Powerful Verification for Portable and Ubiquitous Computing M.Dileep Kumar
advertisement
International Journal of Engineering Trends and Technology (IJETT) – Volume 24 Number 5- June 2015 Powerful Verification for Portable and Ubiquitous Computing M.Dileep Kumar M.Tech, Information Technology, VNR Vignana Jyothi College of Engineering & Technology, Hyderabad, India Abstract — In today’s rapid growing technology, various Applications are used in small devices that are used widely for communication Purpose. In a substantial usage of such applications, the confidentiality and integrity of the communicated messages are of specific concern. In this work we intend a novel technique for authenticating short encrypted that are focused to meet the requirements of mobile and ubiquitous applications. By taking fact that message to be authenticated must also be encrypted, we use a secure authentication codes that are more effectual that any other message authentication codes in the literature. Also short random strings are used in the technique before encryption, which are concatenated to the plain text messages to enable more powerful and robust authentication. Keywords — Authentication, Unconditional Security, Computational Security, Universal hash-function families, Ubiquitous Computing. I. INTRODUCTION AND RELATED WORK Keeping the integrity of messages exchanged over public channels is without doubt one of the classic pursuits in cryptography and the literature is rich with message authentication code (MAC) algorithms which are designed for the only purpose of maintaining message integrity. Situated on their security, MACs can be either unconditionally or computationally comfortable. Unconditionally at ease MACs provide message integrity in opposition to forgers with limitless computational power. Then again, computationally secure MACs are only comfy when forgers have constrained computational energy. The elemental suggestion allowing for unconditional protection is that the authentication key can handiest is used to authenticate a restrained quantity of exchanged messages. Due to the fact the administration of 1-time keys is regarded impractical in many applications, computationally secure MACs have end up the approach of alternative for most real life purposes. In computationally comfy MACs, keys can be used to authenticate an arbitrary number of messages. That is, after agreeing on a key, legitimate users can exchange an arbitrary number of authenticated messages with the equal key. Depending on the ISSN: 2231-5381 important building block used to construct them, computationally comfy MACs may also be classified into three primary categories: block cipher founded, cryptographic hash operate headquartered or common hash-operate loved ones established. Using common hash-function families in the Carter-Wegman variety just isn't restricted to the design of unconditionally comfy authentication. Computationally secure MACs founded on common hash functions may also be built with two rounds of computations. Within the first round, the message to be authenticated is compressed making use of a common hash function. Then, within the second round, the compressed picture is processed with a cryptographic operate (mostly a pseudorandom function).Indeed, universal hashing established MACs give better efficiency when in comparison with block cipher or cryptographic hashing situated MACs. There are two fundamental reasons leading to the efficiency advantage of universal hashing established MACs. First, processing messages block through block utilizing universal hash features is turbo than processing them block via block utilizing block ciphers or cryptographic hash capabilities. Secondly, given that the output of the common hash functions is much shorter than the original message itself, processing the compressed picture with a cryptographic operates can also be performed effectively. Indeed, common hashing headquartered MACs supply better efficiency when in comparison with block cipher or cryptographic hashing situated MACs. There are two essential causes main to the performance competencies of universal hashing headquartered MACs. First, processing messages block via block making use of common hash services is turbo than processing them block through block using block ciphers or cryptographic hash services. Secondly, when you consider that the output of the universal hash perform is much shorter than the common message itself, processing the compressed snapshot with a cryptographic http://www.ijettjournal.org Page 279 International Journal of Engineering Trends and Technology (IJETT) – Volume 24 Number 5- June 2015 operate may also be performed efficaciously. One of the most major variations between unconditionally secure MACs established on common hashing and computationally comfortable MACs based on common hashing is the requirement to system the compressed image with a cryptographic primitive within the latter classification of MACs. This round of computation is crucial to look after the key of the common hash perform. That's, on the grounds that universal hash functions should not cryptographic functions, the commentary of multiple message-image pairs can disclose the worth of