferiority of distillation-based strategies to extract the key is exposed by an implementation of an entanglement distillation protocol for the produced state.

A biometric method to secure telemedicine systems.

PubMed

Zhang, G H; Poon, Carmen C Y; Li, Ye; Zhang, Y T

2009-01-01

Security and privacy are among the most crucial issues for data transmission in telemedicine systems. This paper proposes a solution for securing wireless data transmission in telemedicine systems, i.e. within a body sensor network (BSN), between the BSN and server as well as between the server and professionals who have assess to the server. A unique feature of this solution is the generation of random keys by physiological data (i.e. a biometric approach) for securing communication at all 3 levels. In the performance analysis, inter-pulse interval of photoplethysmogram is used as an example to generate these biometric keys to protect wireless data transmission. The results of statistical analysis and computational complexity suggest that this type of key is random enough to make telemedicine systems resistant to attacks.

Secure SCADA communication by using a modified key management scheme.

PubMed

Rezai, Abdalhossein; Keshavarzi, Parviz; Moravej, Zahra

2013-07-01

This paper presents and evaluates a new cryptographic key management scheme which increases the efficiency and security of the Supervisory Control And Data Acquisition (SCADA) communication. In the proposed key management scheme, two key update phases are used: session key update and master key update. In the session key update phase, session keys are generated in the master station. In the master key update phase, the Elliptic Curve Diffie-Hellman (ECDH) protocol is used. The Poisson process is also used to model the Security Index (SI) and Quality of Service (QoS). Our analysis shows that the proposed key management not only supports the required speed in the MODBUS implementation but also has several advantages compared to other key management schemes for secure communication in SCADA networks. Copyright © 2013 ISA. Published by Elsevier Ltd. All rights reserved.

Partially Key Distribution with Public Key Cryptosystem Based on Error Control Codes

NASA Astrophysics Data System (ADS)

Tavallaei, Saeed Ebadi; Falahati, Abolfazl

Due to the low level of security in public key cryptosystems based on number theory, fundamental difficulties such as "key escrow" in Public Key Infrastructure (PKI) and a secure channel in ID-based cryptography, a new key distribution cryptosystem based on Error Control Codes (ECC) is proposed . This idea is done by some modification on McEliece cryptosystem. The security of ECC cryptosystem obtains from the NP-Completeness of block codes decoding. The capability of generating public keys with variable lengths which is suitable for different applications will be provided by using ECC. It seems that usage of these cryptosystems because of decreasing in the security of cryptosystems based on number theory and increasing the lengths of their keys would be unavoidable in future.

Random ambience using high fidelity images

NASA Astrophysics Data System (ADS)

Abu, Nur Azman; Sahib, Shahrin

2011-06-01

Most of the secure communication nowadays mandates true random keys as an input. These operations are mostly designed and taken care of by the developers of the cryptosystem. Due to the nature of confidential crypto development today, pseudorandom keys are typically designed and still preferred by the developers of the cryptosystem. However, these pseudorandom keys are predictable, periodic and repeatable, hence they carry minimal entropy. True random keys are believed to be generated only via hardware random number generators. Careful statistical analysis is still required to have any confidence the process and apparatus generates numbers that are sufficiently random to suit the cryptographic use. In this underlying research, each moment in life is considered unique in itself. The random key is unique for the given moment generated by the user whenever he or she needs the random keys in practical secure communication. An ambience of high fidelity digital image shall be tested for its randomness according to the NIST Statistical Test Suite. Recommendation on generating a simple 4 megabits per second random cryptographic keys live shall be reported.

Security of Distributed-Phase-Reference Quantum Key Distribution

NASA Astrophysics Data System (ADS)

Moroder, Tobias; Curty, Marcos; Lim, Charles Ci Wen; Thinh, Le Phuc; Zbinden, Hugo; Gisin, Nicolas

2012-12-01

Distributed-phase-reference quantum key distribution stands out for its easy implementation with present day technology. For many years, a full security proof of these schemes in a realistic setting has been elusive. We solve this long-standing problem and present a generic method to prove the security of such protocols against general attacks. To illustrate our result, we provide lower bounds on the key generation rate of a variant of the coherent-one-way quantum key distribution protocol. In contrast to standard predictions, it appears to scale quadratically with the system transmittance.

Secure communications using quantum cryptography

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hughes, R.J.; Buttler, W.T.; Kwiat, P.G.

1997-08-01

The secure distribution of the secret random bit sequences known as {open_quotes}key{close_quotes} material, is an essential precursor to their use for the encryption and decryption of confidential communications. Quantum cryptography is an emerging technology for secure key distribution with single-photon transmissions, nor evade detection (eavesdropping raises the key error rate above a threshold value). We have developed experimental quantum cryptography systems based on the transmission of non-orthogonal single-photon states to generate shared key material over multi-kilometer optical fiber paths and over line-of-sight links. In both cases, key material is built up using the transmission of a single-photon per bit ofmore » an initial secret random sequence. A quantum-mechanically random subset of this sequence is identified, becoming the key material after a data reconciliation stage with the sender. In our optical fiber experiment we have performed quantum key distribution over 24-km of underground optical fiber using single-photon interference states, demonstrating that secure, real-time key generation over {open_quotes}open{close_quotes} multi-km node-to-node optical fiber communications links is possible. We have also constructed a quantum key distribution system for free-space, line-of-sight transmission using single-photon polarization states, which is currently undergoing laboratory testing. 7 figs.« less

High-capacity quantum key distribution via hyperentangled degrees of freedom

NASA Astrophysics Data System (ADS)

Simon, David S.; Sergienko, Alexander V.

2014-06-01

Quantum key distribution (QKD) has long been a promising area for the application of quantum effects in solving real-world problems. However, two major obstacles have stood in the way of its widespread application: low secure key generation rates and short achievable operating distances. In this paper, a new physical mechanism for dealing with the first of these problems is proposed: the interplay between different degrees of freedom in a hyperentangled system (parametric down-conversion) is used to increase the Hilbert space dimension available for key generation while maintaining security. Polarization-based Bell tests provide security checking, while orbital angular momentum (OAM) and total angular momentum (TAM) provide a higher key generation rate. Whether to measure TAM or OAM is decided randomly in each trial. The concurrent noncommutativity of TAM with OAM and polarization provides the physical basis for quantum security. TAM measurements link polarization to OAM, so that if the legitimate participants measure OAM while the eavesdropper measures TAM (or vice-versa), then polarization entanglement is lost, revealing the eavesdropper. In contrast to other OAM-based QKD methods, complex active switching between OAM bases is not required; instead, passive switching by beam splitters combined with much simpler active switching between polarization bases makes implementation at high OAM more practical.

Quantum key distribution with an unknown and untrusted source

NASA Astrophysics Data System (ADS)

Zhao, Yi; Qi, Bing; Lo, Hoi-Kwong

2009-03-01

The security of a standard bi-directional ``plug & play'' quantum key distribution (QKD) system has been an open question for a long time. This is mainly because its source is equivalently controlled by an eavesdropper, which means the source is unknown and untrusted. Qualitative discussion on this subject has been made previously. In this paper, we present the first quantitative security analysis on a general class of QKD protocols whose sources are unknown and untrusted. The securities of standard BB84 protocol, weak+vacuum decoy state protocol, and one-decoy decoy state protocol, with unknown and untrusted sources are rigorously proved. We derive rigorous lower bounds to the secure key generation rates of the above three protocols. Our numerical simulation results show that QKD with an untrusted source gives a key generation rate that is close to that with a trusted source. Our work is published in [1]. [4pt] [1] Y. Zhao, B. Qi, and H.-K. Lo, Phys. Rev. A, 77:052327 (2008).

Fast and simple high-capacity quantum cryptography with error detection

PubMed Central

Lai, Hong; Luo, Ming-Xing; Pieprzyk, Josef; Zhang, Jun; Pan, Lei; Li, Shudong; Orgun, Mehmet A.

2017-01-01

Quantum cryptography is commonly used to generate fresh secure keys with quantum signal transmission for instant use between two parties. However, research shows that the relatively low key generation rate hinders its practical use where a symmetric cryptography component consumes the shared key. That is, the security of the symmetric cryptography demands frequent rate of key updates, which leads to a higher consumption of the internal one-time-pad communication bandwidth, since it requires the length of the key to be as long as that of the secret. In order to alleviate these issues, we develop a matrix algorithm for fast and simple high-capacity quantum cryptography. Our scheme can achieve secure private communication with fresh keys generated from Fibonacci- and Lucas- valued orbital angular momentum (OAM) states for the seed to construct recursive Fibonacci and Lucas matrices. Moreover, the proposed matrix algorithm for quantum cryptography can ultimately be simplified to matrix multiplication, which is implemented and optimized in modern computers. Most importantly, considerably information capacity can be improved effectively and efficiently by the recursive property of Fibonacci and Lucas matrices, thereby avoiding the restriction of physical conditions, such as the communication bandwidth. PMID:28406240

Fast and simple high-capacity quantum cryptography with error detection.

PubMed

Lai, Hong; Luo, Ming-Xing; Pieprzyk, Josef; Zhang, Jun; Pan, Lei; Li, Shudong; Orgun, Mehmet A

2017-04-13

Quantum cryptography is commonly used to generate fresh secure keys with quantum signal transmission for instant use between two parties. However, research shows that the relatively low key generation rate hinders its practical use where a symmetric cryptography component consumes the shared key. That is, the security of the symmetric cryptography demands frequent rate of key updates, which leads to a higher consumption of the internal one-time-pad communication bandwidth, since it requires the length of the key to be as long as that of the secret. In order to alleviate these issues, we develop a matrix algorithm for fast and simple high-capacity quantum cryptography. Our scheme can achieve secure private communication with fresh keys generated from Fibonacci- and Lucas- valued orbital angular momentum (OAM) states for the seed to construct recursive Fibonacci and Lucas matrices. Moreover, the proposed matrix algorithm for quantum cryptography can ultimately be simplified to matrix multiplication, which is implemented and optimized in modern computers. Most importantly, considerably information capacity can be improved effectively and efficiently by the recursive property of Fibonacci and Lucas matrices, thereby avoiding the restriction of physical conditions, such as the communication bandwidth.

Fast and simple high-capacity quantum cryptography with error detection

NASA Astrophysics Data System (ADS)

Lai, Hong; Luo, Ming-Xing; Pieprzyk, Josef; Zhang, Jun; Pan, Lei; Li, Shudong; Orgun, Mehmet A.

2017-04-01

Quantum cryptography is commonly used to generate fresh secure keys with quantum signal transmission for instant use between two parties. However, research shows that the relatively low key generation rate hinders its practical use where a symmetric cryptography component consumes the shared key. That is, the security of the symmetric cryptography demands frequent rate of key updates, which leads to a higher consumption of the internal one-time-pad communication bandwidth, since it requires the length of the key to be as long as that of the secret. In order to alleviate these issues, we develop a matrix algorithm for fast and simple high-capacity quantum cryptography. Our scheme can achieve secure private communication with fresh keys generated from Fibonacci- and Lucas- valued orbital angular momentum (OAM) states for the seed to construct recursive Fibonacci and Lucas matrices. Moreover, the proposed matrix algorithm for quantum cryptography can ultimately be simplified to matrix multiplication, which is implemented and optimized in modern computers. Most importantly, considerably information capacity can be improved effectively and efficiently by the recursive property of Fibonacci and Lucas matrices, thereby avoiding the restriction of physical conditions, such as the communication bandwidth.

Tomographic quantum cryptography: equivalence of quantum and classical key distillation.

PubMed

Bruss, Dagmar; Christandl, Matthias; Ekert, Artur; Englert, Berthold-Georg; Kaszlikowski, Dagomir; Macchiavello, Chiara

2003-08-29

The security of a cryptographic key that is generated by communication through a noisy quantum channel relies on the ability to distill a shorter secure key sequence from a longer insecure one. For an important class of protocols, which exploit tomographically complete measurements on entangled pairs of any dimension, we show that the noise threshold for classical advantage distillation is identical with the threshold for quantum entanglement distillation. As a consequence, the two distillation procedures are equivalent: neither offers a security advantage over the other.

Experimental realization of equiangular three-state quantum key distribution

PubMed Central

Schiavon, Matteo; Vallone, Giuseppe; Villoresi, Paolo

2016-01-01

Quantum key distribution using three states in equiangular configuration combines a security threshold comparable with the one of the Bennett-Brassard 1984 protocol and a quantum bit error rate (QBER) estimation that does not need to reveal part of the key. We implement an entanglement-based version of the Renes 2004 protocol, using only passive optic elements in a linear scheme for the positive-operator valued measure (POVM), generating an asymptotic secure key rate of more than 10 kbit/s, with a mean QBER of 1.6%. We then demonstrate its security in the case of finite key and evaluate the key rate for both collective and general attacks. PMID:27465643

A Study on the Secure User Profiling Structure and Procedure for Home Healthcare Systems.

PubMed

Ko, Hoon; Song, MoonBae

2016-01-01

Despite of various benefits such as a convenience and efficiency, home healthcare systems have some inherent security risks that may cause a serious leak on personal health information. This work presents a Secure User Profiling Structure which has the patient information including their health information. A patient and a hospital keep it at that same time, they share the updated data. While they share the data and communicate, the data can be leaked. To solve the security problems, a secure communication channel with a hash function and an One-Time Password between a client and a hospital should be established and to generate an input value to an OTP, it uses a dual hash-function. This work presents a dual hash function-based approach to generate the One-Time Password ensuring a secure communication channel with the secured key. In result, attackers are unable to decrypt the leaked information because of the secured key; in addition, the proposed method outperforms the existing methods in terms of computation cost.

Single-electron random-number generator (RNG) for highly secure ubiquitous computing applications

NASA Astrophysics Data System (ADS)

Uchida, Ken; Tanamoto, Tetsufumi; Fujita, Shinobu

2007-11-01

Since the security of all modern cryptographic techniques relies on unpredictable and irreproducible digital keys generated by random-number generators (RNGs), the realization of high-quality RNG is essential for secure communications. In this report, a new RNG, which utilizes single-electron phenomena, is proposed. A room-temperature operating silicon single-electron transistor (SET) having nearby an electron pocket is used as a high-quality, ultra-small RNG. In the proposed RNG, stochastic single-electron capture/emission processes to/from the electron pocket are detected with high sensitivity by the SET, and result in giant random telegraphic signals (GRTS) on the SET current. It is experimentally demonstrated that the single-electron RNG generates extremely high-quality random digital sequences at room temperature, in spite of its simple configuration. Because of its small-size and low-power properties, the single-electron RNG is promising as a key nanoelectronic device for future ubiquitous computing systems with highly secure mobile communication capabilities.

A Polynomial Subset-Based Efficient Multi-Party Key Management System for Lightweight Device Networks.

PubMed

Mahmood, Zahid; Ning, Huansheng; Ghafoor, AtaUllah

2017-03-24

Wireless Sensor Networks (WSNs) consist of lightweight devices to measure sensitive data that are highly vulnerable to security attacks due to their constrained resources. In a similar manner, the internet-based lightweight devices used in the Internet of Things (IoT) are facing severe security and privacy issues because of the direct accessibility of devices due to their connection to the internet. Complex and resource-intensive security schemes are infeasible and reduce the network lifetime. In this regard, we have explored the polynomial distribution-based key establishment schemes and identified an issue that the resultant polynomial value is either storage intensive or infeasible when large values are multiplied. It becomes more costly when these polynomials are regenerated dynamically after each node join or leave operation and whenever key is refreshed. To reduce the computation, we have proposed an Efficient Key Management (EKM) scheme for multiparty communication-based scenarios. The proposed session key management protocol is established by applying a symmetric polynomial for group members, and the group head acts as a responsible node. The polynomial generation method uses security credentials and secure hash function. Symmetric cryptographic parameters are efficient in computation, communication, and the storage required. The security justification of the proposed scheme has been completed by using Rubin logic, which guarantees that the protocol attains mutual validation and session key agreement property strongly among the participating entities. Simulation scenarios are performed using NS 2.35 to validate the results for storage, communication, latency, energy, and polynomial calculation costs during authentication, session key generation, node migration, secure joining, and leaving phases. EKM is efficient regarding storage, computation, and communication overhead and can protect WSN-based IoT infrastructure.

A Polynomial Subset-Based Efficient Multi-Party Key Management System for Lightweight Device Networks

PubMed Central

Mahmood, Zahid; Ning, Huansheng; Ghafoor, AtaUllah

2017-01-01

Wireless Sensor Networks (WSNs) consist of lightweight devices to measure sensitive data that are highly vulnerable to security attacks due to their constrained resources. In a similar manner, the internet-based lightweight devices used in the Internet of Things (IoT) are facing severe security and privacy issues because of the direct accessibility of devices due to their connection to the internet. Complex and resource-intensive security schemes are infeasible and reduce the network lifetime. In this regard, we have explored the polynomial distribution-based key establishment schemes and identified an issue that the resultant polynomial value is either storage intensive or infeasible when large values are multiplied. It becomes more costly when these polynomials are regenerated dynamically after each node join or leave operation and whenever key is refreshed. To reduce the computation, we have proposed an Efficient Key Management (EKM) scheme for multiparty communication-based scenarios. The proposed session key management protocol is established by applying a symmetric polynomial for group members, and the group head acts as a responsible node. The polynomial generation method uses security credentials and secure hash function. Symmetric cryptographic parameters are efficient in computation, communication, and the storage required. The security justification of the proposed scheme has been completed by using Rubin logic, which guarantees that the protocol attains mutual validation and session key agreement property strongly among the participating entities. Simulation scenarios are performed using NS 2.35 to validate the results for storage, communication, latency, energy, and polynomial calculation costs during authentication, session key generation, node migration, secure joining, and leaving phases. EKM is efficient regarding storage, computation, and communication overhead and can protect WSN-based IoT infrastructure. PMID:28338632

Extending key sharing: how to generate a key tightly coupled to a network security policy

NASA Astrophysics Data System (ADS)

Kazantzidis, Matheos

2006-04-01

Current state of the art security policy technologies, besides the small scale limitation and largely manual nature of accompanied management methods, are lacking a) in real-timeliness of policy implementation and b) vulnerabilities and inflexibility stemming from the centralized policy decision making; even if, for example, a policy description or access control database is distributed, the actual decision is often a centralized action and forms a system single point of failure. In this paper we are presenting a new fundamental concept that allows implement a security policy by a systematic and efficient key distribution procedure. Specifically, we extend the polynomial Shamir key splitting. According to this, a global key is split into n parts, any k of which can re-construct the original key. In this paper we present a method that instead of having "any k parts" be able to re-construct the original key, the latter can only be reconstructed if keys are combined as any access control policy describes. This leads into an easily deployable key generation procedure that results a single key per entity that "knows" its role in the specific access control policy from which it was derived. The system is considered efficient as it may be used to avoid expensive PKI operations or pairwise key distributions as well as provides superior security due to its distributed nature, the fact that the key is tightly coupled to the policy, and that policy change may be implemented easier and faster.

Practical issues in quantum-key-distribution postprocessing

NASA Astrophysics Data System (ADS)

Fung, Chi-Hang Fred; Ma, Xiongfeng; Chau, H. F.

2010-01-01

Quantum key distribution (QKD) is a secure key generation method between two distant parties by wisely exploiting properties of quantum mechanics. In QKD, experimental measurement outcomes on quantum states are transformed by the two parties to a secret key. This transformation is composed of many logical steps (as guided by security proofs), which together will ultimately determine the length of the final secret key and its security. We detail the procedure for performing such classical postprocessing taking into account practical concerns (including the finite-size effect and authentication and encryption for classical communications). This procedure is directly applicable to realistic QKD experiments and thus serves as a recipe that specifies what postprocessing operations are needed and what the security level is for certain lengths of the keys. Our result is applicable to the BB84 protocol with a single or entangled photon source.

Phase-Reference-Free Experiment of Measurement-Device-Independent Quantum Key Distribution

NASA Astrophysics Data System (ADS)

Wang, Chao; Song, Xiao-Tian; Yin, Zhen-Qiang; Wang, Shuang; Chen, Wei; Zhang, Chun-Mei; Guo, Guang-Can; Han, Zheng-Fu

2015-10-01

Measurement-device-independent quantum key distribution (MDI QKD) is a substantial step toward practical information-theoretic security for key sharing between remote legitimate users (Alice and Bob). As with other standard device-dependent quantum key distribution protocols, such as BB84, MDI QKD assumes that the reference frames have been shared between Alice and Bob. In practice, a nontrivial alignment procedure is often necessary, which requires system resources and may significantly reduce the secure key generation rate. Here, we propose a phase-coding reference-frame-independent MDI QKD scheme that requires no phase alignment between the interferometers of two distant legitimate parties. As a demonstration, a proof-of-principle experiment using Faraday-Michelson interferometers is presented. The experimental system worked at 1 MHz, and an average secure key rate of 8.309 bps was obtained at a fiber length of 20 km between Alice and Bob. The system can maintain a positive key generation rate without phase compensation under normal conditions. The results exhibit the feasibility of our system for use in mature MDI QKD devices and its value for network scenarios.

Secure detection in quantum key distribution by real-time calibration of receiver

NASA Astrophysics Data System (ADS)

Marøy, Øystein; Makarov, Vadim; Skaar, Johannes

2017-12-01

The single-photon detectionefficiency of the detector unit is crucial for the security of common quantum key distribution protocols like Bennett-Brassard 1984 (BB84). A low value for the efficiency indicates a possible eavesdropping attack that exploits the photon receiver’s imperfections. We present a method for estimating the detection efficiency, and calculate the corresponding secure key generation rate. The estimation is done by testing gated detectors using a randomly activated photon source inside the receiver unit. This estimate gives a secure rate for any detector with non-unity single-photon detection efficiency, both inherit or due to blinding. By adding extra optical components to the receiver, we make sure that the key is extracted from photon states for which our estimate is valid. The result is a quantum key distribution scheme that is secure against any attack that exploits detector imperfections.

Quantum key distribution with delayed privacy amplification and its application to the security proof of a two-way deterministic protocol

NASA Astrophysics Data System (ADS)

Fung, Chi-Hang Fred; Ma, Xiongfeng; Chau, H. F.; Cai, Qing-Yu

2012-03-01

Privacy amplification (PA) is an essential postprocessing step in quantum key distribution (QKD) for removing any information an eavesdropper may have on the final secret key. In this paper, we consider delaying PA of the final key after its use in one-time pad encryption and prove its security. We prove that the security and the key generation rate are not affected by delaying PA. Delaying PA has two applications: it serves as a tool for significantly simplifying the security proof of QKD with a two-way quantum channel, and also it is useful in QKD networks with trusted relays. To illustrate the power of the delayed PA idea, we use it to prove the security of a qubit-based two-way deterministic QKD protocol which uses four states and four encoding operations.

RSA Key Development Using Fingerprint Image on Text Message

NASA Astrophysics Data System (ADS)

Rahman, Sayuti; Triana, Indah; Khairani, Sumi; Yasir, Amru; Sundari, Siti

2017-12-01

Along with the development of technology today, humans are very facilitated in accessing information and Communicate with various media, including through the Internet network . Messages are sent by media such as text are not necessarily guaranteed security. it is often found someone that wants to send a secret message to the recipient, but the messages can be known by irresponsible people. So the sender feels dissappointed because the secret message that should be known only to the recipient only becomes known by the irresponsible people . It is necessary to do security the message by using the RSA algorithm, Using fingerprint image to generate RSA key.This is a solution to enrich the security of a message,it is needed to process images firstly before generating RSA keys with feature extraction.

A Round-Efficient Authenticated Key Agreement Scheme Based on Extended Chaotic Maps for Group Cloud Meeting.

PubMed

Lin, Tsung-Hung; Tsung, Chen-Kun; Lee, Tian-Fu; Wang, Zeng-Bo

2017-12-03

The security is a critical issue for business purposes. For example, the cloud meeting must consider strong security to maintain the communication privacy. Considering the scenario with cloud meeting, we apply extended chaotic map to present passwordless group authentication key agreement, termed as Passwordless Group Authentication Key Agreement (PL-GAKA). PL-GAKA improves the computation efficiency for the simple group password-based authenticated key agreement (SGPAKE) proposed by Lee et al. in terms of computing the session key. Since the extended chaotic map has equivalent security level to the Diffie-Hellman key exchange scheme applied by SGPAKE, the security of PL-GAKA is not sacrificed when improving the computation efficiency. Moreover, PL-GAKA is a passwordless scheme, so the password maintenance is not necessary. Short-term authentication is considered, hence the communication security is stronger than other protocols by dynamically generating session key in each cloud meeting. In our analysis, we first prove that each meeting member can get the correct information during the meeting. We analyze common security issues for the proposed PL-GAKA in terms of session key security, mutual authentication, perfect forward security, and data integrity. Moreover, we also demonstrate that communicating in PL-GAKA is secure when suffering replay attacks, impersonation attacks, privileged insider attacks, and stolen-verifier attacks. Eventually, an overall comparison is given to show the performance between PL-GAKA, SGPAKE and related solutions.

Physical Cryptography: A New Approach to Key Generation and Direct Encryption

DTIC Science & Technology

2009-11-18

has been  further studied theoretically and P a g e  | 4    experimentally to only a limited extent. The second is quantum cryptography [3] based on...Std Z39-18 P a g e  | 2    Abstract: The security of key generation and direct encryption in quantum and physical cryptography have been...investigated. It is found that similar to the situation of conventional mathematics based cryptography , fundamental and meaningful security levels for either

Incompleteness and limit of security theory of quantum key distribution

NASA Astrophysics Data System (ADS)

Hirota, Osamu; Murakami, Dan; Kato, Kentaro; Futami, Fumio

2012-10-01

It is claimed in the many papers that a trace distance: d guarantees the universal composition security in quantum key distribution (QKD) like BB84 protocol. In this introduction paper, at first, it is explicitly explained what is the main misconception in the claim of the unconditional security for QKD theory. In general terms, the cause of the misunderstanding on the security claim is the Lemma in the paper of Renner. It suggests that the generation of the perfect random key is assured by the probability (1-d), and its failure probability is d. Thus, it concludes that the generated key provides the perfect random key sequence when the protocol is success. So the QKD provides perfect secrecy to the one time pad. This is the reason for the composition claim. However, the quantity of the trace distance (or variational distance) is not the probability for such an event. If d is not small enough, always the generated key sequence is not uniform. Now one needs the reconstruction of the evaluation of the trace distance if one wants to use it. One should first go back to the indistinguishability theory in the computational complexity based, and to clarify the meaning of the value of the variational distance. In addition, the same analysis for the information theoretic case is necessary. The recent serial papers by H.P.Yuen have given the answer on such questions. In this paper, we show more concise description of Yuen's theory, and clarify that the upper bound theories for the trace distance by Tomamichel et al and Hayashi et al are constructed by the wrong reasoning of Renner and it is unsuitable as the security analysis. Finally, we introduce a new macroscopic quantum communication to replace Q-bit QKD.

A scheme of hidden-structure attribute-based encryption with multiple authorities

NASA Astrophysics Data System (ADS)

Ling, J.; Weng, A. X.

2018-05-01

In the most of the CP-ABE schemes with hidden access structure, both all the user attributes and the key generation are managed by only one authority. The key generation efficiency will decrease as the number of user increases, and the data will encounter security issues as the only authority is attacked. We proposed a scheme of hidden-structure attribute-based encryption with multiple authorities, which introduces multiple semi-trusted attribute authorities, avoiding the threat even though one or more authorities are attacked. We also realized user revocation by managing a revocation list. Based on DBDH assumption, we proved that our scheme is of IND-CMA security. The analysis shows that our scheme improves the key generation efficiency.

Securing Digital Audio using Complex Quadratic Map

NASA Astrophysics Data System (ADS)

Suryadi, MT; Satria Gunawan, Tjandra; Satria, Yudi

2018-03-01

In This digital era, exchanging data are common and easy to do, therefore it is vulnerable to be attacked and manipulated from unauthorized parties. One data type that is vulnerable to attack is digital audio. So, we need data securing method that is not vulnerable and fast. One of the methods that match all of those criteria is securing the data using chaos function. Chaos function that is used in this research is complex quadratic map (CQM). There are some parameter value that causing the key stream that is generated by CQM function to pass all 15 NIST test, this means that the key stream that is generated using this CQM is proven to be random. In addition, samples of encrypted digital sound when tested using goodness of fit test are proven to be uniform, so securing digital audio using this method is not vulnerable to frequency analysis attack. The key space is very huge about 8.1×l031 possible keys and the key sensitivity is very small about 10-10, therefore this method is also not vulnerable against brute-force attack. And finally, the processing speed for both encryption and decryption process on average about 450 times faster that its digital audio duration.

Patients’ Data Management System Protected by Identity-Based Authentication and Key Exchange

PubMed Central

Rivero-García, Alexandra; Santos-González, Iván; Hernández-Goya, Candelaria; Caballero-Gil, Pino; Yung, Moti

2017-01-01

A secure and distributed framework for the management of patients’ information in emergency and hospitalization services is proposed here in order to seek improvements in efficiency and security in this important area. In particular, confidentiality protection, mutual authentication, and automatic identification of patients are provided. The proposed system is based on two types of devices: Near Field Communication (NFC) wristbands assigned to patients, and mobile devices assigned to medical staff. Two other main elements of the system are an intermediate server to manage the involved data, and a second server with a private key generator to define the information required to protect communications. An identity-based authentication and key exchange scheme is essential to provide confidential communication and mutual authentication between the medical staff and the private key generator through an intermediate server. The identification of patients is carried out through a keyed-hash message authentication code. Thanks to the combination of the aforementioned tools, a secure alternative mobile health (mHealth) scheme for managing patients’ data is defined for emergency and hospitalization services. Different parts of the proposed system have been implemented, including mobile application, intermediate server, private key generator and communication channels. Apart from that, several simulations have been performed, and, compared with the current system, significant improvements in efficiency have been observed. PMID:28362328

Patients' Data Management System Protected by Identity-Based Authentication and Key Exchange.

PubMed

Rivero-García, Alexandra; Santos-González, Iván; Hernández-Goya, Candelaria; Caballero-Gil, Pino; Yung, Moti

2017-03-31

A secure and distributed framework for the management of patients' information in emergency and hospitalization services is proposed here in order to seek improvements in efficiency and security in this important area. In particular, confidentiality protection, mutual authentication, and automatic identification of patients are provided. The proposed system is based on two types of devices: Near Field Communication (NFC) wristbands assigned to patients, and mobile devices assigned to medical staff. Two other main elements of the system are an intermediate server to manage the involved data, and a second server with a private key generator to define the information required to protect communications. An identity-based authentication and key exchange scheme is essential to provide confidential communication and mutual authentication between the medical staff and the private key generator through an intermediate server. The identification of patients is carried out through a keyed-hash message authentication code. Thanks to the combination of the aforementioned tools, a secure alternative mobile health (mHealth) scheme for managing patients' data is defined for emergency and hospitalization services. Different parts of the proposed system have been implemented, including mobile application, intermediate server, private key generator and communication channels. Apart from that, several simulations have been performed, and, compared with the current system, significant improvements in efficiency have been observed.

Securing resource constraints embedded devices using elliptic curve cryptography

NASA Astrophysics Data System (ADS)

Tam, Tony; Alfasi, Mohamed; Mozumdar, Mohammad

2014-06-01

The use of smart embedded device has been growing rapidly in recent time because of miniaturization of sensors and platforms. Securing data from these embedded devices is now become one of the core challenges both in industry and research community. Being embedded, these devices have tight constraints on resources such as power, computation, memory, etc. Hence it is very difficult to implement traditional Public Key Cryptography (PKC) into these resource constrained embedded devices. Moreover, most of the public key security protocols requires both public and private key to be generated together. In contrast with this, Identity Based Encryption (IBE), a public key cryptography protocol, allows a public key to be generated from an arbitrary string and the corresponding private key to be generated later on demand. While IBE has been actively studied and widely applied in cryptography research, conventional IBE primitives are also computationally demanding and cannot be efficiently implemented on embedded system. Simplified version of the identity based encryption has proven its competence in being robust and also satisfies tight budget of the embedded platform. In this paper, we describe the choice of several parameters for implementing lightweight IBE in resource constrained embedded sensor nodes. Our implementation of IBE is built using elliptic curve cryptography (ECC).

Secure image retrieval with multiple keys

NASA Astrophysics Data System (ADS)

Liang, Haihua; Zhang, Xinpeng; Wei, Qiuhan; Cheng, Hang

2018-03-01

This article proposes a secure image retrieval scheme under a multiuser scenario. In this scheme, the owner first encrypts and uploads images and their corresponding features to the cloud; then, the user submits the encrypted feature of the query image to the cloud; next, the cloud compares the encrypted features and returns encrypted images with similar content to the user. To find the nearest neighbor in the encrypted features, an encryption with multiple keys is proposed, in which the query feature of each user is encrypted by his/her own key. To improve the key security and space utilization, global optimization and Gaussian distribution are, respectively, employed to generate multiple keys. The experiments show that the proposed encryption can provide effective and secure image retrieval for each user and ensure confidentiality of the query feature of each user.

Entropy uncertainty relations and stability of phase-temporal quantum cryptography with finite-length transmitted strings

DOE Office of Scientific and Technical Information (OSTI.GOV)

Molotkov, S. N., E-mail: sergei.molotkov@gmail.com

2012-12-15

Any key-generation session contains a finite number of quantum-state messages, and it is there-fore important to understand the fundamental restrictions imposed on the minimal length of a string required to obtain a secret key with a specified length. The entropy uncertainty relations for smooth min and max entropies considerably simplify and shorten the proof of security. A proof of security of quantum key distribution with phase-temporal encryption is presented. This protocol provides the maximum critical error compared to other protocols up to which secure key distribution is guaranteed. In addition, unlike other basic protocols (of the BB84 type), which aremore » vulnerable with respect to an attack by 'blinding' of avalanche photodetectors, this protocol is stable with respect to such an attack and guarantees key security.« less

A New Three Dimensional Based Key Generation Technique in AVK

NASA Astrophysics Data System (ADS)

Banerjee, Subhasish; Dutta, Manash Pratim; Bhunia, Chandan Tilak

2017-08-01

In modern era, ensuring high order security becomes one and only objective of computer networks. From the last few decades, many researchers have given their contributions to achieve the secrecy over the communication channel. In achieving perfect security, Shannon had done the pioneer work on perfect secret theorem and illustrated that secrecy of the shared information can be maintained if the key becomes variable in nature instead of static one. In this regard, a key generation technique has been proposed where the key can be changed every time whenever a new block of data needs to be exchanged. In our scheme, the keys not only vary in bit sequences but also in size. The experimental study is also included in this article to prove the correctness and effectiveness of our proposed technique.

Butterfly Encryption Scheme for Resource-Constrained Wireless Networks †

PubMed Central

Sampangi, Raghav V.; Sampalli, Srinivas

2015-01-01

Resource-constrained wireless networks are emerging networks such as Radio Frequency Identification (RFID) and Wireless Body Area Networks (WBAN) that might have restrictions on the available resources and the computations that can be performed. These emerging technologies are increasing in popularity, particularly in defence, anti-counterfeiting, logistics and medical applications, and in consumer applications with growing popularity of the Internet of Things. With communication over wireless channels, it is essential to focus attention on securing data. In this paper, we present an encryption scheme called Butterfly encryption scheme. We first discuss a seed update mechanism for pseudorandom number generators (PRNG), and employ this technique to generate keys and authentication parameters for resource-constrained wireless networks. Our scheme is lightweight, as in it requires less resource when implemented and offers high security through increased unpredictability, owing to continuously changing parameters. Our work focuses on accomplishing high security through simplicity and reuse. We evaluate our encryption scheme using simulation, key similarity assessment, key sequence randomness assessment, protocol analysis and security analysis. PMID:26389899

Butterfly Encryption Scheme for Resource-Constrained Wireless Networks.

PubMed

Sampangi, Raghav V; Sampalli, Srinivas

2015-09-15

Resource-constrained wireless networks are emerging networks such as Radio Frequency Identification (RFID) and Wireless Body Area Networks (WBAN) that might have restrictions on the available resources and the computations that can be performed. These emerging technologies are increasing in popularity, particularly in defence, anti-counterfeiting, logistics and medical applications, and in consumer applications with growing popularity of the Internet of Things. With communication over wireless channels, it is essential to focus attention on securing data. In this paper, we present an encryption scheme called Butterfly encryption scheme. We first discuss a seed update mechanism for pseudorandom number generators (PRNG), and employ this technique to generate keys and authentication parameters for resource-constrained wireless networks. Our scheme is lightweight, as in it requires less resource when implemented and offers high security through increased unpredictability, owing to continuously changing parameters. Our work focuses on accomplishing high security through simplicity and reuse. We evaluate our encryption scheme using simulation, key similarity assessment, key sequence randomness assessment, protocol analysis and security analysis.

A Round-Efficient Authenticated Key Agreement Scheme Based on Extended Chaotic Maps for Group Cloud Meeting

PubMed Central

Lee, Tian-Fu; Wang, Zeng-Bo

2017-01-01

The security is a critical issue for business purposes. For example, the cloud meeting must consider strong security to maintain the communication privacy. Considering the scenario with cloud meeting, we apply extended chaotic map to present passwordless group authentication key agreement, termed as Passwordless Group Authentication Key Agreement (PL-GAKA). PL-GAKA improves the computation efficiency for the simple group password-based authenticated key agreement (SGPAKE) proposed by Lee et al. in terms of computing the session key. Since the extended chaotic map has equivalent security level to the Diffie–Hellman key exchange scheme applied by SGPAKE, the security of PL-GAKA is not sacrificed when improving the computation efficiency. Moreover, PL-GAKA is a passwordless scheme, so the password maintenance is not necessary. Short-term authentication is considered, hence the communication security is stronger than other protocols by dynamically generating session key in each cloud meeting. In our analysis, we first prove that each meeting member can get the correct information during the meeting. We analyze common security issues for the proposed PL-GAKA in terms of session key security, mutual authentication, perfect forward security, and data integrity. Moreover, we also demonstrate that communicating in PL-GAKA is secure when suffering replay attacks, impersonation attacks, privileged insider attacks, and stolen-verifier attacks. Eventually, an overall comparison is given to show the performance between PL-GAKA, SGPAKE and related solutions. PMID:29207509

Analysis of using interpulse intervals to generate 128-bit biometric random binary sequences for securing wireless body sensor networks.

PubMed

Zhang, Guang-He; Poon, Carmen C Y; Zhang, Yuan-Ting

2012-01-01

Wireless body sensor network (WBSN), a key building block for m-Health, demands extremely stringent resource constraints and thus lightweight security methods are preferred. To minimize resource consumption, utilizing information already available to a WBSN, particularly common to different sensor nodes of a WBSN, for security purposes becomes an attractive solution. In this paper, we tested the randomness and distinctiveness of the 128-bit biometric binary sequences (BSs) generated from interpulse intervals (IPIs) of 20 healthy subjects as well as 30 patients suffered from myocardial infarction and 34 subjects with other cardiovascular diseases. The encoding time of a biometric BS on a WBSN node is on average 23 ms and memory occupation is 204 bytes for any given IPI sequence. The results from five U.S. National Institute of Standards and Technology statistical tests suggest that random biometric BSs can be generated from both healthy subjects and cardiovascular patients and can potentially be used as authentication identifiers for securing WBSNs. Ultimately, it is preferred that these biometric BSs can be used as encryption keys such that key distribution over the WBSN can be avoided.

Employing a Secure Virtual Private Network (VPN) Infrastructure as a Global Command and Control Gateway to Dynamically Connect and Disconnect Diverse Forces an a Task-Force-By-Task-Force Basis

DTIC Science & Technology

2009-09-01

DIFFIE-HELLMAN KEY EXCHANGE .......................14 III. GHOSTNET SETUP .........................................15 A. INSTALLATION OF OPENVPN FOR...16 3. Verifying the Secure Connection ..............16 B. RUNNING OPENVPN AS A SERVER ON WINDOWS ............17 1. Creating...Generating Server and Client Keys ............20 5. Keys to Transfer to the Client ...............21 6. Configuring OpenVPN to Use Certificates

Implementation of a Wireless Time Distribution Testbed Protected with Quantum Key Distribution

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bonior, Jason D; Evans, Philip G; Sheets, Gregory S

2017-01-01

Secure time transfer is critical for many timesensitive applications. the Global Positioning System (GPS) which is often used for this purpose has been shown to be susceptible to spoofing attacks. Quantum Key Distribution offers a way to securely generate encryption keys at two locations. Through careful use of this information it is possible to create a system that is more resistant to spoofing attacks. In this paper we describe our work to create a testbed which utilizes QKD and traditional RF links. This testbed will be used for the development of more secure and spoofing resistant time distribution protocols.

A new image encryption algorithm based on the fractional-order hyperchaotic Lorenz system

NASA Astrophysics Data System (ADS)

Wang, Zhen; Huang, Xia; Li, Yu-Xia; Song, Xiao-Na

2013-01-01

We propose a new image encryption algorithm on the basis of the fractional-order hyperchaotic Lorenz system. While in the process of generating a key stream, the system parameters and the derivative order are embedded in the proposed algorithm to enhance the security. Such an algorithm is detailed in terms of security analyses, including correlation analysis, information entropy analysis, run statistic analysis, mean-variance gray value analysis, and key sensitivity analysis. The experimental results demonstrate that the proposed image encryption scheme has the advantages of large key space and high security for practical image encryption.

Key-Generation Algorithms for Linear Piece In Hand Matrix Method

NASA Astrophysics Data System (ADS)

Tadaki, Kohtaro; Tsujii, Shigeo

The linear Piece In Hand (PH, for short) matrix method with random variables was proposed in our former work. It is a general prescription which can be applicable to any type of multivariate public-key cryptosystems for the purpose of enhancing their security. Actually, we showed, in an experimental manner, that the linear PH matrix method with random variables can certainly enhance the security of HFE against the Gröbner basis attack, where HFE is one of the major variants of multivariate public-key cryptosystems. In 1998 Patarin, Goubin, and Courtois introduced the plus method as a general prescription which aims to enhance the security of any given MPKC, just like the linear PH matrix method with random variables. In this paper we prove the equivalence between the plus method and the primitive linear PH matrix method, which is introduced by our previous work to explain the notion of the PH matrix method in general in an illustrative manner and not for a practical use to enhance the security of any given MPKC. Based on this equivalence, we show that the linear PH matrix method with random variables has the substantial advantage over the plus method with respect to the security enhancement. In the linear PH matrix method with random variables, the three matrices, including the PH matrix, play a central role in the secret-key and public-key. In this paper, we clarify how to generate these matrices and thus present two probabilistic polynomial-time algorithms to generate these matrices. In particular, the second one has a concise form, and is obtained as a byproduct of the proof of the equivalence between the plus method and the primitive linear PH matrix method.

Quantum key distribution with an efficient countermeasure against correlated intensity fluctuations in optical pulses

NASA Astrophysics Data System (ADS)

Yoshino, Ken-ichiro; Fujiwara, Mikio; Nakata, Kensuke; Sumiya, Tatsuya; Sasaki, Toshihiko; Takeoka, Masahiro; Sasaki, Masahide; Tajima, Akio; Koashi, Masato; Tomita, Akihisa

2018-03-01

Quantum key distribution (QKD) allows two distant parties to share secret keys with the proven security even in the presence of an eavesdropper with unbounded computational power. Recently, GHz-clock decoy QKD systems have been realized by employing ultrafast optical communication devices. However, security loopholes of high-speed systems have not been fully explored yet. Here we point out a security loophole at the transmitter of the GHz-clock QKD, which is a common problem in high-speed QKD systems using practical band-width limited devices. We experimentally observe the inter-pulse intensity correlation and modulation pattern-dependent intensity deviation in a practical high-speed QKD system. Such correlation violates the assumption of most security theories. We also provide its countermeasure which does not require significant changes of hardware and can generate keys secure over 100 km fiber transmission. Our countermeasure is simple, effective and applicable to wide range of high-speed QKD systems, and thus paves the way to realize ultrafast and security-certified commercial QKD systems.

Securing Wireless Communications of the Internet of Things from the Physical Layer, An Overview

NASA Astrophysics Data System (ADS)

Zhang, Junqing; Duong, Trung; Woods, Roger; Marshall, Alan

2017-08-01

The security of the Internet of Things (IoT) is receiving considerable interest as the low power constraints and complexity features of many IoT devices are limiting the use of conventional cryptographic techniques. This article provides an overview of recent research efforts on alternative approaches for securing IoT wireless communications at the physical layer, specifically the key topics of key generation and physical layer encryption. These schemes can be implemented and are lightweight, and thus offer practical solutions for providing effective IoT wireless security. Future research to make IoT-based physical layer security more robust and pervasive is also covered.

Image encryption based on a delayed fractional-order chaotic logistic system

NASA Astrophysics Data System (ADS)

Wang, Zhen; Huang, Xia; Li, Ning; Song, Xiao-Na

2012-05-01

A new image encryption scheme is proposed based on a delayed fractional-order chaotic logistic system. In the process of generating a key stream, the time-varying delay and fractional derivative are embedded in the proposed scheme to improve the security. Such a scheme is described in detail with security analyses including correlation analysis, information entropy analysis, run statistic analysis, mean-variance gray value analysis, and key sensitivity analysis. Experimental results show that the newly proposed image encryption scheme possesses high security.

Information Security in Higher Education. Professional Paper Series, #5.

ERIC Educational Resources Information Center

Elliott, Raymond; And Others

Intended to generate discussion and motivate proactive intervention in matters of information security, this paper defines and discusses some of the key issues relating to information security on college and university campuses based on in-depth interviews conducted at eight selected higher education institutions of varying size and composition in…

The security energy encryption in wireless power transfer

NASA Astrophysics Data System (ADS)

Sadzali, M. N.; Ali, A.; Azizan, M. M.; Albreem, M. A. M.

2017-09-01

This paper presents a concept of security in wireless power transfer (WPT) by applying chaos theory. Chaos theory is applied as a security system in order to safeguard the transfer of energy from a transmitter to the intended receiver. The energy encryption of the wireless power transfer utilizes chaos theory to generate the possibility of a logistic map for the chaotic security key. The simulation for energy encryption wireless power transfer system was conducted by using MATLAB and Simulink. By employing chaos theory, the chaotic key ensures the transmission of energy from transmitter to its intended receiver.

Joint image encryption and compression scheme based on a new hyperchaotic system and curvelet transform

NASA Astrophysics Data System (ADS)

Zhang, Miao; Tong, Xiaojun

2017-07-01

This paper proposes a joint image encryption and compression scheme based on a new hyperchaotic system and curvelet transform. A new five-dimensional hyperchaotic system based on the Rabinovich system is presented. By means of the proposed hyperchaotic system, a new pseudorandom key stream generator is constructed. The algorithm adopts diffusion and confusion structure to perform encryption, which is based on the key stream generator and the proposed hyperchaotic system. The key sequence used for image encryption is relation to plain text. By means of the second generation curvelet transform, run-length coding, and Huffman coding, the image data are compressed. The joint operation of compression and encryption in a single process is performed. The security test results indicate the proposed methods have high security and good compression effect.

Implementation of continuous-variable quantum key distribution with composable and one-sided-device-independent security against coherent attacks.

PubMed

Gehring, Tobias; Händchen, Vitus; Duhme, Jörg; Furrer, Fabian; Franz, Torsten; Pacher, Christoph; Werner, Reinhard F; Schnabel, Roman

2015-10-30

Secret communication over public channels is one of the central pillars of a modern information society. Using quantum key distribution this is achieved without relying on the hardness of mathematical problems, which might be compromised by improved algorithms or by future quantum computers. State-of-the-art quantum key distribution requires composable security against coherent attacks for a finite number of distributed quantum states as well as robustness against implementation side channels. Here we present an implementation of continuous-variable quantum key distribution satisfying these requirements. Our implementation is based on the distribution of continuous-variable Einstein-Podolsky-Rosen entangled light. It is one-sided device independent, which means the security of the generated key is independent of any memoryfree attacks on the remote detector. Since continuous-variable encoding is compatible with conventional optical communication technology, our work is a step towards practical implementations of quantum key distribution with state-of-the-art security based solely on telecom components.

Implementation of continuous-variable quantum key distribution with composable and one-sided-device-independent security against coherent attacks

PubMed Central

Gehring, Tobias; Händchen, Vitus; Duhme, Jörg; Furrer, Fabian; Franz, Torsten; Pacher, Christoph; Werner, Reinhard F.; Schnabel, Roman

2015-01-01

Secret communication over public channels is one of the central pillars of a modern information society. Using quantum key distribution this is achieved without relying on the hardness of mathematical problems, which might be compromised by improved algorithms or by future quantum computers. State-of-the-art quantum key distribution requires composable security against coherent attacks for a finite number of distributed quantum states as well as robustness against implementation side channels. Here we present an implementation of continuous-variable quantum key distribution satisfying these requirements. Our implementation is based on the distribution of continuous-variable Einstein–Podolsky–Rosen entangled light. It is one-sided device independent, which means the security of the generated key is independent of any memoryfree attacks on the remote detector. Since continuous-variable encoding is compatible with conventional optical communication technology, our work is a step towards practical implementations of quantum key distribution with state-of-the-art security based solely on telecom components. PMID:26514280

Getting something out of nothing in the measurement-device-independent quantum key distribution

NASA Astrophysics Data System (ADS)

Tan, Yong-Gang; Cai, Qing-Yu; Yang, Hai-Feng; Hu, Yao-Hua

2015-11-01

Because of the monogamy of entanglement, the measurement-device-independent quantum key distribution is immune to the side-information leaking of the measurement devices. When the correlated measurement outcomes are generated from the dark counts, no entanglement is actually obtained. However, secure key bits can still be proven to be generated from these measurement outcomes. Especially, we will give numerical studies on the contributions of dark counts to the key generation rate in practical decoy state MDI-QKD where a signal source, a weaker decoy source and a vacuum decoy source are used by either legitimate key distributer.

Critical side channel effects in random bit generation with multiple semiconductor lasers in a polarization-based quantum key distribution system.

PubMed

Ko, Heasin; Choi, Byung-Seok; Choe, Joong-Seon; Kim, Kap-Joong; Kim, Jong-Hoi; Youn, Chun Ju

2017-08-21

Most polarization-based BB84 quantum key distribution (QKD) systems utilize multiple lasers to generate one of four polarization quantum states randomly. However, random bit generation with multiple lasers can potentially open critical side channels that significantly endangers the security of QKD systems. In this paper, we show unnoticed side channels of temporal disparity and intensity fluctuation, which possibly exist in the operation of multiple semiconductor laser diodes. Experimental results show that the side channels can enormously degrade security performance of QKD systems. An important system issue for the improvement of quantum bit error rate (QBER) related with laser driving condition is further addressed with experimental results.

Bidirectional private key exchange using delay-coupled semiconductor lasers.

PubMed

Porte, Xavier; Soriano, Miguel C; Brunner, Daniel; Fischer, Ingo

2016-06-15

We experimentally demonstrate a key exchange cryptosystem based on the phenomenon of identical chaos synchronization. In our protocol, the private key is symmetrically generated by the two communicating partners. It is built up from the synchronized bits occurring between two current-modulated bidirectionally coupled semiconductor lasers with additional self-feedback. We analyze the security of the exchanged key and discuss the amplification of its privacy. We demonstrate private key generation rates up to 11  Mbit/s over a public channel.

Optimized decoy state QKD for underwater free space communication

NASA Astrophysics Data System (ADS)

Lopes, Minal; Sarwade, Nisha

Quantum cryptography (QC) is envisioned as a solution for global key distribution through fiber optic, free space and underwater optical communication due to its unconditional security. In view of this, this paper investigates underwater free space quantum key distribution (QKD) model for enhanced transmission distance, secret key rates and security. It is reported that secure underwater free space QKD is feasible in the clearest ocean water with the sifted key rates up to 207kbps. This paper extends this work by testing performance of optimized decoy state QKD protocol with underwater free space communication model. The attenuation of photons, quantum bit error rate and the sifted key generation rate of underwater quantum communication is obtained with vector radiative transfer theory and Monte Carlo method. It is observed from the simulations that optimized decoy state QKD evidently enhances the underwater secret key transmission distance as well as secret key rates.

An Efficient Biometric-Based Algorithm Using Heart Rate Variability for Securing Body Sensor Networks

PubMed Central

Pirbhulal, Sandeep; Zhang, Heye; Mukhopadhyay, Subhas Chandra; Li, Chunyue; Wang, Yumei; Li, Guanglin; Wu, Wanqing; Zhang, Yuan-Ting

2015-01-01

Body Sensor Network (BSN) is a network of several associated sensor nodes on, inside or around the human body to monitor vital signals, such as, Electroencephalogram (EEG), Photoplethysmography (PPG), Electrocardiogram (ECG), etc. Each sensor node in BSN delivers major information; therefore, it is very significant to provide data confidentiality and security. All existing approaches to secure BSN are based on complex cryptographic key generation procedures, which not only demands high resource utilization and computation time, but also consumes large amount of energy, power and memory during data transmission. However, it is indispensable to put forward energy efficient and computationally less complex authentication technique for BSN. In this paper, a novel biometric-based algorithm is proposed, which utilizes Heart Rate Variability (HRV) for simple key generation process to secure BSN. Our proposed algorithm is compared with three data authentication techniques, namely Physiological Signal based Key Agreement (PSKA), Data Encryption Standard (DES) and Rivest Shamir Adleman (RSA). Simulation is performed in Matlab and results suggest that proposed algorithm is quite efficient in terms of transmission time utilization, average remaining energy and total power consumption. PMID:26131666

An Efficient Biometric-Based Algorithm Using Heart Rate Variability for Securing Body Sensor Networks.

PubMed

Pirbhulal, Sandeep; Zhang, Heye; Mukhopadhyay, Subhas Chandra; Li, Chunyue; Wang, Yumei; Li, Guanglin; Wu, Wanqing; Zhang, Yuan-Ting

2015-06-26

Body Sensor Network (BSN) is a network of several associated sensor nodes on, inside or around the human body to monitor vital signals, such as, Electroencephalogram (EEG), Photoplethysmography (PPG), Electrocardiogram (ECG), etc. Each sensor node in BSN delivers major information; therefore, it is very significant to provide data confidentiality and security. All existing approaches to secure BSN are based on complex cryptographic key generation procedures, which not only demands high resource utilization and computation time, but also consumes large amount of energy, power and memory during data transmission. However, it is indispensable to put forward energy efficient and computationally less complex authentication technique for BSN. In this paper, a novel biometric-based algorithm is proposed, which utilizes Heart Rate Variability (HRV) for simple key generation process to secure BSN. Our proposed algorithm is compared with three data authentication techniques, namely Physiological Signal based Key Agreement (PSKA), Data Encryption Standard (DES) and Rivest Shamir Adleman (RSA). Simulation is performed in Matlab and results suggest that proposed algorithm is quite efficient in terms of transmission time utilization, average remaining energy and total power consumption.

Quantum cryptography with entangled photons

PubMed

Jennewein; Simon; Weihs; Weinfurter; Zeilinger

2000-05-15

By realizing a quantum cryptography system based on polarization entangled photon pairs we establish highly secure keys, because a single photon source is approximated and the inherent randomness of quantum measurements is exploited. We implement a novel key distribution scheme using Wigner's inequality to test the security of the quantum channel, and, alternatively, realize a variant of the BB84 protocol. Our system has two completely independent users separated by 360 m, and generates raw keys at rates of 400-800 bits/s with bit error rates around 3%.

Experimental Measurement-Device-Independent Quantum Key Distribution

NASA Astrophysics Data System (ADS)

Liu, Yang; Chen, Teng-Yun; Wang, Liu-Jun; Liang, Hao; Shentu, Guo-Liang; Wang, Jian; Cui, Ke; Yin, Hua-Lei; Liu, Nai-Le; Li, Li; Ma, Xiongfeng; Pelc, Jason S.; Fejer, M. M.; Peng, Cheng-Zhi; Zhang, Qiang; Pan, Jian-Wei

2013-09-01

Quantum key distribution is proven to offer unconditional security in communication between two remote users with ideal source and detection. Unfortunately, ideal devices never exist in practice and device imperfections have become the targets of various attacks. By developing up-conversion single-photon detectors with high efficiency and low noise, we faithfully demonstrate the measurement-device-independent quantum-key-distribution protocol, which is immune to all hacking strategies on detection. Meanwhile, we employ the decoy-state method to defend attacks on a nonideal source. By assuming a trusted source scenario, our practical system, which generates more than a 25 kbit secure key over a 50 km fiber link, serves as a stepping stone in the quest for unconditionally secure communications with realistic devices.

