The security of quantum broadcast communication(QBC) and authentication protocol based on Greenberger–Horne–Zeilinger(GHZ) state and quantum one-time pad is analyzed. It is shown that there are some security iss...The security of quantum broadcast communication(QBC) and authentication protocol based on Greenberger–Horne–Zeilinger(GHZ) state and quantum one-time pad is analyzed. It is shown that there are some security issues in this protocol.Firstly, an external eavesdropper can take the intercept–measure–resend attack strategy to eavesdrop on 0.369 bit of every bit of the identity string of each receiver without being detected. Meanwhile, 0.524 bit of every bit of the secret message can be eavesdropped on without being detected. Secondly, an inner receiver can take the intercept–measure–resend attack strategy to eavesdrop on half of the identity string of the other's definitely without being checked. In addition, an alternative attack called the CNOT-operation attack is discussed. As for the multi-party QBC protocol, the attack efficiency increases with the increase of the number of users. Finally, the QBC protocol is improved to a secure one.展开更多
A digital image encryption scheme using chaotic map lattices has been proposed recently. In this paper, two fatal flaws of the cryptosystem are pointed out. According to these two drawbacks, cryptanalysts could recove...A digital image encryption scheme using chaotic map lattices has been proposed recently. In this paper, two fatal flaws of the cryptosystem are pointed out. According to these two drawbacks, cryptanalysts could recover the plaintext by applying the chosen plaintext attack. Therefore, the proposed cryptosystem is not secure enough to be used in the image transmission system. Experimental results show the feasibility of the attack. As a result, we make some improvements to the encryption scheme, which can completely resist our chosen plaintext attack.展开更多
In this paper, we analyze two signcryption schemes on elliptic curves proposed by Zheng Yu-liang and Hideki Imai. We point out a serious problem with the schemes that the elliptic curve based signcryption schemes lose...In this paper, we analyze two signcryption schemes on elliptic curves proposed by Zheng Yu-liang and Hideki Imai. We point out a serious problem with the schemes that the elliptic curve based signcryption schemes lose confidentiality to gain non-repudiation. We also propose two improvement versions that not only overcome the security leak inherent in the schemes but also provide public verifiability or forward security. Our improvement versions require smaller computing cost than that required by signature-then-encryption methods.展开更多
In a recent work [Quantum Inf. Process 12 (2013) 1077], a multi-user protocol of quantum private comparison of equality (QPCE) is presented. Here we point out that if we relax the constraint of a semi-honest third...In a recent work [Quantum Inf. Process 12 (2013) 1077], a multi-user protocol of quantum private comparison of equality (QPCE) is presented. Here we point out that if we relax the constraint of a semi-honest third party, the private information of the users will be totally leaked out to the third party. A special attack is demonstrated in detail. Furthermore, a possible improvement is proposed, which makes the protocol secure against this kind of attack.展开更多
In this paper, we present the results for the security and the possible attacks on a new symmetric key encryption algorithm based on the ergodicity property of a logistic map. After analysis, we use mathematical induc...In this paper, we present the results for the security and the possible attacks on a new symmetric key encryption algorithm based on the ergodicity property of a logistic map. After analysis, we use mathematical induction to prove that the algorithm can be attacked by a chosen plaintext attack successfully and give an example to show how to attack it. According to the cryptanalysis of the originM Mgorithm, we improve the originM Mgorithm, and make a brief cryptanalysis. Compared with the original algorithm, the improved algorithm is able to resist a chosen plaintext attack and retain a considerable number of advantages of the original algorithm such as eneryption speed, sensitive dependence on the key, strong anti-attack capability, and so on.展开更多