the hashing key. Due to the fact that the hashing key is used again and again in computationally secured MACs, the exposure of the hashing key will result in breaking the security of the MAC. Therefore, processing the compressed photo with a cryptographic primitive is crucial for the security of this classification of MACs. This suggests that unconditionally at ease MACs based on universal hashing are more efficient than computationally secure ones. On the negative facet, unconditionally at ease common hashing-situated MACs are considered impractical in most latest functions, as a result of the problem of managing one-time keys. There are two important observations to make about existing MAC algorithms. First, they're designed independently of some other operations required to be performed on the message to be authenticated. For instance, if the authenticated message must also be encrypted, current MACs usually are not designed to make use of the performance that may be supplied via the underlying encryption algorithm. Second, most current MACs are designed for the general purpose communication techniques, independently of the properties ,that the messages can possess. For illustration, possible find that the majority existing MACs are inefficient when the messages to be authenticated are short. For instance, UMAC, the fastest pronounced message authentication code in the cryptographic literature has passed through gigantic algorithmic changes to develop its speed on short messages. For instance, UMAC, the fastest pronounced message authentication code in the cryptographic literature has passed through gigantic algorithmic changes to develop its speed on short messages. ISSN: 2231-5381 These days, nonetheless, there's an increasing demand for the deployment of networks which includes a collection of small instruments. In many realistic applications, the essential purpose of such contraptions is to communicate brief messages. A sensor network, for example, will also be deployed to monitor distinctive activities and report some accrued information. In lots of sensor community functions, said information encompass brief exclusive measurements. Do not forget, for illustration, a sensor network deployed in a battlefield with the intent of reporting the existence of moving goals or other temporal movements. In such applications, the confidentiality and integrity of said hobbies are of important significance. . In a different application, take into account the increasingly spreading deployment of radio frequency identification (RFID) methods. In such techniques, RFID tags have to establish themselves to licensed RFID readers in an authenticated method that additionally preserves their privacy. In such eventualities, RFID tags most likely encrypt their identification, which is by and large a short string to guard their privateers. Due to the fact the RFID reader need to additionally authenticate the identity of the RFID tag, RFID tags need to be geared up with a message authentication mechanism. Another utility that's becoming more and more principal is the deployment of physique sensor networks. In such applications, small sensors can also be embedded in the patient’s physique to file some vital indicators. Once more, in some applications the confidentiality and integrity of such pronounced messages will also be main. There have been enormous efforts devoted to the design of hardware effective implementations that suite such small devices. However, there has been little or no effort within the design of targeted algorithms that can be used for the design of message authentication codes that can make use of different operations and the precise homes of such networks. On this paper, we furnish the first such work. II. CONTRIBUTIONS On this work, we pose the next research query: if there's an utility wherein messages that ought to be http://www.ijettjournal.org Page 280 International Journal of Engineering Trends and Technology (IJETT) – Volume 24 Number 5- June 2015 exchanged are quick and each their privacy and integrity must be preserved, can one do better than effortlessly encrypting the messages using an encryption algorithm and authenticating them using commonplace MAC algorithm? We reply the query by means of proposing two new tactics for authenticating quick encrypted messages that are more efficient than present techniques. In the first process, we utilize the fact that the message to be authenticated can also be encrypted, with any comfortable encryption algorithm, to append a short random string to be used within the authentication process. Seeing that the random strings used for unique operations are impartial, the authentication algorithm can advantage from the simplicity of unconditional secure authentication to allow for faster and more efficient authentication, without the predicament to manipulate one-time keys. In the 2nd process, we make the extra assumption that the used encryption algorithm is block cipher headquartered to extra enhance the computational efficiency of the first system. The using purpose at the back of our investigation is that utilizing a common purpose MAC algorithm to authenticate exchanged messages in such techniques might no longer be the most efficient answer and may result in waste of assets already on hand, particularly, the protection that is supplied by the encryption algorithm. A. Notations 1) We use ZZp as the representation for finite integer ring with the addition and multiplication operations performed Modulo P. 2) We use ZZp* as the usual representation for multiplicative group modulo P Where ZZp* contains integers that are comparatively prime to P. 3) For any two strings P and Qof the similar length,(P+Q),denotes the bitwise Exclusive-or(XOR) operation. 