1.2K views

Uploaded by arjun c chandrathil

Signcryption is a new cryptographic primitive, which simultaneously provides both confidentiality and authenticity.In1998, Zheng demonstrated that by combining both goals into a single primitive it is possible to achieve significant savings both in computational and communication overhead.
this seminar was done by my friend Arunjith. This presentation is uploaded by all his permission.
With regards cc

save

- Security Issues and Solutions in Vehicular Adhoc Network a Review Approach
- IJIRIS:: Design and Development of an E-Commerce Security Using RSA Cryptosystem
- IT1352-unit_2.pdf
- Rass-575_CH03(IMP)
- Ethical Hacking and Security Certification
- PKI enkripcija
- cgi_whpr_35_pki_e
- IRJET- Encryption of Broadcast with Dealership
- Signcryption
- CS_2
- An Encryption and Decryption More Secure Elgamal Cryptosystem
- CT Final
- cisasummaryv10-1296889575622-phpapp02.pdf
- High Speed RSA Implementations
- sign.ppt
- 1
- Travel Recommendation Approach using Collaboration Filter in Social Networking
- QC Final Report
- jsan-04-00251 (1)
- Asymmetric Encryption in Wireless
- MIS
- IJETR031122
- Act 562 Digital Signature Act 1997
- IMPLEMENTATION OF BLIND DIGITAL SIGNATURE USING ECC
- Ee 26912917
- Guidelines for Using Digital Certificate
- redacted cryptography term paper
- SIL 765 Assignment 2
- Grid&Cloud Lab
- Key Management
- mgu S7 syllabus, computer science and engineering
- mind reading phone
- intelligent load shedding
- Computerised Paper Evaluation Using Neural Network
- Utility Fog
- graphical passwords
- OpenGTS Eclipse
- MGU BTech SYLLABUS
- tempest and echelon
- Automatic Voltage and frequency Regulation
- Automatic Voltage and frequency Regulation
- Mgu Btech Syllabus
- The Universal Serial Bus 3.0
- artificial passenger
- FLUORESCENT MULTILAYER DISC
- MHD generators
- HALO Networks
- web structure mining
- cordect
- biomagnetism
- Optical Packet Switching
- soulpad
- Intelligent Dictionary Based Encryption And Compression Algorithm
- inside page ranking
- COMPUTRISED PAPER EVALUATION USING NEURAL NETWORK
- usb 3.0

You are on page 1of 39

An advanced cryptographic primitive....

A Presentation by :

Arunjith. B

R7A-13

SNGCE

On : 25/08/2009

Out Line

1. INTRODUCTION

1. 1) Why Signcryption

**2. SIGNCRYPTION- how its work
**

2. 1) Steps involved in signcrypting a message

2. 2) Steps involved in unsigncrypting a message

**3. FEATURES AND SECURITY OF SIGNCRYPTION
**

3.1) Features

3.2) Security

3.3) Comparisons

Out Line

**4. POSSIBLE APPLICATION OF SIGNCRYPTION
**

4.1) Handshake protocol

4.2) ATM networks

**5. ADVANTAGES AND DISADVANTAGES
**

5.1) Advantages

5.2) Disadvantages

6. CONCLUSION

**7. BIBILOGRAOHY AND INTERNET RESOURCES
**

Introduction

**Signcryption is a new cryptographic primitive, which
**

simultaneously provides both confidentiality and authenticity.

Previously, these two goals had been considered separately

**In1998, Zheng demonstrated that by combining both goals into a
**

single primitive it is possible to achieve significant savings both

in computational and communication overhead.

**A wide variety of signcryption schemes have been proposed.
**

Public Key (PK) Cryptography

**Discovering Public Key (PK) cryptography has made the
**

communication between people, who have never met before

over an open and insecure network in a secure and authenticated

way, possible!

Signature-Then-Encryption

Before sending a message out, the sender has to do the

following:

sign it using a Digital Signature (DS) scheme

**encrypt the message and the signature using a private key
**

encryption algorithm under randomly chosen message

encryption key

**encrypt the random message encryption key using the
**

receiver’s public key

**send the message
**

Signature-Then-Encryption

Some Problems with This Approach:

consumes machine cycles

introduces “extended” bits to original messages

**requires a comparable amount of time for signature
**

verification and decryption

**cost of delivering a message is essentially the sum of the cost
**

for digital signature and that for encryption!