Advances in quantum computers threaten to break public key cryptosystems such as RSA, ECC, and EIGamal on the hardness of factoring or taking a discrete logarithm, while no quantum algorithms are found to solve certai...Advances in quantum computers threaten to break public key cryptosystems such as RSA, ECC, and EIGamal on the hardness of factoring or taking a discrete logarithm, while no quantum algorithms are found to solve certain mathematical problems on non-commutative algebraic structures until now. In this background, Majid Khan et al.proposed two novel public-key encryption schemes based on large abelian subgroup of general linear group over a residue ring. In this paper we show that the two schemes are not secure. We present that they are vulnerable to a structural attack and that, it only requires polynomial time complexity to retrieve the message from associated public keys respectively. Then we conduct a detailed analysis on attack methods and show corresponding algorithmic description and efficiency analysis respectively. After that, we propose an improvement assisted to enhance Majid Khan's scheme. In addition, we discuss possible lines of future work.展开更多
We ayptanalyze Kim et. al's one-time proxy signature scheme used in mobileagents, and then a successful forgery is introduced It is showed that a dishonest customer cansuccessfully forge a valid one-time proxy sig...We ayptanalyze Kim et. al's one-time proxy signature scheme used in mobileagents, and then a successful forgery is introduced It is showed that a dishonest customer cansuccessfully forge a valid one-time proxy signature by impersonating the stiver Furthermore, he canrequest the server with responsibility for the forged bidding information.展开更多
A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryp...A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryption scheme. We propose an algebraic key-recovery attack in the polynomial computational complexity. Furthermore, we peel off the encryption and decryption process and propose attack methods for solving the conjugator search problem over the given non-abelian group. Finally, we provide corresponding practical attack examples to illustrate the attack methods in our cryptanalysis, and provide some improved suggestions.展开更多
Recently,Hwang et al.proposed a (t,n) threshold-proxy (c,m) thresholdsignature schemes,in which only any t or more original signers of n original signers can authorize a proxy group of m proxy signers and then onl...Recently,Hwang et al.proposed a (t,n) threshold-proxy (c,m) thresholdsignature schemes,in which only any t or more original signers of n original signers can authorize a proxy group of m proxy signers and then only c or more proxy signers can cooperatively generate threshold-proxy threshold-signature.In this scheme,they claimed that original signers cannot forge the proxy signature and the proxy signers cannot forge signature on behalf of the original signers.However,in this paper,we will give a attack to show that their scheme can not resist impersonation attacks.展开更多
The Tiny Encryption Algorithm (TEA) is a Feistel block cipher well known for its simple implementation, small memory footprint, and fast execution speed. In two previous studies, genetic algorithms (GAs) were employed...The Tiny Encryption Algorithm (TEA) is a Feistel block cipher well known for its simple implementation, small memory footprint, and fast execution speed. In two previous studies, genetic algorithms (GAs) were employed to investigate the randomness of TEA output, based on which distinguishers for TEA could be designed. In this study, we used quan-tum-inspired genetic algorithms (QGAs) in the cryptanalysis of TEA. Quantum chromosomes in QGAs have the advan-tage of containing more information than the binary counterpart of the same length in GAs, and therefore generate a more diverse solution pool. We showed that QGAs could discover distinguishers for reduced cycle TEA that are more efficient than those found by classical GAs in two earlier studies. Furthermore, we applied QGAs to break four-cycle and five-cycle TEAs, a considerably harder problem, which the prior GA approach failed to solve.展开更多
This paper studies the security of an image encryption scheme based on the Hill cipher (Ismail et al., 2006) and reports its following problems: (1) There is a simple necessary and sufficient condition that makes a nu...This paper studies the security of an image encryption scheme based on the Hill cipher (Ismail et al., 2006) and reports its following problems: (1) There is a simple necessary and sufficient condition that makes a number of secret keys invalid; (2) It is insensitive to the change of the secret key; (3) It is insensitive to the change of the plain-image; (4) It can be broken with only one known/chosen plaintext; (5) It has some other minor defects. The proposed cryptanalysis discourages any use of the scheme in practice.展开更多
