Methods to Encrypt and Authenticate Digital Files in Distributed Networks and Zero-Trust Environments
The methods proposed in this paper are leveraging Challenge–Response–Pair (CRP) mechanisms that are directly using each digital file as a source of randomness. Two use cases are considered: the protection and verification of authenticity of the information distributed in storage nodes and the protec...
Main Authors: | , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2023-05-01
|
Series: | Axioms |
Subjects: | |
Online Access: | https://www.mdpi.com/2075-1680/12/6/531 |
_version_ | 1797596200743993344 |
---|---|
author | Bertrand Cambou Christopher Philabaum Jeffrey Hoffstein Maurice Herlihy |
author_facet | Bertrand Cambou Christopher Philabaum Jeffrey Hoffstein Maurice Herlihy |
author_sort | Bertrand Cambou |
collection | DOAJ |
description | The methods proposed in this paper are leveraging Challenge–Response–Pair (CRP) mechanisms that are directly using each digital file as a source of randomness. Two use cases are considered: the protection and verification of authenticity of the information distributed in storage nodes and the protection of the files kept in terminal devices operating in contested zero-trust environments comprised of weak signals in the presence of obfuscating electromagnetic noise. With the use of nonces, the message digests of hashed digital files can be unique and unclonable; they can act as Physical Unclonable Functions (PUF)s in challenge–response mechanisms. During enrollment, randomly selected “challenges” result in unique output data known as the “responses” which enable the generation and distribution of cryptographic keys. During verification cycles, the CRP mechanisms are repeated for proof of authenticity and deciphering. One of the main contributions of the paper is the development of mechanisms accommodating the injection of obfuscating noises to mitigate several vectors of attacks, disturbing the side channel analysis of the terminal devices. The method can distribute error-free cryptographic keys in noisy networks with light computing elements without relying on heavy Error Correcting Codes (ECC), fuzzy extractors, or data helpers. |
first_indexed | 2024-03-11T02:47:16Z |
format | Article |
id | doaj.art-e69c069022c44dc6b6f33033c9bbedfa |
institution | Directory Open Access Journal |
issn | 2075-1680 |
language | English |
last_indexed | 2024-03-11T02:47:16Z |
publishDate | 2023-05-01 |
publisher | MDPI AG |
record_format | Article |
series | Axioms |
spelling | doaj.art-e69c069022c44dc6b6f33033c9bbedfa2023-11-18T09:16:24ZengMDPI AGAxioms2075-16802023-05-0112653110.3390/axioms12060531Methods to Encrypt and Authenticate Digital Files in Distributed Networks and Zero-Trust EnvironmentsBertrand Cambou0Christopher Philabaum1Jeffrey Hoffstein2Maurice Herlihy3School of Informatics Computing and Cyber Systems, Northern Arizona University, Flagstaff, AZ 86011, USASchool of Informatics Computing and Cyber Systems, Northern Arizona University, Flagstaff, AZ 86011, USADepartment of Computer Science, Brown University, Providence, RI 02901, USADepartment of Computer Science, Brown University, Providence, RI 02901, USAThe methods proposed in this paper are leveraging Challenge–Response–Pair (CRP) mechanisms that are directly using each digital file as a source of randomness. Two use cases are considered: the protection and verification of authenticity of the information distributed in storage nodes and the protection of the files kept in terminal devices operating in contested zero-trust environments comprised of weak signals in the presence of obfuscating electromagnetic noise. With the use of nonces, the message digests of hashed digital files can be unique and unclonable; they can act as Physical Unclonable Functions (PUF)s in challenge–response mechanisms. During enrollment, randomly selected “challenges” result in unique output data known as the “responses” which enable the generation and distribution of cryptographic keys. During verification cycles, the CRP mechanisms are repeated for proof of authenticity and deciphering. One of the main contributions of the paper is the development of mechanisms accommodating the injection of obfuscating noises to mitigate several vectors of attacks, disturbing the side channel analysis of the terminal devices. The method can distribute error-free cryptographic keys in noisy networks with light computing elements without relying on heavy Error Correcting Codes (ECC), fuzzy extractors, or data helpers.https://www.mdpi.com/2075-1680/12/6/531obfuscationvalidationauthenticationdigital filecryptographyelectronic noise |
spellingShingle | Bertrand Cambou Christopher Philabaum Jeffrey Hoffstein Maurice Herlihy Methods to Encrypt and Authenticate Digital Files in Distributed Networks and Zero-Trust Environments Axioms obfuscation validation authentication digital file cryptography electronic noise |
title | Methods to Encrypt and Authenticate Digital Files in Distributed Networks and Zero-Trust Environments |
title_full | Methods to Encrypt and Authenticate Digital Files in Distributed Networks and Zero-Trust Environments |
title_fullStr | Methods to Encrypt and Authenticate Digital Files in Distributed Networks and Zero-Trust Environments |
title_full_unstemmed | Methods to Encrypt and Authenticate Digital Files in Distributed Networks and Zero-Trust Environments |
title_short | Methods to Encrypt and Authenticate Digital Files in Distributed Networks and Zero-Trust Environments |
title_sort | methods to encrypt and authenticate digital files in distributed networks and zero trust environments |
topic | obfuscation validation authentication digital file cryptography electronic noise |
url | https://www.mdpi.com/2075-1680/12/6/531 |
work_keys_str_mv | AT bertrandcambou methodstoencryptandauthenticatedigitalfilesindistributednetworksandzerotrustenvironments AT christopherphilabaum methodstoencryptandauthenticatedigitalfilesindistributednetworksandzerotrustenvironments AT jeffreyhoffstein methodstoencryptandauthenticatedigitalfilesindistributednetworksandzerotrustenvironments AT mauriceherlihy methodstoencryptandauthenticatedigitalfilesindistributednetworksandzerotrustenvironments |