Distribution of Random Session Key Based on Key-Insulated Public-Key Cryptosystems

Based on the characteristic of key-insulated public-key cryptosystem, wepropose a distributed landora session keys distribution protocol without a key distribution center.The session key is generated by different user and only used one time. So thekey is one-time key. Inaddition, the user who generates the next one-time key, is random selected by the current sessionkey. In the protocol of this paper, the characteristic of time in the key-insulated public-key, adistributed protocol, translates into the characteristic of spaee which every point has differentsecret key in the different period. At the same time, the system is fit for key management in AdHoe, and is a new scheme of key management in Ad Hoc.

A JOINT SIGNATURE ENCRYPTION AND ERROR CORRECTION PUBLIC-KEY CRYPTOSYSTEM BASED ON ALGEBRAIC CODING THEORY

A joint signature,encryption and error correction public-key cryptosystem is pre-sented based on an NP-completeness problem-the decoding problem of general linear codes inalgebraic coding theory,

Chosen-Ciphertext Attack Secure Public-Key Encryption with Keyword Search

As the use of cloud storage for various services increases,the amount of private personal information along with data stored in the cloud storage is also increasing.To remotely use the data stored on the cloud storage,the data to be stored needs to be encrypted for this reason.Since“searchable encryption”is enable to search on the encrypted data without any decryption,it is one of convenient solutions for secure data management.A public key encryption with keyword search(for short,PEKS)is one of searchable encryptions.Abdalla et al.firstly defined IND-CCA security for PEKS to enhance it’s security and proposed consistent IND-CCA secure PEKS based on the“robust”ANO-CCA secure identity-based encryption(IBE).In this paper,we propose two generic constructions of consistent IND-CCA secure PEKS combining(1)a hierarchical identity based encryption(for short,HIBE)and a signature scheme or(2)a HIBE,an encapsulation,and a message authentication code(for short,MAC)scheme.Our generic constructions identify that HIBE requires the security of a signature or a MAC as well as the weaker“ANO-CPA security(resp.,IND-CPA security)”of HIBE than“ANOCCA security(resp.,IND-CCA security)”of IBE required in for achieving IND-CCA secure(resp.,consistent)PEKS.Finally,we prove that our generic constructions satisfy IND-CCA security and consistency under the security models.

ATTACKS ON REAL POLYNOMIAL TYPE PUBLIC-KEY CRYPTOSYSTEMS AND DISCUSSION ON RELATED PROBLEMS

The real polynomial type public-key cryptosystems are broken up by computing the equivalent secure keys, then some computational problems related to securities of cryptosystems are discussed.

New Practical Algebraic Public-Key Cryptosystem and Some Related Algebraic and Computational Aspects

The most popular present-day public-key cryptosystems are RSA and ElGamal cryptosystems. Some practical algebraic generalization of the ElGamal cryptosystem is considered-basic modular matrix cryptosystem (BMMC) over the modular matrix ring M2(Zn). An example of computation for an artificially small number n is presented. Some possible attacks on the cryptosystem and mathematical problems, the solution of which are necessary for implementing these attacks, are studied. For a small number n, computational time for compromising some present-day public-key cryptosystems such as RSA, ElGamal, and Rabin, is compared with the corresponding time for the ВММС. Finally, some open mathematical and computational problems are formulated.

A New Public-Key Encryption Scheme

This paper proposes a new public-key encryption scheme which removes one element from the public-key tuple of the original Cramer-Shoup scheme. As a result, a ciphertext is not a quadruple but a triple at the cost of a strong assumption, the third version of knowledge of exponent assumption （KEA3）. Under assumptions of KEA3, a decision Diffie-Hellman （DDH） and a variant of target collision resistance （TCRv）, the new scheme is proved secure against indistinguishable adaptive chosen ciphertext attack （IND-CCA2）. This scheme is as efficient as Damgard ElGamal （DEG） scheme when it makes use of a well-known algorithm for product of exponentiations. The DEG scheme is recently proved IND-CCA1 secure by Bellare and Palacio in ASIACRYPT 2004 under another strong assumption. In addition to our IND-CCA2 secured scheme, we also believe that the security proof procedure itself provides a well insight for ElGamal-based encryption schemes which are secure in real world.

Updatable Identity-Based Hash Proof System Based on Lattices and Its Application to Leakage-Resilient Public-Key Encryption Schemes

Identity-based hash proof system is a basic and important primitive. Ittographic schemes and protocols that are secure against key-leakage attacks. In thisupdatable identity-based hash proof system, in which the related master secret keyis widely utilized to construct cryp-paper, we introduce the concept ofand the identity secret key can beupdated securely. Then, we instantiate this primitive based on lattices in the standard model. Moreover, we introduce anapplication of this new primitive by giving a generic construction of leakage-resilient public-key encryption schemes withanonymity. This construction can be considered as the integration of the bounded-retrieval model and the continual leakagemodel. Compared with the existing leakage-resilient schemes, our construction not only is more efficient but also can resistmuch more key leakage.

