Authentication codes (A-codes, for short) are considered as important building blocks for constructing unconditionally secure authentication schemes. Since in the conventional A-codes, two communicating parties, transmitter and receiver, utilized a common secret key, and such A-codes do not provide non-repudiation. With the aim of enhancing with non-repudiation property, Simmons introduced A2-codes. Later, Johansson formally defined an improved version of A2-codes called, the A3-codes. Unlike A2-codes, A3-codes do not require an arbiter to be fully trusted. In this paper, we clarify the security definition of A3-codes which may be misdefined. We show a concrete attack against an A3-code and conclude that concrete constructions of A3-codes implicitly assumes a trusted arbiter. We also show that there is no significant difference between A2-codes and A3-codes in a practical sense and further argue that it is impossible to construct an "ideal" A3-codes, that is, without any trusted arbiter. Finally, we introduce a novel model of asymmetric A-codes with an arbiter but do not have to be fully trusted, and also show a concrete construction of the asymmetric A-codes for the model. Since our proposed A-code does not require fully trusted arbiters, it is more secure than A2-codes or A3-codes.

Computer systems are constantly under attack and illegal access is a constant threat which makes security even more critical. A system can be broken into and secret information, e.g. decryption key, may be exposed, resulting in a total break of the system. Recently, a new framework for the protection against such key exposure problem was suggested and was called, Key-Insulated Encryption (KIE). In our paper, we introduce a novel approach to key insulated cryptosystems that offers provable security without computational assumptions. For the model of Information-Theoretically Secure Key-Insulated Encryption (ISKIE), we show lower bounds on required memory sizes of user, trusted device and sender. Our bounds are all tight as our concrete construction of ISKIE achieves all the bounds. We also extend this concept further by adding an extra property so that any pair of users in the system is able to communicate with each other and still have the same security benefits as the existing KIE based on intractability assumptions. We called this, Dynamic and Mutual Key-Insulated Encryption (DMKIE), and concrete implementations of DMKIE will be shown as well. In the end, we discuss the relationship of DMKIE against Key Predistribution Schemes (KPS) and Broadcast Encryption Schemes (BES), that is, we show that DMKIE can be constructed from either KPS or BES.