Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we...Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we propose an efficient multi-recipient signcryption scheme based on the bilinear pairings, which broadcasts a message to multiple users in a secure and authenticated manner. We prove its semantic security and unforgeability under the Gap Diffie-Hellman problem assumption in the random oracle model. The proposed scheme is more efficient than re-signcrypting a message n times using a signcryption scheme in terms of computational costs and communication overheads.展开更多
提出了一种新的椭圆曲线快速安全的标量乘算法。利用佩尔序列前后项分割比产生新的佩尔型点加-倍点链(Pell Type Double-and-Add Chain,PTDAC),其循环固定的"倍点-点加"操作可天然抵抗简单能量分析(Simple Power Analysis,SPA...提出了一种新的椭圆曲线快速安全的标量乘算法。利用佩尔序列前后项分割比产生新的佩尔型点加-倍点链(Pell Type Double-and-Add Chain,PTDAC),其循环固定的"倍点-点加"操作可天然抵抗简单能量分析(Simple Power Analysis,SPA)攻击。PTDAC算法结合Edwards椭圆曲线可从底层域减少运算时间,进一步优化算法。经过理论分析和仿真实验表明,PTDAC算法在最优情况下比EAC-270和GRAC-258算法在时间效率上分别提高了2.6%和22.8%。展开更多
This paper presents an improved simple power attack against the key schedule of Camellia. While the original attack required an exact determination of the Hamming weight of intermediate data values based on power meas...This paper presents an improved simple power attack against the key schedule of Camellia. While the original attack required an exact determination of the Hamming weight of intermediate data values based on power measurements, in this paper, two types of the simple power attack are presented and shown to be tolerant of errors that might occur in the Hamming weight determinations. In practical applications of the attack, such errors are likely to occur due to noise and distortion in the power measurements and their mapping to the Hamming weights of the data. To resist these attacks, the required design rationale of key schedules and several practical countermeasures are suggested.展开更多
The security of the RSA system with the prime pairs of some special form is investigated. A new special-purpose algorithm for factoring RSA numbers is proposed. The basic idea of the method is to factor RSA numbers by...The security of the RSA system with the prime pairs of some special form is investigated. A new special-purpose algorithm for factoring RSA numbers is proposed. The basic idea of the method is to factor RSA numbers by factoring a well-chosen quadratic polynomial with integral coefficients. When viewed as a general-purpose algorithm, the new algorithm has a high computational complexity. It is shown thai the RSA number n = pq can be easily factored if p and q have the special form of p = as+b, q=cs+d, where a, b, c, d are relatively small numbers. Such prime pairs (p, q) are the weak keys of RSA, so when we generate RSA modulus, we should avoid using such prime pairs (p, q).展开更多
Side-channel attacks (SCA) may exploit leakage information to break cryptosystems. In this paper we present a new SCA resistant Elliptic Curve scalar multiplication algorithm. The proposed algorithm, builds a sequen...Side-channel attacks (SCA) may exploit leakage information to break cryptosystems. In this paper we present a new SCA resistant Elliptic Curve scalar multiplication algorithm. The proposed algorithm, builds a sequence of bit-strings representing the scalar k, characterized by the fact that all bit-strings are different from zero; this property will ensure a uniform computation behavior for the algorithm, and thus will make it secure against simple power analysis attacks (SPA). With other randomization techniques, the proposed countermeasures do not penalize the computation time. The proposed scheme is more efficient than MOEller's one, its cost being about 5% to 10% smaller than MOEller's one.展开更多
基金Supported by the National Natural Science Foundation of China (60473029)
文摘Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we propose an efficient multi-recipient signcryption scheme based on the bilinear pairings, which broadcasts a message to multiple users in a secure and authenticated manner. We prove its semantic security and unforgeability under the Gap Diffie-Hellman problem assumption in the random oracle model. The proposed scheme is more efficient than re-signcrypting a message n times using a signcryption scheme in terms of computational costs and communication overheads.
文摘提出了一种新的椭圆曲线快速安全的标量乘算法。利用佩尔序列前后项分割比产生新的佩尔型点加-倍点链(Pell Type Double-and-Add Chain,PTDAC),其循环固定的"倍点-点加"操作可天然抵抗简单能量分析(Simple Power Analysis,SPA)攻击。PTDAC算法结合Edwards椭圆曲线可从底层域减少运算时间,进一步优化算法。经过理论分析和仿真实验表明,PTDAC算法在最优情况下比EAC-270和GRAC-258算法在时间效率上分别提高了2.6%和22.8%。
基金the National Natural Science Foundation of China (60673072)the Natural Basic Research Program of China (2007CB311201)
文摘This paper presents an improved simple power attack against the key schedule of Camellia. While the original attack required an exact determination of the Hamming weight of intermediate data values based on power measurements, in this paper, two types of the simple power attack are presented and shown to be tolerant of errors that might occur in the Hamming weight determinations. In practical applications of the attack, such errors are likely to occur due to noise and distortion in the power measurements and their mapping to the Hamming weights of the data. To resist these attacks, the required design rationale of key schedules and several practical countermeasures are suggested.
基金Supported by the National Natural Science Foun-dation of China (60473029)
文摘The security of the RSA system with the prime pairs of some special form is investigated. A new special-purpose algorithm for factoring RSA numbers is proposed. The basic idea of the method is to factor RSA numbers by factoring a well-chosen quadratic polynomial with integral coefficients. When viewed as a general-purpose algorithm, the new algorithm has a high computational complexity. It is shown thai the RSA number n = pq can be easily factored if p and q have the special form of p = as+b, q=cs+d, where a, b, c, d are relatively small numbers. Such prime pairs (p, q) are the weak keys of RSA, so when we generate RSA modulus, we should avoid using such prime pairs (p, q).
基金Supported by the National Natural ScienceFoundation of China (60473029)
文摘Side-channel attacks (SCA) may exploit leakage information to break cryptosystems. In this paper we present a new SCA resistant Elliptic Curve scalar multiplication algorithm. The proposed algorithm, builds a sequence of bit-strings representing the scalar k, characterized by the fact that all bit-strings are different from zero; this property will ensure a uniform computation behavior for the algorithm, and thus will make it secure against simple power analysis attacks (SPA). With other randomization techniques, the proposed countermeasures do not penalize the computation time. The proposed scheme is more efficient than MOEller's one, its cost being about 5% to 10% smaller than MOEller's one.