Experimental measurement-device-independent quantum key distribution.

PubMed

Liu, Yang; Chen, Teng-Yun; Wang, Liu-Jun; Liang, Hao; Shentu, Guo-Liang; Wang, Jian; Cui, Ke; Yin, Hua-Lei; Liu, Nai-Le; Li, Li; Ma, Xiongfeng; Pelc, Jason S; Fejer, M M; Peng, Cheng-Zhi; Zhang, Qiang; Pan, Jian-Wei

2013-09-27

Quantum key distribution is proven to offer unconditional security in communication between two remote users with ideal source and detection. Unfortunately, ideal devices never exist in practice and device imperfections have become the targets of various attacks. By developing up-conversion single-photon detectors with high efficiency and low noise, we faithfully demonstrate the measurement-device-independent quantum-key-distribution protocol, which is immune to all hacking strategies on detection. Meanwhile, we employ the decoy-state method to defend attacks on a nonideal source. By assuming a trusted source scenario, our practical system, which generates more than a 25 kbit secure key over a 50 km fiber link, serves as a stepping stone in the quest for unconditionally secure communications with realistic devices.

A Trustworthy Key Generation Prototype Based on DDR3 PUF for Wireless Sensor Networks

PubMed Central

Liu, Wenchao; Zhang, Zhenhua; Li, Miaoxin; Liu, Zhenglin

2014-01-01

Secret key leakage in wireless sensor networks (WSNs) is a high security risk especially when sensor nodes are deployed in hostile environment and physically accessible to attackers. With nowadays semi/fully-invasive attack techniques attackers can directly derive the cryptographic key from non-volatile memory (NVM) storage. Physically Unclonable Function (PUF) is a promising technology to resist node capture attacks, and it also provides a low cost and tamper-resistant key provisioning solution. In this paper, we designed a PUF based on double-data-rate SDRAM Type 3 (DDR3) memory by exploring its memory decay characteristics. We also described a prototype of 128-bit key generation based on DDR3 PUF with integrated fuzzy extractor. Due to the wide adoption of DDR3 memory in WSN, our proposed DDR3 PUF technology with high security levels and no required hardware changes is suitable for a wide range of WSN applications. PMID:24984058

Synchronization of random bit generators based on coupled chaotic lasers and application to cryptography.

PubMed

Kanter, Ido; Butkovski, Maria; Peleg, Yitzhak; Zigzag, Meital; Aviad, Yaara; Reidler, Igor; Rosenbluh, Michael; Kinzel, Wolfgang

2010-08-16

Random bit generators (RBGs) constitute an important tool in cryptography, stochastic simulations and secure communications. The later in particular has some difficult requirements: high generation rate of unpredictable bit strings and secure key-exchange protocols over public channels. Deterministic algorithms generate pseudo-random number sequences at high rates, however, their unpredictability is limited by the very nature of their deterministic origin. Recently, physical RBGs based on chaotic semiconductor lasers were shown to exceed Gbit/s rates. Whether secure synchronization of two high rate physical RBGs is possible remains an open question. Here we propose a method, whereby two fast RBGs based on mutually coupled chaotic lasers, are synchronized. Using information theoretic analysis we demonstrate security against a powerful computational eavesdropper, capable of noiseless amplification, where all parameters are publicly known. The method is also extended to secure synchronization of a small network of three RBGs.

Adaptive real time selection for quantum key distribution in lossy and turbulent free-space channels

NASA Astrophysics Data System (ADS)

Vallone, Giuseppe; Marangon, Davide G.; Canale, Matteo; Savorgnan, Ilaria; Bacco, Davide; Barbieri, Mauro; Calimani, Simon; Barbieri, Cesare; Laurenti, Nicola; Villoresi, Paolo

2015-04-01

The unconditional security in the creation of cryptographic keys obtained by quantum key distribution (QKD) protocols will induce a quantum leap in free-space communication privacy in the same way that we are beginning to realize secure optical fiber connections. However, free-space channels, in particular those with long links and the presence of atmospheric turbulence, are affected by losses, fluctuating transmissivity, and background light that impair the conditions for secure QKD. Here we introduce a method to contrast the atmospheric turbulence in QKD experiments. Our adaptive real time selection (ARTS) technique at the receiver is based on the selection of the intervals with higher channel transmissivity. We demonstrate, using data from the Canary Island 143-km free-space link, that conditions with unacceptable average quantum bit error rate which would prevent the generation of a secure key can be used once parsed according to the instantaneous scintillation using the ARTS technique.

Implementation of continuous-variable quantum key distribution with discrete modulation

NASA Astrophysics Data System (ADS)

Hirano, Takuya; Ichikawa, Tsubasa; Matsubara, Takuto; Ono, Motoharu; Oguri, Yusuke; Namiki, Ryo; Kasai, Kenta; Matsumoto, Ryutaroh; Tsurumaru, Toyohiro

2017-06-01

We have developed a continuous-variable quantum key distribution (CV-QKD) system that employs discrete quadrature-amplitude modulation and homodyne detection of coherent states of light. We experimentally demonstrated automated secure key generation with a rate of 50 kbps when a quantum channel is a 10 km optical fibre. The CV-QKD system utilises a four-state and post-selection protocol and generates a secure key against the entangling cloner attack. We used a pulsed light source of 1550 nm wavelength with a repetition rate of 10 MHz. A commercially available balanced receiver is used to realise shot-noise-limited pulsed homodyne detection. We used a non-binary LDPC code for error correction (reverse reconciliation) and the Toeplitz matrix multiplication for privacy amplification. A graphical processing unit card is used to accelerate the software-based post-processing.

Quantum-locked key distribution at nearly the classical capacity rate.

PubMed

Lupo, Cosmo; Lloyd, Seth

2014-10-17

Quantum data locking is a protocol that allows for a small secret key to (un)lock an exponentially larger amount of information, hence yielding the strongest violation of the classical one-time pad encryption in the quantum setting. This violation mirrors a large gap existing between two security criteria for quantum cryptography quantified by two entropic quantities: the Holevo information and the accessible information. We show that the latter becomes a sensible security criterion if an upper bound on the coherence time of the eavesdropper's quantum memory is known. Under this condition, we introduce a protocol for secret key generation through a memoryless qudit channel. For channels with enough symmetry, such as the d-dimensional erasure and depolarizing channels, this protocol allows secret key generation at an asymptotic rate as high as the classical capacity minus one bit.

Integrated quantum key distribution sender unit for daily-life implementations

NASA Astrophysics Data System (ADS)

Mélen, Gwenaelle; Vogl, Tobias; Rau, Markus; Corrielli, Giacomo; Crespi, Andrea; Osellame, Roberto; Weinfurter, Harald

2016-03-01

Unlike currently implemented encryption schemes, Quantum Key Distribution provides a secure way of generating and distributing a key among two parties. Although a multitude of research platforms has been developed, the integration of QKD units within classical communication systems remains a tremendous challenge. The recently achieved maturity of integrated photonic technologies could be exploited to create miniature QKD add-ons that could extend the primary function of various existing systems such as mobile devices or optical stations. In this work we report on an integrated optics module enabling secure short-distance communication for, e.g., quantum access schemes. Using BB84-like protocols, Alice's mobile low-cost device can exchange secure key and information everywhere within a trusted node network. The new optics platform (35×20×8mm) compatible with current smartphone's technology generates NIR faint polarised laser pulses with 100MHz repetition rate. Fully automated beam tracking and live basis-alignment on Bob's side ensure user-friendly operation with a quantum link efficiency as high as 50% stable over a few seconds.

Optical image security using Stokes polarimetry of spatially variant polarized beam

NASA Astrophysics Data System (ADS)

Fatima, Areeba; Nishchal, Naveen K.

2018-06-01

We propose a novel security scheme that uses vector beam characterized by the spatially variant polarization distribution. A vector beam is so generated that its helical components carry tailored phases corresponding to the image/images that is/are to be encrypted. The tailoring of phase has been done by employing the modified Gerchberg-Saxton algorithm for phase retrieval. Stokes parameters for the final vector beam is evaluated and is used to construct the ciphertext and one of the keys. The advantage of the proposed scheme is that it generates real ciphertext and keys which are easier to transmit and store than complex quantities. Moreover, the known plaintext attack is not applicable to this system. As a proof-of-concept, simulation results have been presented for securing single and double gray-scale images.

Investigating weaknesses in Android certificate security

NASA Astrophysics Data System (ADS)

Krych, Daniel E.; Lange-Maney, Stephen; McDaniel, Patrick; Glodek, William

2015-05-01

Android's application market relies on secure certificate generation to establish trust between applications and their users; yet, cryptography is often not a priority for application developers and many fail to take the necessary security precautions. Indeed, there is cause for concern: several recent high-profile studies have observed a pervasive lack of entropy on Web-systems leading to the factorization of private keys.1 Sufficient entropy, or randomness, is essential to generate secure key pairs and combat predictable key generation. In this paper, we analyze the security of Android certificates. We investigate the entropy present in 550,000 Android application certificates using the Quasilinear GCD finding algorithm.1 Our results show that while the lack of entropy does not appear to be as ubiquitous in the mobile markets as on Web-systems, there is substantial reuse of certificates only one third of the certificates in our dataset were unique. In other words, we find that organizations frequently reuse certificates for different applications. While such a practice is acceptable under Google's specifications for a single developer, we find that in some cases the same certificates are used for a myriad of developers, potentially compromising Android's intended trust relationships. Further, we observed duplicate certificates being used by both malicious and non-malicious applications. The top 3 repeated certificates present in our dataset accounted for a total of 11,438 separate APKs. Of these applications, 451, or roughly 4%, were identified as malicious by antivirus services.

Experimental quantum cryptography with qutrits

NASA Astrophysics Data System (ADS)

Gröblacher, Simon; Jennewein, Thomas; Vaziri, Alipasha; Weihs, Gregor; Zeilinger, Anton

2006-05-01

We produce two identical keys using, for the first time, entangled trinary quantum systems (qutrits) for quantum key distribution. The advantage of qutrits over the normally used binary quantum systems is an increased coding density and a higher security margin. The qutrits are encoded into the orbital angular momentum of photons, namely Laguerre Gaussian modes with azimuthal index l + 1, 0 and -1, respectively. The orbital angular momentum is controlled with phase holograms. In an Ekert-type protocol the violation of a three-dimensional Bell inequality verifies the security of the generated keys. A key is obtained with a qutrit error rate of approximately 10%.

Security proof of a three-state quantum-key-distribution protocol without rotational symmetry

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fung, C.-H.F.; Lo, H.-K.

2006-10-15

Standard security proofs of quantum-key-distribution (QKD) protocols often rely on symmetry arguments. In this paper, we prove the security of a three-state protocol that does not possess rotational symmetry. The three-state QKD protocol we consider involves three qubit states, where the first two states |0{sub z}> and |1{sub z}> can contribute to key generation, and the third state |+>=(|0{sub z}>+|1{sub z}>)/{radical}(2) is for channel estimation. This protocol has been proposed and implemented experimentally in some frequency-based QKD systems where the three states can be prepared easily. Thus, by founding on the security of this three-state protocol, we prove that thesemore » QKD schemes are, in fact, unconditionally secure against any attacks allowed by quantum mechanics. The main task in our proof is to upper bound the phase error rate of the qubits given the bit error rates observed. Unconditional security can then be proved not only for the ideal case of a single-photon source and perfect detectors, but also for the realistic case of a phase-randomized weak coherent light source and imperfect threshold detectors. Our result in the phase error rate upper bound is independent of the loss in the channel. Also, we compare the three-state protocol with the Bennett-Brassard 1984 (BB84) protocol. For the single-photon source case, our result proves that the BB84 protocol strictly tolerates a higher quantum bit error rate than the three-state protocol, while for the coherent-source case, the BB84 protocol achieves a higher key generation rate and secure distance than the three-state protocol when a decoy-state method is used.« less

A Low Cost Key Agreement Protocol Based on Binary Tree for EPCglobal Class 1 Generation 2 RFID Protocol

NASA Astrophysics Data System (ADS)

Jeng, Albert; Chang, Li-Chung; Chen, Sheng-Hui

There are many protocols proposed for protecting Radio Frequency Identification (RFID) system privacy and security. A number of these protocols are designed for protecting long-term security of RFID system using symmetric key or public key cryptosystem. Others are designed for protecting user anonymity and privacy. In practice, the use of RFID technology often has a short lifespan, such as commodity check out, supply chain management and so on. Furthermore, we know that designing a long-term security architecture to protect the security and privacy of RFID tags information requires a thorough consideration from many different aspects. However, any security enhancement on RFID technology will jack up its cost which may be detrimental to its widespread deployment. Due to the severe constraints of RFID tag resources (e. g., power source, computing power, communication bandwidth) and open air communication nature of RFID usage, it is a great challenge to secure a typical RFID system. For example, computational heavy public key and symmetric key cryptography algorithms (e. g., RSA and AES) may not be suitable or over-killed to protect RFID security or privacy. These factors motivate us to research an efficient and cost effective solution for RFID security and privacy protection. In this paper, we propose a new effective generic binary tree based key agreement protocol (called BKAP) and its variations, and show how it can be applied to secure the low cost and resource constraint RFID system. This BKAP is not a general purpose key agreement protocol rather it is a special purpose protocol to protect privacy, un-traceability and anonymity in a single RFID closed system domain.

Experimental quantum key distribution with simulated ground-to-satellite photon losses and processing limitations

NASA Astrophysics Data System (ADS)

Bourgoin, Jean-Philippe; Gigov, Nikolay; Higgins, Brendon L.; Yan, Zhizhong; Meyer-Scott, Evan; Khandani, Amir K.; Lütkenhaus, Norbert; Jennewein, Thomas

2015-11-01

Quantum key distribution (QKD) has the potential to improve communications security by offering cryptographic keys whose security relies on the fundamental properties of quantum physics. The use of a trusted quantum receiver on an orbiting satellite is the most practical near-term solution to the challenge of achieving long-distance (global-scale) QKD, currently limited to a few hundred kilometers on the ground. This scenario presents unique challenges, such as high photon losses and restricted classical data transmission and processing power due to the limitations of a typical satellite platform. Here we demonstrate the feasibility of such a system by implementing a QKD protocol, with optical transmission and full post-processing, in the high-loss regime using minimized computing hardware at the receiver. Employing weak coherent pulses with decoy states, we demonstrate the production of secure key bits at up to 56.5 dB of photon loss. We further illustrate the feasibility of a satellite uplink by generating a secure key while experimentally emulating the varying losses predicted for realistic low-Earth-orbit satellite passes at 600 km altitude. With a 76 MHz source and including finite-size analysis, we extract 3374 bits of a secure key from the best pass. We also illustrate the potential benefit of combining multiple passes together: while one suboptimal "upper-quartile" pass produces no finite-sized key with our source, the combination of three such passes allows us to extract 165 bits of a secure key. Alternatively, we find that by increasing the signal rate to 300 MHz it would be possible to extract 21 570 bits of a secure finite-sized key in just a single upper-quartile pass.

Quantum cryptography for secure free-space communications

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hughes, R.J.; Buttler, W.T.; Kwiat, P.G.

1999-03-01

The secure distribution of the secret random bit sequences known as key material, is an essential precursor to their use for the encryption and decryption of confidential communications. Quantum cryptography is a new technique for secure key distribution with single-photon transmissions: Heisenberg`s uncertainty principle ensures that an adversary can neither successfully tap the key transmissions, nor evade detection (eavesdropping raises the key error rate above a threshold value). The authors have developed experimental quantum cryptography systems based on the transmission of non-orthogonal photon polarization states to generate shared key material over line-of-sight optical links. Key material is built up usingmore » the transmission of a single-photon per bit of an initial secret random sequence. A quantum-mechanically random subset of this sequence is identified, becoming the key material after a data reconciliation stage with the sender. The authors have developed and tested a free-space quantum key distribution (QKD) system over an outdoor optical path of {approximately}1 km at Los Alamos National Laboratory under nighttime conditions. Results show that free-space QKD can provide secure real-time key distribution between parties who have a need to communicate secretly. Finally, they examine the feasibility of surface to satellite QKD.« less

Three-party authenticated key agreements for optimal communication

PubMed Central

Lee, Tian-Fu; Hwang, Tzonelih

2017-01-01

Authenticated key agreements enable users to determine session keys, and to securely communicate with others over an insecure channel via the session keys. This study investigates the lower bounds on communications for three-party authenticated key agreements and considers whether or not the sub-keys for generating a session key can be revealed in the channel. Since two clients do not share any common secret key, they require the help of the server to authenticate their identities and exchange confidential and authenticated information over insecure networks. However, if the session key security is based on asymmetric cryptosystems, then revealing the sub-keys cannot compromise the session key. The clients can directly exchange the sub-keys and reduce the transmissions. In addition, authenticated key agreements were developed by using the derived results of the lower bounds on communications. Compared with related approaches, the proposed protocols had fewer transmissions and realized the lower bounds on communications. PMID:28355253

On the security of compressed encryption with partial unitary sensing matrices embedding a secret keystream

NASA Astrophysics Data System (ADS)

Yu, Nam Yul

2017-12-01

The principle of compressed sensing (CS) can be applied in a cryptosystem by providing the notion of security. In this paper, we study the computational security of a CS-based cryptosystem that encrypts a plaintext with a partial unitary sensing matrix embedding a secret keystream. The keystream is obtained by a keystream generator of stream ciphers, where the initial seed becomes the secret key of the CS-based cryptosystem. For security analysis, the total variation distance, bounded by the relative entropy and the Hellinger distance, is examined as a security measure for the indistinguishability. By developing upper bounds on the distance measures, we show that the CS-based cryptosystem can be computationally secure in terms of the indistinguishability, as long as the keystream length for each encryption is sufficiently large with low compression and sparsity ratios. In addition, we consider a potential chosen plaintext attack (CPA) from an adversary, which attempts to recover the key of the CS-based cryptosystem. Associated with the key recovery attack, we show that the computational security of our CS-based cryptosystem is brought by the mathematical intractability of a constrained integer least-squares (ILS) problem. For a sub-optimal, but feasible key recovery attack, we consider a successive approximate maximum-likelihood detection (SAMD) and investigate the performance by developing an upper bound on the success probability. Through theoretical and numerical analyses, we demonstrate that our CS-based cryptosystem can be secure against the key recovery attack through the SAMD.

Time Delay Measurements of Key Generation Process on Smart Cards

DTIC Science & Technology

2015-03-01

random number generator is available (Chatterjee & Gupta, 2009). The ECC algorithm will grow in usage as information becomes more and more secure. Figure...Worldwide Mobile Enterprise Security Software 2012–2016 Forecast and Analysis), mobile identity and access management is expected to grow by 27.6 percent...iPad, tablets) as well as 80000 BlackBerry phones. The mobility plan itself will be deployed in three phases over 2014, with the first phase

Physical key-protected one-time pad

PubMed Central

Horstmeyer, Roarke; Judkewitz, Benjamin; Vellekoop, Ivo M.; Assawaworrarit, Sid; Yang, Changhuei

2013-01-01

We describe an encrypted communication principle that forms a secure link between two parties without electronically saving either of their keys. Instead, random cryptographic bits are kept safe within the unique mesoscopic randomness of two volumetric scattering materials. We demonstrate how a shared set of patterned optical probes can generate 10 gigabits of statistically verified randomness between a pair of unique 2 mm3 scattering objects. This shared randomness is used to facilitate information-theoretically secure communication following a modified one-time pad protocol. Benefits of volumetric physical storage over electronic memory include the inability to probe, duplicate or selectively reset any bits without fundamentally altering the entire key space. Our ability to securely couple the randomness contained within two unique physical objects can extend to strengthen hardware required by a variety of cryptographic protocols, which is currently a critically weak link in the security pipeline of our increasingly mobile communication culture. PMID:24345925

Generating the Local Oscillator "Locally" in Continuous-Variable Quantum Key Distribution Based on Coherent Detection

NASA Astrophysics Data System (ADS)

Qi, Bing; Lougovski, Pavel; Pooser, Raphael; Grice, Warren; Bobrek, Miljko

2015-10-01

Continuous-variable quantum key distribution (CV-QKD) protocols based on coherent detection have been studied extensively in both theory and experiment. In all the existing implementations of CV-QKD, both the quantum signal and the local oscillator (LO) are generated from the same laser and propagate through the insecure quantum channel. This arrangement may open security loopholes and limit the potential applications of CV-QKD. In this paper, we propose and demonstrate a pilot-aided feedforward data recovery scheme that enables reliable coherent detection using a "locally" generated LO. Using two independent commercial laser sources and a spool of 25-km optical fiber, we construct a coherent communication system. The variance of the phase noise introduced by the proposed scheme is measured to be 0.04 (rad2 ), which is small enough to enable secure key distribution. This technology also opens the door for other quantum communication protocols, such as the recently proposed measurement-device-independent CV-QKD, where independent light sources are employed by different users.

Common-signal-induced synchronization in photonic integrated circuits and its application to secure key distribution.

PubMed

Sasaki, Takuma; Kakesu, Izumi; Mitsui, Yusuke; Rontani, Damien; Uchida, Atsushi; Sunada, Satoshi; Yoshimura, Kazuyuki; Inubushi, Masanobu

2017-10-16

We experimentally achieve common-signal-induced synchronization in two photonic integrated circuits with short external cavities driven by a constant-amplitude random-phase light. The degree of synchronization can be controlled by changing the optical feedback phase of the two photonic integrated circuits. The change in the optical feedback phase leads to a significant redistribution of the spectral energy of optical and RF spectra, which is a unique characteristic of PICs with the short external cavity. The matching of the RF and optical spectra is necessary to achieve synchronization between the two PICs, and stable synchronization can be obtained over an hour in the presence of optical feedback. We succeed in generating information-theoretic secure keys and achieving the final key generation rate of 184 kb/s using the PICs.

Quantum dense key distribution

DOE Office of Scientific and Technical Information (OSTI.GOV)

Degiovanni, I.P.; Ruo Berchera, I.; Castelletto, S.

2004-03-01

This paper proposes a protocol for quantum dense key distribution. This protocol embeds the benefits of a quantum dense coding and a quantum key distribution and is able to generate shared secret keys four times more efficiently than the Bennet-Brassard 1984 protocol. We hereinafter prove the security of this scheme against individual eavesdropping attacks, and we present preliminary experimental results, showing its feasibility.

Modified Multi Prime RSA Cryptosystem

NASA Astrophysics Data System (ADS)

Ghazali Kamardan, M.; Aminudin, N.; Che-Him, Norziha; Sufahani, Suliadi; Khalid, Kamil; Roslan, Rozaini

2018-04-01

RSA [1] is one of the mostly used cryptosystem in securing data and information. Though, it has been recently discovered that RSA has some weaknesses and in advance technology, RSA is believed to be inefficient especially when it comes to decryption. Thus, a new algorithm called Multi prime RSA, an extended version of the standard RSA is studied. Then, a modification is made to the Multi prime RSA where another keys is shared secretly between the receiver and the sender to increase the securerity. As in RSA, the methodology used for modified Multi-prime RSA also consists of three phases; 1. Key Generation in which the secret and public keys are generated and published. In this phase, the secrecy is improved by adding more prime numbers and addition of secret keys. 2. Encryption of the message using the public and secret keys given. 3. Decryption of the secret message using the secret key generated. For the decryption phase, a method called Chinese Remainder Theorem is used which helps to fasten the computation. Since Multi prime RSA use more than two prime numbers, the algorithm is more efficient and secure when compared to the standard RSA. Furthermore, in modified Multi prime RSA another secret key is introduced to increase the obstacle to the attacker. Therefore, it is strongly believed that this new algorithm is better and can be an alternative to the RSA.

Field demonstration of a continuous-variable quantum key distribution network.

PubMed

Huang, Duan; Huang, Peng; Li, Huasheng; Wang, Tao; Zhou, Yingming; Zeng, Guihua

2016-08-01

We report on what we believe is the first field implementation of a continuous-variable quantum key distribution (CV-QKD) network with point-to-point configuration. Four QKD nodes are deployed on standard communication infrastructures connected with commercial telecom optical fiber. Reliable key exchange is achieved in the wavelength-division-multiplexing CV-QKD network. The impact of a complex and volatile field environment on the excess noise is investigated, since excess noise controlling and reduction is arguably the major issue pertaining to distance and the secure key rate. We confirm the applicability and verify the maturity of the CV-QKD network in a metropolitan area, thus paving the way for a next-generation global secure communication network.

Biometric Methods for Secure Communications in Body Sensor Networks: Resource-Efficient Key Management and Signal-Level Data Scrambling

NASA Astrophysics Data System (ADS)

Bui, Francis Minhthang; Hatzinakos, Dimitrios

2007-12-01

As electronic communications become more prevalent, mobile and universal, the threats of data compromises also accordingly loom larger. In the context of a body sensor network (BSN), which permits pervasive monitoring of potentially sensitive medical data, security and privacy concerns are particularly important. It is a challenge to implement traditional security infrastructures in these types of lightweight networks since they are by design limited in both computational and communication resources. A key enabling technology for secure communications in BSN's has emerged to be biometrics. In this work, we present two complementary approaches which exploit physiological signals to address security issues: (1) a resource-efficient key management system for generating and distributing cryptographic keys to constituent sensors in a BSN; (2) a novel data scrambling method, based on interpolation and random sampling, that is envisioned as a potential alternative to conventional symmetric encryption algorithms for certain types of data. The former targets the resource constraints in BSN's, while the latter addresses the fuzzy variability of biometric signals, which has largely precluded the direct application of conventional encryption. Using electrocardiogram (ECG) signals as biometrics, the resulting computer simulations demonstrate the feasibility and efficacy of these methods for delivering secure communications in BSN's.

Round-robin differential-phase-shift quantum key distribution with a passive decoy state method

PubMed Central

Liu, Li; Guo, Fen-Zhuo; Qin, Su-Juan; Wen, Qiao-Yan

2017-01-01

Recently, a new type of protocol named Round-robin differential-phase-shift quantum key distribution (RRDPS QKD) was proposed, where the security can be guaranteed without monitoring conventional signal disturbances. The active decoy state method can be used in this protocol to overcome the imperfections of the source. But, it may lead to side channel attacks and break the security of QKD systems. In this paper, we apply the passive decoy state method to the RRDPS QKD protocol. Not only can the more environment disturbance be tolerated, but in addition it can overcome side channel attacks on the sources. Importantly, we derive a new key generation rate formula for our RRDPS protocol using passive decoy states and enhance the key generation rate. We also compare the performance of our RRDPS QKD to that using the active decoy state method and the original RRDPS QKD without any decoy states. From numerical simulations, the performance improvement of the RRDPS QKD by our new method can be seen. PMID:28198808

Quantum key distribution session with 16-dimensional photonic states.

PubMed

Etcheverry, S; Cañas, G; Gómez, E S; Nogueira, W A T; Saavedra, C; Xavier, G B; Lima, G

2013-01-01

The secure transfer of information is an important problem in modern telecommunications. Quantum key distribution (QKD) provides a solution to this problem by using individual quantum systems to generate correlated bits between remote parties, that can be used to extract a secret key. QKD with D-dimensional quantum channels provides security advantages that grow with increasing D. However, the vast majority of QKD implementations has been restricted to two dimensions. Here we demonstrate the feasibility of using higher dimensions for real-world quantum cryptography by performing, for the first time, a fully automated QKD session based on the BB84 protocol with 16-dimensional quantum states. Information is encoded in the single-photon transverse momentum and the required states are dynamically generated with programmable spatial light modulators. Our setup paves the way for future developments in the field of experimental high-dimensional QKD.

Quantum key distribution session with 16-dimensional photonic states

NASA Astrophysics Data System (ADS)

Etcheverry, S.; Cañas, G.; Gómez, E. S.; Nogueira, W. A. T.; Saavedra, C.; Xavier, G. B.; Lima, G.

2013-07-01

The secure transfer of information is an important problem in modern telecommunications. Quantum key distribution (QKD) provides a solution to this problem by using individual quantum systems to generate correlated bits between remote parties, that can be used to extract a secret key. QKD with D-dimensional quantum channels provides security advantages that grow with increasing D. However, the vast majority of QKD implementations has been restricted to two dimensions. Here we demonstrate the feasibility of using higher dimensions for real-world quantum cryptography by performing, for the first time, a fully automated QKD session based on the BB84 protocol with 16-dimensional quantum states. Information is encoded in the single-photon transverse momentum and the required states are dynamically generated with programmable spatial light modulators. Our setup paves the way for future developments in the field of experimental high-dimensional QKD.

Quantum key distribution session with 16-dimensional photonic states

PubMed Central

Etcheverry, S.; Cañas, G.; Gómez, E. S.; Nogueira, W. A. T.; Saavedra, C.; Xavier, G. B.; Lima, G.

2013-01-01

The secure transfer of information is an important problem in modern telecommunications. Quantum key distribution (QKD) provides a solution to this problem by using individual quantum systems to generate correlated bits between remote parties, that can be used to extract a secret key. QKD with D-dimensional quantum channels provides security advantages that grow with increasing D. However, the vast majority of QKD implementations has been restricted to two dimensions. Here we demonstrate the feasibility of using higher dimensions for real-world quantum cryptography by performing, for the first time, a fully automated QKD session based on the BB84 protocol with 16-dimensional quantum states. Information is encoded in the single-photon transverse momentum and the required states are dynamically generated with programmable spatial light modulators. Our setup paves the way for future developments in the field of experimental high-dimensional QKD. PMID:23897033

State of Hispanic America: Working toward a More Secure Future. White Paper

ERIC Educational Resources Information Center

Vargas Poppe, Samanatha

2016-01-01

This document provides an analysis of key themes, as they relate to the U.S. Latino population, included in the President's 2016 State of the Union Address. Addressing these issues is critical to extend opportunity to more people to help ensure national prosperity and security for generations to come.

Deterministic MDI QKD with two secret bits per shared entangled pair

NASA Astrophysics Data System (ADS)

Zebboudj, Sofia; Omar, Mawloud

2018-03-01

Although quantum key distribution schemes have been proven theoretically secure, they are based on assumptions about the devices that are not yet satisfied with today's technology. The measurement-device-independent scheme has been proposed to shorten the gap between theory and practice by removing all detector side-channel attacks. On the other hand, two-way quantum key distribution schemes have been proposed to raise the secret key generation rate. In this paper, we propose a new quantum key distribution scheme able to achieve a relatively high secret key generation rate based on two-way quantum key distribution that also inherits the robustness of the measurement-device-independent scheme against detector side-channel attacks.

Practical passive decoy state measurement-device-independent quantum key distribution with unstable sources.

PubMed

Liu, Li; Guo, Fen-Zhuo; Wen, Qiao-Yan

2017-09-12

Measurement-device-independent quantum key distribution (MDI-QKD) with the active decoy state method can remove all detector loopholes, and resist the imperfections of sources. But it may lead to side channel attacks and break the security of QKD system. In this paper, we apply the passive decoy state method to the MDI-QKD based on polarization encoding mode. Not only all attacks on detectors can be removed, but also the side channel attacks on sources can be overcome. We get that the MDI-QKD with our passive decoy state method can have a performance comparable to the protocol with the active decoy state method. To fit for the demand of practical application, we discuss intensity fluctuation in the security analysis of MDI-QKD protocol using passive decoy state method, and derive the key generation rate for our protocol with intensity fluctuation. It shows that intensity fluctuation has an adverse effect on the key generation rate which is non-negligible, especially in the case of small data size of total transmitting signals and long distance transmission. We give specific simulations on the relationship between intensity fluctuation and the key generation rate. Furthermore, the statistical fluctuation due to the finite length of data is also taken into account.

Secure polarization-independent subcarrier quantum key distribution in optical fiber channel using BB84 protocol with a strong reference.

PubMed

Gleim, A V; Egorov, V I; Nazarov, Yu V; Smirnov, S V; Chistyakov, V V; Bannik, O I; Anisimov, A A; Kynev, S M; Ivanova, A E; Collins, R J; Kozlov, S A; Buller, G S

2016-02-08

A quantum key distribution system based on the subcarrier wave modulation method has been demonstrated which employs the BB84 protocol with a strong reference to generate secure bits at a rate of 16.5 kbit/s with an error of 0.5% over an optical channel of 10 dB loss, and 18 bits/s with an error of 0.75% over 25 dB of channel loss. To the best of our knowledge, these results represent the highest channel loss reported for secure quantum key distribution using the subcarrier wave approach. A passive unidirectional scheme has been used to compensate for the polarization dependence of the phase modulators in the receiver module, which resulted in a high visibility of 98.8%. The system is thus fully insensitive to polarization fluctuations and robust to environmental changes, making the approach promising for use in optical telecommunication networks. Further improvements in secure key rate and transmission distance can be achieved by implementing the decoy states protocol or by optimizing the mean photon number used in line with experimental parameters.

Quantum-key-distribution protocol with pseudorandom bases

NASA Astrophysics Data System (ADS)

Trushechkin, A. S.; Tregubov, P. A.; Kiktenko, E. O.; Kurochkin, Y. V.; Fedorov, A. K.

2018-01-01

Quantum key distribution (QKD) offers a way for establishing information-theoretical secure communications. An important part of QKD technology is a high-quality random number generator for the quantum-state preparation and for post-processing procedures. In this work, we consider a class of prepare-and-measure QKD protocols, utilizing additional pseudorandomness in the preparation of quantum states. We study one of such protocols and analyze its security against the intercept-resend attack. We demonstrate that, for single-photon sources, the considered protocol gives better secret key rates than the BB84 and the asymmetric BB84 protocols. However, the protocol strongly requires single-photon sources.

The engineering of a scalable multi-site communications system utilizing quantum key distribution (QKD)

NASA Astrophysics Data System (ADS)

Tysowski, Piotr K.; Ling, Xinhua; Lütkenhaus, Norbert; Mosca, Michele

2018-04-01

Quantum key distribution (QKD) is a means of generating keys between a pair of computing hosts that is theoretically secure against cryptanalysis, even by a quantum computer. Although there is much active research into improving the QKD technology itself, there is still significant work to be done to apply engineering methodology and determine how it can be practically built to scale within an enterprise IT environment. Significant challenges exist in building a practical key management service (KMS) for use in a metropolitan network. QKD is generally a point-to-point technique only and is subject to steep performance constraints. The integration of QKD into enterprise-level computing has been researched, to enable quantum-safe communication. A novel method for constructing a KMS is presented that allows arbitrary computing hosts on one site to establish multiple secure communication sessions with the hosts of another site. A key exchange protocol is proposed where symmetric private keys are granted to hosts while satisfying the scalability needs of an enterprise population of users. The KMS operates within a layered architectural style that is able to interoperate with various underlying QKD implementations. Variable levels of security for the host population are enforced through a policy engine. A network layer provides key generation across a network of nodes connected by quantum links. Scheduling and routing functionality allows quantum key material to be relayed across trusted nodes. Optimizations are performed to match the real-time host demand for key material with the capacity afforded by the infrastructure. The result is a flexible and scalable architecture that is suitable for enterprise use and independent of any specific QKD technology.

Four-dimensional key design in amplitude, phase, polarization and distance for optical encryption based on polarization digital holography and QR code.

PubMed

Lin, Chao; Shen, Xueju; Li, Baochen

2014-08-25

We demonstrate that all parameters of optical lightwave can be simultaneously designed as keys in security system. This multi-dimensional property of key can significantly enlarge the key space and further enhance the security level of the system. The single-shot off-axis digital holography with orthogonal polarized reference waves is employed to perform polarization state recording on object wave. Two pieces of polarization holograms are calculated and fabricated to be arranged in reference arms to generate random amplitude and phase distribution respectively. When reconstruction, original information which is represented with QR code can be retrieved using Fresnel diffraction with decryption keys and read out noise-free. Numerical simulation results for this cryptosystem are presented. An analysis on the key sensitivity and fault tolerance properties are also provided.

Security in the Cache and Forward Architecture for the Next Generation Internet

NASA Astrophysics Data System (ADS)

Hadjichristofi, G. C.; Hadjicostis, C. N.; Raychaudhuri, D.

The future Internet architecture will be comprised predominately of wireless devices. It is evident at this stage that the TCP/IP protocol that was developed decades ago will not properly support the required network functionalities since contemporary communication profiles tend to be data-driven rather than host-based. To address this paradigm shift in data propagation, a next generation architecture has been proposed, the Cache and Forward (CNF) architecture. This research investigates security aspects of this new Internet architecture. More specifically, we discuss content privacy, secure routing, key management and trust management. We identify security weaknesses of this architecture that need to be addressed and we derive security requirements that should guide future research directions. Aspects of the research can be adopted as a step-stone as we build the future Internet.

76 FR 11433 - Federal Transition To Secure Hash Algorithm (SHA)-256

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-02

... generating digital signatures. Current information systems, Web servers, applications and workstation operating systems were designed to process, and use SHA-1 generated signatures. National Institute of... cryptographic keys, and more robust algorithms by December 2013. Government systems may begin to encounter...

A Weak Value Based QKD Protocol Robust Against Detector Attacks

NASA Astrophysics Data System (ADS)

Troupe, James

2015-03-01

We propose a variation of the BB84 quantum key distribution protocol that utilizes the properties of weak values to insure the validity of the quantum bit error rate estimates used to detect an eavesdropper. The protocol is shown theoretically to be secure against recently demonstrated attacks utilizing detector blinding and control and should also be robust against all detector based hacking. Importantly, the new protocol promises to achieve this additional security without negatively impacting the secure key generation rate as compared to that originally promised by the standard BB84 scheme. Implementation of the weak measurements needed by the protocol should be very feasible using standard quantum optical techniques.

Counterfactual quantum key distribution with high efficiency

NASA Astrophysics Data System (ADS)

Sun, Ying; Wen, Qiao-Yan

2010-11-01

In a counterfactual quantum key distribution scheme, a secret key can be generated merely by transmitting the split vacuum pulses of single particles. We improve the efficiency of the first quantum key distribution scheme based on the counterfactual phenomenon. This scheme not only achieves the same security level as the original one but also has higher efficiency. We also analyze how to achieve the optimal efficiency under various conditions.

Counterfactual quantum key distribution with high efficiency

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sun Ying; Beijing Electronic Science and Technology Institute, Beijing 100070; Wen Qiaoyan

2010-11-15

In a counterfactual quantum key distribution scheme, a secret key can be generated merely by transmitting the split vacuum pulses of single particles. We improve the efficiency of the first quantum key distribution scheme based on the counterfactual phenomenon. This scheme not only achieves the same security level as the original one but also has higher efficiency. We also analyze how to achieve the optimal efficiency under various conditions.

Decoy-state quantum key distribution with a leaky source

NASA Astrophysics Data System (ADS)

Tamaki, Kiyoshi; Curty, Marcos; Lucamarini, Marco

2016-06-01

In recent years, there has been a great effort to prove the security of quantum key distribution (QKD) with a minimum number of assumptions. Besides its intrinsic theoretical interest, this would allow for larger tolerance against device imperfections in the actual implementations. However, even in this device-independent scenario, one assumption seems unavoidable, that is, the presence of a protected space devoid of any unwanted information leakage in which the legitimate parties can privately generate, process and store their classical data. In this paper we relax this unrealistic and hardly feasible assumption and introduce a general formalism to tackle the information leakage problem in most of existing QKD systems. More specifically, we prove the security of optical QKD systems using phase and intensity modulators in their transmitters, which leak the setting information in an arbitrary manner. We apply our security proof to cases of practical interest and show key rates similar to those obtained in a perfectly shielded environment. Our work constitutes a fundamental step forward in guaranteeing implementation security of quantum communication systems.

Generating the local oscillator "locally" in continuous-variable quantum key distribution based on coherent detection

DOE PAGES

Qi, Bing; Lougovski, Pavel; Pooser, Raphael C.; ...

2015-10-21

Continuous-variable quantum key distribution (CV-QKD) protocols based on coherent detection have been studied extensively in both theory and experiment. In all the existing implementations of CV-QKD, both the quantum signal and the local oscillator (LO) are generated from the same laser and propagate through the insecure quantum channel. This arrangement may open security loopholes and limit the potential applications of CV-QKD. In our paper, we propose and demonstrate a pilot-aided feedforward data recovery scheme that enables reliable coherent detection using a “locally” generated LO. Using two independent commercial laser sources and a spool of 25-km optical fiber, we construct amore » coherent communication system. The variance of the phase noise introduced by the proposed scheme is measured to be 0.04 (rad 2), which is small enough to enable secure key distribution. This technology opens the door for other quantum communication protocols, such as the recently proposed measurement-device-independent CV-QKD, where independent light sources are employed by different users.« less

Efficient and universal quantum key distribution based on chaos and middleware

NASA Astrophysics Data System (ADS)

Jiang, Dong; Chen, Yuanyuan; Gu, Xuemei; Xie, Ling; Chen, Lijun

2017-01-01

Quantum key distribution (QKD) promises unconditionally secure communications, however, the low bit rate of QKD cannot meet the requirements of high-speed applications. Despite the many solutions that have been proposed in recent years, they are neither efficient to generate the secret keys nor compatible with other QKD systems. This paper, based on chaotic cryptography and middleware technology, proposes an efficient and universal QKD protocol that can be directly deployed on top of any existing QKD system without modifying the underlying QKD protocol and optical platform. It initially takes the bit string generated by the QKD system as input, periodically updates the chaotic system, and efficiently outputs the bit sequences. Theoretical analysis and simulation results demonstrate that our protocol can efficiently increase the bit rate of the QKD system as well as securely generate bit sequences with perfect statistical properties. Compared with the existing methods, our protocol is more efficient and universal, it can be rapidly deployed on the QKD system to increase the bit rate when the QKD system becomes the bottleneck of its communication system.

RSA-Based Password-Authenticated Key Exchange, Revisited

NASA Astrophysics Data System (ADS)

Shin, Seonghan; Kobara, Kazukuni; Imai, Hideki

The RSA-based Password-Authenticated Key Exchange (PAKE) protocols have been proposed to realize both mutual authentication and generation of secure session keys where a client is sharing his/her password only with a server and the latter should generate its RSA public/private key pair (e, n), (d, n) every time due to the lack of PKI (Public-Key Infrastructures). One of the ways to avoid a special kind of off-line (so called e-residue) attacks in the RSA-based PAKE protocols is to deploy a challenge/response method by which a client verifies the relative primality of e and φ(n) interactively with a server. However, this kind of RSA-based PAKE protocols did not give any proof of the underlying challenge/response method and therefore could not specify the exact complexity of their protocols since there exists another security parameter, needed in the challenge/response method. In this paper, we first present an RSA-based PAKE (RSA-PAKE) protocol that can deploy two different challenge/response methods (denoted by Challenge/Response Method1 and Challenge/Response Method2). The main contributions of this work include: (1) Based on the number theory, we prove that the Challenge/Response Method1 and the Challenge/Response Method2 are secure against e-residue attacks for any odd prime e (2) With the security parameter for the on-line attacks, we show that the RSA-PAKE protocol is provably secure in the random oracle model where all of the off-line attacks are not more efficient than on-line dictionary attacks; and (3) By considering the Hamming weight of e and its complexity in the. RSA-PAKE protocol, we search for primes to be recommended for a practical use. We also compare the RSA-PAKE protocol with the previous ones mainly in terms of computation and communication complexities.

All about Eve: Secret Sharing using Quantum Effects

NASA Technical Reports Server (NTRS)

Jackson, Deborah J.

2005-01-01

This document discusses the nature of light (including classical light and photons), encryption, quantum key distribution (QKD), light polarization and beamsplitters and their application to information communication. A quantum of light represents the smallest possible subdivision of radiant energy (light) and is called a photon. The QKD key generation sequence is outlined including the receiver broadcasting the initial signal indicating reception availability, timing pulses from the sender to provide reference for gated detection of photons, the sender generating photons through random polarization while the receiver detects photons with random polarization and communicating via data link to mutually establish random keys. The QKD network vision includes inter-SATCOM, point-to-point Gnd Fiber and SATCOM-fiber nodes. QKD offers an unconditionally secure method of exchanging encryption keys. Ongoing research will focus on how to increase the key generation rate.

BossPro: a biometrics-based obfuscation scheme for software protection

NASA Astrophysics Data System (ADS)

Kuseler, Torben; Lami, Ihsan A.; Al-Assam, Hisham

2013-05-01

This paper proposes to integrate biometric-based key generation into an obfuscated interpretation algorithm to protect authentication application software from illegitimate use or reverse-engineering. This is especially necessary for mCommerce because application programmes on mobile devices, such as Smartphones and Tablet-PCs are typically open for misuse by hackers. Therefore, the scheme proposed in this paper ensures that a correct interpretation / execution of the obfuscated program code of the authentication application requires a valid biometric generated key of the actual person to be authenticated, in real-time. Without this key, the real semantics of the program cannot be understood by an attacker even if he/she gains access to this application code. Furthermore, the security provided by this scheme can be a vital aspect in protecting any application running on mobile devices that are increasingly used to perform business/financial or other security related applications, but are easily lost or stolen. The scheme starts by creating a personalised copy of any application based on the biometric key generated during an enrolment process with the authenticator as well as a nuance created at the time of communication between the client and the authenticator. The obfuscated code is then shipped to the client's mobile devise and integrated with real-time biometric extracted data of the client to form the unlocking key during execution. The novelty of this scheme is achieved by the close binding of this application program to the biometric key of the client, thus making this application unusable for others. Trials and experimental results on biometric key generation, based on client's faces, and an implemented scheme prototype, based on the Android emulator, prove the concept and novelty of this proposed scheme.

Novel single photon sources for new generation of quantum communications

DTIC Science & Technology

2017-06-13

be used as building blocks for quantum cryptography and quantum key distribution There were numerous important achievements for the projects in the...single photon sources that will be used as build- ing blocks for quantum cryptography and quantum key distribution There were numerous im- portant...and enable absolutely secured information transfer between distant nodes – key prerequisite for quantum cryptography . Experiment: the experimental

Security analysis and enhanced user authentication in proxy mobile IPv6 networks.

PubMed

Kang, Dongwoo; Jung, Jaewook; Lee, Donghoon; Kim, Hyoungshick; Won, Dongho

2017-01-01

The Proxy Mobile IPv6 (PMIPv6) is a network-based mobility management protocol that allows a Mobile Node(MN) connected to the PMIPv6 domain to move from one network to another without changing the assigned IPv6 address. The user authentication procedure in this protocol is not standardized, but many smartcard based authentication schemes have been proposed. Recently, Alizadeh et al. proposed an authentication scheme for the PMIPv6. However, it could allow an attacker to derive an encryption key that must be securely shared between MN and the Mobile Access Gate(MAG). As a result, outsider adversary can derive MN's identity, password and session key. In this paper, we analyze Alizadeh et al.'s scheme regarding security and propose an enhanced authentication scheme that uses a dynamic identity to satisfy anonymity. Furthermore, we use BAN logic to show that our scheme can successfully generate and communicate with the inter-entity session key.

Security analysis and improvements to the PsychoPass method.

PubMed

Brumen, Bostjan; Heričko, Marjan; Rozman, Ivan; Hölbl, Marko

2013-08-13

In a recent paper, Pietro Cipresso et al proposed the PsychoPass method, a simple way to create strong passwords that are easy to remember. However, the method has some security issues that need to be addressed. To perform a security analysis on the PsychoPass method and outline the limitations of and possible improvements to the method. We used the brute force analysis and dictionary attack analysis of the PsychoPass method to outline its weaknesses. The first issue with the Psychopass method is that it requires the password reproduction on the same keyboard layout as was used to generate the password. The second issue is a security weakness: although the produced password is 24 characters long, the password is still weak. We elaborate on the weakness and propose a solution that produces strong passwords. The proposed version first requires the use of the SHIFT and ALT-GR keys in combination with other keys, and second, the keys need to be 1-2 distances apart. The proposed improved PsychoPass method yields passwords that can be broken only in hundreds of years based on current computing powers. The proposed PsychoPass method requires 10 keys, as opposed to 20 keys in the original method, for comparable password strength.

Security Analysis and Improvements to the PsychoPass Method

PubMed Central

2013-01-01

Background In a recent paper, Pietro Cipresso et al proposed the PsychoPass method, a simple way to create strong passwords that are easy to remember. However, the method has some security issues that need to be addressed. Objective To perform a security analysis on the PsychoPass method and outline the limitations of and possible improvements to the method. Methods We used the brute force analysis and dictionary attack analysis of the PsychoPass method to outline its weaknesses. Results The first issue with the Psychopass method is that it requires the password reproduction on the same keyboard layout as was used to generate the password. The second issue is a security weakness: although the produced password is 24 characters long, the password is still weak. We elaborate on the weakness and propose a solution that produces strong passwords. The proposed version first requires the use of the SHIFT and ALT-GR keys in combination with other keys, and second, the keys need to be 1-2 distances apart. Conclusions The proposed improved PsychoPass method yields passwords that can be broken only in hundreds of years based on current computing powers. The proposed PsychoPass method requires 10 keys, as opposed to 20 keys in the original method, for comparable password strength. PMID:23942458

Sport and Physical Activity in a High Security Spanish Prison: An Ethnographic Study of Multiple Meanings

ERIC Educational Resources Information Center

Martos-Garcia, Daniel; Devis-Devis, Jose; Sparkes, Andrew C.

2009-01-01

Drawing on data generated by a two-year ethnographic study in a high security Spanish prison, this article explores the multiple meanings given to the social practices of sport and physical activity. We provide details of the following key themes that emerged from the analysis: (a) escaping time; (b) perceived therapeutic benefits; (c) social…

Ensemble of Chaotic and Naive Approaches for Performance Enhancement in Video Encryption.

PubMed

Chandrasekaran, Jeyamala; Thiruvengadam, S J

2015-01-01

Owing to the growth of high performance network technologies, multimedia applications over the Internet are increasing exponentially. Applications like video conferencing, video-on-demand, and pay-per-view depend upon encryption algorithms for providing confidentiality. Video communication is characterized by distinct features such as large volume, high redundancy between adjacent frames, video codec compliance, syntax compliance, and application specific requirements. Naive approaches for video encryption encrypt the entire video stream with conventional text based cryptographic algorithms. Although naive approaches are the most secure for video encryption, the computational cost associated with them is very high. This research work aims at enhancing the speed of naive approaches through chaos based S-box design. Chaotic equations are popularly known for randomness, extreme sensitivity to initial conditions, and ergodicity. The proposed methodology employs two-dimensional discrete Henon map for (i) generation of dynamic and key-dependent S-box that could be integrated with symmetric algorithms like Blowfish and Data Encryption Standard (DES) and (ii) generation of one-time keys for simple substitution ciphers. The proposed design is tested for randomness, nonlinearity, avalanche effect, bit independence criterion, and key sensitivity. Experimental results confirm that chaos based S-box design and key generation significantly reduce the computational cost of video encryption with no compromise in security.

Ensemble of Chaotic and Naive Approaches for Performance Enhancement in Video Encryption

PubMed Central

Chandrasekaran, Jeyamala; Thiruvengadam, S. J.

2015-01-01

Owing to the growth of high performance network technologies, multimedia applications over the Internet are increasing exponentially. Applications like video conferencing, video-on-demand, and pay-per-view depend upon encryption algorithms for providing confidentiality. Video communication is characterized by distinct features such as large volume, high redundancy between adjacent frames, video codec compliance, syntax compliance, and application specific requirements. Naive approaches for video encryption encrypt the entire video stream with conventional text based cryptographic algorithms. Although naive approaches are the most secure for video encryption, the computational cost associated with them is very high. This research work aims at enhancing the speed of naive approaches through chaos based S-box design. Chaotic equations are popularly known for randomness, extreme sensitivity to initial conditions, and ergodicity. The proposed methodology employs two-dimensional discrete Henon map for (i) generation of dynamic and key-dependent S-box that could be integrated with symmetric algorithms like Blowfish and Data Encryption Standard (DES) and (ii) generation of one-time keys for simple substitution ciphers. The proposed design is tested for randomness, nonlinearity, avalanche effect, bit independence criterion, and key sensitivity. Experimental results confirm that chaos based S-box design and key generation significantly reduce the computational cost of video encryption with no compromise in security. PMID:26550603

A secure transmission scheme of streaming media based on the encrypted control message

NASA Astrophysics Data System (ADS)

Li, Bing; Jin, Zhigang; Shu, Yantai; Yu, Li

2007-09-01

As the use of streaming media applications increased dramatically in recent years, streaming media security becomes an important presumption, protecting the privacy. This paper proposes a new encryption scheme in view of characteristics of streaming media and the disadvantage of the living method: encrypt the control message in the streaming media with the high security lever and permute and confuse the data which is non control message according to the corresponding control message. Here the so-called control message refers to the key data of the streaming media, including the streaming media header and the header of the video frame, and the seed key. We encrypt the control message using the public key encryption algorithm which can provide high security lever, such as RSA. At the same time we make use of the seed key to generate key stream, from which the permutation list P responding to GOP (group of picture) is derived. The plain text of the non-control message XORs the key stream and gets the middle cipher text. And then obtained one is permutated according to P. In contrast the decryption process is the inverse process of the above. We have set up a testbed for the above scheme and found our scheme is six to eight times faster than the conventional method. It can be applied not only between PCs but also between handheld devices.

Public-key quantum digital signature scheme with one-time pad private-key

NASA Astrophysics Data System (ADS)

Chen, Feng-Lin; Liu, Wan-Fang; Chen, Su-Gen; Wang, Zhi-Hua

2018-01-01

A quantum digital signature scheme is firstly proposed based on public-key quantum cryptosystem. In the scheme, the verification public-key is derived from the signer's identity information (such as e-mail) on the foundation of identity-based encryption, and the signature private-key is generated by one-time pad (OTP) protocol. The public-key and private-key pair belongs to classical bits, but the signature cipher belongs to quantum qubits. After the signer announces the public-key and generates the final quantum signature, each verifier can verify publicly whether the signature is valid or not with the public-key and quantum digital digest. Analysis results show that the proposed scheme satisfies non-repudiation and unforgeability. Information-theoretic security of the scheme is ensured by quantum indistinguishability mechanics and OTP protocol. Based on the public-key cryptosystem, the proposed scheme is easier to be realized compared with other quantum signature schemes under current technical conditions.

An Improved EKG-Based Key Agreement Scheme for Body Area Networks

NASA Astrophysics Data System (ADS)

Ali, Aftab; Khan, Farrukh Aslam

Body area networks (BANs) play an important role in mobile health monitoring such as, monitoring the health of patients in a hospital or physical status of soldiers in a battlefield. By securing the BAN, we actually secure the lives of soldiers or patients. This work presents an electrocardiogram (EKG) based key agreement scheme using discrete wavelet transform (DWT) for the sake of generating a common key in a body area network. The use of EKG brings plug-and-play capability in BANs; i.e., the sensors are just placed on the human body and a secure communication is started among these sensors. The process is made secure by using the iris or fingerprints to lock and then unlock the blocks during exchange between the communicating sensors. The locking and unlocking is done through watermarking. When a watermark is added at the sender side, the block is locked and when it is removed at the receiver side, the block is unlocked. By using iris or fingerprints, the security of the technique improves and its plug-and-play capability is not affected. The analysis is done by using real 2-lead EKG data sampled at a rate of 125 Hz taken from MIT PhysioBank database.

Backup key generation model for one-time password security protocol

NASA Astrophysics Data System (ADS)

Jeyanthi, N.; Kundu, Sourav

2017-11-01

The use of one-time password (OTP) has ushered new life into the existing authentication protocols used by the software industry. It introduced a second layer of security to the traditional username-password authentication, thus coining the term, two-factor authentication. One of the drawbacks of this protocol is the unreliability of the hardware token at the time of authentication. This paper proposes a simple backup key model that can be associated with the real world applications’user database, which would allow a user to circumvent the second authentication stage, in the event of unavailability of the hardware token.

