Multifeature security through homomorphic encryption
After the announcement of a U.S. digital signature standard by NIST, the role of the Exponential One Way Function — which had been used in the initial illustration of public key cryptography — has again received proper recognition as being another security primitive in addition to the RSA-scheme.
In this paper we present the exponential security system TESS developed at the European Institute for System Security (E.I.S.S.) embedded in a package of freeware. The system has meanwhile been applied to some TCP/IP based services such as telnet, rsh and rcp supplementing these services with additional security features. TESS is based on the use of the one way function exp that had originally been described by Pohlig and Hellman and is the central feature in the well-known Diffie-Hellman key exchange protocol. The subsequent contributions by El-Gamal have indicated the multifeature capabilities of this proper one way function. Based on these results, the invention of the Beth-Schnorr-Zero-Knowledge Protocols in extension of the Chaum-Evertse-van de Graaf-Zero Knowledge Scheme has made authentication and signature procedures available, which support the view that the exponential one way function is a security primitive suited for supporting practically all mechanisms needed for the design of secure systems.
The implementation of the authenticated key exchange protocol KATHY within the Network Security System SELANE developed at E.I.S.S., Karlsruhe, based on the Günther-Bauspieß-Knobloch scheme forms an integral part of TESS, providing a universal security toolbox for access control, authentication, key exchange, confidentiality protection, digital signatures and verifiable distributed network security management. Its suitability for the incorporation in the X.509 Directory Authentication Framework as well as its free availability make it an interesting system to extend the features of KERBEROS or DSSA towards a proposed Open System Security Architecture.
A further mechanisms composed from TESS primitives is the Electronic Exponential Signature (EES) scheme. It had been developed for EDI purposes and banking applications already in 1989, when after an indepth study of up-to-date signature procedures, prior to the new U.S. standard, the superiority of the exponential scheme became apparent.
KeywordsSmart Card Secret Sharing Access Structure Authentication Protocol Discrete Logarithm
Unable to display preview. Download preview PDF.
- [AdMa93]L. M. Adleman, J. DeMarrais: A Subexponential Algorithm for Discrete Logarithms over all Finite Fields, Santa Barbara, Crypto '93, PreprintsGoogle Scholar
- [AnMi90]C. I'Anson, C. J. Mitchell: Security Defects in CCITT Recommendation X.509, Technical Memo, HP Labs, Bristol, Jan. 1990Google Scholar
- [Baus88]F. Bauspieß: SELANE, Studienarbeit, Fakultät für Informatik, Universität Karlsruhe, 1988Google Scholar
- [BaKn89]F. Bauspieß, H.-J. Knobloch: How to keep Authenticity Alive in a Computer Network, Eurocrypt '89, Advances in Cryptology, LNCS 434, Springer-Verlag, Berlin, 1989, pp. 38–46Google Scholar
- [Beth88]Th. Beth: Efficient Zero-Knowledge Identification Scheme for Smart Cards, Eurocrypt '88, Advances in Cryptology, LNCS 330, Springer-Verlag, Berlin, 1988, pp. 77–84Google Scholar
- [BeAV90]Th. Beth, G. Agnew, S. A. Vanstone: What one should know about Public Key Algorithms —Today!, Proceedings SECURICOM '90.Google Scholar
- [BeGo89]Th. Beth, D. Gollmann: Algorithm Engineering for Public Key Algorithms, IEEE JSAC, Vol. 7, No. 4, pp. 458–466, 1989Google Scholar