The security of Canard-Traore fair e-cash system scheme was believed to depend on the strong-RSA assumption and the Decision Diffie-Hellman assumption in groups of unknown order. But it is not the case. The cryptanaly...The security of Canard-Traore fair e-cash system scheme was believed to depend on the strong-RSA assumption and the Decision Diffie-Hellman assumption in groups of unknown order. But it is not the case. The cryptanalysis on Canard-Traore fair e-cash system was presented. An algorithm was designed to show that Canard-Traore fair e-cash system is insecure: It is forgeability. Further, two drawbacks on Canard-Traore fair e-cash system scheme were pointed out. One is that those integer intervals for si(i=1,…,9) are unappropriate. The other is that the datum s3 in signature data is redundant. Moreover, a minute description of the technique to shun the challenge in the scheme was presented. The technique is helpful for designing new group signature schemes in the future.展开更多
Due to the characteristics of chaotic systems,different cryptosystems based on chaos have been proposed to satisfy the security of multimedia data.A plain image-related chaotic algorithm is proposed by Luo et al.with ...Due to the characteristics of chaotic systems,different cryptosystems based on chaos have been proposed to satisfy the security of multimedia data.A plain image-related chaotic algorithm is proposed by Luo et al.with high speed and efficiency.Security weaknesses of the cryptosystem are studied in this paper.It is found that the important secret key information is leaked because an important parameter can be obtained after an inverse operation in the last step of the cryptosystems without secret key.Meanwhile,the value zero is processed improperly in quantification algorithm.Based on the weaknesses,chosen plaintext attack on the cryptosystem is proposed,by which,an important parameter,equivalent to secret key,can be calculated with a specific chosen plain image.With the obtained parameter,the plain image of any ciphered image,encrypted by the cryptosystem,can be recovered.Then,an improvement is proposed to solve the problems after modifying the quantification algorithm.It is from the experiments that chosen plaintext attack is valid and improved algorithm possesses better performance.展开更多
Unified Irrpossible Differential (UID) cryptanalysis is a systeimtic method for finding impossible differentials for block ciphers. Regarding to the problem of automatically retrieving the impossible differential ch...Unified Irrpossible Differential (UID) cryptanalysis is a systeimtic method for finding impossible differentials for block ciphers. Regarding to the problem of automatically retrieving the impossible differential characteristics of block ciphers, with the use of particular intermediate difference state expression, UID gets the same or better results compared with other present cryptanalysis results. ARIA is a Korean block cipher expecting that there are no impossible differentials on four or rmre rounds. Based on a property of the Diffusion layer (DL) of ARIA, a specific selection is used before conflict searching to optimize. UID is applied to ARIA, and 6 721 impossible differential chains are found. The length of those chains is four rounds, the same as eisting results, but more varied in form Moreover, ARIA is a Substitution-Penmtation Network (SPN), not a Feistel structure or generalized Feistel structure as UID was applied to before.展开更多
This paper first presents an impossible differential property for 5-round Advanced Encryption Standard (AES) with high probability. Based on the property and the impossible differential cryptanalytic method for the ...This paper first presents an impossible differential property for 5-round Advanced Encryption Standard (AES) with high probability. Based on the property and the impossible differential cryptanalytic method for the 5-round AES, a new method is proposed for cryptanalyzing the 8-round AES-192 and AES-256. This attack on the reduced 8-round AES-192 demands 2^121 words of memory, and performs 2^148 8-round AES-192 encryptions. This attack on the reduced 8-round AES-256 demands 2^153 words of memory, and performs 2^180 8-round AES-256 encryptions. Furthermore, both AES-192 and AES-256 require about 2^98 chosen plaintexts for this attack, and have the same probability that is only 2^-3 to fail to recover the secret key.展开更多
Yang and Shieh proposed a timestamp-hased password authentication scheme. Fan and Shen gave differ- ent improvements on it. Wang claimed that Fan's improvement is insecure and gave his attack. Yang did the simi- lar ...Yang and Shieh proposed a timestamp-hased password authentication scheme. Fan and Shen gave differ- ent improvements on it. Wang claimed that Fan's improvement is insecure and gave his attack. Yang did the simi- lar things on Shen's scheme. This paper gave further cryptanalysis on Wang's and Yang's attacks and pointed out that both of their attacks are infeasible. Wang and Yang made the same mathematic mistake and their attacks are pseudo.展开更多
