L. Martínez–Ramos*1, L. López–García2, F. Rodríguez–Henríquez3
1,2,3 Computer Department, CINVESTAV–IPN San Pedro Zacatenco, México, D.F
2 Centro Universitario Zumpango Universidad Autónoma del Estado de México Camino viejo a Jilotzingo continuación calle Rayón Valle Hermoso, Zumpango, México, C.P. 55600 *E–mail: mlopez@computacion.cs.cinvestav.mx
ABSTRACT
Continuous technological advances have allowed that mobile devices, such as Personal Digital Assistants (PDAs), can execute sophisticated applications that more often than not must be equipped with a layer of security that should include the confidentiality and the authentication services within its repertory. Nevertheless, when compared against front–end computing devices, most PDAs are still seen as constrained devices with limited processing and storage capabilities.
]]> In order to achieve Identity–Based Cryptography (IBC), which was an open problem proposed by Adi Shamir in 1984, Boneh and Franklin presented in Crypto 2001, a solution that uses bilinear pairings as its main building block. Since then, IBC has become an active area of investigation where many efficient IBC security protocols are proposed year after year. In this paper, we present a cryptographic application that allows the secure exchange of documents from a Personal Digital Assistant (PDA) that is wirelessly connected to other nodes. The architecture of our application is inspired by the traditional PGP (Pretty Good Privacy) email security protocol. Our application achieves identity–based authentication and confidentiality functionalities at the 80–bit security level through the usage of a cryptographic library that was coded in C++. Our library can perform basic primitives such as bilinear pairings defined over the binary field F2233 and the ternary field F397, as well as other required primitives known as map–to–point hash functions. We report the timings achieved by our application and we show that they compare well against other similar works published in the open literature.Keywords: Identity–based identity, bilinear pairings, PGP, mobile devices.
RESUMEN
Los incesantes avances tecnológicos han permitido que los dispositivos móviles, tales como los Asistentes Digitales Personales (PDAs), puedan ejecutar aplicaciones sofisticadas que usualmente no realizaban, para lo cual deben estar equipadas con una capa de seguridad que debe incluir en su repertorio los servicios de confidencialidad y autenticación. Sin embargo, este tipo dispositivos comparados con servidores, aún exhiben limitaciones en procesamiento y almacenamiento.
Con la finalidad de hacer realidad la criptografía basada en la identidad (IBC por sus siglas en inglés), la cual fue considerada un problema abierto propuesto por Adi Shamir en 1984, Boneh y Franklin presentaron en Crypto 2001, una solución que usa emparejamientos bilineales como su bloque principal. Desde entonces, IBC ha sido un área activa de investigación en la cual muchos protocolos eficientes de seguridad son propuestos año tras año. En este artículo, presentamos una aplicación criptográfica que permite el intercambio seguro de documentos de un Asistente Digital Personal (PDA), el cual es conectado de forma inalámbrica con otros dispositivos. La arquitectura de nuestra aplicación está inspirada en el tradicional protocolo de seguridad de correo electrónico PGP (Pretty Good Privacy). Nuestra aplicación alcanza las funcionalidades de autenticación y cifrado, ambos basados en la identidad con un nivel de seguridad de 80 bits, a través del uso de una biblioteca criptográfica que fue codificada en C++. Nuestra biblioteca implementa primitivas básicas tales como emparejamientos bilineales definidos sobre los campos binarios F2233 y el ternario F397, así como otras primitivas requeridas, conocidas como funciones picadillo map–to–point. Presentamos también los reportes de los tiempos obtenidos por nuestra aplicación y mostramos una comparación de los mismos contra otros resultados publicados en la literatura abierta.
