Conference PaperPDF Available

Combining Private and Public Key Encryption Techniques for Providing Extreme Secure Environment for an Academic Institution Application

Authors:
International Journal of Network Security & Its Application (IJNSA), Vol.2, No.1, January 2010
82
C
OMBINING
P
RIVATE AND
P
UBLIC
K
EY
E
NCRYPTION
T
ECHNIQUES FOR
P
ROVIDING
E
XTREME
S
ECURE
E
NVIRONMENT FOR AN
A
CADEMIC
I
NSTITUTION
A
PPLICATION
1
Syed S. Rizvi,
2
Aasia Riasat,
3
Khaled M. Elleithy
1, 3
Computer Science & Engineering Department, University of Bridgeport, Bridgeport,
CT
1
srizvi,
3
elleithy@bridgeport.edu
2
Computer Science Department, Institute of Business Management
2
aasia.riasat@iobm.edu.pk
A
BSTRACT
This paper presents the implementation of a secure application for an academic institution that offers
numerous services to both students and the faculty. The primary focus of this paper is to provide a
technical implementation of a new architecture for encrypting the database. The scope of this paper
mainly includes but is not limited to symmetric and public-key cryptography, authentication, key
management, and digital signatures. The final results of this paper demonstrate that what security
features one should implement in order to achieve a highly secured application. This paper presents the
implementation of a stand alone system that can be implemented on any legacy systems, and still operates
effectively. In other words, it is self sufficient in terms of the data that it stores
.
K
EYWORDS
Data inscription standard, Rijndael Algorithm, secret Key Algorithm, & WEP
1.
I
NTRODUCTION
Some of the major services that the intended application offers to both students and the faculty
are as follows:
- The intended application is flexible in a sense that it gives ability to add/delete users, courses,
students, and documents.
- Flexibility to change passwords. The secure application provides highly transparent
environment to its users. There should be minimal input from the user due to security features.
- One of the key features that the proposed application offers is the “forgotten passwords”. In
other words, the secure application makes sure that if a user forgets his/her password, they
should not completely lose their documents.
- In addition, the proposed application ensures that an administrator should not be able to
decrypt the documents.
- Finally we design and develop this secure application by assuming that the communication is
not secure at all.
Some of the security measures that we consider during the design and development of the
targeted secure applications are as follows: Log all accesses activities to the server and provide
features in the secure application to search for unusual access patterns. If possible, put an upper
limit on the number of document that a single user can access or we should have a warning
mechanism in the application to ensure fairness. Our secure application should have a
International Journal of Network Security & Its Application (IJNSA), Vol.2, No.1, January 2010
83
permission system to the document that determines if a user is permitted to access it. If the
documents are read-only, add a software application called "Secure Viewer" that never stores
the document to disk. A user should also have the capability to add a specialized crypto board
on the server. This crypto card would be used to encrypt/decrypt files on the server.
One of the major objectives of the targeted secure application is to provide secure storage of the
faculty documents as well as maintaining authorized access to the documents for the authorized
users. In order to maintain this level of security, there is a need to design a strong and secured
application that let the documents of the faculty being kept secret by implementing data
Integrity and confidentiality as well as making the documents partially shared or available [5,
6]. Our design approach, therefore, implements a complete line of defensive authentication and
authorization cryptographic standards to protect the data and to maintain its integrity while at
the same time making it available for the authorized users. In particular, in order to design and
implement such a secured application, the following are the minimum key security-elements
that should be addressed by us in this paper: User authentication and Authorization, ACL
Management & Access Availability, Data encryption and decryption, Data integrity, and
Document Accountability. Fig. 1 shows the implementation of the above five security
components for both faculty as well as the student-users.
2.
R
ELATED
W
ORK
The best known types of symmetric encryption are the Data Encryption Standard (DES), Triple
DES (3DES), the Advanced Encryption Standard (AES), and Rivest Cipher (RC4). The former
three are block ciphers while RC4 is a true stream cipher [11]. The AES was developed as a
replacement for DES and 3DES. It supports key lengths of 128, 192, and 256 bits and a variable
block length. AES is based on the Rijndael encryption algorithm. Rijndael is a block cipher
adopted as an encryption standard by the U.S. government, developed by Joan Daemen and
Vincent Rijmen. It has been analyzed extensively and is now used widely worldwide as was the
case with its predecessor, DES [17]. During the evaluation of candidates for the AES standard,
Rijndael was analyzed by some of the world’s best cryptanalysts. It has proven to be very
effective against known attacks, very efficient, and simple to implement. [17]. Rijndael
supports a larger range of block and key sizes; AES has a fixed block size of 128 bits and a key
size of 128, 192 or 256 bits, whereas Rijndael can be specified with key and block sizes in any
multiple of 32 bits, with a minimum of 128 bits and a maximum of 256 bits [12].