- [BeKO93]Th. Beth, H.-J. Knobloch, M. Otten: Verifiable Secret Sharing for Monotone Access Structures, Proceedings of the 1st ACM Conference on Computer and Communications Security, Fairfax, USA, November 1993, to be publishedGoogle Scholar
- [BeSc91]Th. Beth, F. Schaefer: Non-Supersingular Elliptic Curves for Public Key Cryptosystems, Eurocrypt '91, Advances in Cryptology, LNCS 547, Springer-Verlag, Berlin, 1991 pp. 316–327Google Scholar
- [BuAN89]M. Burrows, M. Abadi, R. Needham: A Logic of Authentication, DEC-SRC, Research Report Series No. 39, 1989Google Scholar
- [ChEG87]D. Chaum, J.-H. Evertse, J. van de Graaf: An Improved Protocol for Demonstrating Possession of a Discrete Logarithm and Some Generalizations, Eurocrypt '87, Advances in Cryptology, LNCS 304, Springer-Verlag, Berlin, 1988, pp. 127–141Google Scholar
- [Chim90]A. Tarah, C. Huitema: CHIMAERA: A Network Security Model, Proc. ESORICS '90, afcet, 1990, pp. 127–145Google Scholar
- [DiHe76]W. Diffie, M. E. Hellman: New Directions in Cryptography, IEEE Trans. Inf. Theory, IT-22, 1976, pp. 664–654Google Scholar
- [ElGa85]T. ElGamal: A public key crypto-system and signature scheme based on discrete logarithms, IEEE Trans. Inf. Theory, IT-31, 1985, 469–472.Google Scholar
- [Günt89]C. Günther: Diffie-Hellman and El-Gamal Protocols With One Single Authentication Key, Eurocrypt '89, Advances in Cryptology, LNCS 434, Springer-Verlag, Berlin, 1989, pp. 29–37Google Scholar
- [HoKn91]P. Horster, H.-J. Knobloch: Discrete Logarithm Based Protocols, Eurocrypt '91, Advances in Cryptology, LNCS 547, Springer-Verlag, Berlin, 1991, pp. 399–408Google Scholar
- [ITSE91]ITSEC: Harmonised Criteria of France, Germany, the Netherlands, the United Kingdom, Brussels, 1991Google Scholar
- [Kerb89]Network Working Group J. Kohl, B. C. Neumann, J. Steiner: MIT Project Athena: The Kerberos Network Authentication Service, Draft 2, MIT, November 1989Google Scholar
- [Klei93]B. Klein: Authentifikationsdienste für sichere Informationssysteme, Dissertation, Universität Karlsruhe, 1993, to be publishedGoogle Scholar
- [Odly84]A. M. Odlyzko: Discrete logarithms in finite fields and their cryptographic significance, Eurocrypt '84, Advances in Cryptology, LNCS 209, Springer-Verlag, Berlin, 1985, pp. 224–314Google Scholar
- [Otte92]M. Otten: Mehrparteienprotokolle und Korrektes Verteilen von Geheimnissen, Diplomarbeit, Fakultät für Informatik, Universität Karlsruhe, 1992Google Scholar
- [Otto90]C. Otto: SELANE-Hardwareentwicklung, Diplomarbeit, Fakultät für Informatik, Universität Karlsruhe, 1990Google Scholar
- [PoHe78]S. C. Pohlig, M. E. Hellman: An improved algorithm for computing logarithms in GF(p) and its cryptographic significance, IEEE Trans. Inf. Theory, IT-24, 1978, pp. 106–111Google Scholar
- [Scha93]F. Schaefer-Lorinser: Arithmetik auf elliptischen Kurven zur Konstruktion kryptographischer Einwegfunktionen, Dissertation, Universität Karlsruhe, 1993Google Scholar
- [Schn89]C. P. Schnorr: Efficient Identification and Signatures for Smart Cards, Crypto '89, Advances in Cryptology, LNCS 435, Springer-Verlag, Berlin, 1989, pp. 239–252Google Scholar
- [SiJM91]G. J. Simmons, W.-A. Jackson, K. Martin: The Geometry of Shared Secret Schemes, Bulletin of the Institute of Combinatorics, Winnipeg Canada, January 1991Google Scholar
- [Stem90]S. Stempel: SELANE Pilot-Implementierung, Diplomarbeit, Fakultät für Informatik, Universität Karlsruhe, 1990Google Scholar
- [YaKB93]R. Yahalom, B. Klein, Th. Beth: Trust Relationships in Secure Systems — A Distributed Authentication Perspective, Proceedings of the IEEE Conference on Research in Security and Privacy, 1993.Google Scholar