Save to My Lists Export Return to Browse Limit/Sort Search
     
Limit search to available items
Record 2 of 2
Previous Record Next Record
  Permalink    
Book Cover
E-book
Author Ramkumar, Mahalingam, author

Title Symmetric cryptographic protocols / Mahalingam Ramkumar
Published Cham : Springer, [2014]
©2014
Click on the following:
Springer Engineering eBooks
Springer eBooks

Copies

Description 1 online resource (xvi, 234 pages) : illustrations (some color)
Contents 880-01 Introduction -- Some Useful Constructions -- Non-scalable Key Distribution Schemes -- MLS for Internet Security Protocols -- Scalable Key Distribution Schemes -- Scalable Extensions of Non-scalable Schemes -- Using PKPSs With Tamper-Responsive Modules -- Broadcast Authentication and Broadcast Encryption -- Authenticated Data Structures -- Universal Trusted Computing Bases -- Conclusions and References
880-01/(S Machine generated contents note: 1. Introduction -- 1.1. Cryptographic Algorithms -- 1.1.1. Symmetric Cryptographic Algorithms -- 1.1.2. Asymmetric Algorithms -- 1.2. Using Cryptographic Algorithms -- 1.2.1. Block Cipher Modes -- 1.2.2. Hash Function -- 1.2.3. Hashed Message Authentication Code -- 1.2.4. Asymmetric Encryption and Signatures -- 1.3. Cryptographic Protocols and Security Protocols -- 1.3.1. Security Protocols -- 1.3.2. Symmetric Protocols -- 1.3.3. Symmetric Security Protocols -- 2. Some Useful Constructions -- 2.1. Hash Chains -- 2.1.1. Hash Accumulator -- 2.1.2. Hash Tree -- 2.2. Random Subsets -- 2.2.1. Si [⊂] Sn -- 2.2.2. (Si [∩] Sj) [⊂] Sn -- 3. Nonscalable Key Distribution Schemes -- 3.1. Online KDC -- 3.1.1. NS Protocol -- 3.1.2. Leighton--Micali Protocol -- 3.2. Offline KDC -- 3.2.1. Basic KDS for Static Small-Scale Networks -- 3.2.2. Key Distribution for Dynamic Networks -- 3.3. MLS Key Distribution -- 3.3.1. Identity Ticket (IT) Scheme -- 3.4. Comparison -- 3.4.1. MLS with Multiple KDCs -- 3.4.2. MLS Applications -- 4. MLS for Internet Security Protocols -- 4.1. Domain Name System -- 4.1.1. DNS Records -- 4.2. Securing DNS -- 4.2.1. Link-Security Approaches -- 4.3. DNSSEC -- 4.3.1. Authenticated Denial -- 4.3.2. DNS-Walk -- 4.4. MLS Based Alternative to DNSSEC -- 4.4.1. Extending Link-Security Approaches -- 4.4.2. Principle of TCB-DNS -- 4.4.3. Computing Link Secrets -- 4.5. TCB-DNS Protocol -- 4.5.1. Atomic Relay Algorithm -- 4.5.2. Preparation of TCB-DNS Master File -- 4.5.3. Verification of RRSets -- 4.5.4. Proof of Correctness -- 4.6. Practical Considerations -- 4.6.1. TCB-DNS vs. DNSSEC -- 4.6.2. Authenticated Denial -- 4.6.3. Overhead -- 4.6.4. Replay Attacks -- 4.6.5. DNSSEC with TSIG -- 4.6.6. NSEC3 Opt-Out -- 4.7. Alternative to IPSec -- 4.7.1. IPSec Operation -- 4.7.2. IPSec Issues -- 4.7.3. IPSec Alternative Leveraging TCB-DNS -- 5. Scalable Key Distribution Schemes -- 5.1. Certificates Based Schemes -- 5.2. Identity Based Schemes -- 5.2.1. Identity-Based Key Predistribution Schemes -- 5.2.2. Blom's Schemes -- 5.3. Probabilistic KPSs (PKPS) -- 5.3.1. Allocation of Subsets -- 5.3.2. Random Preloaded Subsets -- 5.3.3. Hash-Chain KPS -- 5.3.4. Hashed Random Preloaded Subsets (HARPS) -- 