Our proposed research project uses the Rijndael cipher algorithm to perform data encryption
and decryption. The key sharing will be secured by the implementation of the public key
algorithm, RSA. The use of Rijndael cipher algorithm allows us to store the data in a
compressed encrypted form which consequently results in a small-size database. Our
implementation, therefore, addresses some of the common issues raised in [10]. Moreover, we
combine the secure hash algorithm 1 (SHA1) [16] with the RSA (which stands for Rivest,
Shamir and Adleman who first publicly described it) public key algorithm to generate the digital
signature for user authentication.
Previously, there were several attempts to combine the RSA algorithm with the other security
mechanism to provide a fast and secure implementation. For instance, number of researchers
combined RSA algorithm with the Chinese remainder theorem (CRT) [13] [14]. However, none
of them described the implementation detail of these algorithms. The goal of our research work
is to provide an extreme secure environment by appropriately combining the private key
algorithms with the public key algorithms.
The attempt of combining these algorithms allows us to minimize the execution time (e.g., using
private key algorithm such as DES rather than public key algorithm such as RSA) and maximize
International Journal of Network Security & Its Application (IJNSA), Vol.2, No.1, January 2010
84
the security (e.g., using public key algorithm to avoid the use a secret key). For instance, RSA is
about 1000 times slower than DES [10]. This is partly a result of the fact that secure key lengths
for public key algorithms are about 100 times longer than comparable-strength symmetric keys
[15]. It is also a result of the fact that the mathematical operations required to implement the
popular flavours of public-key encryption are much more complicated than those required for
popular symmetric-key algorithms [11].
DS
M
M
Password Derived Bytes
Algorithm
IV KEY (K) M
Encryption
Rijndael Algorithm
Encrypted
Message
IV KEY (K)
HASH: SHA1 Algorithm
Message Digest
(MD)
Digital Signature
RSA Algorithm
Private
Key
Key
MD
Digital
Signature
(DS)
Public Key (PK)
PK DS
Message Digest
(MD)
Me
ssage
(M)
Equal
Generates a key based on user’s password
Uses the Key (
K
) to encrypt the message (
M
)
SHA1
Algorithm
This message decr yption is
performed if the mess ages
are transmitted without DS
(i.e., we intend to use DS
between faculty to faculty
data transfer
Message Digest
(MD)
Decrypting the signat ure using
the sender’s public key to
recover the original MD or
HASH
Receiver
Rijndael Algorithm
Generating private and
public keys
Message
(M)
Pass
word
(P)
Usern
ame
(U)
Writing a text on the screen
Users: Faculty or/and Students
Fig. 1. Proposed Architecture for combining various security features for the intended application
International Journal of Network Security & Its Application (IJNSA), Vol.2, No.1, January 2010
85
3. C
OMPONENTS
O
F
T
HE
P
ROPOSED
A
RCHITECTURE
3.1. User Authentication and Authorization
The secure application is certainly required to employ a strong mechanism to authenticate the
users. The most frequently used strategy is asking for a user name and password to authenticate
the user. Some key points that we should consider in the design of authentication mechanism
are: transmitting the password in clear (i.e., we may use SSL to protect the user privacy and to
safe the application by being played in the hand of some intruder after he capture the network
traffic and thus get the password). Also, it is required that the secure application provides secure
storage of the user names and passwords along with a method to manage them, including
resetting or revoking the passwords or user accounts. Our another important concern during the
preliminary design of secure application is whether to store the password in some hash format
or storing it in the plain text format as the user entered.
3.2. ACL Management & Access Availability
One of the requirements of the secured application is making information always accessible to
users who need it and who have sufficient permissions to access it. In order to achieve this task,
the design of secure application should provide a robust mechanism to perform good
management of document creation/accessing the documents in a secure manner, and access
rights settings. For instance, Fig. 2 represents the implementation of secure HTTP.