4) For any two strings P and Q, (P||Q) represents Concatenate Operations. 1) Indistinguishability Attacks: underneath Chosen Plaintext An foremost safety proposal for encryption algorithms that unwell be used in this paper is indistinguishability underneath hosen plaintext assaults (IND-CPA). Let P be an adversary who's given access oracle to an encryption algorithm, Q, and can ask the oracle to encrypt a polynomial quantity of messages to get their corresponding cipher texts. The encryption algorithm is claimed to be IND-CPA comfy if the adversary, after calling the encryption oracle a polynomial quantity of occasions, is given a ciphertext comparable to certainly one of two plaintext messages of her choice cannot check the plaintext corresponding to the given ciphertext with an skills significantly higher than 1/2. 2) Block Ciphers: III. ORGANIZATION The the rest of the paper is organized as follows: In section IV, we record our notations and talk about some preliminaries. In section V, we describe the primary authentication technique assuming messages do not exceed a maximum size, discuss its efficiency advantages over existing methods, and show its protection. In part VI, we advise a modification to the scheme of section three that supplies a far better idea of integrity. In part VII, we describe the second system assuming the encryption is block cipher based, talk about its performance, and prove its security. In section X, we conclude the paper. ISSN: 2231-5381 IV. NOTATIONS AND PRELIMINARIES In cryptography, a block cipher is a deterministic algorithm operating on constant-length corporations of bits, referred to as blocks, with an unvarying transformation that's particular with the aid of a symmetric key. Block ciphers are primary elementary components in the design of many cryptographic protocols, and are commonly used to enforce encryption of bulk knowledge. Most block cipher algorithms are classified as iterated block ciphers which mean that that they change into constant-dimension blocks of simple-textual content into equal measurement blocks of ciphertext, through the repeated utility of an invertible transformation known as the round function, with every iteration referred to as a round. The general thought is to use randomization of the plaintext data based on one other enter value, http://www.ijettjournal.org Page 281 International Journal of Engineering Trends and Technology (IJETT) – Volume 24 Number 5- June 2015 normally known as an initialization vector, to create what is termed probabilistic encryption.[23] in the trendy cipher block chaining (CBC) mode, for encryption to be comfortable the initialization vector passed together with the plaintext message ought to be a random or pseudo-random worth, which is introduced in an distinguished-or method to the first plaintext block earlier than it is being encrypted. The ensuing ciphertext block is then used as the brand new initialization vector for the next plaintext block. receiver in a confidential manner (by encrypting it with E). Instead of authenticating the message using a traditional MAC algorithm, consider the following procedure. On input a message m, a random nonce r belongs to ZZp is chosen. (We overload m to denote both the binary string representing the message, and the integer representation of the message as an element of ZZp. The same applies to ks and r. The distinction between the two representations will be omitted when it is clear from the context.) We assume that integers representing distinct messages are also V. AUTHENTICATING SHORT ENCRYPTED distinct, which can be achieved by appropriately MESSAGES encoding messages. In this part, we describe our first authentication Now, r is appended to the message and the scheme that can be utilized with any IND-CPA resulting m ||r, where "||" represents concatenation relaxed encryption algorithm. An primary operator, given as input to the encryption algorithm. assumption we make is that messages to be Then, the authentication tag of message m may also authenticated are now not than a predefined size. be calculated as follows: This entails functions in which messages are of T=m*k*s+r*(mod p). (1) fixed length that's recognized a priori, corresponding to RFID programs where tags have REMARK 1. to authenticate their identifiers, sensor nodes We emphasize that the nonce, r, is generated reporting routine that belong to particular area or internally and is not a part of the chosen message measurements inside a unique variety and so on. assault. Actually, r can be idea of as a alternative to The novelty of the proposed scheme is to utilize the the coin tosses that may be fundamental in many encryption