5.4. (n, p)-Security of HARPS -- 5.4.1. Probability of Winning a Round -- 5.4.2. Optimization of Parameters -- 5.5. Deterministic Versus Probabilistic KPSs -- 5.5.1. KPS Complexity -- 5.5.2. Complexity Versus Desired Collusion Resistance n -- 5.5.3. Using External Resources -- 5.5.4. Low Complexity Hardware -- 5.5.5. Multiple KDCs and Renewal -- 5.5.6. Exploiting Multi-path Diversity -- 5.5.7. Conclusions -- 6. Scalable Extensions of Nonscalable Schemes -- 6.1. Parallel Basic KPS -- 6.2. Parallel Leighton--Micali Scheme (PLM) -- 6.3. (n, p)-Security of PBK and PLM -- 6.3.1. Optimal Choice of Parameters m and M -- 6.4. Subset Keys and Identity Tickets (SKIT) -- 6.4.1. (n, p)-Security of SKIT -- 6.4.2. Optimal Choice of Parameters -- 6.5. Comparison of KPSs -- 6.6. Beyond (n, p)-Security -- 6.6.1. (n, φ, pa)-Security of RPS -- 6.6.2. (n, φ, pa)-Security of PBK/PLM -- 6.6.3. (n, φ, pa)-Security of SKIT -- 6.6.4. Addressing Message Injection Attacks -- 6.7. PLM for Sensor Networks -- 6.7.1. Classical Sensor Network Model -- 6.7.2. Assumptions -- 6.7.3. Key Distribution for Sensor Networks -- 6.7.4. Key Establishment -- 6.7.5. Performance and Overhead -- 6.8. Conclusions -- 7. Using PKPSs with Tamper-Responsive Modules -- 7.1. Core Principles -- 7.1.1. Active and Passive Shields -- 7.1.2. State Transitions -- 7.1.3. Single-Step Countermeasures -- 7.2. DOWN Policy -- 7.2.1. DOWN-Enabled Modules -- 7.2.2. DOWN with Other Asymmetric Schemes -- 7.2.3. DOWN With ID-Based Schemes -- 7.2.4. DOWN Assurance and Complexity -- 7.2.5. DOWN with PKPSs -- 7.3. Second Look at Key Predistribution Scheme (KPS) Complexity -- 7.3.1. Generic Device Model -- 7.4. Comparison of KPSs -- 7.4.1. Deployment Complexity -- 7.4.2. Complexity During Regular Operation -- 7.4.3. PLM -- 7.4.4. PBK -- 7.4.5. RPS and HARPS -- 7.5. KPS Algorithms -- 7.5.1. MLS -- 7.5.2. Scalable KPSs -- 7.6. Security Protocols Utilizing fpw() -- 7.6.1. Atomic Relay Protocols -- 7.6.2. Atomic Authentication Relay Algorithm -- 7.6.3. Atomic Path Secret Relay Algorithm -- 7.6.4. Accepting Relays -- 7.7. Conclusions -- 8. Broadcast Authentication and Broadcast Encryption -- 8.1. Certificates-Based Broadcast Authentication (BA) -- 8.1.1. One-Time Signatures (OTS) -- 8.1.2. Timed Efficient Stream Loss Tolerant Authentication (TESLA) -- 8.2. Identity-Based Broadcast Authentication (BA) Using Key Predistribution -- 8.2.1. Reducing Signature Size -- 8.2.2. Effect of Decrypt Only When Necessary (DOWN) Assurance -- 8.3. Broadcast Encryption -- 8.3.1. Tree-Based Broadcast Encryption (BE) Schemes -- 8.3.2. Broadcast Encryption (BE) Using Probabilistic Key Distribution -- 8.3.3. Broadcast Encryption (BE) by Sources Other Than Key Distribution Center (KDC) -- 8.4. Performance of Probabilistic Key Predistribution Scheme Broadcast Encryption (PKPS BE) -- 8.4.1. Performance Bounds -- 8.4.2. Over-Provisioning Keys -- 8.4.3. Hashed Random Preloaded Subsets (HARPS) vs. Random Preloaded Subsets (RPS) -- 8.5. Models for Broadcast Encryption (BE) -- 8.5.1. G = N Models -- 8.5.2. N>> G Models -- 8.5.3. Batch Sizes for External Sources -- 8.6. Application of Probabilistic Key