3.3. Date Encryption and Decryption
The design of a secure application is not possible without the use of some encryption and
decryption techniques. The advantages of symmetric key cryptography make our design choice
rather straightforward. However, since both parties need the same key for effective
communication to occur, key distribution becomes an issue [1, 4]. For our secure application,
the encryption will takes place at the server where as the keys can be generated by the owner of
the files entering some text. In addition, if file gets corrupted, the owner should be able to
produce the same set of the keys if needed. The keys can be stored in encrypted format on the
secured server, while just the server side application can access the file that contains the set of
Figure 2. Implementation of secure HTTP (HTTPS) for academic institution application
International Journal of Network Security & Its Application (IJNSA), Vol.2, No.1, January 2010
86
all keys that are used to encrypt the documents. On the other hand, in order to decrypt the
document and make accessible to all users, we prefer an approach where decryption takes place
at the server before the actual transmission of the file to the user.
3.4. Data Integrity
Data integrity is one of the issues that we consider during the development phase of our secured
application. The task is to make files secure by completely denying unauthorized access to the
files while at the same time make sure that the files should be modified only by those (student
or faculty) who are authorized to do so (If any) or can not be modified other than the owner of
the document. We implement the concept of digital signatures that enable recipients to verify
the integrity of an electronic document that is used.
3.5. Document Accountability
The secure application needs to keep track and to maintain the log of the activities that the user
performed on the document. This is essential since some of the users may have privileges to
modify some of the shared documents for which they have access rights. Document auditing [2,
3] is one of the important security measures that we desire to have in our designed application
since it enables secure application to maintain accountability with regard to the use of protected
files.
4.
I
MPLEMENTATION
I
SSUES AND
D
ESIGN
C
HOICES
In this section, we present our overall design structure for the targeted application. In addition,
this section provides a comprehensive discussion on implantation issues and our design choices
for implementing each security component we discussed above. Furthermore, in this section we
present the proposed architecture for the targeted application.
4.1. Project Design Phase
The design phase includes overall flow of the project, design of the database to suit the contents
of the application, security features including authorization and authentication process, Access
control list management, Session objects implementation, owner keys management, and secure
http (https) implementation for transferring secure data between different entities of this
application. The implementation of secure http is shown in Fig. 2.
4.2. Proposed Database Design
The database was designed in a way that it would suit the application flow and all the entities of
the application (see Fig. 3). The database consists of the following main entities to record the
application flow: Faculty, Course, Student, Document, and System Administrator. For the sake
of simplicity, all the entities information are kept simple in database, although this information
can be made comprehensive and complete in any real time implementation and as per the
development requirements. Furthermore, the discussion of this section yields the class diagram
as shown in Fig. 3. In addition, Fig. 4 shows a simple data flow diagram of the proposed
architecture. The high level architecture of the proposed approach is presented in Fig. 5. The
details of both flow diagram and the high level architecture will be discussed in the subsequent
sections.
4.2.1. Faculty
International Journal of Network Security & Its Application (IJNSA), Vol.2, No.1, January 2010
87
A Faculty entity contains the complete record about a faculty including the membership
information. Membership information stores the faculty‘s login name, password (stored in the
hashed format), secret question and answer, birth date and place. This information is included in
Figure 3. Class diagram for the implemented project
International Journal of Network Security & Its Application (IJNSA), Vol.2, No.1, January 2010
88
the membership account to create the encryption/decryption keys and to reset the password in
case of password forget or password reset request.
4.2.2. Course
Course entity as the name implies contains all the information related to an offered course. This
information includes Course-No, CRN, Name, Course Level, Credit hours, semester and year in
which the course if offered. Along with this course entity a unique ID is stored too that
identifies this course uniquely among all the other courses records.
4.2.3. Student
A student entity contains the complete record of a student including the membership
information. Membership information stores the student‘s login name, password (stored in the
hashed format), secret question and answer, birth date and place. This information is included in
the membership account to reset the password in case of password forget or password reset
request. This information serves to maintain the student personal information and to process
authentication and authorization request. Along with this student entity a unique ID is stored too
that identifies student uniquely among all the other student records.
4.2.4. Document
This entity contains all the information that is related to a document that belongs to a faculty
and optionally can belong to a course. The information in this entity includes a unique ID
allotted to each record in this table to uniquely identifying the document, the faculty ID who
owns this document, document name, location and description. The original document is stored
in encrypted format in the database. For encrypting the documents the keys are generated at the
runtime by using some personal information of the faculty to whom the document belongs.
Since this is entirely dynamic, it ensures the document security from the time when the
document resides in the database.
4.2.5. System Administrator
System administrator is the second important entity of this application since all the above
described entities including faculty, courses, students, registration, accounts setup and course
assignments management is being carried out by the system administrator. The following are
some of the typical responsibilities of the system admin: System admin is responsible to
perform additions, modifications and deletions of all the faculty, courses and students records.