algorithm to give a random string and MAC algorithms. In any such case, the generation use it to arrive the simplicity and efficiency of one- of r imposes no further overhead on the time pad authentication without the ought to authentication system. We additionally point out manipulate impractically lengthy keys. that, versus one-time keys, r desires no particular key management; it is brought to the receiver as THE PROPOSED SYSTEM part of the encrypted ciphertext. For the reason that Let N-1 be a higher bound on the size, in bits, of the generation of pseudorandom numbers will also exchanged messages. That's, messages to be be considered high-priced for computationally authenticated can be no longer than (N-1)-bit long. confined contraptions, there have been a few makes Decide on p to be an N-bit lengthy prime integer. an attempt to design authentic random number mills (If N is too small to furnish the favoured security that are compatible for RFID tags and for lowlevel, p will also be chosen significant sufficient to priced sensor nodes. Therefore, we expect the meet the required safety stage.) decide upon an availability of such random number generators. integer ks uniformly at random from the Intended receiver upon receiving the ciphertext, multiplicative crew ZZp*; ks is the secret key of the the intended receiver decrypts it to extract m and r. scheme. The high integer, p, and the secret key, ks, Given T, the receiver can examine the validity of are distributed to reliable users and will be used for the message with the aid of performing the next message authentication. Note that the value of p integrity scan: needn't be secret, most effective ks is secret. T= m*k*s + r* (mod p) (2) Let E be any IND-CPA secure encryption If the integrity determine of is satisfied, the algorithm. Let m be short messages (N-1 bit or message is viewed official. Or else, the integrity of shorter) that is to be transmitted to the intended the message is denied. ISSN: 2231-5381 http://www.ijettjournal.org Page 282 International Journal of Engineering Trends and Technology (IJETT) – Volume 24 Number 5- June 2015 Note, however, that the authentication tag is a operate of the private message. As a result, the authentication tag, have to not disclose expertise about the plaintext for the reason that, in any other case, the confidentiality of the encryption algorithm is compromised. Before we provide formal safety analysis of the proposed method, we first discuss its performance in comparison with current methods. VI PERFORMANCE DISCUSSION There are three classes of standard message authentication codes that can be utilized to preserve message integrity in mobile and pervasive computing. You may use a MAC based on block ciphers, a MAC founded on cryptographic hash capabilities, or a MAC headquartered on universal hash-function households. For the reason that MACs based on universal hashing are known to be more computationally effective than MACs headquartered on block ciphers and cryptographic hash functions. We concentrate our attention on evaluating the proposed MAC to common hash functions-based MACs. In MACs headquartered on common hashing, two phases of computations are required: A) a message compression segment utilizing a common hash function, and B) a cryptographic section wherein the compressed image is processed with a cryptographic primitive (a block cipher or a cryptographic hash function).The compression section is just like the computation of the proposed MAC (actually, the proposed MAC of is an example of strongly Universal hash function). As opposed to usual universal hash function-based MACs, nonetheless, there is not any must system the outcomes of with a cryptographic fuction in the proposed technique. When the messages to be authenticated are short, the modulus prime, p, can also be small. For a small modulus the modular multiplication of is just not a time taking operation. That's, for short messages, the cryptographic segment is the most time consuming phase. Seeing that we goal functions where messages are quick, disposing of the have to perform the sort of cryptographic operation may have a gigantic influence on the efficiency of the MAC function. ISSN: 2231-5381 Another colossal capabilities of the proposed approach, particularly for low-energy gadgets, is hardware effectivity. The hardware required to participate in modular multiplication is lower than the hardware required to perform sophisticated cryptographic operations. For that reason, power consumption is in turn lowered. It stays to compare the proposed scheme with single go authenticated encryption primitives. Nonetheless, for the reason that all at ease authenticated encryption primitives are block cipher based, at the same time the scheme proposed right here can be utilized alongside stream ciphers, we lengthen the assessment, where we describe a extra effective authentication scheme assuming the encryption is block cipher established. VII SECURITY MODEL A message authentication scheme contains a signing algorithm X and a verifying algorithm Y. The signing algorithm maybe probabilistic, while the verifying one is almost always not. Associated with the scheme are parameters L and N describing the size