Anonymous Authentication with Shared Secrets

Anonymity and authenticity are both important yet often conflicting security goals in a wide range of applications. On the one hand for many applications (say for access control) it is crucial to be able to verify the identity of a given legitimate party (a.k.a. entity authentication). Alternatively an application might require that no one but a party can communicate on its behalf (a.k.a. message authentication). Yet, on the other hand privacy concerns also dictate that anonymity of a legitimate party should be preserved; that is no information concerning the identity of parties should be leaked to an outside entity eavesdropping on the communication. This conflict becomes even more acute when considering anonymity with respect to an active entity that may attempt to impersonate other parties in the system. In this work we resolve this conflict in two steps. First we formalize what it means for a system to provide both authenticity and anonymity even in the presence of an active man-in-the-middle adversary for various specific applications such as message and entity authentication using the constructive cryptography framework of Mau11, MR11]. Our approach inherits the composability statement of constructive cryptography and can therefore be directly used in any higher-level context. Next we demonstrate several simple protocols for realizing these systems, at times relying on a new type of (probabilistic) Message Authentication Code (MAC) called key indistinguishable (KI) MACs. Similar to the key hiding encryption schemes of BBDP01] they guarantee that tags leak no discernible information about the keys used to generate them.

GEODERM: geometric shape design system using an entity-relationship model

GEODERM, a microcomputer-based solid modeller, which incorporates the parametric object model, is discussed. The entity-relationship model, which is used to describe the conceptual schema of the geometric database, is also presented. Three of the four modules of GEODERM, which have been implemented are described in some detail. They are the Solid Definition Language (SDL), the Solid Manipulation Language (SML) and the User-System Interface.

Mobile node authentication using key distribution scheme in wireless sensor networks

We consider the problem of secure communication in mobile Wireless Sensor Networks (WSNs). Achieving security in WSNs requires robust encryption and authentication standards among the sensor nodes. Severe resources constraints in typical Wireless Sensor nodes hinder them in achieving key agreements. It is proved from past studies that many notable key management schemes do not work well in sensor networks due to their limited capacities. The idea of key predistribution is not feasible considering the fact that the network could scale to millions. We prove a novel algorithm that provides robust and secure communication channel in WSNs. Our Double Encryption with Validation Time (DEV) using Key Management Protocol algorithm works on the basis of timed sessions within which a secure secret key remains valid. A mobile node is used to bootstrap and exchange secure keys among communicating pairs of nodes. Analysis and simulation results show that the performance of the DEV using Key Management Protocol Algorithm is better than the SEV scheme and other related work.

A trust model for routing in MANETs: a cognitive agents based approach

Mobile ad hoc networks (MANETs) is one of the successful wireless network paradigms which offers unrestricted mobility without depending on any underlying infrastructure. MANETs have become an exciting and im- portant technology in recent years because of the rapid proliferation of variety of wireless devices, and increased use of ad hoc networks in various applications. Like any other networks, MANETs are also prone to variety of attacks majorly in routing side, most of the proposed secured routing solutions based on cryptography and authentication methods have greater overhead, which results in latency problems and resource crunch problems, especially in energy side. The successful working of these mechanisms also depends on secured key management involving a trusted third authority, which is generally difficult to implement in MANET environ-ment due to volatile topology. Designing a secured routing algorithm for MANETs which incorporates the notion of trust without maintaining any trusted third entity is an interesting research problem in recent years. This paper propose a new trust model based on cognitive reasoning,which associates the notion of trust with all the member nodes of MANETs using a novel Behaviors-Observations- Beliefs(BOB) model. These trust values are used for detec- tion and prevention of malicious and dishonest nodes while routing the data. The proposed trust model works with the DTM-DSR protocol, which involves computation of direct trust between any two nodes using cognitive knowledge. We have taken care of trust fading over time, rewards, and penalties while computing the trustworthiness of a node and also route. A simulator is developed for testing the proposed algorithm, the results of experiments shows incorporation of cognitive reasoning for computation of trust in routing effectively detects intrusions in MANET environment, and generates more reliable routes for secured routing of data.

