A systematic approach for encryption and authentication with fault tolerance
Introduction
Cryptography plays an essential role in providing the privacy and integrity of sensitive data sent over insecure communication channels [4], [6], [7], [27], [28]. Authentication is an important issue of security in many distributed systems, and a variety of authentication protocols or authentication schemes have been proposed and studied in the literature [2], [12], [13], [14], [23], [24], [26], [29]. Digital signature is used for the authentication of a sender and checking if a message has been altered during the data transmission [5], [17], [18], [22]. Computational and transmission errors lead to periodic introduction of one or more errors. In order to detect and correct errors, a variety of approaches have been proposed and applied [1], [9], [10], [11], [15], [19], [20]. The Algorithm Based Fault Tolerance (ABFT) technique, which achieves fault tolerance with low cost by tailoring the fault tolerance scheme to the algorithm to be performed [11], has several advantages compared with others. Its overhead is relatively small, and it will not affect the original computational throughput until an error is detected. The problems of ABFT are that it is only applicable to a certain computation structure (e.g., matrix multiplication) and overflow may occur during the computations.
In most studies, data security and fault tolerance are implemented separately. Solutions for each often require considerable software and/or hardware overhead. The purpose of this paper is to combine these two issues together to minimize the total overhead. Reiter et al. [16] proposed a security architecture for fault tolerant computing in distributed systems by securing process groups, and the architecture securely and fault tolerantly supports cryptography key distribution by using replication. The approaches in [16] do not support on-line error detection and correction. Zhang [3] proposed a technique to combine the ABFT based approach with the computation of the digital signature in RSA, but it has several limitations. The encryption algorithm used in [3] is RSA which is relatively slow and expensive compared with symmetric-key encryption schemes. The row direction checksums and the column direction checksums used in [3] are products of all elements in the row and in the column directions respectively. They are expensive in terms of computation cost and they are not sensitive to changes of some elements. The hash function value is the product of all elements in the n×m message matrix, so it is possible that one can change any n×m−1 messages, and let the last message be equal to the value calculated by the hash value divided by the product of the n×m−1 messages, such that the new hash value keeps the same as the original one. This will allow a malicious receiver to forge a digital signature and the sender will not be able to deny it. This is a so-called non-repudiation problem [25].
Unlike Reiter et al. [16], this paper proposes a systematic approach for encryption and authentication for general communication partners through any insecure channels and achieves the fault tolerance by the ABFT techniques instead of replication. Additionally, this paper solves the non-repudiation problem existing in Zhang [3] and provides other improvements. In particular, two one-dimension (1-D) hash functions are introduced, each of which is defined and applied to the elements in a row or column direction of the message matrix. The corresponding hash values serve as the checksums and are attached to the message matrix to form an extended (n+1)×(m+1) message matrix. A 2-D hash function is then defined and calculated from the values of the two 1-D hash functions. The extended message matrix is then encrypted and sent to a receiver. The receiver is not only able to verify whether or not the message matrix was sent by a specific user, but also able to detect and correct up to three errors.
In the design of the 1-D hash function, we adopt session pseudo-random numbers in order to withstand chosen-plaintext attacks. They also improve the security level of the 2-D hash function, and eliminate the non-repudiation problem. The proposed approach is generic, which can be applied to most cryptosystem.
The rest of this paper is organized as follows: Section 2 briefly describes the digital signature and defines the 1-D and 2-D hash functions. This section also discusses the authentication mechanism based on the 2-D hash function. Section 3 proposes a systematic encryption and authentication approach for fault tolerant cryptosystems. In Section 4, the single error detection and correction techniques are presented. Section 5 extends the results to the multiple-error detections and corrections. Security analysis is given in Section 6. A summary and brief conclusion is presented in Section 7.
Section snippets
Digital signature and 2-D hash function
Each user in a public-key cryptographic system possesses two keys. One is the public key denoted by EK, and the other is the private key denoted by DK. Consider two users A and B in a public-key cryptographic system. Let EA, DA and EB, DB be the public key and private key of A and B respectively. Let EA(X) denote the encryption by A's public-key for message X. Let DA(Y) denote the decryption by A's private key for an encrypted message Y. We have Dk(Ek(X))=Ek(Dk(X))=X regardless of k.
In the
Encryption and authentication model
The proposed encryption and authentication approach with fault tolerance involves several processes: (1) encryption, (2) transmission, (3) decryption and authentication, and (4) error detection and correction. A discussion of each of these processes follows.