Field test of a practical secure communication network with decoy-state quantum cryptography.

PubMed

Chen, Teng-Yun; Liang, Hao; Liu, Yang; Cai, Wen-Qi; Ju, Lei; Liu, Wei-Yue; Wang, Jian; Yin, Hao; Chen, Kai; Chen, Zeng-Bing; Peng, Cheng-Zhi; Pan, Jian-Wei

2009-04-13

We present a secure network communication system that operated with decoy-state quantum cryptography in a real-world application scenario. The full key exchange and application protocols were performed in real time among three nodes, in which two adjacent nodes were connected by approximate 20 km of commercial telecom optical fiber. The generated quantum keys were immediately employed and demonstrated for communication applications, including unbreakable real-time voice telephone between any two of the three communication nodes, or a broadcast from one node to the other two nodes by using one-time pad encryption.

Enhanced diffie-hellman algorithm for reliable key exchange

NASA Astrophysics Data System (ADS)

Aryan; Kumar, Chaithanya; Vincent, P. M. Durai Raj

2017-11-01

The Diffie -Hellman is one of the first public-key procedure and is a certain way of exchanging the cryptographic keys securely. This concept was introduced by Ralph Markel and it is named after Whitfield Diffie and Martin Hellman. Sender and Receiver make a common secret key in Diffie-Hellman algorithm and then they start communicating with each other over the public channel which is known to everyone. A number of internet services are secured by Diffie -Hellman. In Public key cryptosystem, the sender has to trust while receiving the public key of the receiver and vice-versa and this is the challenge of public key cryptosystem. Man-in-the-Middle attack is very much possible on the existing Diffie-Hellman algorithm. In man-in-the-middle attack, the attacker exists in the public channel, the attacker receives the public key of both sender and receiver and sends public keys to sender and receiver which is generated by his own. This is how man-in-the-middle attack is possible on Diffie-Hellman algorithm. Denial of service attack is another attack which is found common on Diffie-Hellman. In this attack, the attacker tries to stop the communication happening between sender and receiver and attacker can do this by deleting messages or by confusing the parties with miscommunication. Some more attacks like Insider attack, Outsider attack, etc are possible on Diffie-Hellman. To reduce the possibility of attacks on Diffie-Hellman algorithm, we have enhanced the Diffie-Hellman algorithm to a next level. In this paper, we are extending the Diffie -Hellman algorithm by using the concept of the Diffie -Hellman algorithm to get a stronger secret key and that secret key is further exchanged between the sender and the receiver so that for each message, a new secret shared key would be generated. The second secret key will be generated by taking primitive root of the first secret key.

Deterministic secure quantum communication using a single d-level system.

PubMed

Jiang, Dong; Chen, Yuanyuan; Gu, Xuemei; Xie, Ling; Chen, Lijun

2017-03-22

Deterministic secure quantum communication (DSQC) can transmit secret messages between two parties without first generating a shared secret key. Compared with quantum key distribution (QKD), DSQC avoids the waste of qubits arising from basis reconciliation and thus reaches higher efficiency. In this paper, based on data block transmission and order rearrangement technologies, we propose a DSQC protocol. It utilizes a set of single d-level systems as message carriers, which are used to directly encode the secret message in one communication process. Theoretical analysis shows that these employed technologies guarantee the security, and the use of a higher dimensional quantum system makes our protocol achieve higher security and efficiency. Since only quantum memory is required for implementation, our protocol is feasible with current technologies. Furthermore, Trojan horse attack (THA) is taken into account in our protocol. We give a THA model and show that THA significantly increases the multi-photon rate and can thus be detected.

Noise properties in the ideal Kirchhoff-Law-Johnson-Noise secure communication system.

PubMed

Gingl, Zoltan; Mingesz, Robert

2014-01-01

In this paper we determine the noise properties needed for unconditional security for the ideal Kirchhoff-Law-Johnson-Noise (KLJN) secure key distribution system using simple statistical analysis. It has already been shown using physical laws that resistors and Johnson-like noise sources provide unconditional security. However real implementations use artificial noise generators, therefore it is a question if other kind of noise sources and resistor values could be used as well. We answer this question and in the same time we provide a theoretical basis to analyze real systems as well.

A novel edge based embedding in medical images based on unique key generated using sudoku puzzle design.

PubMed

Santhi, B; Dheeptha, B

2016-01-01

The field of telemedicine has gained immense momentum, owing to the need for transmitting patients' information securely. This paper puts forth a unique method for embedding data in medical images. It is based on edge based embedding and XOR coding. The algorithm proposes a novel key generation technique by utilizing the design of a sudoku puzzle to enhance the security of the transmitted message. The edge blocks of the cover image alone, are utilized to embed the payloads. The least significant bit of the pixel values are changed by XOR coding depending on the data to be embedded and the key generated. Hence the distortion in the stego image is minimized and the information is retrieved accurately. Data is embedded in the RGB planes of the cover image, thus increasing its embedding capacity. Several measures including peak signal noise ratio (PSNR), mean square error (MSE), universal image quality index (UIQI) and correlation coefficient (R) are the image quality measures that have been used to analyze the quality of the stego image. It is evident from the results that the proposed technique outperforms the former methodologies.

A broadcast-based key agreement scheme using set reconciliation for wireless body area networks.

PubMed

Ali, Aftab; Khan, Farrukh Aslam

2014-05-01

Information and communication technologies have thrived over the last few years. Healthcare systems have also benefited from this progression. A wireless body area network (WBAN) consists of small, low-power sensors used to monitor human physiological values remotely, which enables physicians to remotely monitor the health of patients. Communication security in WBANs is essential because it involves human physiological data. Key agreement and authentication are the primary issues in the security of WBANs. To agree upon a common key, the nodes exchange information with each other using wireless communication. This information exchange process must be secure enough or the information exchange should be minimized to a certain level so that if information leak occurs, it does not affect the overall system. Most of the existing solutions for this problem exchange too much information for the sake of key agreement; getting this information is sufficient for an attacker to reproduce the key. Set reconciliation is a technique used to reconcile two similar sets held by two different hosts with minimal communication complexity. This paper presents a broadcast-based key agreement scheme using set reconciliation for secure communication in WBANs. The proposed scheme allows the neighboring nodes to agree upon a common key with the personal server (PS), generated from the electrocardiogram (EKG) feature set of the host body. Minimal information is exchanged in a broadcast manner, and even if every node is missing a different subset, by reconciling these feature sets, the whole network will still agree upon a single common key. Because of the limited information exchange, if an attacker gets the information in any way, he/she will not be able to reproduce the key. The proposed scheme mitigates replay, selective forwarding, and denial of service attacks using a challenge-response authentication mechanism. The simulation results show that the proposed scheme has a great deal of adoptability in terms of security, communication overhead, and running time complexity, as compared to the existing EKG-based key agreement scheme.

An Image Encryption Algorithm Utilizing Julia Sets and Hilbert Curves

PubMed Central

Sun, Yuanyuan; Chen, Lina; Xu, Rudan; Kong, Ruiqing

2014-01-01

Image encryption is an important and effective technique to protect image security. In this paper, a novel image encryption algorithm combining Julia sets and Hilbert curves is proposed. The algorithm utilizes Julia sets’ parameters to generate a random sequence as the initial keys and gets the final encryption keys by scrambling the initial keys through the Hilbert curve. The final cipher image is obtained by modulo arithmetic and diffuse operation. In this method, it needs only a few parameters for the key generation, which greatly reduces the storage space. Moreover, because of the Julia sets’ properties, such as infiniteness and chaotic characteristics, the keys have high sensitivity even to a tiny perturbation. The experimental results indicate that the algorithm has large key space, good statistical property, high sensitivity for the keys, and effective resistance to the chosen-plaintext attack. PMID:24404181

Solution-Processed Carbon Nanotube True Random Number Generator.

PubMed

Gaviria Rojas, William A; McMorrow, Julian J; Geier, Michael L; Tang, Qianying; Kim, Chris H; Marks, Tobin J; Hersam, Mark C

2017-08-09

With the growing adoption of interconnected electronic devices in consumer and industrial applications, there is an increasing demand for robust security protocols when transmitting and receiving sensitive data. Toward this end, hardware true random number generators (TRNGs), commonly used to create encryption keys, offer significant advantages over software pseudorandom number generators. However, the vast network of devices and sensors envisioned for the "Internet of Things" will require small, low-cost, and mechanically flexible TRNGs with low computational complexity. These rigorous constraints position solution-processed semiconducting single-walled carbon nanotubes (SWCNTs) as leading candidates for next-generation security devices. Here, we demonstrate the first TRNG using static random access memory (SRAM) cells based on solution-processed SWCNTs that digitize thermal noise to generate random bits. This bit generation strategy can be readily implemented in hardware with minimal transistor and computational overhead, resulting in an output stream that passes standardized statistical tests for randomness. By using solution-processed semiconducting SWCNTs in a low-power, complementary architecture to achieve TRNG, we demonstrate a promising approach for improving the security of printable and flexible electronics.

Protecting intellectual property in space; Proceedings of the Aerospace Computer Security Conference, McLean, VA, March 20, 1985

NASA Technical Reports Server (NTRS)

1985-01-01

The primary purpose of the Aerospace Computer Security Conference was to bring together people and organizations which have a common interest in protecting intellectual property generated in space. Operational concerns are discussed, taking into account security implications of the space station information system, Space Shuttle security policies and programs, potential uses of probabilistic risk assessment techniques for space station development, key considerations in contingency planning for secure space flight ground control centers, a systematic method for evaluating security requirements compliance, and security engineering of secure ground stations. Subjects related to security technologies are also explored, giving attention to processing requirements of secure C3/I and battle management systems and the development of the Gemini trusted multiple microcomputer base, the Restricted Access Processor system as a security guard designed to protect classified information, and observations on local area network security.

Secure distribution for high resolution remote sensing images

NASA Astrophysics Data System (ADS)

Liu, Jin; Sun, Jing; Xu, Zheng Q.

2010-09-01

The use of remote sensing images collected by space platforms is becoming more and more widespread. The increasing value of space data and its use in critical scenarios call for adoption of proper security measures to protect these data against unauthorized access and fraudulent use. In this paper, based on the characteristics of remote sensing image data and application requirements on secure distribution, a secure distribution method is proposed, including users and regions classification, hierarchical control and keys generation, and multi-level encryption based on regions. The combination of the three parts can make that the same remote sensing images after multi-level encryption processing are distributed to different permission users through multicast, but different permission users can obtain different degree information after decryption through their own decryption keys. It well meets user access control and security needs in the process of high resolution remote sensing image distribution. The experimental results prove the effectiveness of the proposed method which is suitable for practical use in the secure transmission of remote sensing images including confidential information over internet.

Secure self-calibrating quantum random-bit generator

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fiorentino, M.; Santori, C.; Spillane, S. M.

2007-03-15

Random-bit generators (RBGs) are key components of a variety of information processing applications ranging from simulations to cryptography. In particular, cryptographic systems require 'strong' RBGs that produce high-entropy bit sequences, but traditional software pseudo-RBGs have very low entropy content and therefore are relatively weak for cryptography. Hardware RBGs yield entropy from chaotic or quantum physical systems and therefore are expected to exhibit high entropy, but in current implementations their exact entropy content is unknown. Here we report a quantum random-bit generator (QRBG) that harvests entropy by measuring single-photon and entangled two-photon polarization states. We introduce and implement a quantum tomographicmore » method to measure a lower bound on the 'min-entropy' of the system, and we employ this value to distill a truly random-bit sequence. This approach is secure: even if an attacker takes control of the source of optical states, a secure random sequence can be distilled.« less

Making the decoy-state measurement-device-independent quantum key distribution practically useful

NASA Astrophysics Data System (ADS)

Zhou, Yi-Heng; Yu, Zong-Wen; Wang, Xiang-Bin

2016-04-01

The relatively low key rate seems to be the major barrier to its practical use for the decoy-state measurement-device-independent quantum key distribution (MDI-QKD). We present a four-intensity protocol for the decoy-state MDI-QKD that hugely raises the key rate, especially in the case in which the total data size is not large. Also, calculations show that our method makes it possible for secure private communication with fresh keys generated from MDI-QKD with a delay time of only a few seconds.

On the security of consumer wearable devices in the Internet of Things.

PubMed

Tahir, Hasan; Tahir, Ruhma; McDonald-Maier, Klaus

2018-01-01

Miniaturization of computer hardware and the demand for network capable devices has resulted in the emergence of a new class of technology called wearable computing. Wearable devices have many purposes like lifestyle support, health monitoring, fitness monitoring, entertainment, industrial uses, and gaming. Wearable devices are hurriedly being marketed in an attempt to capture an emerging market. Owing to this, some devices do not adequately address the need for security. To enable virtualization and connectivity wearable devices sense and transmit data, therefore it is essential that the device, its data and the user are protected. In this paper the use of novel Integrated Circuit Metric (ICMetric) technology for the provision of security in wearable devices has been suggested. ICMetric technology uses the features of a device to generate an identification which is then used for the provision of cryptographic services. This paper explores how a device ICMetric can be generated by using the accelerometer and gyroscope sensor. Since wearable devices often operate in a group setting the work also focuses on generating a group identification which is then used to deliver services like authentication, confidentiality, secure admission and symmetric key generation. Experiment and simulation results prove that the scheme offers high levels of security without compromising on resource demands.

On the security of consumer wearable devices in the Internet of Things

PubMed Central

Tahir, Hasan; Tahir, Ruhma; McDonald-Maier, Klaus

2018-01-01

Miniaturization of computer hardware and the demand for network capable devices has resulted in the emergence of a new class of technology called wearable computing. Wearable devices have many purposes like lifestyle support, health monitoring, fitness monitoring, entertainment, industrial uses, and gaming. Wearable devices are hurriedly being marketed in an attempt to capture an emerging market. Owing to this, some devices do not adequately address the need for security. To enable virtualization and connectivity wearable devices sense and transmit data, therefore it is essential that the device, its data and the user are protected. In this paper the use of novel Integrated Circuit Metric (ICMetric) technology for the provision of security in wearable devices has been suggested. ICMetric technology uses the features of a device to generate an identification which is then used for the provision of cryptographic services. This paper explores how a device ICMetric can be generated by using the accelerometer and gyroscope sensor. Since wearable devices often operate in a group setting the work also focuses on generating a group identification which is then used to deliver services like authentication, confidentiality, secure admission and symmetric key generation. Experiment and simulation results prove that the scheme offers high levels of security without compromising on resource demands. PMID:29668756

An Indoor Positioning-Based Mobile Payment System Using Bluetooth Low Energy Technology

PubMed Central

Winata, Doni

2018-01-01

The development of information technology has paved the way for faster and more convenient payment process flows and new methodology for the design and implementation of next generation payment systems. The growth of smartphone usage nowadays has fostered a new and popular mobile payment environment. Most of the current generation smartphones support Bluetooth Low Energy (BLE) technology to communicate with nearby BLE-enabled devices. It is plausible to construct an Over-the-Air BLE-based mobile payment system as one of the payment methods for people living in modern societies. In this paper, a secure indoor positioning-based mobile payment authentication protocol with BLE technology and the corresponding mobile payment system design are proposed. The proposed protocol consists of three phases: initialization phase, session key construction phase, and authentication phase. When a customer moves toward the POS counter area, the proposed mobile payment system will automatically detect the position of the customer to confirm whether the customer is ready for the checkout process. Once the system has identified the customer is standing within the payment-enabled area, the payment system will invoke authentication process between POS and the customer’s smartphone through BLE communication channel to generate a secure session key and establish an authenticated communication session to perform the payment transaction accordingly. A prototype is implemented to assess the performance of the proposed design for mobile payment system. In addition, security analysis is conducted to evaluate the security strength of the proposed protocol. PMID:29587399

An Indoor Positioning-Based Mobile Payment System Using Bluetooth Low Energy Technology.

PubMed

Yohan, Alexander; Lo, Nai-Wei; Winata, Doni

2018-03-25

The development of information technology has paved the way for faster and more convenient payment process flows and new methodology for the design and implementation of next generation payment systems. The growth of smartphone usage nowadays has fostered a new and popular mobile payment environment. Most of the current generation smartphones support Bluetooth Low Energy (BLE) technology to communicate with nearby BLE-enabled devices. It is plausible to construct an Over-the-Air BLE-based mobile payment system as one of the payment methods for people living in modern societies. In this paper, a secure indoor positioning-based mobile payment authentication protocol with BLE technology and the corresponding mobile payment system design are proposed. The proposed protocol consists of three phases: initialization phase, session key construction phase, and authentication phase. When a customer moves toward the POS counter area, the proposed mobile payment system will automatically detect the position of the customer to confirm whether the customer is ready for the checkout process. Once the system has identified the customer is standing within the payment-enabled area, the payment system will invoke authentication process between POS and the customer's smartphone through BLE communication channel to generate a secure session key and establish an authenticated communication session to perform the payment transaction accordingly. A prototype is implemented to assess the performance of the proposed design for mobile payment system. In addition, security analysis is conducted to evaluate the security strength of the proposed protocol.

Fully device-independent conference key agreement

NASA Astrophysics Data System (ADS)

Ribeiro, Jérémy; Murta, Gláucia; Wehner, Stephanie

2018-02-01

We present a security analysis of conference key agreement (CKA) in the most adversarial model of device independence (DI). Our protocol can be implemented by any experimental setup that is capable of performing Bell tests [specifically, the Mermin-Ardehali-Belinskii-Klyshko (MABK) inequality], and security can in principle be obtained for any violation of the MABK inequality that detects genuine multipartite entanglement among the N parties involved in the protocol. As our main tool, we derive a direct physical connection between the N -partite MABK inequality and the Clauser-Horne-Shimony-Holt (CHSH) inequality, showing that certain violations of the MABK inequality correspond to a violation of the CHSH inequality between one of the parties and the other N -1 . We compare the asymptotic key rate for device-independent conference key agreement (DICKA) to the case where the parties use N -1 device-independent quantum key distribution protocols in order to generate a common key. We show that for some regime of noise the DICKA protocol leads to better rates.

Extracting random numbers from quantum tunnelling through a single diode.

PubMed

Bernardo-Gavito, Ramón; Bagci, Ibrahim Ethem; Roberts, Jonathan; Sexton, James; Astbury, Benjamin; Shokeir, Hamzah; McGrath, Thomas; Noori, Yasir J; Woodhead, Christopher S; Missous, Mohamed; Roedig, Utz; Young, Robert J

2017-12-19

Random number generation is crucial in many aspects of everyday life, as online security and privacy depend ultimately on the quality of random numbers. Many current implementations are based on pseudo-random number generators, but information security requires true random numbers for sensitive applications like key generation in banking, defence or even social media. True random number generators are systems whose outputs cannot be determined, even if their internal structure and response history are known. Sources of quantum noise are thus ideal for this application due to their intrinsic uncertainty. In this work, we propose using resonant tunnelling diodes as practical true random number generators based on a quantum mechanical effect. The output of the proposed devices can be directly used as a random stream of bits or can be further distilled using randomness extraction algorithms, depending on the application.

Color image encryption by using Yang-Gu mixture amplitude-phase retrieval algorithm in gyrator transform domain and two-dimensional Sine logistic modulation map

NASA Astrophysics Data System (ADS)

Sui, Liansheng; Liu, Benqing; Wang, Qiang; Li, Ye; Liang, Junli

2015-12-01

A color image encryption scheme is proposed based on Yang-Gu mixture amplitude-phase retrieval algorithm and two-coupled logistic map in gyrator transform domain. First, the color plaintext image is decomposed into red, green and blue components, which are scrambled individually by three random sequences generated by using the two-dimensional Sine logistic modulation map. Second, each scrambled component is encrypted into a real-valued function with stationary white noise distribution in the iterative amplitude-phase retrieval process in the gyrator transform domain, and then three obtained functions are considered as red, green and blue channels to form the color ciphertext image. Obviously, the ciphertext image is real-valued function and more convenient for storing and transmitting. In the encryption and decryption processes, the chaotic random phase mask generated based on logistic map is employed as the phase key, which means that only the initial values are used as private key and the cryptosystem has high convenience on key management. Meanwhile, the security of the cryptosystem is enhanced greatly because of high sensitivity of the private keys. Simulation results are presented to prove the security and robustness of the proposed scheme.

A Fundamental Key to Next-Generation Directed-Energy Systems

DTIC Science & Technology

2012-01-01

and be inherently safe to operate. By design, they must minimize or eliminate the risk of hostile attack or collateral damage especially during...bile Construction Battalion (NMCB) 7’s convoy security element are secured following an escort mission from a forward operating base. The Cougar -type...profile, small, lightweight DE systems means: • Less vulnerability to attack • Greater mobility and maneuverability • Simplified logistics with

Quantum cryptography and applications in the optical fiber network

NASA Astrophysics Data System (ADS)

Luo, Yuhui

2005-09-01

Quantum cryptography, as part of quantum information and communications, can provide absolute security for information transmission because it is established on the fundamental laws of quantum theory, such as the principle of uncertainty, No-cloning theorem and quantum entanglement. In this thesis research, a novel scheme to implement quantum key distribution based on multiphoton entanglement with a new protocol is proposed. Its advantages are: a larger information capacity can be obtained with a longer transmission distance and the detection of multiple photons is easier than that of a single photon. The security and attacks pertaining to such a system are also studied. Next, a quantum key distribution over wavelength division multiplexed (WDM) optical fiber networks is realized. Quantum key distribution in networks is a long-standing problem for practical applications. Here we combine quantum cryptography and WDM to solve this problem because WDM technology is universally deployed in the current and next generation fiber networks. The ultimate target is to deploy quantum key distribution over commercial networks. The problems arising from the networks are also studied in this part. Then quantum key distribution in multi-access networks using wavelength routing technology is investigated in this research. For the first time, quantum cryptography for multiple individually targeted users has been successfully implemented in sharp contrast to that using the indiscriminating broadcasting structure. It overcomes the shortcoming that every user in the network can acquire the quantum key signals intended to be exchanged between only two users. Furthermore, a more efficient scheme of quantum key distribution is adopted, hence resulting in a higher key rate. Lastly, a quantum random number generator based on quantum optics has been experimentally demonstrated. This device is a key component for quantum key distribution as it can create truly random numbers, which is an essential requirement to perform quantum key distribution. This new generator is composed of a single optical fiber coupler with fiber pigtails, which can be easily used in optical fiber communications.

Distillation of secret-key from a class of compound memoryless quantum sources

DOE Office of Scientific and Technical Information (OSTI.GOV)

Boche, H., E-mail: boche@tum.de; Janßen, G., E-mail: gisbert.janssen@tum.de

We consider secret-key distillation from tripartite compound classical-quantum-quantum (cqq) sources with free forward public communication under strong security criterion. We design protocols which are universally reliable and secure in this scenario. These are shown to achieve asymptotically optimal rates as long as a certain regularity condition is fulfilled by the set of its generating density matrices. We derive a multi-letter formula which describes the optimal forward secret-key capacity for all compound cqq sources being regular in this sense. We also determine the forward secret-key distillation capacity for situations where the legitimate sending party has perfect knowledge of his/her marginal statemore » deriving from the source statistics. In this case regularity conditions can be dropped. Our results show that the capacities with and without the mentioned kind of state knowledge are equal as long as the source is generated by a regular set of density matrices. We demonstrate that regularity of cqq sources is not only a technical but also an operational issue. For this reason, we give an example of a source which has zero secret-key distillation capacity without sender knowledge, while achieving positive rates is possible if sender marginal knowledge is provided.« less

Security analysis and enhanced user authentication in proxy mobile IPv6 networks

PubMed Central

Kang, Dongwoo; Jung, Jaewook; Lee, Donghoon; Kim, Hyoungshick

2017-01-01

The Proxy Mobile IPv6 (PMIPv6) is a network-based mobility management protocol that allows a Mobile Node(MN) connected to the PMIPv6 domain to move from one network to another without changing the assigned IPv6 address. The user authentication procedure in this protocol is not standardized, but many smartcard based authentication schemes have been proposed. Recently, Alizadeh et al. proposed an authentication scheme for the PMIPv6. However, it could allow an attacker to derive an encryption key that must be securely shared between MN and the Mobile Access Gate(MAG). As a result, outsider adversary can derive MN’s identity, password and session key. In this paper, we analyze Alizadeh et al.’s scheme regarding security and propose an enhanced authentication scheme that uses a dynamic identity to satisfy anonymity. Furthermore, we use BAN logic to show that our scheme can successfully generate and communicate with the inter-entity session key. PMID:28719621

A discrete-time chaos synchronization system for electronic locking devices

NASA Astrophysics Data System (ADS)

Minero-Ramales, G.; López-Mancilla, D.; Castañeda, Carlos E.; Huerta Cuellar, G.; Chiu Z., R.; Hugo García López, J.; Jaimes Reátegui, R.; Villafaña Rauda, E.; Posadas-Castillo, C.

2016-11-01

This paper presents a novel electronic locking key based on discrete-time chaos synchronization. Two Chen chaos generators are synchronized using the Model-Matching Approach, from non-linear control theory, in order to perform the encryption/decryption of the signal to be transmitted. A model/transmitter system is designed, generating a key of chaotic pulses in discrete-time. A plant/receiver system uses the above mentioned key to unlock the mechanism. Two alternative schemes to transmit the private chaotic key are proposed. The first one utilizes two transmission channels. One channel is used to encrypt the chaotic key and the other is used to achieve output synchronization. The second alternative uses only one transmission channel for obtaining synchronization and encryption of the chaotic key. In both cases, the private chaotic key is encrypted again with chaos to solve secure communication-related problems. The results obtained via simulations contribute to enhance the electronic locking devices.

A Secure Information Framework with APRQ Properties

NASA Astrophysics Data System (ADS)

Rupa, Ch.

2017-08-01

Internet of the things is the most trending topics in the digital world. Security issues are rampant. In the corporate or institutional setting, security risks are apparent from the outset. Market leaders are unable to use the cryptographic techniques due to their complexities. Hence many bits of private information, including ID, are readily available for third parties to see and to utilize. There is a need to decrease the complexity and increase the robustness of the cryptographic approaches. In view of this, a new cryptographic technique as good encryption pact with adjacency, random prime number and quantum code properties has been proposed. Here, encryption can be done by using quantum photons with gray code. This approach uses the concepts of physics and mathematics with no external key exchange to improve the security of the data. It also reduces the key attacks by generation of a key at the party side instead of sharing. This method makes the security more robust than with the existing approach. Important properties of gray code and quantum are adjacency property and different photons to a single bit (0 or 1). These can reduce the avalanche effect. Cryptanalysis of the proposed method shows that it is resistant to various attacks and stronger than the existing approaches.

Secure key storage and distribution

DOEpatents

Agrawal, Punit

2015-06-02

This disclosure describes a distributed, fault-tolerant security system that enables the secure storage and distribution of private keys. In one implementation, the security system includes a plurality of computing resources that independently store private keys provided by publishers and encrypted using a single security system public key. To protect against malicious activity, the security system private key necessary to decrypt the publication private keys is not stored at any of the computing resources. Rather portions, or shares of the security system private key are stored at each of the computing resources within the security system and multiple security systems must communicate and share partial decryptions in order to decrypt the stored private key.

Teleportation-based continuous variable quantum cryptography

NASA Astrophysics Data System (ADS)

Luiz, F. S.; Rigolin, Gustavo

2017-03-01

We present a continuous variable (CV) quantum key distribution (QKD) scheme based on the CV quantum teleportation of coherent states that yields a raw secret key made up of discrete variables for both Alice and Bob. This protocol preserves the efficient detection schemes of current CV technology (no single-photon detection techniques) and, at the same time, has efficient error correction and privacy amplification schemes due to the binary modulation of the key. We show that for a certain type of incoherent attack, it is secure for almost any value of the transmittance of the optical line used by Alice to share entangled two-mode squeezed states with Bob (no 3 dB or 50% loss limitation characteristic of beam splitting attacks). The present CVQKD protocol works deterministically (no postselection needed) with efficient direct reconciliation techniques (no reverse reconciliation) in order to generate a secure key and beyond the 50% loss case at the incoherent attack level.

General Conversion for Obtaining Strongly Existentially Unforgeable Signatures

NASA Astrophysics Data System (ADS)

Teranishi, Isamu; Oyama, Takuro; Ogata, Wakaha

We say that a signature scheme is strongly existentially unforgeable (SEU) if no adversary, given message/signature pairs adaptively, can generate a signature on a new message or a new signature on a previously signed message. We propose a general and efficient conversion in the standard model that transforms a secure signature scheme to SEU signature scheme. In order to construct that conversion, we use a chameleon commitment scheme. Here a chameleon commitment scheme is a variant of commitment scheme such that one can change the committed value after publishing the commitment if one knows the secret key. We define the chosen message security notion for the chameleon commitment scheme, and show that the signature scheme transformed by our proposed conversion satisfies the SEU property if the chameleon commitment scheme is chosen message secure. By modifying the proposed conversion, we also give a general and efficient conversion in the random oracle model, that transforms a secure signature scheme into a SEU signature scheme. This second conversion also uses a chameleon commitment scheme but only requires the key only attack security for it.

Entropy-as-a-Service: Unlocking the Full Potential of Cryptography.

PubMed

Vassilev, Apostol; Staples, Robert

2016-09-01

Securing the Internet requires strong cryptography, which depends on the availability of good entropy for generating unpredictable keys and accurate clocks. Attacks abusing weak keys or old inputs portend challenges for the Internet. EaaS is a novel architecture providing entropy and timestamps from a decentralized root of trust, scaling gracefully across diverse geopolitical locales and remaining trustworthy unless much of the collective is compromised.

Iris Cryptography for Security Purpose

NASA Astrophysics Data System (ADS)

Ajith, Srighakollapu; Balaji Ganesh Kumar, M.; Latha, S.; Samiappan, Dhanalakshmi; Muthu, P.

2018-04-01

In today's world, the security became the major issue to every human being. A major issue is hacking as hackers are everywhere, as the technology was developed still there are many issues where the technology fails to meet the security. Engineers, scientists were discovering the new products for security purpose as biometrics sensors like face recognition, pattern recognition, gesture recognition, voice authentication etcetera. But these devices fail to reach the expected results. In this work, we are going to present an approach to generate a unique secure key using the iris template. Here the iris templates are processed using the well-defined processing techniques. Using the encryption and decryption process they are stored, traversed and utilized. As of the work, we can conclude that the iris cryptography gives us the expected results for securing the data from eavesdroppers.

Deterministic secure quantum communication using a single d-level system

PubMed Central

Jiang, Dong; Chen, Yuanyuan; Gu, Xuemei; Xie, Ling; Chen, Lijun

2017-01-01

Deterministic secure quantum communication (DSQC) can transmit secret messages between two parties without first generating a shared secret key. Compared with quantum key distribution (QKD), DSQC avoids the waste of qubits arising from basis reconciliation and thus reaches higher efficiency. In this paper, based on data block transmission and order rearrangement technologies, we propose a DSQC protocol. It utilizes a set of single d-level systems as message carriers, which are used to directly encode the secret message in one communication process. Theoretical analysis shows that these employed technologies guarantee the security, and the use of a higher dimensional quantum system makes our protocol achieve higher security and efficiency. Since only quantum memory is required for implementation, our protocol is feasible with current technologies. Furthermore, Trojan horse attack (THA) is taken into account in our protocol. We give a THA model and show that THA significantly increases the multi-photon rate and can thus be detected. PMID:28327557

Secure and Lightweight Cloud-Assisted Video Reporting Protocol over 5G-Enabled Vehicular Networks

PubMed Central

2017-01-01

In the vehicular networks, the real-time video reporting service is used to send the recorded videos in the vehicle to the cloud. However, when facilitating the real-time video reporting service in the vehicular networks, the usage of the fourth generation (4G) long term evolution (LTE) was proved to suffer from latency while the IEEE 802.11p standard does not offer sufficient scalability for a such congested environment. To overcome those drawbacks, the fifth-generation (5G)-enabled vehicular network is considered as a promising technology for empowering the real-time video reporting service. In this paper, we note that security and privacy related issues should also be carefully addressed to boost the early adoption of 5G-enabled vehicular networks. There exist a few research works for secure video reporting service in 5G-enabled vehicular networks. However, their usage is limited because of public key certificates and expensive pairing operations. Thus, we propose a secure and lightweight protocol for cloud-assisted video reporting service in 5G-enabled vehicular networks. Compared to the conventional public key certificates, the proposed protocol achieves entities’ authorization through anonymous credential. Also, by using lightweight security primitives instead of expensive bilinear pairing operations, the proposed protocol minimizes the computational overhead. From the evaluation results, we show that the proposed protocol takes the smaller computation and communication time for the cryptographic primitives than that of the well-known Eiza-Ni-Shi protocol. PMID:28946633

Secure and Lightweight Cloud-Assisted Video Reporting Protocol over 5G-Enabled Vehicular Networks.

PubMed

Nkenyereye, Lewis; Kwon, Joonho; Choi, Yoon-Ho

2017-09-23

In the vehicular networks, the real-time video reporting service is used to send the recorded videos in the vehicle to the cloud. However, when facilitating the real-time video reporting service in the vehicular networks, the usage of the fourth generation (4G) long term evolution (LTE) was proved to suffer from latency while the IEEE 802.11p standard does not offer sufficient scalability for a such congested environment. To overcome those drawbacks, the fifth-generation (5G)-enabled vehicular network is considered as a promising technology for empowering the real-time video reporting service. In this paper, we note that security and privacy related issues should also be carefully addressed to boost the early adoption of 5G-enabled vehicular networks. There exist a few research works for secure video reporting service in 5G-enabled vehicular networks. However, their usage is limited because of public key certificates and expensive pairing operations. Thus, we propose a secure and lightweight protocol for cloud-assisted video reporting service in 5G-enabled vehicular networks. Compared to the conventional public key certificates, the proposed protocol achieves entities' authorization through anonymous credential. Also, by using lightweight security primitives instead of expensive bilinear pairing operations, the proposed protocol minimizes the computational overhead. From the evaluation results, we show that the proposed protocol takes the smaller computation and communication time for the cryptographic primitives than that of the well-known Eiza-Ni-Shi protocol.

A Study on Group Key Agreement in Sensor Network Environments Using Two-Dimensional Arrays

PubMed Central

Jang, Seung-Jae; Lee, Young-Gu; Lee, Kwang-Hyung; Kim, Tai-Hoon; Jun, Moon-Seog

2011-01-01

These days, with the emergence of the concept of ubiquitous computing, sensor networks that collect, analyze and process all the information through the sensors have become of huge interest. However, sensor network technology fundamentally has wireless communication infrastructure as its foundation and thus has security weakness and limitations such as low computing capacity, power supply limitations and price. In this paper, and considering the characteristics of the sensor network environment, we propose a group key agreement method using a keyset pre-distribution of two-dimension arrays that should minimize the exposure of key and personal information. The key collision problems are resolved by utilizing a polygonal shape’s center of gravity. The method shows that calculating a polygonal shape’s center of gravity only requires a very small amount of calculations from the users. The simple calculation not only increases the group key generation efficiency, but also enhances the sense of security by protecting information between nodes. PMID:22164072

Security Protection on Trust Delegated Data in Public Mobile Networks

NASA Astrophysics Data System (ADS)

Weerasinghe, Dasun; Rajarajan, Muttukrishnan; Rakocevic, Veselin

This paper provides detailed solutions for trust delegation and security protection for medical records in public mobile communication networks. The solutions presented in this paper enable the development of software for mobile devices that can be used by emergency medical units in urgent need of sensitive personal information about unconscious patients. In today's world, technical improvements in mobile communication systems mean that users can expect to have access to data at any time regardless of their location. This paper presents a token-based procedure for the data security at a mobile device and delegation of trust between a requesting mobile unit and secure medical data storage. The data security at the mobile device is enabled using identity based key generation methodology.

Channel analysis for single photon underwater free space quantum key distribution.

PubMed

Shi, Peng; Zhao, Shi-Cheng; Gu, Yong-Jian; Li, Wen-Dong

2015-03-01

We investigate the optical absorption and scattering properties of underwater media pertinent to our underwater free space quantum key distribution (QKD) channel model. With the vector radiative transfer theory and Monte Carlo method, we obtain the attenuation of photons, the fidelity of the scattered photons, the quantum bit error rate, and the sifted key generation rate of underwater quantum communication. It can be observed from our simulations that the most secure single photon underwater free space QKD is feasible in the clearest ocean water.

Design and Implementation of KSP on the Next Generation Cryptography API

NASA Astrophysics Data System (ADS)

Lina, Zhang

With good seamless connectivity and higher safety, KSP (Key Storage Providers) is the inexorable trend of security requirements and development to take the place of CSP (Cryptographic Service Provider). But the study on KSP has just started in our country, and almost no reports of its implementation can be found. Based on the analysis of function modules and the architecture of Cryptography API (Next Generation (CNG)), this paper discusses the design and implementation of KSP (key storage providers) based on smart card in detail, and an example is also presented to illustrate how to use KSP in Windows Vista.

Network and data security design for telemedicine applications.

PubMed

Makris, L; Argiriou, N; Strintzis, M G

1997-01-01

The maturing of telecommunication technologies has ushered in a whole new era of applications and services in the health care environment. Teleworking, teleconsultation, mutlimedia conferencing and medical data distribution are rapidly becoming commonplace in clinical practice. As a result, a set of problems arises, concerning data confidentiality and integrity. Public computer networks, such as the emerging ISDN technology, are vulnerable to eavesdropping. Therefore it is important for telemedicine applications to employ end-to-end encryption mechanisms securing the data channel from unauthorized access of modification. We propose a network access and encryption system that is both economical and easily implemented for integration in developing or existing applications, using well-known and thoroughly tested encryption algorithms. Public-key cryptography is used for session-key exchange, while symmetric algorithms are used for bulk encryption. Mechanisms for session-key generation and exchange are also provided.

New Secure E-mail System Based on Bio-Chaos Key Generation and Modified AES Algorithm

NASA Astrophysics Data System (ADS)

Hoomod, Haider K.; Radi, A. M.

2018-05-01

The E-mail messages exchanged between sender’s Mailbox and recipient’s Mailbox over the open systems and insecure Networks. These messages may be vulnerable to eavesdropping and itself poses a real threat to the privacy and data integrity from unauthorized persons. The E-mail Security includes the following properties (Confidentiality, Authentication, Message integrity). We need a safe encryption algorithm to encrypt Email messages such as the algorithm Advanced Encryption Standard (AES) or Data Encryption Standard DES, as well as biometric recognition and chaotic system. The proposed E-mail system security uses modified AES algorithm and uses secret key-bio-chaos that consist of biometric (Fingerprint) and chaotic system (Lu and Lorenz). This modification makes the proposed system more sensitive and random. The execution time for both encryption and decryption of the proposed system is much less from original AES, in addition to being compatible with all Mail Servers.

Entropy-as-a-Service: Unlocking the Full Potential of Cryptography

PubMed Central

Vassilev, Apostol; Staples, Robert

2016-01-01

Securing the Internet requires strong cryptography, which depends on the availability of good entropy for generating unpredictable keys and accurate clocks. Attacks abusing weak keys or old inputs portend challenges for the Internet. EaaS is a novel architecture providing entropy and timestamps from a decentralized root of trust, scaling gracefully across diverse geopolitical locales and remaining trustworthy unless much of the collective is compromised. PMID:28003687

Neural Synchronization and Cryptography

NASA Astrophysics Data System (ADS)

Ruttor, Andreas

2007-11-01

Neural networks can synchronize by learning from each other. In the case of discrete weights full synchronization is achieved in a finite number of steps. Additional networks can be trained by using the inputs and outputs generated during this process as examples. Several learning rules for both tasks are presented and analyzed. In the case of Tree Parity Machines synchronization is much faster than learning. Scaling laws for the number of steps needed for full synchronization and successful learning are derived using analytical models. They indicate that the difference between both processes can be controlled by changing the synaptic depth. In the case of bidirectional interaction the synchronization time increases proportional to the square of this parameter, but it grows exponentially, if information is transmitted in one direction only. Because of this effect neural synchronization can be used to construct a cryptographic key-exchange protocol. Here the partners benefit from mutual interaction, so that a passive attacker is usually unable to learn the generated key in time. The success probabilities of different attack methods are determined by numerical simulations and scaling laws are derived from the data. They show that the partners can reach any desired level of security by just increasing the synaptic depth. Then the complexity of a successful attack grows exponentially, but there is only a polynomial increase of the effort needed to generate a key. Further improvements of security are possible by replacing the random inputs with queries generated by the partners.

Secure Obfuscation for Encrypted Group Signatures

PubMed Central

Fan, Hongfei; Liu, Qin

2015-01-01

In recent years, group signature techniques are widely used in constructing privacy-preserving security schemes for various information systems. However, conventional techniques keep the schemes secure only in normal black-box attack contexts. In other words, these schemes suppose that (the implementation of) the group signature generation algorithm is running in a platform that is perfectly protected from various intrusions and attacks. As a complementary to existing studies, how to generate group signatures securely in a more austere security context, such as a white-box attack context, is studied in this paper. We use obfuscation as an approach to acquire a higher level of security. Concretely, we introduce a special group signature functionality-an encrypted group signature, and then provide an obfuscator for the proposed functionality. A series of new security notions for both the functionality and its obfuscator has been introduced. The most important one is the average-case secure virtual black-box property w.r.t. dependent oracles and restricted dependent oracles which captures the requirement of protecting the output of the proposed obfuscator against collision attacks from group members. The security notions fit for many other specialized obfuscators, such as obfuscators for identity-based signatures, threshold signatures and key-insulated signatures. Finally, the correctness and security of the proposed obfuscator have been proven. Thereby, the obfuscated encrypted group signature functionality can be applied to variants of privacy-preserving security schemes and enhance the security level of these schemes. PMID:26167686

Cryptographic framework for document-objects resulting from multiparty collaborative transactions.

PubMed

Goh, A

2000-01-01

Multiparty transactional frameworks--i.e. Electronic Data Interchange (EDI) or Health Level (HL) 7--often result in composite documents which can be accurately modelled using hyperlinked document-objects. The structural complexity arising from multiauthor involvement and transaction-specific sequencing would be poorly handled by conventional digital signature schemes based on a single evaluation of a one-way hash function and asymmetric cryptography. In this paper we outline the generation of structure-specific authentication hash-trees for the the authentication of transactional document-objects, followed by asymmetric signature generation on the hash-tree value. Server-side multi-client signature verification would probably constitute the single most compute-intensive task, hence the motivation for our usage of the Rabin signature protocol which results in significantly reduced verification workloads compared to the more commonly applied Rivest-Shamir-Adleman (RSA) protocol. Data privacy is handled via symmetric encryption of message traffic using session-specific keys obtained through key-negotiation mechanisms based on discrete-logarithm cryptography. Individual client-to-server channels can be secured using a double key-pair variation of Diffie-Hellman (DH) key negotiation, usage of which also enables bidirectional node authentication. The reciprocal server-to-client multicast channel is secured through Burmester-Desmedt (BD) key-negotiation which enjoys significant advantages over the usual multiparty extensions to the DH protocol. The implementation of hash-tree signatures and bi/multidirectional key negotiation results in a comprehensive cryptographic framework for multiparty document-objects satisfying both authentication and data privacy requirements.

A new method for generating an invariant iris private key based on the fuzzy vault system.

PubMed

Lee, Youn Joo; Park, Kang Ryoung; Lee, Sung Joo; Bae, Kwanghyuk; Kim, Jaihie

2008-10-01

Cryptographic systems have been widely used in many information security applications. One main challenge that these systems have faced has been how to protect private keys from attackers. Recently, biometric cryptosystems have been introduced as a reliable way of concealing private keys by using biometric data. A fuzzy vault refers to a biometric cryptosystem that can be used to effectively protect private keys and to release them only when legitimate users enter their biometric data. In biometric systems, a critical problem is storing biometric templates in a database. However, fuzzy vault systems do not need to directly store these templates since they are combined with private keys by using cryptography. Previous fuzzy vault systems were designed by using fingerprint, face, and so on. However, there has been no attempt to implement a fuzzy vault system that used an iris. In biometric applications, it is widely known that an iris can discriminate between persons better than other biometric modalities. In this paper, we propose a reliable fuzzy vault system based on local iris features. We extracted multiple iris features from multiple local regions in a given iris image, and the exact values of the unordered set were then produced using the clustering method. To align the iris templates with the new input iris data, a shift-matching technique was applied. Experimental results showed that 128-bit private keys were securely and robustly generated by using any given iris data without requiring prealignment.

High-speed polarization-encoded quantum key distribution based on silicon photonic integrated devices

NASA Astrophysics Data System (ADS)

Bunandar, Darius; Urayama, Junji; Boynton, Nicholas; Martinez, Nicholas; Derose, Christopher; Lentine, Anthony; Davids, Paul; Camacho, Ryan; Wong, Franco; Englund, Dirk

We present a compact polarization-encoded quantum key distribution (QKD) transmitter near a 1550-nm wavelength implemented on a CMOS-compatible silicon-on-insulator photonics platform. The transmitter generates arbitrary polarization qubits at gigahertz bandwidth with an extinction ratio better than 30 dB using high-speed carrier-depletion phase modulators. We demonstrate the performance of this device by generating secret keys at a rate of 1 Mbps in a complete QKD field test. Our work shows the potential of using advanced photonic integrated circuits to enable high-speed quantum-secure communications. This work was supported by the SECANT QKD Grand Challenge, the Samsung Global Research Outreach Program, and the Air Force Office of Scientific Research.

Securing quantum key distribution systems using fewer states

NASA Astrophysics Data System (ADS)

Islam, Nurul T.; Lim, Charles Ci Wen; Cahall, Clinton; Kim, Jungsang; Gauthier, Daniel J.

2018-04-01

Quantum key distribution (QKD) allows two remote users to establish a secret key in the presence of an eavesdropper. The users share quantum states prepared in two mutually unbiased bases: one to generate the key while the other monitors the presence of the eavesdropper. Here, we show that a general d -dimension QKD system can be secured by transmitting only a subset of the monitoring states. In particular, we find that there is no loss in the secure key rate when dropping one of the monitoring states. Furthermore, it is possible to use only a single monitoring state if the quantum bit error rates are low enough. We apply our formalism to an experimental d =4 time-phase QKD system, where only one monitoring state is transmitted, and obtain a secret key rate of 17.4 ±2.8 Mbits/s at a 4 dB channel loss and with a quantum bit error rate of 0.045 ±0.001 and 0.037 ±0.001 in time and phase bases, respectively, which is 58.4% of the secret key rate that can be achieved with the full setup. This ratio can be increased, potentially up to 100%, if the error rates in time and phase basis are reduced. Our results demonstrate that it is possible to substantially simplify the design of high-dimensional QKD systems, including those that use the spatial or temporal degrees of freedom of the photon, and still outperform qubit-based (d =2 ) protocols.

Multiple-stage pure phase encoding with biometric information

NASA Astrophysics Data System (ADS)

Chen, Wen

2018-01-01

In recent years, many optical systems have been developed for securing information, and optical encryption/encoding has attracted more and more attention due to the marked advantages, such as parallel processing and multiple-dimensional characteristics. In this paper, an optical security method is presented based on pure phase encoding with biometric information. Biometric information (such as fingerprint) is employed as security keys rather than plaintext used in conventional optical security systems, and multiple-stage phase-encoding-based optical systems are designed for generating several phase-only masks with biometric information. Subsequently, the extracted phase-only masks are further used in an optical setup for encoding an input image (i.e., plaintext). Numerical simulations are conducted to illustrate the validity, and the results demonstrate that high flexibility and high security can be achieved.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Qi, Bing; Lougovski, Pavel; Pooser, Raphael C.

Continuous-variable quantum key distribution (CV-QKD) protocols based on coherent detection have been studied extensively in both theory and experiment. In all the existing implementations of CV-QKD, both the quantum signal and the local oscillator (LO) are generated from the same laser and propagate through the insecure quantum channel. This arrangement may open security loopholes and limit the potential applications of CV-QKD. In our paper, we propose and demonstrate a pilot-aided feedforward data recovery scheme that enables reliable coherent detection using a “locally” generated LO. Using two independent commercial laser sources and a spool of 25-km optical fiber, we construct amore » coherent communication system. The variance of the phase noise introduced by the proposed scheme is measured to be 0.04 (rad 2), which is small enough to enable secure key distribution. This technology opens the door for other quantum communication protocols, such as the recently proposed measurement-device-independent CV-QKD, where independent light sources are employed by different users.« less

Secure and Efficient Signature Scheme Based on NTRU for Mobile Payment

NASA Astrophysics Data System (ADS)

Xia, Yunhao; You, Lirong; Sun, Zhe; Sun, Zhixin

2017-10-01

Mobile payment becomes more and more popular, however the traditional public-key encryption algorithm has higher requirements for hardware which is not suitable for mobile terminals of limited computing resources. In addition, these public-key encryption algorithms do not have the ability of anti-quantum computing. This paper researches public-key encryption algorithm NTRU for quantum computation through analyzing the influence of parameter q and k on the probability of generating reasonable signature value. Two methods are proposed to improve the probability of generating reasonable signature value. Firstly, increase the value of parameter q. Secondly, add the authentication condition that meet the reasonable signature requirements during the signature phase. Experimental results show that the proposed signature scheme can realize the zero leakage of the private key information of the signature value, and increase the probability of generating the reasonable signature value. It also improve rate of the signature, and avoid the invalid signature propagation in the network, but the scheme for parameter selection has certain restrictions.

A New Quantum Gray-Scale Image Encoding Scheme

NASA Astrophysics Data System (ADS)

Naseri, Mosayeb; Abdolmaleky, Mona; Parandin, Fariborz; Fatahi, Negin; Farouk, Ahmed; Nazari, Reza

2018-02-01

In this paper, a new quantum images encoding scheme is proposed. The proposed scheme mainly consists of four different encoding algorithms. The idea behind of the scheme is a binary key generated randomly for each pixel of the original image. Afterwards, the employed encoding algorithm is selected corresponding to the qubit pair of the generated randomized binary key. The security analysis of the proposed scheme proved its enhancement through both randomization of the generated binary image key and altering the gray-scale value of the image pixels using the qubits of randomized binary key. The simulation of the proposed scheme assures that the final encoded image could not be recognized visually. Moreover, the histogram diagram of encoded image is flatter than the original one. The Shannon entropies of the final encoded images are significantly higher than the original one, which indicates that the attacker can not gain any information about the encoded images. Supported by Kermanshah Branch, Islamic Azad University, Kermanshah, IRAN

Ultra fast quantum key distribution over a 97 km installed telecom fiber with wavelength division multiplexing clock synchronization.

PubMed

Tanaka, Akihiro; Fujiwara, Mikio; Nam, Sae W; Nambu, Yoshihiro; Takahashi, Seigo; Maeda, Wakako; Yoshino, Ken-ichiro; Miki, Shigehito; Baek, Burm; Wang, Zhen; Tajima, Akio; Sasaki, Masahide; Tomita, Akihisa

2008-07-21

We demonstrated ultra fast BB84 quantum key distribution (QKD) transmission at 625 MHz clock rate through a 97 km field-installed fiber using practical clock synchronization based on wavelength-division multiplexing (WDM). We succeeded in over-one-hour stable key generation at a high sifted key rate of 2.4 kbps and a low quantum bit error rate (QBER) of 2.9%. The asymptotic secure key rate was estimated to be 0.78- 0.82 kbps from the transmission data with the decoy method of average photon numbers 0, 0.15, and 0.4 photons/pulse.

Authentication and Encryption Using Modified Elliptic Curve Cryptography with Particle Swarm Optimization and Cuckoo Search Algorithm

NASA Astrophysics Data System (ADS)

Kota, Sujatha; Padmanabhuni, Venkata Nageswara Rao; Budda, Kishor; K, Sruthi

2018-05-01

Elliptic Curve Cryptography (ECC) uses two keys private key and public key and is considered as a public key cryptographic algorithm that is used for both authentication of a person and confidentiality of data. Either one of the keys is used in encryption and other in decryption depending on usage. Private key is used in encryption by the user and public key is used to identify user in the case of authentication. Similarly, the sender encrypts with the private key and the public key is used to decrypt the message in case of confidentiality. Choosing the private key is always an issue in all public key Cryptographic Algorithms such as RSA, ECC. If tiny values are chosen in random the security of the complete algorithm becomes an issue. Since the Public key is computed based on the Private Key, if they are not chosen optimally they generate infinity values. The proposed Modified Elliptic Curve Cryptography uses selection in either of the choices; the first option is by using Particle Swarm Optimization and the second option is by using Cuckoo Search Algorithm for randomly choosing the values. The proposed algorithms are developed and tested using sample database and both are found to be secured and reliable. The test results prove that the private key is chosen optimally not repetitive or tiny and the computations in public key will not reach infinity.

Forgery quality and its implications for behavioral biometric security.

PubMed

Ballard, Lucas; Lopresti, Daniel; Monrose, Fabian

2007-10-01

Biometric security is a topic of rapidly growing importance in the areas of user authentication and cryptographic key generation. In this paper, we describe our steps toward developing evaluation methodologies for behavioral biometrics that take into account threat models that have been largely ignored. We argue that the pervasive assumption that forgers are minimally motivated (or, even worse, naive) is too optimistic and even dangerous. Taking handwriting as a case in point, we show through a series of experiments that some users are significantly better forgers than others, that such forgers can be trained in a relatively straightforward fashion to pose an even greater threat, that certain users are easy targets for forgers, and that most humans are a relatively poor judge of handwriting authenticity, and hence, their unaided instincts cannot be trusted. Additionally, to overcome current labor-intensive hurdles in performing more accurate assessments of system security, we present a generative attack model based on concatenative synthesis that can provide a rapid indication of the security afforded by the system. We show that our generative attacks match or exceed the effectiveness of forgeries rendered by the skilled humans we have encountered.

An Intelligent Fingerprint-Biometric Image Scrambling Scheme

NASA Astrophysics Data System (ADS)

Khan, Muhammad Khurram; Zhang, Jiashu

To obstruct the attacks, and to hamper with the liveness and retransmission issues of biometrics images, we have researched on the challenge/response-based biometrics scrambled image transmission. We proposed an intelligent biometrics sensor, which has computational power to receive challenges from the authentication server and generate response against the challenge with the encrypted biometric image. We utilized the FRT for biometric image encryption and used its scaling factors and random phase mask as the additional secret keys. In addition, we chaotically generated the random phase masks by a chaotic map to further improve the encryption security. Experimental and simulation results have shown that the presented system is secure, robust, and deters the risks of attacks of biometrics image transmission.

Small Private Key PKS on an Embedded Microprocessor

PubMed Central

Seo, Hwajeong; Kim, Jihyun; Choi, Jongseok; Park, Taehwan; Liu, Zhe; Kim, Howon

2014-01-01

Multivariate quadratic ( ) cryptography requires the use of long public and private keys to ensure a sufficient security level, but this is not favorable to embedded systems, which have limited system resources. Recently, various approaches to cryptography using reduced public keys have been studied. As a result of this, at CHES2011 (Cryptographic Hardware and Embedded Systems, 2011), a small public key scheme, was proposed, and its feasible implementation on an embedded microprocessor was reported at CHES2012. However, the implementation of a small private key scheme was not reported. For efficient implementation, random number generators can contribute to reduce the key size, but the cost of using a random number generator is much more complex than computing on modern microprocessors. Therefore, no feasible results have been reported on embedded microprocessors. In this paper, we propose a feasible implementation on embedded microprocessors for a small private key scheme using a pseudo-random number generator and hash function based on a block-cipher exploiting a hardware Advanced Encryption Standard (AES) accelerator. To speed up the performance, we apply various implementation methods, including parallel computation, on-the-fly computation, optimized logarithm representation, vinegar monomials and assembly programming. The proposed method reduces the private key size by about 99.9% and boosts signature generation and verification by 5.78% and 12.19% than previous results in CHES2012. PMID:24651722

Small private key MQPKS on an embedded microprocessor.