Chaos-based cryptosystems are considered a secure mode of communication due to their reliability.Chaotic maps are associated with the other domains to construct robust encryption algorithms.There exist numerous encryp...Chaos-based cryptosystems are considered a secure mode of communication due to their reliability.Chaotic maps are associated with the other domains to construct robust encryption algorithms.There exist numerous encryption schemes in the literature based on chaotic maps.This work aims to propose an attack on a recently proposed hyper-chaotic map-based cryptosystem.The core notion of the original algorithm was based on permutation and diffusion.A bitlevel permutation approach was used to do the permutation row-and column-wise.The diffusion was executed in the forward and backward directions.The statistical strength of the cryptosystem has been demonstrated by extensive testing conducted by the author of the cryptosystem.This cryptanalysis article investigates the robustness of this cryptosystem against a chosen-plaintext attack.The secret keys of the cryptosystem were retrieved by the proposed attack with 258 chosen-plain images.The results in this manuscript suggest that,in addition to standard statistical evaluations,thorough cryptanalysis of each newly suggested cryptosystem is necessary before it can be used in practical application.Moreover,the data retrieved is also passed through some statistical analysis to compare the quality of the original and retrieved data.The results of the performance analysis indicate the exact recovery of the original data.To make the cryptosystem useful for applications requiring secure data exchange,a few further improvement recommendations are also suggested.展开更多
A new attack on block ciphers is introduced, which is termed linear-differential cryptanalysis. It bases the combining of linear cryptanalysis and differential cryptanalysis, and works by using linear-differential pro...A new attack on block ciphers is introduced, which is termed linear-differential cryptanalysis. It bases the combining of linear cryptanalysis and differential cryptanalysis, and works by using linear-differential probability (LDP). Moreover, we present a new method for upper bounding the maximum linear-differential probability (MLDP) for 2 rounds of substitution permutation network (SPN) cipher structure. When our result applies to 2-round advanced encryption standard(AES), It is shown that the upper bound of MLDP is up to 1.68×2^-19, which extends the known results for the 2-round SPN. Furthermore, when using a recursive technique, we obtain that the MLDP for 4 rounds of AES is bounded by 2^-73.展开更多
This paper presents state-of-art cryptanalysis studies on attacks of the substitution and transposition ciphers using various metaheuristic algorithms.Traditional cryptanalysis methods employ an exhaustive search,whic...This paper presents state-of-art cryptanalysis studies on attacks of the substitution and transposition ciphers using various metaheuristic algorithms.Traditional cryptanalysis methods employ an exhaustive search,which is computationally expensive.Therefore,metaheuristics have attracted the interest of researchers in the cryptanalysis field.Metaheuristic algorithms are known for improving the search for the optimum solution and include Genetic Algorithm,Simulated Annealing,Tabu Search,Particle Swarm Optimization,Differential Evolution,Ant Colony,the Artificial Bee Colony,Cuckoo Search,and Firefly algorithms.The most important part of these various applications is deciding the fitness function to guide the search.This review presents how these algorithms have been implemented for cryptanalysis purposes.The paper highlights the results and findings of the studies and determines the gaps in the literature.展开更多
基金supported by the National Natural Science Foundation of China(Grant Nos.61502101 and 61170321)the Natural Science Foundation of Jiangsu Province,China(Grant No.BK20140651)+2 种基金the Research Fund for the Doctoral Program of Higher Education,China(Grant No.20110092110024)Funded by PAPDCICAEET
文摘The security of quantum broadcast communication(QBC) and authentication protocol based on Greenberger–Horne–Zeilinger(GHZ) state and quantum one-time pad is analyzed. It is shown that there are some security issues in this protocol.Firstly, an external eavesdropper can take the intercept–measure–resend attack strategy to eavesdrop on 0.369 bit of every bit of the identity string of each receiver without being detected. Meanwhile, 0.524 bit of every bit of the secret message can be eavesdropped on without being detected. Secondly, an inner receiver can take the intercept–measure–resend attack strategy to eavesdrop on half of the identity string of the other's definitely without being checked. In addition, an alternative attack called the CNOT-operation attack is discussed. As for the multi-party QBC protocol, the attack efficiency increases with the increase of the number of users. Finally, the QBC protocol is improved to a secure one.