Single error detection and correction
First, we assume that at most one error may occur during the computation and transmission processes. Note that all λ(i) (1⩽i⩽n), and ϕ(j) (1⩽j⩽m) in the extended message matrix are the intermediate values of HR and HC, and they serve as checksums for error detection and correction. We assume that all λ(i) and ϕ(j) are error free during the computation and transmission processes.
When the receiver B obtains the , he/she calculates the Δλ(i) and Δϕ(j) (1⩽i⩽n) and (1⩽j⩽m) based on Definition 4.
Multiple-error detection and correction
Next, we assume that up to three errors could occur in the processes of computation and data transmission. In order to detect and correct multiple errors, a special kind of error called error is defined. Definition 8 An error located at (k,l) is a error if there is not other error in the same row (kth row) and there is not other error in the same column (lth column); Lemma 1 A error has following properties: (1) a error at (k,l) position can be corrected by either fR(k,l) or fC(k,l); (2) after a
Implementation considerations and performance analysis
The proposed scheme is an integrated approach to reduce the overall overhead for network applications where data encryption, data authentication and fault tolerance are required. An example is to transmit medical X-ray images of patients on Internet for real-time medical remote-diagnosis. Since patients' medical data are private, data encryption is required to provide the data privacy on insecure Internet. The received data also need to be authenticated to ensure that they originate from an
Conclusion
The proposed approach provides a systematic integration of encryption and authentication with fault tolerance, and it can be applied to most cryptosystems. The computation of the checksums in this approach is simple and thus fast. By sharing the computation for both authentication and fault tolerance, the total overhead is significantly reduced. The encryption process is free to choose any block cipher that is more efficient than a public-key encryption scheme and it provides more flexibility.
Chang N. Zhang has been at the University of Regina since 1990 where he is currently a Professor of the Department of Computer Science, and Adjunct Scientist with Telecommunication Research Labs (TRLabs). He received his B.S. in Applied Math from the Shanghai University, and a Ph.D. in Computer Science and Engineering from Southern Methodist University.
References (29)
- et al.
Fault-tolerance techniques for systolic arrays
Computer
(1987) - et al.
Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems
(1992) An integrated approach for fault tolerance and digital signature in RSA
IEE Proceedings Computers & Digital Techniques
(1999)Security in Computing
(1997)Digital signatures with RSA and other public-key cryptosystems
Communications of the ACM
(1984)- et al.
Encryption and secure computer networks
Computing Surveys
(1979) Contemporary Cryptography: The Science of Information Integrity
(1992)- J. Daemen, V. Rijmen, AES Proposal: Rijndael, AES Algorithm Submission, September 1999, Available from:...
- et al.
Concurrent error detection in ALU's by recomputing with shifted operands
IEEE Transactions on Computers
(1982) Tolerating failures of continuous-valued sensors
ACM Transactions on Computer Systems
(1990)
Algorithm-based fault tolerance for matrix operations
IEEE Transactions on Computers
Increasing availability and security of an authentication service
IEEE Journal on Selected Areas in Communications
Using one-way functions for authentication
ACM Computer Communication Review
A logic of authentication
ACM Transactions on Computer Systems
Cited by (3)
A survey on secure communication techniques for 5G wireless heterogeneous networks
2020, Information FusionCitation Excerpt :Chang N. Zhang et al. implemented a systematic approach for encryption and authentication with fault tolerance. Experimental results confirmed that the algorithm was efficient and highly sensitive to both the key and the plaintext, but not reliable against brute force [35]. Ritesh Mukherjee et al. proposed a novel encryption scheme which possess high security and was suitable for practical image encryption.
Parallel chaotic Hash function construction based on cellular neural network
2012, Neural Computing and ApplicationsParallel Hash function construction based on chaotic maps with changeable parameters
2011, Neural Computing and Applications
Chang N. Zhang has been at the University of Regina since 1990 where he is currently a Professor of the Department of Computer Science, and Adjunct Scientist with Telecommunication Research Labs (TRLabs). He received his B.S. in Applied Math from the Shanghai University, and a Ph.D. in Computer Science and Engineering from Southern Methodist University.
Chunren Lai is a Ph.D. student in Computer Science at University of Regina. His research interests include fault tolerance, data and systems security and privacy, identification and authentication, and integrated cryptographic techniques. He received the M.S. degree in computer science from University of Regina in 2000.