View
213
Download
0
Embed Size (px)
Citation preview
1
A secure broadcasting cryptosystem and its application to grid com
putingEun-Jun Yoon, Kee-Young Yoo
Future Generation Computer Systems (2010),doi:10.1016/j.future.2010.09.012
Received date: 25 February 2010Revised date: 13 September 2010
Accepted date: 24 September 2010
2010/10/14 廖俊威
2
Broadcasting Cryptosystem
• The main purpose of a broadcasting cryptosystem is to – establish a secure communication channel from a sen
der to a group of legal receivers.
• In the broadcasting cryptosystem, – a sender can broadcast an encrypted message to a gr
oup of legal receivers.– Then, only legal receivers can decrypt the message, – and illegal receivers cannot acquire any important info
rmation from the broadcast message.
3
4
• The disadvantages of previous researches:– Need many broadcasting messages for a group of legal receivers.– Hard to add new users into the previous constructed groups
• Liaw [21] proposed a secure broadcasting cryptosystem with fewer broadcasting messages based on the RSA cryptosystem and symmetric cryptosystem, which allows easy addition of new users into the active groups.
• Sun [22] showed that Liaw’s broadcasting cryptosystem becomes actually infeasible since a prohibitively large amount of information must be kept by each user, and be sent as the rekey message for each broadcast.
• Tseng and Jan [23] also pointed out the several security weaknesses in the Liaw’s cryptosystem in 2001.
• To remedy this attack, Tseng and Jan also proposed a modification broadcasting cryptosystem.
• in 2006, Masque and Peinado [24] pointed out that Tseng and Jan’s broadcasting cryptosystem [23] actually does not work due to incorrect arithmetic and then presented a redefined Liaw’s broadcasting cryptosystem,
• in 2008, Zhu-Wu [29] showed that the redefined Liaw’s scheme [24] is still insecure in that an unauthorized user is able to obtain the shared secret, which is only intended for certain privileged users.
• Zhu-Wu did not provide an improvement.• This paper found that the redefined Liaw’s broadcasting cryptosystem has a
nother security problems, and proposed a new secure authenticated broadcasting cryptosystem.
5
The redefined Liaw’s broadcasting cryptosystem
System setup phase
6
Broadcasting phasea sender S = U1 wants to broadcast a message M t
o a group of users G = {Ui}ai =2
7
Decryption phase
Zhu-Wu’s cryptanalysis:unauthorized user Uj can get sk
8
Future cryptanalysis
1. Integrity violence of the session key from illegal modification
9
2. Session key modification attack
10
3. Message modification attack
• This message modification attack can be succeed by the attacker because the legitimate receivers do not verify the integrity of the decrypted message.
11
Proposed authenticated broadcasting cryptosystem
• System setup phase
12
Broadcasting phasea sender S = U1 wants to broadcast a message M t
o a group of users G = {Ui}ai =2
13
Decryption phase
14
Application to grid computing environments
15
16
Conclusions
• This research presents a new secure broadcasting cryptosystem.
• It is suitable for grid computing environments.
• It provides strong security compared with related cryptosystems.
• It provides secure authentication and secure session key establishment.