A system admin can add new course information to the database and to the list of the courses
that are offered at any given semester. He or she can set up the membership records and the
login accounts for both students and the faculty. Only a system administrator can perform the
registration process.
Some of the design and implementation issues that can arise here include the level of authority
and accessibility for the system admin. The project draft indicated that introducing a new
course, assigning it to a faculty member, and registering a student for a course can be or should
be done by any of the faculty member. However, a design issue that is involved here is that
these tasks require a central authority that neutrally could do all these tasks and that entity
should be some thing else other than the faculty entity. In order to resolve this issue, we
developed the application as our faculty can not assign a course to him/her self, while an
administrator could do that.
4.3. Proposed Security Design
The proposed security design includes various security measures that are incorporated in the
intended application.
International Journal of Network Security & Its Application (IJNSA), Vol.2, No.1, January 2010
89
4.3.1. Custom Base Class
In our research project we have used ASP.NET Custom Base Class feature to secure access to
all the project web pages, data and services available on them [7]. For this purpose, we created
custom base class called “My Pages” which is derived for System.Web.UI.Pages and consists of
those classes that contain the code that put the security checks and take care of the process of
authorization. All the web form’s codes behind classes are derived from the Custom Base Class
that provides the basic infrastructure for the web page’s information access security. To
implement this hierarchy, we implemented the .Net’s most prominent feature: session
management to maintain the user’s identity at each step of the application [8, 9]. By using the
custom based class implementation, we have avoided the URL spoofing in which a person who
is not authorize to view the page contents or to access the resources offered by it can be able to
access the page’s contents
4.3.2. Dynamic Key Generation and Management
In order to prevent the unauthorized access to the keys that are used to secure the documents
upon storage, the keys for encryption and decryption are chosen entirely at run time. With this
approach, we avoided to store them at any place which consequently avoided any security
threats. The system will be a bit slow in the response but will save us the cost of being insecure.
The keys are generated based on the session objects information of the person which is being
signed at the time of the document upload and encryption request
4.4. Basic Concepts Design and Flow Diagram
The basic concept includes the users, custom, validation and calendar controls. Validating the
user inputs throughout the pages include telephone number and date information. Updating the
database based on the calendar when the user specify the date. The retrieved information from
the database is displayed using data adapters, data sets, and data grids and data list. The main
tools used as a basic concept in .Net framework are: User Controls, Image Controls, Html File
Control, Data List, Data Grid, Calendar Controls, Validation Controls, Regular Expressions,
Data Readers, Data Adapters, and Data Sets. It can be seen in Fig. 4 that the data flow from top
to bottom where system administrator initiates and introduces students, courses, and faculty. A
detailed flow diagram or a high level architecture of the proposed secure application is shown in
Fig. 5.
5.
S
ECURE
D
OCUMENT
A
PPLICATION
I
MPLEMENTATION
In this section, we present a discussion on the technicalities we encountered during the
development phase of this project. This includes implementation detail and interface choice. In
Faculty can
assign
documents to
courses and
to students
Student can
access course
documents
Faculty
Entity
Student
Entity
Cours
es
Offered
Document
Encrypt/
Decrypt
System Admin
Entity
Database
Figure 4. A simple data flow diagram
International Journal of Network Security & Its Application (IJNSA), Vol.2, No.1, January 2010
90
this application, the flow of the application starts from the main (default) page where a person
sign in and then based on its role or membership, he/she will be then directed to specific web
pages and resources he can access. The main entities in this implementation include System
Admin interface and Faculty and Student Interfaces as outlined below.
5.1. System Admin Interface
The system admin interface contains the links to the pages where a system admin can perform
course management, faculty & students accounts managements In addition, a system admin can
assign courses to faculty and can register students to specific courses. The links at the system
admin interface include faculty accounts, admin accounts, student accounts, courses
management interfaces. System administrator manages student’s accounts by adding,
Figure 5. Detailed Flow Diagram of Secure Application for an Academic Institution
International Journal of Network Security & Its Application (IJNSA), Vol.2, No.1, January 2010
91
modifying, deleting student record. He/she can setup their login accounts and can register them
to the desired courses offered by a certain semester. Similarly for performing courses
management, a system administrator can introduce new courses, can modify and delete existing
courses and can assign different courses to faculty members as agreed by some formal meetings.
