Arazi proposed a scheme to integrate a key exchange protocol into the DSS (digital signature standard) to authenticate two public keys exchanged between two users and then one corresponding secret session key can be s...
详细信息
Arazi proposed a scheme to integrate a key exchange protocol into the DSS (digital signature standard) to authenticate two public keys exchanged between two users and then one corresponding secret session key can be shared by two parties based on the Diffie-Hellman public-key distribution scheme. Later, Nyberg and Rueppel pointed out a weakness in the Arazi protocol: if one secret session key is compromised then the others will be disclosed as well. The Letter proposes a modified key agreement protocol based on the DSS.
In this paper, we address the problem of network survivability by presenting a unified approach where the wide-area circuit-switched teletraffic network and the underlying transmission facility network are considered ...
详细信息
In this paper, we address the problem of network survivability by presenting a unified approach where the wide-area circuit-switched teletraffic network and the underlying transmission facility network are considered simultaneously. We assume the backbone circuit-switched teletraffic network to be nonhierarchical with dynamic call routing capabilities. The transmission facility network is considered to be sparse (as is observed for emerging fiber optic networks) and is assumed to be two-arc connected. Our approach addresses the network survivability objective by considering two grade-of-service parameters: one for the traffic network under normal operating condition and the other for affected part of the network under a network failure. We present unified mathematical models and develop heuristic algorithms. We then present computational results to demonstrate the effectiveness of the unified approach.
The author proposes some DSA type secure interactive batch verification protocols, where the signer generates n signatures through interactions with the verifier, and the verifier validates all these n signatures.
The author proposes some DSA type secure interactive batch verification protocols, where the signer generates n signatures through interactions with the verifier, and the verifier validates all these n signatures.
When a computer network grows larger and adds more services offered by different providers, each user may have to keep many keys for different services. Incorporating smart card technologies and master key concept, th...
详细信息
When a computer network grows larger and adds more services offered by different providers, each user may have to keep many keys for different services. Incorporating smart card technologies and master key concept, this letter proposes an efficient scheme to solve the key management problem in such multiservice environments.
User authentication and access control are both necessary mechanisms for data protection in a computer system. Traditionally, they are implemented in different modules. In this paper, a new solution is presented to pr...
详细信息
User authentication and access control are both necessary mechanisms for data protection in a computer system. Traditionally, they are implemented in different modules. In this paper, a new solution is presented to provide user authentication and access control in a single module to avoid any possible security breach between these two protection mechanisms. The secret information required for the whole system is minimised and the difficulty of password comprising increased to improve system security. More importantly, with time complexity of implementation almost equivalent to that found in the normal public key based password authentication schemes and limited extra storage space, both user authentication and access control can be achieved at the same time.
Knowledge exchange and information access in a truly distributed network often require transmitting of data through an open media. Consequently, data presented through such an environment are vulnerable to attacks. To...
详细信息
Knowledge exchange and information access in a truly distributed network often require transmitting of data through an open media. Consequently, data presented through such an environment are vulnerable to attacks. To minimize such vulnerability, data transformation or encryption/decryption techniques are often utilized among senders and receivers to achieve secure communication. Since data encryption/decryption requires sharing of a secret session key, finding an efficient way to distribute the session key in a large-scale, truly distributed network has been a nontrivial task. This paper presents a protocol for efficiently distributing session keys in such an environment to establish a secure channel. We assume the target network consists of many locally trusted centers, and each center has many users attached to it. The scheme incorporates the public-key distribution concept and the RSA encryption scheme as the basic mathematical tools, but eliminates the storage problem associated with huge public-key files. In addition, the proposed scheme has the added feature of providing the authenticate session key to the two parties in a secure communication.
We present an explicit combinatorial algorithm for constructing a 2-realization for any given permutation on a circuit-switched d-dimensional hypercube (d-cube) such that the total number of directed edges used in the...
详细信息
We present an explicit combinatorial algorithm for constructing a 2-realization for any given permutation on a circuit-switched d-dimensional hypercube (d-cube) such that the total number of directed edges used in the realization (counting every repetition) is bounded by d2(d), the total number of directed edges in the d-cube. As a corollary, this result implies a (2d - 3) step realization on a packet-switched d-cube (d greater than or equal to 3).
In 1982, Akl and Taylor proposed an elegant solution to the partially ordered multilevel key distribution problem, using a cryptographic approach. Since then, continuing research has been conducted to try to realize a...
详细信息
In 1982, Akl and Taylor proposed an elegant solution to the partially ordered multilevel key distribution problem, using a cryptographic approach. Since then, continuing research has been conducted to try to realize and simplify their scheme. Generally speaking, there are two problems associated with their scheme. First, a large value associated with each security class needs to be made public. Secondly, new security classes are not permitted to be added into the system once all the security keys have been issued. Our paper presents a very similar approach. But instead of using the top-down design approach as in their scheme, our scheme is using a bottom-up key generating procedure. The result is that the published values for most security classes can be much smaller than in their scheme. This property becomes more obvious for a broad and shallow hierarchial graph. In addition, our scheme can accommodate the changes of adding new security classes into the system.
Performance characteristics for the stable PH/PH/1 queue are usually given in terms of the geometric generator matrix R . The waiting-time distribution, however, can be computed with a formalism that does not make use...
详细信息
Performance characteristics for the stable PH/PH/1 queue are usually given in terms of the geometric generator matrix R . The waiting-time distribution, however, can be computed with a formalism that does not make use of this matrix. Instead, a coupling matrix, available at no computational cost, forms the basis for simple expressions from which the waiting-time (and idle-time) distributions and their moments can be efficiently computed.
After gathering sufficient shadows from honest participants and deriving the secret exclusively, a participant, in the process of reconstruction a secret, can turn dishonest and withhold his own shadow (or present a f...
详细信息
After gathering sufficient shadows from honest participants and deriving the secret exclusively, a participant, in the process of reconstruction a secret, can turn dishonest and withhold his own shadow (or present a fake shadow) so that others cannot obtain the secret. Previous solutions to overcome this cheating problem require all participants to release their shadows simultaneously;which is difficult to enforce without other supporting protocols. In this paper, we propose a secret reconstruction protocol to solve the cheating problem without the simultaneous release constraint. This protocol is unconditionally secure and can be incorporated with any secret sharing scheme to realize any secret sharing policy.
暂无评论