BREAKING A CLASS OF PUBLIC-KEY CRYPTOSYSTEMS WITH EUCLID ALGORITHM

Okamoto public-key cryptosystem (abbr. OPKC)has drawn considerable attention for its convenience and rapidity of encryption and decryption. K. Koyama, A.Shamir, B. Vallee and others already analyzed it and presented some attacks. This report gives OPKC an elementary attack, which can not only break completely both the systems of OPKC but also be used to attack other public-key cryptosystems similar to OPKC, such as

Review of Public-Key Cryptosystem Based on the Error Correcting Code

The paper review the public-key cryptosystems based on the error correcting codes such as Goppa code, BCH code, RS code, rank distance code, algebraic geometric code as well as LDPC code, and made the comparative analyses of the merits and drawbacks of them. The cryptosystem based on Goppa code has high security, but can be achieved poor. The cryptosystems based on other error correcting codes have higher performance than Goppa code. But there are still some disadvantages to solve. At last, the paper produce an assumption of the Niederreiter cascade combination cryptosystem based on double public-keys under complex circumstances, which has higher performance and security than the traditional cryptosystems.

Tightly Secure Public-Key Cryptographic Schemes from One-More Assumptions

A tightly secure cryptographic scheme refers to a construction with a tight security reduction to a hardness assumption,where the reduction loss is a small constant.A scheme with tight security is preferred in practice since it could be implemented using a smaller parameter to improve efficiency.Recently,Bader et al.(EUROCRYPT 2016)have proposed a comprehensive study on the impossible tight security reductions for certain(e.g.,key-unique)public-key cryptographic schemes in the multi-user with adaptive corruptions(MU-C)setting built upon non-interactive assumptions.The assumptions of one-more version,such as one-more computational Diffie-Hellman(n-CDH),are variants of the standard assumptions and have found various applications.However,whether it is possible to have tightly secure key-unique schemes from the one-more assumptions or the impossible tight reduction results also hold for these assumptions remains unknown.In this paper,we give affirmative answers to the above question,i.e.,we can have efficient key-unique public-key cryptographic schemes with tight security built upon the one-more assumptions.Specifically,we propose a digital signature scheme and an encryption scheme,both of which are key-unique and have tight MU-C security under the one-more computational Diffie-Hellman(n-CDH)assumption.Our results also reflect from another aspect that there indeed exists a gap between the standard assumptions and their one-more version counterparts.

Secure and Energy Efficient Design of Multi-Modular Exponential Techniques for Public-Key Cryptosystem

The present paper proposes a secure design of the energy-efficient multi-modular exponential techniques that use store and reward method and store and forward method.Computation of the multi-modular exponentiation can be performed by three novel algorithms:store and reward,store and forward 1-bit(SFW1),and store and forward 2-bit(SFW2).Hardware realizations of the proposed algorithms are analyzed in terms of throughput and energy.The experimental results show the proposed algorithms SFW1 and SFW2 increase the throughput by orders of 3.98% and 4.82%,reducing the power by 5.32% and 6.15% and saving the energy in the order of 3.95% and 4.75%,respectively.The proposed techniques can prevent possible side-channel attacks and timing attacks as a consequence of an inbuilt confusion mechanism.Xilinx Vivado-21 on Virtex-7 evaluation board and integrated computer application for recognizing user services(ICARUS)Verilog simulation and synthesis tools are used for field programmable gate array(FPGA)for hardware realization.The hardware compatibility of proposed algorithms has also been checked using Cadence for application specific integrated circuit(ASIC).

Further research on public-key cryptosystems based on third-order recurrence sequence

Properties of third-order recurrence sequences were investigated and a new variant of the GH public-key cryptosystem,which was further improved to be a probabil-istic public-key cryptosystem,was proposed.Then security analysis of the proposed scheme was provided and it was proved that the one-wayness of the proposed scheme is equivalent to partial discrete logarithm and its semantic se-curity is equivalent to decisional Diffie-Hellman problem in ring extension.Finally,efficiency analysis of the proposed scheme was provided,and that these two encryption schemes need to transfer 2log N and 4log N bits data re-spectively.