基金Project supported by the National Natural Science Foundation of China (Grant Nos. 61173183, 60973152, and 60573172)the Doctoral Program Foundation of Institution of Higher Education of China (Grant No. 20070141014)+2 种基金the Program for Excellent Talents in Universities of Liaoning Province, China (Grant No. LR2012003)the Natural Science Foundation of Liaoning Province, China (Grant No. 20082165)the Fundamental Research Funds for the Central Universities of China (Grant No. DUT12JB06)
文摘A digital image encryption scheme using chaotic map lattices has been proposed recently. In this paper, two fatal flaws of the cryptosystem are pointed out. According to these two drawbacks, cryptanalysts could recover the plaintext by applying the chosen plaintext attack. Therefore, the proposed cryptosystem is not secure enough to be used in the image transmission system. Experimental results show the feasibility of the attack. As a result, we make some improvements to the encryption scheme, which can completely resist our chosen plaintext attack.
文摘In this paper, we analyze two signcryption schemes on elliptic curves proposed by Zheng Yu-liang and Hideki Imai. We point out a serious problem with the schemes that the elliptic curve based signcryption schemes lose confidentiality to gain non-repudiation. We also propose two improvement versions that not only overcome the security leak inherent in the schemes but also provide public verifiability or forward security. Our improvement versions require smaller computing cost than that required by signature-then-encryption methods.
基金Supported by the National Natural Science Foundation of China under Grant Nos 61402058,61572086 and 61370203the Fund for Middle and Young Academic Leaders of Chengdu University of Information Technology under Grant No J201511+2 种基金the Science and Technology Support Project of Sichuan Province under Grant No 2013GZX0137the Fund for Young Persons Project of Sichuan Province under Grant No 12ZB017the Foundation of Cyberspace Security Key Laboratory of Sichuan Higher Education Institutions under Grant No szjj2014-074
文摘In a recent work [Quantum Inf. Process 12 (2013) 1077], a multi-user protocol of quantum private comparison of equality (QPCE) is presented. Here we point out that if we relax the constraint of a semi-honest third party, the private information of the users will be totally leaked out to the third party. A special attack is demonstrated in detail. Furthermore, a possible improvement is proposed, which makes the protocol secure against this kind of attack.
基金supported by the National Natural Science Foundation of China (Grant Nos. 61173183, 60573172, and 60973152)the Doctoral Program Foundation of Institution of Higher Education of China (Grant No. 20070141014)the Natural Science Foundation of Liaoning Province, China (Grant No. 20082165)
文摘In this paper, we present the results for the security and the possible attacks on a new symmetric key encryption algorithm based on the ergodicity property of a logistic map. After analysis, we use mathematical induction to prove that the algorithm can be attacked by a chosen plaintext attack successfully and give an example to show how to attack it. According to the cryptanalysis of the originM Mgorithm, we improve the originM Mgorithm, and make a brief cryptanalysis. Compared with the original algorithm, the improved algorithm is able to resist a chosen plaintext attack and retain a considerable number of advantages of the original algorithm such as eneryption speed, sensitive dependence on the key, strong anti-attack capability, and so on.