The Question is ….

**Is it possible to send a message of arbitrary length with cost less
**

than that required by signature-then-encryption?

Discovery...

**In 1998, Yuliang Zheng from Monash University in Australia
**

has discovered a new cryptography primitive called

“signcryption”.

What is Signcryption?

“Signcryption is a new paradigm in public key cryptography that

simultaneously fulfills both the functions of digital signature and

public key encryption in a logically single step, and with a cost

significantly lower than that required by the traditional

“signature and encryption” approach.”

Two Schemes :

Digital Signature

Public Key encryption

Why Signcryption?

Based on discrete algorithm problem

• Signcryption costs 58% less in average computation time

• 70% less in message expansion

Using RSA cryptosystem

• Signcryption costs on average 50% less in computation time

**• 91% less in message expansion
**

Signcryption–Implementation

Can be implemented using :

ElGamal’s Shortened Digital Signature Scheme

Schnorr’s Signature Scheme

**Any other digital signature schemes in conjunction with a
**

public key encryption scheme like DES & 3DES

This choice would be made based on the level of

security desired by the users.

Signcryption – Implementation

Using ElGamal’s Shortened Digital Signature

Scheme (SDSS)

enables one person to send a digitally signed message to

another person

the receiver can verify the authenticity of this message

uses the private key of the sender to sign the message

**the receiver uses the sender’s public key to verify the
**

signature

Public Key Encryption

ciphertext = encrypt( plaintext, PK )

plaintext = decrypt( ciphertext, PK-1 )

**PK is the public key
**

PK-1 is the private key

Signcryption – How It Works

**Using ElGamal’s SDSS and a public
**

key encryption

I’m s e n d in g a m e s s a g e to y o u

A lic e Bob

Parameters for Signcryption

Parameters public p – a large prime number

to all q – a large prime factor of p-1

g – an integer with order q modulo p chosen

randomly from [1,…,p-1]

Hash – a one-way hash function whose

output has, say, at least 128 bits

KH – a keyed one-way hash function

(E, D) – the encryption and decryption

algorithms of a private key cipher

Alice’s keys xa – Alice’s private key, chosen uniformly at

random from [1,…,q-1]

ya – Alice’s public key (ya = gxa mod p)

Bob’s keys xb – Bob’s private key, chosen uniformly at

random from [1,…,q-1]

yb – Bob’s public key (yb = gxb mod p)

x a number chosen uniformly at random from

the range 1,…,q-1

Signcryption – How It Works

Steps to Signcrypt Messages

A lic e

chooses a value x from the large range 1,…,q-1

**uses Bob’s public key and the value x, and computes the
**

hash of it It gives her a 128 bit string

**splits this 128-bit value k into two 64-bit halves (k1,k2)
**

(key pair)

k 1

x

x Є [1 . .q -1 ]

k 6 4 -b it

HASH

1 2 8 -b it

yb k 2

6 4 -b it

Signcryption – How It Works

Steps to Signcrypt Messages ...(Continued)

A lic e

**encrypts the message m using a public key encryption
**

scheme E with the key k1 the cipher text c

c = Ek1(m)

uses the key k2 in the one-way keyed hash function

KH to get a hash of the message m 128-bit called r

r = KHk2(m)

k 1 k 2

6 4 -b it 6 4 -b it

E c K H r

M essage M essage

Signcryption – How It Works

Steps to Signcrypt Messages(Continued)

A l i c e computes the value of s - like in SDSS

She does this using:

• the value of x

• her private key xa

• the value of r

s = x/ (r + xa) mod q

r + x m o d q

a

R e s u lt

x / R e s u lt s

x

Signcryption – How It Works

Steps to Signcrypt Messages(Continued)

A lic e

Now Alice has three different values (c, r and s)

She has to send these three values to Bob to complete the

transaction

She can do this in a couple of ways:

• send them all at one time

• send them separately using secure transmission

channels, which would increase security

**NOW, the message is Signcrypted!
**

Signcryption – How It Works

Steps to Signcrypt Messages ...(Continued)

s e n d (c , r , s ) g e t (c , r , s )

