Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Department of Computer Engineering, Chhattisgarh Swami Vivekananda Technical University (Bhilai) Chhattisgarh
reshusingh.28@gmail.com satya.ritu@gmail.com
ABSTRACT
Share refreshing must tolerate missing sub shares and erroneous sub shares from compromised servers. A compromised server may not generate any sub shares. However, as long as correct servers agree on the set of sub shares to use, they can generate new shares. Proactive security system allows refreshing all shares. Refreshment protocol allows refreshing all shares by using AES, DES and blowfish cryptography function which is available on the server. To keep a protocol consistency, all share holders must cooperative with its procedure. Threshold cryptography is a novel approach for distribution of trust. Firstly we generate trust by using threshold cryptography and then apply refreshment protocol on its for refreshing key. In this paper we have developed refreshment protocol within each node to refresh all sub share which is distributed by threshold cryptography and also threshold value is decided for each and every node because refreshment of key is depend on it.
KEYWORDS
Refreshment protocol, Proactive secret sharing (PSS), Threshold cryptography (TC), Cryptography function (DES, AES and Blowfish).
1. INTRODUCTION
Refreshment protocol scheme protect secrets by distributing them over different locations (share holders). Security is assured throughout the entire life-time of the secret. For long-lived and sensitive secrets this protection scheme is powerful. We propose an efficient protocol in proactive secret sharing scheme for refreshing shares, where shares are periodically renewed using different cryptography function which is available on the each server. A proactive signature scheme involves three phases: the key generation phase, the joint signature-generation phase and finally a special proactive key refreshment phase of the servers' key shares which is done periodically. The signature is generated in a distributed fashion from the shares of the key. Moreover, it has to hold that despite proactivization of the signing key, the signature on a message m, computed under any of the representations of the key is the same. The scheme withstands attackers that eventually break into all servers, as long as only a limited number of the servers are broken into between two consecutive invocations of the refreshment protocol.
2. DISTRIBUTED CRYPTOGRAPHY
Distributed cryptography spreads the operation of a cryptosystem among a group of servers (or parties) in a fault-tolerant way [Des94]. We consider the threshold failure model with n servers,
of which up to t are faulty; such distributed cryptosystems are called threshold cryptosystems. Distributed cryptosystems are based on secret sharing and are typically known only for publickey cryptosystems because of their nice algebraic properties. Here we consider a public-key cryptosystem and a digital signature scheme. Distributed cryptography, introduced in 1987, makes it possible to design cryptographic systems in which some operations require the collaboration of several users. Concretely, a distributed cryptosystem is a public key cryptosystem in which the secret key is shared among a set of users[1]. Only some qualified subsets of users will be able to perform the operation related to the secret key (decrypting or signing). In this way, the security of the system is increased, because the loss or theft of several shares of the secret key does not necessarily break the systems security.
4. SOLUTION APPROACH
In this paper, we have to developed refreshment protocol for refreshing multiple shares, after distribution the private key by threshold cryptography. Refreshment protocol is a technique to refresh shares but condition is that each node refresh own share by using different cryptography function (such as DES, AES and Blowfish) which is available on the server.
5. CONCLUSION
Refreshment protocol provides a method for maintaining the overall security of a system, even when individual components are repeatedly broken into and controlled by an attacker. In particular it provides for automated recovery of the security of individual components, avoiding the use of expensive and inconvenient manual processes. The technique calls for the distribution of trust among several servers, together with refreshments of the share held by the servers. This way, the refreshment approach guarantees uninterrupted security as long as not too many servers are broken into at the same time. Proactive security shows how to maintain the overall security of a system even under such conditions. The technique combines two well-known approaches to enhance the security of the system: distributed (or threshold) cryptograph, which ensures security as long as a threshold (say half) of the servers are not corrupted; and refresh or update of the sensitive data (e.g. keys) using different cryptography function which is held by the servers.
REFERENCES
[1]. Rajkumari Retoliya. A Novel Approach Share Key Refreshing for Long Term Protection in Distribute Cryptography by Protective Security. IJCSET | July 2011,Vol 1,Issue 6,290-295. [2] L. Ertaul and N. Chavan, Security of Ad Hoc Networks and Threshold MOBIWAC 2006. cryptography, in Crypto 97, pp.
[3]. D. Boneh and M. Franklin. Efficient generation of shared RSA keys. In Proc. 425-539.
[4]. R. Canetti, R. Gennaro, A. Herzberg and D. Naor, Proactive Security: Long-term protection against break-ins. CryptoBytes: the technical newsletter of RSA Labs,Vol. 3, number 1 Spring, 1997. [5]. Y. Frankel, P. Gemmell, P. Mackenzie, and M. Yung. Optimal resilience proactive public-key cryptosystems. In Proc. 38th Annual Symp. on Foundations of Computer Science. IEEE, 1997. [6]. Y. Frankel, P. Gemmell, P. Mackenzie, and M. Yung. Proactive RSA. In Proc. of Crypto97. 12. P. Gemmell. An introduction to threshold cryptography. In Cryptobytes, Winter 97, pp. 7-12, 2000. [7] D. Boneh, Ed Felten, Bill Aiello, and Matt Franklin. http://gump.bellcore.com:7700. [8] D. Chaum, C. Crepeau, and I. Damgard. Multiparty Unconditionally Secure Protocols. In Proc. 20th Annual Symp. on the Theory of Computing, pages11{19. CM, 1988. [9] R. Canetti and A. Herzberg. Maintaining security in the presence of transient faults. In Y. Desmedt, editor, Advances in Cryptology | Crypto '94, pages 425{438,1994. SpringerVerlag. Lecture Notes in Computer Science No. 839. [10]. R. Gennaro, S. Jarecki, H. Krawczyk and T. Rabin, Robust threshold DSS signature. In Ueli Maurer, editor, Advances in Cryptology - Eurocrypt '96, pp. 354-371, 1996. Springer-Verlag Lecture Notes in Computer Science No. 1070. [11].A. Herzberg, S. Jarecki, H. Krawczyk, and M. Yung, Proactive secret sharing, or: How to cope with perpetual leakage. In D. Coopersmith, editor, Advances in Cryptology Crypto '95, pp. 339-352, 1995. Lecture Notes in Computer Science No. 963.
ACKNOWLEDGEMENTS
I take this opportunity to express my deep sense of gratitude and respect to my guide Ms. Satya Verma (Reader, Department of CSE) without her constant encouragement and key tips, it would not have been possible to complete this work with the present quality. I am really indebted to Mrs. Sipi Dubey M.Tech. project coordinator for helping me in each aspect of my
academics activities. I would also like to thanks my Sister and Father Ms.Shweta Singh and Mr. T.P.Singh for his immense patience in understanding me during my work. Last, but not the least, I thank all those people, who have helped me directly or indirectly in accomplishing this work.
AUTHOR PROFILE:
RASHMI SINGH received her B.Sc. degree in Computer Science from Kalyan College, Bhilai in 2006 Affiliated to Pt. Ravishankar University, Raipur(C.G.), the M.Sc. degree in Computer Science from Shankaracharya College, Affiliated to Pt. Ravishankar University, Raipur(C.G.) in 2008, M.Phil. degree in Computer Science from C.V.Raman,Bilaspur (C.G.) 2009 and the M.Tech. degree pursuing in Software Engineering from Chhattisgarh Swami Vivekananda Technical University (Bhilai) Chhattisgarh, in 20102012. I am currently working as an assistant professor, with Department of Computer Science from Bhilai School of Engineering (C.S.V.T.U.).