Amitabh Saxena

Authenticating mobile agent platforms using signature chaining without trusted third parties

Mobile agents are mobile programs capable of maintaining their execution state as they migrate across different execution platforms. Large-scale deployment of mobile agent based applications has not been possible because some key technical and security issues remain unsolved. In this paper we propose a method to protect mobile agent platforms from malicious agents using authentication primitives. In contrast to approaches for host protection based on sandbox environments, our method aims to validate the itinerary of an agent. We use the concept of one-way signatures to connect arbitrary hosts in a chain of trust, thus enabling ad-hoc trust relationships to be formed. Our technique does not require the use of any trusted third parties or tamper proof hardware solutions.

Enforcing and defying associativity, commutativity, totality, and strong noninvertibility for one-way functions in complexity theory

Rabi and Sherman [RS97,RS93] proved that the hardness of factoring is a sufficient condition for there to exist one-way functions (i.e., p-time computable, honest, p-time noninvertible functions) that are total, commutative, and associative but not strongly noninvertible. In this paper we improve the sufficient condition to P ≠ NP. More generally, in this paper we completely characterize which types of one-way functions stand or fall together with (plain) one-way functions—equivalently, stand or fall together with P ≠ NP. We look at the four attributes used in Rabi and Sherman’s seminal work on algebraic properties of one-way functions (see [RS97,RS93]) and subsequent papers—strongness (of noninvertibility), totality, commutativity, and associativity—and for each attribute, we allow it to be required to hold, required to fail, or “don’t care.” In this categorization there are 34 = 81 potential types of one-way functions. We prove that each of these 81 feature-laden types stand or fall together with the existence of (plain) one-way functions.

A new paradigm for group cryptosystems using quick keys

In this paper we introduce a new approach to group key agreement. Our approach is based on the idea of an associative one way function (AOWF). We illustrate how such functions can be used to perform highly dynamic and fully contributory multiparty key agreement in group-oriented cryptosystems. We also show how such schemes could be used to create efficient group digital signature schemes. Since at present, we have no working examples of AOWFs, the protocols proposed here only have theoretical value. A similar scheme was also discussed in [Rabi Muhammad and Sherman Alan, Nov. 15 1993] and our work is an extension to it.

Towards a Theory of White-Box Security

Program hardening for secure execution in remote untrusted environment is an important yet elusive goal of security, with numerous attempts and efforts of the research community to produce secure solutions. Obfuscation is the prevailing practical technique employed to tackle this issue. Unfortunately, no provably secure obfuscation techniques currently exist. Moreover, Barak et. al., showed that not all programs can be obfuscated. Theoretical research exhibits provably secure albeit inefficient constructions, e.g. using tools from encrypted domain.

A digital cash protocol based on additive zero knowledge

In this paper, we introduce the concept of Additive Non-Interactive Zero Knowledge (NIZK). We extend the notion of NIZK proofs to include the provers identity as part of the theorem being proved. An additive proof allows a verifier to construct a new proof of knowledge using the information from an old proof. Intuitively, an additive proof is a proof of knowledge of knowledge. As an application of this concept, we propose a digital cash scheme with transferable coins.

Contributory approaches to centralized key agreement in dynamic peer groups

This paper has two contributions. In the first part of this paper we propose a new approach to contributory key agreement in dynamic peer groups (DPG) using a central controller. Our approach has certain advantages over other centralized approaches because it can be extended to a distributed environment. We discuss ways to extend our approach to adapt to arbitrary network failures by segregating a large group into smaller subgroups. Since each subgroup still requires access to a central controller, in the second part of this paper, we present a protocol that can be used to adapt to arbitrary network failures that disable the central controller.

Pairing Based Cryptography For Distributed And Grid Computing

Over recent years, bilinear pairings have emerged as a major research topic in cryptography. In this paper, we describe some applications of bilinear pairings in cryptography for distributed and Grid computing scenarios by presenting mechanisms for trust delegation and confidentiality on a distributed network like a Grid infrastructure.

Additive zero-knowledge and applications: spam prevention

In this paper, we introduce the concept of additive zero knowledge. Essentially, an additive proof can be considered as a proof system involving many provers and one verifier such that the statements of all the provers are proved simultaneously. Our model of additive proofs is presented using constructions of blind group identification, aggregate signatures and chained signatures. The security of our protocols relies on the difficulty of the underlying Diffie-Hellman problem in bilinear maps. As applications, we present a novel method to prevent spam.

Non-interactive zero-knowledge and applications two round authenticated key agreement

In this paper we propose a two-round authenticated key agreement protocol using non-interactive zero-knowledge (NIZK) proofs. Essentially, a NIZK proof allows a prover to convince a verifier about the correctness of a statement without interaction. An obvious application of this is in a two-round key agreement protocol where each participant proves non-interactively the knowledge of the private key and a shared secret. Our key agreement protocol is based on this idea and is secure assuming the hardness of the Diffie-Hellman problem (DHP) and another related problem in bilinear maps.