Home
Call For Papers
Submission
Author
Registration
Publications
About
Contact Us

  An Improved Certificate - less Cryptography Scheme based on Time Stamping  
  Authors : Arun Kumar Singh; Arun K Misra
  Cite as:

 

Replay attack is a typical breach of communication between two parties that threatens the very design of authentication and key distribution protocols. In this paper, an authentication protocol has been proposed that provides a strong authentication mechanism which is based on time stamping. The authentication protocol enables the sender to encrypt a message with recipient’s identity only and users do not need certificates to bind identity with specific public key. High Level Protocol Specific Language (HLPSL), which is based on temporal logic has been used for formal verification.

 

Published In : IJCSN Journal Volume 6, Issue 6

Date of Publication : December 2017

Pages : 643-651

Figures :07

Tables : --

 

Arun Kumar Singh : Corresponding Author: Arun Kumar Singh received his B.Tech in Electronics and Communication from SRMCEM College, Lucknow, Uttar Pradesh, India in 2005. He received his Master degree in Information Security from Indian Institutes of Information Technology, Allahabad, Uttar Pradesh, India in 2008. Currently, he is completed the Ph.D. degree in Computer Sciences and Engineering at the Motilal Nehru National Institute of Technology (MNNIT), Uttar Pradesh, India. His research interests include network security, network protocol design and verification, in network security, Cryptography and Computer Forensic fields.

Dr. Arun Kumar Misra : has forty years of teaching experience at Motilal Nehru National Institute of Technology, Allahabad, India and is presently working at S.P. Memorial Institute of Technology, Allahabad, India. His special field of interest include Software Engineering, Information Security, Soft Computing and Optimization Techniques.

 

Authentication Mechanism, Time Stamping, Public key cryptosystems, HLPSL

Authentication protocols are generally vulnerable due to replay attacks.. The two protocols suggested by Li and Raman have been analysed and both of them were found to be vulnerable to replay attacks.

 

1. R. Needham and M. Schroeder, “Using Encryption for Authentication in Large Networks of Computers,” Communications of the ACM, Vol. 21, No. 12, December 1978. 2. Junhong Li , “Design of Authentication Protocols Preventing Replay Attacks” , College of Mathematics and Information Science Hebei Normal University, 2009. 3. W. Diffie, M. E. Hellman, “New Directions in Cryptography,” IEEE transactions on Information Theory, vol. IT-11, pp. 644-654, November 1976. 4. Jeremy Brun-Nouvion Hicham Hossayni, Logical Attacks Using RSA, Security Models Lecturer 2010. 5. Danny Dolev and Andrew C. Yao. On the security of public-key protocols. IEEE Transactions on Information Theory, 2(29):198–208, 1983. 6. Gavin Lowe, “An attack on the Needham-Schroeder public key authentication protocol”, Information Processing Letters, 56(3):131—136, November 1995. 7. L. Gong, “Verifiable-text Attacks in Cryptographic Protocols,” Proceedings of IEEE 8. Li Gong, Variations on the Themes of Message Freshness and Replay -or the Difficulty in Devising Formal Methods to Analyze Cryptographic Protocols, SRI International Computer Science Laboratory 333 Ravenswood Avenue Menlo Park, California 94025 U.S.A. 9. Amir Herzberg, “Internet Cryptography Tools”, Computer Science Department, Bar Ilan University, 2003. 10. Arun K Singh and Arun K. Misra, Analysis of Cryptographically Replay Attacks and Its Mitigation Mechanism, International Conference on Information Systems Design and Intelligent Applications-2012 (INDIA-2012) 11. Raman Kumar et. al. “An Image Based Authentication System- Using Needham Schroeder Protocol, IJCSNS International Journal of Computer Science and Network Security, VOL.10 No.11, November 2010. 12. AVISPA, Automated Validation of Internet Security Protocols and Applications, http://www.avispaproject. org/. 13. Courtois, N. & Meier, W., Algebraic attacks on stream cipher with linear feedback, in E. Biham, ed., ‘Advances in Cryptology - Eurocrypt 2003’, Vol. 2656 of Lecture Notes in Computer Science, Springer. 14. David Ahmad “Attack Trends :Two Years of Broken Crypto”, Published by the IEEE Computer Society, IEEE Security & Privacy, 2008. 15. Fahime Javdan Kherad, Hamid R. Naji, Mohammad V. Malakooti and Payman Haghighat, A New Symmetric Cryptography Algorithm to Secure E-Commerce Transactions, 2010 International Conference on Financial Theory and Engineering, Department of Computer Engineering, IAU Dubai, U.A.E. 16. A. Fiat, “Batch RSA”, Journal of Cryptology, (1997)10: page 75-88. 17. Dan Boneh, “Fast Variants of RSA”, CryptoBytes, Vol. 5, No. 1, pp. 1-9, 2002. 18. Danny Dolev and Andrew C. Yao. On the security of public-key protocols. IEEE Transactions on Information Theory, 2(29):198–208, 1983. 19. Eli Biham Orr, Dunkelman, National, Differential Cryptanalysis in Stream Ciphers, eprint-2007. 20. Joris Claessens, Valentin Dem, Danny De Cock, Bart Preneel and Joos Vandewalle” On the Security of Today’s Online Electronic Banking Systems” Elsevier, Computers & Security, Vol 21, No 3, pp 257-269, 2002 21. L. Gong, “Verifiable-text Attacks in Cryptographic Protocols,” Proceedings of IEEE 22. Li Gong, Variations on the Themes of Message Freshness and Replay -or the Difficulty in Devising Formal Methods to Analyze Cryptographic Protocols, SRI International Computer Science Laboratory 333 Ravenswood Avenue Menlo Park, California 94025 U.S.A. 23. M.H. Sherif, A. Serhrouchni, A. Y. Gaid and F. Farazmandnia, “SET and SSL: Electronic payments on the Internet”, IEEE, 1998. 24. Matt Blumenthal, “Encryption: Strengths and Weaknesses of Public-key Cryptography”¸ Department of Computing Sciences Villanova University, Villanova, PA 19085 CSC 3990 – Computing Research Topics, 1999. 25. Stefek Zaba, “Cryptographic Security in the Internet Protocol Suite: Practice and Proposals”, Elsevier Information Security Technical Report, Vol. 2, No. 2 (1997) 54-73. 26. W. Diffie, M. E. Hellman, “New Directions in Cryptography,” IEEE transactions on Information Theory, vol. IT-11, pp. 644-654, November 1976. 27. W. Küchlin, “Public key encryption”, ACM SIGSAM Bulletin Volume 21 Issue 3, Aug. 1987 Pages 69-73. 28. Wang Yanhua Yang Kuihe Zhang Yun, “Research and Realization of Security Proxy Based on SSL Protocol” The Eighth International Conference on Electronic Measurement and Instruments ICEMI’2007. 29. Xianxian Li, Jun Han, Zhaohao Sun, " Design Principles and Security of Authentication Protocols with Trusted Third Party" AUG 2004 - Who Are You? 30. Yuping Deng, Xiaowei Guo, and Xiamu Niu , “A New Design Scheme of Role-Based Access Control Based on PKI Yuping Deng, Xiaowei Guo, and Xiamu Niu” , Proceedings of the First International Conference on Innovative Computing, Information and Control (ICICIC'06), 2006 IEEE. 31. Zhikao Ren, Minghua Liu, Chen Ye and Chuansheng Wang, “A Scheme of E-Commerce Security based on ECC & SSL Protocol”, 2009 IEEE.

 


All rights reserverd @ IJCSN International Journal www.IJCSN.org