Authentication using finger Knuckle prints

Automated security is one of the major concerns of modern times. Secure and reliable authentication systems are in great demand. A biometric trait like the finger knuckle print (FKP) of a person is unique and secure. Finger knuckle print is a novel biometric trait and is not explored much for real-time implementation. In this paper, three different algorithms have been proposed based on this trait. The first approach uses Radon transform for feature extraction. Two levels of security are provided here and are based on eigenvalues and the peak points of the Radon graph. In the second approach, Gabor wavelet transform is used for extracting the features. Again, two levels of security are provided based on magnitude values of Gabor wavelet and the peak points of Gabor wavelet graph. The third approach is intended to authenticate a person even if there is a damage in finger knuckle position due to injury. The FKP image is divided into modules and module-wise feature matching is done for authentication. Performance of these algorithms was found to be much better than very few existing works. Moreover, the algorithms are designed so as to implement in real-time system with minimal changes.

Membership models and the design of authentication protocols for MANETs

Authentication protocols are very much essential for secure communication in mobile ad hoc networks (MANETs). A number of authentication protocols for MANETs have been proposed in the literature which provide the basic authentication service while trying to optimize their performance and resource consumption parameters. A problem with most of these protocols is that the underlying networking environment on which they are applicable have been left unspecified. As a result, lack of specifications about the networking environments applicable to an authentication protocol for MANETs can mislead about the performance and the applicability of the protocol. In this paper, we first characterize networking environment for a MANET as its 'Membership Model' which is defined as a set of specifications related to the 'Membership Granting Server' (MGS) and the 'Membership Set Pattern' (MSP) of the MANET. We then identify various types of possible membership models for a MANET. In order to illustrate that while designing an authentication protocol for a MANET, it is very much necessary to consider the underlying membership model of the MANET, we study a set of six representative authentication protocols, and analyze their applicability for the membership models as enumerated in this paper. The analysis shows that the same protocol may not perform equally well in all membership models. In addition, there may be membership models which are important from the point of view of users, but for which no authentication protocol is available.

A Multicast Authentication Protocol (MAP) for Dynamic Multicast Groups in Wireless Networks

In this paper, we have proposed a centralized multicast authentication protocol (MAP) for dynamic multicast groups in wireless networks. In our protocol, a multicast group is defined only at the time of the multicasting. The authentication server (AS) in the network generates a session key and authenticates it to each of the members of a multicast group using the computationally inexpensive least common multiple (LCM) method. In addition, a pseudo random function (PRF) is used to bind the secret keys of the network members with their identities. By doing this, the AS is relieved from storing per member secrets in its memory, making the scheme completely storage scalable. The protocol minimizes the load on the network members by shifting the computational tasks towards the AS node as far as possible. The protocol possesses a membership revocation mechanism and is protected against replay attack and brute force attack. Analytical and simulation results confirm the effectiveness of the proposed protocol.

A Secure and Efficient Authentication Protocol (SEAP) for MANETs with Membership Revocation

In this paper, we propose a novel authentication protocol for MANETs requiring stronger security. The protocol works on a two-tier network architecture with client nodes and authentication server nodes, and supports dynamic membership. We use an external membership granting server (MGS) to provide stronger security with dynamic membership. However, the external MGS in our protocol is semi-online instead of being online, i.e., the MGS cannot initiate a connection with a network node but any network node can communicate with the MGS whenever required. To ensure efficiency, the protocol uses symmetric key cryptography to implement the authentication service. However, to achieve storage scalability, the protocol uses a pseudo random function (PRF) to bind the secret key of a client to its identity using the secret key of its server. In addition, the protocol possesses an efficient server revocation mechanism along with an efficient server re-assignment mechanism, which makes the protocol robust against server node compromise.