PubMed

Seo, Hwajeong; Kim, Jihyun; Choi, Jongseok; Park, Taehwan; Liu, Zhe; Kim, Howon

2014-03-19

Multivariate quadratic (MQ) cryptography requires the use of long public and private keys to ensure a sufficient security level, but this is not favorable to embedded systems, which have limited system resources. Recently, various approaches to MQ cryptography using reduced public keys have been studied. As a result of this, at CHES2011 (Cryptographic Hardware and Embedded Systems, 2011), a small public key MQ scheme, was proposed, and its feasible implementation on an embedded microprocessor was reported at CHES2012. However, the implementation of a small private key MQ scheme was not reported. For efficient implementation, random number generators can contribute to reduce the key size, but the cost of using a random number generator is much more complex than computing MQ on modern microprocessors. Therefore, no feasible results have been reported on embedded microprocessors. In this paper, we propose a feasible implementation on embedded microprocessors for a small private key MQ scheme using a pseudo-random number generator and hash function based on a block-cipher exploiting a hardware Advanced Encryption Standard (AES) accelerator. To speed up the performance, we apply various implementation methods, including parallel computation, on-the-fly computation, optimized logarithm representation, vinegar monomials and assembly programming. The proposed method reduces the private key size by about 99.9% and boosts signature generation and verification by 5.78% and 12.19% than previous results in CHES2012.

Ghost imaging for three-dimensional optical security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chen, Wen, E-mail: elechenw@nus.edu.sg; Chen, Xudong

2013-11-25

Ghost imaging has become increasingly popular in quantum and optical application fields. Here, we report three-dimensional (3D) optical security using ghost imaging. The series of random phase-only masks are sparsified, which are further converted into particle-like distributions placed in 3D space. We show that either an optical or digital approach can be employed for the encoding. The results illustrate that a larger key space can be generated due to the application of 3D space compared with previous works.

Key Generation for Fast Inversion of the Paillier Encryption Function

NASA Astrophysics Data System (ADS)

Hirano, Takato; Tanaka, Keisuke

We study fast inversion of the Paillier encryption function. Especially, we focus only on key generation, and do not modify the Paillier encryption function. We propose three key generation algorithms based on the speeding-up techniques for the RSA encryption function. By using our algorithms, the size of the private CRT exponent is half of that of Paillier-CRT. The first algorithm employs the extended Euclidean algorithm. The second algorithm employs factoring algorithms, and can construct the private CRT exponent with low Hamming weight. The third algorithm is a variant of the second one, and has some advantage such as compression of the private CRT exponent and no requirement for factoring algorithms. We also propose the settings of the parameters for these algorithms and analyze the security of the Paillier encryption function by these algorithms against known attacks. Finally, we give experimental results of our algorithms.

Cryptographic robustness of practical quantum cryptography: BB84 key distribution protocol

DOE Office of Scientific and Technical Information (OSTI.GOV)

Molotkov, S. N.

2008-07-15

In real fiber-optic quantum cryptography systems, the avalanche photodiodes are not perfect, the source of quantum states is not a single-photon one, and the communication channel is lossy. For these reasons, key distribution is impossible under certain conditions for the system parameters. A simple analysis is performed to find relations between the parameters of real cryptography systems and the length of the quantum channel that guarantee secure quantum key distribution when the eavesdropper's capabilities are limited only by fundamental laws of quantum mechanics while the devices employed by the legitimate users are based on current technologies. Critical values are determinedmore » for the rate of secure real-time key generation that can be reached under the current technology level. Calculations show that the upper bound on channel length can be as high as 300 km for imperfect photodetectors (avalanche photodiodes) with present-day quantum efficiency ({eta} {approx} 20%) and dark count probability (p{sub dark} {approx} 10{sup -7})« less

Cryptographic robustness of practical quantum cryptography: BB84 key distribution protocol

NASA Astrophysics Data System (ADS)

Molotkov, S. N.

2008-07-01

In real fiber-optic quantum cryptography systems, the avalanche photodiodes are not perfect, the source of quantum states is not a single-photon one, and the communication channel is lossy. For these reasons, key distribution is impossible under certain conditions for the system parameters. A simple analysis is performed to find relations between the parameters of real cryptography systems and the length of the quantum channel that guarantee secure quantum key distribution when the eavesdropper’s capabilities are limited only by fundamental laws of quantum mechanics while the devices employed by the legitimate users are based on current technologies. Critical values are determined for the rate of secure real-time key generation that can be reached under the current technology level. Calculations show that the upper bound on channel length can be as high as 300 km for imperfect photodetectors (avalanche photodiodes) with present-day quantum efficiency (η ≈ 20%) and dark count probability ( p dark ˜ 10-7).

Industrial application for global quantum communication

NASA Astrophysics Data System (ADS)

Mirza, A.; Petruccione, F.

2012-09-01

In the last decade the quantum communication community has witnessed great advances in photonic quantum cryptography technology with the research, development and commercialization of automated Quantum Key Distribution (QKD) devices. These first generation devices are however bottlenecked by the achievable spatial coverage. This is due to the intrinsic absorption of the quantum particle into the communication medium. As QKD is of paramount importance in the future ICT landscape, various innovative solutions have been developed and tested to expand the spatial coverage of these networks such as the Quantum City initiative in Durban, South Africa. To expand this further into a global QKD-secured network, recent efforts have focussed on high-altitude free-space techniques through the use of satellites. This couples the QKD-secured Metropolitan Area Networks (MANs) with secured ground-tosatellite links as access points to a global network. Such a solution, however, has critical limitations that reduce its commercial feasibility. As parallel step to the development of satellitebased global QKD networks, we investigate the use of the commercial aircrafts' network as secure transport mechanisms in a global QKD network. This QKD-secured global network will provide a robust infrastructure to create, distribute and manage encryption keys between the MANs of the participating cities.

High-speed wavelength-division multiplexing quantum key distribution system.

PubMed

Yoshino, Ken-ichiro; Fujiwara, Mikio; Tanaka, Akihiro; Takahashi, Seigo; Nambu, Yoshihiro; Tomita, Akihisa; Miki, Shigehito; Yamashita, Taro; Wang, Zhen; Sasaki, Masahide; Tajima, Akio

2012-01-15

A high-speed quantum key distribution system was developed with the wavelength-division multiplexing (WDM) technique and dedicated key distillation hardware engines. Two interferometers for encoding and decoding are shared over eight wavelengths to reduce the system's size, cost, and control complexity. The key distillation engines can process a huge amount of data from the WDM channels by using a 1 Mbit block in real time. We demonstrated a three-channel WDM system that simultaneously uses avalanche photodiodes and superconducting single-photon detectors. We achieved 12 h continuous key generation with a secure key rate of 208 kilobits per second through a 45 km field fiber with 14.5 dB loss.

Measurement-device-independent quantum key distribution.

PubMed

Lo, Hoi-Kwong; Curty, Marcos; Qi, Bing

2012-03-30

How to remove detector side channel attacks has been a notoriously hard problem in quantum cryptography. Here, we propose a simple solution to this problem--measurement-device-independent quantum key distribution (QKD). It not only removes all detector side channels, but also doubles the secure distance with conventional lasers. Our proposal can be implemented with standard optical components with low detection efficiency and highly lossy channels. In contrast to the previous solution of full device independent QKD, the realization of our idea does not require detectors of near unity detection efficiency in combination with a qubit amplifier (based on teleportation) or a quantum nondemolition measurement of the number of photons in a pulse. Furthermore, its key generation rate is many orders of magnitude higher than that based on full device independent QKD. The results show that long-distance quantum cryptography over say 200 km will remain secure even with seriously flawed detectors.

Security of subcarrier wave quantum key distribution against the collective beam-splitting attack.

PubMed

Miroshnichenko, G P; Kozubov, A V; Gaidash, A A; Gleim, A V; Horoshko, D B

2018-04-30

We consider a subcarrier wave quantum key distribution (QKD) system, where quantum encoding is carried out at weak sidebands generated around a coherent optical beam as a result of electro-optical phase modulation. We study security of two protocols, B92 and BB84, against one of the most powerful attacks for this class of systems, the collective beam-splitting attack. Our analysis includes the case of high modulation index, where the sidebands are essentially multimode. We demonstrate numerically and experimentally that a subcarrier wave QKD system with realistic parameters is capable of distributing cryptographic keys over large distances in presence of collective attacks. We also show that BB84 protocol modification with discrimination of only one state in each basis performs not worse than the original BB84 protocol in this class of QKD systems, thus significantly simplifying the development of cryptographic networks using the considered QKD technique.

Biometrics encryption combining palmprint with two-layer error correction codes

NASA Astrophysics Data System (ADS)

Li, Hengjian; Qiu, Jian; Dong, Jiwen; Feng, Guang

2017-07-01

To bridge the gap between the fuzziness of biometrics and the exactitude of cryptography, based on combining palmprint with two-layer error correction codes, a novel biometrics encryption method is proposed. Firstly, the randomly generated original keys are encoded by convolutional and cyclic two-layer coding. The first layer uses a convolution code to correct burst errors. The second layer uses cyclic code to correct random errors. Then, the palmprint features are extracted from the palmprint images. Next, they are fused together by XORing operation. The information is stored in a smart card. Finally, the original keys extraction process is the information in the smart card XOR the user's palmprint features and then decoded with convolutional and cyclic two-layer code. The experimental results and security analysis show that it can recover the original keys completely. The proposed method is more secure than a single password factor, and has higher accuracy than a single biometric factor.

Measurement-device-independent quantum communication with an untrusted source

NASA Astrophysics Data System (ADS)

Xu, Feihu

2015-07-01

Measurement-device-independent quantum key distribution (MDI-QKD) can provide enhanced security compared to traditional QKD, and it constitutes an important framework for a quantum network with an untrusted network server. Still, a key assumption in MDI-QKD is that the sources are trusted. We propose here a MDI quantum network with a single untrusted source. We have derived a complete proof of the unconditional security of MDI-QKD with an untrusted source. Using simulations, we have considered various real-life imperfections in its implementation, and the simulation results show that MDI-QKD with an untrusted source provides a key generation rate that is close to the rate of initial MDI-QKD in the asymptotic setting. Our work proves the feasibility of the realization of a quantum network. The network users need only low-cost modulation devices, and they can share both an expensive detector and a complicated laser provided by an untrusted network server.

RUASN: a robust user authentication framework for wireless sensor networks.

PubMed

Kumar, Pardeep; Choudhury, Amlan Jyoti; Sain, Mangal; Lee, Sang-Gon; Lee, Hoon-Jae

2011-01-01

In recent years, wireless sensor networks (WSNs) have been considered as a potential solution for real-time monitoring applications and these WSNs have potential practical impact on next generation technology too. However, WSNs could become a threat if suitable security is not considered before the deployment and if there are any loopholes in their security, which might open the door for an attacker and hence, endanger the application. User authentication is one of the most important security services to protect WSN data access from unauthorized users; it should provide both mutual authentication and session key establishment services. This paper proposes a robust user authentication framework for wireless sensor networks, based on a two-factor (password and smart card) concept. This scheme facilitates many services to the users such as user anonymity, mutual authentication, secure session key establishment and it allows users to choose/update their password regularly, whenever needed. Furthermore, we have provided the formal verification using Rubin logic and compare RUASN with many existing schemes. As a result, we found that the proposed scheme possesses many advantages against popular attacks, and achieves better efficiency at low computation cost.

ECG-cryptography and authentication in body area networks.

PubMed

Zhang, Zhaoyang; Wang, Honggang; Vasilakos, Athanasios V; Fang, Hua

2012-11-01

Wireless body area networks (BANs) have drawn much attention from research community and industry in recent years. Multimedia healthcare services provided by BANs can be available to anyone, anywhere, and anytime seamlessly. A critical issue in BANs is how to preserve the integrity and privacy of a person's medical data over wireless environments in a resource efficient manner. This paper presents a novel key agreement scheme that allows neighboring nodes in BANs to share a common key generated by electrocardiogram (ECG) signals. The improved Jules Sudan (IJS) algorithm is proposed to set up the key agreement for the message authentication. The proposed ECG-IJS key agreement can secure data communications over BANs in a plug-n-play manner without any key distribution overheads. Both the simulation and experimental results are presented, which demonstrate that the proposed ECG-IJS scheme can achieve better security performance in terms of serval performance metrics such as false acceptance rate (FAR) and false rejection rate (FRR) than other existing approaches. In addition, the power consumption analysis also shows that the proposed ECG-IJS scheme can achieve energy efficiency for BANs.

Study on the key technology of optical encryption based on compressive ghost imaging with double random-phase encoding

NASA Astrophysics Data System (ADS)

Zhang, Leihong; Pan, Zilan; Liang, Dong; Ma, Xiuhua; Zhang, Dawei

2015-12-01

An optical encryption method based on compressive ghost imaging (CGI) with double random-phase encoding (DRPE), named DRPE-CGI, is proposed. The information is first encrypted by the sender with DRPE, the DRPE-coded image is encrypted by the system of computational ghost imaging with a secret key. The key of N random-phase vectors is generated by the sender and will be shared with the receiver who is the authorized user. The receiver decrypts the DRPE-coded image with the key, with the aid of CGI and a compressive sensing technique, and then reconstructs the original information by the technique of DRPE-decoding. The experiments suggest that cryptanalysts cannot get any useful information about the original image even if they eavesdrop 60% of the key at a given time, so the security of DRPE-CGI is higher than that of the security of conventional ghost imaging. Furthermore, this method can reduce 40% of the information quantity compared with ghost imaging while the qualities of reconstructing the information are the same. It can also improve the quality of the reconstructed plaintext information compared with DRPE-GI with the same sampling times. This technique can be immediately applied to encryption and data storage with the advantages of high security, fast transmission, and high quality of reconstructed information.

Gaussian entanglement distribution with gigahertz bandwidth.

PubMed

Ast, Stefan; Ast, Melanie; Mehmet, Moritz; Schnabel, Roman

2016-11-01

The distribution of entanglement with Gaussian statistic can be used to generate a mathematically proven secure key for quantum cryptography. The distributed secret key rate is limited by the entanglement strength, the entanglement bandwidth, and the bandwidth of the photoelectric detectors. The development of a source for strongly bipartite entangled light with high bandwidth promises an increased measurement speed and a linear boost in the secure data rate. Here, we present the experimental realization of a Gaussian entanglement source with a bandwidth of more than 1.25 GHz. The entanglement spectrum was measured with balanced homodyne detectors and was quantified via the inseparability criterion introduced by Duan and coworkers with a critical value of 4 below which entanglement is certified. Our measurements yielded an inseparability value of about 1.8 at a frequency of 300 MHz to about 2.8 at 1.2 GHz, extending further to about 3.1 at 1.48 GHz. In the experiment we used two 2.6 mm long monolithic periodically poled potassium titanyl phosphate (KTP) resonators to generate two squeezed fields at the telecommunication wavelength of 1550 nm. Our result proves the possibility of generating and detecting strong continuous-variable entanglement with high speed.

Physical unclonable functions: A primer

DOE PAGES

Bauer, Todd; Hamlet, Jason

2014-11-01

Physical unclonable functions (PUFs) make use of the measurable intrinsic randomness of physical systems to establish signatures for those systems. Thus, PUFs provide a means to generate unique keys that don't need to be stored in nonvolatile memory, and they offer exciting opportunities for new authentication and supply chain security technologies.

Secure data sharing in public cloud

NASA Astrophysics Data System (ADS)

Venkataramana, Kanaparti; Naveen Kumar, R.; Tatekalva, Sandhya; Padmavathamma, M.

2012-04-01

Secure multi-party protocols have been proposed for entities (organizations or individuals) that don't fully trust each other to share sensitive information. Many types of entities need to collect, analyze, and disseminate data rapidly and accurately, without exposing sensitive information to unauthorized or untrusted parties. Solutions based on secure multiparty computation guarantee privacy and correctness, at an extra communication (too costly in communication to be practical) and computation cost. The high overhead motivates us to extend this SMC to cloud environment which provides large computation and communication capacity which makes SMC to be used between multiple clouds (i.e., it may between private or public or hybrid clouds).Cloud may encompass many high capacity servers which acts as a hosts which participate in computation (IaaS and PaaS) for final result, which is controlled by Cloud Trusted Authority (CTA) for secret sharing within the cloud. The communication between two clouds is controlled by High Level Trusted Authority (HLTA) which is one of the hosts in a cloud which provides MgaaS (Management as a Service). Due to high risk for security in clouds, HLTA generates and distributes public keys and private keys by using Carmichael-R-Prime- RSA algorithm for exchange of private data in SMC between itself and clouds. In cloud, CTA creates Group key for Secure communication between the hosts in cloud based on keys sent by HLTA for exchange of Intermediate values and shares for computation of final result. Since this scheme is extended to be used in clouds( due to high availability and scalability to increase computation power) it is possible to implement SMC practically for privacy preserving in data mining at low cost for the clients.

Dual Key Speech Encryption Algorithm Based Underdetermined BSS

PubMed Central

Zhao, Huan; Chen, Zuo; Zhang, Xixiang

2014-01-01

When the number of the mixed signals is less than that of the source signals, the underdetermined blind source separation (BSS) is a significant difficult problem. Due to the fact that the great amount data of speech communications and real-time communication has been required, we utilize the intractability of the underdetermined BSS problem to present a dual key speech encryption method. The original speech is mixed with dual key signals which consist of random key signals (one-time pad) generated by secret seed and chaotic signals generated from chaotic system. In the decryption process, approximate calculation is used to recover the original speech signals. The proposed algorithm for speech signals encryption can resist traditional attacks against the encryption system, and owing to approximate calculation, decryption becomes faster and more accurate. It is demonstrated that the proposed method has high level of security and can recover the original signals quickly and efficiently yet maintaining excellent audio quality. PMID:24955430

Entangled quantum key distribution over two free-space optical links.

PubMed

Erven, C; Couteau, C; Laflamme, R; Weihs, G

2008-10-13

We report on the first real-time implementation of a quantum key distribution (QKD) system using entangled photon pairs that are sent over two free-space optical telescope links. The entangled photon pairs are produced with a type-II spontaneous parametric down-conversion source placed in a central, potentially untrusted, location. The two free-space links cover a distance of 435 m and 1,325 m respectively, producing a total separation of 1,575 m. The system relies on passive polarization analysis units, GPS timing receivers for synchronization, and custom written software to perform the complete QKD protocol including error correction and privacy amplification. Over 6.5 hours during the night, we observed an average raw key generation rate of 565 bits/s, an average quantum bit error rate (QBER) of 4.92%, and an average secure key generation rate of 85 bits/s.

Adaptive spatial filtering for daytime satellite quantum key distribution

NASA Astrophysics Data System (ADS)

Gruneisen, Mark T.; Sickmiller, Brett A.; Flanagan, Michael B.; Black, James P.; Stoltenberg, Kurt E.; Duchane, Alexander W.

2014-11-01

The rate of secure key generation (SKG) in quantum key distribution (QKD) is adversely affected by optical noise and loss in the quantum channel. In a free-space atmospheric channel, the scattering of sunlight into the channel can lead to quantum bit error ratios (QBERs) sufficiently large to preclude SKG. Furthermore, atmospheric turbulence limits the degree to which spatial filtering can reduce sky noise without introducing signal losses. A system simulation quantifies the potential benefit of tracking and higher-order adaptive optics (AO) technologies to SKG rates in a daytime satellite engagement scenario. The simulations are performed assuming propagation from a low-Earth orbit (LEO) satellite to a terrestrial receiver that includes an AO system comprised of a Shack-Hartmann wave-front sensor (SHWFS) and a continuous-face-sheet deformable mirror (DM). The effects of atmospheric turbulence, tracking, and higher-order AO on the photon capture efficiency are simulated using statistical representations of turbulence and a time-domain waveoptics hardware emulator. Secure key generation rates are then calculated for the decoy state QKD protocol as a function of the receiver field of view (FOV) for various pointing angles. The results show that at FOVs smaller than previously considered, AO technologies can enhance SKG rates in daylight and even enable SKG where it would otherwise be prohibited as a consequence of either background optical noise or signal loss due to turbulence effects.

Color image encryption based on gyrator transform and Arnold transform

NASA Astrophysics Data System (ADS)

Sui, Liansheng; Gao, Bo

2013-06-01

A color image encryption scheme using gyrator transform and Arnold transform is proposed, which has two security levels. In the first level, the color image is separated into three components: red, green and blue, which are normalized and scrambled using the Arnold transform. The green component is combined with the first random phase mask and transformed to an interim using the gyrator transform. The first random phase mask is generated with the sum of the blue component and a logistic map. Similarly, the red component is combined with the second random phase mask and transformed to three-channel-related data. The second random phase mask is generated with the sum of the phase of the interim and an asymmetrical tent map. In the second level, the three-channel-related data are scrambled again and combined with the third random phase mask generated with the sum of the previous chaotic maps, and then encrypted into a gray scale ciphertext. The encryption result has stationary white noise distribution and camouflage property to some extent. In the process of encryption and decryption, the rotation angle of gyrator transform, the iterative numbers of Arnold transform, the parameters of the chaotic map and generated accompanied phase function serve as encryption keys, and hence enhance the security of the system. Simulation results and security analysis are presented to confirm the security, validity and feasibility of the proposed scheme.

Optimal attacks on qubit-based Quantum Key Recycling

NASA Astrophysics Data System (ADS)

Leermakers, Daan; Škorić, Boris

2018-03-01

Quantum Key Recycling (QKR) is a quantum cryptographic primitive that allows one to reuse keys in an unconditionally secure way. By removing the need to repeatedly generate new keys, it improves communication efficiency. Škorić and de Vries recently proposed a QKR scheme based on 8-state encoding (four bases). It does not require quantum computers for encryption/decryption but only single-qubit operations. We provide a missing ingredient in the security analysis of this scheme in the case of noisy channels: accurate upper bounds on the required amount of privacy amplification. We determine optimal attacks against the message and against the key, for 8-state encoding as well as 4-state and 6-state conjugate coding. We provide results in terms of min-entropy loss as well as accessible (Shannon) information. We show that the Shannon entropy analysis for 8-state encoding reduces to the analysis of quantum key distribution, whereas 4-state and 6-state suffer from additional leaks that make them less effective. From the optimal attacks we compute the required amount of privacy amplification and hence the achievable communication rate (useful information per qubit) of qubit-based QKR. Overall, 8-state encoding yields the highest communication rates.

Finite-key analysis for quantum key distribution with weak coherent pulses based on Bernoulli sampling

NASA Astrophysics Data System (ADS)

Kawakami, Shun; Sasaki, Toshihiko; Koashi, Masato

2017-07-01

An essential step in quantum key distribution is the estimation of parameters related to the leaked amount of information, which is usually done by sampling of the communication data. When the data size is finite, the final key rate depends on how the estimation process handles statistical fluctuations. Many of the present security analyses are based on the method with simple random sampling, where hypergeometric distribution or its known bounds are used for the estimation. Here we propose a concise method based on Bernoulli sampling, which is related to binomial distribution. Our method is suitable for the Bennett-Brassard 1984 (BB84) protocol with weak coherent pulses [C. H. Bennett and G. Brassard, Proceedings of the IEEE Conference on Computers, Systems and Signal Processing (IEEE, New York, 1984), Vol. 175], reducing the number of estimated parameters to achieve a higher key generation rate compared to the method with simple random sampling. We also apply the method to prove the security of the differential-quadrature-phase-shift (DQPS) protocol in the finite-key regime. The result indicates that the advantage of the DQPS protocol over the phase-encoding BB84 protocol in terms of the key rate, which was previously confirmed in the asymptotic regime, persists in the finite-key regime.

Water security for productive economies: Applying an assessment framework in southern Africa

NASA Astrophysics Data System (ADS)

Holmatov, Bunyod; Lautze, Jonathan; Manthrithilake, Herath; Makin, Ian

2017-08-01

Achieving water security has emerged as a major objective in Africa, yet an analytical or diagnostic framework for assessing water security in African countries is not known to exist. This paper applies one key dimension of the 2016 Asian Development Bank's (ADB) Asian Water Development Outlook (AWDO) to assess levels of water security for productive economies in countries of the Southern African Development Community (SADC). Economic aspects of water security cover four areas: economic activities in the broad sense, agriculture, electricity, and industry. Water security in each area is measured through application of a set of indicators; results of indicator application are then aggregated to determine economic water security at a country-level. Results show that economic water security in SADC is greatest in the Seychelles and South Africa, and lowest in Madagascar and Malawi. Opportunities for strengthening economic water security in the majority of SADC countries exist through improving agricultural water productivity, strengthening resilience, and expanding sustainable electricity generation. More profoundly, this paper suggests that there is clear potential and utility in applying approaches used elsewhere to assess economic water security in southern Africa.

An improved scheme on decoy-state method for measurement-device-independent quantum key distribution.

PubMed

Wang, Dong; Li, Mo; Guo, Guang-Can; Wang, Qin

2015-10-14

Quantum key distribution involving decoy-states is a significant application of quantum information. By using three-intensity decoy-states of single-photon-added coherent sources, we propose a practically realizable scheme on quantum key distribution which approaches very closely the ideal asymptotic case of an infinite number of decoy-states. We make a comparative study between this scheme and two other existing ones, i.e., two-intensity decoy-states with single-photon-added coherent sources, and three-intensity decoy-states with weak coherent sources. Through numerical analysis, we demonstrate the advantages of our scheme in secure transmission distance and the final key generation rate.

Providing integrity, authenticity, and confidentiality for header and pixel data of DICOM images.

PubMed

Al-Haj, Ali

2015-04-01

Exchange of medical images over public networks is subjected to different types of security threats. This has triggered persisting demands for secured telemedicine implementations that will provide confidentiality, authenticity, and integrity for the transmitted images. The medical image exchange standard (DICOM) offers mechanisms to provide confidentiality for the header data of the image but not for the pixel data. On the other hand, it offers mechanisms to achieve authenticity and integrity for the pixel data but not for the header data. In this paper, we propose a crypto-based algorithm that provides confidentially, authenticity, and integrity for the pixel data, as well as for the header data. This is achieved by applying strong cryptographic primitives utilizing internally generated security data, such as encryption keys, hashing codes, and digital signatures. The security data are generated internally from the header and the pixel data, thus a strong bond is established between the DICOM data and the corresponding security data. The proposed algorithm has been evaluated extensively using DICOM images of different modalities. Simulation experiments show that confidentiality, authenticity, and integrity have been achieved as reflected by the results we obtained for normalized correlation, entropy, PSNR, histogram analysis, and robustness.

Three-dimensional information hierarchical encryption based on computer-generated holograms

NASA Astrophysics Data System (ADS)

Kong, Dezhao; Shen, Xueju; Cao, Liangcai; Zhang, Hao; Zong, Song; Jin, Guofan

2016-12-01

A novel approach for encrypting three-dimensional (3-D) scene information hierarchically based on computer-generated holograms (CGHs) is proposed. The CGHs of the layer-oriented 3-D scene information are produced by angular-spectrum propagation algorithm at different depths. All the CGHs are then modulated by different chaotic random phase masks generated by the logistic map. Hierarchical encryption encoding is applied when all the CGHs are accumulated one by one, and the reconstructed volume of the 3-D scene information depends on permissions of different users. The chaotic random phase masks could be encoded into several parameters of the chaotic sequences to simplify the transmission and preservation of the keys. Optical experiments verify the proposed method and numerical simulations show the high key sensitivity, high security, and application flexibility of the method.

Practical scheme to share a secret key through a quantum channel with a 27.6% bit error rate

NASA Astrophysics Data System (ADS)

Chau, H. F.

2002-12-01

A secret key shared through quantum key distribution between two cooperative players is secure against any eavesdropping attack allowed by the laws of physics. Yet, such a key can be established only when the quantum channel error rate due to eavesdropping or imperfect apparatus is low. Here, a practical quantum key distribution scheme by making use of an adaptive privacy amplification procedure with two-way classical communication is reported. Then, it is proven that the scheme generates a secret key whenever the bit error rate of the quantum channel is less than 0.5-0.1(5)≈27.6%, thereby making it the most error resistant scheme known to date.

Optical benchmarking of security document readers for automated border control

NASA Astrophysics Data System (ADS)

Valentín, Kristián.; Wild, Peter; Å tolc, Svorad; Daubner, Franz; Clabian, Markus

2016-10-01

Authentication and optical verification of travel documents upon crossing borders is of utmost importance for national security. Understanding the workflow and different approaches to ICAO 9303 travel document scanning in passport readers, as well as highlighting normalization issues and designing new methods to achieve better harmonization across inspection devices are key steps for the development of more effective and efficient next- generation passport inspection. This paper presents a survey of state-of-the-art document inspection systems, showcasing results of a document reader challenge investigating 9 devices with regards to optical characteristics.

A framework to enhance security of physically unclonable functions using chaotic circuits

NASA Astrophysics Data System (ADS)

Chen, Lanxiang

2018-05-01

As a new technique for authentication and key generation, physically unclonable function (PUF) has attracted considerable attentions, with extensive research results achieved already. To resist the popular machine learning modeling attacks, a framework to enhance the security of PUFs is proposed. The basic idea is to combine PUFs with a chaotic system of which the response is highly sensitive to initial conditions. For this framework, a specific construction which combines the common arbiter PUF circuit, a converter, and the Chua's circuit is given to implement a more secure PUF. Simulation experiments are presented to further validate the framework. Finally, some practical suggestions for the framework and specific construction are also discussed.

Provably Secure Password-based Authentication in TLS

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abdalla, Michel; Emmanuel, Bresson; Chevassut, Olivier

2005-12-20

In this paper, we show how to design an efficient, provably secure password-based authenticated key exchange mechanism specifically for the TLS (Transport Layer Security) protocol. The goal is to provide a technique that allows users to employ (short) passwords to securely identify themselves to servers. As our main contribution, we describe a new password-based technique for user authentication in TLS, called Simple Open Key Exchange (SOKE). Loosely speaking, the SOKE ciphersuites are unauthenticated Diffie-Hellman ciphersuites in which the client's Diffie-Hellman ephemeral public value is encrypted using a simple mask generation function. The mask is simply a constant value raised tomore » the power of (a hash of) the password.The SOKE ciphersuites, in advantage over previous pass-word-based authentication ciphersuites for TLS, combine the following features. First, SOKE has formal security arguments; the proof of security based on the computational Diffie-Hellman assumption is in the random oracle model, and holds for concurrent executions and for arbitrarily large password dictionaries. Second, SOKE is computationally efficient; in particular, it only needs operations in a sufficiently large prime-order subgroup for its Diffie-Hellman computations (no safe primes). Third, SOKE provides good protocol flexibility because the user identity and password are only required once a SOKE ciphersuite has actually been negotiated, and after the server has sent a server identity.« less

Free-space measurement-device-independent quantum-key-distribution protocol using decoy states with orbital angular momentum

NASA Astrophysics Data System (ADS)

Wang, Le; Zhao, Sheng-Mei; Gong, Long-Yan; Cheng, Wei-Wen

2015-12-01

In this paper, we propose a measurement-device-independent quantum-key-distribution (MDI-QKD) protocol using orbital angular momentum (OAM) in free space links, named the OAM-MDI-QKD protocol. In the proposed protocol, the OAM states of photons, instead of polarization states, are used as the information carriers to avoid the reference frame alignment, the decoy-state is adopted to overcome the security loophole caused by the weak coherent pulse source, and the high efficient OAM-sorter is adopted as the measurement tool for Charlie to obtain the output OAM state. Here, Charlie may be an untrusted third party. The results show that the authorized users, Alice and Bob, could distill a secret key with Charlie’s successful measurements, and the key generation performance is slightly better than that of the polarization-based MDI-QKD protocol in the two-dimensional OAM cases. Simultaneously, Alice and Bob can reduce the number of flipping the bits in the secure key distillation. It is indicated that a higher key generation rate performance could be obtained by a high dimensional OAM-MDI-QKD protocol because of the unlimited degree of freedom on OAM states. Moreover, the results show that the key generation rate and the transmission distance will decrease as the growth of the strength of atmospheric turbulence (AT) and the link attenuation. In addition, the decoy states used in the proposed protocol can get a considerable good performance without the need for an ideal source. Project supported by the National Natural Science Foundation of China (Grant Nos. 61271238 and 61475075), the Specialized Research Fund for the Doctoral Program of Higher Education of China (Grant No. 20123223110003), the Natural Science Research Foundation for Universities of Jiangsu Province of China (Grant No. 11KJA510002), the Open Research Fund of Key Laboratory of Broadband Wireless Communication and Sensor Network Technology, Ministry of Education, China (Grant No. NYKL2015011), and the Innovation Program of Graduate Education of Jiangsu Province, China (Grant No. KYLX0810). Gong Long-Yan is partially supported by Qinglan Project of Jiangsu Province, China.

Security of quantum key distribution with iterative sifting

NASA Astrophysics Data System (ADS)

Tamaki, Kiyoshi; Lo, Hoi-Kwong; Mizutani, Akihiro; Kato, Go; Lim, Charles Ci Wen; Azuma, Koji; Curty, Marcos

2018-01-01

Several quantum key distribution (QKD) protocols employ iterative sifting. After each quantum transmission round, Alice and Bob disclose part of their setting information (including their basis choices) for the detected signals. This quantum phase then ends when the basis dependent termination conditions are met, i.e., the numbers of detected signals per basis exceed certain pre-agreed threshold values. Recently, however, Pfister et al (2016 New J. Phys. 18 053001) showed that the basis dependent termination condition makes QKD insecure, especially in the finite key regime, and they suggested to disclose all the setting information after finishing the quantum phase. However, this protocol has two main drawbacks: it requires that Alice possesses a large memory, and she also needs to have some a priori knowledge about the transmission rate of the quantum channel. Here we solve these two problems by introducing a basis-independent termination condition to the iterative sifting in the finite key regime. The use of this condition, in combination with Azuma’s inequality, provides a precise estimation on the amount of privacy amplification that needs to be applied, thus leading to the security of QKD protocols, including the loss-tolerant protocol (Tamaki et al 2014 Phys. Rev. A 90 052314), with iterative sifting. Our analysis indicates that to announce the basis information after each quantum transmission round does not compromise the key generation rate of the loss-tolerant protocol. Our result allows the implementation of wider classes of classical post-processing techniques in QKD with quantified security.

Security Standards and Best Practice Considerations for Quantum Key Distribution (QKD)

DTIC Science & Technology

2012-03-01

SECURITY STANDARDS AND BEST PRACTICE CONSIDERATIONS FOR QUANTUM KEY DISTRIBUTION (QKD) THESIS...protection in the United States. AFIT/GSE/ENV/12-M05 SECURITY STANDARDS AND BEST PRACTICE CONSIDERATIONS FOR QUANTUM KEY DISTRIBUTION (QKD...FOR PUBLIC RELEASE; DISTRIBUTION UNLIMITED. AFIT/GSE/ENV/12-M05 SECURITY STANDARDS AND BEST PRACTICE CONSIDERATIONS FOR QUANTUM KEY

Quantum Hash function and its application to privacy amplification in quantum key distribution, pseudo-random number generation and image encryption

NASA Astrophysics Data System (ADS)

Yang, Yu-Guang; Xu, Peng; Yang, Rui; Zhou, Yi-Hua; Shi, Wei-Min

2016-01-01

Quantum information and quantum computation have achieved a huge success during the last years. In this paper, we investigate the capability of quantum Hash function, which can be constructed by subtly modifying quantum walks, a famous quantum computation model. It is found that quantum Hash function can act as a hash function for the privacy amplification process of quantum key distribution systems with higher security. As a byproduct, quantum Hash function can also be used for pseudo-random number generation due to its inherent chaotic dynamics. Further we discuss the application of quantum Hash function to image encryption and propose a novel image encryption algorithm. Numerical simulations and performance comparisons show that quantum Hash function is eligible for privacy amplification in quantum key distribution, pseudo-random number generation and image encryption in terms of various hash tests and randomness tests. It extends the scope of application of quantum computation and quantum information.

Quantum Hash function and its application to privacy amplification in quantum key distribution, pseudo-random number generation and image encryption

PubMed Central

Yang, Yu-Guang; Xu, Peng; Yang, Rui; Zhou, Yi-Hua; Shi, Wei-Min

2016-01-01

Quantum information and quantum computation have achieved a huge success during the last years. In this paper, we investigate the capability of quantum Hash function, which can be constructed by subtly modifying quantum walks, a famous quantum computation model. It is found that quantum Hash function can act as a hash function for the privacy amplification process of quantum key distribution systems with higher security. As a byproduct, quantum Hash function can also be used for pseudo-random number generation due to its inherent chaotic dynamics. Further we discuss the application of quantum Hash function to image encryption and propose a novel image encryption algorithm. Numerical simulations and performance comparisons show that quantum Hash function is eligible for privacy amplification in quantum key distribution, pseudo-random number generation and image encryption in terms of various hash tests and randomness tests. It extends the scope of application of quantum computation and quantum information. PMID:26823196

Quantum Hash function and its application to privacy amplification in quantum key distribution, pseudo-random number generation and image encryption.

PubMed

Yang, Yu-Guang; Xu, Peng; Yang, Rui; Zhou, Yi-Hua; Shi, Wei-Min

2016-01-29

Quantum information and quantum computation have achieved a huge success during the last years. In this paper, we investigate the capability of quantum Hash function, which can be constructed by subtly modifying quantum walks, a famous quantum computation model. It is found that quantum Hash function can act as a hash function for the privacy amplification process of quantum key distribution systems with higher security. As a byproduct, quantum Hash function can also be used for pseudo-random number generation due to its inherent chaotic dynamics. Further we discuss the application of quantum Hash function to image encryption and propose a novel image encryption algorithm. Numerical simulations and performance comparisons show that quantum Hash function is eligible for privacy amplification in quantum key distribution, pseudo-random number generation and image encryption in terms of various hash tests and randomness tests. It extends the scope of application of quantum computation and quantum information.

RUASN: A Robust User Authentication Framework for Wireless Sensor Networks

PubMed Central

Kumar, Pardeep; Choudhury, Amlan Jyoti; Sain, Mangal; Lee, Sang-Gon; Lee, Hoon-Jae

2011-01-01

In recent years, wireless sensor networks (WSNs) have been considered as a potential solution for real-time monitoring applications and these WSNs have potential practical impact on next generation technology too. However, WSNs could become a threat if suitable security is not considered before the deployment and if there are any loopholes in their security, which might open the door for an attacker and hence, endanger the application. User authentication is one of the most important security services to protect WSN data access from unauthorized users; it should provide both mutual authentication and session key establishment services. This paper proposes a robust user authentication framework for wireless sensor networks, based on a two-factor (password and smart card) concept. This scheme facilitates many services to the users such as user anonymity, mutual authentication, secure session key establishment and it allows users to choose/update their password regularly, whenever needed. Furthermore, we have provided the formal verification using Rubin logic and compare RUASN with many existing schemes. As a result, we found that the proposed scheme possesses many advantages against popular attacks, and achieves better efficiency at low computation cost. PMID:22163888

Misinterpretation of statistical distance in security of quantum key distribution shown by simulation

NASA Astrophysics Data System (ADS)

Iwakoshi, Takehisa; Hirota, Osamu

2014-10-01

This study will test an interpretation in quantum key distribution (QKD) that trace distance between the distributed quantum state and the ideal mixed state is a maximum failure probability of the protocol. Around 2004, this interpretation was proposed and standardized to satisfy both of the key uniformity in the context of universal composability and operational meaning of the failure probability of the key extraction. However, this proposal has not been verified concretely yet for many years while H. P. Yuen and O. Hirota have thrown doubt on this interpretation since 2009. To ascertain this interpretation, a physical random number generator was employed to evaluate key uniformity in QKD. In this way, we calculated statistical distance which correspond to trace distance in quantum theory after a quantum measurement is done, then we compared it with the failure probability whether universal composability was obtained. As a result, the degree of statistical distance of the probability distribution of the physical random numbers and the ideal uniformity was very large. It is also explained why trace distance is not suitable to guarantee the security in QKD from the view point of quantum binary decision theory.

Discussion and a new method of optical cryptosystem based on interference

NASA Astrophysics Data System (ADS)

Lu, Dajiang; He, Wenqi; Liao, Meihua; Peng, Xiang

2017-02-01

A discussion and an objective security analysis of the well-known optical image encryption based on interference are presented in this paper. A new method is also proposed to eliminate the security risk of the original cryptosystem. For a possible practical application, we expand this new method into a hierarchical authentication scheme. In this authentication system, with a pre-generated and fixed random phase lock, different target images indicating different authentication levels are analytically encoded into corresponding phase-only masks (phase keys) and amplitude-only masks (amplitude keys). For the authentication process, a legal user can obtain a specified target image at the output plane if his/her phase key, and amplitude key, which should be settled close against the fixed internal phase lock, are respectively illuminated by two coherent beams. By comparing the target image with all the standard certification images in the database, the system can thus verify the user's legality even his/her identity level. Moreover, in despite of the internal phase lock of this system being fixed, the crosstalk between different pairs of keys held by different users is low. Theoretical analysis and numerical simulation are both provided to demonstrate the validity of this method.

FPGA based digital phase-coding quantum key distribution system

NASA Astrophysics Data System (ADS)

Lu, XiaoMing; Zhang, LiJun; Wang, YongGang; Chen, Wei; Huang, DaJun; Li, Deng; Wang, Shuang; He, DeYong; Yin, ZhenQiang; Zhou, Yu; Hui, Cong; Han, ZhengFu

2015-12-01

Quantum key distribution (QKD) is a technology with the potential capability to achieve information-theoretic security. Phasecoding is an important approach to develop practical QKD systems in fiber channel. In order to improve the phase-coding modulation rate, we proposed a new digital-modulation method in this paper and constructed a compact and robust prototype of QKD system using currently available components in our lab to demonstrate the effectiveness of the method. The system was deployed in laboratory environment over a 50 km fiber and continuously operated during 87 h without manual interaction. The quantum bit error rate (QBER) of the system was stable with an average value of 3.22% and the secure key generation rate is 8.91 kbps. Although the modulation rate of the photon in the demo system was only 200 MHz, which was limited by the Faraday-Michelson interferometer (FMI) structure, the proposed method and the field programmable gate array (FPGA) based electronics scheme have a great potential for high speed QKD systems with Giga-bits/second modulation rate.

An improved scheme on decoy-state method for measurement-device-independent quantum key distribution

PubMed Central

Wang, Dong; Li, Mo; Guo, Guang-Can; Wang, Qin

2015-01-01

Quantum key distribution involving decoy-states is a significant application of quantum information. By using three-intensity decoy-states of single-photon-added coherent sources, we propose a practically realizable scheme on quantum key distribution which approaches very closely the ideal asymptotic case of an infinite number of decoy-states. We make a comparative study between this scheme and two other existing ones, i.e., two-intensity decoy-states with single-photon-added coherent sources, and three-intensity decoy-states with weak coherent sources. Through numerical analysis, we demonstrate the advantages of our scheme in secure transmission distance and the final key generation rate. PMID:26463580

Performance analysis of AES-Blowfish hybrid algorithm for security of patient medical record data

NASA Astrophysics Data System (ADS)

Mahmud H, Amir; Angga W, Bayu; Tommy; Marwan E, Andi; Siregar, Rosyidah

2018-04-01

A file security is one method to protect data confidentiality, integrity and information security. Cryptography is one of techniques used to secure and guarantee data confidentiality by doing conversion to the plaintext (original message) to cipher text (hidden message) with two important processes, they are encrypt and decrypt. Some researchers proposed a hybrid method to improve data security. In this research we proposed hybrid method of AES-blowfish (BF) to secure the patient’s medical report data into the form PDF file that sources from database. Generation method of private and public key uses two ways of approach, those are RSA method f RSA and ECC. We will analyze impact of these two ways of approach for hybrid method at AES-blowfish based on time and Throughput. Based on testing results, BF method is faster than AES and AES-BF hybrid, however AES-BF hybrid is better for throughput compared with AES and BF is higher.

Trustworthy data collection from implantable medical devices via high-speed security implementation based on IEEE 1363.

PubMed

Hu, Fei; Hao, Qi; Lukowiak, Marcin; Sun, Qingquan; Wilhelm, Kyle; Radziszowski, Stanisław; Wu, Yao

2010-11-01

Implantable medical devices (IMDs) have played an important role in many medical fields. Any failure in IMDs operations could cause serious consequences and it is important to protect the IMDs access from unauthenticated access. This study investigates secure IMD data collection within a telehealthcare [mobile health (m-health)] network. We use medical sensors carried by patients to securely access IMD data and perform secure sensor-to-sensor communications between patients to relay the IMD data to a remote doctor's server. To meet the requirements on low computational complexity, we choose N-th degree truncated polynomial ring (NTRU)-based encryption/decryption to secure IMD-sensor and sensor-sensor communications. An extended matryoshkas model is developed to estimate direct/indirect trust relationship among sensors. An NTRU hardware implementation in very large integrated circuit hardware description language is studied based on industry Standard IEEE 1363 to increase the speed of key generation. The performance analysis results demonstrate the security robustness of the proposed IMD data access trust model.

Implementation of QoSS (Quality-of-Security Service) for NoC-Based SoC Protection

NASA Astrophysics Data System (ADS)

Sepúlveda, Johanna; Pires, Ricardo; Strum, Marius; Chau, Wang Jiang

Many of the current electronic systems embedded in a SoC (System-on-Chip) are used to capture, store, manipulate and access critical data, as well as to perform other key functions. In such a scenario, security is considered as an important issue. The Network-on-chip (NoC), as the foreseen communication structure of next-generation SoC devices, can be used to efficiently incorporate security. Our work proposes the implementation of QoSS (Quality of Security Service) to overcome present SoC vulnerabilities. QoSS is a novel concept for data protection that introduces security as a dimension of QoS. In this paper, we present the implementation of two security services (access control and authentication), that may be configured to assume one from several possible levels, the implementation of a technique to avoid denial-of-service (DoS) attacks, evaluate their effectiveness and estimate their impact on NoC performance.

Performance of device-independent quantum key distribution

NASA Astrophysics Data System (ADS)

Cao, Zhu; Zhao, Qi; Ma, Xiongfeng

2016-07-01

Quantum key distribution provides information-theoretically-secure communication. In practice, device imperfections may jeopardise the system security. Device-independent quantum key distribution solves this problem by providing secure keys even when the quantum devices are untrusted and uncharacterized. Following a recent security proof of the device-independent quantum key distribution, we improve the key rate by tightening the parameter choice in the security proof. In practice where the system is lossy, we further improve the key rate by taking into account the loss position information. From our numerical simulation, our method can outperform existing results. Meanwhile, we outline clear experimental requirements for implementing device-independent quantum key distribution. The maximal tolerable error rate is 1.6%, the minimal required transmittance is 97.3%, and the minimal required visibility is 96.8 % .

Key Exchange Trust Evaluation in Peer-to-Peer Sensor Networks With Unconditionally Secure Key Exchange

NASA Astrophysics Data System (ADS)

Gonzalez, Elias; Kish, Laszlo B.

2016-03-01

As the utilization of sensor networks continue to increase, the importance of security becomes more profound. Many industries depend on sensor networks for critical tasks, and a malicious entity can potentially cause catastrophic damage. We propose a new key exchange trust evaluation for peer-to-peer sensor networks, where part of the network has unconditionally secure key exchange. For a given sensor, the higher the portion of channels with unconditionally secure key exchange the higher the trust value. We give a brief introduction to unconditionally secured key exchange concepts and mention current trust measures in sensor networks. We demonstrate the new key exchange trust measure on a hypothetical sensor network using both wired and wireless communication channels.

Towards secure quantum key distribution protocol for wireless LANs: a hybrid approach

NASA Astrophysics Data System (ADS)

Naik, R. Lalu; Reddy, P. Chenna

2015-12-01

The primary goals of security such as authentication, confidentiality, integrity and non-repudiation in communication networks can be achieved with secure key distribution. Quantum mechanisms are highly secure means of distributing secret keys as they are unconditionally secure. Quantum key distribution protocols can effectively prevent various attacks in the quantum channel, while classical cryptography is efficient in authentication and verification of secret keys. By combining both quantum cryptography and classical cryptography, security of communications over networks can be leveraged. Hwang, Lee and Li exploited the merits of both cryptographic paradigms for provably secure communications to prevent replay, man-in-the-middle, and passive attacks. In this paper, we propose a new scheme with the combination of quantum cryptography and classical cryptography for 802.11i wireless LANs. Since quantum cryptography is premature in wireless networks, our work is a significant step forward toward securing communications in wireless networks. Our scheme is known as hybrid quantum key distribution protocol. Our analytical results revealed that the proposed scheme is provably secure for wireless networks.

In Internet-Based Visualization System Study about Breakthrough Applet Security Restrictions

NASA Astrophysics Data System (ADS)

Chen, Jie; Huang, Yan

In the process of realization Internet-based visualization system of the protein molecules, system needs to allow users to use the system to observe the molecular structure of the local computer, that is, customers can generate the three-dimensional graphics from PDB file on the client computer. This requires Applet access to local file, related to the Applet security restrictions question. In this paper include two realization methods: 1.Use such as signature tools, key management tools and Policy Editor tools provided by the JDK to digital signature and authentication for Java Applet, breakthrough certain security restrictions in the browser. 2. Through the use of Servlet agent implement indirect access data methods, breakthrough the traditional Java Virtual Machine sandbox model restriction of Applet ability. The two ways can break through the Applet's security restrictions, but each has its own strengths.

A review on several key problems of standoff trace explosives detection by optical-related technology

NASA Astrophysics Data System (ADS)

Chen, Zhibin; Xiao, Cheng; Xiao, Wenjian; Qin, Mengze; Liu, Xianhong

2016-01-01

To prevent tragic disasters caused by terror acts and warfare threats, security check personnel must be capable of discovering, distinguishing and eliminating the explosives at multiple circumstances. Standoff technology for the remote detection of explosives and their traces on contaminated surfaces is a research field that has become a heightened priority in recent years for homeland security and counter-terrorism applications. There has been a huge increase in research within this area, the improvement of standoff trace explosives detection by optical-related technology. This paper provides a consolidation of information relating to recent advances in several key problems of, without being limited to one specific research area or explosive type. Working laser wavelength of detection system is discussed. Generation and collection of explosives spectra signal are summarized. Techniques for analysing explosives spectra signal are summed up.

Continuous-variable quantum cryptography with an untrusted relay: Detailed security analysis of the symmetric configuration

NASA Astrophysics Data System (ADS)

Ottaviani, Carlo; Spedalieri, Gaetana; Braunstein, Samuel L.; Pirandola, Stefano

2015-02-01

We consider the continuous-variable protocol of Pirandola et al. [arXiv:1312.4104] where the secret key is established by the measurement of an untrusted relay. In this network protocol, two authorized parties are connected to an untrusted relay by insecure quantum links. Secret correlations are generated by a continuous-variable Bell detection performed on incoming coherent states. In the present work we provide a detailed study of the symmetric configuration, where the relay is midway between the parties. We analyze symmetric eavesdropping strategies against the quantum links explicitly showing that, at fixed transmissivity and thermal noise, two-mode coherent attacks are optimal, manifestly outperforming one-mode collective attacks based on independent entangling cloners. Such an advantage is shown both in terms of security threshold and secret-key rate.

Comparative study of key exchange and authentication methods in application, transport and network level security mechanisms

NASA Astrophysics Data System (ADS)

Fathirad, Iraj; Devlin, John; Jiang, Frank

2012-09-01

The key-exchange and authentication are two crucial elements of any network security mechanism. IPsec, SSL/TLS, PGP and S/MIME are well-known security approaches in providing security service to network, transport and application layers; these protocols use different methods (based on their requirements) to establish keying materials and authenticates key-negotiation and participated parties. This paper studies and compares the authenticated key negotiation methods in mentioned protocols.

Computer Security for Commercial Nuclear Power Plants - Literature Review for Korea Hydro Nuclear Power Central Research Institute

DOE Office of Scientific and Technical Information (OSTI.GOV)

Duran, Felicia Angelica; Waymire, Russell L.

2013-10-01

Sandia National Laboratories (SNL) is providing training and consultation activities on security planning and design for the Korea Hydro and Nuclear Power Central Research Institute (KHNPCRI). As part of this effort, SNL performed a literature review on computer security requirements, guidance and best practices that are applicable to an advanced nuclear power plant. This report documents the review of reports generated by SNL and other organizations [U.S. Nuclear Regulatory Commission, Nuclear Energy Institute, and International Atomic Energy Agency] related to protection of information technology resources, primarily digital controls and computer resources and their data networks. Copies of the key documentsmore » have also been provided to KHNP-CRI.« less

Modeling a space-based quantum link that includes an adaptive optics system

NASA Astrophysics Data System (ADS)

Duchane, Alexander W.; Hodson, Douglas D.; Mailloux, Logan O.

2017-10-01

Quantum Key Distribution uses optical pulses to generate shared random bit strings between two locations. If a high percentage of the optical pulses are comprised of single photons, then the statistical nature of light and information theory can be used to generate secure shared random bit strings which can then be converted to keys for encryption systems. When these keys are incorporated along with symmetric encryption techniques such as a one-time pad, then this method of key generation and encryption is resistant to future advances in quantum computing which will significantly degrade the effectiveness of current asymmetric key sharing techniques. This research first reviews the transition of Quantum Key Distribution free-space experiments from the laboratory environment to field experiments, and finally, ongoing space experiments. Next, a propagation model for an optical pulse from low-earth orbit to ground and the effects of turbulence on the transmitted optical pulse is described. An Adaptive Optics system is modeled to correct for the aberrations caused by the atmosphere. The long-term point spread function of the completed low-earth orbit to ground optical system is explored in the results section. Finally, the impact of this optical system and its point spread function on an overall quantum key distribution system as well as the future work necessary to show this impact is described.

Securing non-volatile memory regions

DOE Office of Scientific and Technical Information (OSTI.GOV)

Faraboschi, Paolo; Ranganathan, Parthasarathy; Muralimanohar, Naveen

Methods, apparatus and articles of manufacture to secure non-volatile memory regions are disclosed. An example method disclosed herein comprises associating a first key pair and a second key pair different than the first key pair with a process, using the first key pair to secure a first region of a non-volatile memory for the process, and using the second key pair to secure a second region of the non-volatile memory for the same process, the second region being different than the first region.

Passive measurement-device-independent quantum key distribution with orbital angular momentum and pulse position modulation

NASA Astrophysics Data System (ADS)

Wang, Lian; Zhou, Yuan-yuan; Zhou, Xue-jun; Chen, Xiao

2018-03-01

Based on the orbital angular momentum and pulse position modulation, we present a novel passive measurement-device-independent quantum key distribution (MDI-QKD) scheme with the two-mode source. Combining with the tight bounds of the yield and error rate of single-photon pairs given in our paper, we conduct performance analysis on the scheme with heralded single-photon source. The numerical simulations show that the performance of our scheme is significantly superior to the traditional MDI-QKD in the error rate, key generation rate and secure transmission distance, since the application of orbital angular momentum and pulse position modulation can exclude the basis-dependent flaw and increase the information content for each single photon. Moreover, the performance is improved with the rise of the frame length. Therefore, our scheme, without intensity modulation, avoids the source side channels and enhances the key generation rate. It has greatly utility value in the MDI-QKD setups.

On the usability and security of pseudo-signatures

NASA Astrophysics Data System (ADS)

Chen, Jin; Lopresti, Daniel

2010-01-01

Handwriting has been proposed as a possible biometric for a number of years. However, recent work has shown that handwritten passphrases are vulnerable to both human-based and machine-based forgeries. Pseudosignatures as an alternative are designed to thwart such attacks while still being easy for users to create, remember, and reproduce. In this paper, we briefly review the concept of pseudo-signatures, then describe an evaluation framework that considers aspects of both usability and security. We present results from preliminary experiments that examine user choice in creating pseudo-signatures and discuss the implications when sketching is used for generating cryptographic keys.

