ترغب بنشر مسار تعليمي؟ اضغط هنا

An authentication protocol based on chaos and zero knowledge proof

83   0   0.0 ( 0 )
 نشر من قبل William Buchanan Prof
 تاريخ النشر 2020
  مجال البحث الهندسة المعلوماتية
والبحث باللغة English




اسأل ChatGPT حول البحث

Port Knocking is a method for authenticating clients through a closed stance firewall, and authorising their requested actions, enabling severs to offer services to authenticated clients, without opening ports on the firewall. Advances in port knocking have resulted in an increase in complexity in design, preventing port knocking solutions from realising their potential. This paper proposes a novel port knocking solution, named Crucible, which is a secure method of authentication, with high usability and features of stealth, allowing servers and services to remain hidden and protected. Crucible is a stateless solution, only requiring the client memorise a command, the servers IP and a chosen password. The solution is forwarded as a method for protecting servers against attacks ranging from port scans, to zero-day exploitation. To act as a random oracle for both client and server, cryptographic hashes were generated through chaotic systems.



قيم البحث

اقرأ أيضاً

Vehicular Ad Hoc Networks (VANETs) are a particular subclass of mobile ad hoc networks that raise a number of security challenges, notably from the way users authenticate the network. Authentication technologies based on existing security policies an d access control rules in such networks assume full trust on Roadside Unit (RSU) and authentication servers. The disclosure of authentication parameters enables users trace-ability over the network. VANETs trusted entities (e.g. RSU) can utilize such information to track a user traveling behavior, violating user privacy and anonymity. In this paper, we proposed a novel, light-weight, Adaptive Group-based Zero Knowledge Proof-Authentication Protocol (AGZKP-AP) for VANETs. The proposed authentication protocol is capable of offering various levels of users privacy settings based on the type of services available on such networks. Our scheme is based on the Zero-Knowledge-Proof (ZKP) crypto approach with the support of trade-off options. Users have the option to make critical decisions on the level of privacy and the amount of resources usage they prefer such as short system response time versus the number of private information disclosures. Furthermore, AGZKP-AP is incorporated with a distributed privilege control and revoking mechanism that render users private information to law enforcement in case of a traffic violation.
-Wireless body area network(WBAN) has shown great potential in improving healthcare quality not only for patients but also for medical staff. However, security and privacy are still an important issue in WBANs especially in multi-hop architectures. I n this paper, we propose and present the design and the evaluation of a secure lightweight and energy efficient authentication scheme BANZKP based on an efficient cryptographic protocol, Zero Knowledge Proof (ZKP) and a commitment scheme. ZKP is used to confirm the identify of the sensor nodes, with small computational requirement, which is favorable for body sensors given their limited resources, while the commitment scheme is used to deal with replay attacks and hence the injection attacks by committing a message and revealing the key later. Our scheme reduces the memory requirement by 56.13 % compared to TinyZKP [13], the comparable alternative so far for Body Area Networks, and uses 10 % less energy.
Bitcoin brings a new type of digital currency that does not rely on a central system to maintain transactions. By benefiting from the concept of decentralized ledger, users who do not know or trust each other can still conduct transactions in a peer- to-peer manner. Inspired by Bitcoin, other cryptocurrencies were invented in recent years such as Ethereum, Dash, Zcash, Monero, Grin, etc. Some of these focus on enhancing privacy for instance crypto note or systems that apply the similar concept of encrypted notes used for transactions to enhance privacy (e.g., Zcash, Monero). However, there are few mechanisms to support the exchange of privacy-enhanced notes or assets on the chain, and at the same time preserving the privacy of the exchange operations. Existing approaches for fair exchanges of assets with privacy mostly rely on off-chain/side-chain, escrow or centralized services. Thus, we propose a solution that supports oblivious and privacy-protected fair exchange of crypto notes or privacy enhanced crypto assets. The technology is demonstrated by extending zero-knowledge based crypto notes. To address privacy and multi-currency, we build a new zero-knowledge proving system and extend note format with new property to represent various types of tokenized assets or cryptocurrencies. By extending the payment protocol, exchange operations are realized through privacy enhanced transactions (e.g., shielded transactions). Based on the possible scenarios during the exchange operation, we add new constraints and conditions to the zero-knowledge proving system used for validating transactions publicly.
In this paper we proposed an authentication technique based on the user cards, to improve the authentication process in systems that allows remote access for the users, and raise the security rate during an exchange of their messages. in this techniq ue the server performs two functions, the first function, register the users, and give him user ID, PIN code, and user private card contains secrecy information, which is used to encrypt user messages by using two kinds of encryption symmetric using RC4-Pr and asymmetric using RSA encryption., the second function, distribute the users public card if the user demand that, in which the user sends the own authentication code with their own user ID and recipient user ID to the authentication check, and then the server sends the user public card to the recipient user, thus the sender user can send the messages to recipient user without back to the server again. We attained confidentiality using RC4-Pr and RSA encryption and message authentication, user signature, and mutual secret key by using RSA encryption. in this paper we also implement the proposal in [1] RC4-pr algorithm which is modified to improve the key weakness of basic RC4.
Context-based authentication is a method for transparently validating another devices legitimacy to join a network based on location. Devices can pair with one another by continuously harvesting environmental noise to generate a random key with no us er involvement. However, there are gaps in our understanding of the theoretical limitations of environmental noise harvesting, making it difficult for researchers to build efficient algorithms for sampling environmental noise and distilling keys from that noise. This work explores the information-theoretic capacity of context-based authentication mechanisms to generate random bit strings from environmental noise sources with known properties. Using only mild assumptions about the source processs characteristics, we demonstrate that commonly-used bit extraction algorithms extract only about 10% of the available randomness from a source noise process. We present an efficient algorithm to improve the quality of keys generated by context-based methods and evaluate it on real key extraction hardware. Moonshine is a randomness distiller which is more efficient at extracting bits from an environmental entropy source than existing methods. Our techniques nearly double the quality of keys as measured by the NIST test suite, producing keys that can be used in real-world authentication scenarios.
التعليقات
جاري جلب التعليقات جاري جلب التعليقات
سجل دخول لتتمكن من متابعة معايير البحث التي قمت باختيارها
mircosoft-partner

هل ترغب بارسال اشعارات عن اخر التحديثات في شمرا-اكاديميا