A Protocol for Authentication with Multiple Levels of Anonymity (AMLA) in VANETs

The basic requirements for secure communication in a vehicular ad hoc network (VANET) are anonymous authentication with source non-repudiation and integrity. The existing security protocols in VANETs do not differentiate between the anonymity requirements of different vehicles and the level of anonymity provided by these protocols is the same for all the vehicles in a network. To provide high level of anonymity, the resource requirements of security protocol would also be high. Hence, in a resource constrained VANET, it is necessary to differentiate between the anonymity requirements of different vehicles and to provide the level of anonymity to a vehicle as per its requirement. In this paper, we have proposed a novel protocol for authentication which can provide multiple levels of anonymity in VANETs. The protocol makes use of identity based signature mechanism and pseudonyms to implement anonymous authentication with source non-repudiation and integrity. By controlling the number of pseudonyms issued to a vehicle and the lifetime of each pseudonym for a vehicle, the protocol is able to control the level of anonymity provided to a vehicle. In addition, the protocol includes a novel pseudonym issuance policy using which the protocol can ensure the uniqueness of a newly generated pseudonym by checking only a very small subset of the set of pseudonyms previously issued to all the vehicles. The protocol cryptographically binds an expiry date to each pseudonym, and in this way, enforces an implicit revocation for the pseudonyms. Analytical and simulation results confirm the effectiveness of the proposed protocol.

Collective eigenstates of emission in an N-entity heterostructure and the evaluation of its Green tensors and self-energy components

Optical emission from emitters strongly interacting among themselves and also with other polarizable matter in close proximity has been approximated by emission from independent emitters. This is primarily due to our inability to evaluate the self-energy matrices and radiative properties of the collective eigenstates of emitters in heterogeneous ensembles. A method to evaluate self-energy matrices that is not limited by the geometry and material composition is presented to understand and exploit such collective excitations. Numerical evaluations using this method are used to highlight the significant differences between independent and the collective modes of emission in nanoscale heterostructures. A set of N Lorentz emitters and other polarizable entities is used to represent the coupled system of a generalized geometry in a volume integral approach. Closed form relations between the Green tensors of entity pairs in free space and their correspondents in a heterostructure are derived concisely. This is made possible for general geometries because the global matrices consisting of all free-space Green dyads are subject to conservation laws. The self-energy matrix can then be assembled using the evaluated Green tensors of the heterostructure, but a decomposition of its components into their radiative and nonradiative decay contributions is nontrivial. The relations to compute the observables of the eigenstates (such as quantum efficiency, power/energy of emission, radiative and nonradiative decay rates) are presented. A note on extension of this method to collective excitations, which also includes strong interactions with a surface in the near-field, is added. (C) 2014 Optical Society of America

Some Methods for Summarizing Survivorship Data in Nonstandard Situations

One difficulty in summarising biological survivorship data is that the hazard rates are often neither constant nor increasing with time or decreasing with time in the entire life span. The promising Weibull model does not work here. The paper demonstrates how bath tub shaped quadratic models may be used in such a case. Further, sometimes due to a paucity of data actual lifetimes are not as certainable. It is shown how a concept from queuing theory namely first in first out (FIFO) can be profitably used here. Another nonstandard situation considered is one in which lifespan of the individual entity is too long compared to duration of the experiment. This situation is dealt with, by using ancilliary information. In each case the methodology is illustrated with numerical examples.

GRDB: A general purpose relational database system

This article discusses the design and development of GRDB (General Purpose Relational Data Base System) which has been implemented on a DEC-1090 system in Pascal. GRDB is a general purpose database system designed to be completely independent of the nature of data to be handled, since it is not tailored to the specific requirements of any particular enterprise. It can handle different types of data such as variable length records and textual data. Apart from the usual database facilities such as data definition and data manipulation, GRDB supports User Definition Language (UDL) and Security definition language. These facilities are provided through a SEQUEL-like General Purpose Query Language (GQL). GRDB provides adequate protection facilities up to the relation level. The concept of “security matrix” has been made use of to provide database protection. The concept of Unique IDentification number (UID) and Password is made use of to ensure user identification and authentication. The concept of static integrity constraints has been used to ensure data integrity. Considerable efforts have been made to improve the response time through indexing on the data files and query optimisation. GRDB is designed for an interactive use but alternate provision has been made for its use through batch mode also. A typical Air Force application (consisting of data about personnel, inventory control, and maintenance planning) has been used to test GRDB and it has been found to perform satisfactorily.