Elliptic Curve Cryptography-Based Authentication with Identity Protection for Smart Grids

PubMed Central

Zhang, Liping; Tang, Shanyu; Luo, He

2016-01-01

In a smart grid, the power service provider enables the expected power generation amount to be measured according to current power consumption, thus stabilizing the power system. However, the data transmitted over smart grids are not protected, and then suffer from several types of security threats and attacks. Thus, a robust and efficient authentication protocol should be provided to strength the security of smart grid networks. As the Supervisory Control and Data Acquisition system provides the security protection between the control center and substations in most smart grid environments, we focus on how to secure the communications between the substations and smart appliances. Existing security approaches fail to address the performance-security balance. In this study, we suggest a mitigation authentication protocol based on Elliptic Curve Cryptography with privacy protection by using a tamper-resistant device at the smart appliance side to achieve a delicate balance between performance and security of smart grids. The proposed protocol provides some attractive features such as identity protection, mutual authentication and key agreement. Finally, we demonstrate the completeness of the proposed protocol using the Gong-Needham- Yahalom logic. PMID:27007951

Elliptic Curve Cryptography-Based Authentication with Identity Protection for Smart Grids.

PubMed

Zhang, Liping; Tang, Shanyu; Luo, He

2016-01-01

In a smart grid, the power service provider enables the expected power generation amount to be measured according to current power consumption, thus stabilizing the power system. However, the data transmitted over smart grids are not protected, and then suffer from several types of security threats and attacks. Thus, a robust and efficient authentication protocol should be provided to strength the security of smart grid networks. As the Supervisory Control and Data Acquisition system provides the security protection between the control center and substations in most smart grid environments, we focus on how to secure the communications between the substations and smart appliances. Existing security approaches fail to address the performance-security balance. In this study, we suggest a mitigation authentication protocol based on Elliptic Curve Cryptography with privacy protection by using a tamper-resistant device at the smart appliance side to achieve a delicate balance between performance and security of smart grids. The proposed protocol provides some attractive features such as identity protection, mutual authentication and key agreement. Finally, we demonstrate the completeness of the proposed protocol using the Gong-Needham-Yahalom logic.

Simple group password-based authenticated key agreements for the integrated EPR information system.

PubMed

Lee, Tian-Fu; Chang, I-Pin; Wang, Ching-Cheng

2013-04-01

The security and privacy are important issues for electronic patient records (EPRs). The goal of EPRs is sharing the patients' medical histories such as the diagnosis records, reports and diagnosis image files among hospitals by the Internet. So the security issue for the integrated EPR information system is essential. That is, to ensure the information during transmission through by the Internet is secure and private. The group password-based authenticated key agreement (GPAKE) allows a group of users like doctors, nurses and patients to establish a common session key by using password authentication. Then the group of users can securely communicate by using this session key. Many approaches about GAPKE employ the public key infrastructure (PKI) in order to have higher security. However, it not only increases users' overheads and requires keeping an extra equipment for storing long-term secret keys, but also requires maintaining the public key system. This investigation presents a simple group password-based authenticated key agreement (SGPAKE) protocol for the integrated EPR information system. The proposed SGPAKE protocol does not require using the server or users' public keys. Each user only remembers his weak password shared with a trusted server, and then can obtain a common session key. Then all users can securely communicate by using this session key. The proposed SGPAKE protocol not only provides users with convince, but also has higher security.

New colored optical security elements using Rolic's LPP/LCP technology: devices for first- to third-level inspection

NASA Astrophysics Data System (ADS)

Moia, Franco

2002-04-01

With linear photo-polymerization (LPP) ROLIC has invented a photo-patternable technology enabling to align not only conventional liquid crystals but also liquid crystals polymers (LCP). ROLIC's optical security device technology derives from its LPP/LCP technology. LPP/LCP security devices are created by structured photo-alignment of an LPP layer through phot-masks, thus generating a high resolution, photo-patterned aligning layer which carries the aligning information of the image to be created. The subsequent LCP layer transforms the aligning information into an optical phase image with low and/or very high information content, such as invisible photographic pictures. The building block capability of the LPP/LCP technology allows the manufacturing of cholesteric and non-cholesteric LPP/LCP devices which cover 1st and/or 2nd level applications. Apart from black/white security devices colored information zones can be integrated. Moreover, we have developed an LPP/LCP security device which covers all three- 1st, 2nd and 3rd- inspection levels in one and the same authentication device: besides a color shift by tilting the device (1st level) and the detection of normally hidden information by use of a simple sheet polarizer (2nd level) the new device contains encrypted hidden information which can be visualized only by superimposing an LPP/LCP inspection tool (key) for decryption (3rd level). This optical key is also based on the LPP/LCP technology and is itself a 3rd level security device.

Using Discrete Event Simulation to Model Attacker Interactions with Cyber and Physical Security Systems

DOE PAGES

Perkins, Casey; Muller, George

2015-10-08

The number of connections between physical and cyber security systems is rapidly increasing due to centralized control from automated and remotely connected means. As the number of interfaces between systems continues to grow, the interactions and interdependencies between them cannot be ignored. Historically, physical and cyber vulnerability assessments have been performed independently. This independent evaluation omits important aspects of the integrated system, where the impacts resulting from malicious or opportunistic attacks are not easily known or understood. Here, we describe a discrete event simulation model that uses information about integrated physical and cyber security systems, attacker characteristics and simple responsemore » rules to identify key safeguards that limit an attacker's likelihood of success. Key features of the proposed model include comprehensive data generation to support a variety of sophisticated analyses, and full parameterization of safeguard performance characteristics and attacker behaviours to evaluate a range of scenarios. Lastly, we also describe the core data requirements and the network of networks that serves as the underlying simulation structure.« less

Memristive crypto primitive for building highly secure physical unclonable functions

NASA Astrophysics Data System (ADS)

Gao, Yansong; Ranasinghe, Damith C.; Al-Sarawi, Said F.; Kavehei, Omid; Abbott, Derek

2015-08-01

Physical unclonable functions (PUFs) exploit the intrinsic complexity and irreproducibility of physical systems to generate secret information. The advantage is that PUFs have the potential to provide fundamentally higher security than traditional cryptographic methods by preventing the cloning of devices and the extraction of secret keys. Most PUF designs focus on exploiting process variations in Complementary Metal Oxide Semiconductor (CMOS) technology. In recent years, progress in nanoelectronic devices such as memristors has demonstrated the prevalence of process variations in scaling electronics down to the nano region. In this paper, we exploit the extremely large information density available in nanocrossbar architectures and the significant resistance variations of memristors to develop an on-chip memristive device based strong PUF (mrSPUF). Our novel architecture demonstrates desirable characteristics of PUFs, including uniqueness, reliability, and large number of challenge-response pairs (CRPs) and desirable characteristics of strong PUFs. More significantly, in contrast to most existing PUFs, our PUF can act as a reconfigurable PUF (rPUF) without additional hardware and is of benefit to applications needing revocation or update of secure key information.

Memristive crypto primitive for building highly secure physical unclonable functions.

PubMed

Gao, Yansong; Ranasinghe, Damith C; Al-Sarawi, Said F; Kavehei, Omid; Abbott, Derek

2015-08-04

Physical unclonable functions (PUFs) exploit the intrinsic complexity and irreproducibility of physical systems to generate secret information. The advantage is that PUFs have the potential to provide fundamentally higher security than traditional cryptographic methods by preventing the cloning of devices and the extraction of secret keys. Most PUF designs focus on exploiting process variations in Complementary Metal Oxide Semiconductor (CMOS) technology. In recent years, progress in nanoelectronic devices such as memristors has demonstrated the prevalence of process variations in scaling electronics down to the nano region. In this paper, we exploit the extremely large information density available in nanocrossbar architectures and the significant resistance variations of memristors to develop an on-chip memristive device based strong PUF (mrSPUF). Our novel architecture demonstrates desirable characteristics of PUFs, including uniqueness, reliability, and large number of challenge-response pairs (CRPs) and desirable characteristics of strong PUFs. More significantly, in contrast to most existing PUFs, our PUF can act as a reconfigurable PUF (rPUF) without additional hardware and is of benefit to applications needing revocation or update of secure key information.

Memristive crypto primitive for building highly secure physical unclonable functions

PubMed Central

Gao, Yansong; Ranasinghe, Damith C.; Al-Sarawi, Said F.; Kavehei, Omid; Abbott, Derek

2015-01-01

Physical unclonable functions (PUFs) exploit the intrinsic complexity and irreproducibility of physical systems to generate secret information. The advantage is that PUFs have the potential to provide fundamentally higher security than traditional cryptographic methods by preventing the cloning of devices and the extraction of secret keys. Most PUF designs focus on exploiting process variations in Complementary Metal Oxide Semiconductor (CMOS) technology. In recent years, progress in nanoelectronic devices such as memristors has demonstrated the prevalence of process variations in scaling electronics down to the nano region. In this paper, we exploit the extremely large information density available in nanocrossbar architectures and the significant resistance variations of memristors to develop an on-chip memristive device based strong PUF (mrSPUF). Our novel architecture demonstrates desirable characteristics of PUFs, including uniqueness, reliability, and large number of challenge-response pairs (CRPs) and desirable characteristics of strong PUFs. More significantly, in contrast to most existing PUFs, our PUF can act as a reconfigurable PUF (rPUF) without additional hardware and is of benefit to applications needing revocation or update of secure key information. PMID:26239669

Using Discrete Event Simulation to Model Attacker Interactions with Cyber and Physical Security Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Perkins, Casey; Muller, George

The number of connections between physical and cyber security systems is rapidly increasing due to centralized control from automated and remotely connected means. As the number of interfaces between systems continues to grow, the interactions and interdependencies between them cannot be ignored. Historically, physical and cyber vulnerability assessments have been performed independently. This independent evaluation omits important aspects of the integrated system, where the impacts resulting from malicious or opportunistic attacks are not easily known or understood. Here, we describe a discrete event simulation model that uses information about integrated physical and cyber security systems, attacker characteristics and simple responsemore » rules to identify key safeguards that limit an attacker's likelihood of success. Key features of the proposed model include comprehensive data generation to support a variety of sophisticated analyses, and full parameterization of safeguard performance characteristics and attacker behaviours to evaluate a range of scenarios. Lastly, we also describe the core data requirements and the network of networks that serves as the underlying simulation structure.« less

Long-distance continuous-variable quantum key distribution using non-Gaussian state-discrimination detection

NASA Astrophysics Data System (ADS)

Liao, Qin; Guo, Ying; Huang, Duan; Huang, Peng; Zeng, Guihua

2018-02-01

We propose a long-distance continuous-variable quantum key distribution (CVQKD) with a four-state protocol using non-Gaussian state-discrimination detection. A photon subtraction operation, which is deployed at the transmitter, is used for splitting the signal required for generating the non-Gaussian operation to lengthen the maximum transmission distance of the CVQKD. Whereby an improved state-discrimination detector, which can be deemed as an optimized quantum measurement that allows the discrimination of nonorthogonal coherent states beating the standard quantum limit, is applied at the receiver to codetermine the measurement result with the conventional coherent detector. By tactfully exploiting the multiplexing technique, the resulting signals can be simultaneously transmitted through an untrusted quantum channel, and subsequently sent to the state-discrimination detector and coherent detector, respectively. Security analysis shows that the proposed scheme can lengthen the maximum transmission distance up to hundreds of kilometers. Furthermore, by taking the finite-size effect and composable security into account we obtain the tightest bound of the secure distance, which is more practical than that obtained in the asymptotic limit.

On the Security of a Two-Factor Authentication and Key Agreement Scheme for Telecare Medicine Information Systems.

PubMed

Arshad, Hamed; Teymoori, Vahid; Nikooghadam, Morteza; Abbassi, Hassan

2015-08-01

Telecare medicine information systems (TMISs) aim to deliver appropriate healthcare services in an efficient and secure manner to patients. A secure mechanism for authentication and key agreement is required to provide proper security in these systems. Recently, Bin Muhaya demonstrated some security weaknesses of Zhu's authentication and key agreement scheme and proposed a security enhanced authentication and key agreement scheme for TMISs. However, we show that Bin Muhaya's scheme is vulnerable to off-line password guessing attacks and does not provide perfect forward secrecy. Furthermore, in order to overcome the mentioned weaknesses, we propose a new two-factor anonymous authentication and key agreement scheme using the elliptic curve cryptosystem. Security and performance analyses demonstrate that the proposed scheme not only overcomes the weaknesses of Bin Muhaya's scheme, but also is about 2.73 times faster than Bin Muhaya's scheme.

Secure multi-party communication with quantum key distribution managed by trusted authority

DOEpatents

Nordholt, Jane Elizabeth; Hughes, Richard John; Peterson, Charles Glen

2013-07-09

Techniques and tools for implementing protocols for secure multi-party communication after quantum key distribution ("QKD") are described herein. In example implementations, a trusted authority facilitates secure communication between multiple user devices. The trusted authority distributes different quantum keys by QKD under trust relationships with different users. The trusted authority determines combination keys using the quantum keys and makes the combination keys available for distribution (e.g., for non-secret distribution over a public channel). The combination keys facilitate secure communication between two user devices even in the absence of QKD between the two user devices. With the protocols, benefits of QKD are extended to multi-party communication scenarios. In addition, the protocols can retain benefit of QKD even when a trusted authority is offline or a large group seeks to establish secure communication within the group.

Secure multi-party communication with quantum key distribution managed by trusted authority

DOEpatents

Hughes, Richard John; Nordholt, Jane Elizabeth; Peterson, Charles Glen

2015-01-06

Techniques and tools for implementing protocols for secure multi-party communication after quantum key distribution ("QKD") are described herein. In example implementations, a trusted authority facilitates secure communication between multiple user devices. The trusted authority distributes different quantum keys by QKD under trust relationships with different users. The trusted authority determines combination keys using the quantum keys and makes the combination keys available for distribution (e.g., for non-secret distribution over a public channel). The combination keys facilitate secure communication between two user devices even in the absence of QKD between the two user devices. With the protocols, benefits of QKD are extended to multi-party communication scenarios. In addition, the protocols can retain benefit of QKD even when a trusted authority is offline or a large group seeks to establish secure communication within the group.

Security of Color Image Data Designed by Public-Key Cryptosystem Associated with 2D-DWT

NASA Astrophysics Data System (ADS)

Mishra, D. C.; Sharma, R. K.; Kumar, Manish; Kumar, Kuldeep

2014-08-01

In present times the security of image data is a major issue. So, we have proposed a novel technique for security of color image data by public-key cryptosystem or asymmetric cryptosystem. In this technique, we have developed security of color image data using RSA (Rivest-Shamir-Adleman) cryptosystem with two-dimensional discrete wavelet transform (2D-DWT). Earlier proposed schemes for security of color images designed on the basis of keys, but this approach provides security of color images with the help of keys and correct arrangement of RSA parameters. If the attacker knows about exact keys, but has no information of exact arrangement of RSA parameters, then the original information cannot be recovered from the encrypted data. Computer simulation based on standard example is critically examining the behavior of the proposed technique. Security analysis and a detailed comparison between earlier developed schemes for security of color images and proposed technique are also mentioned for the robustness of the cryptosystem.

High-Speed Large-Alphabet Quantum Key Distribution Using Photonic Integrated Circuits

DTIC Science & Technology

2014-01-28

polarizing beam splitter, TDC: time-to-digital converter. Extra&loss& photon/bin frame size QSER secure bpp ECC secure&key&rate& none& 0.0031 64 14...to-digital converter. photon/frame frame size QSER secure bpp ECC secure&key& rate& 1.3 16 9.5 % 2.9 layered LDPC 7.3&Mbps& Figure 24: Operating

J3Gen: A PRNG for Low-Cost Passive RFID

PubMed Central

Melià-Seguí, Joan; Garcia-Alfaro, Joaquin; Herrera-Joancomartí, Jordi

2013-01-01

Pseudorandom number generation (PRNG) is the main security tool in low-cost passive radio-frequency identification (RFID) technologies, such as EPC Gen2. We present a lightweight PRNG design for low-cost passive RFID tags, named J3Gen. J3Gen is based on a linear feedback shift register (LFSR) configured with multiple feedback polynomials. The polynomials are alternated during the generation of sequences via a physical source of randomness. J3Gen successfully handles the inherent linearity of LFSR based PRNGs and satisfies the statistical requirements imposed by the EPC Gen2 standard. A hardware implementation of J3Gen is presented and evaluated with regard to different design parameters, defining the key-equivalence security and nonlinearity of the design. The results of a SPICE simulation confirm the power-consumption suitability of the proposal. PMID:23519344

The world's nuclear future - built on material success

NASA Astrophysics Data System (ADS)

Ion, Sue

2010-07-01

In our energy hungry world of the twenty-first century, the future of electricity generation must meet the twin challenges of security of supply and reduced carbon emissions. The expectations for nuclear power programmes to play a part in delivering success on both counts, grows ever higher. The nuclear industry is poised on a renaissance likely to dwarf the heady days of the 1960s and early 1970s. Global supply chain and project management challenges abound, now just as then. The science and engineering of materials will be key to the successful deployment and operation of a new generation of reactor systems and their associated fuel cycles. Understanding and predicting materials performance will be key to achieving life extension of existing assets and underpinning waste disposal options, as well as giving confidence to the designers, their financial backers and governments across the globe, that the next generation of reactors will deliver their full potential.

Multiple ECG Fiducial Points-Based Random Binary Sequence Generation for Securing Wireless Body Area Networks.

PubMed

Zheng, Guanglou; Fang, Gengfa; Shankaran, Rajan; Orgun, Mehmet A; Zhou, Jie; Qiao, Li; Saleem, Kashif

2017-05-01

Generating random binary sequences (BSes) is a fundamental requirement in cryptography. A BS is a sequence of N bits, and each bit has a value of 0 or 1. For securing sensors within wireless body area networks (WBANs), electrocardiogram (ECG)-based BS generation methods have been widely investigated in which interpulse intervals (IPIs) from each heartbeat cycle are processed to produce BSes. Using these IPI-based methods to generate a 128-bit BS in real time normally takes around half a minute. In order to improve the time efficiency of such methods, this paper presents an ECG multiple fiducial-points based binary sequence generation (MFBSG) algorithm. The technique of discrete wavelet transforms is employed to detect arrival time of these fiducial points, such as P, Q, R, S, and T peaks. Time intervals between them, including RR, RQ, RS, RP, and RT intervals, are then calculated based on this arrival time, and are used as ECG features to generate random BSes with low latency. According to our analysis on real ECG data, these ECG feature values exhibit the property of randomness and, thus, can be utilized to generate random BSes. Compared with the schemes that solely rely on IPIs to generate BSes, this MFBSG algorithm uses five feature values from one heart beat cycle, and can be up to five times faster than the solely IPI-based methods. So, it achieves a design goal of low latency. According to our analysis, the complexity of the algorithm is comparable to that of fast Fourier transforms. These randomly generated ECG BSes can be used as security keys for encryption or authentication in a WBAN system.

Metropolitan Quantum Key Distribution with Silicon Photonics

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bunandar, Darius; Lentine, Anthony; Lee, Catherine

Photonic integrated circuits provide a compact and stable platform for quantum photonics. Here we demonstrate a silicon photonics quantum key distribution (QKD) encoder in the first high-speed polarization-based QKD field tests. The systems reach composable secret key rates of 1.039 Mbps in a local test (on a 103.6-m fiber with a total emulated loss of 9.2 dB) and 157 kbps in an intercity metropolitan test (on a 43-km fiber with 16.4 dB loss). Our results represent the highest secret key generation rate for polarization-based QKD experiments at a standard telecom wavelength and demonstrate photonic integrated circuits as a promising, scalablemore » resource for future formation of metropolitan quantum-secure communications networks.« less

Metropolitan Quantum Key Distribution with Silicon Photonics

DOE PAGES

Bunandar, Darius; Lentine, Anthony; Lee, Catherine; ...

2018-04-06

Photonic integrated circuits provide a compact and stable platform for quantum photonics. Here we demonstrate a silicon photonics quantum key distribution (QKD) encoder in the first high-speed polarization-based QKD field tests. The systems reach composable secret key rates of 1.039 Mbps in a local test (on a 103.6-m fiber with a total emulated loss of 9.2 dB) and 157 kbps in an intercity metropolitan test (on a 43-km fiber with 16.4 dB loss). Our results represent the highest secret key generation rate for polarization-based QKD experiments at a standard telecom wavelength and demonstrate photonic integrated circuits as a promising, scalablemore » resource for future formation of metropolitan quantum-secure communications networks.« less

Eavesdropping on counterfactual quantum key distribution with finite resources

NASA Astrophysics Data System (ADS)

Liu, Xingtong; Zhang, Bo; Wang, Jian; Tang, Chaojing; Zhao, Jingjing; Zhang, Sheng

2014-08-01

A striking scheme called "counterfactual quantum cryptography" gives a conceptually new approach to accomplish the task of key distribution. It allows two legitimate parties to share a secret even though a particle carrying secret information is not, in fact, transmitted through the quantum channel. Since an eavesdropper cannot directly access the entire quantum system of each signal particle, the protocol seems to provide practical security advantages. However, here we propose an eavesdropping method which works on the scheme in a finite key scenario. We show that, for practical systems only generating a finite number of keys, the eavesdropping can obtain all of the secret information without being detected. We also present a improved protocol as a countermeasure against this attack.

Feasibility of satellite quantum key distribution

NASA Astrophysics Data System (ADS)

Bonato, C.; Tomaello, A.; Da Deppo, V.; Naletto, G.; Villoresi, P.

2009-04-01

In this paper, we present a novel analysis of the feasibility of quantum key distribution between a LEO satellite and a ground station. First of all, we study signal propagation through a turbulent atmosphere for uplinks and downlinks, discussing the contribution of beam spreading and beam wandering. Then we introduce a model for the background noise of the channel during night-time and day-time, calculating the signal-to-noise ratio for different configurations. We also discuss the expected error-rate due to imperfect polarization compensation in the channel. Finally, we calculate the expected key generation rate of a secure key for different configurations (uplink, downlink) and for different protocols (BB84 with and without decoy states, entanglement-based Ekert91 protocol).

Metropolitan Quantum Key Distribution with Silicon Photonics

NASA Astrophysics Data System (ADS)

Bunandar, Darius; Lentine, Anthony; Lee, Catherine; Cai, Hong; Long, Christopher M.; Boynton, Nicholas; Martinez, Nicholas; DeRose, Christopher; Chen, Changchen; Grein, Matthew; Trotter, Douglas; Starbuck, Andrew; Pomerene, Andrew; Hamilton, Scott; Wong, Franco N. C.; Camacho, Ryan; Davids, Paul; Urayama, Junji; Englund, Dirk

2018-04-01

Photonic integrated circuits provide a compact and stable platform for quantum photonics. Here we demonstrate a silicon photonics quantum key distribution (QKD) encoder in the first high-speed polarization-based QKD field tests. The systems reach composable secret key rates of 1.039 Mbps in a local test (on a 103.6-m fiber with a total emulated loss of 9.2 dB) and 157 kbps in an intercity metropolitan test (on a 43-km fiber with 16.4 dB loss). Our results represent the highest secret key generation rate for polarization-based QKD experiments at a standard telecom wavelength and demonstrate photonic integrated circuits as a promising, scalable resource for future formation of metropolitan quantum-secure communications networks.

Why the poor pay with their lives: oil pipeline vandalisation, fires and human security in Nigeria.

PubMed

Onuoha, Freedom C

2009-07-01

Since its discovery in Nigeria in 1956 crude oil has been a source of mixed blessing to the country. It is believed to have generated enormous wealth, but it has also claimed a great many lives. Scholarly attention on the impact of oil on security in Nigeria has largely focused on internal conflicts rather than on how disasters associated with oil pipeline vandalisation have impacted on human security in terms of causing bodily injuries and death, destroying livelihoods and fracturing families. This paper examines how pipeline vandalisation affects human security in these ways. It identifies women and children as those who are hardest hit and questions why the poor are the most vulnerable in oil pipeline disasters in this country. It recommends the adoption of a comprehensive and integrated framework of disaster management that will ensure prompt response to key early warning signs, risk-reduction and appropriate mitigation and management strategies.

Asymmetric optical image encryption using Kolmogorov phase screens and equal modulus decomposition

NASA Astrophysics Data System (ADS)

Kumar, Ravi; Bhaduri, Basanta; Quan, Chenggen

2017-11-01

An asymmetric technique for optical image encryption is proposed using Kolmogorov phase screens (KPSs) and equal modulus decomposition (EMD). The KPSs are generated using the power spectral density of Kolmogorov turbulence. The input image is first randomized and then Fresnel propagated with distance d. Further, the output in the Fresnel domain is modulated with a random phase mask, and the gyrator transform (GT) of the modulated image is obtained with an angle α. The EMD is operated on the GT spectrum to get the complex images, Z1 and Z2. Among these, Z2 is reserved as a private key for decryption and Z1 is propagated through a medium consisting of four KPSs, located at specified distances, to get the final encrypted image. The proposed technique provides a large set of security keys and is robust against various potential attacks. Numerical simulation results validate the effectiveness and security of the proposed technique.

Method and apparatus for free-space quantum key distribution in daylight

DOEpatents

Hughes, Richard J.; Buttler, William T.; Lamoreaux, Steve K.; Morgan, George L.; Nordholt, Jane E.; Peterson, C. Glen; Kwiat, Paul G.

2004-06-08

A quantum cryptography apparatus securely generates a key to be used for secure transmission between a sender and a receiver connected by an atmospheric transmission link. A first laser outputs a timing bright light pulse; other lasers output polarized optical data pulses after having been enabled by a random bit generator. Output optics transmit output light from the lasers that is received by receiving optics. A first beam splitter receives light from the receiving optics, where a received timing bright light pulse is directed to a delay circuit for establishing a timing window for receiving light from the lasers and where an optical data pulse from one of the lasers has a probability of being either transmitted by the beam splitter or reflected by the beam splitter. A first polarizer receives transmitted optical data pulses to output one data bit value and a second polarizer receives reflected optical data pulses to output a second data bit value. A computer receives pulses representing receipt of a timing bright timing pulse and the first and second data bit values, where receipt of the first and second data bit values is indexed by the bright timing pulse.

Mutual Authentication Scheme in Secure Internet of Things Technology for Comfortable Lifestyle.

PubMed

Park, Namje; Kang, Namhi

2015-12-24

The Internet of Things (IoT), which can be regarded as an enhanced version of machine-to-machine communication technology, was proposed to realize intelligent thing-to-thing communications by utilizing the Internet connectivity. In the IoT, "things" are generally heterogeneous and resource constrained. In addition, such things are connected to each other over low-power and lossy networks. In this paper, we propose an inter-device authentication and session-key distribution system for devices with only encryption modules. In the proposed system, unlike existing sensor-network environments where the key distribution center distributes the key, each sensor node is involved with the generation of session keys. In addition, in the proposed scheme, the performance is improved so that the authenticated device can calculate the session key in advance. The proposed mutual authentication and session-key distribution system can withstand replay attacks, man-in-the-middle attacks, and wiretapped secret-key attacks.

Towards a Scalable Group Vehicle-based Security System

DOE Office of Scientific and Technical Information (OSTI.GOV)

Carter, Jason M

2016-01-01

In August 2014, the National Highway Traffic Safety Administration (NHTSA) proposed new rulemaking to require V2V communication in light vehicles. To establish trust in the basic safety messages (BSMs) that are exchanged by vehicles to improve driver safety, a vehicle public key infrastructure (VPKI) is required. We outline a system where a group or groups of vehicles manage and generate their own BSM signing keys and authenticating certificates -- a Vehicle-Based Security System (VBSS). Based on our preliminary examination, we assert the mechanisms exist to implement a VBSS that supports V2V communications; however, maintaining uniform trust throughout the system whilemore » protecting individual privacy does require reliance on nascent group signature technology which may require a significant amount of communication overhead for trust maintenance. To better evaluate the VBSS approach, we compare it to the proposed Security Credential Management System (SCMS) in four major areas including bootstrapping, pseudonym provisioning, BSM signing and authentication, and revocation. System scale, driver privacy, and the distribution and dynamics of participants make designing an effective VPKI an interesting and challenging problem; no clear-cut strategy exists to satisfy the security and privacy expectations in a highly efficient way. More work is needed in VPKI research, so the life-saving promise of V2V technology can be achieved.« less

Secure multi-party communication with quantum key distribution managed by trusted authority

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hughes, Richard John; Nordholt, Jane Elizabeth; Peterson, Charles Glen

Techniques and tools for implementing protocols for secure multi-party communication after quantum key distribution ("QKD") are described herein. In example implementations, a trusted authority facilitates secure communication between multiple user devices. The trusted authority distributes different quantum keys by QKD under trust relationships with different users. The trusted authority determines combination keys using the quantum keys and makes the combination keys available for distribution (e.g., for non-secret distribution over a public channel). The combination keys facilitate secure communication between two user devices even in the absence of QKD between the two user devices. With the protocols, benefits of QKD aremore » extended to multi-party communication scenarios. In addition, the protocols can retain benefit of QKD even when a trusted authority is offline or a large group seeks to establish secure communication within the group.« less

Finite-key analysis for measurement-device-independent quantum key distribution.

PubMed

Curty, Marcos; Xu, Feihu; Cui, Wei; Lim, Charles Ci Wen; Tamaki, Kiyoshi; Lo, Hoi-Kwong

2014-04-29

Quantum key distribution promises unconditionally secure communications. However, as practical devices tend to deviate from their specifications, the security of some practical systems is no longer valid. In particular, an adversary can exploit imperfect detectors to learn a large part of the secret key, even though the security proof claims otherwise. Recently, a practical approach--measurement-device-independent quantum key distribution--has been proposed to solve this problem. However, so far its security has only been fully proven under the assumption that the legitimate users of the system have unlimited resources. Here we fill this gap and provide a rigorous security proof against general attacks in the finite-key regime. This is obtained by applying large deviation theory, specifically the Chernoff bound, to perform parameter estimation. For the first time we demonstrate the feasibility of long-distance implementations of measurement-device-independent quantum key distribution within a reasonable time frame of signal transmission.

On the complexity of search for keys in quantum cryptography

NASA Astrophysics Data System (ADS)

Molotkov, S. N.

2016-03-01

The trace distance is used as a security criterion in proofs of security of keys in quantum cryptography. Some authors doubted that this criterion can be reduced to criteria used in classical cryptography. The following question has been answered in this work. Let a quantum cryptography system provide an ɛ-secure key such that ½‖ρ XE - ρ U ⊗ ρ E ‖1 < ɛ, which will be repeatedly used in classical encryption algorithms. To what extent does the ɛ-secure key reduce the number of search steps (guesswork) as compared to the use of ideal keys? A direct relation has been demonstrated between the complexity of the complete consideration of keys, which is one of the main security criteria in classical systems, and the trace distance used in quantum cryptography. Bounds for the minimum and maximum numbers of search steps for the determination of the actual key have been presented.

Simple proof of security of the BB84 quantum key distribution protocol

PubMed

Shor; Preskill

2000-07-10

We prove that the 1984 protocol of Bennett and Brassard (BB84) for quantum key distribution is secure. We first give a key distribution protocol based on entanglement purification, which can be proven secure using methods from Lo and Chau's proof of security for a similar protocol. We then show that the security of this protocol implies the security of BB84. The entanglement purification based protocol uses Calderbank-Shor-Steane codes, and properties of these codes are used to remove the use of quantum computation from the Lo-Chau protocol.

Semi-counterfactual cryptography

NASA Astrophysics Data System (ADS)

Akshata Shenoy, H.; Srikanth, R.; Srinivas, T.

2013-09-01

In counterfactual quantum key distribution (QKD), two remote parties can securely share random polarization-encoded bits through the blocking rather than the transmission of particles. We propose a semi-counterfactual QKD, i.e., one where the secret bit is shared, and also encoded, based on the blocking or non-blocking of a particle. The scheme is thus semi-counterfactual and not based on polarization encoding. As with other counterfactual schemes and the Goldenberg-Vaidman protocol, but unlike BB84, the encoding states are orthogonal and security arises ultimately from single-particle non-locality. Unlike any of them, however, the secret bit generated is maximally indeterminate until the joint action of Alice and Bob. We prove the general security of the protocol, and study the most general photon-number-preserving incoherent attack in detail.

Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks

PubMed Central

Jung, Jaewook; Moon, Jongho; Lee, Donghoon; Won, Dongho

2017-01-01

At present, users can utilize an authenticated key agreement protocol in a Wireless Sensor Network (WSN) to securely obtain desired information, and numerous studies have investigated authentication techniques to construct efficient, robust WSNs. Chang et al. recently presented an authenticated key agreement mechanism for WSNs and claimed that their authentication mechanism can both prevent various types of attacks, as well as preserve security properties. However, we have discovered that Chang et al’s method possesses some security weaknesses. First, their mechanism cannot guarantee protection against a password guessing attack, user impersonation attack or session key compromise. Second, the mechanism results in a high load on the gateway node because the gateway node should always maintain the verifier tables. Third, there is no session key verification process in the authentication phase. To this end, we describe how the previously-stated weaknesses occur and propose a security-enhanced version for WSNs. We present a detailed analysis of the security and performance of our authenticated key agreement mechanism, which not only enhances security compared to that of related schemes, but also takes efficiency into consideration. PMID:28335572

Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks.

PubMed

Jung, Jaewook; Moon, Jongho; Lee, Donghoon; Won, Dongho

2017-03-21

At present, users can utilize an authenticated key agreement protocol in a Wireless Sensor Network (WSN) to securely obtain desired information, and numerous studies have investigated authentication techniques to construct efficient, robust WSNs. Chang et al. recently presented an authenticated key agreement mechanism for WSNs and claimed that their authentication mechanism can both prevent various types of attacks, as well as preserve security properties. However, we have discovered that Chang et al's method possesses some security weaknesses. First, their mechanism cannot guarantee protection against a password guessing attack, user impersonation attack or session key compromise. Second, the mechanism results in a high load on the gateway node because the gateway node should always maintain the verifier tables. Third, there is no session key verification process in the authentication phase. To this end, we describe how the previously-stated weaknesses occur and propose a security-enhanced version for WSNs. We present a detailed analysis of the security and performance of our authenticated key agreement mechanism, which not only enhances security compared to that of related schemes, but also takes efficiency into consideration.

Security of a single-state semi-quantum key distribution protocol

NASA Astrophysics Data System (ADS)

Zhang, Wei; Qiu, Daowen; Mateus, Paulo

2018-06-01

Semi-quantum key distribution protocols are allowed to set up a secure secret key between two users. Compared with their full quantum counterparts, one of the two users is restricted to perform some "classical" or "semi-quantum" operations, which potentially makes them easily realizable by using less quantum resource. However, the semi-quantum key distribution protocols mainly rely on a two-way quantum channel. The eavesdropper has two opportunities to intercept the quantum states transmitted in the quantum communication stage. It may allow the eavesdropper to get more information and make the security analysis more complicated. In the past ten years, many semi-quantum key distribution protocols have been proposed and proved to be robust. However, there are few works concerning their unconditional security. It is doubted that how secure the semi-quantum ones are and how much noise they can tolerate to establish a secure secret key. In this paper, we prove the unconditional security of a single-state semi-quantum key distribution protocol proposed by Zou et al. (Phys Rev A 79:052312, 2009). We present a complete proof from information theory aspect by deriving a lower bound of the protocol's key rate in the asymptotic scenario. Using this bound, we figure out an error threshold value such that for all error rates that are less than this threshold value, the secure secret key can be established between the legitimate users definitely. Otherwise, the users should abort the protocol. We make an illustration of the protocol under the circumstance that the reverse quantum channel is a depolarizing one with parameter q. Additionally, we compare the error threshold value with some full quantum protocols and several existing semi-quantum ones whose unconditional security proofs have been provided recently.

On the security of a simple three-party key exchange protocol without server's public keys.

PubMed

Nam, Junghyun; Choo, Kim-Kwang Raymond; Park, Minkyu; Paik, Juryon; Won, Dongho

2014-01-01

Authenticated key exchange protocols are of fundamental importance in securing communications and are now extensively deployed for use in various real-world network applications. In this work, we reveal major previously unpublished security vulnerabilities in the password-based authenticated three-party key exchange protocol according to Lee and Hwang (2010): (1) the Lee-Hwang protocol is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication; (2) the protocol cannot protect clients' passwords against an offline dictionary attack; and (3) the indistinguishability-based security of the protocol can be easily broken even in the presence of a passive adversary. We also propose an improved password-based authenticated three-party key exchange protocol that addresses the security vulnerabilities identified in the Lee-Hwang protocol.

On the Security of a Simple Three-Party Key Exchange Protocol without Server's Public Keys

PubMed Central

Nam, Junghyun; Choo, Kim-Kwang Raymond; Park, Minkyu; Paik, Juryon; Won, Dongho

2014-01-01

Authenticated key exchange protocols are of fundamental importance in securing communications and are now extensively deployed for use in various real-world network applications. In this work, we reveal major previously unpublished security vulnerabilities in the password-based authenticated three-party key exchange protocol according to Lee and Hwang (2010): (1) the Lee-Hwang protocol is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication; (2) the protocol cannot protect clients' passwords against an offline dictionary attack; and (3) the indistinguishability-based security of the protocol can be easily broken even in the presence of a passive adversary. We also propose an improved password-based authenticated three-party key exchange protocol that addresses the security vulnerabilities identified in the Lee-Hwang protocol. PMID:25258723

Security of quantum key distribution with multiphoton components

PubMed Central

Yin, Hua-Lei; Fu, Yao; Mao, Yingqiu; Chen, Zeng-Bing

2016-01-01

Most qubit-based quantum key distribution (QKD) protocols extract the secure key merely from single-photon component of the attenuated lasers. However, with the Scarani-Acin-Ribordy-Gisin 2004 (SARG04) QKD protocol, the unconditionally secure key can be extracted from the two-photon component by modifying the classical post-processing procedure in the BB84 protocol. Employing the merits of SARG04 QKD protocol and six-state preparation, one can extract secure key from the components of single photon up to four photons. In this paper, we provide the exact relations between the secure key rate and the bit error rate in a six-state SARG04 protocol with single-photon, two-photon, three-photon, and four-photon sources. By restricting the mutual information between the phase error and bit error, we obtain a higher secure bit error rate threshold of the multiphoton components than previous works. Besides, we compare the performances of the six-state SARG04 with other prepare-and-measure QKD protocols using decoy states. PMID:27383014

Completely device-independent quantum key distribution

NASA Astrophysics Data System (ADS)

Aguilar, Edgar A.; Ramanathan, Ravishankar; Kofler, Johannes; Pawłowski, Marcin

2016-08-01

Quantum key distribution (QKD) is a provably secure way for two distant parties to establish a common secret key, which then can be used in a classical cryptographic scheme. Using quantum entanglement, one can reduce the necessary assumptions that the parties have to make about their devices, giving rise to device-independent QKD (DIQKD). However, in all existing protocols to date the parties need to have an initial (at least partially) random seed as a resource. In this work, we show that this requirement can be dropped. Using recent advances in the fields of randomness amplification and randomness expansion, we demonstrate that it is sufficient for the message the parties want to communicate to be (partially) unknown to the adversaries—an assumption without which any type of cryptography would be pointless to begin with. One party can use her secret message to locally generate a secret sequence of bits, which can then be openly used by herself and the other party in a DIQKD protocol. Hence our work reduces the requirements needed to perform secure DIQKD and establish safe communication.

Integrating quantum key distribution with classical communications in backbone fiber network.

PubMed

Mao, Yingqiu; Wang, Bi-Xiao; Zhao, Chunxu; Wang, Guangquan; Wang, Ruichun; Wang, Honghai; Zhou, Fei; Nie, Jimin; Chen, Qing; Zhao, Yong; Zhang, Qiang; Zhang, Jun; Chen, Teng-Yun; Pan, Jian-Wei

2018-03-05

Quantum key distribution (QKD) provides information-theoretic security based on the laws of quantum mechanics. The desire to reduce costs and increase robustness in real-world applications has motivated the study of coexistence between QKD and intense classical data traffic in a single fiber. Previous works on coexistence in metropolitan areas have used wavelength-division multiplexing, however, coexistence in backbone fiber networks remains a great experimental challenge, as Tbps data of up to 20 dBm optical power is transferred, and much more noise is generated for QKD. Here we present for the first time, to the best of our knowledge, the integration of QKD with a commercial backbone network of 3.6 Tbps classical data at 21 dBm launch power over 66 km fiber. With 20 GHz pass-band filtering and large effective core area fibers, real-time secure key rates can reach 4.5 kbps and 5.1 kbps for co-propagation and counter-propagation at the maximum launch power, respectively. This demonstrates feasibility and represents an important step towards building a quantum network that coexists with the current backbone fiber infrastructure of classical communications.

Hybrid cryptosystem RSA - CRT optimization and VMPC

NASA Astrophysics Data System (ADS)

Rahmadani, R.; Mawengkang, H.; Sutarman

2018-03-01

Hybrid cryptosystem combines symmetric algorithms and asymmetric algorithms. This combination utilizes speeds on encryption/decryption processes of symmetric algorithms and asymmetric algorithms to secure symmetric keys. In this paper we propose hybrid cryptosystem that combine symmetric algorithms VMPC and asymmetric algorithms RSA - CRT optimization. RSA - CRT optimization speeds up the decryption process by obtaining plaintext with dp and p key only, so there is no need to perform CRT processes. The VMPC algorithm is more efficient in software implementation and reduces known weaknesses in RC4 key generation. The results show hybrid cryptosystem RSA - CRT optimization and VMPC is faster than hybrid cryptosystem RSA - VMPC and hybrid cryptosystem RSA - CRT - VMPC. Keyword : Cryptography, RSA, RSA - CRT, VMPC, Hybrid Cryptosystem.

Quantum key distribution over a 72 dB channel loss using ultralow dark count superconducting single-photon detectors.

PubMed

Shibata, Hiroyuki; Honjo, Toshimori; Shimizu, Kaoru

2014-09-01

We report the first quantum key distribution (QKD) experiment over a 72 dB channel loss using superconducting nanowire single-photon detectors (SSPD, SNSPD) with the dark count rate (DCR) of 0.01 cps. The DCR of the SSPD, which is dominated by the blackbody radiation at room temperature, is blocked by introducing cold optical bandpass filter. We employ the differential phase shift QKD (DPS-QKD) scheme with a 1 GHz system clock rate. The quantum bit error rate (QBER) below 3% is achieved when the length of the dispersion shifted fiber (DSF) is 336 km (72 dB loss), which is low enough to generate secure keys.

A Security Proof of Measurement Device Independent Quantum Key Distribution: From the View of Information Theory

NASA Astrophysics Data System (ADS)

Li, Fang-Yi; Yin, Zhen-Qiang; Li, Hong-Wei; Chen, Wei; Wang, Shuang; Wen, Hao; Zhao, Yi-Bo; Han, Zheng-Fu

2014-07-01

Although some ideal quantum key distribution protocols have been proved to be secure, there have been some demonstrations that practical quantum key distribution implementations were hacked due to some real-life imperfections. Among these attacks, detector side channel attacks may be the most serious. Recently, a measurement device independent quantum key distribution protocol [Phys. Rev. Lett. 108 (2012) 130503] was proposed and all detector side channel attacks are removed in this scheme. Here a new security proof based on quantum information theory is given. The eavesdropper's information of the sifted key bits is bounded. Then with this bound, the final secure key bit rate can be obtained.

Quantum cryptography to satellites for global secure key distribution

NASA Astrophysics Data System (ADS)

Rarity, John G.; Gorman, Philip M.; Knight, Paul; Wallace, Kotska; Tapster, Paul R.

2017-11-01

We have designed and built a free space secure key exchange system using weak laser pulses with polarisation modulation by acousto-optic switching. We have used this system to exchange keys over a 1.2km ground range with absolute security. Building from this initial result we analyse the feasibility of exchanging keys to a low earth orbit satellite.

CMOS-compatible photonic devices for single-photon generation

NASA Astrophysics Data System (ADS)

Xiong, Chunle; Bell, Bryn; Eggleton, Benjamin J.

2016-09-01

Sources of single photons are one of the key building blocks for quantum photonic technologies such as quantum secure communication and powerful quantum computing. To bring the proof-of-principle demonstration of these technologies from the laboratory to the real world, complementary metal-oxide-semiconductor (CMOS)-compatible photonic chips are highly desirable for photon generation, manipulation, processing and even detection because of their compactness, scalability, robustness, and the potential for integration with electronics. In this paper, we review the development of photonic devices made from materials (e.g., silicon) and processes that are compatible with CMOS fabrication facilities for the generation of single photons.

Continuous variable quantum cryptography using coherent states.

PubMed

Grosshans, Frédéric; Grangier, Philippe

2002-02-04

We propose several methods for quantum key distribution (QKD) based on the generation and transmission of random distributions of coherent or squeezed states, and we show that they are secure against individual eavesdropping attacks. These protocols require that the transmission of the optical line between Alice and Bob is larger than 50%, but they do not rely on "sub-shot-noise" features such as squeezing. Their security is a direct consequence of the no-cloning theorem, which limits the signal-to-noise ratio of possible quantum measurements on the transmission line. Our approach can also be used for evaluating various QKD protocols using light with Gaussian statistics.

Study of Randomness in AES Ciphertexts Produced by Randomly Generated S-Boxes and S-Boxes with Various Modulus and Additive Constant Polynomials

NASA Astrophysics Data System (ADS)

Das, Suman; Sadique Uz Zaman, J. K. M.; Ghosh, Ranjan

2016-06-01

In Advanced Encryption Standard (AES), the standard S-Box is conventionally generated by using a particular irreducible polynomial {11B} in GF(28) as the modulus and a particular additive constant polynomial {63} in GF(2), though it can be generated by many other polynomials. In this paper, it has been shown that it is possible to generate secured AES S-Boxes by using some other selected modulus and additive polynomials and also can be generated randomly, using a PRNG like BBS. A comparative study has been made on the randomness of corresponding AES ciphertexts generated, using these S-Boxes, by the NIST Test Suite coded for this paper. It has been found that besides using the standard one, other moduli and additive constants are also able to generate equally or better random ciphertexts; the same is true for random S-Boxes also. As these new types of S-Boxes are user-defined, hence unknown, they are able to prevent linear and differential cryptanalysis. Moreover, they act as additional key-inputs to AES, thus increasing the key-space.

High speed and adaptable error correction for megabit/s rate quantum key distribution.

PubMed

Dixon, A R; Sato, H

2014-12-02

Quantum Key Distribution is moving from its theoretical foundation of unconditional security to rapidly approaching real world installations. A significant part of this move is the orders of magnitude increases in the rate at which secure key bits are distributed. However, these advances have mostly been confined to the physical hardware stage of QKD, with software post-processing often being unable to support the high raw bit rates. In a complete implementation this leads to a bottleneck limiting the final secure key rate of the system unnecessarily. Here we report details of equally high rate error correction which is further adaptable to maximise the secure key rate under a range of different operating conditions. The error correction is implemented both in CPU and GPU using a bi-directional LDPC approach and can provide 90-94% of the ideal secure key rate over all fibre distances from 0-80 km.

High speed and adaptable error correction for megabit/s rate quantum key distribution

PubMed Central

Dixon, A. R.; Sato, H.

2014-01-01

Quantum Key Distribution is moving from its theoretical foundation of unconditional security to rapidly approaching real world installations. A significant part of this move is the orders of magnitude increases in the rate at which secure key bits are distributed. However, these advances have mostly been confined to the physical hardware stage of QKD, with software post-processing often being unable to support the high raw bit rates. In a complete implementation this leads to a bottleneck limiting the final secure key rate of the system unnecessarily. Here we report details of equally high rate error correction which is further adaptable to maximise the secure key rate under a range of different operating conditions. The error correction is implemented both in CPU and GPU using a bi-directional LDPC approach and can provide 90–94% of the ideal secure key rate over all fibre distances from 0–80 km. PMID:25450416

The reformulation of emotional security theory: the role of children's social defense in developmental psychopathology.

PubMed

Davies, Patrick T; Martin, Meredith J

2013-11-01

Although children's security in the context of the interparental relationship has been identified as a key explanatory mechanism in pathways between family discord and child psychopathology, little is known about the inner workings of emotional security as a goal system. Thus, the objective of this paper is to describe how our reformulation of emotional security theory within an ethological and evolutionary framework may advance the characterization of the architecture and operation of emotional security and, in the process, cultivate sustainable growing points in developmental psychopathology. The first section of the paper describes how children's security in the interparental relationship is organized around a distinctive behavioral system designed to defend against interpersonal threat. Building on this evolutionary foundation for emotional security, the paper offers an innovative taxonomy for identifying qualitatively different ways children try to preserve their security and its innovative implications for more precisely informing understanding of the mechanisms in pathways between family and developmental precursors and children's trajectories of mental health. In the final section, the paper highlights the potential of the reformulation of emotional security theory to stimulate new generations of research on understanding how children defend against social threats in ecologies beyond the interparental dyad, including both familial and extrafamilial settings.

A New Color Image Encryption Scheme Using CML and a Fractional-Order Chaotic System

PubMed Central

Wu, Xiangjun; Li, Yang; Kurths, Jürgen

2015-01-01

The chaos-based image cryptosystems have been widely investigated in recent years to provide real-time encryption and transmission. In this paper, a novel color image encryption algorithm by using coupled-map lattices (CML) and a fractional-order chaotic system is proposed to enhance the security and robustness of the encryption algorithms with a permutation-diffusion structure. To make the encryption procedure more confusing and complex, an image division-shuffling process is put forward, where the plain-image is first divided into four sub-images, and then the position of the pixels in the whole image is shuffled. In order to generate initial conditions and parameters of two chaotic systems, a 280-bit long external secret key is employed. The key space analysis, various statistical analysis, information entropy analysis, differential analysis and key sensitivity analysis are introduced to test the security of the new image encryption algorithm. The cryptosystem speed is analyzed and tested as well. Experimental results confirm that, in comparison to other image encryption schemes, the new algorithm has higher security and is fast for practical image encryption. Moreover, an extensive tolerance analysis of some common image processing operations such as noise adding, cropping, JPEG compression, rotation, brightening and darkening, has been performed on the proposed image encryption technique. Corresponding results reveal that the proposed image encryption method has good robustness against some image processing operations and geometric attacks. PMID:25826602

Federal Plan for Cyber Security and Information Assurance Research and Development

DTIC Science & Technology

2006-04-01

Security Systems 103 varieties of the BB84 scheme have been developed, and other forms of quantum key distribution have been proposed. Rapid progress has led... key . Capability Gaps Existing quantum cryptographic protocols may also have weaknesses. Although BB84 is generally regarded as secure , researchers...complement agency-specific prioritization and R&D planning efforts in cyber security and information assurance. The Plan also describes the key Federal

Understanding security failures of two authentication and key agreement schemes for telecare medicine information systems.

PubMed

Mishra, Dheerendra

2015-03-01

Smart card based authentication and key agreement schemes for telecare medicine information systems (TMIS) enable doctors, nurses, patients and health visitors to use smart cards for secure login to medical information systems. In recent years, several authentication and key agreement schemes have been proposed to present secure and efficient solution for TMIS. Most of the existing authentication schemes for TMIS have either higher computation overhead or are vulnerable to attacks. To reduce the computational overhead and enhance the security, Lee recently proposed an authentication and key agreement scheme using chaotic maps for TMIS. Xu et al. also proposed a password based authentication and key agreement scheme for TMIS using elliptic curve cryptography. Both the schemes provide better efficiency from the conventional public key cryptography based schemes. These schemes are important as they present an efficient solution for TMIS. We analyze the security of both Lee's scheme and Xu et al.'s schemes. Unfortunately, we identify that both the schemes are vulnerable to denial of service attack. To understand the security failures of these cryptographic schemes which are the key of patching existing schemes and designing future schemes, we demonstrate the security loopholes of Lee's scheme and Xu et al.'s scheme in this paper.

Distinguishability of quantum states and shannon complexity in quantum cryptography

NASA Astrophysics Data System (ADS)

Arbekov, I. M.; Molotkov, S. N.

2017-07-01

The proof of the security of quantum key distribution is a rather complex problem. Security is defined in terms different from the requirements imposed on keys in classical cryptography. In quantum cryptography, the security of keys is expressed in terms of the closeness of the quantum state of an eavesdropper after key distribution to an ideal quantum state that is uncorrelated to the key of legitimate users. A metric of closeness between two quantum states is given by the trace metric. In classical cryptography, the security of keys is understood in terms of, say, the complexity of key search in the presence of side information. In quantum cryptography, side information for the eavesdropper is given by the whole volume of information on keys obtained from both quantum and classical channels. The fact that the mathematical apparatuses used in the proof of key security in classical and quantum cryptography are essentially different leads to misunderstanding and emotional discussions [1]. Therefore, one should be able to answer the question of how different cryptographic robustness criteria are related to each other. In the present study, it is shown that there is a direct relationship between the security criterion in quantum cryptography, which is based on the trace distance determining the distinguishability of quantum states, and the criterion in classical cryptography, which uses guesswork on the determination of a key in the presence of side information.

High-speed continuous-variable quantum key distribution without sending a local oscillator.

PubMed

Huang, Duan; Huang, Peng; Lin, Dakai; Wang, Chao; Zeng, Guihua

2015-08-15

We report a 100-MHz continuous-variable quantum key distribution (CV-QKD) experiment over a 25-km fiber channel without sending a local oscillator (LO). We use a "locally" generated LO and implement with a 1-GHz shot-noise-limited homodyne detector to achieve high-speed quantum measurement, and we propose a secure phase compensation scheme to maintain a low level of excess noise. These make high-bit-rate CV-QKD significantly simpler for larger transmission distances compared with previous schemes in which both LO and quantum signals are transmitted through the insecure quantum channel.

SSeCloud: Using secret sharing scheme to secure keys

NASA Astrophysics Data System (ADS)

Hu, Liang; Huang, Yang; Yang, Disheng; Zhang, Yuzhen; Liu, Hengchang

2017-08-01

With the use of cloud storage services, one of the concerns is how to protect sensitive data securely and privately. While users enjoy the convenience of data storage provided by semi-trusted cloud storage providers, they are confronted with all kinds of risks at the same time. In this paper, we present SSeCloud, a secure cloud storage system that improves security and usability by applying secret sharing scheme to secure keys. The system encrypts uploading files on the client side and splits encrypted keys into three shares. Each of them is respectively stored by users, cloud storage providers and the alternative third trusted party. Any two of the parties can reconstruct keys. Evaluation results of prototype system show that SSeCloud provides high security without too much performance penalty.

Combination of Sharing Matrix and Image Encryption for Lossless $(k,n)$ -Secret Image Sharing.

PubMed

Bao, Long; Yi, Shuang; Zhou, Yicong

2017-12-01

This paper first introduces a (k,n) -sharing matrix S (k, n) and its generation algorithm. Mathematical analysis is provided to show its potential for secret image sharing. Combining sharing matrix with image encryption, we further propose a lossless (k,n) -secret image sharing scheme (SMIE-SIS). Only with no less than k shares, all the ciphertext information and security key can be reconstructed, which results in a lossless recovery of original information. This can be proved by the correctness and security analysis. Performance evaluation and security analysis demonstrate that the proposed SMIE-SIS with arbitrary settings of k and n has at least five advantages: 1) it is able to fully recover the original image without any distortion; 2) it has much lower pixel expansion than many existing methods; 3) its computation cost is much lower than the polynomial-based secret image sharing methods; 4) it is able to verify and detect a fake share; and 5) even using the same original image with the same initial settings of parameters, every execution of SMIE-SIS is able to generate completely different secret shares that are unpredictable and non-repetitive. This property offers SMIE-SIS a high level of security to withstand many different attacks.

Continuous operation of four-state continuous-variable quantum key distribution system

NASA Astrophysics Data System (ADS)

Matsubara, Takuto; Ono, Motoharu; Oguri, Yusuke; Ichikawa, Tsubasa; Hirano, Takuya; Kasai, Kenta; Matsumoto, Ryutaroh; Tsurumaru, Toyohiro

2016-10-01

We report on the development of continuous-variable quantum key distribution (CV-QKD) system that are based on discrete quadrature amplitude modulation (QAM) and homodyne detection of coherent states of light. We use a pulsed light source whose wavelength is 1550 nm and repetition rate is 10 MHz. The CV-QKD system can continuously generate secret key which is secure against entangling cloner attack. Key generation rate is 50 kbps when the quantum channel is a 10 km optical fiber. The CV-QKD system we have developed utilizes the four-state and post-selection protocol [T. Hirano, et al., Phys. Rev. A 68, 042331 (2003).]; Alice randomly sends one of four states {|+/-α⟩,|+/-𝑖α⟩}, and Bob randomly performs x- or p- measurement by homodyne detection. A commercially available balanced receiver is used to realize shot-noise-limited pulsed homodyne detection. GPU cards are used to accelerate the software-based post-processing. We use a non-binary LDPC code for error correction (reverse reconciliation) and the Toeplitz matrix multiplication for privacy amplification.