Figures 6, 7, and 8 shows different parts of the system administrations.
5.2. Faculty Interface
When a faculty member logs in to the application, he/she is directed to a web page that provides
the information and services that are only related to that faculty member. As one can see in Fig.
9, the faculty member has provided the information regarding the courses that are assigned to
him and the documents (encrypted) that he has in his folder at the server. In addition when a
course is selected, the page shows the documents that are related to that specific course. The list
of students who have given the access to his (faculty member) documents are also shown here.
The faculty member has given the option to change the accessibility permissions of the student
by deleting the student record form the list for whom he doesn’t want to allow the accessibility
of the document. The documents are uploaded to the server in encrypted format and then stored
into the data base as a BLOB. During the uploading and encryption, the secure Http Protocol is
being used, so that the transfer of the documents takes place securely.
5.3. Student Interface
When a student logs into the secure document application, he has shown the list of his registered
courses and their complete description including faculty information. He can choose any of the
documents that he want to access and can click the download button. The download button
extract the document that are stored in the database in the BLOB form and then decrypt it on to
the-sever; finally the document is made available in the browser for the student. During the
document transfer we again implemented secure Http protocol to securely transfer the
document.
Figure 6. System Admin Control Panel: Faculty Accounts Management
International Journal of Network Security & Its Application (IJNSA), Vol.2, No.1, January 2010
92
6.
F
EATURES
A
ND
S
ECURITY
C
ONSIDERATIONS
Following are some of the features that we have successfully implemented. As this project
demands, in designing this web application, a lot of emphasis we have given to the document
security, authentication and authorization process. The security features we implemented in this
project are outlined below.
6.1. Custom Base Class and Code-Behind Classes
The base functionality for all ASP.NET pages is spelled out by the Page class in the system.
Web. UI name space [8, 9]. This class defines the essential properties, methods, and events for
an ASP.NET page. While all ASP.NET pages must be derived from the Page class, they need
not be directly derived. Some time it becomes very convenient to create a base class for a
particular ASP.NET Web application that extends the Page class and have all code-behind
classes derive from this class, rather than directly from the Page class. This universal base class
can contain its own properties, methods, or events that are common to all pages in the particular
ASP.NET application, or it can extend the functionality of existing methods or properties.
6.2. Role Base Security for Securing Page & Resource Access
.NET Framework provides support for the implementation of role based security which consists
of authentication and authorization. Authentication is verifying identity while authorization is
determining whether user has the permission for the request he placed. Authorization takes the
identity of the user and information based on which the application grant or deny permissions.
In this application, we have our main entities as system administrator, faculty, and students.
Depending on these roles .NET authenticates a user and provides access to the services or the
documents he/she is authorized for. With this Project idea, we basically assumed three different
levels or angles of data access and authorization. We designed the web pages dividing the data
accessibility and its access rights for faculty, student and administrator at the time of signing in
the application. The two interface categories that are made available in this case are: System
administrator Interface and Classified members interface.
Figure 7. System Admin Control Panel: Student Accounts Management
International Journal of Network Security & Its Application (IJNSA), Vol.2, No.1, January 2010
93
6.3. System Admin Interface & Admin Responsibilities
System admin interface is the back bone of the project as it directly affects the application’s data
processing and retrieval. It actually implements the role based security by creating roles to
faculty, student & other administrator, and in this way it drives the data access security and data
retrieval of the entire application.
Figure 8. System Admin Control Panel: Courses Management
Figure 9. Faculty Member Interface
International Journal of Network Security & Its Application (IJNSA), Vol.2, No.1, January 2010
94
6.4. Session Management with ASP.NET Session Object
Whenever a user requests a web page from an application, the server object checks to see if the
user has a session ID, The session ID is included in the requesting HTTP header. If the user has
a valid session ID, the user is treated as “Active” user and is allowed to continue with the
application. The session object is used to store information about the user. This information is
retained for the duration of user session.
6.5. Multi-Tier Database Application Logic
The most prominent feature of our project is the custom class “DataAccessTier.cs” that
separates out the interfaces or the web pages and their code behind files and the custom class’s
methods that get connection with database and retrieved application specific information. This
we did by means of a custom class called “Data Access Tier” class that acts as a middle tier in
between database and the application persons.
7.
