Many cryptographic schemes and protocols, especially those based on public-key cryptography, have basic or so-called " textbook crypto " versions, as these versions are usually the subjects for many textbooks on cryptography. This book takes a different approach to introducing cryptography: it pays much more attention to fit-for-application aspects of… (More)
Signcryption is a public key primitive proposed by Zheng  to achieve the combined functionality of digital signature and encryption in an efficient manner. We present a signcryption scheme based on RSA and provide proofs of security in the random oracle model  for its privacy and unforgeability. Both proofs are under the assumption that inverting the… (More)
In the past few years a lot of attention has been paid to the use of special logics to analyse cryptographic protocols, foremost among these being the logic of Burrows, Abadi and Needham (the BAN logic). These logics have been successful in nding weaknesses in various examples. In this paper a limitation of the BAN logic is illustrated with two examples.… (More)
The pioneering and well-known work of Burrows, Abadi and Needham (the BAN logic) which dominates the area of security protocol analysis is shown to take an approach which is not fully formal and which consequently permits approval of dangerous protocols. Measures to make the BAN logic formal are then proposed. The formalisation is found to be desirable not… (More)
The security requirements for protocols for electronic auctions are discussed. Prominent research proposals are discussed and compared with the existing state of implemented electronic auctions on the In-ternet. Some promising research directions are proposed.
We examine security protocols for the Grid Security Infrastructure (GSI) version 2 and identify a weakness of poor scalability as a result of GSI's authentication framework requiring heavy interactions between a user-side client machine and resource suppliers. We improve the GSI architecture and protocols by proposing an alternative authen-tication… (More)
A family of authenticators based on static shared keys is identified and proven secure. The authenticators can be used in a variety of settings, including identity-based ones. Application of the au-thenticators to Diffie-Hellman variants in appropriate groups leads to authenticated key agreement protocols which have attractive properties in comparison with… (More)
We propose two public-key schemes to achieve " deniable au-thentication " for the Internet Key Exchange (IKE). Our protocols can be implemented using different concrete mechanisms and we discuss different options; in particular we suggest solutions based on elliptic curve pairings. The protocol designs use the modular construction method of Canetti and… (More)