Study on the security of the authentication scheme with key recycling in QKD

NASA Astrophysics Data System (ADS)

Li, Qiong; Zhao, Qiang; Le, Dan; Niu, Xiamu

2016-09-01

In quantum key distribution (QKD), the information theoretically secure authentication is necessary to guarantee the integrity and authenticity of the exchanged information over the classical channel. In order to reduce the key consumption, the authentication scheme with key recycling (KR), in which a secret but fixed hash function is used for multiple messages while each tag is encrypted with a one-time pad (OTP), is preferred in QKD. Based on the assumption that the OTP key is perfect, the security of the authentication scheme has be proved. However, the OTP key of authentication in a practical QKD system is not perfect. How the imperfect OTP affects the security of authentication scheme with KR is analyzed thoroughly in this paper. In a practical QKD, the information of the OTP key resulting from QKD is partially leaked to the adversary. Although the information leakage is usually so little to be neglected, it will lead to the increasing degraded security of the authentication scheme as the system runs continuously. Both our theoretical analysis and simulation results demonstrate that the security level of authentication scheme with KR, mainly indicated by its substitution probability, degrades exponentially in the number of rounds and gradually diminishes to zero.

Autonomous Byte Stream Randomizer

NASA Technical Reports Server (NTRS)

Paloulian, George K.; Woo, Simon S.; Chow, Edward T.

2013-01-01

Net-centric networking environments are often faced with limited resources and must utilize bandwidth as efficiently as possible. In networking environments that span wide areas, the data transmission has to be efficient without any redundant or exuberant metadata. The Autonomous Byte Stream Randomizer software provides an extra level of security on top of existing data encryption methods. Randomizing the data s byte stream adds an extra layer to existing data protection methods, thus making it harder for an attacker to decrypt protected data. Based on a generated crypto-graphically secure random seed, a random sequence of numbers is used to intelligently and efficiently swap the organization of bytes in data using the unbiased and memory-efficient in-place Fisher-Yates shuffle method. Swapping bytes and reorganizing the crucial structure of the byte data renders the data file unreadable and leaves the data in a deconstructed state. This deconstruction adds an extra level of security requiring the byte stream to be reconstructed with the random seed in order to be readable. Once the data byte stream has been randomized, the software enables the data to be distributed to N nodes in an environment. Each piece of the data in randomized and distributed form is a separate entity unreadable on its own right, but when combined with all N pieces, is able to be reconstructed back to one. Reconstruction requires possession of the key used for randomizing the bytes, leading to the generation of the same cryptographically secure random sequence of numbers used to randomize the data. This software is a cornerstone capability possessing the ability to generate the same cryptographically secure sequence on different machines and time intervals, thus allowing this software to be used more heavily in net-centric environments where data transfer bandwidth is limited.

Improved key-rate bounds for practical decoy-state quantum-key-distribution systems

NASA Astrophysics Data System (ADS)

Zhang, Zhen; Zhao, Qi; Razavi, Mohsen; Ma, Xiongfeng

2017-01-01

The decoy-state scheme is the most widely implemented quantum-key-distribution protocol in practice. In order to account for the finite-size key effects on the achievable secret key generation rate, a rigorous statistical fluctuation analysis is required. Originally, a heuristic Gaussian-approximation technique was used for this purpose, which, despite its analytical convenience, was not sufficiently rigorous. The fluctuation analysis has recently been made rigorous by using the Chernoff bound. There is a considerable gap, however, between the key-rate bounds obtained from these techniques and that obtained from the Gaussian assumption. Here we develop a tighter bound for the decoy-state method, which yields a smaller failure probability. This improvement results in a higher key rate and increases the maximum distance over which secure key exchange is possible. By optimizing the system parameters, our simulation results show that our method almost closes the gap between the two previously proposed techniques and achieves a performance similar to that of conventional Gaussian approximations.

Preliminary Strategic Environmental Assessment of the Great Western Development Strategy: Safeguarding Ecological Security for a New Western China

NASA Astrophysics Data System (ADS)

Li, Wei; Liu, Yan-Ju; Yang, Zhifeng

2012-02-01

The Great Western Development Strategy (GWDS) is a long term national campaign aimed at boosting development of the western area of China and narrowing the economic gap between the western and the eastern parts of China. The Strategic Environmental Assessment (SEA) procedure was employed to assess the environmental challenges brought about by the western development plans. These plans include five key developmental domains (KDDs): water resource exploitation and use, land utilization, energy generation, tourism development, and ecological restoration and conservation. A combination of methods involving matrix assessment, incorporation of expert judgment and trend analysis was employed to analyze and predict the environmental impacts upon eight selected environmental indicators: water resource availability, soil erosion, soil salinization, forest destruction, land desertification, biological diversity, water quality and air quality. Based on the overall results of the assessment, countermeasures for environmental challenges that emerged were raised as key recommendations to ensure ecological security during the implementation of the GWDS. This paper is intended to introduce a consensus-based process for evaluating the complex, long term pressures on the ecological security of large areas, such as western China, that focuses on the use of combined methods applied at the strategic level.

Preliminary strategic environmental assessment of the Great Western Development Strategy: safeguarding ecological security for a new western China.

PubMed

Li, Wei; Liu, Yan-ju; Yang, Zhifeng

2012-02-01

The Great Western Development Strategy (GWDS) is a long term national campaign aimed at boosting development of the western area of China and narrowing the economic gap between the western and the eastern parts of China. The Strategic Environmental Assessment (SEA) procedure was employed to assess the environmental challenges brought about by the western development plans. These plans include five key developmental domains (KDDs): water resource exploitation and use, land utilization, energy generation, tourism development, and ecological restoration and conservation. A combination of methods involving matrix assessment, incorporation of expert judgment and trend analysis was employed to analyze and predict the environmental impacts upon eight selected environmental indicators: water resource availability, soil erosion, soil salinization, forest destruction, land desertification, biological diversity, water quality and air quality. Based on the overall results of the assessment, countermeasures for environmental challenges that emerged were raised as key recommendations to ensure ecological security during the implementation of the GWDS. This paper is intended to introduce a consensus-based process for evaluating the complex, long term pressures on the ecological security of large areas, such as western China, that focuses on the use of combined methods applied at the strategic level.

Secured Hash Based Burst Header Authentication Design for Optical Burst Switched Networks

NASA Astrophysics Data System (ADS)

Balamurugan, A. M.; Sivasubramanian, A.; Parvathavarthini, B.

2017-12-01

The optical burst switching (OBS) is a promising technology that could meet the fast growing network demand. They are featured with the ability to meet the bandwidth requirement of applications that demand intensive bandwidth. OBS proves to be a satisfactory technology to tackle the huge bandwidth constraints, but suffers from security vulnerabilities. The objective of this proposed work is to design a faster and efficient burst header authentication algorithm for core nodes. There are two important key features in this work, viz., header encryption and authentication. Since the burst header is an important in optical burst switched network, it has to be encrypted; otherwise it is be prone to attack. The proposed MD5&RC4-4S based burst header authentication algorithm runs 20.75 ns faster than the conventional algorithms. The modification suggested in the proposed RC4-4S algorithm gives a better security and solves the correlation problems between the publicly known outputs during key generation phase. The modified MD5 recommended in this work provides 7.81 % better avalanche effect than the conventional algorithm. The device utilization result also shows the suitability of the proposed algorithm for header authentication in real time applications.

Secure communications with low-orbit spacecraft using quantum cryptography

DOEpatents

Hughes, Richard J.; Buttler, William T.; Kwiat, Paul G.; Luther, Gabriel G.; Morgan, George L; Nordholt, Jane E.; Peterson, Charles G.; Simmons, Charles M.

1999-01-01

Apparatus and method for secure communication between an earth station and spacecraft. A laser outputs single pulses that are split into preceding bright pulses and delayed attenuated pulses, and polarized. A Pockels cell changes the polarization of the polarized delayed attenuated pulses according to a string of random numbers, a first polarization representing a "1," and a second polarization representing a "0." At the receiving station, a beamsplitter randomly directs the preceding bright pulses and the polarized delayed attenuated pulses onto longer and shorter paths, both terminating in a beamsplitter which directs the preceding bright pulses and a first portion of the polarized delayed attenuated pulses to a first detector, and a second portion of the polarized delayed attenuated pulses to a second detector to generate a key for secure communication between the earth station and the spacecraft.

Failing States as Epidemiologic Risk Zones: Implications for Global Health Security.

PubMed

Hirschfeld, Katherine

Failed states commonly experience health and mortality crises that include outbreaks of infectious disease, violent conflict, reductions in life expectancy, and increased infant and maternal mortality. This article draws from recent research in political science, security studies, and international relations to explore how the process of state failure generates health declines and outbreaks of infectious disease. The key innovation of this model is a revised definition of "the state" as a geographically dynamic rather than static political space. This makes it easier to understand how phases of territorial contraction, collapse, and regeneration interrupt public health programs, destabilize the natural environment, reduce human security, and increase risks of epidemic infectious disease and other humanitarian crises. Better understanding of these dynamics will help international health agencies predict and prepare for future health and mortality crises created by failing states.

Revitalization of food barns in supporting sustainable food security in Central Java

NASA Astrophysics Data System (ADS)

Riptanti, E. W.; Qonita, A.; Suprapti

2018-02-01

Rice barns have been developed in some areas in Central Java, but several problems seem to appear, leading to nonoptimal functions of nonactive food barns. The present article aims to examine revitalization of food barns through systematic, integrated, and sustainable empowerment. The research design is exploratory research to generate data that are in-depth qualitative and quantitative. Survey was applied in four regencies including Wonogiri, Purworejo, Temanggung, and Batang. Key informants comprise caretakers of food barns, village apparatus, public figures, and Food Security Office apparatus. The research results revealed that the food barns have not been managed in professional manners. Active roles of all members and caretakers, village government, and Food Security Agency are, therefore, required in revitalizing the food barns. In order to perform social functions well, the food barns should be profit-oriented to achieve sustainability.

Three-Factor User Authentication and Key Agreement Using Elliptic Curve Cryptosystem in Wireless Sensor Networks.

PubMed

Park, YoHan; Park, YoungHo

2016-12-14

Secure communication is a significant issue in wireless sensor networks. User authentication and key agreement are essential for providing a secure system, especially in user-oriented mobile services. It is also necessary to protect the identity of each individual in wireless environments to avoid personal privacy concerns. Many authentication and key agreement schemes utilize a smart card in addition to a password to support security functionalities. However, these schemes often fail to provide security along with privacy. In 2015, Chang et al. analyzed the security vulnerabilities of previous schemes and presented the two-factor authentication scheme that provided user privacy by using dynamic identities. However, when we cryptanalyzed Chang et al.'s scheme, we found that it does not provide sufficient security for wireless sensor networks and fails to provide accurate password updates. This paper proposes a security-enhanced authentication and key agreement scheme to overcome these security weaknesses using biometric information and an elliptic curve cryptosystem. We analyze the security of the proposed scheme against various attacks and check its viability in the mobile environment.

An Energy Efficient Mutual Authentication and Key Agreement Scheme Preserving Anonymity for Wireless Sensor Networks.

PubMed

Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Yang, Yixian

2016-06-08

WSNs (Wireless sensor networks) are nowadays viewed as a vital portion of the IoTs (Internet of Things). Security is a significant issue in WSNs, especially in resource-constrained environments. AKA (Authentication and key agreement) enhances the security of WSNs against adversaries attempting to get sensitive sensor data. Various AKA schemes have been developed for verifying the legitimate users of a WSN. Firstly, we scrutinize Amin-Biswas's currently scheme and demonstrate the major security loopholes in their works. Next, we propose a lightweight AKA scheme, using symmetric key cryptography based on smart card, which is resilient against all well known security attacks. Furthermore, we prove the scheme accomplishes mutual handshake and session key agreement property securely between the participates involved under BAN (Burrows, Abadi and Needham) logic. Moreover, formal security analysis and simulations are also conducted using AVISPA(Automated Validation of Internet Security Protocols and Applications) to show that our scheme is secure against active and passive attacks. Additionally, performance analysis shows that our proposed scheme is secure and efficient to apply for resource-constrained WSNs.

An Energy Efficient Mutual Authentication and Key Agreement Scheme Preserving Anonymity for Wireless Sensor Networks

PubMed Central

Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Yang, Yixian

2016-01-01

WSNs (Wireless sensor networks) are nowadays viewed as a vital portion of the IoTs (Internet of Things). Security is a significant issue in WSNs, especially in resource-constrained environments. AKA (Authentication and key agreement) enhances the security of WSNs against adversaries attempting to get sensitive sensor data. Various AKA schemes have been developed for verifying the legitimate users of a WSN. Firstly, we scrutinize Amin-Biswas’s currently scheme and demonstrate the major security loopholes in their works. Next, we propose a lightweight AKA scheme, using symmetric key cryptography based on smart card, which is resilient against all well known security attacks. Furthermore, we prove the scheme accomplishes mutual handshake and session key agreement property securely between the participates involved under BAN (Burrows, Abadi and Needham) logic. Moreover, formal security analysis and simulations are also conducted using AVISPA(Automated Validation of Internet Security Protocols and Applications) to show that our scheme is secure against active and passive attacks. Additionally, performance analysis shows that our proposed scheme is secure and efficient to apply for resource-constrained WSNs. PMID:27338382

Three-Factor User Authentication and Key Agreement Using Elliptic Curve Cryptosystem in Wireless Sensor Networks

PubMed Central

Park, YoHan; Park, YoungHo

2016-01-01

Secure communication is a significant issue in wireless sensor networks. User authentication and key agreement are essential for providing a secure system, especially in user-oriented mobile services. It is also necessary to protect the identity of each individual in wireless environments to avoid personal privacy concerns. Many authentication and key agreement schemes utilize a smart card in addition to a password to support security functionalities. However, these schemes often fail to provide security along with privacy. In 2015, Chang et al. analyzed the security vulnerabilities of previous schemes and presented the two-factor authentication scheme that provided user privacy by using dynamic identities. However, when we cryptanalyzed Chang et al.’s scheme, we found that it does not provide sufficient security for wireless sensor networks and fails to provide accurate password updates. This paper proposes a security-enhanced authentication and key agreement scheme to overcome these security weaknesses using biometric information and an elliptic curve cryptosystem. We analyze the security of the proposed scheme against various attacks and check its viability in the mobile environment. PMID:27983616

Quantum key distribution network for multiple applications

NASA Astrophysics Data System (ADS)

Tajima, A.; Kondoh, T.; Ochi, T.; Fujiwara, M.; Yoshino, K.; Iizuka, H.; Sakamoto, T.; Tomita, A.; Shimamura, E.; Asami, S.; Sasaki, M.

2017-09-01

The fundamental architecture and functions of secure key management in a quantum key distribution (QKD) network with enhanced universal interfaces for smooth key sharing between arbitrary two nodes and enabling multiple secure communication applications are proposed. The proposed architecture consists of three layers: a quantum layer, key management layer and key supply layer. We explain the functions of each layer, the key formats in each layer and the key lifecycle for enabling a practical QKD network. A quantum key distribution-advanced encryption standard (QKD-AES) hybrid system and an encrypted smartphone system were developed as secure communication applications on our QKD network. The validity and usefulness of these systems were demonstrated on the Tokyo QKD Network testbed.

Secure content objects

DOEpatents

Evans, William D [Cupertino, CA

2009-02-24

A secure content object protects electronic documents from unauthorized use. The secure content object includes an encrypted electronic document, a multi-key encryption table having at least one multi-key component, an encrypted header and a user interface device. The encrypted document is encrypted using a document encryption key associated with a multi-key encryption method. The encrypted header includes an encryption marker formed by a random number followed by a derivable variation of the same random number. The user interface device enables a user to input a user authorization. The user authorization is combined with each of the multi-key components in the multi-key encryption key table and used to try to decrypt the encrypted header. If the encryption marker is successfully decrypted, the electronic document may be decrypted. Multiple electronic documents or a document and annotations may be protected by the secure content object.

Information security system based on virtual-optics imaging methodology and public key infrastructure

NASA Astrophysics Data System (ADS)

Peng, Xiang; Zhang, Peng; Cai, Lilong

In this paper, we present a virtual-optical based information security system model with the aid of public-key-infrastructure (PKI) techniques. The proposed model employs a hybrid architecture in which our previously published encryption algorithm based on virtual-optics imaging methodology (VOIM) can be used to encipher and decipher data while an asymmetric algorithm, for example RSA, is applied for enciphering and deciphering the session key(s). For an asymmetric system, given an encryption key, it is computationally infeasible to determine the decryption key and vice versa. The whole information security model is run under the framework of PKI, which is on basis of public-key cryptography and digital signatures. This PKI-based VOIM security approach has additional features like confidentiality, authentication, and integrity for the purpose of data encryption under the environment of network.

Optical asymmetric watermarking using modified wavelet fusion and diffractive imaging

NASA Astrophysics Data System (ADS)

Mehra, Isha; Nishchal, Naveen K.

2015-05-01

In most of the existing image encryption algorithms the generated keys are in the form of a noise like distribution with a uniform distributed histogram. However, the noise like distribution is an apparent sign indicating the presence of the keys. If the keys are to be transferred through some communication channels, then this may lead to a security problem. This is because; the noise like features may easily catch people's attention and bring more attacks. To address this problem it is required to transfer the keys to some other meaningful images to disguise the attackers. The watermarking schemes are complementary to image encryption schemes. In most of the iterative encryption schemes, support constraints play an important role of the keys in order to decrypt the meaningful data. In this article, we have transferred the support constraints which are generated by axial translation of CCD camera using amplitude-, and phase- truncation approach, into different meaningful images. This has been done by developing modified fusion technique in wavelet transform domain. The second issue is, in case, the meaningful images are caught by the attacker then how to solve the copyright protection. To resolve this issue, watermark detection plays a crucial role. For this purpose, it is necessary to recover the original image using the retrieved watermarks/support constraints. To address this issue, four asymmetric keys have been generated corresponding to each watermarked image to retrieve the watermarks. For decryption, an iterative phase retrieval algorithm is applied to extract the plain-texts from corresponding retrieved watermarks.

Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks.

PubMed

Chang, I-Pin; Lee, Tian-Fu; Lin, Tsung-Hung; Liu, Chuan-Ming

2015-11-30

Key agreements that use only password authentication are convenient in communication networks, but these key agreement schemes often fail to resist possible attacks, and therefore provide poor security compared with some other authentication schemes. To increase security, many authentication and key agreement schemes use smartcard authentication in addition to passwords. Thus, two-factor authentication and key agreement schemes using smartcards and passwords are widely adopted in many applications. Vaidya et al. recently presented a two-factor authentication and key agreement scheme for wireless sensor networks (WSNs). Kim et al. observed that the Vaidya et al. scheme fails to resist gateway node bypassing and user impersonation attacks, and then proposed an improved scheme for WSNs. This study analyzes the weaknesses of the two-factor authentication and key agreement scheme of Kim et al., which include vulnerability to impersonation attacks, lost smartcard attacks and man-in-the-middle attacks, violation of session key security, and failure to protect user privacy. An efficient and secure authentication and key agreement scheme for WSNs based on the scheme of Kim et al. is then proposed. The proposed scheme not only solves the weaknesses of previous approaches, but also increases security requirements while maintaining low computational cost.

The Reformulation of Emotional Security Theory: The Role of Children’s Social Defense in Developmental Psychopathology

PubMed Central

Davies, Patrick T.; Martin, Meredith J.

2014-01-01

Although children’s security in the context of the interparental relationship has been identified as a key explanatory mechanism in pathways between family discord and child psychopathology, little is known about the inner workings of emotional security as a goal system. Accordingly, the objective of this paper is to describe how our reformulation of emotional security theory (EST-R) within an ethological and evolutionary framework may advance the characterization of the architecture and operation of emotional security and, in the process, cultivate sustainable growing points in developmental psychopathology. The first section of the paper describes how children’s security in the interparental relationship is organized around a distinctive behavioral system designed to defend against interpersonal threat. Building on this evolutionary foundation for emotional security, the paper offers an innovative taxonomy for identifying qualitatively different ways children try to preserve their security and its innovative implications for more precisely informing understanding of the mechanisms in pathways between family and developmental precursors and children’s trajectories of mental health. In the final section, the paper highlights the potential of EST-R to stimulate new generations of research on understanding how children defend against social threats in ecologies beyond the interparental dyad, including both familial and extrafamilial settings. PMID:24342849

A Novel Secure IoT-Based Smart Home Automation System Using a Wireless Sensor Network.

PubMed

Pirbhulal, Sandeep; Zhang, Heye; E Alahi, Md Eshrat; Ghayvat, Hemant; Mukhopadhyay, Subhas Chandra; Zhang, Yuan-Ting; Wu, Wanqing

2016-12-30

Wireless sensor networks (WSNs) provide noteworthy benefits over traditional approaches for several applications, including smart homes, healthcare, environmental monitoring, and homeland security. WSNs are integrated with the Internet Protocol (IP) to develop the Internet of Things (IoT) for connecting everyday life objects to the internet. Hence, major challenges of WSNs include: (i) how to efficiently utilize small size and low-power nodes to implement security during data transmission among several sensor nodes; (ii) how to resolve security issues associated with the harsh and complex environmental conditions during data transmission over a long coverage range. In this study, a secure IoT-based smart home automation system was developed. To facilitate energy-efficient data encryption, a method namely Triangle Based Security Algorithm (TBSA) based on efficient key generation mechanism was proposed. The proposed TBSA in integration of the low power Wi-Fi were included in WSNs with the Internet to develop a novel IoT-based smart home which could provide secure data transmission among several associated sensor nodes in the network over a long converge range. The developed IoT based system has outstanding performance by fulfilling all the necessary security requirements. The experimental results showed that the proposed TBSA algorithm consumed less energy in comparison with some existing methods.

A Novel Secure IoT-Based Smart Home Automation System Using a Wireless Sensor Network

PubMed Central

Pirbhulal, Sandeep; Zhang, Heye; E Alahi, Md Eshrat; Ghayvat, Hemant; Mukhopadhyay, Subhas Chandra; Zhang, Yuan-Ting; Wu, Wanqing

2016-01-01

Wireless sensor networks (WSNs) provide noteworthy benefits over traditional approaches for several applications, including smart homes, healthcare, environmental monitoring, and homeland security. WSNs are integrated with the Internet Protocol (IP) to develop the Internet of Things (IoT) for connecting everyday life objects to the internet. Hence, major challenges of WSNs include: (i) how to efficiently utilize small size and low-power nodes to implement security during data transmission among several sensor nodes; (ii) how to resolve security issues associated with the harsh and complex environmental conditions during data transmission over a long coverage range. In this study, a secure IoT-based smart home automation system was developed. To facilitate energy-efficient data encryption, a method namely Triangle Based Security Algorithm (TBSA) based on efficient key generation mechanism was proposed. The proposed TBSA in integration of the low power Wi-Fi were included in WSNs with the Internet to develop a novel IoT-based smart home which could provide secure data transmission among several associated sensor nodes in the network over a long converge range. The developed IoT based system has outstanding performance by fulfilling all the necessary security requirements. The experimental results showed that the proposed TBSA algorithm consumed less energy in comparison with some existing methods. PMID:28042831

Secure and Energy-Efficient Data Transmission System Based on Chaotic Compressive Sensing in Body-to-Body Networks.

PubMed

Peng, Haipeng; Tian, Ye; Kurths, Jurgen; Li, Lixiang; Yang, Yixian; Wang, Daoshun

2017-06-01

Applications of wireless body area networks (WBANs) are extended from remote health care to military, sports, disaster relief, etc. With the network scale expanding, nodes increasing, and links complicated, a WBAN evolves to a body-to-body network. Along with the development, energy saving and data security problems are highlighted. In this paper, chaotic compressive sensing (CCS) is proposed to solve these two crucial problems, simultaneously. Compared with the traditional compressive sensing, CCS can save vast storage space by only storing the matrix generation parameters. Additionally, the sensitivity of chaos can improve the security of data transmission. Aimed at image transmission, modified CCS is proposed, which uses two encryption mechanisms, confusion and mask, and performs a much better encryption quality. Simulation is conducted to verify the feasibility and effectiveness of the proposed methods. The results show that the energy efficiency and security are strongly improved, while the storage space is saved. And the secret key is extremely sensitive, [Formula: see text] perturbation of the secret key could lead to a total different decoding, the relative error is larger than 100%. Particularly for image encryption, the performance of the modified method is excellent. The adjacent pixel correlation is smaller than 0.04 in different directions including horizontal, vertical, and diagonal; the entropy of the cipher image with a 256-level gray value is larger than 7.98.

Quantum dual signature scheme based on coherent states with entanglement swapping

NASA Astrophysics Data System (ADS)

Liu, Jia-Li; Shi, Rong-Hua; Shi, Jin-Jing; Lv, Ge-Li; Guo, Ying

2016-08-01

A novel quantum dual signature scheme, which combines two signed messages expected to be sent to two diverse receivers Bob and Charlie, is designed by applying entanglement swapping with coherent states. The signatory Alice signs two different messages with unitary operations (corresponding to the secret keys) and applies entanglement swapping to generate a quantum dual signature. The dual signature is firstly sent to the verifier Bob who extracts and verifies the signature of one message and transmits the rest of the dual signature to the verifier Charlie who verifies the signature of the other message. The transmission of the dual signature is realized with quantum teleportation of coherent states. The analysis shows that the security of secret keys and the security criteria of the signature protocol can be greatly guaranteed. An extensional multi-party quantum dual signature scheme which considers the case with more than three participants is also proposed in this paper and this scheme can remain secure. The proposed schemes are completely suited for the quantum communication network including multiple participants and can be applied to the e-commerce system which requires a secure payment among the customer, business and bank. Project supported by the National Natural Science Foundation of China (Grant Nos. 61272495, 61379153, and 61401519) and the Research Fund for the Doctoral Program of Higher Education of China (Grant No. 20130162110012).

Randomness determines practical security of BB84 quantum key distribution.

PubMed

Li, Hong-Wei; Yin, Zhen-Qiang; Wang, Shuang; Qian, Yong-Jun; Chen, Wei; Guo, Guang-Can; Han, Zheng-Fu

2015-11-10

Unconditional security of the BB84 quantum key distribution protocol has been proved by exploiting the fundamental laws of quantum mechanics, but the practical quantum key distribution system maybe hacked by considering the imperfect state preparation and measurement respectively. Until now, different attacking schemes have been proposed by utilizing imperfect devices, but the general security analysis model against all of the practical attacking schemes has not been proposed. Here, we demonstrate that the general practical attacking schemes can be divided into the Trojan horse attack, strong randomness attack and weak randomness attack respectively. We prove security of BB84 protocol under randomness attacking models, and these results can be applied to guarantee the security of the practical quantum key distribution system.

Randomness determines practical security of BB84 quantum key distribution

PubMed Central

Li, Hong-Wei; Yin, Zhen-Qiang; Wang, Shuang; Qian, Yong-Jun; Chen, Wei; Guo, Guang-Can; Han, Zheng-Fu

2015-01-01

Unconditional security of the BB84 quantum key distribution protocol has been proved by exploiting the fundamental laws of quantum mechanics, but the practical quantum key distribution system maybe hacked by considering the imperfect state preparation and measurement respectively. Until now, different attacking schemes have been proposed by utilizing imperfect devices, but the general security analysis model against all of the practical attacking schemes has not been proposed. Here, we demonstrate that the general practical attacking schemes can be divided into the Trojan horse attack, strong randomness attack and weak randomness attack respectively. We prove security of BB84 protocol under randomness attacking models, and these results can be applied to guarantee the security of the practical quantum key distribution system. PMID:26552359

Randomness determines practical security of BB84 quantum key distribution

NASA Astrophysics Data System (ADS)

Li, Hong-Wei; Yin, Zhen-Qiang; Wang, Shuang; Qian, Yong-Jun; Chen, Wei; Guo, Guang-Can; Han, Zheng-Fu

2015-11-01

Unconditional security of the BB84 quantum key distribution protocol has been proved by exploiting the fundamental laws of quantum mechanics, but the practical quantum key distribution system maybe hacked by considering the imperfect state preparation and measurement respectively. Until now, different attacking schemes have been proposed by utilizing imperfect devices, but the general security analysis model against all of the practical attacking schemes has not been proposed. Here, we demonstrate that the general practical attacking schemes can be divided into the Trojan horse attack, strong randomness attack and weak randomness attack respectively. We prove security of BB84 protocol under randomness attacking models, and these results can be applied to guarantee the security of the practical quantum key distribution system.

Advanced technologies for encryption of satellite links

NASA Astrophysics Data System (ADS)

McMahan, Sherry S.

The use of encryption on satellite links is discussed. Advanced technology exists to provide transmission security for large earth station with data rates up to 50 megabits per second. One of the major concerns in the use of encryption equipment with very small aperture terminals (VSAT) is the key management issue and the related operational costs. The low cost requirement and the lack of physical protection of remote VSATs place severe constraints on the design of encryption equipment. Encryption may be accomplished by embedding a tamper proof encryption module into the baseband unit of each VSAT. VSAT networks are usually star networks where there is a single large earth station that serves as a hub and all satellite communications takes place between each VSAT and the hub earth station. The hub earth station has the secret master key of each VSAT. These master keys are used to downline load encrypted session keys to each VSAT. A more secure alternative is to use public key techniques where each embedded VSAT encryption module internally generates its own secret and public numbers. The secret number never leaves the module while the public number is sent to the hub at the time of initialization of the encryption module into the VSAT. Physical access control to encryption modules of VSAT systems can be implemented using passwords, smart cards or biometrics.

Symmetric Key Services Markup Language (SKSML)

NASA Astrophysics Data System (ADS)

Noor, Arshad

Symmetric Key Services Markup Language (SKSML) is the eXtensible Markup Language (XML) being standardized by the OASIS Enterprise Key Management Infrastructure Technical Committee for requesting and receiving symmetric encryption cryptographic keys within a Symmetric Key Management System (SKMS). This protocol is designed to be used between clients and servers within an Enterprise Key Management Infrastructure (EKMI) to secure data, independent of the application and platform. Building on many security standards such as XML Signature, XML Encryption, Web Services Security and PKI, SKSML provides standards-based capability to allow any application to use symmetric encryption keys, while maintaining centralized control. This article describes the SKSML protocol and its capabilities.

A Scenario-Based Protocol Checker for Public-Key Authentication Scheme

NASA Astrophysics Data System (ADS)

Saito, Takamichi

Security protocol provides communication security for the internet. One of the important features of it is authentication with key exchange. Its correctness is a requirement of the whole of the communication security. In this paper, we introduce three attack models realized as their attack scenarios, and provide an authentication-protocol checker for applying three attack-scenarios based on the models. We also utilize it to check two popular security protocols: Secure SHell (SSH) and Secure Socket Layer/Transport Layer Security (SSL/TLS).

Running key mapping in a quantum stream cipher by the Yuen 2000 protocol

NASA Astrophysics Data System (ADS)

Shimizu, Tetsuya; Hirota, Osamu; Nagasako, Yuki

2008-03-01

A quantum stream cipher by Yuen 2000 protocol (so-called Y00 protocol or αη scheme) consisting of linear feedback shift register of short key is very attractive in implementing secure 40 Gbits/s optical data transmission, which is expected as a next-generation network. However, a basic model of the Y00 protocol with a very short key needs a careful design against fast correlation attacks as pointed out by Donnet This Brief Report clarifies an effectiveness of irregular mapping between running key and physical signals in the driver for selection of M -ary basis in the transmitter, and gives a design method. Consequently, quantum stream cipher by the Y00 protocol with our mapping has immunity against the proposed fast correlation attacks on a basic model of the Y00 protocol even if the key is very short.

Secret-key expansion from covert communication

NASA Astrophysics Data System (ADS)

Arrazola, Juan Miguel; Amiri, Ryan

2018-02-01

Covert communication allows the transmission of messages in such a way that it is not possible for adversaries to detect that the communication is occurring. This provides protection in situations where knowledge that two parties are talking to each other may be incriminating to them. In this work, we study how covert communication can be used for a different purpose: secret key expansion. First, we show that any message transmitted in a secure covert protocol is also secret and therefore unknown to an adversary. We then propose a covert communication protocol where the amount of key consumed in the protocol is smaller than the transmitted key, thus leading to secure secret key expansion. We derive precise conditions for secret key expansion to occur, showing that it is possible when there are sufficiently low levels of noise for a given security level. We conclude by examining how secret key expansion from covert communication can be performed in a computational security model.

Free-space quantum key distribution with a high generation rate potassium titanyl phosphate waveguide photon-pair source

NASA Astrophysics Data System (ADS)

Wilson, Jeffrey D.; Chaffee, Dalton W.; Wilson, Nathaniel C.; Lekki, John D.; Tokars, Roger P.; Pouch, John J.; Roberts, Tony D.; Battle, Philip R.; Floyd, Bertram; Lind, Alexander J.; Cavin, John D.; Helmick, Spencer R.

2016-09-01

A high generation rate photon-pair source using a dual element periodically-poled potassium titanyl phosphate (PP KTP) waveguide is described. The fully integrated photon-pair source consists of a 1064-nm pump diode laser, fiber-coupled to a dual element waveguide within which a pair of 1064-nm photons are up-converted to a single 532-nm photon in the first stage. In the second stage, the 532-nm photon is down-converted to an entangled photon-pair at 800 nm and 1600 nm which are fiber-coupled at the waveguide output. The photon-pair source features a high pair generation rate, a compact power-efficient package, and continuous wave (CW) or pulsed operation. This is a significant step towards the long term goal of developing sources for high-rate Quantum Key Distribution (QKD) to enable Earth-space secure communications. Characterization and test results are presented. Details and preliminary results of a laboratory free space QKD experiment with the B92 protocol are also presented.

Free-Space Quantum Key Distribution with a High Generation Rate Potassium Titanyl Phosphate Waveguide Photon-Pair Source

NASA Technical Reports Server (NTRS)

Wilson, Jeffrey D.; Chaffee, Dalton W.; Wilson, Nathaniel C.; Lekki, John D.; Tokars, Roger P.; Pouch, John J.; Roberts, Tony D.; Battle, Philip; Floyd, Bertram M.; Lind, Alexander J.;

Experimentally feasible quantum-key-distribution scheme using qubit-like qudits and its comparison with existing qubit- and qudit-based protocols

NASA Astrophysics Data System (ADS)

Chau, H. F.; Wang, Qinan; Wong, Cardythy

2017-02-01

Recently, Chau [Phys. Rev. A 92, 062324 (2015), 10.1103/PhysRevA.92.062324] introduced an experimentally feasible qudit-based quantum-key-distribution (QKD) scheme. In that scheme, one bit of information is phase encoded in the prepared state in a 2n-dimensional Hilbert space in the form (|i > ±|j >) /√{2 } with n ≥2 . For each qudit prepared and measured in the same two-dimensional Hilbert subspace, one bit of raw secret key is obtained in the absence of transmission error. Here we show that by modifying the basis announcement procedure, the same experimental setup can generate n bits of raw key for each qudit prepared and measured in the same basis in the noiseless situation. The reason is that in addition to the phase information, each qudit also carries information on the Hilbert subspace used. The additional (n -1 ) bits of raw key comes from a clever utilization of this extra piece of information. We prove the unconditional security of this modified protocol and compare its performance with other existing provably secure qubit- and qudit-based protocols on market in the one-way classical communication setting. Interestingly, we find that for the case of n =2 , the secret key rate of this modified protocol using nondegenerate random quantum code to perform one-way entanglement distillation is equal to that of the six-state scheme.

Input from Key Stakeholders in the National Security Technology Incubator

DOE Office of Scientific and Technical Information (OSTI.GOV)

None

This report documents the input from key stakeholders of the National Security Technology Incubator (NSTI) in developing a new technology incubator and related programs for southern New Mexico. The technology incubator is being developed as part of the National Security Preparedness Project (NSPP), funded by a Department of Energy (DOE)/National Nuclear Security Administration (NNSA) grant. This report includes identification of key stakeholders as well as a description and analysis of their input for the development of an incubator.

Field test of quantum key distribution in the Tokyo QKD Network.

PubMed

Sasaki, M; Fujiwara, M; Ishizuka, H; Klaus, W; Wakui, K; Takeoka, M; Miki, S; Yamashita, T; Wang, Z; Tanaka, A; Yoshino, K; Nambu, Y; Takahashi, S; Tajima, A; Tomita, A; Domeki, T; Hasegawa, T; Sakai, Y; Kobayashi, H; Asai, T; Shimizu, K; Tokura, T; Tsurumaru, T; Matsui, M; Honjo, T; Tamaki, K; Takesue, H; Tokura, Y; Dynes, J F; Dixon, A R; Sharpe, A W; Yuan, Z L; Shields, A J; Uchikoga, S; Legré, M; Robyr, S; Trinkler, P; Monat, L; Page, J-B; Ribordy, G; Poppe, A; Allacher, A; Maurhart, O; Länger, T; Peev, M; Zeilinger, A

2011-05-23

A secure communication network with quantum key distribution in a metropolitan area is reported. Six different QKD systems are integrated into a mesh-type network. GHz-clocked QKD links enable us to demonstrate the world-first secure TV conferencing over a distance of 45km. The network includes a commercial QKD product for long-term stable operation, and application interface to secure mobile phones. Detection of an eavesdropper, rerouting into a secure path, and key relay via trusted nodes are demonstrated in this network.

Mutual Authentication Scheme in Secure Internet of Things Technology for Comfortable Lifestyle

PubMed Central

Park, Namje; Kang, Namhi

2015-01-01

The Internet of Things (IoT), which can be regarded as an enhanced version of machine-to-machine communication technology, was proposed to realize intelligent thing-to-thing communications by utilizing the Internet connectivity. In the IoT, “things” are generally heterogeneous and resource constrained. In addition, such things are connected to each other over low-power and lossy networks. In this paper, we propose an inter-device authentication and session-key distribution system for devices with only encryption modules. In the proposed system, unlike existing sensor-network environments where the key distribution center distributes the key, each sensor node is involved with the generation of session keys. In addition, in the proposed scheme, the performance is improved so that the authenticated device can calculate the session key in advance. The proposed mutual authentication and session-key distribution system can withstand replay attacks, man-in-the-middle attacks, and wiretapped secret-key attacks. PMID:26712759

Framework and prototype for a secure XML-based electronic health records system.

PubMed

Steele, Robert; Gardner, William; Chandra, Darius; Dillon, Tharam S

2007-01-01

Security of personal medical information has always been a challenge for the advancement of Electronic Health Records (EHRs) initiatives. eXtensible Markup Language (XML), is rapidly becoming the key standard for data representation and transportation. The widespread use of XML and the prospect of its use in the Electronic Health (e-health) domain highlights the need for flexible access control models for XML data and documents. This paper presents a declarative access control model for XML data repositories that utilises an expressive XML role control model. The operational semantics of this model are illustrated by Xplorer, a user interface generation engine which supports search-browse-navigate activities on XML repositories.

Biometric identity management for standard mobile medical networks.

PubMed

Egner, Alexandru; Soceanu, Alexandru; Moldoveanu, Florica

2012-01-01

The explosion of healthcare costs over the last decade has prompted the ICT industry to respond with solutions for reducing costs while improving healthcare quality. The ISO/IEEE 11073 family of standards recently released is the first step towards interoperability of mobile medical devices used in patient environments. The standards do not, however, tackle security problems, such as identity management, or the secure exchange of medical data. This paper proposes an enhancement of the ISO/IEEE 11073-20601 protocol with an identity management system based on biometry. The paper describes a novel biometric-based authentication process, together with the biometric key generation algorithm. The proposed extension of the ISO/IEEE 11073-20601 is also presented.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Coleman, Jody Rustyn; Poland, Richard W.

A system and method for the secure storage and transmission of data is provided. A data aggregate device can be configured to receive secure data from a data source, such as a sensor, and encrypt the secure data using a suitable encryption technique, such as a shared private key technique, a public key encryption technique, a Diffie-Hellman key exchange technique, or other suitable encryption technique. The encrypted secure data can be provided from the data aggregate device to different remote devices over a plurality of segregated or isolated data paths. Each of the isolated data paths can include an optoisolatormore » that is configured to provide one-way transmission of the encrypted secure data from the data aggregate device over the isolated data path. External data can be received through a secure data filter which, by validating the external data, allows for key exchange and other various adjustments from an external source.« less

Continuous-variable measurement-device-independent quantum key distribution: Composable security against coherent attacks

NASA Astrophysics Data System (ADS)

Lupo, Cosmo; Ottaviani, Carlo; Papanastasiou, Panagiotis; Pirandola, Stefano

2018-05-01

We present a rigorous security analysis of continuous-variable measurement-device-independent quantum key distribution (CV MDI QKD) in a finite-size scenario. The security proof is obtained in two steps: by first assessing the security against collective Gaussian attacks, and then extending to the most general class of coherent attacks via the Gaussian de Finetti reduction. Our result combines recent state-of-the-art security proofs for CV QKD with findings about min-entropy calculus and parameter estimation. In doing so, we improve the finite-size estimate of the secret key rate. Our conclusions confirm that CV MDI protocols allow for high rates on the metropolitan scale, and may achieve a nonzero secret key rate against the most general class of coherent attacks after 107-109 quantum signal transmissions, depending on loss and noise, and on the required level of security.

Authenticated sensor interface device

DOE Office of Scientific and Technical Information (OSTI.GOV)

Coleman, Jody Rustyn; Poland, Richard W.

A system and method for the secure storage and transmission of data is provided. A data aggregate device can be configured to receive secure data from a data source, such as a sensor, and encrypt the secure data using a suitable encryption technique, such as a shared private key technique, a public key encryption technique, a Diffie-Hellman key exchange technique, or other suitable encryption technique. The encrypted secure data can be provided from the data aggregate device to different remote devices over a plurality of segregated or isolated data paths. Each of the isolated data paths can include an optoisolatormore » that is configured to provide one-way transmission of the encrypted secure data from the data aggregate device over the isolated data path. External data can be received through a secure data filter which, by validating the external data, allows for key exchange and other various adjustments from an external source.« less

Quantum key distribution in multicore fibre for secure radio access networks

NASA Astrophysics Data System (ADS)

Llorente, Roberto; Provot, Antoine; Morant, Maria

2018-01-01

Broadband access in optical domain usually focuses in providing a pervasive cost-effective high bitrate communication in a given area. Nowadays, it is of utmost interest also to be able to provide a secure communication to the costumers in the area. Wireless access networks rely on optical domain for both fronthaul and backhaul of the radio access network (C-RAN). Multicore fiber (MCF) has been proposed as a promising candidate for the optical media of choice in nextgeneration wireless. The capacity demand of next-generation 5G networks makes interesting the use of high-capacity optical solutions as space-division multiplexing of different signals over MCF media. This work addresses secure MCF communication supporting C-RAN architectures. The paper proposes the use of one core in the MCF to transport securely an optical quantum key encoding altogether with end-to-end wireless signal transmitted in the remaining cores in radio-over-fiber (RoF). The RoF wireless signals are suitable for radio access fronthaul and backhaul. The theoretical principle and simulation analysis of quantum key distribution (QKD) are presented in this paper. The potential impact of optical RoF transmission crosstalk impairments is assessed experimentally considering different cellular signals on the remaining optical cores in the MCF. The experimental results report fronthaul performance over a four-core optical fiber with RoF transmission of full-standard CDMA signals providing 3.5G services in one core, HSPA+ signals providing 3.9G services in the second core and 3GPP LTEAdvanced signals providing 4G services in the third core, considering that the QKD signal is allocated in the fourth core.

Key Factors in the Success of an Organization's Information Security Culture: A Quantitative Study and Analysis

ERIC Educational Resources Information Center

Pierce, Robert E.

2012-01-01

This research study reviewed relative literature on information security and information security culture within organizations to determine what factors potentially assist an organization in implementing, integrating, and maintaining a successful organizational information security culture. Based on this review of literature, five key factors were…

Quantum key distribution with prepare-and-measure Bell test

PubMed Central

Tan, Yong-gang

2016-01-01

The prepare-and-measure quantum key distribution (QKD) has the merits of fast speed, high key generation rate, and easy implementation. However, the detector side channel attacks greatly undermine the security of the key bits. The eavesdropper, Eve, exploits the flaws of the detectors to obtain illegal information without violating quantum principles. It means that she can intervene in the communication without being detected. A prepare-and-measure Bell test protocol will be proposed. By randomly carrying out Bell test at the side of the information receiver, Bob, Eve’s illegal information gain within the detector side channel attack can be well bounded. This protocol does not require any improvement on the detectors used in available prepare-and-measure QKD. Though we only illustrate its application in the BB84 protocol, it is applicable for any prepare-and-measure QKD. PMID:27733771

A simplification of the fractional Hartley transform applied to image security system in phase

NASA Astrophysics Data System (ADS)

Jimenez, Carlos J.; Vilardy, Juan M.; Perez, Ronal

2017-01-01

In this work we develop a new encryption system for encoded image in phase using the fractional Hartley transform (FrHT), truncation operations and random phase masks (RPMs). We introduce a simplification of the FrHT with the purpose of computing this transform in an efficient and fast way. The security of the encryption system is increased by using nonlinear operations, such as the phase encoding and the truncation operations. The image to encrypt (original image) is encoded in phase and the truncation operations applied in the encryption-decryption system are the amplitude and phase truncations. The encrypted image is protected by six keys, which are the two fractional orders of the FrHTs, the two RPMs and the two pseudorandom code images generated by the amplitude and phase truncation operations. All these keys have to be correct for a proper recovery of the original image in the decryption system. We present digital results that confirm our approach.

An Asymmetric Image Encryption Based on Phase Truncated Hybrid Transform

NASA Astrophysics Data System (ADS)

Khurana, Mehak; Singh, Hukum

2017-09-01

To enhance the security of the system and to protect it from the attacker, this paper proposes a new asymmetric cryptosystem based on hybrid approach of Phase Truncated Fourier and Discrete Cosine Transform (PTFDCT) which adds non linearity by including cube and cube root operation in the encryption and decryption path respectively. In this cryptosystem random phase masks are used as encryption keys and phase masks generated after the cube operation in encryption process are reserved as decryption keys and cube root operation is required to decrypt image in decryption process. The cube and cube root operation introduced in the encryption and decryption path makes system resistant against standard attacks. The robustness of the proposed cryptosystem has been analysed and verified on the basis of various parameters by simulating on MATLAB 7.9.0 (R2008a). The experimental results are provided to highlight the effectiveness and suitability of the proposed cryptosystem and prove the system is secure.

Key Management Schemes for Peer-to-Peer Multimedia Streaming Overlay Networks

NASA Astrophysics Data System (ADS)

Naranjo, J. A. M.; López-Ramos, J. A.; Casado, L. G.

Key distribution for multimedia live streaming peer-to-peer overlay networks is a field still in its childhood stage. A scheme designed for networks of this kind must seek security and efficiency while keeping in mind the following restrictions: limited bandwidth, continuous playing, great audience size and clients churn. This paper introduces two novel schemes that allow a trade-off between security and efficiency by allowing to dynamically vary the number of levels used in the key hierarchy. These changes are motivated by great variations in audience size, and initiated by decision of the Key Server. Additionally, a comparative study of both is presented, focusing on security and audience size. Results show that larger key hierarchies can supply bigger audiences, but offer less security against statistical attacks. The opposite happens for shorter key hierarchies.

Final report for the Integrated and Robust Security Infrastructure (IRSI) laboratory directed research and development project

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hutchinson, R.L.; Hamilton, V.A.; Istrail, G.G.

1997-11-01

This report describes the results of a Sandia-funded laboratory-directed research and development project titled {open_quotes}Integrated and Robust Security Infrastructure{close_quotes} (IRSI). IRSI was to provide a broad range of commercial-grade security services to any software application. IRSI has two primary goals: application transparency and manageable public key infrastructure. IRSI must provide its security services to any application without the need to modify the application to invoke the security services. Public key mechanisms are well suited for a network with many end users and systems. There are many issues that make it difficult to deploy and manage a public key infrastructure. IRSImore » addressed some of these issues to create a more manageable public key infrastructure.« less

Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks

PubMed Central

Chang, I-Pin; Lee, Tian-Fu; Lin, Tsung-Hung; Liu, Chuan-Ming

2015-01-01

Key agreements that use only password authentication are convenient in communication networks, but these key agreement schemes often fail to resist possible attacks, and therefore provide poor security compared with some other authentication schemes. To increase security, many authentication and key agreement schemes use smartcard authentication in addition to passwords. Thus, two-factor authentication and key agreement schemes using smartcards and passwords are widely adopted in many applications. Vaidya et al. recently presented a two-factor authentication and key agreement scheme for wireless sensor networks (WSNs). Kim et al. observed that the Vaidya et al. scheme fails to resist gateway node bypassing and user impersonation attacks, and then proposed an improved scheme for WSNs. This study analyzes the weaknesses of the two-factor authentication and key agreement scheme of Kim et al., which include vulnerability to impersonation attacks, lost smartcard attacks and man-in-the-middle attacks, violation of session key security, and failure to protect user privacy. An efficient and secure authentication and key agreement scheme for WSNs based on the scheme of Kim et al. is then proposed. The proposed scheme not only solves the weaknesses of previous approaches, but also increases security requirements while maintaining low computational cost. PMID:26633396

Physical Unclonable Function Hardware Keys Utilizing Kirchhoff-Law Secure Key Exchange and Noise-Based Logic

NASA Astrophysics Data System (ADS)

Kish, Laszlo B.; Kwan, Chiman

Weak unclonable function (PUF) encryption key means that the manufacturer of the hardware can clone the key but not anybody else. Strong unclonable function (PUF) encryption key means that even the manufacturer of the hardware is unable to clone the key. In this paper, first we introduce an "ultra" strong PUF with intrinsic dynamical randomness, which is not only unclonable but also gets renewed to an independent key (with fresh randomness) during each use via the unconditionally secure key exchange. The solution utilizes the Kirchhoff-law-Johnson-noise (KLJN) method for dynamical key renewal and a one-time-pad secure key for the challenge/response process. The secure key is stored in a flash memory on the chip to provide tamper-resistance and nonvolatile storage with zero power requirements in standby mode. Simplified PUF keys are shown: a strong PUF utilizing KLJN protocol during the first run and noise-based logic (NBL) hyperspace vector string verification method for the challenge/response during the rest of its life or until it is re-initialized. Finally, the simplest PUF utilizes NBL without KLJN thus it can be cloned by the manufacturer but not by anybody else.

Password-only authenticated three-party key exchange with provable security in the standard model.

PubMed

Nam, Junghyun; Choo, Kim-Kwang Raymond; Kim, Junghwan; Kang, Hyun-Kyu; Kim, Jinsoo; Paik, Juryon; Won, Dongho

2014-01-01

Protocols for password-only authenticated key exchange (PAKE) in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000), which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks.

Quantum cryptography: a view from classical cryptography

NASA Astrophysics Data System (ADS)

Buchmann, Johannes; Braun, Johannes; Demirel, Denise; Geihs, Matthias

2017-06-01

Much of digital data requires long-term protection of confidentiality, for example, medical health records. Cryptography provides such protection. However, currently used cryptographic techniques such as Diffe-Hellman key exchange may not provide long-term security. Such techniques rely on certain computational assumptions, such as the hardness of the discrete logarithm problem that may turn out to be incorrect. On the other hand, quantum cryptography---in particular quantum random number generation and quantum key distribution---offers information theoretic protection. In this paper, we explore the challenge of providing long-term confidentiality and we argue that a combination of quantum cryptography and classical cryptography can provide such protection.

Security System Responsive to Optical Fiber Having Bragg Grating

NASA Technical Reports Server (NTRS)

Gary, Charles K. (Inventor); Ozcan, Meric (Inventor)

1997-01-01

An optically responsive electronic lock is disclosed comprising an optical fiber serving as a key and having Bragg gratings placed therein. Further, an identification system is disclosed which has the optical fiber serving as means for tagging and identifying an object. The key or tagged object is inserted into a respective receptacle and the Bragg gratings cause the optical fiber to reflect a predetermined frequency spectra pattern of incident light which is detected by a decoder and compared against a predetermined spectrum to determine if an electrical signal is generated to either operate the lock or light a display of an authentication panel.

An Anti-Electromagnetic Attack PUF Based on a Configurable Ring Oscillator for Wireless Sensor Networks

PubMed Central

Lu, Zhaojun; Li, Dongfang; Liu, Hailong; Gong, Mingyang; Liu, Zhenglin

2017-01-01

Wireless sensor networks (WSNs) are an emerging technology employed in some crucial applications. However, limited resources and physical exposure to attackers make security a challenging issue for a WSN. Ring oscillator-based physical unclonable function (RO PUF) is a potential option to protect the security of sensor nodes because it is able to generate random responses efficiently for a key extraction mechanism, which prevents the non-volatile memory from storing secret keys. In order to deploy RO PUF in a WSN, hardware efficiency, randomness, uniqueness, and reliability should be taken into account. Besides, the resistance to electromagnetic (EM) analysis attack is important to guarantee the security of RO PUF itself. In this paper, we propose a novel architecture of configurable RO PUF based on exclusive-or (XOR) gates. First, it dramatically increases the hardware efficiency compared with other types of RO PUFs. Second, it mitigates the vulnerability to EM analysis attack by placing the adjacent RO arrays in accordance with the cosine wave and sine wave so that the frequency of each RO cannot be detected. We implement our proposal in XINLINX A-7 field programmable gate arrays (FPGAs) and conduct a set of experiments to evaluate the quality of the responses. The results show that responses pass the National Institute of Standards and Technology (NIST) statistical test and have good uniqueness and reliability under different environments. Therefore, the proposed configurable RO PUF is suitable to establish a key extraction mechanism in a WSN. PMID:28914756

Privacy-Preserving and Secure Sharing of PHR in the Cloud.

PubMed

Zhang, Leyou; Wu, Qing; Mu, Yi; Zhang, Jingxia

2016-12-01

As a new summarized record of an individual's medical data and information, Personal Health Record (PHR) can be accessible online. The owner can control fully his/her PHR files to be shared with different users such as doctors, clinic agents, and friends. However, in an open network environment like in the Cloud, these sensitive privacy information may be gotten by those unauthorized parties and users. In this paper, we consider how to achieve PHR data confidentiality and provide fine-grained access control of PHR files in the public Cloud based on Attribute Based Encryption(ABE). Differing from previous works, we also consider the privacy preserving of the receivers since the attributes of the receivers relate to their identity or medical information, which would make some sensitive data exposed to third services. Anonymous ABE(AABE) not only enforces the security of PHR of the owners but also preserves the privacy of the receivers. But a normal AABE with a single private key generation(PKG) center may not match a PHR system in the hierarchical architecture. Therefore, we discuss not only the construction of the PHR sharing system base on AABE but also how to construct the PHR sharing system based on the hierarchical AABE. The proposed schemes(especially based on hierarchical AABE) have many advantages over the available such as short public keys, constant-size private keys, which overcome the weaknesses in the existing works. In the standard model, the introduced schemes achieve compact security in the prime order groups.

An Anti-Electromagnetic Attack PUF Based on a Configurable Ring Oscillator for Wireless Sensor Networks.

