Abstract
After the announcement of a U.S. digital signature standard by NIST, the role of the Exponential One Way Function — which had been used in the initial illustration of public key cryptography — has again received proper recognition as being another security primitive in addition to the RSA-scheme.
In this paper we present the exponential security system TESS developed at the European Institute for System Security (E.I.S.S.) embedded in a package of freeware. The system has meanwhile been applied to some TCP/IP based services such as telnet, rsh and rcp supplementing these services with additional security features. TESS is based on the use of the one way function exp that had originally been described by Pohlig and Hellman and is the central feature in the well-known Diffie-Hellman key exchange protocol. The subsequent contributions by El-Gamal have indicated the multifeature capabilities of this proper one way function. Based on these results, the invention of the Beth-Schnorr-Zero-Knowledge Protocols in extension of the Chaum-Evertse-van de Graaf-Zero Knowledge Scheme has made authentication and signature procedures available, which support the view that the exponential one way function is a security primitive suited for supporting practically all mechanisms needed for the design of secure systems.
The implementation of the authenticated key exchange protocol KATHY within the Network Security System SELANE developed at E.I.S.S., Karlsruhe, based on the Günther-Bauspieß-Knobloch scheme forms an integral part of TESS, providing a universal security toolbox for access control, authentication, key exchange, confidentiality protection, digital signatures and verifiable distributed network security management. Its suitability for the incorporation in the X.509 Directory Authentication Framework as well as its free availability make it an interesting system to extend the features of KERBEROS or DSSA towards a proposed Open System Security Architecture.
A further mechanisms composed from TESS primitives is the Electronic Exponential Signature (EES) scheme. It had been developed for EDI purposes and banking applications already in 1989, when after an indepth study of up-to-date signature procedures, prior to the new U.S. standard, the superiority of the exponential scheme became apparent.
In order to ensure a wider dissemination in the Network Community this article will also be published in the Network Security Observations entitled: Security Systems based on Exponentiation Primitives
This is a preview of subscription content, log in via an institution.
Preview
Unable to display preview. Download preview PDF.
References
L. M. Adleman, J. DeMarrais: A Subexponential Algorithm for Discrete Logarithms over all Finite Fields, Santa Barbara, Crypto '93, Preprints
C. I'Anson, C. J. Mitchell: Security Defects in CCITT Recommendation X.509, Technical Memo, HP Labs, Bristol, Jan. 1990
F. Bauspieß: SELANE, Studienarbeit, Fakultät für Informatik, Universität Karlsruhe, 1988
F. Bauspieß, H.-J. Knobloch: How to keep Authenticity Alive in a Computer Network, Eurocrypt '89, Advances in Cryptology, LNCS 434, Springer-Verlag, Berlin, 1989, pp. 38–46
Th. Beth: Efficient Zero-Knowledge Identification Scheme for Smart Cards, Eurocrypt '88, Advances in Cryptology, LNCS 330, Springer-Verlag, Berlin, 1988, pp. 77–84
Th. Beth, G. Agnew, S. A. Vanstone: What one should know about Public Key Algorithms —Today!, Proceedings SECURICOM '90.
Th. Beth, D. Gollmann: Algorithm Engineering for Public Key Algorithms, IEEE JSAC, Vol. 7, No. 4, pp. 458–466, 1989
Th. Beth, H.-J. Knobloch, M. Otten: Verifiable Secret Sharing for Monotone Access Structures, Proceedings of the 1st ACM Conference on Computer and Communications Security, Fairfax, USA, November 1993, to be published
Th. Beth, F. Schaefer: Non-Supersingular Elliptic Curves for Public Key Cryptosystems, Eurocrypt '91, Advances in Cryptology, LNCS 547, Springer-Verlag, Berlin, 1991 pp. 316–327
M. Burrows, M. Abadi, R. Needham: A Logic of Authentication, DEC-SRC, Research Report Series No. 39, 1989
D. Chaum, J.-H. Evertse, J. van de Graaf: An Improved Protocol for Demonstrating Possession of a Discrete Logarithm and Some Generalizations, Eurocrypt '87, Advances in Cryptology, LNCS 304, Springer-Verlag, Berlin, 1988, pp. 127–141
A. Tarah, C. Huitema: CHIMAERA: A Network Security Model, Proc. ESORICS '90, afcet, 1990, pp. 127–145
W. Diffie, M. E. Hellman: New Directions in Cryptography, IEEE Trans. Inf. Theory, IT-22, 1976, pp. 664–654
T. ElGamal: A public key crypto-system and signature scheme based on discrete logarithms, IEEE Trans. Inf. Theory, IT-31, 1985, 469–472.
C. Günther: Diffie-Hellman and El-Gamal Protocols With One Single Authentication Key, Eurocrypt '89, Advances in Cryptology, LNCS 434, Springer-Verlag, Berlin, 1989, pp. 29–37
P. Horster, H.-J. Knobloch: Discrete Logarithm Based Protocols, Eurocrypt '91, Advances in Cryptology, LNCS 547, Springer-Verlag, Berlin, 1991, pp. 399–408
ITSEC: Harmonised Criteria of France, Germany, the Netherlands, the United Kingdom, Brussels, 1991
Network Working Group J. Kohl, B. C. Neumann, J. Steiner: MIT Project Athena: The Kerberos Network Authentication Service, Draft 2, MIT, November 1989
B. Klein: Authentifikationsdienste für sichere Informationssysteme, Dissertation, Universität Karlsruhe, 1993, to be published
A. M. Odlyzko: Discrete logarithms in finite fields and their cryptographic significance, Eurocrypt '84, Advances in Cryptology, LNCS 209, Springer-Verlag, Berlin, 1985, pp. 224–314
M. Otten: Mehrparteienprotokolle und Korrektes Verteilen von Geheimnissen, Diplomarbeit, Fakultät für Informatik, Universität Karlsruhe, 1992
C. Otto: SELANE-Hardwareentwicklung, Diplomarbeit, Fakultät für Informatik, Universität Karlsruhe, 1990
S. C. Pohlig, M. E. Hellman: An improved algorithm for computing logarithms in GF(p) and its cryptographic significance, IEEE Trans. Inf. Theory, IT-24, 1978, pp. 106–111
F. Schaefer-Lorinser: Arithmetik auf elliptischen Kurven zur Konstruktion kryptographischer Einwegfunktionen, Dissertation, Universität Karlsruhe, 1993
C. P. Schnorr: Efficient Identification and Signatures for Smart Cards, Crypto '89, Advances in Cryptology, LNCS 435, Springer-Verlag, Berlin, 1989, pp. 239–252
G. J. Simmons, W.-A. Jackson, K. Martin: The Geometry of Shared Secret Schemes, Bulletin of the Institute of Combinatorics, Winnipeg Canada, January 1991
S. Stempel: SELANE Pilot-Implementierung, Diplomarbeit, Fakultät für Informatik, Universität Karlsruhe, 1990
R. Yahalom, B. Klein, Th. Beth: Trust Relationships in Secure Systems — A Distributed Authentication Perspective, Proceedings of the IEEE Conference on Research in Security and Privacy, 1993.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1995 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Beth, T. (1995). Multifeature security through homomorphic encryption. In: Pieprzyk, J., Safavi-Naini, R. (eds) Advances in Cryptology — ASIACRYPT'94. ASIACRYPT 1994. Lecture Notes in Computer Science, vol 917. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0000420
Download citation
DOI: https://doi.org/10.1007/BFb0000420
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-59339-3
Online ISBN: 978-3-540-49236-8
eBook Packages: Springer Book Archive