C
ONCLUSION
In this paper, we presented a new design for providing comprehensive security for a secure
application by combining many different security techniques using the .NET framework. The
most prominent feature of the .NET is its full fleshed Cryptography-API that provides
techniques of encryption and decryption while hiding all the technical details. This is one of the
main reasons that we achieved the goal of completing this secure application. Secure HTTP
communication provided by ASP.NET’s API is also another most important and handy feature
worth to mention here. Some of the tools used in the application include data access controls
that avoid repetitive database programming, built in authentication features and security controls
that enable automated management of user accounts and roles and simplified web deployment.
The proposed project consists of different tools and techniques for building secure web
applications with strong database accessibility and crypto graphic techniques. During the design
phase, we learned and practiced many new techniques that we found very useful and interesting
in the context of building a secure and powerful web application along with strong and real time
database functionality.
R
EFERENCES
[1] M. Hansen. Asynchronous group key distribution on top of the cc2420 security mechanisms for
sensor networks. Proceedings of the second ACM conference on Wireless network security, pp. 13 –
20, March 2009.
[2] J. Albath and S. Madria. Practical algorithm for data security (PADS) in wireless sensor networks.
Proceedings of the 6th ACM international workshop on Data engineering for wireless and mobile
access, pp. 9 – 16, Jan 2007.
[3] H. Bulbul, I. Batmaz, M. Ozel. Wireless network security: comparison of WEP (Wired Equivalent
Privacy) mechanism, WPA (Wi-Fi Protected Access) and RSN (Robust Security Network) security
protocols. Proceedings of the 1st international conference on Forensic applications and techniques
in telecommunications, information, and multimedia and workshop, Article 9, Jan 2008.
[4] J. Brustoloni. Laboratory experiments for network security instruction. Journal on Educational
Resources in Computing (JERIC), Vol. 6, Issue 4, December 2006.
[5] L. Catuogno and A. Santis. An internet role-game for the laboratory of network security course.
Proceedings of the 13th annual conference on Innovation and technology in computer science
education, pp. 240 – 244, June 2008.
[6] Z. Zhang, F. Abdesselam, X. Lin, P. Ho. A model-based semi-quantitative approach for evaluating
security of enterprise networks. Proceedings of the 2008 ACM symposium on Applied computing,
pp. 1069-1074, March 2008.
International Journal of Network Security & Its Application (IJNSA), Vol.2, No.1, January 2010
95
[7] L. Moningi, “Authentication and Authorization in ASP.NET,” September 09, 2003. Available at:
http://www.c-sharpcorner.com/mrsharp.asp
[8] D. Watkins, “An Overview of Security in the .NET Framework,” Project 42, Sebastian Lange,
Microsoft Corporation. January 2002.
[9] J. Meier, A. Mackman, B. Wastell, P. Bansode, A. Wigley, K. Gopalan, Security Practices:
ASP.NET 2.0 Security Practices at a Glance,” Microsoft Corporation, August 2005.
[10] S. Diesburg, C. Meyers, D. Lary, and A. Wang. When cryptography meets storage. Proceedings of
the 4th ACM international workshop on Storage security and survivability, pp. 11 20, October
2008.
[11] A. Risley, J. Roberts, P. LaDow, “Electronic security of real-time protection and SCADA
communications”, Schweitzer Engineering Laboratories, SEL 2003 Inc. Pullman WA USA.
[12] J. Nechvatal, E. Barker, L. Bassham, W. Burr, M. Dworkin, J. Foti, and E. Roback, “Report on the
Development of the Advanced Encryption Standard (AES)”, October 2, 2000.
[13] J. Blömer, M. Otto, J. Seifert. A new CRT-RSA algorithm secure against bellcore attacks.
Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 311
320, Washington D.C., USA, October 2003.
[14] D. Wagner. Cryptanalysis of a provably secure CRT-RSA algorithm. Proceedings of the 11th ACM
conference on Computer and communications security, pp. 92 – 97, Washington D.C., USA, 2004.
[15] K. Yumbul and E. Savaş. Efficient, secure, and isolated execution of cryptographic algorithms on a
cryptographic unit. Proceedings of the 2nd international conference on Security of information and
networks, pp. 143 – 151, Famagusta, North Cyprus, 2009.
[16] S. Sanadhya and P. Sarkar. A new hash family obtained by modifying the SHA-2 family.
Proceedings of the 4th International Symposium on Information, Computer, and Communications
Security, pp. 353 – 363, Sydney, Australia, 2009.
[17] Jalpa Bani and Syed S. Rizvi. A New Dynamic Cache Flushing (DCF) Algorithm for Preventing
Cache Timing Attack. International Journal of Computer Science and Information Security (IJCSIS).