A lic e Bob

Signcryption – How It Works

Steps to Unsigncrypt Messages

Bob

**receives the 3 values that Alice has sent to him (c, r, s)
**

to compute a hash, he uses the values of r and s, his

private key xb, Alice’s public key ya & p and g

This would give him 128-bit result

k = hash((ya * gr)s*xb mod p)

r s

p

k

H ASH

1 2 8 -b i t

g

xb ya

Signcryption – How It Works

Steps to Unsigncrypt Messages(Continued)

B ob

This 128-bit hash result is split into two 64-bit halves

(k1,k2) (key pair)

This key pair would be identical to the key pair that was

generated while signcrypting the message

Bob uses the key k1 to decrypt the cipher text c, which

will give him the message m

m = Dk1(c)

c

k 1

M essage

k D

6 4 -b it

k 2

1 2 8 -b it

6 4 -b it

Signcryption – How It Works

Steps to Unsigncrypt Messages(Continued)

Bob

Bob does a one-way keyed hash function (KH) on m using

the key k2 and compares the result with the value r he has

received from Alice

If match the message m was signed and sent by Alice

If not match the message wasn't signed by Alice or was

intercepted and modified by an intruder

Bob accepts the message m if and only if KHk2(m) = r

c

k 1

M essage

k D

6 4 -b it

k2

1 2 8 -b it = r?

K H R e s u lt

6 4 -b it

Features of Digital Signcryption

Unique Unsigncryptability

• message m of arbitrary length is Signcrypted using

Signcryption algorithm

• This gives you a Signcrypted output c

**• The receiver can apply Unsigncryption algorithm on c to
**

verify the message m

This Unsigncryption is unique to the message m and the

sender

Features of Digital Signcryption

Security

• Two security schemes

- Digital Signature

- Public Key encryption

- likely to be more secure

• ensures that the message sent couldn’t be forged

• ensures the contents of the message are confidential

Efficiency

Computation involved when applying the Signcryption,

Unsigncryption algorithms and communication overhead is

much smaller than signature-then-encryption schemes

Signcryption Security

Unforgeability:

• Bob is in the best position to be able to forge any Signcrypted

message from Alice!

**• Bob can only obtain the message m by decrypting it using his
**

private key Xb

Confidentiality:

• An attacker has all three components of the Signcrypted

message: c, r and s!

• He still can not get any partial information of the message m!

**• The attacker have to also know Bob’s private key, p and q
**

(known only to Alice and Bob)

Possible Applications of Signcryption

Signcryption in WTLS Handshake Protocol

**• Existing security is by Signature-then-Encryption or
**

Encryption-then-Signature

**• User certificate is sent without encryption or another
**

cryptographic method

**• Modified Signcryption is proposed as a solution
**

Possible Applications of Signcryption

Unforgeable Key establishment over ATM Network

• Transmitting encrypted keys over an ATM network is critical

• Existing security relies on key distribution system

**• Modified Signcryption can solve the problem
**

Advantages and Disadvantages

Advantages of Signcryption

Low computational cost

**• If one person is sending a signcrypted message to another,
**

computational costs doesn’t matter much

Higher Security

**“If two security schemes are brought together would it
**

increase or decrease the security?”

**When two security schemes are combined, which by
**

themselves are complex enough to withstand attacks, it can

only lead to added security

Advantages of Signcryption

Message Recovery

• To recover a message E-mail system, Alice must do one of the

following:

**- keeps a copy of the signed and encrypted message as
**

evidence of transmission

**- In addition to the above copy, keep a copy of the original
**

message, either in clear or encrypted form

Disadvantages of Signcryption

S h a re T ra d e r

Tow er S h a re T ra d e r

B a n k S e rv e r

S h a re T ra d e r

Disadvantages of Signcryption

**In broadcasting a single Signcrypted message to multiple
**

recipients

**This approach is redundant in terms of bandwidth consumption
**

and computational resource usage

Future Scenario of Signcryption

D a ta b a s e

S e rv e r

M o b ile

A p p lic a tio n

S e rv e r

A p p lic a tio n

S e rv e r Tow er

E -C o m m e rc e S e rv e r

Conclusion…

Two birds in one stone

**Combining two complex mathematical functions, you will
**

increase the complexity and in turn increase security

**Signcryption still has a long way to go before it can be
**

implement effectively

**Research is still going on to try to come up with a much more
**

effective way of implementing this

Bibliography and Internet Resources

¨http://www.cs.bham.ac.uk/~mdr/teaching/modules04/secur

ity/ letures/public_key.html

**http://www.sis.uncc.edu/~yzheng/papers/
**

¨

http://www.cs.bham.ac.uk/~mdr/teaching/modules04/securi

ty/students/ss3/introduction%20to%20signcryption.htm

http://www.bambooweb.com/articles

**Computer networks By Tanenbaum
**

Thank You....