of the shared key and the resulting authentication tag, respectively. On input an L-bit key k and a message m, algorithm X outputs an Nbit string called the authentication tag, or the MAC of m. On input an L-bit key k, a message m, and an N-bit tag , algorithm Y outputs a little, with 1 standing for be given and nil for reject. We ask for a normal validity situation, namely that reliable tags are accredited with likelihood one. That is, if T=X(k, m), it must be the case that Y(k, m, T)=1,for any key k, message m, and tag T. Traditionally, an adversary against a message authentication scheme is a probabilistic algorithm A, which is given oracle access to the signing and verifying algorithms X(k,.,.) and Y(k,.,.) for a random however hidden alternative of ok. A can question S to generate a tag for a plaintext of its option and ask the verifier Y to affirm that is a valid tag for the plaintext. Formally, A’s assault on the scheme is described with the aid of the following experiment: 1. A random string of size L is selected as the shared secret. 2. Think A makes a signing query on a message m. Then the oracle computes an authentication tag T=S(k, m) and returns it to A. (because S could also http://www.ijettjournal.org Page 283 International Journal of Engineering Trends and Technology (IJETT) – Volume 24 Number 5- June 2015 be probabilistic, this step requires making the necessary underlying choice of a random string for S, a brand new for each signing query.) 3. Consider A makes a verify question (m, T). The oracle computes the selection d=X(k ,m ,T) and returns it to A. The verify queries are allowed considering the fact that, unlike the surroundings in digital signatures, A are not able to compute the affirm predicate on its own (considering the confirm algorithm shouldn't be public). Note that A does now not see the secret key k, nor the coin tosses of S. The final result of running the test within the presence of an adversary is used to outline security. VIII SECURITY OF THE AUTHENTICATED ENCRYPTION Bellare and Namprempre outlined two notions of integrity for authenticated encryption methods: the primary is integrity of plaintext (INT-PTXT) and the Second is the integrity of ciphertext (INTCTXT). Combined with encryption algorithms that provide indistinguishability under chosen plaintext attacks (IND-CPA), the safety of unique methods for constructing combined compositions is analyzed. Be aware that our construction is an illustration of the encrypt-and authenticate (E&A) universal composition when you consider that the plaintext message goes to the encryption algorithm as an enter, and the equal plaintext message goes to the authentication algorithm as an input. Fig. 1 illustrates the differences between the three methods for generically composing an authenticated encryption approach. Fig.1. A schematic of the three generic compositions: (a) encrypt-and authenticate,(b) encrypt-then-authenticate (EtA), and (c) authenticate then-encrypt. It was proven in that E&A compositions don't probably furnish IND-CPA. This is frequently given that there exist secure MAC algorithms that leak information about the authenticated message (a distinctive instance of such a MAC can be discovered in). Most likely, if one of these MAC is used to compose an E&A method, then the authenticated encryption does no longer furnish ISSN: 2231-5381 IND-CPA. Nonetheless, the proposed authenticated encryption scheme is at least as exclusive because the underlying encryption algorithm. When you consider that the encryption algorithm is IND-CPA at ease, the resulting composition presents INDCPA. IX SECURITY ANALYSIS On this section, we show the security of the procedure, give a proper safety analysis of the proposed message authentication mechanism, after which speak about the security of the composed authenticated encryption method. 1. Data Privacy Remember that two portions of understanding are transmitted to the meant receiver (the ciphertext and the authentication tag), each of which can be functions of the private plaintext message. Now, when it comes to the authentication tag, become aware of that the nonce r serves as a one-time key (similar to the function r performs within the building of section IV). The formal analysis that the authentication tag does not compromise message privacy is the identical as the one offered and, consequently, is left out. 2. Data Authenticity Earlier than we provide a bound on the chance of triumphant forgery, we give an casual discussion on how the constitution of the authenticated encryption composition can be utilized. Keep in mind that, in normal MACs, the safety is modeled by means of the adversary’s chance of predicting a valid authentication tag for a targeted message. That's, given the adversary’s abilities of a polynomial number of valid message-tag pairs, the intention of the adversary is to forge a new message-tag pair with a view to be accepted as legitimate. MACs in an our authenticated encryption composition, on the other hand, are essentially special than normal MACs. The meant receiver in an authenticated encryption procedure receives a ciphertext-tag pair versus message-tag pair. This means that, for an attempted forgery to be victorious, the