PubMed

Lu, Zhaojun; Li, Dongfang; Liu, Hailong; Gong, Mingyang; Liu, Zhenglin

2017-09-15

Wireless sensor networks (WSNs) are an emerging technology employed in some crucial applications. However, limited resources and physical exposure to attackers make security a challenging issue for a WSN. Ring oscillator-based physical unclonable function (RO PUF) is a potential option to protect the security of sensor nodes because it is able to generate random responses efficiently for a key extraction mechanism, which prevents the non-volatile memory from storing secret keys. In order to deploy RO PUF in a WSN, hardware efficiency, randomness, uniqueness, and reliability should be taken into account. Besides, the resistance to electromagnetic (EM) analysis attack is important to guarantee the security of RO PUF itself. In this paper, we propose a novel architecture of configurable RO PUF based on exclusive-or (XOR) gates. First, it dramatically increases the hardware efficiency compared with other types of RO PUFs. Second, it mitigates the vulnerability to EM analysis attack by placing the adjacent RO arrays in accordance with the cosine wave and sine wave so that the frequency of each RO cannot be detected. We implement our proposal in XINLINX A-7 field programmable gate arrays (FPGAs) and conduct a set of experiments to evaluate the quality of the responses. The results show that responses pass the National Institute of Standards and Technology (NIST) statistical test and have good uniqueness and reliability under different environments. Therefore, the proposed configurable RO PUF is suitable to establish a key extraction mechanism in a WSN.

Hardening Logic Encryption against Key Extraction Attacks with Circuit Camouflage

DTIC Science & Technology

2017-03-01

camouflage; obfuscation; SAT; key extraction; reverse engineering; security; trusted electronics Introduction Integrated Circuit (IC) designs are...Encryption Algorithms”, Hardware Oriented Security and Trust , 2015. 3. Rajendran J., Pino, Y., Sinanoglu, O., Karri, R., “Security Analysis of Logic

Secure multiple access for indoor optical wireless communications with time-slot coding and chaotic phase.

PubMed

Liang, Tian; Wang, Ke; Lim, Christina; Wong, Elaine; Song, Tingting; Nirmalathas, Ampalavanapillai

2017-09-04

In this paper, we report a novel mechanism to simultaneously provide secure connections for multiple users in indoor optical wireless communication systems by employing the time-slot coding scheme together with chaotic phase sequence. The chaotic phase sequence is generated according to the logistic map and applied to each symbol to secure the transmission. Proof-of-concept experiments are carried out for multiple system capacities based on both 4-QAM and 16-QAM modulation formats, i.e. 1.25 Gb/s, 2 Gb/s and 2.5 Gb/s for 4-QAM, and 2.5 Gb/s, 3.33 Gb/s and 4 Gb/s for 16-QAM. Experimental results show that in all cases the added chaotic phase does not degrade the legitimate user's signal quality while the illegal user cannot detect the signal without the key.

Experimental plug and play quantum coin flipping.

PubMed

Pappa, Anna; Jouguet, Paul; Lawson, Thomas; Chailloux, André; Legré, Matthieu; Trinkler, Patrick; Kerenidis, Iordanis; Diamanti, Eleni

2014-04-24

Performing complex cryptographic tasks will be an essential element in future quantum communication networks. These tasks are based on a handful of fundamental primitives, such as coin flipping, where two distrustful parties wish to agree on a randomly generated bit. Although it is known that quantum versions of these primitives can offer information-theoretic security advantages with respect to classical protocols, a demonstration of such an advantage in a practical communication scenario has remained elusive. Here we experimentally implement a quantum coin flipping protocol that performs strictly better than classically possible over a distance suitable for communication over metropolitan area optical networks. The implementation is based on a practical plug and play system, developed by significantly enhancing a commercial quantum key distribution device. Moreover, we provide combined quantum coin flipping protocols that are almost perfectly secure against bounded adversaries. Our results offer a useful toolbox for future secure quantum communications.

Securing Real-Time Sessions in an IMS-Based Architecture

NASA Astrophysics Data System (ADS)

Cennamo, Paolo; Fresa, Antonio; Longo, Maurizio; Postiglione, Fabio; Robustelli, Anton Luca; Toro, Francesco

The emerging all-IP mobile network infrastructures based on 3rd Generation IP Multimedia Subsystem philosophy are characterised by radio access technology independence and ubiquitous connectivity for mobile users. Currently, great focus is being devoted to security issues since most of the security threats presently affecting the public Internet domain, and the upcoming ones as well, are going to be suffered by mobile users in the years to come. While a great deal of research activity, together with standardisation efforts and experimentations, is carried out on mechanisms for signalling protection, very few integrated frameworks for real-time multimedia data protection have been proposed in a context of IP Multimedia Subsystem, and even fewer experimental results based on testbeds are available. In this paper, after a general overview of the security issues arising in an advanced IP Multimedia Subsystem scenario, a comprehensive infrastructure for real-time multimedia data protection, based on the adoption of the Secure Real-Time Protocol, is proposed; then, the development of a testbed incorporating such functionalities, including mechanisms for key management and cryptographic context transfer, and allowing the setup of Secure Real-Time Protocol sessions is presented; finally, experimental results are provided together with quantitative assessments and comparisons of system performances for audio sessions with and without the adoption of the Secure Real-Time Protocol framework.

Biometrics based key management of double random phase encoding scheme using error control codes

NASA Astrophysics Data System (ADS)

Saini, Nirmala; Sinha, Aloka

2013-08-01

In this paper, an optical security system has been proposed in which key of the double random phase encoding technique is linked to the biometrics of the user to make it user specific. The error in recognition due to the biometric variation is corrected by encoding the key using the BCH code. A user specific shuffling key is used to increase the separation between genuine and impostor Hamming distance distribution. This shuffling key is then further secured using the RSA public key encryption to enhance the security of the system. XOR operation is performed between the encoded key and the feature vector obtained from the biometrics. The RSA encoded shuffling key and the data obtained from the XOR operation are stored into a token. The main advantage of the present technique is that the key retrieval is possible only in the simultaneous presence of the token and the biometrics of the user which not only authenticates the presence of the original input but also secures the key of the system. Computational experiments showed the effectiveness of the proposed technique for key retrieval in the decryption process by using the live biometrics of the user.

Color encryption scheme based on adapted quantum logistic map

NASA Astrophysics Data System (ADS)

Zaghloul, Alaa; Zhang, Tiejun; Amin, Mohamed; Abd El-Latif, Ahmed A.

2014-04-01

This paper presents a new color image encryption scheme based on quantum chaotic system. In this scheme, a new encryption scheme is accomplished by generating an intermediate chaotic key stream with the help of quantum chaotic logistic map. Then, each pixel is encrypted by the cipher value of the previous pixel and the adapted quantum logistic map. The results show that the proposed scheme has adequate security for the confidentiality of color images.

Unconditional security proof of a deterministic quantum key distribution with a two-way quantum channel

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lu Hua; Department of Mathematics and Physics, Hubei University of Technology, Wuhan 430068; Fung, Chi-Hang Fred

2011-10-15

In a deterministic quantum key distribution (DQKD) protocol with a two-way quantum channel, Bob sends a qubit to Alice who then encodes a key bit onto the qubit and sends it back to Bob. After measuring the returned qubit, Bob can obtain Alice's key bit immediately, without basis reconciliation. Since an eavesdropper may attack the qubits traveling on either the Bob-Alice channel or the Alice-Bob channel, the security analysis of DQKD protocol with a two-way quantum channel is complicated and its unconditional security has been controversial. This paper presents a security proof of a single-photon four-state DQKD protocol against generalmore » attacks.« less

Public key infrastructure for DOE security research

DOE Office of Scientific and Technical Information (OSTI.GOV)

Aiken, R.; Foster, I.; Johnston, W.E.

This document summarizes the Department of Energy`s Second Joint Energy Research/Defence Programs Security Research Workshop. The workshop, built on the results of the first Joint Workshop which reviewed security requirements represented in a range of mission-critical ER and DP applications, discussed commonalties and differences in ER/DP requirements and approaches, and identified an integrated common set of security research priorities. One significant conclusion of the first workshop was that progress in a broad spectrum of DOE-relevant security problems and applications could best be addressed through public-key cryptography based systems, and therefore depended upon the existence of a robust, broadly deployed public-keymore » infrastructure. Hence, public-key infrastructure ({open_quotes}PKI{close_quotes}) was adopted as a primary focus for the second workshop. The Second Joint Workshop covered a range of DOE security research and deployment efforts, as well as summaries of the state of the art in various areas relating to public-key technologies. Key findings were that a broad range of DOE applications can benefit from security architectures and technologies built on a robust, flexible, widely deployed public-key infrastructure; that there exists a collection of specific requirements for missing or undeveloped PKI functionality, together with a preliminary assessment of how these requirements can be met; that, while commercial developments can be expected to provide many relevant security technologies, there are important capabilities that commercial developments will not address, due to the unique scale, performance, diversity, distributed nature, and sensitivity of DOE applications; that DOE should encourage and support research activities intended to increase understanding of security technology requirements, and to develop critical components not forthcoming from other sources in a timely manner.« less

Self-Assembled Resonance Energy Transfer Keys for Secure Communication over Classical Channels.

PubMed

Nellore, Vishwa; Xi, Sam; Dwyer, Chris

2015-12-22

Modern authentication and communication protocols increasingly use physical keys in lieu of conventional software-based keys for security. This shift is primarily driven by the ability to derive a unique, unforgeable signature from a physical key. The sole demonstration of an unforgeable key, thus far, has been through quantum key distribution, which suffers from limited communication distances and expensive infrastructure requirements. Here, we show a method for creating unclonable keys by molecular self-assembly of resonance energy transfer (RET) devices. It is infeasible to clone the RET-key due to the inability to characterize the key using current technology, the large number of input-output combinations per key, and the variation of the key's response with time. However, the manufacturer can produce multiple identical devices, which enables inexpensive, secure authentication and communication over classical channels, and thus any distance. Through a detailed experimental survey of the nanoscale keys, we demonstrate that legitimate users are successfully authenticated 99.48% of the time and the false-positives are only 0.39%, over two attempts. We estimate that a legitimate user would have a computational advantage of more than 10(340) years over an attacker. Our method enables the discovery of physical key based multiparty authentication and communication schemes that are both practical and possess unprecedented security.

Overcoming the rate-distance limit of quantum key distribution without quantum repeaters.

PubMed

Lucamarini, M; Yuan, Z L; Dynes, J F; Shields, A J

2018-05-01

Quantum key distribution (QKD) 1,2 allows two distant parties to share encryption keys with security based on physical laws. Experimentally, QKD has been implemented via optical means, achieving key rates of 1.26 megabits per second over 50 kilometres of standard optical fibre 3 and of 1.16 bits per hour over 404 kilometres of ultralow-loss fibre in a measurement-device-independent configuration 4 . Increasing the bit rate and range of QKD is a formidable, but important, challenge. A related target, which is currently considered to be unfeasible without quantum repeaters 5-7 , is overcoming the fundamental rate-distance limit of QKD 8 . This limit defines the maximum possible secret key rate that two parties can distil at a given distance using QKD and is quantified by the secret-key capacity of the quantum channel 9 that connects the parties. Here we introduce an alternative scheme for QKD whereby pairs of phase-randomized optical fields are first generated at two distant locations and then combined at a central measuring station. Fields imparted with the same random phase are 'twins' and can be used to distil a quantum key. The key rate of this twin-field QKD exhibits the same dependence on distance as does a quantum repeater, scaling with the square-root of the channel transmittance, irrespective of who (malicious or otherwise) is in control of the measuring station. However, unlike schemes that involve quantum repeaters, ours is feasible with current technology and presents manageable levels of noise even on 550 kilometres of standard optical fibre. This scheme is a promising step towards overcoming the rate-distance limit of QKD and greatly extending the range of secure quantum communications.

Key handling in wireless sensor networks

NASA Astrophysics Data System (ADS)

Li, Y.; Newe, T.

2007-07-01

With the rapid growth of Wireless Sensor Networks (WSNs), many advanced application areas have received significant attention. However, security will be an important factor for their full adoption. Wireless sensor nodes pose unique challenges and as such traditional security protocols, used in traditional networks cannot be applied directly. Some new protocols have been published recently with the goal of providing both privacy of data and authentication of sensor nodes for WSNs. Such protocols can employ private-key and/or public key cryptographic algorithms. Public key algorithms hold the promise of simplifying the network infrastructure required to provide security services such as: privacy, authentication and non-repudiation, while symmetric algorithms require less processing power on the lower power wireless node. In this paper a selection of key establishment/agreement protocols are reviewed and they are broadly divided into two categories: group key agreement protocols and pair-wise key establishment protocols. A summary of the capabilities and security related services provided by each protocol is provided.

Efficient bit sifting scheme of post-processing in quantum key distribution

NASA Astrophysics Data System (ADS)

Li, Qiong; Le, Dan; Wu, Xianyan; Niu, Xiamu; Guo, Hong

2015-10-01

Bit sifting is an important step in the post-processing of quantum key distribution (QKD). Its function is to sift out the undetected original keys. The communication traffic of bit sifting has essential impact on the net secure key rate of a practical QKD system. In this paper, an efficient bit sifting scheme is presented, of which the core is a lossless source coding algorithm. Both theoretical analysis and experimental results demonstrate that the performance of the scheme is approaching the Shannon limit. The proposed scheme can greatly decrease the communication traffic of the post-processing of a QKD system, which means the proposed scheme can decrease the secure key consumption for classical channel authentication and increase the net secure key rate of the QKD system, as demonstrated by analyzing the improvement on the net secure key rate. Meanwhile, some recommendations on the application of the proposed scheme to some representative practical QKD systems are also provided.

Real-time fast physical random number generator with a photonic integrated circuit.

PubMed

Ugajin, Kazusa; Terashima, Yuta; Iwakawa, Kento; Uchida, Atsushi; Harayama, Takahisa; Yoshimura, Kazuyuki; Inubushi, Masanobu

2017-03-20

Random number generators are essential for applications in information security and numerical simulations. Most optical-chaos-based random number generators produce random bit sequences by offline post-processing with large optical components. We demonstrate a real-time hardware implementation of a fast physical random number generator with a photonic integrated circuit and a field programmable gate array (FPGA) electronic board. We generate 1-Tbit random bit sequences and evaluate their statistical randomness using NIST Special Publication 800-22 and TestU01. All of the BigCrush tests in TestU01 are passed using 410-Gbit random bit sequences. A maximum real-time generation rate of 21.1 Gb/s is achieved for random bit sequences in binary format stored in a computer, which can be directly used for applications involving secret keys in cryptography and random seeds in large-scale numerical simulations.

Designing and Operating Through Compromise: Architectural Analysis of CKMS for the Advanced Metering Infrastructure

DOE Office of Scientific and Technical Information (OSTI.GOV)

Duren, Mike; Aldridge, Hal; Abercrombie, Robert K

2013-01-01

Compromises attributable to the Advanced Persistent Threat (APT) highlight the necessity for constant vigilance. The APT provides a new perspective on security metrics (e.g., statistics based cyber security) and quantitative risk assessments. We consider design principals and models/tools that provide high assurance for energy delivery systems (EDS) operations regardless of the state of compromise. Cryptographic keys must be securely exchanged, then held and protected on either end of a communications link. This is challenging for a utility with numerous substations that must secure the intelligent electronic devices (IEDs) that may comprise complex control system of systems. For example, distribution andmore » management of keys among the millions of intelligent meters within the Advanced Metering Infrastructure (AMI) is being implemented as part of the National Smart Grid initiative. Without a means for a secure cryptographic key management system (CKMS) no cryptographic solution can be widely deployed to protect the EDS infrastructure from cyber-attack. We consider 1) how security modeling is applied to key management and cyber security concerns on a continuous basis from design through operation, 2) how trusted models and key management architectures greatly impact failure scenarios, and 3) how hardware-enabled trust is a critical element to detecting, surviving, and recovering from attack.« less

Complex Conjugated certificateless-based signcryption with differential integrated factor for secured message communication in mobile network

PubMed Central

Rajagopalan, S. P.

2017-01-01

Certificateless-based signcryption overcomes inherent shortcomings in traditional Public Key Infrastructure (PKI) and Key Escrow problem. It imparts efficient methods to design PKIs with public verifiability and cipher text authenticity with minimum dependency. As a classic primitive in public key cryptography, signcryption performs validity of cipher text without decryption by combining authentication, confidentiality, public verifiability and cipher text authenticity much more efficiently than the traditional approach. In this paper, we first define a security model for certificateless-based signcryption called, Complex Conjugate Differential Integrated Factor (CC-DIF) scheme by introducing complex conjugates through introduction of the security parameter and improving secured message distribution rate. However, both partial private key and secret value changes with respect to time. To overcome this weakness, a new certificateless-based signcryption scheme is proposed by setting the private key through Differential (Diff) Equation using an Integration Factor (DiffEIF), minimizing computational cost and communication overhead. The scheme is therefore said to be proven secure (i.e. improving the secured message distributing rate) against certificateless access control and signcryption-based scheme. In addition, compared with the three other existing schemes, the CC-DIF scheme has the least computational cost and communication overhead for secured message communication in mobile network. PMID:29040290

Complex Conjugated certificateless-based signcryption with differential integrated factor for secured message communication in mobile network.

PubMed

Alagarsamy, Sumithra; Rajagopalan, S P

2017-01-01

Certificateless-based signcryption overcomes inherent shortcomings in traditional Public Key Infrastructure (PKI) and Key Escrow problem. It imparts efficient methods to design PKIs with public verifiability and cipher text authenticity with minimum dependency. As a classic primitive in public key cryptography, signcryption performs validity of cipher text without decryption by combining authentication, confidentiality, public verifiability and cipher text authenticity much more efficiently than the traditional approach. In this paper, we first define a security model for certificateless-based signcryption called, Complex Conjugate Differential Integrated Factor (CC-DIF) scheme by introducing complex conjugates through introduction of the security parameter and improving secured message distribution rate. However, both partial private key and secret value changes with respect to time. To overcome this weakness, a new certificateless-based signcryption scheme is proposed by setting the private key through Differential (Diff) Equation using an Integration Factor (DiffEIF), minimizing computational cost and communication overhead. The scheme is therefore said to be proven secure (i.e. improving the secured message distributing rate) against certificateless access control and signcryption-based scheme. In addition, compared with the three other existing schemes, the CC-DIF scheme has the least computational cost and communication overhead for secured message communication in mobile network.

An Efficient and Secure Arbitrary N-Party Quantum Key Agreement Protocol Using Bell States

NASA Astrophysics Data System (ADS)

Liu, Wen-Jie; Xu, Yong; Yang, Ching-Nung; Gao, Pei-Pei; Yu, Wen-Bin

2018-01-01

Two quantum key agreement protocols using Bell states and Bell measurement were recently proposed by Shukla et al. (Quantum Inf. Process. 13(11), 2391-2405, 2014). However, Zhu et al. pointed out that there are some security flaws and proposed an improved version (Quantum Inf. Process. 14(11), 4245-4254, 2015). In this study, we will show Zhu et al.'s improvement still exists some security problems, and its efficiency is not high enough. For solving these problems, we utilize four Pauli operations { I, Z, X, Y} to encode two bits instead of the original two operations { I, X} to encode one bit, and then propose an efficient and secure arbitrary N-party quantum key agreement protocol. In the protocol, the channel checking with decoy single photons is introduced to avoid the eavesdropper's flip attack, and a post-measurement mechanism is used to prevent against the collusion attack. The security analysis shows the present protocol can guarantee the correctness, security, privacy and fairness of quantum key agreement.

Parameter optimization in biased decoy-state quantum key distribution with both source errors and statistical fluctuations

NASA Astrophysics Data System (ADS)

Zhu, Jian-Rong; Li, Jian; Zhang, Chun-Mei; Wang, Qin

2017-10-01

The decoy-state method has been widely used in commercial quantum key distribution (QKD) systems. In view of the practical decoy-state QKD with both source errors and statistical fluctuations, we propose a universal model of full parameter optimization in biased decoy-state QKD with phase-randomized sources. Besides, we adopt this model to carry out simulations of two widely used sources: weak coherent source (WCS) and heralded single-photon source (HSPS). Results show that full parameter optimization can significantly improve not only the secure transmission distance but also the final key generation rate. And when taking source errors and statistical fluctuations into account, the performance of decoy-state QKD using HSPS suffered less than that of decoy-state QKD using WCS.

Server-Controlled Identity-Based Authenticated Key Exchange

NASA Astrophysics Data System (ADS)

Guo, Hua; Mu, Yi; Zhang, Xiyong; Li, Zhoujun

We present a threshold identity-based authenticated key exchange protocol that can be applied to an authenticated server-controlled gateway-user key exchange. The objective is to allow a user and a gateway to establish a shared session key with the permission of the back-end servers, while the back-end servers cannot obtain any information about the established session key. Our protocol has potential applications in strong access control of confidential resources. In particular, our protocol possesses the semantic security and demonstrates several highly-desirable security properties such as key privacy and transparency. We prove the security of the protocol based on the Bilinear Diffie-Hellman assumption in the random oracle model.

Automated secured cost effective key refreshing technique to enhance WiMAX privacy key management

NASA Astrophysics Data System (ADS)

Sridevi, B.; Sivaranjani, S.; Rajaram, S.

2013-01-01

In all walks of life the way of communication is transformed by the rapid growth of wireless communication and its pervasive use. A wireless network which is fixed and richer in bandwidth is specified as IEEE 802.16, promoted and launched by an industrial forum is termed as Worldwide Interoperability for Microwave Access (WiMAX). This technology enables seamless delivery of wireless broadband service for fixed and/or mobile users. The obscurity is the long delay which occurs during the handoff management in every network. Mobile WiMAX employs an authenticated key management protocol as a part of handoff management in which the Base Station (BS) controls the distribution of keying material to the Mobile Station (MS). The protocol employed is Privacy Key Management Version 2- Extensible Authentication Protocol (PKMV2-EAP) which is responsible for the normal and periodical authorization of MSs, reauthorization as well as key refreshing. Authorization key (AK) and Traffic Encryption key (TEK) plays a vital role in key exchange. When the lifetime of key expires, MS has to request for a new key to BS which in turn leads to repetition of authorization, authentication as well as key exchange. To avoid service interruption during reauthorization , two active keys are transmitted at the same time by BS to MS. The consequences of existing work are hefty amount of bandwidth utilization, time consumption and large storage. It is also endured by Man in the Middle attack and Impersonation due to lack of security in key exchange. This paper designs an automatic mutual refreshing of keys to minimize bandwidth utilization, key storage and time consumption by proposing Previous key and Iteration based Key Refreshing Function (PKIBKRF). By integrating PKIBKRF in key generation, the simulation results indicate that 21.8% of the bandwidth and storage of keys are reduced and PKMV2 mutual authentication time is reduced by 66.67%. The proposed work is simulated with Qualnet model and backed by MATLAB for processing and MYSQL for storing keys.

Measurement-Device-Independent Quantum Key Distribution over Untrustful Metropolitan Network

NASA Astrophysics Data System (ADS)

Tang, Yan-Lin; Yin, Hua-Lei; Zhao, Qi; Liu, Hui; Sun, Xiang-Xiang; Huang, Ming-Qi; Zhang, Wei-Jun; Chen, Si-Jing; Zhang, Lu; You, Li-Xing; Wang, Zhen; Liu, Yang; Lu, Chao-Yang; Jiang, Xiao; Ma, Xiongfeng; Zhang, Qiang; Chen, Teng-Yun; Pan, Jian-Wei

2016-01-01

Quantum cryptography holds the promise to establish an information-theoretically secure global network. All field tests of metropolitan-scale quantum networks to date are based on trusted relays. The security critically relies on the accountability of the trusted relays, which will break down if the relay is dishonest or compromised. Here, we construct a measurement-device-independent quantum key distribution (MDIQKD) network in a star topology over a 200-square-kilometer metropolitan area, which is secure against untrustful relays and against all detection attacks. In the field test, our system continuously runs through one week with a secure key rate 10 times larger than previous results. Our results demonstrate that the MDIQKD network, combining the best of both worlds—security and practicality, constitutes an appealing solution to secure metropolitan communications.

Three-factor anonymous authentication and key agreement scheme for Telecare Medicine Information Systems.

PubMed

Arshad, Hamed; Nikooghadam, Morteza

2014-12-01

Nowadays, with comprehensive employment of the internet, healthcare delivery services is provided remotely by telecare medicine information systems (TMISs). A secure mechanism for authentication and key agreement is one of the most important security requirements for TMISs. Recently, Tan proposed a user anonymity preserving three-factor authentication scheme for TMIS. The present paper shows that Tan's scheme is vulnerable to replay attacks and Denial-of-Service attacks. In order to overcome these security flaws, a new and efficient three-factor anonymous authentication and key agreement scheme for TMIS is proposed. Security and performance analysis shows superiority of the proposed scheme in comparison with previously proposed schemes that are related to security of TMISs.

Building a highly available and intrusion tolerant Database Security and Protection System (DSPS).

PubMed

Cai, Liang; Yang, Xiao-Hu; Dong, Jin-Xiang

2003-01-01

Database Security and Protection System (DSPS) is a security platform for fighting malicious DBMS. The security and performance are critical to DSPS. The authors suggested a key management scheme by combining the server group structure to improve availability and the key distribution structure needed by proactive security. This paper detailed the implementation of proactive security in DSPS. After thorough performance analysis, the authors concluded that the performance difference between the replicated mechanism and proactive mechanism becomes smaller and smaller with increasing number of concurrent connections; and that proactive security is very useful and practical for large, critical applications.

Digital security technology simplified.

PubMed

Scaglione, Bernard J

2007-01-01

Digital security technology is making great strides in replacing analog and other traditional security systems including CCTV card access, personal identification and alarm monitoring applications. Like any new technology, the author says, it is important to understand its benefits and limitations before purchasing and installing, to ensure its proper operation and effectiveness. This article is a primer for security directors on how digital technology works. It provides an understanding of the key components which make up the foundation for digital security systems, focusing on three key aspects of the digital security world: the security network, IP cameras and IP recorders.

Orthogonal-state-based cryptography in quantum mechanics and local post-quantum theories

NASA Astrophysics Data System (ADS)

Aravinda, S.; Banerjee, Anindita; Pathak, Anirban; Srikanth, R.

2014-02-01

We introduce the concept of cryptographic reduction, in analogy with a similar concept in computational complexity theory. In this framework, class A of crypto-protocols reduces to protocol class B in a scenario X, if for every instance a of A, there is an instance b of B and a secure transformation X that reproduces a given b, such that the security of b guarantees the security of a. Here we employ this reductive framework to study the relationship between security in quantum key distribution (QKD) and quantum secure direct communication (QSDC). We show that replacing the streaming of independent qubits in a QKD scheme by block encoding and transmission (permuting the order of particles block by block) of qubits, we can construct a QSDC scheme. This forms the basis for the block reduction from a QSDC class of protocols to a QKD class of protocols, whereby if the latter is secure, then so is the former. Conversely, given a secure QSDC protocol, we can of course construct a secure QKD scheme by transmitting a random key as the direct message. Then the QKD class of protocols is secure, assuming the security of the QSDC class which it is built from. We refer to this method of deduction of security for this class of QKD protocols, as key reduction. Finally, we propose an orthogonal-state-based deterministic key distribution (KD) protocol which is secure in some local post-quantum theories. Its security arises neither from geographic splitting of a code state nor from Heisenberg uncertainty, but from post-measurement disturbance.

Long-distance quantum key distribution with imperfect devices

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lo Piparo, Nicoló; Razavi, Mohsen

2014-12-04

Quantum key distribution over probabilistic quantum repeaters is addressed. We compare, under practical assumptions, two such schemes in terms of their secure key generation rate per memory, R{sub QKD}. The two schemes under investigation are the one proposed by Duan et al. in [Nat. 414, 413 (2001)] and that of Sangouard et al. proposed in [Phys. Rev. A 76, 050301 (2007)]. We consider various sources of imperfections in the latter protocol, such as a nonzero double-photon probability for the source, dark count per pulse, channel loss and inefficiencies in photodetectors and memories, to find the rate for different nesting levels.more » We determine the maximum value of the double-photon probability beyond which it is not possible to share a secret key anymore. We find the crossover distance for up to three nesting levels. We finally compare the two protocols.« less

Enhancement of security using structured phase masked in optical image encryption on Fresnel transform domain

NASA Astrophysics Data System (ADS)

Yadav, Poonam Lata; Singh, Hukum

2018-05-01

To enhance the security in optical image encryption system and to protect it from the attackers, this paper proposes new digital spiral phase mask based on Fresnel Transform. In this cryptosystem the Spiral Phase Mask (SPM) used is a hybrid of Fresnel Zone Plate (FZP) and Radial Hilbert Mask (RHM) which makes the key strong and enhances the security. The different keys used for encryption and decryption purposed make the system much more secure. Proposed scheme uses various structured phase mask which increases the key space also it increases the number of parameters which makes it difficult for the attackers to exactly find the key to recover the original image. We have also used different keys for encryption and decryption purpose to make the system much more secure. The strength of the proposed cryptosystem has been analyzed by simulating on MATLAB 7.9.0(R2008a). Mean Square Errors (MSE) and Peak Signal to Noise Ratio (PSNR) are calculated for the proposed algorithm. The experimental results are provided to highlight the effectiveness and sustainability of proposed cryptosystem and to prove that the cryptosystem is secure for usage.

Password-Only Authenticated Three-Party Key Exchange with Provable Security in the Standard Model

PubMed Central

Nam, Junghyun; Kim, Junghwan; Kang, Hyun-Kyu; Kim, Jinsoo; Paik, Juryon

2014-01-01

Protocols for password-only authenticated key exchange (PAKE) in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000), which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks. PMID:24977229

Experimental quantum key distribution with source flaws

NASA Astrophysics Data System (ADS)

Xu, Feihu; Wei, Kejin; Sajeed, Shihan; Kaiser, Sarah; Sun, Shihai; Tang, Zhiyuan; Qian, Li; Makarov, Vadim; Lo, Hoi-Kwong

2015-09-01

Decoy-state quantum key distribution (QKD) is a standard technique in current quantum cryptographic implementations. Unfortunately, existing experiments have two important drawbacks: the state preparation is assumed to be perfect without errors and the employed security proofs do not fully consider the finite-key effects for general attacks. These two drawbacks mean that existing experiments are not guaranteed to be proven to be secure in practice. Here, we perform an experiment that shows secure QKD with imperfect state preparations over long distances and achieves rigorous finite-key security bounds for decoy-state QKD against coherent attacks in the universally composable framework. We quantify the source flaws experimentally and demonstrate a QKD implementation that is tolerant to channel loss despite the source flaws. Our implementation considers more real-world problems than most previous experiments, and our theory can be applied to general discrete-variable QKD systems. These features constitute a step towards secure QKD with imperfect devices.

Symmetric Link Key Management for Secure Neighbor Discovery in a Decentralized Wireless Sensor Network

DTIC Science & Technology

2017-09-01

and to the Office of Management and Budget, Paperwork Reduction Project (0704-0188) Washington, DC 20503. 1. AGENCY USE ONLY (Leave blank) 2. REPORT...KEY MANAGEMENT FOR SECURE NEIGHBOR DISCOVERY IN A DECENTRALIZED WIRELESS SENSOR NETWORK by Kelvin T. Chew September 2017 Thesis Advisor...DATE September 2017 3. REPORT TYPE AND DATES COVERED Master’s thesis 4. TITLE AND SUBTITLE SYMMETRIC LINK KEY MANAGEMENT FOR SECURE NEIGHBOR

Modeling, Simulation and Analysis of Public Key Infrastructure

NASA Technical Reports Server (NTRS)

Liu, Yuan-Kwei; Tuey, Richard; Ma, Paul (Technical Monitor)

1998-01-01

Security is an essential part of network communication. The advances in cryptography have provided solutions to many of the network security requirements. Public Key Infrastructure (PKI) is the foundation of the cryptography applications. The main objective of this research is to design a model to simulate a reliable, scalable, manageable, and high-performance public key infrastructure. We build a model to simulate the NASA public key infrastructure by using SimProcess and MatLab Software. The simulation is from top level all the way down to the computation needed for encryption, decryption, digital signature, and secure web server. The application of secure web server could be utilized in wireless communications. The results of the simulation are analyzed and confirmed by using queueing theory.

Measurement-Device-Independent Quantum Key Distribution over 200 km

NASA Astrophysics Data System (ADS)

Tang, Yan-Lin; Yin, Hua-Lei; Chen, Si-Jing; Liu, Yang; Zhang, Wei-Jun; Jiang, Xiao; Zhang, Lu; Wang, Jian; You, Li-Xing; Guan, Jian-Yu; Yang, Dong-Xu; Wang, Zhen; Liang, Hao; Zhang, Zhen; Zhou, Nan; Ma, Xiongfeng; Chen, Teng-Yun; Zhang, Qiang; Pan, Jian-Wei

2014-11-01

Measurement-device-independent quantum key distribution (MDIQKD) protocol is immune to all attacks on detection and guarantees the information-theoretical security even with imperfect single-photon detectors. Recently, several proof-of-principle demonstrations of MDIQKD have been achieved. Those experiments, although novel, are implemented through limited distance with a key rate less than 0.1 bit /s . Here, by developing a 75 MHz clock rate fully automatic and highly stable system and superconducting nanowire single-photon detectors with detection efficiencies of more than 40%, we extend the secure transmission distance of MDIQKD to 200 km and achieve a secure key rate 3 orders of magnitude higher. These results pave the way towards a quantum network with measurement-device-independent security.

Interactive simulations for quantum key distribution

NASA Astrophysics Data System (ADS)

Kohnle, Antje; Rizzoli, Aluna

2017-05-01

Secure communication protocols are becoming increasingly important, e.g. for internet-based communication. Quantum key distribution (QKD) allows two parties, commonly called Alice and Bob, to generate a secret sequence of 0s and 1s called a key that is only known to themselves. Classically, Alice and Bob could never be certain that their communication was not compromised by a malicious eavesdropper. Quantum mechanics however makes secure communication possible. The fundamental principle of quantum mechanics that taking a measurement perturbs the system (unless the measurement is compatible with the quantum state) also applies to an eavesdropper. Using appropriate protocols to create the key, Alice and Bob can detect the presence of an eavesdropper by errors in their measurements. As part of the QuVis Quantum Mechanics Visualisation Project, we have developed a suite of four interactive simulations that demonstrate the basic principles of three different QKD protocols. The simulations use either polarised photons or spin 1/2 particles as physical realisations. The simulations and accompanying activities are freely available for use online or download, and run on a wide range of devices including tablets and PCs. Evaluation with students over three years was used to refine the simulations and activities. Preliminary studies show that the refined simulations and activities help students learn the basic principles of QKD at both the introductory and advanced undergraduate levels.

Quantum communication and information processing

NASA Astrophysics Data System (ADS)

Beals, Travis Roland

Quantum computers enable dramatically more efficient algorithms for solving certain classes of computational problems, but, in doing so, they create new problems. In particular, Shor's Algorithm allows for efficient cryptanalysis of many public-key cryptosystems. As public key cryptography is a critical component of present-day electronic commerce, it is crucial that a working, secure replacement be found. Quantum key distribution (QKD), first developed by C.H. Bennett and G. Brassard, offers a partial solution, but many challenges remain, both in terms of hardware limitations and in designing cryptographic protocols for a viable large-scale quantum communication infrastructure. In Part I, I investigate optical lattice-based approaches to quantum information processing. I look at details of a proposal for an optical lattice-based quantum computer, which could potentially be used for both quantum communications and for more sophisticated quantum information processing. In Part III, I propose a method for converting and storing photonic quantum bits in the internal state of periodically-spaced neutral atoms by generating and manipulating a photonic band gap and associated defect states. In Part II, I present a cryptographic protocol which allows for the extension of present-day QKD networks over much longer distances without the development of new hardware. I also present a second, related protocol which effectively solves the authentication problem faced by a large QKD network, thus making QKD a viable, information-theoretic secure replacement for public key cryptosystems.

Semi-quantum communication: protocols for key agreement, controlled secure direct communication and dialogue

NASA Astrophysics Data System (ADS)

Shukla, Chitra; Thapliyal, Kishore; Pathak, Anirban

2017-12-01

Semi-quantum protocols that allow some of the users to remain classical are proposed for a large class of problems associated with secure communication and secure multiparty computation. Specifically, first-time semi-quantum protocols are proposed for key agreement, controlled deterministic secure communication and dialogue, and it is shown that the semi-quantum protocols for controlled deterministic secure communication and dialogue can be reduced to semi-quantum protocols for e-commerce and private comparison (socialist millionaire problem), respectively. Complementing with the earlier proposed semi-quantum schemes for key distribution, secret sharing and deterministic secure communication, set of schemes proposed here and subsequent discussions have established that almost every secure communication and computation tasks that can be performed using fully quantum protocols can also be performed in semi-quantum manner. Some of the proposed schemes are completely orthogonal-state-based, and thus, fundamentally different from the existing semi-quantum schemes that are conjugate coding-based. Security, efficiency and applicability of the proposed schemes have been discussed with appropriate importance.

The application of data encryption technology in computer network communication security

NASA Astrophysics Data System (ADS)

Gong, Lina; Zhang, Li; Zhang, Wei; Li, Xuhong; Wang, Xia; Pan, Wenwen

2017-04-01

With the rapid development of Intemet and the extensive application of computer technology, the security of information becomes more and more serious, and the information security technology with data encryption technology as the core has also been developed greatly. Data encryption technology not only can encrypt and decrypt data, but also can realize digital signature, authentication and authentication and other functions, thus ensuring the confidentiality, integrity and confirmation of data transmission over the network. In order to improve the security of data in network communication, in this paper, a hybrid encryption system is used to encrypt and decrypt the triple DES algorithm with high security, and the two keys are encrypted with RSA algorithm, thus ensuring the security of the triple DES key and solving the problem of key management; At the same time to realize digital signature using Java security software, to ensure data integrity and non-repudiation. Finally, the data encryption system is developed by Java language. The data encryption system is simple and effective, with good security and practicality.

33 CFR 165.767 - Security Zone; Manbirtee Key, Port of Manatee, Florida.

Code of Federal Regulations, 2010 CFR

2010-07-01

..., DEPARTMENT OF HOMELAND SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY REGULATED NAVIGATION AREAS AND LIMITED ACCESS AREAS Specific Regulated Navigation Areas and Limited Access Areas Seventh Coast Guard District § 165.767 Security Zone; Manbirtee Key, Port of Manatee, Florida. (a) Regulated area. The following area...

A Novel Re-keying Function Protocol (NRFP) For Wireless Sensor Network Security

PubMed Central

Abdullah, Maan Younis; Hua, Gui Wei; Alsharabi, Naif

2008-01-01

This paper describes a novel re-keying function protocol (NRFP) for wireless sensor network security. A re-keying process management system for sensor networks is designed to support in-network processing. The design of the protocol is motivated by decentralization key management for wireless sensor networks (WSNs), covering key deployment, key refreshment, and key establishment. NRFP supports the establishment of novel administrative functions for sensor nodes that derive/re-derive a session key for each communication session. The protocol proposes direct connection, in-direct connection and hybrid connection. NRFP also includes an efficient protocol for local broadcast authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding innetwork processing. Security and performance analysis shows that it is very efficient in computation, communication and storage and, that NRFP is also effective in defending against many sophisticated attacks. PMID:27873963

A Novel Re-keying Function Protocol (NRFP) For Wireless Sensor Network Security.

PubMed

Abdullah, Maan Younis; Hua, Gui Wei; Alsharabi, Naif

2008-12-04

This paper describes a novel re-keying function protocol (NRFP) for wireless sensor network security. A re-keying process management system for sensor networks is designed to support in-network processing. The design of the protocol is motivated by decentralization key management for wireless sensor networks (WSNs), covering key deployment, key refreshment, and key establishment. NRFP supports the establishment of novel administrative functions for sensor nodes that derive/re-derive a session key for each communication session. The protocol proposes direct connection, in-direct connection and hybrid connection. NRFP also includes an efficient protocol for local broadcast authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding in-network processing. Security and performance analysis shows that it is very efficient in computation, communication and storage and, that NRFP is also effective in defending against many sophisticated attacks.

Utilizing the Digital Fingerprint Methodology for Secure Key Generation

DTIC Science & Technology

2010-03-01

circuits. 2.2.2. Arbiter PUF 2.2.1 Arbiter PUF Description Figure 3 represents the arbiter PUF circuitry designed by Suh and Devadas [4]. The D latch...Reliability The results of Suh and Devadas ‟s experiments on the arbiter PUF circuit showed that when the arbiter circuit output was measured for the...and Devada pointed out that this low percentage was the result of not laying out their circuit symmetrically as it appears in the idealized

Secure password-based authenticated key exchange for web services

DOE Office of Scientific and Technical Information (OSTI.GOV)

Liang, Fang; Meder, Samuel; Chevassut, Olivier

This paper discusses an implementation of an authenticated key-exchange method rendered on message primitives defined in the WS-Trust and WS-SecureConversation specifications. This IEEE-specified cryptographic method (AuthA) is proven-secure for password-based authentication and key exchange, while the WS-Trust and WS-Secure Conversation are emerging Web Services Security specifications that extend the WS-Security specification. A prototype of the presented protocol is integrated in the WSRF-compliant Globus Toolkit V4. Further hardening of the implementation is expected to result in a version that will be shipped with future Globus Toolkit releases. This could help to address the current unavailability of decent shared-secret-based authentication options inmore » the Web Services and Grid world. Future work will be to integrate One-Time-Password (OTP) features in the authentication protocol.« less

Finite-key security analysis of quantum key distribution with imperfect light sources

DOE PAGES

Mizutani, Akihiro; Curty, Marcos; Lim, Charles Ci Wen; ...

2015-09-09

In recent years, the gap between theory and practice in quantum key distribution (QKD) has been significantly narrowed, particularly for QKD systems with arbitrarily flawed optical receivers. The status for QKD systems with imperfect light sources is however less satisfactory, in the sense that the resulting secure key rates are often overly dependent on the quality of state preparation. This is especially the case when the channel loss is high. Very recently, to overcome this limitation, Tamaki et al proposed a QKD protocol based on the so-called 'rejected data analysis', and showed that its security in the limit of infinitelymore » long keys is almost independent of any encoding flaw in the qubit space, being this protocol compatible with the decoy state method. Here, as a step towards practical QKD, we show that a similar conclusion is reached in the finite-key regime, even when the intensity of the light source is unstable. More concretely, we derive security bounds for a wide class of realistic light sources and show that the bounds are also efficient in the presence of high channel loss. Our results strongly suggest the feasibility of long distance provably secure communication with imperfect light sources.« less

Practical challenges in quantum key distribution

DOE PAGES

Diamanti, Eleni; Lo, Hoi -Kwong; Qi, Bing; ...

2016-11-08

Here, quantum key distribution (QKD) promises unconditional security in data communication and is currently being deployed in commercial applications. Nonetheless, before QKD can be widely adopted, it faces a number of important challenges such as secret key rate, distance, size, cost and practical security. Here, we survey those key challenges and the approaches that are currently being taken to address them.

Practical challenges in quantum key distribution

DOE Office of Scientific and Technical Information (OSTI.GOV)

Diamanti, Eleni; Lo, Hoi -Kwong; Qi, Bing

Here, quantum key distribution (QKD) promises unconditional security in data communication and is currently being deployed in commercial applications. Nonetheless, before QKD can be widely adopted, it faces a number of important challenges such as secret key rate, distance, size, cost and practical security. Here, we survey those key challenges and the approaches that are currently being taken to address them.

Virtual-optical information security system based on public key infrastructure

NASA Astrophysics Data System (ADS)

Peng, Xiang; Zhang, Peng; Cai, Lilong; Niu, Hanben

2005-01-01

A virtual-optical based encryption model with the aid of public key infrastructure (PKI) is presented in this paper. The proposed model employs a hybrid architecture in which our previously published encryption method based on virtual-optics scheme (VOS) can be used to encipher and decipher data while an asymmetric algorithm, for example RSA, is applied for enciphering and deciphering the session key(s). The whole information security model is run under the framework of international standard ITU-T X.509 PKI, which is on basis of public-key cryptography and digital signatures. This PKI-based VOS security approach has additional features like confidentiality, authentication, and integrity for the purpose of data encryption under the environment of network. Numerical experiments prove the effectiveness of the method. The security of proposed model is briefly analyzed by examining some possible attacks from the viewpoint of a cryptanalysis.

On the security of Y-00 under fast correlation and other attacks on the key

NASA Astrophysics Data System (ADS)

Yuen, Horace P.; Nair, Ranjith

2007-04-01

The security of the Y-00 direct encryption protocol under correlation attack is addressed. A Y-00 configuration that is more secure than AES under known-plaintext attack is presented. It is shown that under any ciphertext-only attack, full information-theoretic security on the Y-00 seed key is obtained for any encryption box ENC with proper deliberate signal randomization.

An Extended Chaotic Maps-Based Three-Party Password-Authenticated Key Agreement with User Anonymity

PubMed Central

Lu, Yanrong; Li, Lixiang; Zhang, Hao; Yang, Yixian

2016-01-01

User anonymity is one of the key security features of an authenticated key agreement especially for communicating messages via an insecure network. Owing to the better properties and higher performance of chaotic theory, the chaotic maps have been introduced into the security schemes, and hence numerous key agreement schemes have been put forward under chaotic-maps. Recently, Xie et al. released an enhanced scheme under Farash et al.’s scheme and claimed their improvements could withstand the security loopholes pointed out in the scheme of Farash et al., i.e., resistance to the off-line password guessing and user impersonation attacks. Nevertheless, through our careful analysis, the improvements were released by Xie et al. still could not solve the problems troubled in Farash et al‥ Besides, Xie et al.’s improvements failed to achieve the user anonymity and the session key security. With the purpose of eliminating the security risks of the scheme of Xie et al., we design an anonymous password-based three-party authenticated key agreement under chaotic maps. Both the formal analysis and the formal security verification using AVISPA are presented. Also, BAN logic is used to show the correctness of the enhancements. Furthermore, we also demonstrate that the design thwarts most of the common attacks. We also make a comparison between the recent chaotic-maps based schemes and our enhancements in terms of performance. PMID:27101305

Operation of remote mobile sensors for security of drinking water distribution systems.

PubMed

Perelman, By Lina; Ostfeld, Avi

2013-09-01

The deployment of fixed online water quality sensors in water distribution systems has been recognized as one of the key components of contamination warning systems for securing public health. This study proposes to explore how the inclusion of mobile sensors for inline monitoring of various water quality parameters (e.g., residual chlorine, pH) can enhance water distribution system security. Mobile sensors equipped with sampling, sensing, data acquisition, wireless transmission and power generation systems are being designed, fabricated, and tested, and prototypes are expected to be released in the very near future. This study initiates the development of a theoretical framework for modeling mobile sensor movement in water distribution systems and integrating the sensory data collected from stationary and non-stationary sensor nodes to increase system security. The methodology is applied and demonstrated on two benchmark networks. Performance of different sensor network designs are compared for fixed and combined fixed and mobile sensor networks. Results indicate that complementing online sensor networks with inline monitoring can increase detection likelihood and decrease mean time to detection. Copyright © 2013 Elsevier Ltd. All rights reserved.

Quantum key distribution with hacking countermeasures and long term field trial.

PubMed

Dixon, A R; Dynes, J F; Lucamarini, M; Fröhlich, B; Sharpe, A W; Plews, A; Tam, W; Yuan, Z L; Tanizawa, Y; Sato, H; Kawamura, S; Fujiwara, M; Sasaki, M; Shields, A J

2017-05-16

Quantum key distribution's (QKD's) central and unique claim is information theoretic security. However there is an increasing understanding that the security of a QKD system relies not only on theoretical security proofs, but also on how closely the physical system matches the theoretical models and prevents attacks due to discrepancies. These side channel or hacking attacks exploit physical devices which do not necessarily behave precisely as the theory expects. As such there is a need for QKD systems to be demonstrated to provide security both in the theoretical and physical implementation. We report here a QKD system designed with this goal in mind, providing a more resilient target against possible hacking attacks including Trojan horse, detector blinding, phase randomisation and photon number splitting attacks. The QKD system was installed into a 45 km link of a metropolitan telecom network for a 2.5 month period, during which time the system operated continuously and distributed 1.33 Tbits of secure key data with a stable secure key rate over 200 kbit/s. In addition security is demonstrated against coherent attacks that are more general than the collective class of attacks usually considered.

Technologies for Achieving Field Ubiquitous Computing

NASA Astrophysics Data System (ADS)

Nagashima, Akira

Although the term “ubiquitous” may sound like jargon used in information appliances, ubiquitous computing is an emerging concept in industrial automation. This paper presents the author's visions of field ubiquitous computing, which is based on the novel Internet Protocol IPv6. IPv6-based instrumentation will realize the next generation manufacturing excellence. This paper focuses on the following five key issues: 1. IPv6 standardization; 2. IPv6 interfaces embedded in field devices; 3. Compatibility with FOUNDATION fieldbus; 4. Network securities for field applications; and 5. Wireless technologies to complement IP instrumentation. Furthermore, the principles of digital plant operations and ubiquitous production to support the above key technologies to achieve field ubiquitous systems are discussed.

Three-pass protocol scheme for bitmap image security by using vernam cipher algorithm

NASA Astrophysics Data System (ADS)

Rachmawati, D.; Budiman, M. A.; Aulya, L.

2018-02-01

Confidentiality, integrity, and efficiency are the crucial aspects of data security. Among the other digital data, image data is too prone to abuse of operation like duplication, modification, etc. There are some data security techniques, one of them is cryptography. The security of Vernam Cipher cryptography algorithm is very dependent on the key exchange process. If the key is leaked, security of this algorithm will collapse. Therefore, a method that minimizes key leakage during the exchange of messages is required. The method which is used, is known as Three-Pass Protocol. This protocol enables message delivery process without the key exchange. Therefore, the sending messages process can reach the receiver safely without fear of key leakage. The system is built by using Java programming language. The materials which are used for system testing are image in size 200×200 pixel, 300×300 pixel, 500×500 pixel, 800×800 pixel and 1000×1000 pixel. The result of experiments showed that Vernam Cipher algorithm in Three-Pass Protocol scheme could restore the original image.

Information Security Scheme Based on Computational Temporal Ghost Imaging.

PubMed

Jiang, Shan; Wang, Yurong; Long, Tao; Meng, Xiangfeng; Yang, Xiulun; Shu, Rong; Sun, Baoqing

2017-08-09

An information security scheme based on computational temporal ghost imaging is proposed. A sequence of independent 2D random binary patterns are used as encryption key to multiply with the 1D data stream. The cipher text is obtained by summing the weighted encryption key. The decryption process can be realized by correlation measurement between the encrypted information and the encryption key. Due to the instinct high-level randomness of the key, the security of this method is greatly guaranteed. The feasibility of this method and robustness against both occlusion and additional noise attacks are discussed with simulation, respectively.

Parameter Estimation with Almost No Public Communication for Continuous-Variable Quantum Key Distribution

NASA Astrophysics Data System (ADS)

Lupo, Cosmo; Ottaviani, Carlo; Papanastasiou, Panagiotis; Pirandola, Stefano

2018-06-01

One crucial step in any quantum key distribution (QKD) scheme is parameter estimation. In a typical QKD protocol the users have to sacrifice part of their raw data to estimate the parameters of the communication channel as, for example, the error rate. This introduces a trade-off between the secret key rate and the accuracy of parameter estimation in the finite-size regime. Here we show that continuous-variable QKD is not subject to this constraint as the whole raw keys can be used for both parameter estimation and secret key generation, without compromising the security. First, we show that this property holds for measurement-device-independent (MDI) protocols, as a consequence of the fact that in a MDI protocol the correlations between Alice and Bob are postselected by the measurement performed by an untrusted relay. This result is then extended beyond the MDI framework by exploiting the fact that MDI protocols can simulate device-dependent one-way QKD with arbitrarily high precision.

Securing electronic health records with novel mobile encryption schemes.

PubMed

Weerasinghe, Dasun; Elmufti, Kalid; Rajarajan, Muttukrishnan; Rakocevic, Veselin

2007-01-01

Mobile devices have penetrated the healthcare sector due to their increased functionality, low cost, high reliability and easy-to-use nature. However, in healthcare applications the privacy and security of the transmitted information must be preserved. Therefore applications require a concrete security framework based on long-term security keys, such as the security key that can be found in a mobile Subscriber Identity Module (SIM). The wireless nature of communication links in mobile networks presents a major challenge in this respect. This paper presents a novel protocol that will send the information securely while including the access privileges to the authorized recipient.

A Secure Group Communication Architecture for a Swarm of Autonomous Unmanned Aerial Vehicles

DTIC Science & Technology

2008-03-01

members to use the same decryption key. This shared decryption key is called the Session Encryption Key ( SEK ) or Traffic Encryption Key (TEK...Since everyone shares the SEK , members need to hold additional Key Encryption Keys (KEK) that are used to securely distribute the SEK to each valid...managing this process. To preserve the secrecy of the multicast data, the SEK needs to be updated upon certain events such as a member joining and

Market Evolution: Wholesale Electricity Market Design for 21st Century Power Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Cochran, Jaquelin; Miller, Mackay; Milligan, Michael

2013-10-01

Demand for affordable, reliable, domestically sourced, and low-carbon electricity is on the rise. This growing demand is driven in part by evolving public policy priorities, especially reducing the health and environmental impacts of electricity service and expanding energy access to under-served customers. Consequently, variable renewable energy resources comprise an increasing share ofelectricity generation globally. At the same time, new opportunities for addressing the variability of renewables are being strengthened through advances in smart grids, communications, and technologies that enable dispatchable demand response and distributed generation to extend to the mass market. A key challenge of merging these opportunities is marketmore » design -- determining how to createincentives and compensate providers justly for attributes and performance that ensure a reliable and secure grid -- in a context that fully realizes the potential of a broad array of sources of flexibility in both the wholesale power and retail markets. This report reviews the suite of wholesale power market designs in use and under consideration to ensure adequacy, security, and flexibilityin a landscape of significant variable renewable energy. It also examines considerations needed to ensure that wholesale market designs are inclusive of emerging technologies, such as demand response, distributed generation, and storage.« less

Continuous variable quantum key distribution: finite-key analysis of composable security against coherent attacks.

PubMed

Furrer, F; Franz, T; Berta, M; Leverrier, A; Scholz, V B; Tomamichel, M; Werner, R F

2012-09-07

We provide a security analysis for continuous variable quantum key distribution protocols based on the transmission of two-mode squeezed vacuum states measured via homodyne detection. We employ a version of the entropic uncertainty relation for smooth entropies to give a lower bound on the number of secret bits which can be extracted from a finite number of runs of the protocol. This bound is valid under general coherent attacks, and gives rise to keys which are composably secure. For comparison, we also give a lower bound valid under the assumption of collective attacks. For both scenarios, we find positive key rates using experimental parameters reachable today.

Unified Compact ECC-AES Co-Processor with Group-Key Support for IoT Devices in Wireless Sensor Networks

PubMed Central

Castillo, Encarnación; López-Ramos, Juan A.; Morales, Diego P.

2018-01-01

Security is a critical challenge for the effective expansion of all new emerging applications in the Internet of Things paradigm. Therefore, it is necessary to define and implement different mechanisms for guaranteeing security and privacy of data interchanged within the multiple wireless sensor networks being part of the Internet of Things. However, in this context, low power and low area are required, limiting the resources available for security and thus hindering the implementation of adequate security protocols. Group keys can save resources and communications bandwidth, but should be combined with public key cryptography to be really secure. In this paper, a compact and unified co-processor for enabling Elliptic Curve Cryptography along to Advanced Encryption Standard with low area requirements and Group-Key support is presented. The designed co-processor allows securing wireless sensor networks with independence of the communications protocols used. With an area occupancy of only 2101 LUTs over Spartan 6 devices from Xilinx, it requires 15% less area while achieving near 490% better performance when compared to cryptoprocessors with similar features in the literature. PMID:29337921

Unified Compact ECC-AES Co-Processor with Group-Key Support for IoT Devices in Wireless Sensor Networks.

PubMed

Parrilla, Luis; Castillo, Encarnación; López-Ramos, Juan A; Álvarez-Bermejo, José A; García, Antonio; Morales, Diego P

2018-01-16

Security is a critical challenge for the effective expansion of all new emerging applications in the Internet of Things paradigm. Therefore, it is necessary to define and implement different mechanisms for guaranteeing security and privacy of data interchanged within the multiple wireless sensor networks being part of the Internet of Things. However, in this context, low power and low area are required, limiting the resources available for security and thus hindering the implementation of adequate security protocols. Group keys can save resources and communications bandwidth, but should be combined with public key cryptography to be really secure. In this paper, a compact and unified co-processor for enabling Elliptic Curve Cryptography along to Advanced Encryption Standard with low area requirements and Group-Key support is presented. The designed co-processor allows securing wireless sensor networks with independence of the communications protocols used. With an area occupancy of only 2101 LUTs over Spartan 6 devices from Xilinx, it requires 15% less area while achieving near 490% better performance when compared to cryptoprocessors with similar features in the literature.

