1

A secure broadcasting cryptosystem and its application to grid com

putingEun-Jun Yoon, Kee-Young Yoo

Future Generation Computer Systems (2010),doi:10.1016/j.future.2010.09.012

Received date: 25 February 2010Revised date: 13 September 2010

Accepted date: 24 September 2010

2010/10/14 廖俊威

2

Broadcasting Cryptosystem

• The main purpose of a broadcasting cryptosystem is to – establish a secure communication channel from a sen

der to a group of legal receivers.

• In the broadcasting cryptosystem, – a sender can broadcast an encrypted message to a gr

oup of legal receivers.– Then, only legal receivers can decrypt the message, – and illegal receivers cannot acquire any important info

rmation from the broadcast message.

3

4

• The disadvantages of previous researches:– Need many broadcasting messages for a group of legal receivers.– Hard to add new users into the previous constructed groups

• Liaw [21] proposed a secure broadcasting cryptosystem with fewer broadcasting messages based on the RSA cryptosystem and symmetric cryptosystem, which allows easy addition of new users into the active groups.

• Sun [22] showed that Liaw’s broadcasting cryptosystem becomes actually infeasible since a prohibitively large amount of information must be kept by each user, and be sent as the rekey message for each broadcast.

• Tseng and Jan [23] also pointed out the several security weaknesses in the Liaw’s cryptosystem in 2001.

• To remedy this attack, Tseng and Jan also proposed a modification broadcasting cryptosystem.

• in 2006, Masque and Peinado [24] pointed out that Tseng and Jan’s broadcasting cryptosystem [23] actually does not work due to incorrect arithmetic and then presented a redefined Liaw’s broadcasting cryptosystem,

• in 2008, Zhu-Wu [29] showed that the redefined Liaw’s scheme [24] is still insecure in that an unauthorized user is able to obtain the shared secret, which is only intended for certain privileged users.

• Zhu-Wu did not provide an improvement.• This paper found that the redefined Liaw’s broadcasting cryptosystem has a

nother security problems, and proposed a new secure authenticated broadcasting cryptosystem.

5

The redefined Liaw’s broadcasting cryptosystem

System setup phase

6

Broadcasting phasea sender S = U1 wants to broadcast a message M t

o a group of users G = {Ui}ai =2

7

Decryption phase

Zhu-Wu’s cryptanalysis:unauthorized user Uj can get sk

8

Future cryptanalysis

1. Integrity violence of the session key from illegal modification

9

2. Session key modification attack

10

3. Message modification attack

• This message modification attack can be succeed by the attacker because the legitimate receivers do not verify the integrity of the decrypted message.

11

Proposed authenticated broadcasting cryptosystem

• System setup phase

12

Broadcasting phasea sender S = U1 wants to broadcast a message M t

o a group of users G = {Ui}ai =2

13

Decryption phase

14

Application to grid computing environments

15

16

Conclusions

• This research presents a new secure broadcasting cryptosystem.

• It is suitable for grid computing environments.

• It provides strong security compared with related cryptosystems.

• It provides secure authentication and secure session key establishment.