adversary ought to come up with a ciphertext-tag pair as a way to be authorised as valid, not a message-tag pair. http://www.ijettjournal.org Page 284 International Journal of Engineering Trends and Technology (IJETT) – Volume 24 Number 5- June 2015 [4] X CONCLUSIONS On this work, a new method for authenticating short encrypted messages is proposed. The fact that the message to be authenticated ought to even be encrypted is used to give a random nonce to the supposed receiver by way of the ciphertext. This allowed the design of an authentication code that benefits from the simplicity of unconditionally at ease authentication without the must control onetime keys. In specified, it has been established on this paper that authentication tags can also be computed with one addition and a one modular multiplication. For the reason that messages are moderately short, addition and modular multiplication can also be carried out rapid than present computationally at ease MACs within the literature of cryptography. When gadgets are equipped with block ciphers to encrypt messages, a second method that makes use of the truth that block ciphers can be modeled as robust pseudorandom diversifications is proposed to authenticate messages utilizing a single modular addition. The proposed schemes are proven to be orders of magnitude rapid, and devour orders of magnitude less vigor than usual MAC algorithms. Hence, they're extra suitable for use in computationally limited mobile and pervasive gadgets. [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18] [19] REFERENCES [1] [2] [3] B. Alomair, A. Clark, J. Cuellar, and R. Poovendran, ―Scalable RFID Systems: A Privacy-Preserving Protocol with Constant-Time Identification,‖ IEEE Trans. Parallel and Distributed Systems, vol. 23, no. 8, pp. 1536-1550, Aug. 2012. Basel Alomair, Radha Poovendran,‖Efficient Authentication for Mobile and Pervasive Computing‖ IEEE Trans. Mobile Computing, Vol. 13, no. 3, Mar 2014. Z. Liu and D. Peng, ―True Random Number Generator in RFID Systems against Traceability,‖ Proc. IEEE Consumer Comm. And Networking Conf. (CCNS ’06), pp. 620-624, 2006. ISSN: 2231-5381 [20] [21] [22] B. Alomair and R. Poovendran, ―E-MACs: Towards More Secure and More Efficient Constructions of Secure Channels,‖ IEEE Trans. Computers, 2012. A. Bogdanov, G. Leander, C. Paar, A. Poschmann, M. Robshaw, and Y. Seurin, ―Hash Functions and RFID Tags: Mind the Gap,‖ Proc. 10th Int’l Workshop Cryptographic Hardware and Embedded Systems (CHES ’08), pp. 283-299, 2008. T. Kohno, J. Viega, and D. Whiting, ―CWC: A High-Performance Conventional Authenticated Encryption Mode,‖ Proc. Int’l Conf. Fast Software Encryption (FSE ’04), pp. 408-426, 2004. Federal Information Processing Standards (FIPS) Publication 113,Computer Data Authentication, FIPS, 1985. ISO/IEC 9797-1:1999 Standard, Information Technology SecurityTechniques - Message Authentication Codes (MACs) - Part 1:Mechanisms Using a Block Cipher, ISO/IEC, 1999. M. Dworkin, ―Recommendation for Block Cipher Modes ofOperation: The CMAC Mode for Authentication,‖ 2005. T. Iwata and K. Kurosawa, ―OMAC: One-Key CBC MAC,‖ Proc.Int’l Conf. Fast Software Encryption (FSE ’03), pp. 129-153, 2003. M. Bellare, R. Guerin, and P. Rogaway, ―XOR MACs: NewMethods for Message Authentication Using Finite PseudorandomFunctions,‖ Proc. 15th Ann. Int’l Cryptology Conf. Advances inCryptology (CRYPTO ’95), pp. 15-28, 1995. P. Rogaway and J. Black, ―PMAC,‖ Proposal to NIST for aParallelizable Message Authentication Code, 2001. M. Bellare, J. Kilian, and P. Rogaway, ―The Security of the CipherBlock Chaining Message Authentication Code,‖ J. Computer andSystem Sciences, vol. 61, no. 3, pp. 362-399, 2000. B. Preneel and P. Van Oorschot, ―On the Security of IteratedMessage Authentication Codes,‖ IEEE Trans. Information Theory,vol. 45, no. 1, pp. 188-199, Jan. 1999. G. Tsudik, ―Message Authentication with One-Way Hash Functions,‖ACM SIGCOMM Computer Comm. Rev., vol. 22, no. 5,pp. 29-38, 1992. M. Bellare, R. Canetti, and H. Krawczyk, ―Keying Hash Functionsfor Message Authentication,‖ Proc. 16th Ann. Int’l Cryptology Conf.Advances in Cryptology (CRYPTO ’96), pp. 1-15, 1996. Federal Information Processing Standards (FIPS) Publication 198, TheKeyed-Hash Message Authentication Code (HMAC), FIPS, 2002. B. Preneel and P.V. Oorschot, ―MDx-MAC and Building FastMACs from Hash Functions,‖ Proc. 15th Ann. Int’l Cryptology Conf.Advances in Cryptology (CRYPTO ’95), vol. 963, pp. 1-14, 1995. ISO/IEC 9797-2:2002 Standard, Information Technology SecurityTechniques - Message Authentication Codes (MACs) - Part 2:Mechanisms Using a Dedicated Hash-Function, ISO/IEC 2002. A. Bosselaers, R. Govaerts, and J. Vandewalle, ―Fast Hashing onthe Pentium,‖ Proc. 16th Ann. Int’l Cryptology Conf. Advances inCryptology (CRYPTO ’96), pp. 298-312, 1996. J. Black, S. Halevi, H. Krawczyk, T. Krovetz, and P. Rogaway,―UMAC: Fast and Secure Message Authentication,‖ Proc. 19thAnn. Int’l Cryptology Conf. Advances in Cryptology (CRYPTO ’99),pp. 216-233, 1999. A Threshold Public Key Cryptosystem to Secure SMS in the Mobile Devices, International Journal of Engineering Trends and Technology (IJETT)–Volume-9Number,7-Mar2014. http://www.ijettjournal.org Page 285