Modulation of arginine decarboxylase activity in cucumber (Cucumis sativus) cotyledons in short-term organ culture

Among the various amines administered to excisedCucumis sativus cotyledons in short-term organ culture, agmatine (AGM) inhibited arginine decarboxylase (ADC) activity to around 50%, and putrescine was the most potent entity in this regard. Homoarginine (HARG) dramatically stimulated (3- to 4-fold) the enzyme activity. Both AGM inhibition and HARG stimulation of ADC were transient, the maximum response being elicited at 12 h of culture. Mixing experiments ruled out involvement of a macromolecular effector in the observed modulation of ADC. HARG-stimulated ADC activity was completely abolished by cycloheximide, whereas AGM-mediated inhibition was unaffected. Half-life of the enzyme did not alter on treatment with either HARG or AGM. The observed alterations in ADC activity are accompanied by change in Km of the enzyme. HARG-stimulated ADC activity is additive to that induced by benzyladenine (BA) whereas in presence of KCl, HARG failed to enhance ADC activity, thus demonstrating the overriding influence of K+ on amine metabolism.

Role of conformational dynamics in kinetics of an enzymatic cycle in a nonequilibrium steady state

Enzyme is a dynamic entity with diverse time scales, ranging from picoseconds to seconds or even longer. Here we develop a rate theory for enzyme catalysis that includes conformational dynamics as cycling on a two-dimensional (2D) reaction free energy surface involving an intrinsic reaction coordinate (X) and an enzyme conformational coordinate (Q). The validity of Michaelis-Menten (MM) equation, i.e., substrate concentration dependence of enzymatic velocity, is examined under a nonequilibrium steady state. Under certain conditions, the classic MM equation holds but with generalized microscopic interpretations of kinetic parameters. However, under other conditions, our rate theory predicts either positive (sigmoidal-like) or negative (biphasic-like) kinetic cooperativity due to the modified effective 2D reaction pathway on X-Q surface, which can explain non-MM dependence previously observed on many monomeric enzymes that involve slow or hysteretic conformational transitions. Furthermore, we find that a slow conformational relaxation during product release could retain the enzyme in a favorable configuration, such that enzymatic turnover is dynamically accelerated at high substrate concentrations. The effect of such conformation retainment in a nonequilibrium steady state is evaluated.

Role of information and communication in redefining unmanned aerial vehicle autonomous control levels

Autonomous mission control, unlike automatic mission control which is generally pre-programmed to execute an intended mission, is guided by the philosophy of carrying out a complete mission on its own through online sensing, information processing, and control reconfiguration. A crucial cornerstone of this philosophy is the capability of intelligence and of information sharing between unmanned aerial vehicles (UAVs) or with a central controller through secured communication links. Though several mission control algorithms, for single and multiple UAVs, have been discussed in the literature, they lack a clear definition of the various autonomous mission control levels. In the conventional system, the ground pilot issues the flight and mission control command to a UAV through a command data link and the UAV transmits intelligence information, back to the ground pilot through a communication link. Thus, the success of the mission depends entirely on the information flow through a secured communication link between ground pilot and the UAV In the past, mission success depended on the continuous interaction of ground pilot with a single UAV, while present day applications are attempting to define mission success through efficient interaction of ground pilot with multiple UAVs. However, the current trend in UAV applications is expected to lead to a futuristic scenario where mission success would depend only on interaction among UAV groups with no interaction with any ground entity. However, to reach this capability level, it is necessary to first understand the various levels of autonomy and the crucial role that information and communication plays in making these autonomy levels possible. This article presents a detailed framework of UAV autonomous mission control levels in the context of information flow and communication between UAVs and UAV groups for each level of autonomy.