基金supported in part by the National Natural Science Foundation of China(Grant Nos.61303212,61170080,61202386)the State Key Program of National Natural Science of China(Grant Nos.61332019,U1135004)+2 种基金the Major Research Plan of the National Natural Science Foundation of China(Grant No.91018008)Major State Basic Research Development Program of China(973 Program)(No.2014CB340600)the Hubei Natural Science Foundation of China(Grant Nos.2011CDB453,2014CFB440)
文摘Advances in quantum computers threaten to break public key cryptosystems such as RSA, ECC, and EIGamal on the hardness of factoring or taking a discrete logarithm, while no quantum algorithms are found to solve certain mathematical problems on non-commutative algebraic structures until now. In this background, Majid Khan et al.proposed two novel public-key encryption schemes based on large abelian subgroup of general linear group over a residue ring. In this paper we show that the two schemes are not secure. We present that they are vulnerable to a structural attack and that, it only requires polynomial time complexity to retrieve the message from associated public keys respectively. Then we conduct a detailed analysis on attack methods and show corresponding algorithmic description and efficiency analysis respectively. After that, we propose an improvement assisted to enhance Majid Khan's scheme. In addition, we discuss possible lines of future work.
文摘We ayptanalyze Kim et. al's one-time proxy signature scheme used in mobileagents, and then a successful forgery is introduced It is showed that a dishonest customer cansuccessfully forge a valid one-time proxy signature by impersonating the stiver Furthermore, he canrequest the server with responsibility for the forged bidding information.
基金supported by the State Key Program of National Natural Science of China(Grant Nos. 61332019)the National Natural Science Foundation of China (61572303)+7 种基金National Key Research and Development Program of China ( 2017YFB0802003 , 2017YFB0802004)National Cryptography Development Fund during the 13th Five-year Plan Period (MMJJ20170216)the Foundation of State Key Laboratory of Information Security (2017-MS-03)the Fundamental Research Funds for the Central Universities(GK201702004,GK201603084)Major State Basic Research Development Program of China (973 Program) (No.2014CB340600)National High-tech R&D Program of China(2015AA016002, 2015AA016004)Natural Science Foundation of He Bei Province (No. F2017201199)Science and technology research project of Hebei higher education (No. QN2017020)
文摘A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryption scheme. We propose an algebraic key-recovery attack in the polynomial computational complexity. Furthermore, we peel off the encryption and decryption process and propose attack methods for solving the conjugator search problem over the given non-abelian group. Finally, we provide corresponding practical attack examples to illustrate the attack methods in our cryptanalysis, and provide some improved suggestions.
基金Supported by the National Natural Science Foundation of China(10871205)
文摘Recently,Hwang et al.proposed a (t,n) threshold-proxy (c,m) thresholdsignature schemes,in which only any t or more original signers of n original signers can authorize a proxy group of m proxy signers and then only c or more proxy signers can cooperatively generate threshold-proxy threshold-signature.In this scheme,they claimed that original signers cannot forge the proxy signature and the proxy signers cannot forge signature on behalf of the original signers.However,in this paper,we will give a attack to show that their scheme can not resist impersonation attacks.
文摘The Tiny Encryption Algorithm (TEA) is a Feistel block cipher well known for its simple implementation, small memory footprint, and fast execution speed. In two previous studies, genetic algorithms (GAs) were employed to investigate the randomness of TEA output, based on which distinguishers for TEA could be designed. In this study, we used quan-tum-inspired genetic algorithms (QGAs) in the cryptanalysis of TEA. Quantum chromosomes in QGAs have the advan-tage of containing more information than the binary counterpart of the same length in GAs, and therefore generate a more diverse solution pool. We showed that QGAs could discover distinguishers for reduced cycle TEA that are more efficient than those found by classical GAs in two earlier studies. Furthermore, we applied QGAs to break four-cycle and five-cycle TEAs, a considerably harder problem, which the prior GA approach failed to solve.