Predistribution Scheme Broadcast Encryption (PKPS BE) in Publish--Subscribe Systems -- 8.6.1. Desirable Features -- 8.6.2. PKPS-BE vs. T-BE for Pub--Sub Systems -- 8.6.3. Pub--Sub Operation -- 9. Authenticated Data Structures -- 9.1. Merkle Tree as an ADS -- 9.1.1. Merkle Tree Protocols -- 9.2. Ordered Merkle Tree -- 9.2.1. OMT Leaves -- 9.2.2. OMT Nodes -- 9.2.3. Verification and Update Protocols -- 9.2.4. Insertion of OMT Leaves -- 9.2.5. Reordering OMT Leaves -- 9.2.6. Index Ordered Merkle Tree -- 9.2.7. Domain Ordered Merkle Tree -- 9.2.8. Summary of OMT Properties -- 9.3. OMT Algorithms in Trusted Resource Limited Boundaries -- 9.3.1. Self-Certificates -- 9.3.2. Core OMT Functions -- 9.3.3. OMT Functions Exposed by T -- 9.3.4. Root Equivalence Certificates -- 9.3.5. Module T State -- 9.3.6. Using Module Functions -- 9.3.7. Context/Application Dependent Functions -- 9.4. Infrastructural Requirements -- 10. Universal Trusted Computing Bases -- 10.1. Practical Systems -- 10.1.1. Complexity and Ignorance -- 10.1.2. System Security Model -- 10.2. Trusted Platform Modules -- 10.2.1. Realizing a TCG Trusted Platform -- 10.2.2. Pitfalls of the TCG Approach -- 10.3. Trinc -- 10.3.1. Virtual Counters -- 10.4. Credential Management Modules -- 10.4.1. Credential Transaction Model -- 10.4.2. Consequential Transactions -- 10.4.3. Virtual Networks -- 10.4.4. VN State Changes -- 10.4.5. CMM State and VN State -- 10.4.6. Changing VN State -- 10.4.7. CMMs as ADS Constructors and Verifiers -- 10.5. CMM System Architecture -- 10.5.1. CMM Universe -- 10.5.2. Creation of Virtual Networks -- 10.5.3. Intra-VN Key Distribution -- 10.5.4. VN Links -- 10.6. Credential Transaction Model of Representative Systems -- 10.6.1. Credential Transaction Model for DNS -- 10.6.2. DNS Transactions -- 10.6.3. Transaction Models for Other Systems -- 11. Conclusions
Summary This book focuses on protocols and constructions that make good use of symmetric pseudo random functions (PRF) like block ciphers and hash functions - the building blocks for symmetric cryptography. Readers will benefit from detailed discussion of several strategies for utilizing symmetric PRFs. Coverage includes various key distribution strategies for unicast, broadcast and multicast security, and strategies for constructing efficient digests of dynamic databases using binary hash trees. - Provides detailed coverage of symmetric key protocols - Describes various applications of symmetric building blocks - Includes strategies for constructing compact and efficient digests of dynamic databases
Analysis engineering
informatiesystemen
information systems
communicatie
communication
informatietheorie
information theory
gegevensstructuren
data structures
Engineering (General)
Techniek (algemeen)
Bibliography Includes bibliographical references and index
Notes Online resource; title from PDF title page (SpringerLink, viewed August 15, 2014)
Subject Data encryption (Computer science)
Cryptography
COMPUTERS -- Security -- Cryptography.
Cryptography
Data encryption (Computer science)
Form Electronic book
ISBN 9783319075846
3319075845
3319075837
9783319075839
  Permalink