Many practical MACs are designed by iterating applications of some xed-input-length (FIL) primitive, namely one like a block cipher or compression function that only applies to data of a xed length. Existing security analyses of these constructions either require a stronger security property from the FIL primitive (eg. pseudorandomness) than the unforgeability required of the nal MAC, or, as in...

The technology of Cloud computing is permit the subscribers to store their own data in its infrastructure. The subscribers will be able to use their stored data whenever they required. Since the data are stored outside their boundary, it needs to use a strong encryption during transmission process to be protected well. Thus, in this paper we have proposed a model to use a hybrid encryption and ...

In the last years, data outsourcing has received an increasing attention by the research community thanks to the benefits that it brings in terms of data management. A basic requirement in such a scenario is that outsourced data be made accessible only to authorized users, that is, no unauthorized party (including the storing server) should have access to the data. While existing proposals prov...

Due to dense deployment and innumerable amount of traffic flow in wireless sensor networks (WSNs), congestion becomes more common phenomenon from simple periodic traffic to unpredictable bursts of messages triggered by external events. Even for simple network topology and periodic traffic, congestion is a likely event due to time varying wireless channel condition and contention caused due to i...

We consider message authentication codes for streams where the key becomes known only at the end of the stream. This usually happens in key-exchange protocols like SSL and TLS where the exchange phase concludes by sending a MAC for the previous transcript and the newly derived key. SSL and TLS provide tailor-made solutions for this problem (modifying HMAC to insert the key only at the end, as i...

In this note we show a consequence of the recent observation that narrow-pipe hash designs manifest an abberation from ideal random functions for finding collisions for those functions with complexities much lower than the so called generic birthday paradox lower bound. The problem is generic for narrow-pipe designs including classic Merkle-Damg̊ard designs but also recent narrow-pipe SHA-3 cand...

This paper points out that, contrary to popular belief, allowing a message authentication adversary multiple verification attempts towards forgery is not equivalent to allowing it a single one, so that the notion of security that most message authentication schemes are proven to meet does not guarantee their security in practice. We then show, however, that the equivalence does hold for strong ...

The End Entity Certificates (EECs) revocation mechanism in Grid Security Infrastructure (GSI) adopts Certificate Revocation List (CRL) currently. However, CRL is an inefficient mechanism with drawbacks of “time granularity problem” and unmanageable sizes. This paper presents a new EECs revocation mechanism MEECRM (Mediated RSA-based End Entity Certificates Revocation Mechanism) to eliminate “ke...

The NIST competition for developing the new cryptographic hash standard SHA-3 is currently in the third round. One of the five remaining candidates, Grøstl, is inspired by the Advanced Encryption Standard. This unique feature can be exploited in a large variety of practical applications. In order to have a better picture of the Grøstl-AES computational efficiency (high-level scheduling, interna...

Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract This memo describes the use of t...