基金the National Basic Research Program of China(No. 2006CB303104)the City University of Hong Kong under theSRG Project, China (No. 7002134)
文摘This paper studies the security of an image encryption scheme based on the Hill cipher (Ismail et al., 2006) and reports its following problems: (1) There is a simple necessary and sufficient condition that makes a number of secret keys invalid; (2) It is insensitive to the change of the secret key; (3) It is insensitive to the change of the plain-image; (4) It can be broken with only one known/chosen plaintext; (5) It has some other minor defects. The proposed cryptanalysis discourages any use of the scheme in practice.
文摘The security of Canard-Traore fair e-cash system scheme was believed to depend on the strong-RSA assumption and the Decision Diffie-Hellman assumption in groups of unknown order. But it is not the case. The cryptanalysis on Canard-Traore fair e-cash system was presented. An algorithm was designed to show that Canard-Traore fair e-cash system is insecure: It is forgeability. Further, two drawbacks on Canard-Traore fair e-cash system scheme were pointed out. One is that those integer intervals for si(i=1,…,9) are unappropriate. The other is that the datum s3 in signature data is redundant. Moreover, a minute description of the technique to shun the challenge in the scheme was presented. The technique is helpful for designing new group signature schemes in the future.
基金this paper was partially supported by the National Natural Science Foundation of China(Grant No.61601517)basic and advanced technology research project of Henan Province,China(Grant No.2014302703).
文摘Due to the characteristics of chaotic systems,different cryptosystems based on chaos have been proposed to satisfy the security of multimedia data.A plain image-related chaotic algorithm is proposed by Luo et al.with high speed and efficiency.Security weaknesses of the cryptosystem are studied in this paper.It is found that the important secret key information is leaked because an important parameter can be obtained after an inverse operation in the last step of the cryptosystems without secret key.Meanwhile,the value zero is processed improperly in quantification algorithm.Based on the weaknesses,chosen plaintext attack on the cryptosystem is proposed,by which,an important parameter,equivalent to secret key,can be calculated with a specific chosen plain image.With the obtained parameter,the plain image of any ciphered image,encrypted by the cryptosystem,can be recovered.Then,an improvement is proposed to solve the problems after modifying the quantification algorithm.It is from the experiments that chosen plaintext attack is valid and improved algorithm possesses better performance.
基金Acknowledgements This paper was supported by the National Natural Science Foundation of China under Ccant No.61073149 the Research Fund for the Doctoral Program of Higher Education of China under Grant No. 20090073110027.
文摘Unified Irrpossible Differential (UID) cryptanalysis is a systeimtic method for finding impossible differentials for block ciphers. Regarding to the problem of automatically retrieving the impossible differential characteristics of block ciphers, with the use of particular intermediate difference state expression, UID gets the same or better results compared with other present cryptanalysis results. ARIA is a Korean block cipher expecting that there are no impossible differentials on four or rmre rounds. Based on a property of the Diffusion layer (DL) of ARIA, a specific selection is used before conflict searching to optimize. UID is applied to ARIA, and 6 721 impossible differential chains are found. The length of those chains is four rounds, the same as eisting results, but more varied in form Moreover, ARIA is a Substitution-Penmtation Network (SPN), not a Feistel structure or generalized Feistel structure as UID was applied to before.
基金Supported by the Foundation of National Labora-tory for Modern Communications (51436030105DZ0105)
文摘This paper first presents an impossible differential property for 5-round Advanced Encryption Standard (AES) with high probability. Based on the property and the impossible differential cryptanalytic method for the 5-round AES, a new method is proposed for cryptanalyzing the 8-round AES-192 and AES-256. This attack on the reduced 8-round AES-192 demands 2^121 words of memory, and performs 2^148 8-round AES-192 encryptions. This attack on the reduced 8-round AES-256 demands 2^153 words of memory, and performs 2^180 8-round AES-256 encryptions. Furthermore, both AES-192 and AES-256 require about 2^98 chosen plaintexts for this attack, and have the same probability that is only 2^-3 to fail to recover the secret key.
