Mplementing a Secure Key Issuing Scheme for Communication in P 2 P Networks (original) (raw)
Related papers
IJERT-A Secure Key Issuing Protocol for Peer-to-Peer Network
International Journal of Engineering Research and Technology (IJERT), 2013
https://www.ijert.org/a-secure-key-issuing-protocol-for-peer-to-peer-network https://www.ijert.org/research/a-secure-key-issuing-protocol-for-peer-to-peer-network-IJERTV2IS100923.pdf A Peer-to-Peer (P2P) networks is one of the popular network technology as it design the low cost and high availability content distribution systems. So, security is most important issues for p2p network. The Identity based cryptography(IBC) was introduced into networks for identity verification and authentication purposes whichcould not address some security Problem.In this paper, We present an efficient key issuing protocol which makes the IBC to be more acceptable and applicable.This protocol provides a peer registration service using Shamir’s (k, n) secret sharing scheme and which adopts KGC and KPAs to issue private keys to peers very securely. For the security of KPAs,we authenticate KPAs, also remove malicious ones using the BFT(Byzantine fault tolerance) protocol. The theoretical analysis and experimental results show that this protocol performs effectively and efficiently, and is able to support large scale networks and This Protocol secure networks from various attacks.
An identity-based approach to secure P2P applications with Likir
Peer-to-Peer Networking …, 2011
Structured overlay networks are highly susceptible to attacks aimed at subverting their structure or functionalities. Although many secure architectural design proposals have been presented in the past, a widely accepted and comprehensive solution is lacking. Likir (Layered Identity-based Kademlia-like Infrastructure) is our solution for implementing a secure Peerto-Peer network based on a Distributed Hash Our purpose is to focus on three main goals: (1) providing security services and a secure overlay infrastructure against the vast majority of security threats on P2P systems, (2) dynamically creating a bridge between randomly generated peer identifiers and user identities, and (3) supplying the developer with a middleware API that can easily deal with peers' identities. Placing the emphasis on user identity results in a highly secure distributed framework which is very fitting for privacy-aware and efficient implementation of identitybased applications like social networking applications. Detailed security analysis and performance evaluation are provided. Moreover, an implementation of Likir is introduced and a case study is presented in order to show its practical use in a real-life example.
An Improvement of an Identity-Based Key Issuing Protocol
2008
In 2005, Sui et al. proposed two separable and anonymous identity-based key issuing schemes, but the impersonation attack is proposed to show that Sui et al. 's second protocol is not free from the key-escrow problem. In order to solve such problem, Feng Cao et al. proposed an improved scheme in 2006. However, in the paper, we find that Feng Cao et al. 's scheme is still vulnerable to the impersonation attack. According, the current paper first shows the weakness of Feng Cao et al's improved scheme, and then proposes our improvement which reaches the goal of avoiding key escrow problem and enhances efficiency.
Securing Identity Assignment Using Implicit Certificates in P2P Overlays
IFIP Advances in Information and Communication Technology, 2013
The security of the Peer-to-Peer (P2P) overlays networks has been questioned for years. Many works have been proposed to provide secure routing, anonymity, reputation systems, confidentiality, etc. However, the identity assignment has been less considered. These networks are designed so that each user has a unique identifier (nodeID), but the most of identity assignment systems allow malicious users to obtain a set of nodeIDs or even select certain identifiers. Thus, these users can disrupt the proper operation of a P2P overlay. In this paper, we propose a nodeID assignment protocol based on the issue of implicit certificates. Our purpose is to provide security services to struggle against the most of security threats in these networks with special attention to the identity assignment. This approach is based on the use of certificates and the joint generation of nodeIDs between a Certification Authority (CA) and the user. In addition, the use of implicit certificates presents certain advantages over the use of traditional certificates (explicit certificates).
An ID-based key agreement protocol based on ECC among users of separate networks
2012 9th International ISC Conference on Information Security and Cryptology, 2012
In this article we propose an identity based key agreement protocol based on elliptic curve cryptography (ECC) between users of different networks with independent private key generations (PKGs). Our protocol is based on Cao et al.'s protocol ,proposed in 2010, in which instead of bilinear pairings, elliptic curves are used for constructing an ID-based key agreement protocol. Our protocol develops Cao et al's protocol for situations that two users of independent organizations or networks with separate servers (that in this article, are named PKGs, because their main duty is generating private keys for the users) want to share a secret key via an insecure link. We also prove the security of the protocol in the random oracle model.
Chord-PKI: A distributed trust infrastructure based on P2P networks
Computer Networks, 2012
Many P2P applications require security services such as privacy, anonymity, authentication, and non-repudiation. Such services could be provided through a hierarchical Public Key Infrastructure. However, P2P networks are usually Internet-scale distributed systems comprised of nodes with undetermined trust level, thus making hierarchical solutions unrealistic. In this paper, we propose Chord-PKI, a distributed PKI architecture which is build upon the Chord overlay network, in order to provide security services for P2P applications. Our solution distributes the functionality of a PKI across the peers, by using threshold cryptography and proactive updating. We analyze the security of the proposed infrastructure and through simulations, we evaluate its performance for various scenarios of untrusted node distributions.
An Efficient Two-Party Identity-Based Key Exchange Protocol
Informatica
A key exchange (or agreement) protocol is designed to allow two entities establishing a session key to encrypt the communication data over an open network. In 1990, Gunther proposed an identity-based key exchange protocol based on the difficulty of computing a discrete logarithm problem. Afterwards, several improved protocols were proposed to reduce the number of communication steps and the communicational cost required by Gunther's protocol. This paper presents an efficient identity-based key exchange protocol based on the difficulty of computing a discrete logarithm problem. As compared with the previously proposed protocols, it has better performance in terms of the computational cost and the communication steps. The proposed key exchange protocol provides implicit key authentication as well as the desired security attributes of an authenticated key exchange protocol.
Provably Secure and Efficient Identity-Based Key Agreement Protocol for Independent PKGs Using ECC
The ISC Int'l Journal of Information Security, 2013
Key agreement protocols are essential for secure communications in open and distributed environments. Recently identity-based key agreement protocols have been increasingly researched because of the simplicity of a public key management. The basic idea behind an identity-based cryptosystem is that a public key is the identity (an arbitrary string) of a user, and the corresponding private key is generated by a trusted Private Key Generator (PKG). However, it is unrealistic to assume that a single PKG will be responsible for issuing private keys to members of different organizations or a large-scale nation, so it is needed to consider multiple PKG environments with different system parameters. In this paper, we propose an identity-based key agreement protocol among users of different networks with independent PKGs, which makes use of elliptic curves. We prove the security of the proposed protocol in the random oracle model and show that all security attributes are satisfied. We also demonstrate a comparison between our protocol and some related protocols in terms of the communication costs and the execution time. The results show that the execution time of our protocol is less than 10%, and its communication costs are about 50% of the competitor protocols.