DESCARGAR ARTÍCULO EN FORMATO PDF
References
]]>[1] Boneh D. and Franklin M. K., Identity–Based Encryption from the Weil Pairing, Proceedings of CRYPTO '01, the 21st Annual International Cryptology Conference on Advances in Cryptology, 2001, pp. 213-229, Springer–Verlag, London, UK. [ Links ]
[2] Beuchat J–L., Brisebarre N., Detrey J., Okamoto E., Shirase M., and Takagi T., Algorithms and Arithmetic Operators for Computing the T Pairing in Characteristic Three, IEEE Trans. Comput., Vol. 57, Issue. 11. 2008, pp. 1454–1468, IEEE Computer Society, Washington, DC, USA. [ Links ]
[3] Shamir A., Identity–based cryptosystems and signature schemes, Proceedings of CRYPTO'84 on Advances in Cryptology, 1985, pp. 47–53, Santa Barbara, California, United States. [ Links ]
[4] Gorantla M.C., Gangishetti R., and Saxena A., A survey on ID–Based Cryptographic Primitives, Cryptology ePrint Archive, Report 2005/094, 2005. [ Links ]
[5] Hess F., Efficient Identity Based Signature Schemes Based on Pairings, SAC '02: Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography, 2003, pp. 310–324, Springer–Verlag, London, UK. [ Links ]
]]>[6] Harrison K., Page D. and Smart N., Software Implementation of Finite Fields of Characteristic Three, for use in Pairing–Based Cryptosystems, London Mathematical Society J. [ Links ] Comput. Math., Vol. 5, pp. 181-193, 2002. [ Links ]
[7] Duursma I. And Lee H–S., Tate Pairing Implementation for Hyperelliptic Curves y2= xp – x + d, ASIACRYPT '03: Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security, 2003, Vol. 2894, pp. 111–123, Springer–Verlag. [ Links ]
[8] Barreto P., Kim H. Y., Lynn B., and Scott M., Efficient Algorithms for Pairing–Based Cryptosystems, CRYPTO '02: Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology, 2002, Vol. 2442, pp. 354–368, Springer–Verlag, London, UK. [ Links ]
[9] Galbraith S. G., Harrison K. and Soldera D., Implementing the Tate Pairing, ANTS–V: Proceedings of the 5th International Symposium on Algorithmic Number Theory, 2002, Vol. 2369, pp. 324–337, Springer–Verlag, London, UK. [ Links ]
[10] Beuchat J–L., Shirase M., Takagi T., and Okamoto E., An Algorithm for the T Pairing Calculation in Characteristic Three and its Hardware Implementation, ARITH '07: Proceedings of the 18th IEEE Symposium on Computer Arithmetic, 2007, pp. 97–104, IEEE Computer Society, Washington, DC, USA. [ Links ]
[11] Beuchat J–L., Brisebarre N., Detrey J., Okamoto E., Shirase M., and Rodríguez–Henríquez F., A Comparison Between Hardware Accelerators for the Modified Tate Pairing over F2m and F3m, Cryptology ePrint Archive, Report 2008/115, 2008. [ Links ]
[12] Yang J–H., and Chang C–C., An ID–Based Remote Mutual Authentication with Key Agreement Scheme for Mobile Devices on Elliptic Curve Cryptosystem, Computers & Security, 2009, Vol. 28, Issues 3–4, pp. 138–143. [ Links ]
[13] Chang C–C., Lin S–Y., Yang J–H., Efficient user authentication and key establishment protocols with perfect forward secrecy for mobile devices, Proceedings of the 2009 Ninth IEEE International Conference on Computer and Information Technology, 2009, Vol. 2, pp. 131–135, Xiamen, China. [ Links ]
[14] Niansheng L., Donghui G., and Jiaxiang H. AES Algorithm Implemented for PDA Secure Communication with Java, Anti–counterfeiting, Security, Identification, 2007 IEEE, pp. 217–222. [ Links ]
[15] Kawahara Y., Takagi T., and Okamoto E., Efficient Implementation of Tate Pairing on a Mobile Phone Using Java, CIS, 2006, pp. 396–405. [ Links ]
[16] Callas J., Donnerhacke L., Finney H., Shaw D., and Thayer R., RFC–4880 OpenPGP Message Format, 2007. [ Links ]
]]>