文摘Yang and Shieh proposed a timestamp-hased password authentication scheme. Fan and Shen gave differ- ent improvements on it. Wang claimed that Fan's improvement is insecure and gave his attack. Yang did the simi- lar things on Shen's scheme. This paper gave further cryptanalysis on Wang's and Yang's attacks and pointed out that both of their attacks are infeasible. Wang and Yang made the same mathematic mistake and their attacks are pseudo.
基金The authors are thankful to the Deanship of Scientific Research at Najran University for funding this work under the Research Groups Funding program grant code(NU/RG/SERC/11/4).
文摘Chaos-based cryptosystems are considered a secure mode of communication due to their reliability.Chaotic maps are associated with the other domains to construct robust encryption algorithms.There exist numerous encryption schemes in the literature based on chaotic maps.This work aims to propose an attack on a recently proposed hyper-chaotic map-based cryptosystem.The core notion of the original algorithm was based on permutation and diffusion.A bitlevel permutation approach was used to do the permutation row-and column-wise.The diffusion was executed in the forward and backward directions.The statistical strength of the cryptosystem has been demonstrated by extensive testing conducted by the author of the cryptosystem.This cryptanalysis article investigates the robustness of this cryptosystem against a chosen-plaintext attack.The secret keys of the cryptosystem were retrieved by the proposed attack with 258 chosen-plain images.The results in this manuscript suggest that,in addition to standard statistical evaluations,thorough cryptanalysis of each newly suggested cryptosystem is necessary before it can be used in practical application.Moreover,the data retrieved is also passed through some statistical analysis to compare the quality of the original and retrieved data.The results of the performance analysis indicate the exact recovery of the original data.To make the cryptosystem useful for applications requiring secure data exchange,a few further improvement recommendations are also suggested.
基金Supported by the National Natural Science Foun-dation of China(60503010) and the Foundation of National Laboratory for Modern communications(51436030105DZ0105)
文摘A new attack on block ciphers is introduced, which is termed linear-differential cryptanalysis. It bases the combining of linear cryptanalysis and differential cryptanalysis, and works by using linear-differential probability (LDP). Moreover, we present a new method for upper bounding the maximum linear-differential probability (MLDP) for 2 rounds of substitution permutation network (SPN) cipher structure. When our result applies to 2-round advanced encryption standard(AES), It is shown that the upper bound of MLDP is up to 1.68×2^-19, which extends the known results for the 2-round SPN. Furthermore, when using a recursive technique, we obtain that the MLDP for 4 rounds of AES is bounded by 2^-73.
基金This study is supported by Erciyes University Research Projects Unit with grant number FDK-2016-7085the initials of authors who received the grant are A and B and the URL to sponsors’websites is http://bap.erciyes.edu.tr/。
文摘This paper presents state-of-art cryptanalysis studies on attacks of the substitution and transposition ciphers using various metaheuristic algorithms.Traditional cryptanalysis methods employ an exhaustive search,which is computationally expensive.Therefore,metaheuristics have attracted the interest of researchers in the cryptanalysis field.Metaheuristic algorithms are known for improving the search for the optimum solution and include Genetic Algorithm,Simulated Annealing,Tabu Search,Particle Swarm Optimization,Differential Evolution,Ant Colony,the Artificial Bee Colony,Cuckoo Search,and Firefly algorithms.The most important part of these various applications is deciding the fitness function to guide the search.This review presents how these algorithms have been implemented for cryptanalysis purposes.The paper highlights the results and findings of the studies and determines the gaps in the literature.