ADVANCED CERAMIC MATERIALS FOR NEXT-GENERATION NUCLEAR APPLICATIONS

DOE Office of Scientific and Technical Information (OSTI.GOV)

Marra, J.

2010-09-29

Rising global energy demands coupled with increased environmental concerns point to one solution; they must reduce their dependence on fossil fuels that emit greenhouse gases. As the global community faces the challenge of maintaining sovereign nation security, reducing greenhouse gases, and addressing climate change nuclear power will play a significant and likely growing role. In the US, nuclear energy already provides approximately one-fifth of the electricity used to power factories, offices, homes, and schools with 104 operating nuclear power plants, located at 65 sites in 31 states. Additionally, 19 utilities have applied to the US Nuclear Regulatory Commission (NRC) formore » construction and operating licenses for 26 new reactors at 17 sites. This planned growth of nuclear power is occurring worldwide and has been termed the 'nuclear renaissance.' As major industrial nations craft their energy future, there are several important factors that must be considered about nuclear energy: (1) it has been proven over the last 40 years to be safe, reliable and affordable (good for Economic Security); (2) its technology and fuel can be domestically produced or obtained from allied nations (good for Energy Security); and (3) it is nearly free of greenhouse gas emissions (good for Environmental Security). Already an important part of worldwide energy security via electricity generation, nuclear energy can also potentially play an important role in industrial processes and supporting the nation's transportation sector. Coal-to-liquid processes, the generation of hydrogen and supporting the growing potential for a greatly increased electric transportation system (i.e. cars and trains) mean that nuclear energy could see dramatic growth in the near future as we seek to meet our growing demand for energy in cleaner, more secure ways. In order to address some of the prominent issues associated with nuclear power generation (i.e., high capital costs, waste management, and proliferation), the worldwide community is working to develop and deploy new nuclear energy systems and advanced fuel cycles. These new nuclear systems address the key challenges and include: (1) extracting the full energy value of the nuclear fuel; (2) creating waste solutions with improved long term safety; (3) minimizing the potential for the misuse of the technology and materials for weapons; (4) continually improving the safety of nuclear energy systems; and (5) keeping the cost of energy affordable.« less

Secure Cryptographic Key Management System (CKMS) Considerations for Smart Grid Devices

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Sheldon, Frederick T; Aldridge, Hal

2011-01-01

In this paper, we examine some unique challenges associated with key management in the Smart Grid and concomitant research initiatives: 1) effectively model security requirements and their implementations, and 2) manage keys and key distribution for very large scale deployments such as Smart Meters over a long period of performance. This will set the stage to: 3) develop innovative, low cost methods to protect keying material, and 4) provide high assurance authentication services. We will present our perspective on key management and will discuss some key issues within the life cycle of a cryptographic key designed to achieve the following:more » 1) control systems designed, installed, operated, and maintained to survive an intentional cyber assault with no loss of critical function, and 2) widespread implementation of methods for secure communication between remote access devices and control centers that are scalable and cost-effective to deploy.« less

Unconditional security of quantum key distribution over arbitrarily long distances

PubMed

Lo; Chau

1999-03-26

Quantum key distribution is widely thought to offer unconditional security in communication between two users. Unfortunately, a widely accepted proof of its security in the presence of source, device, and channel noises has been missing. This long-standing problem is solved here by showing that, given fault-tolerant quantum computers, quantum key distribution over an arbitrarily long distance of a realistic noisy channel can be made unconditionally secure. The proof is reduced from a noisy quantum scheme to a noiseless quantum scheme and then from a noiseless quantum scheme to a noiseless classical scheme, which can then be tackled by classical probability theory.

Collective attacks and unconditional security in continuous variable quantum key distribution.

PubMed

Grosshans, Frédéric

2005-01-21

We present here an information theoretic study of Gaussian collective attacks on the continuous variable key distribution protocols based on Gaussian modulation of coherent states. These attacks, overlooked in previous security studies, give a finite advantage to the eavesdropper in the experimentally relevant lossy channel, but are not powerful enough to reduce the range of the reverse reconciliation protocols. Secret key rates are given for the ideal case where Bob performs optimal collective measurements, as well as for the realistic cases where he performs homodyne or heterodyne measurements. We also apply the generic security proof of Christiandl et al. to obtain unconditionally secure rates for these protocols.

78 FR 23969 - Ewan 1, INC. n/k/a AccessKey IP, Inc.; Order of Suspension of Trading

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-23

... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] Ewan 1, INC. n/k/a AccessKey IP, Inc.; Order of Suspension of Trading April 19, 2013. It appears to the Securities and Exchange Commission that... AccessKey IP, Inc. (``AccessKey'') because it has not filed a periodic report since it filed its...

Road Map for National Security: Imperative for Change The Phase III Report of the U.S. Commission on National Security/21st Century

DTIC Science & Technology

2001-01-31

before the nation, and to produce organizational competence capable of addressing those problems creatively. The key to our vision is the need for...influence and critical leadership role. We offer recommendations for organizational change in five key areas: ● ensuring the security of the American...homeland; ● recapitalizing America’s strengths in science and education; ● redesigning key institutions of the Executive Branch; ● overhauling the

A Secure Authenticated Key Exchange Protocol for Credential Services

NASA Astrophysics Data System (ADS)

Shin, Seonghan; Kobara, Kazukuni; Imai, Hideki

In this paper, we propose a leakage-resilient and proactive authenticated key exchange (called LRP-AKE) protocol for credential services which provides not only a higher level of security against leakage of stored secrets but also secrecy of private key with respect to the involving server. And we show that the LRP-AKE protocol is provably secure in the random oracle model with the reduction to the computational Difie-Hellman problem. In addition, we discuss about some possible applications of the LRP-AKE protocol.

Iteration and superposition encryption scheme for image sequences based on multi-dimensional keys

NASA Astrophysics Data System (ADS)

Han, Chao; Shen, Yuzhen; Ma, Wenlin

2017-12-01

An iteration and superposition encryption scheme for image sequences based on multi-dimensional keys is proposed for high security, big capacity and low noise information transmission. Multiple images to be encrypted are transformed into phase-only images with the iterative algorithm and then are encrypted by different random phase, respectively. The encrypted phase-only images are performed by inverse Fourier transform, respectively, thus new object functions are generated. The new functions are located in different blocks and padded zero for a sparse distribution, then they propagate to a specific region at different distances by angular spectrum diffraction, respectively and are superposed in order to form a single image. The single image is multiplied with a random phase in the frequency domain and then the phase part of the frequency spectrums is truncated and the amplitude information is reserved. The random phase, propagation distances, truncated phase information in frequency domain are employed as multiple dimensional keys. The iteration processing and sparse distribution greatly reduce the crosstalk among the multiple encryption images. The superposition of image sequences greatly improves the capacity of encrypted information. Several numerical experiments based on a designed optical system demonstrate that the proposed scheme can enhance encrypted information capacity and make image transmission at a highly desired security level.

Source-Independent Quantum Random Number Generation

NASA Astrophysics Data System (ADS)

Cao, Zhu; Zhou, Hongyi; Yuan, Xiao; Ma, Xiongfeng

2016-01-01

Quantum random number generators can provide genuine randomness by appealing to the fundamental principles of quantum mechanics. In general, a physical generator contains two parts—a randomness source and its readout. The source is essential to the quality of the resulting random numbers; hence, it needs to be carefully calibrated and modeled to achieve information-theoretical provable randomness. However, in practice, the source is a complicated physical system, such as a light source or an atomic ensemble, and any deviations in the real-life implementation from the theoretical model may affect the randomness of the output. To close this gap, we propose a source-independent scheme for quantum random number generation in which output randomness can be certified, even when the source is uncharacterized and untrusted. In our randomness analysis, we make no assumptions about the dimension of the source. For instance, multiphoton emissions are allowed in optical implementations. Our analysis takes into account the finite-key effect with the composable security definition. In the limit of large data size, the length of the input random seed is exponentially small compared to that of the output random bit. In addition, by modifying a quantum key distribution system, we experimentally demonstrate our scheme and achieve a randomness generation rate of over 5 ×103 bit /s .

Entanglement-based Free Space Quantum Cryptography in Daylight

NASA Astrophysics Data System (ADS)

Gerhardt, Ilja; Peloso, Matthew P.; Ho, Caleb; Lamas-Linares, Antia; Kurtsiefer, Christian

2009-05-01

In quantum key distribution (QKD) two families of protocols are established: One, based on preparing and sending approximations of single photons, the other based on measurements on entangled photon pairs, which allow to establish a secret key using less assumptions on the size of a Hilbert space. The larger optical bandwidth of photon pairs in comparison with light used for the first family makes establishing a free space link challenging. We present a complete entanglement based QKD system following the BBM92 protocol, which generates a secure key continuously 24 hours a day between distant parties. Spectral, spatial and temporal filtering schemes were introduced to a previous setup, suppressing more than 30,B of background. We are able to establish the link during daytime, and have developed an algorithm to start and maintain time synchronization with simple crystal oscillators.

Four-State Continuous-Variable Quantum Key Distribution with Photon Subtraction

NASA Astrophysics Data System (ADS)

Li, Fei; Wang, Yijun; Liao, Qin; Guo, Ying

2018-06-01

Four-state continuous-variable quantum key distribution (CVQKD) is one of the discretely modulated CVQKD which generates four nonorthogonal coherent states and exploits the sign of the measured quadrature of each state to encode information rather than uses the quadrature \\hat {x} or \\hat {p} itself. It has been proven that four-state CVQKD is more suitable than Gaussian modulated CVQKD in terms of transmission distance. In this paper, we propose an improved four-state CVQKD using an non-Gaussian operation, photon subtraction. A suitable photon-subtraction operation can be exploited to improve the maximal transmission of CVQKD in point-to-point quantum communication since it provides a method to enhance the performance of entanglement-based (EB) CVQKD. Photon subtraction not only can lengthen the maximal transmission distance by increasing the signal-to-noise rate but also can be easily implemented with existing technologies. Security analysis shows that the proposed scheme can lengthen the maximum transmission distance. Furthermore, by taking finite-size effect into account we obtain a tighter bound of the secure distance, which is more practical than that obtained in the asymptotic limit.

Security of counterfactual quantum cryptography

NASA Astrophysics Data System (ADS)

Yin, Zhen-Qiang; Li, Hong-Wei; Chen, Wei; Han, Zheng-Fu; Guo, Guang-Can

2010-10-01

Recently, a “counterfactual” quantum-key-distribution scheme was proposed by T.-G. Noh [Phys. Rev. Lett.PRLTAO0031-900710.1103/PhysRevLett.103.230501 103, 230501 (2009)]. In this scheme, two legitimate distant peers may share secret keys even when the information carriers are not traveled in the quantum channel. We find that this protocol is equivalent to an entanglement distillation protocol. According to this equivalence, a strict security proof and the asymptotic key bit rate are both obtained when a perfect single-photon source is applied and a Trojan horse attack can be detected. We also find that the security of this scheme is strongly related to not only the bit error rate but also the yields of photons. And our security proof may shed light on the security of other two-way protocols.

Security of counterfactual quantum cryptography

DOE Office of Scientific and Technical Information (OSTI.GOV)

Yin Zhenqiang; Li Hongwei; Chen Wei

2010-10-15

Recently, a 'counterfactual' quantum-key-distribution scheme was proposed by T.-G. Noh [Phys. Rev. Lett. 103, 230501 (2009)]. In this scheme, two legitimate distant peers may share secret keys even when the information carriers are not traveled in the quantum channel. We find that this protocol is equivalent to an entanglement distillation protocol. According to this equivalence, a strict security proof and the asymptotic key bit rate are both obtained when a perfect single-photon source is applied and a Trojan horse attack can be detected. We also find that the security of this scheme is strongly related to not only the bitmore » error rate but also the yields of photons. And our security proof may shed light on the security of other two-way protocols.« less

Evidence-based health policy: three generations of reform in Mexico.

PubMed

Frenk, Julio; Sepúlveda, Jaime; Gómez-Dantés, Octavio; Knaul, Felicia

2003-11-15

The Mexican health system has evolved through three generations of reform. The creation of the Ministry of Health and the main social security agency in 1943 marked the first generation of health reforms. In the late 1970s, a second generation of reforms was launched around the primary health-care model. Third-generation reforms favour systemic changes to reorganise the system through the horizontal integration of basic functions-stewardship, financing, and provision. The stability of leadership in the health sector is emphasised as a key element that allowed for reform during the past 60 years. Furthermore, there has been a transition in the second generation of reforms to a model that is increasingly based on evidence; this has been intensified and extended in the third generation of reforms. We also examine policy developments that will provide social protection in health for all. These developments could be of interest for countries seeking to provide their citizens with universal access to health care that incorporates equity, quality, and financial protection.

Tomographic quantum cryptography

DOE Office of Scientific and Technical Information (OSTI.GOV)

Liang, Yeong Cherng; Kaszlikowski, Dagomir; Englert, Berthold-Georg

2003-08-01

We present a protocol for quantum cryptography in which the data obtained for mismatched bases are used in full for the purpose of quantum state tomography. Eavesdropping on the quantum channel is seriously impeded by requiring that the outcome of the tomography is consistent with unbiased noise in the channel. We study the incoherent eavesdropping attacks that are still permissible and establish under which conditions a secure cryptographic key can be generated. The whole analysis is carried out for channels that transmit quantum systems of any finite dimension.

Symmetric and asymmetric hybrid cryptosystem based on compressive sensing and computer generated holography

NASA Astrophysics Data System (ADS)

Ma, Lihong; Jin, Weimin

2018-01-01

A novel symmetric and asymmetric hybrid optical cryptosystem is proposed based on compressive sensing combined with computer generated holography. In this method there are six encryption keys, among which two decryption phase masks are different from the two random phase masks used in the encryption process. Therefore, the encryption system has the feature of both symmetric and asymmetric cryptography. On the other hand, because computer generated holography can flexibly digitalize the encrypted information and compressive sensing can significantly reduce data volume, what is more, the final encryption image is real function by phase truncation, the method favors the storage and transmission of the encryption data. The experimental results demonstrate that the proposed encryption scheme boosts the security and has high robustness against noise and occlusion attacks.

Counterfactual attack on counterfactual quantum key distribution

NASA Astrophysics Data System (ADS)

Zhang, Sheng; Wnang, Jian; Tang, Chao Jing

2012-05-01

It is interesting that counterfactual quantum cryptography protocols allow two remotely separated parties to share a secret key without transmitting any signal particles. Generally, these protocols, expected to provide security advantages, base their security on a translated no-cloning theorem. Therefore, they potentially exhibit unconditional security in theory. In this letter, we propose a new Trojan horse attack, by which an eavesdropper Eve can gain full information about the key without being noticed, to real implementations of a counterfactual quantum cryptography system. Most importantly, the presented attack is available even if the system has negligible imperfections. Therefore, it shows that the present realization of counterfactual quantum key distribution is vulnerable.

[Principles and methodology for ecological rehabilitation and security pattern design in key project construction].

PubMed

Chen, Li-Ding; Lu, Yi-He; Tian, Hui-Ying; Shi, Qian

2007-03-01

Global ecological security becomes increasingly important with the intensive human activities. The function of ecological security is influenced by human activities, and in return, the efficiency of human activities will also be affected by the patterns of regional ecological security. Since the 1990s, China has initiated the construction of key projects "Yangtze Three Gorges Dam", "Qinghai-Tibet Railway", "West-to-East Gas Pipeline", "West-to-East Electricity Transmission" and "South-to-North Water Transfer" , etc. The interaction between these projects and regional ecological security has particularly attracted the attention of Chinese government. It is not only important for the regional environmental protection, but also of significance for the smoothly implementation of various projects aimed to develop an ecological rehabilitation system and to design a regional ecological security pattern. This paper made a systematic analysis on the types and characteristics of key project construction and their effects on the environment, and on the basis of this, brought forward the basic principles and methodology for ecological rehabilitation and security pattern design in this construction. It was considered that the following issues should be addressed in the implementation of a key project: 1) analysis and evaluation of current regional ecological environment, 2) evaluation of anthropogenic disturbances and their ecological risk, 3) regional ecological rehabilitation and security pattern design, 4) scenario analysis of environmental benefits of regional ecological security pattern, 5) re-optimization of regional ecological system framework, and 6) establishment of regional ecosystem management plan.

Multivariate Cryptography Based on Clipped Hopfield Neural Network.

PubMed

Wang, Jia; Cheng, Lee-Ming; Su, Tong

2018-02-01

Designing secure and efficient multivariate public key cryptosystems [multivariate cryptography (MVC)] to strengthen the security of RSA and ECC in conventional and quantum computational environment continues to be a challenging research in recent years. In this paper, we will describe multivariate public key cryptosystems based on extended Clipped Hopfield Neural Network (CHNN) and implement it using the MVC (CHNN-MVC) framework operated in space. The Diffie-Hellman key exchange algorithm is extended into the matrix field, which illustrates the feasibility of its new applications in both classic and postquantum cryptography. The efficiency and security of our proposed new public key cryptosystem CHNN-MVC are simulated and found to be NP-hard. The proposed algorithm will strengthen multivariate public key cryptosystems and allows hardware realization practicality.

The Power of Proofs-of-Possession: Securing Multiparty Signatures against Rogue-Key Attacks

NASA Astrophysics Data System (ADS)

Ristenpart, Thomas; Yilek, Scott

Multiparty signature protocols need protection against rogue-key attacks, made possible whenever an adversary can choose its public key(s) arbitrarily. For many schemes, provable security has only been established under the knowledge of secret key (KOSK) assumption where the adversary is required to reveal the secret keys it utilizes. In practice, certifying authorities rarely require the strong proofs of knowledge of secret keys required to substantiate the KOSK assumption. Instead, proofs of possession (POPs) are required and can be as simple as just a signature over the certificate request message. We propose a general registered key model, within which we can model both the KOSK assumption and in-use POP protocols. We show that simple POP protocols yield provable security of Boldyreva's multisignature scheme [11], the LOSSW multisignature scheme [28], and a 2-user ring signature scheme due to Bender, Katz, and Morselli [10]. Our results are the first to provide formal evidence that POPs can stop rogue-key attacks.

Efficient biometric authenticated key agreements based on extended chaotic maps for telecare medicine information systems.

PubMed

Lou, Der-Chyuan; Lee, Tian-Fu; Lin, Tsung-Hung

2015-05-01

Authenticated key agreements for telecare medicine information systems provide patients, doctors, nurses and health visitors with accessing medical information systems and getting remote services efficiently and conveniently through an open network. In order to have higher security, many authenticated key agreement schemes appended biometric keys to realize identification except for using passwords and smartcards. Due to too many transmissions and computational costs, these authenticated key agreement schemes are inefficient in communication and computation. This investigation develops two secure and efficient authenticated key agreement schemes for telecare medicine information systems by using biometric key and extended chaotic maps. One scheme is synchronization-based, while the other nonce-based. Compared to related approaches, the proposed schemes not only retain the same security properties with previous schemes, but also provide users with privacy protection and have fewer transmissions and lower computational cost.

Security scheme in IMDD-OFDM-PON system with the chaotic pilot interval and scrambling

NASA Astrophysics Data System (ADS)

Chen, Qianghua; Bi, Meihua; Fu, Xiaosong; Lu, Yang; Zeng, Ran; Yang, Guowei; Yang, Xuelin; Xiao, Shilin

2018-01-01

In this paper, a random chaotic pilot interval and permutations scheme without any requirement of redundant sideband information is firstly proposed for the physical layer security-enhanced intensity modulation direct detection orthogonal frequency division multiplexing passive optical network (IMDD-OFDM-PON) system. With the help of the position feature of inserting the pilot, a simple logistic chaos map is used to generate the random pilot interval and scramble the chaotic subcarrier allocation of each column pilot data for improving the physical layer confidentiality. Due to the dynamic chaotic permutations of pilot data, the enhanced key space of ∼103303 is achieved in OFDM-PON. Moreover, the transmission experiment of 10-Gb/s 16-QAM encrypted OFDM data is successfully demonstrated over 20-km single-mode fiber, which indicates that the proposed scheme not only improves the system security, but also can achieve the same performance as in the common IMDD-OFDM-PON system without encryption scheme.

Enhancement of A5/1 encryption algorithm

NASA Astrophysics Data System (ADS)

Thomas, Ria Elin; Chandhiny, G.; Sharma, Katyayani; Santhi, H.; Gayathri, P.

2017-11-01

Mobiles have become an integral part of today’s world. Various standards have been proposed for the mobile communication, one of them being GSM. With the rising increase of mobile-based crimes, it is necessary to improve the security of the information passed in the form of voice or data. GSM uses A5/1 for its encryption. It is known that various attacks have been implemented, exploiting the vulnerabilities present within the A5/1 algorithm. Thus, in this paper, we proceed to look at what these vulnerabilities are, and propose the enhanced A5/1 (E-A5/1) where, we try to improve the security provided by the A5/1 algorithm by XORing the key stream generated with a pseudo random number, without increasing the time complexity. We need to study what the vulnerabilities of the base algorithm (A5/1) is, and try to improve upon its security. This will help in the future releases of the A5 family of algorithms.

Unconditional security proof of long-distance continuous-variable quantum key distribution with discrete modulation.

PubMed

Leverrier, Anthony; Grangier, Philippe

2009-05-08

We present a continuous-variable quantum key distribution protocol combining a discrete modulation and reverse reconciliation. This protocol is proven unconditionally secure and allows the distribution of secret keys over long distances, thanks to a reverse reconciliation scheme efficient at very low signal-to-noise ratio.

Logistic Map for Cancellable Biometrics

NASA Astrophysics Data System (ADS)

Supriya, V. G., Dr; Manjunatha, Ramachandra, Dr

2017-08-01

This paper presents design and implementation of secured biometric template protection system by transforming the biometric template using binary chaotic signals and 3 different key streams to obtain another form of template and demonstrating its efficiency by the results and investigating on its security through analysis including, key space analysis, information entropy and key sensitivity analysis.

Continuous-variable quantum authentication of physical unclonable keys: Security against an emulation attack

NASA Astrophysics Data System (ADS)

Nikolopoulos, Georgios M.

2018-01-01

We consider a recently proposed entity authentication protocol in which a physical unclonable key is interrogated by random coherent states of light, and the quadratures of the scattered light are analyzed by means of a coarse-grained homodyne detection. We derive a sufficient condition for the protocol to be secure against an emulation attack in which an adversary knows the challenge-response properties of the key and moreover, he can access the challenges during the verification. The security analysis relies on Holevo's bound and Fano's inequality, and suggests that the protocol is secure against the emulation attack for a broad range of physical parameters that are within reach of today's technology.

Security of a semi-quantum protocol where reflections contribute to the secret key

NASA Astrophysics Data System (ADS)

Krawec, Walter O.

2016-05-01

In this paper, we provide a proof of unconditional security for a semi-quantum key distribution protocol introduced in a previous work. This particular protocol demonstrated the possibility of using X basis states to contribute to the raw key of the two users (as opposed to using only direct measurement results) even though a semi-quantum participant cannot directly manipulate such states. In this work, we provide a complete proof of security by deriving a lower bound of the protocol's key rate in the asymptotic scenario. Using this bound, we are able to find an error threshold value such that for all error rates less than this threshold, it is guaranteed that A and B may distill a secure secret key; for error rates larger than this threshold, A and B should abort. We demonstrate that this error threshold compares favorably to several fully quantum protocols. We also comment on some interesting observations about the behavior of this protocol under certain noise scenarios.

Three-dimensional scene encryption and display based on computer-generated holograms.

PubMed

Kong, Dezhao; Cao, Liangcai; Jin, Guofan; Javidi, Bahram

2016-10-10

An optical encryption and display method for a three-dimensional (3D) scene is proposed based on computer-generated holograms (CGHs) using a single phase-only spatial light modulator. The 3D scene is encoded as one complex Fourier CGH. The Fourier CGH is then decomposed into two phase-only CGHs with random distributions by the vector stochastic decomposition algorithm. Two CGHs are interleaved as one final phase-only CGH for optical encryption and reconstruction. The proposed method can support high-level nonlinear optical 3D scene security and complex amplitude modulation of the optical field. The exclusive phase key offers strong resistances of decryption attacks. Experimental results demonstrate the validity of the novel method.

A Secure Three-Factor User Authentication and Key Agreement Protocol for TMIS With User Anonymity.

PubMed

Amin, Ruhul; Biswas, G P

2015-08-01

Telecare medical information system (TMIS) makes an efficient and convenient connection between patient(s)/user(s) and doctor(s) over the insecure internet. Therefore, data security, privacy and user authentication are enormously important for accessing important medical data over insecure communication. Recently, many user authentication protocols for TMIS have been proposed in the literature and it has been observed that most of the protocols cannot achieve complete security requirements. In this paper, we have scrutinized two (Mishra et al., Xu et al.) remote user authentication protocols using smart card and explained that both the protocols are suffering against several security weaknesses. We have then presented three-factor user authentication and key agreement protocol usable for TMIS, which fix the security pitfalls of the above mentioned schemes. The informal cryptanalysis makes certain that the proposed protocol provides well security protection on the relevant security attacks. Furthermore, the simulator AVISPA tool confirms that the protocol is secure against active and passive attacks including replay and man-in-the-middle attacks. The security functionalities and performance comparison analysis confirm that our protocol not only provide strong protection on security attacks, but it also achieves better complexities along with efficient login and password change phase as well as session key verification property.

Aviation security : TSA has completed key activities associated with implementing secure flight, but additional actions are needed to mitigate risks.

DOT National Transportation Integrated Search

2009-05-01

To enhance aviation security, the Department of Homeland Securitys (DHS) Transportation Security Administration (TSA) developed a programknown as Secure Flightto assume from air carriers the function of matching passenger information against...

The SECOQC quantum key distribution network in Vienna

NASA Astrophysics Data System (ADS)

Peev, M.; Pacher, C.; Alléaume, R.; Barreiro, C.; Bouda, J.; Boxleitner, W.; Debuisschert, T.; Diamanti, E.; Dianati, M.; Dynes, J. F.; Fasel, S.; Fossier, S.; Fürst, M.; Gautier, J.-D.; Gay, O.; Gisin, N.; Grangier, P.; Happe, A.; Hasani, Y.; Hentschel, M.; Hübel, H.; Humer, G.; Länger, T.; Legré, M.; Lieger, R.; Lodewyck, J.; Lorünser, T.; Lütkenhaus, N.; Marhold, A.; Matyus, T.; Maurhart, O.; Monat, L.; Nauerth, S.; Page, J.-B.; Poppe, A.; Querasser, E.; Ribordy, G.; Robyr, S.; Salvail, L.; Sharpe, A. W.; Shields, A. J.; Stucki, D.; Suda, M.; Tamas, C.; Themel, T.; Thew, R. T.; Thoma, Y.; Treiber, A.; Trinkler, P.; Tualle-Brouri, R.; Vannel, F.; Walenta, N.; Weier, H.; Weinfurter, H.; Wimberger, I.; Yuan, Z. L.; Zbinden, H.; Zeilinger, A.

2009-07-01

In this paper, we present the quantum key distribution (QKD) network designed and implemented by the European project SEcure COmmunication based on Quantum Cryptography (SECOQC) (2004-2008), unifying the efforts of 41 research and industrial organizations. The paper summarizes the SECOQC approach to QKD networks with a focus on the trusted repeater paradigm. It discusses the architecture and functionality of the SECOQC trusted repeater prototype, which has been put into operation in Vienna in 2008 and publicly demonstrated in the framework of a SECOQC QKD conference held from October 8 to 10, 2008. The demonstration involved one-time pad encrypted telephone communication, a secure (AES encryption protected) video-conference with all deployed nodes and a number of rerouting experiments, highlighting basic mechanisms of the SECOQC network functionality. The paper gives an overview of the eight point-to-point network links in the prototype and their underlying technology: three plug and play systems by id Quantique, a one way weak pulse system from Toshiba Research in the UK, a coherent one-way system by GAP Optique with the participation of id Quantique and the AIT Austrian Institute of Technology (formerly ARCAustrian Research Centers GmbH—ARC is now operating under the new name AIT Austrian Institute of Technology GmbH following a restructuring initiative.), an entangled photons system by the University of Vienna and the AIT, a continuous-variables system by Centre National de la Recherche Scientifique (CNRS) and THALES Research and Technology with the participation of Université Libre de Bruxelles, and a free space link by the Ludwig Maximillians University in Munich connecting two nodes situated in adjacent buildings (line of sight 80 m). The average link length is between 20 and 30 km, the longest link being 83 km. The paper presents the architecture and functionality of the principal networking agent—the SECOQC node module, which enables the authentic classical communication required for key distillation, manages the generated key material, determines a communication path between any destinations in the network, and realizes end-to-end secure transport of key material between these destinations. The paper also illustrates the operation of the network in a number of typical exploitation regimes and gives an initial estimate of the network transmission capacity, defined as the maximum amount of key that can be exchanged, or alternatively the amount of information that can be transmitted with information theoretic security, between two arbitrary nodes.

An eCK-Secure Authenticated Key Exchange Protocol without Random Oracles

NASA Astrophysics Data System (ADS)

Moriyama, Daisuke; Okamoto, Tatsuaki

This paper presents a (PKI-based) two-pass authenticated key exchange (AKE) protocol that is secure in the extended Canetti-Krawczyk (eCK) security model. The security of the proposed protocol is proven without random oracles (under three assumptions), and relies on no implementation techniques such as a trick by LaMacchia, Lauter and Mityagin (so-called the NAXOS trick). Since an AKE protocol that is eCK-secure under a NAXOS-like implementation trick will be no more eCK-secure if some realistic information leakage occurs through side-channel attacks, it has been an important open problem how to realize an eCK-secure AKE protocol without using the NAXOS tricks (and without random oracles).

Key Future Engineering Capabilities for Human Capital Retention

NASA Astrophysics Data System (ADS)

Sivich, Lorrie

Projected record retirements of Baby Boomer generation engineers have been predicted to result in significant losses of mission-critical knowledge in space, national security, and future scientific ventures vital to high-technology corporations. No comprehensive review or analysis of engineering capabilities has been performed to identify threats related to the specific loss of mission-critical knowledge posed by the increasing retirement of tenured engineers. Archival data from a single diversified Fortune 500 aerospace manufacturing engineering company's engineering career database were analyzed to ascertain whether relationships linking future engineering capabilities, engineering disciplines, and years of engineering experience could be identified to define critical knowledge transfer models. Chi square, logistic, and linear regression analyses were used to map patterns of discipline-specific, mission-critical knowledge using archival data of engineers' perceptions of engineering capabilities, key developmental experiences, and knowledge learned from their engineering careers. The results from the study were used to document key engineering future capabilities. The results were then used to develop a proposed human capital retention plan to address specific key knowledge gaps of younger engineers as veteran engineers retire. The potential for social change from this study involves informing leaders of aerospace engineering corporations on how to build better quality mentoring or succession plans to fill the void of lost knowledge from retiring engineers. This plan can secure mission-critical knowledge for younger engineers for current and future product development and increased global competitiveness in the technology market.

Trends in food waste valorization for the production of chemicals, materials and fuels: Case study South and Southeast Asia.

PubMed

Ong, Khai Lun; Kaur, Guneet; Pensupa, Nattha; Uisan, Kristiadi; Lin, Carol Sze Ki

2018-01-01

Staggering amounts of food waste are being generated in Asia by means of agricultural processing, food transportation and storage, and human food consumption activities. This along with the recent sustainable development goals of food security, environmental protection, and energy efficiency are the key drivers for food waste valorization. The aim of this review is to provide an insight on the latest trends in food waste valorization in Asian countries such as India, Thailand, Singapore, Malaysia and Indonesia. Landfilling, incineration, and composting are the first-generation food waste processing technologies. The advancement of valorisation alternatives to tackle the food waste issue is the focus of this review. Furthermore, a series of examples of key food waste valorization schemes in this Asian region as case studies to demonstrate the advancement in bioconversions in these countries are described. Finally, important legislation aspects for food waste disposal in these Asian countries are also reported. Copyright © 2017 Elsevier Ltd. All rights reserved.

One-time pad, complexity of verification of keys, and practical security of quantum cryptography

DOE Office of Scientific and Technical Information (OSTI.GOV)

Molotkov, S. N., E-mail: sergei.molotkov@gmail.com

2016-11-15

A direct relation between the complexity of the complete verification of keys, which is one of the main criteria of security in classical systems, and a trace distance used in quantum cryptography is demonstrated. Bounds for the minimum and maximum numbers of verification steps required to determine the actual key are obtained.

Quantum Color Image Encryption Algorithm Based on A Hyper-Chaotic System and Quantum Fourier Transform

NASA Astrophysics Data System (ADS)

Tan, Ru-Chao; Lei, Tong; Zhao, Qing-Min; Gong, Li-Hua; Zhou, Zhi-Hong

2016-12-01

To improve the slow processing speed of the classical image encryption algorithms and enhance the security of the private color images, a new quantum color image encryption algorithm based on a hyper-chaotic system is proposed, in which the sequences generated by the Chen's hyper-chaotic system are scrambled and diffused with three components of the original color image. Sequentially, the quantum Fourier transform is exploited to fulfill the encryption. Numerical simulations show that the presented quantum color image encryption algorithm possesses large key space to resist illegal attacks, sensitive dependence on initial keys, uniform distribution of gray values for the encrypted image and weak correlation between two adjacent pixels in the cipher-image.

Cloud-assisted mobile-access of health data with privacy and auditability.

PubMed

Tong, Yue; Sun, Jinyuan; Chow, Sherman S M; Li, Pan

2014-03-01

Motivated by the privacy issues, curbing the adoption of electronic healthcare systems and the wild success of cloud service models, we propose to build privacy into mobile healthcare systems with the help of the private cloud. Our system offers salient features including efficient key management, privacy-preserving data storage, and retrieval, especially for retrieval at emergencies, and auditability for misusing health data. Specifically, we propose to integrate key management from pseudorandom number generator for unlinkability, a secure indexing method for privacy-preserving keyword search which hides both search and access patterns based on redundancy, and integrate the concept of attribute-based encryption with threshold signing for providing role-based access control with auditability to prevent potential misbehavior, in both normal and emergency cases.

Network-based reading system for lung cancer screening CT

NASA Astrophysics Data System (ADS)

Fujino, Yuichi; Fujimura, Kaori; Nomura, Shin-ichiro; Kawashima, Harumi; Tsuchikawa, Megumu; Matsumoto, Toru; Nagao, Kei-ichi; Uruma, Takahiro; Yamamoto, Shinji; Takizawa, Hotaka; Kuroda, Chikazumi; Nakayama, Tomio

2006-03-01

This research aims to support chest computed tomography (CT) medical checkups to decrease the death rate by lung cancer. We have developed a remote cooperative reading system for lung cancer screening over the Internet, a secure transmission function, and a cooperative reading environment. It is called the Network-based Reading System. A telemedicine system involves many issues, such as network costs and data security if we use it over the Internet, which is an open network. In Japan, broadband access is widespread and its cost is the lowest in the world. We developed our system considering human machine interface and security. It consists of data entry terminals, a database server, a computer aided diagnosis (CAD) system, and some reading terminals. It uses a secure Digital Imaging and Communication in Medicine (DICOM) encrypting method and Public Key Infrastructure (PKI) based secure DICOM image data distribution. We carried out an experimental trial over the Japan Gigabit Network (JGN), which is the testbed for the Japanese next-generation network, and conducted verification experiments of secure screening image distribution, some kinds of data addition, and remote cooperative reading. We found that network bandwidth of about 1.5 Mbps enabled distribution of screening images and cooperative reading and that the encryption and image distribution methods we proposed were applicable to the encryption and distribution of general DICOM images via the Internet.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Dondero, Rachel Elizabeth

The increased use of Field Programmable Gate Arrays (FPGAs) in critical systems brings new challenges in securing the diversely programmable fabric from cyber-attacks. FPGAs are an inexpensive, efficient, and flexible alternative to Application Specific Integrated Circuits (ASICs), which are becoming increasingly expensive and impractical for low volume manufacturing as technology nodes continue to shrink. Unfortunately, FPGAs are not designed for high security applications, and their high-flexibility lends itself to low security and vulnerability to malicious attacks. Similar to securing an ASIC’s functionality, FPGA programmers can exploit the inherent randomness introduced into hardware structures during fabrication for security applications. Physically Unclonablemore » Functions (PUFs) are one such solution that uses the die specific variability in hardware fabrication for both secret key generation and verification. PUFs strive to be random, unique, and reliable. Throughout recent years many PUF structures have been presented to try and maximize these three design constraints, reliability being the most difficult of the three to achieve. This thesis presents a new PUF structure that combines two elementary PUF concepts (a bi-stable SRAM PUF and a delay-based arbiter PUF) to create a PUF with increased reliability, while maintaining both random and unique qualities. Properties of the new PUF will be discussed as well as the various design modifications that can be made to tweak the desired performance and overhead.« less

Security Analysis and Improvements of Authentication and Access Control in the Internet of Things

PubMed Central

Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

2014-01-01

Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18–21 June 2012, pp. 588–592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost. PMID:25123464

Scenario and multiple criteria decision analysis for energy and environmental security of military and industrial installations.

PubMed

Karvetski, Christopher W; Lambert, James H; Linkov, Igor

2011-04-01

Military and industrial facilities need secure and reliable power generation. Grid outages can result in cascading infrastructure failures as well as security breaches and should be avoided. Adding redundancy and increasing reliability can require additional environmental, financial, logistical, and other considerations and resources. Uncertain scenarios consisting of emergent environmental conditions, regulatory changes, growth of regional energy demands, and other concerns result in further complications. Decisions on selecting energy alternatives are made on an ad hoc basis. The present work integrates scenario analysis and multiple criteria decision analysis (MCDA) to identify combinations of impactful emergent conditions and to perform a preliminary benefits analysis of energy and environmental security investments for industrial and military installations. Application of a traditional MCDA approach would require significant stakeholder elicitations under multiple uncertain scenarios. The approach proposed in this study develops and iteratively adjusts a scoring function for investment alternatives to find the scenarios with the most significant impacts on installation security. A robust prioritization of investment alternatives can be achieved by integrating stakeholder preferences and focusing modeling and decision-analytical tools on a few key emergent conditions and scenarios. The approach is described and demonstrated for a campus of several dozen interconnected industrial buildings within a major installation. Copyright © 2010 SETAC.

Security analysis and improvements of authentication and access control in the Internet of Things.

PubMed

Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

2014-08-13

Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al. (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18-21 June 2012, pp. 588-592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost.

Secure remote synchronization and secure key distribution in electro-optic networks revealed by symmetries

NASA Astrophysics Data System (ADS)

Xu, Mingfeng; Pan, Wei; Zhang, Liyue

2018-07-01

Despite the intuition that synchronization of different nodes in coupled oscillator networks results from information exchange between them, it has recently been shown that remote nodes could be partially synchronous even when they are separated by intermediately unsynchronized nodes. Here based on electro-optic system, we report on a more stronger form of such synchronization pattern that is termed as secure remote synchronization, in which two remotely separated nodes could have identically synchronized dynamical behaviors while the rest of the network are both statistically and information-theoretically incoherent relative to the two synchronized nodes. The generalized form of mirror symmetry in the network structure is identified to be a key mechanism allowing for secure remote synchronization. Moreover, this synchronization mode is robust against a wild range of system parameters and noise perturbing the intermediary dynamics. The lack of information about the synchronized dynamics in the rest of the network suggests that our results could potentially lead to network-based solutions for secure key distribution and secure communication.

Optical image cryptosystem using chaotic phase-amplitude masks encoding and least-data-driven decryption by compressive sensing

NASA Astrophysics Data System (ADS)

Lang, Jun; Zhang, Jing

2015-03-01

In our proposed optical image cryptosystem, two pairs of phase-amplitude masks are generated from the chaotic web map for image encryption in the 4f double random phase-amplitude encoding (DRPAE) system. Instead of transmitting the real keys and the enormous masks codes, only a few observed measurements intermittently chosen from the masks are delivered. Based on compressive sensing paradigm, we suitably refine the series expansions of web map equations to better reconstruct the underlying system. The parameters of the chaotic equations can be successfully calculated from observed measurements and then can be used to regenerate the correct random phase-amplitude masks for decrypting the encoded information. Numerical simulations have been performed to verify the proposed optical image cryptosystem. This cryptosystem can provide a new key management and distribution method. It has the advantages of sufficiently low occupation of the transmitted key codes and security improvement of information transmission without sending the real keys.

Quantum Key Distribution

NASA Astrophysics Data System (ADS)

Hughes, Richard

2004-05-01

Quantum key distribution (QKD) uses single-photon communications to generate the shared, secret random number sequences that are used to encrypt and decrypt secret communications. The unconditional security of QKD is based on the interplay between fundamental principles of quantum physics and information theory. An adversary can neither successfully tap the transmissions, nor evade detection (eavesdropping raises the key error rate above a threshold value). QKD could be particularly attractive for free-space optical communications, both ground-based and for satellites. I will describe a QKD experiment performed over multi-kilometer line-of-sight paths, which serves as a model for a satellite-to-ground key distribution system. The system uses single-photon polarization states, without active polarization switching, and for the first time implements the complete BB84 QKD protocol including, reconciliation, privacy amplification and the all-important authentication stage. It is capable of continuous operation throughout the day and night, achieving the self-sustaining production of error-free, shared, secret bits. I will also report on the results of satellite-to-ground QKD modeling.

Image encryption with chaotic map and Arnold transform in the gyrator transform domains

NASA Astrophysics Data System (ADS)

Sang, Jun; Luo, Hongling; Zhao, Jun; Alam, Mohammad S.; Cai, Bin

2017-05-01

An image encryption method combing chaotic map and Arnold transform in the gyrator transform domains was proposed. Firstly, the original secret image is XOR-ed with a random binary sequence generated by a logistic map. Then, the gyrator transform is performed. Finally, the amplitude and phase of the gyrator transform are permutated by Arnold transform. The decryption procedure is the inverse operation of encryption. The secret keys used in the proposed method include the control parameter and the initial value of the logistic map, the rotation angle of the gyrator transform, and the transform number of the Arnold transform. Therefore, the key space is large, while the key data volume is small. The numerical simulation was conducted to demonstrate the effectiveness of the proposed method and the security analysis was performed in terms of the histogram of the encrypted image, the sensitiveness to the secret keys, decryption upon ciphertext loss, and resistance to the chosen-plaintext attack.

Practical Quantum Private Database Queries Based on Passive Round-Robin Differential Phase-shift Quantum Key Distribution.

PubMed

Li, Jian; Yang, Yu-Guang; Chen, Xiu-Bo; Zhou, Yi-Hua; Shi, Wei-Min

2016-08-19

A novel quantum private database query protocol is proposed, based on passive round-robin differential phase-shift quantum key distribution. Compared with previous quantum private database query protocols, the present protocol has the following unique merits: (i) the user Alice can obtain one and only one key bit so that both the efficiency and security of the present protocol can be ensured, and (ii) it does not require to change the length difference of the two arms in a Mach-Zehnder interferometer and just chooses two pulses passively to interfere with so that it is much simpler and more practical. The present protocol is also proved to be secure in terms of the user security and database security.

Tight finite-key analysis for quantum cryptography

PubMed Central

Tomamichel, Marco; Lim, Charles Ci Wen; Gisin, Nicolas; Renner, Renato

2012-01-01

Despite enormous theoretical and experimental progress in quantum cryptography, the security of most current implementations of quantum key distribution is still not rigorously established. One significant problem is that the security of the final key strongly depends on the number, M, of signals exchanged between the legitimate parties. Yet, existing security proofs are often only valid asymptotically, for unrealistically large values of M. Another challenge is that most security proofs are very sensitive to small differences between the physical devices used by the protocol and the theoretical model used to describe them. Here we show that these gaps between theory and experiment can be simultaneously overcome by using a recently developed proof technique based on the uncertainty relation for smooth entropies. PMID:22252558

Tight finite-key analysis for quantum cryptography.

PubMed

Tomamichel, Marco; Lim, Charles Ci Wen; Gisin, Nicolas; Renner, Renato

2012-01-17

Despite enormous theoretical and experimental progress in quantum cryptography, the security of most current implementations of quantum key distribution is still not rigorously established. One significant problem is that the security of the final key strongly depends on the number, M, of signals exchanged between the legitimate parties. Yet, existing security proofs are often only valid asymptotically, for unrealistically large values of M. Another challenge is that most security proofs are very sensitive to small differences between the physical devices used by the protocol and the theoretical model used to describe them. Here we show that these gaps between theory and experiment can be simultaneously overcome by using a recently developed proof technique based on the uncertainty relation for smooth entropies.

Composable security proof for continuous-variable quantum key distribution with coherent States.

PubMed

Leverrier, Anthony

2015-02-20

We give the first composable security proof for continuous-variable quantum key distribution with coherent states against collective attacks. Crucially, in the limit of large blocks the secret key rate converges to the usual value computed from the Holevo bound. Combining our proof with either the de Finetti theorem or the postselection technique then shows the security of the protocol against general attacks, thereby confirming the long-standing conjecture that Gaussian attacks are optimal asymptotically in the composable security framework. We expect that our parameter estimation procedure, which does not rely on any assumption about the quantum state being measured, will find applications elsewhere, for instance, for the reliable quantification of continuous-variable entanglement in finite-size settings.

KeySlinger and StarSlinger: Secure Key Exchange and Encrypted File Transfer on Smartphones

DTIC Science & Technology

2011-05-01

format data to exchange because contact information can be exported to V- Cards using existing APIs. For these reasons it was chosen as the medium to... Card format allows customization of this field. The service provider field serves to identify the app the key is for and the username field stores the...public key data. A sample V- Card field looks like Listing 1 below. IMPP;TextSecure

Daylight operation of a free space, entanglement-based quantum key distribution system

NASA Astrophysics Data System (ADS)

Peloso, Matthew P.; Gerhardt, Ilja; Ho, Caleb; Lamas-Linares, Antía; Kurtsiefer, Christian

2009-04-01

Many quantum key distribution (QKD) implementations using a free space transmission path are restricted to operation at night time in order to distinguish the signal photons used for a secure key establishment from the background light. Here, we present a lean entanglement-based QKD system overcoming that limitation. By implementing spectral, spatial and temporal filtering techniques, we establish a secure key continuously over several days under varying light and weather conditions.

Wide Area Security Region Final Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Makarov, Yuri V.; Lu, Shuai; Guo, Xinxin

2010-03-31

This report develops innovative and efficient methodologies and practical procedures to determine the wide-area security region of a power system, which take into consideration all types of system constraints including thermal, voltage, voltage stability, transient and potentially oscillatory stability limits in the system. The approach expands the idea of transmission system nomograms to a multidimensional case, involving multiple system limits and parameters such as transmission path constraints, zonal generation or load, etc., considered concurrently. The security region boundary is represented using its piecewise approximation with the help of linear inequalities (so called hyperplanes) in a multi-dimensional space, consisting of systemmore » parameters that are critical for security analyses. The goal of this approximation is to find a minimum set of hyperplanes that describe the boundary with a given accuracy. Methodologies are also developed to use the security hyperplanes, pre-calculated offline, to determine system security margins in real-time system operations, to identify weak elements in the system, and to calculate key contributing factors and sensitivities to determine the best system controls in real time and to assist in developing remedial actions and transmission system enhancements offline . A prototype program that automates the simulation procedures used to build the set of security hyperplanes has also been developed. The program makes it convenient to update the set of security hyperplanes necessitated by changes in system configurations. A prototype operational tool that uses the security hyperplanes to assess security margins and to calculate optimal control directions in real time has been built to demonstrate the project success. Numerical simulations have been conducted using the full-size Western Electricity Coordinating Council (WECC) system model, and they clearly demonstrated the feasibility and the effectiveness of the developed technology. Recommendations for the future work have also been formulated.« less

Triple symmetric key cryptosystem for data security

NASA Astrophysics Data System (ADS)

Fuzail, C. Md; Norman, Jasmine; Mangayarkarasi, R.

2017-11-01

As the technology is getting spreads in the macro seconds of speed and in which the trend changing era from human to robotics the security issue is also getting increased. By means of using machine attacks it is very easy to break the cryptosystems in very less amount of time. Cryptosystem is a process which provides the security in all sorts of processes, communications and transactions to be done securely with the help of electronical mechanisms. Data is one such thing with the expanded implication and possible scraps over the collection of data to secure predominance and achievement, Information Security is the process where the information is protected from invalid and unverified accessibilities and data from mishandling. So the idea of Information Security has risen. Symmetric key which is also known as private key.Whereas the private key is mostly used to attain the confidentiality of data. It is a dynamic topic which can be implemented over different applications like android, wireless censor networks, etc. In this paper, a new mathematical manipulation algorithm along with Tea cryptosystem has been implemented and it can be used for the purpose of cryptography. The algorithm which we proposed is straightforward and more powerful and it will authenticate in harder way and also it will be very difficult to break by someone without knowing in depth about its internal mechanisms.

Enhancing LoRaWAN Security through a Lightweight and Authenticated Key Management Approach.

PubMed

Sanchez-Iborra, Ramon; Sánchez-Gómez, Jesús; Pérez, Salvador; Fernández, Pedro J; Santa, José; Hernández-Ramos, José L; Skarmeta, Antonio F

2018-06-05

Luckily, new communication technologies and protocols are nowadays designed considering security issues. A clear example of this can be found in the Internet of Things (IoT) field, a quite recent area where communication technologies such as ZigBee or IPv6 over Low power Wireless Personal Area Networks (6LoWPAN) already include security features to guarantee authentication, confidentiality and integrity. More recent technologies are Low-Power Wide-Area Networks (LP-WAN), which also consider security, but present initial approaches that can be further improved. An example of this can be found in Long Range (LoRa) and its layer-two supporter LoRa Wide Area Network (LoRaWAN), which include a security scheme based on pre-shared cryptographic material lacking flexibility when a key update is necessary. Because of this, in this work, we evaluate the security vulnerabilities of LoRaWAN in the area of key management and propose different alternative schemes. Concretely, the application of an approach based on the recently specified Ephemeral Diffie⁻Hellman Over COSE (EDHOC) is found as a convenient solution, given its flexibility in the update of session keys, its low computational cost and the limited message exchanges needed. A comparative conceptual analysis considering the overhead of different security schemes for LoRaWAN is carried out in order to evaluate their benefits in the challenging area of LP-WAN.

Key Considerations of Community, Scalability, Supportability, Security, and Functionality in Selecting Open-Source Software in California Universities as Perceived by Technology Leaders

ERIC Educational Resources Information Center

Britton, Todd Alan

2014-01-01

Purpose: The purpose of this study was to examine the key considerations of community, scalability, supportability, security, and functionality for selecting open-source software in California universities as perceived by technology leaders. Methods: After a review of the cogent literature, the key conceptual framework categories were identified…

Generalized Kirchhoff-Law-Johnson-Noise (KLJN) secure key exchange system using arbitrary resistors.

PubMed

Vadai, Gergely; Mingesz, Robert; Gingl, Zoltan

2015-09-03

The Kirchhoff-Law-Johnson-Noise (KLJN) secure key exchange system has been introduced as a simple, very low cost and efficient classical physical alternative to quantum key distribution systems. The ideal system uses only a few electronic components-identical resistor pairs, switches and interconnecting wires-in order to guarantee perfectly protected data transmission. We show that a generalized KLJN system can provide unconditional security even if it is used with significantly less limitations. The more universal conditions ease practical realizations considerably and support more robust protection against attacks. Our theoretical results are confirmed by numerical simulations.

Experimentally generated randomness certified by the impossibility of superluminal signals.

PubMed

Bierhorst, Peter; Knill, Emanuel; Glancy, Scott; Zhang, Yanbao; Mink, Alan; Jordan, Stephen; Rommal, Andrea; Liu, Yi-Kai; Christensen, Bradley; Nam, Sae Woo; Stevens, Martin J; Shalm, Lynden K

2018-04-01

From dice to modern electronic circuits, there have been many attempts to build better devices to generate random numbers. Randomness is fundamental to security and cryptographic systems and to safeguarding privacy. A key challenge with random-number generators is that it is hard to ensure that their outputs are unpredictable 1-3 . For a random-number generator based on a physical process, such as a noisy classical system or an elementary quantum measurement, a detailed model that describes the underlying physics is necessary to assert unpredictability. Imperfections in the model compromise the integrity of the device. However, it is possible to exploit the phenomenon of quantum non-locality with a loophole-free Bell test to build a random-number generator that can produce output that is unpredictable to any adversary that is limited only by general physical principles, such as special relativity 1-11 . With recent technological developments, it is now possible to carry out such a loophole-free Bell test 12-14,22 . Here we present certified randomness obtained from a photonic Bell experiment and extract 1,024 random bits that are uniformly distributed to within 10 -12 . These random bits could not have been predicted according to any physical theory that prohibits faster-than-light (superluminal) signalling and that allows independent measurement choices. To certify and quantify the randomness, we describe a protocol that is optimized for devices that are characterized by a low per-trial violation of Bell inequalities. Future random-number generators based on loophole-free Bell tests may have a role in increasing the security and trust of our cryptographic systems and infrastructure.

Changes to Quantum Cryptography

NASA Astrophysics Data System (ADS)

Sakai, Yasuyuki; Tanaka, Hidema

Quantum cryptography has become a subject of widespread interest. In particular, quantum key distribution, which provides a secure key agreement by using quantum systems, is believed to be the most important application of quantum cryptography. Quantum key distribution has the potential to achieve the “unconditionally” secure infrastructure. We also have many cryptographic tools that are based on “modern cryptography” at the present time. They are being used in an effort to guarantee secure communication over open networks such as the Internet. Unfortunately, their ultimate efficacy is in doubt. Quantum key distribution systems are believed to be close to practical and commercial use. In this paper, we discuss what we should do to apply quantum cryptography to our communications. We also discuss how quantum key distribution can be combined with or used to replace cryptographic tools based on modern cryptography.

Multi-party quantum key agreement protocol secure against collusion attacks

NASA Astrophysics Data System (ADS)

Wang, Ping; Sun, Zhiwei; Sun, Xiaoqiang

2017-07-01

The fairness of a secure multi-party quantum key agreement (MQKA) protocol requires that all involved parties are entirely peer entities and can equally influence the outcome of the protocol to establish a shared key wherein no one can decide the shared key alone. However, it is found that parts of the existing MQKA protocols are sensitive to collusion attacks, i.e., some of the dishonest participants can collaborate to predetermine the final key without being detected. In this paper, a multi-party QKA protocol resisting collusion attacks is proposed. Different from previous QKA protocol resisting N-1 coconspirators or resisting 1 coconspirators, we investigate the general circle-type MQKA protocol which can be secure against t dishonest participants' cooperation. Here, t < N. We hope the results of the presented paper will be helpful for further research on fair MQKA protocols.

Hacking on decoy-state quantum key distribution system with partial phase randomization

NASA Astrophysics Data System (ADS)

Sun, Shi-Hai; Jiang, Mu-Sheng; Ma, Xiang-Chun; Li, Chun-Yan; Liang, Lin-Mei

2014-04-01

Quantum key distribution (QKD) provides means for unconditional secure key transmission between two distant parties. However, in practical implementations, it suffers from quantum hacking due to device imperfections. Here we propose a hybrid measurement attack, with only linear optics, homodyne detection, and single photon detection, to the widely used vacuum + weak decoy state QKD system when the phase of source is partially randomized. Our analysis shows that, in some parameter regimes, the proposed attack would result in an entanglement breaking channel but still be able to trick the legitimate users to believe they have transmitted secure keys. That is, the eavesdropper is able to steal all the key information without discovered by the users. Thus, our proposal reveals that partial phase randomization is not sufficient to guarantee the security of phase-encoding QKD systems with weak coherent states.