Vol. 4, No.1, pp. 110 - 116, 2009.
Author
SYED S. RIZVI is a Ph.D. student of Computer Engineering at the University of
Bridgeport. He received a B.S. in Computer Engineering from Sir Syed University
of Engineering and Technology and an M.S. in Computer Engineering from Old
Dominion University in 2001 and 2005 respectively. In the past, he has done
research on bioinformatics projects where he investigated the use of Linux based
cluster search engines for finding the desired proteins in input and outputs
sequences from multiple databases. For last one year, his research focused
primarily on the modelling and simulation of wide range parallel/distributed
systems and the web based training applications. Syed Rizvi is the author of 76
scholarly publications in various areas. His current research focuses on the design, implementation and
comparisons of algorithms in the areas of multiuser communications, multipath signals detection, multi-
access interference estimation, computational complexity and combinatorial optimization of multiuser
receivers, peer-to-peer networking, and reconfigurable coprocessor and FPGA based architectures.
Aasia Riasat is an Associate Professor of Computer Science at Collage of
Business Management (CBM) since May 2006. She received an M.S.C. in
Computer Science from the University of Sindh, and an M.S in Computer Science
from Old Dominion University in 2005. For last one year, she is working as one of
the active members of the wireless and mobile communications (WMC) lab
research group of University of Bridgeport, Bridgeport CT. In WMC research
group, she is mainly responsible for simulation design for all the research work.
Aasia Riasat is the author or co-author of more than 41 scholarly publications in
International Journal of Network Security & Its Application (IJNSA), Vol.2, No.1, January 2010
96
various areas. Her research interests include modelling and simulation, web-based visualization, virtual
reality, data compression, and algorithms optimization.
KHALED ELLEITHY received the B.Sc. degree in computer science and
automatic control from Alexandria University in 1983, the MS degree in computer
networks from the same university in 1986, and the MS and Ph.D. degrees in
computer science from the Center for Advanced Computer Studies at the
University of Louisiana at Lafayette in 1988 and 1990, respectively. From 1983 to
1986, he was with the Computer Science Department, Alexandria University,
Egypt, as a lecturer. From September 1990 to May 1995 he worked as an assistant
professor at the Department of Computer Engineering, King Fahd University of Petroleum and Minerals,
Dhahran, Saudi Arabia. From May 1995 to December 2000, he has worked as an Associate Professor in
the same department. In January 2000, Dr. Elleithy has joined the Department of Computer Science and
Engineering in University of Bridgeport as an associate professor. In May 2003 Dr. Elleithy was
promoted to full professor. In March 2006, Professor Elleithy was appointed Associate Dean for Graduate
Programs in the School of Engineering at the University of Bridgeport.
Dr. Elleithy published more than seventy research papers in international journals and conferences. He
has research interests are in the areas of computer networks, network security, mobile communications,
and formal approaches for design and verification.
ResearchGate has not been able to resolve any citations for this publication.
Article
Full-text available
At CCS 2003, a new fault immune CRT-RSA signature algorithm, namely BOS scheme was proposed by Bl?omer, Otto, and Seifert. Unfortunately, one year later, Wagner presented a practical fault attack on the BOS scheme. How- ever, Wagner's attack itself contains a flaw in the most re- alistic "random fault model". Though it has been fixed by Liu et al. at DASC 2006, it is still of interest to see other possible and efficient attacks against the BOS scheme. Re- cently, Ming Li et al. proposed an efficient fault attack on the BOS scheme which targets the secret key dp and some related messages. In this paper, a new fault attack on the BOS scheme is presented. Our attack is similar to but dif- ferent from Li et al.'s attack and is still more efficient than Wagner's attack. To completely break the security of the BOS scheme, the adversaries first induce a permanent fault on the secret RSA key dp or dq and then run the BOS scheme to obtain four faulty RSA signatures. Lastly, the adversaries can obtain the factorization of the RSA modulus by using the Greatest Common Divisor algorithm.
Conference Paper
Full-text available
In this work, we study several properties of the SHA-2 design which have been utilized in recent collision attacks against reduced round SHA-2. Small modifications to the SHA-2 design are suggested to thwart these attacks. The modified round function provides the same resistance to lin- earization attacks as the original SHA-2 round function, but, provides better resistance to non-linear attacks. Our next contribution is to introduce the general idea of "multiple feed-forward" for the con- struction of cryptographic hash functions. This can provide increased resistance to the Chabaud-Joux type "perturbation-correction" collision attacks. The idea of feed-forward is taken further by introducing the idea of feed-forward across message blocks leading to resistance against generic multi-collision attacks. The net effect of the suggested changes to the SHA-2 design has insignificant impact on the efficiency of computing the digest.
