This paper provides the first analytical and practical treatment of entity authentication and authenticated key exchange in the framework of Tree Parity Machines (TPMs). The interaction of TPMs has been discussed as an alternative concept for secure symmetric key exchange. Several attacks have been proposed on the non-authenticated principle. Adding and some extra entity authentication method i...

Nyberg and Ruppel first proposed a signature scheme with message recovery based on DSA in 1993, and the authenticated encryption scheme is a special application of their scheme. Afterward, there are many papers proposed about the authenticated encryption schemes. The signature scheme can reduce the transmitted cost, because the message has been contained in the signature of the message and the ...

The authenticated key agreement protocol is an important security protocol for the session initiation protocol, which allows the and the server to authenticate each other and generate a shared session key for privacy, integrity, and non-repudiation in their communications. Recently, Zhang et al. proposed a new authenticated key agreement protocol for the session initiation protocol using smart ...

In this paper, by considering the constraints of Advanced Metering Infrastructure (AMI) systems, we propose an authenticated key exchange protocol and an authenticated message broadcasting protocol. The proposed protocols are based on two well-known protocols, Okamoto and Schnorr, and inherit their security features. For providing the security of the system against physical attacks, we utilize ...

A convertible authenticated encryption scheme allows a designated receiver to recover and verify a message simultaneously, during which the recipient can prove the dishonesty of the sender to any third party if the sender repudiates her signature later. In this paper, after showing some weaknesses in Wu et al.’s [21] and Huang et al ’s [10] convertible authenticated encryption schemes, we propo...

An authenticated dictionary of size N is said to be optimal when an update operation or proof computation requires at most O(logN) accesses to the data-structure, and the size of a proof is O(1) with respect to N . In this note we show that an optimal authenticated dictionary (OAD) can be built using transitive signatures for directed graphs (DTS). As the existence of DTS and OAD are both still...

We study homomorphic authenticated encryption, where privacy and authenticity of data are protected simultaneously. We define homomorphic versions of various security notions for privacy and authenticity, and investigate relations between them. In particular, we show that it is possible to give a natural definition of IND-CCA for homomorphic authenticated encryption, unlike the case of homomorp...

When using an authenticated-encryption scheme (a shared-key mechanism that provides both privacy and authenticity) it is sometimes useful, when encrypting a message, to also authenticate some additional information which is not privacy protected. We address this associateddata problem, wherein a Sender can bind to an authenticated ciphertext C a string AD, called its associated-data, and where ...

In this paper we introduce the first authenticated encryption scheme based on a hash function, called COFFE. This research has been motivated by the challenge to fit secure cryptography into constrained devices – some of these devices have to use a hash function, anyway, and the challenge is to avoid the usage of an additional block cipher to provide authenticated encryption. COFFE satisfies th...

Several identity based and authenticated key agreement protocols have been proposed in recent years and all of them have been shown to be non-secure. It remains an open question to design secure identity based and authenticated key agreement protocols. In this paper, we propose an efficient identity-based and authenticated key agreement protocol IDAK using Weil/Tate pairing. A security model fo...