Questions.....

- Security Issues and Solutions in Vehicular Adhoc Network a Review ApproachUploaded byCS & IT
- IJIRIS:: Design and Development of an E-Commerce Security Using RSA CryptosystemUploaded byIJIRIS - INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH IN INFORMATION SECURITY
- IT1352-unit_2.pdfUploaded byvijiiiis
- Rass-575_CH03(IMP)Uploaded bydeepiiitbhu
- Ethical Hacking and Security CertificationUploaded byVskills Certification
- PKI enkripcijaUploaded byb00kmaker
- cgi_whpr_35_pki_eUploaded byavi0341
- IRJET- Encryption of Broadcast with DealershipUploaded byIRJET Journal
- SigncryptionUploaded byGGcraft
- CS_2Uploaded byTarun Agarwal
- An Encryption and Decryption More Secure Elgamal CryptosystemUploaded byIJSTE
- CT FinalUploaded byVaibhav Gadhveer
- cisasummaryv10-1296889575622-phpapp02.pdfUploaded bySridhar Rudrabatla
- High Speed RSA ImplementationsUploaded byrodrigofran
- sign.pptUploaded bykasyapsam
- 1Uploaded byAshok Sharma
- Travel Recommendation Approach using Collaboration Filter in Social NetworkingUploaded byIRJET Journal
- QC Final ReportUploaded byFadi Akil
- jsan-04-00251 (1)Uploaded byFarouq Aferudin
- Asymmetric Encryption in WirelessUploaded bysan
- MISUploaded byShanmugapriyaVinodkumar
- IJETR031122Uploaded byerpublication
- Act 562 Digital Signature Act 1997Uploaded byAdam Haida & Co
- IMPLEMENTATION OF BLIND DIGITAL SIGNATURE USING ECCUploaded byijcsn
- Ee 26912917Uploaded byAnonymous 7VPPkWS8O
- Guidelines for Using Digital CertificateUploaded byD Srinivasan
- redacted cryptography term paperUploaded byapi-271897349
- SIL 765 Assignment 2Uploaded byAashish Nagpal
- Grid&Cloud LabUploaded bybsudheertec
- Key ManagementUploaded byR Mercy Paul

- mgu S7 syllabus, computer science and engineeringUploaded byarjun c chandrathil
- mind reading phoneUploaded byarjun c chandrathil
- intelligent load sheddingUploaded byarjun c chandrathil
- Computerised Paper Evaluation Using Neural NetworkUploaded byarjun c chandrathil
- Utility FogUploaded byarjun c chandrathil
- graphical passwordsUploaded byarjun c chandrathil
- OpenGTS EclipseUploaded byarjun c chandrathil
- MGU BTech SYLLABUSUploaded byarjun c chandrathil
- tempest and echelonUploaded byarjun c chandrathil
- Automatic Voltage and frequency RegulationUploaded byarjun c chandrathil
- Automatic Voltage and frequency RegulationUploaded byarjun c chandrathil
- Mgu Btech SyllabusUploaded byarjun c chandrathil
- The Universal Serial Bus 3.0Uploaded byarjun c chandrathil
- artificial passengerUploaded byarjun c chandrathil
- FLUORESCENT MULTILAYER DISCUploaded byarjun c chandrathil
- MHD generatorsUploaded byarjun c chandrathil
- HALO NetworksUploaded byarjun c chandrathil
- web structure miningUploaded byarjun c chandrathil
- cordectUploaded byarjun c chandrathil
- biomagnetismUploaded byarjun c chandrathil
- Optical Packet SwitchingUploaded byarjun c chandrathil
- soulpadUploaded byarjun c chandrathil
- Intelligent Dictionary Based Encryption And Compression AlgorithmUploaded byarjun c chandrathil
- inside page rankingUploaded byarjun c chandrathil
- COMPUTRISED PAPER EVALUATION USING NEURAL NETWORKUploaded byarjun c chandrathil
- usb 3.0Uploaded byarjun c chandrathil