Conference Paper
Full-text available
In this paper we describe a new algorithm to prevent fault attacks on RSA signature algorithms using the Chinese Remainder Theorem (CRT-RSA). This variant of the RSA signature algorithm is widely used on smartcards. Smartcards on the other hand are particularly susceptible to fault attacks like the one described in [7]. Recent results have shown that fault attacks are practical and easy to accomplish ([21], [17]).Therefore, they establish a practical need for fault attack protected CRT-RSA schemes. Starting from a careful derivation and classification of fault models, we describe a new variant of the CRT-RSA algorithm. For the most realistic fault model described, we rigorously analyze the success probability of an adversary against our new CRT-RSA algorithm. Thereby, we prove that our new algorithm is secure against the Bellcore attack.
Conference Paper
Full-text available
Confidential data storage through encryption is becoming increasingly important. Designers and implementers of encryption methods of storage media must be aware that storage has different usage patterns and properties compared to securing other information media such as networks. In this paper, we empirically demonstrate two-time pad vulnerabilities in storage that are exposed via shifting file contents, in-place file updates, storage mechanisms hidden by layers of abstractions, inconsistencies between memory and disk content, and backups. We also demonstrate how a simple application of Bloom filters can automatically extract plaintexts from two-time pads. Further, our experience sheds light on system research directions to better support cryptographic assumptions and guarantees.
Conference Paper
We study a countermeasure proposed to protect Chinese remainder theorem (CRT) computations for RSA against fault attacks. The scheme was claimed to be provably secure. However, we demonstrate that the proposal is in fact insecure: it can be broken with a simple and practical fault attack. We conclude that the proposed countermeasure is not safe for use in its present form.
Article
Wireless Local Area Networks (WLANs) are gaining popularity as they are fast, cost effective, flexible and easy to use. They are, however, faced with some serious security challenges and the choice of security protocol is a critical issue for IT administrators. The goal of this paper is to make the non-specialist reader aware of the disadvantages and threats of the wireless security protocols. WEP (Wired Equivalent Privacy), WPA (Wi-Fi Protected Access) and RSN (Robust Security Network) security protocols are examined in this respect. Then they are compared via the common features in order to give some insight to those who work with WLANs. We hope this paper give boost to the IT security staff and clarify the common questions of the non-specialist reader. This paper is a compilation of the wireless security weaknesses and counter measures that are put forward until recently. We believe that a thorough understanding of this paper makes the non-specialist reader have a complete review of wireless security and vulnerabilities associated with it.
Conference Paper
A sensor network is a network consisting of small, inexpensive, low-powered sensor nodes that communicate to complete a common task. Sensor nodes are characterized by having limited communication and computation capabilities, energy, and storage. They often are deployed in hostile environments creating a demand for encryption and authentication of the messages sent between them. Due to severe resource constraints on the sensor nodes, efficient key distribution schemes and secure communication protocols with low overhead are desired. In this paper we present an asynchronous group key distribution scheme with no time synchronization requirements. The scheme decreases the number of key updates by providing them on an as needed basis according to the amount of network traffic. We evaluate the CC2420 radio security mechanism and show how to use it as a basis to implement secure group communication using our proposed group key distribution scheme.
Conference Paper
Cryptographic algorithms handle sensitive information and their safe execution plays an essential role in many security applications. When implemented in software on general-purpose computers, cryptographic algorithms are vulnerable to a variety of attacks such as side-channel and cold-boot attacks since they either share hardware resources with other simultaneously executing processes or store sensitive information in easily accessible places (e.g. main memory). In this paper, we demonstrate that secure and isolated execution of cryptographic algorithms is possible on a cryptographic unit that can easily be integrated to all RISC processors. The cryptographic unit is capable of physically isolating the execution of cryptographic algorithms from all other simultaneously executing processes. By specifically providing an AES implementation running in this isolated execution environment we demonstrate that it is possible to provide physical process isolation for cryptographic algorithms without any significant overhead in execution time. Furthermore, the proposed technique protects the cryptographic applications against cold-boot and cache attacks as well as any other threats originated from other processes since the sensitive material never leave the cryptographic unit. We realized a RISC-based embedded processor with five-stage pipeline featuring the cryptographic unit on an FPGA device. We included the implementation results both for FPGA and ASIC realizations.