Sharif Digital Repository

Authentication schemes play vital roles in computer and communication security. In order to authenticate the remote users, password based schemes have been widely used. In this paper we introduce a secure remote user authentication scheme based on bilinear pairing that satisfies all security requirements which are mentioned for password based authentication schemes using smart card  

Cryptographic algorithms utilize finite-field arithmetic operations in their computations. Due to the constraints of the nodes which benefit from the security and privacy advantages of these algorithms in sensitive applications, these algorithms need to be lightweight. One of the well-known bases used in sensitive computations is dual basis (DB). In this brief, we present low-complexity superserial architectures for the DB multiplication over GF (2m). To the best of our knowledge, this is the first time that such a multiplier is proposed in the open literature. We have performed complexity analysis for the proposed lightweight architectures, and the results show that the hardware complexity... 

We present a design and implementation of a high-throughput deep packet inspection performing both stream categorization and intrusion detection on GPU platform using CUDA. This implementation is capable of matching 64 ethernet packet streams against 25 given regular expressions at 524 Mb/s rate on a computer system with GeForce GTX 295 graphic card  

We construct an efficient statistical zero-knowledge authentication protocol for smart cards based on general assumptions. We show how it can be instantiated using lattice-based primitives, which are conjectured to be secure against quantum attacks. We illustrate the practicality of our protocol on smart cards in terms of storage, computation, communication, and round complexities. Furthermore, we compare it to other lattice-based authentication protocols, which are either zero-knowledge or have a similar structure. The comparison shows that our protocol improves the best previous protocol in several aspects  

Many smart-card-based remote authentication schemes have been proposed recently. In 2004, Yoon et al. presented an improved scheme which is the leading of a research track started from Sun, 2000. In this paper, we illustrate that Yoon et al.'s scheme is vulnerable to the parallel session attack and propose an enhancement of the scheme to resist that attack. In our scheme the parties further establish a forward-secure session key by employing only hash functions to protect the subsequent communications. We also demonstrate that our scheme has better security in comparison to other related works, while it does not incur much computational cost © 2007 Springer  

In this paper we describe two differential fault attack techniques against Advanced Encryption Standard (AES). We propose two models for fault occurrence; we could find all 128 bits of key using one of them and only 6 faulty ciphertexts. We need approximately 1500 faulty ciphertexts to discover the key with the other fault model. Union of these models covers all faults that can occur in the 9th round of encryption algorithm of AES-128 cryptosystem, One of main advantage of proposed fault models is that any fault in the AES encryption from start (AddRoundKey with the main key before the first round) to MixColumns function of 9th round can be modeled with one of our fault models. These models... 

In 2003, Wu and Chieu proposed a user friendly remote authentication scheme using smart cards. Later, Yang and Wang pointed out that Wu and Chieu's scheme is vulnerable to the password guessing and forgery attacks. Recently, Lee et al. proposed an improved authentication scheme and claimed that their scheme is secure against forgery attack. However, in this paper, we illustrate that Lee et al.'s scheme is still vulnerable to the forgery attack. We also propose an enhancement of the scheme to resist such that attack. © 2010  

In this paper, we report our evaluation of the strength of random number generator and RSA key-pair generator of some commercially available constrained hardware modules, i.e., tokens and smart cards. That was motivated after recent related attacks to RSA public keys, which are generated by constrained network devices and smart cards, and turned out to be insecure due to low-quality randomness. Those attacks are mostly computing pair-wise GCD between the moduli in public keys, and resulted in breaking several thousands of these keys. Our results show that most of the tested hardware modules behave well. However, some have abnormal or weak random generators which seem to be unsuitable for... 

Most lattice-based cryptographic schemes with a security proof suffer from large key sizes and heavy computations. This is also true for the simpler case of authentication protocols that are used on smart cards as a very-constrained computing environment. Recent progress on ideal lattices has significantly improved the efficiency and made it possible to implement practical lattice-based cryptography on constrained devices. However, to the best of our knowledge, no previous attempts have been made to implement lattice-based schemes on smart cards. In this article, we provide the results of our implementation of several state-of-the art lattice-based authentication protocols on smart cards and... 

In this paper we propose a new method for applying hiding countermeasure against CPA attacks. This method is for software implementation, based on smoothing power consumption of the device. We propose a new heuristic encoding scheme for implementing block cipher algorithms. Our new method includes only AND-equivalent and XOR-equivalent operations since every cryptographic algorithm can be implemented with two basic operations, namely AND, XOR. In order to practically evaluate resistance improvement against CPA, we implement the proposed coding scheme on SIMON, a lightweight block cipher, on a smartcard with ATmega163 microprocessor. The results of this implementation show a 350 times more... 

RSA based SmartCards have been widely used in security services such as secure data transmission in many applications over the past few years. Generation of a secure key pair which is based on finding a pair of large prime numbers is an indispensable part of creating a secure channel. This paper describes a novel approach for secure and fast key generation of the public key cryptographic algorithm of RSA. This method has been implemented on a typical SmartCard equipped with a crypto-coprocessor and a true random number generator. An efficient method for generating the large random prime numbers is proposed that considerably reduces the total time required for generating a key pair. The key... 

Stop-skipping and timetable synchronization are two effective strategies to reduce total passengers’ travel time in a transit network for subway operation. However, the majority of studies conducted on the topic do not consider stop-skipping strategy and timetable synchronization simultaneously. Thus, this article proposes a mixed-integer programming model considering both strategies simultaneously. The model is based on passenger smart-card data concerning the trains’ capacity to minimize total passengers’ waiting time and in-vehicle time and maximize the number of passengers who successfully reach their destination in a specific study horizon. Since increasing the number of trains,...