Blockchain-Assisted Secure Fine-Grained Searchable Encryption for a Cloud-Based Healthcare Cyber-Physical System

The concept of sharing of personal health data over cloud storage in a healthcare-cyber physical system has become popular in recent times as it improves access quality.The privacy of health data can only be preserved by keeping it in an encrypted form,but it affects usability and flexibility in terms of effective search.Attribute-based searchable encryption(ABSE)has proven its worth by providing fine-grained searching capabilities in the shared cloud storage.However,it is not practical to apply this scheme to the devices with limited resources and storage capacity because a typical ABSE involves serious computations.In a healthcare cloud-based cyber-physical system(CCPS),the data is often collected by resource-constraint devices;therefore,here also,we cannot directly apply ABSE schemes.In the proposed work,the inherent computational cost of the ABSE scheme is managed by executing the computationally intensive tasks of a typical ABSE scheme on the blockchain network.Thus,it makes the proposed scheme suitable for online storage and retrieval of personal health data in a typical CCPS.With the assistance of blockchain technology,the proposed scheme offers two main benefits.First,it is free from a trusted authority,which makes it genuinely decentralized and free from a single point of failure.Second,it is computationally efficient because the computational load is now distributed among the consensus nodes in the blockchain network.Specifically,the task of initializing the system,which is considered the most computationally intensive,and the task of partial search token generation,which is considered as the most frequent operation,is now the responsibility of the consensus nodes.This eliminates the need of the trusted authority and reduces the burden of data users,respectively.Further,in comparison to existing decentralized fine-grained searchable encryption schemes,the proposed scheme has achieved a significant reduction in storage and computational cost for the secret key associated with users.It has been verified both theoretically and practically in the performance analysis section.

A NEW RSA CRYPTOSYSTEM HARDWARE IMPLEMENTATION BASED ON MONTGOMERY'S ALGORITHM

RSA public key crypto system is a relatively safe technology, which is widely used in today’s secure electronic communication. In this paper, a new implementation method to optimize a 1 024 bit RSA processor was presented. Basically, a fast modular multiplication architecture based on Montgomery’s algorithm was proposed. Modular exponentiation algorithm scans encryption from right to left, so two modular multiplications can be processed parallel. The new architecture is also fit for an effective I/O interface. The time to calculate a modular exponentiation is about n 2 clock cycles. The proposed architecture has a data rate of 93.7 kb/s for 1 024 bit work with a 100 MHz clock.

A NEW SCHEME BASED ON THE MI SCHEME AND ITS ANALYSIS

This article aims at designing a new Multivariate Quadratic (MQ) public-key scheme to avoid the linearization attack and differential attack against the Matsumoto-Imai (MI) scheme. Based on the original scheme, our new scheme, named the Multi-layer MI (MMI) scheme, has a structure of multi-layer central map. Firstly, this article introduces the MI scheme and describes linearization attack and differential attack; then prescribes the designation of MMI in detail, and proves that MMI can resist both linearization attack and differential attack. Besides, this article also proves that MMI can resist recent eXtended Linearization (XL)-like methods. In the end, this article concludes that MMI also maintains the efficiency of MI.

Double-Moduli Gaussian Encryption/Decryption with Primary Residues and Secret Controls

In this paper an encryption-decryption algorithm based on two moduli is described: one in the real field of integers and another in the field of complex integers. Also the proper selection of cryptographic system parameters is described. Several numeric illustrations explain step-by-step how to precondition a plaintext, how to select secret control parameters, how to ensure feasibility of all private keys and how to avoid ambiguity in the process of information recovery. The proposed cryptographic system is faster than most of known public key cryptosystems, since it requires a small number of multiplications and additions, and does not require exponentiations for its implementation.

On the Selection of Random Numbers in the ElGamal Algorithm

The EIGamal algorithm, which can be used for both signature and encryption, is of importance in public-key cryptosystems. However, there has arisen an issue that different criteria of selecting a random number are used for the same algorithm. In the aspects of the sufficiency, necessity, security and computational overhead of parameter selection, this paper analyzes these criteria in a comparative manner and points out the insecurities in some textbook cryptographic schemes. Meanwhile, in order to enhance security a novel generalization of the EIGamal signature scheme is made by expanding the range of selecting random numbers at an acceptable cost of additional computation, and its feasibility is demonstrated.

A New Sequential Digital Multi-Signature Scheme

The paper proposes a new sequential digital multi-signature scheme based on Knapsack public-key cryptosystem,which is different from the existing scheme.The advantages of this scheme over the existing schemes are that it simplifies the signature generation process and speeds up the signature verification process.What’s more,the scheme reduces the cost of communication and redundancy operation, and improves efficiency,and can avoid cheating by signer efficiently,so the scheme has very broad application prospects.

Polynomial Analysis of DH Secrete Key and Bit Security

In this paper, we lower the upper bound of the number of solutions of oracletransformation polynomial F(x) over GF(q) So one can also recover all the secrete keys with fewercalls We use our generalized ' even-and-odd test' method to recover the least significant p-adic'bits' of representations of the Lucas Cryptosystem secret keys x Finally, we analyze the EfficientCompact Subgroup Trace Representation (XTR) Diffic-Hellmen secrete keys and point out that if theorder of XIR-subgroup has a specialform then all the bits of the secrete key of XIR ean be recoveredform any bit of the exponent x.

A Practical Approach to Attaining Chosen Ciphertext Security

Strong security in public key cryptography is not enongh; the encryption has to be achieved in an efficient way. OAEP or SAEP is only suitable for special applications （e. g. key transport）, and securely transporting message of any length is a challenge. Motivated by the hybrid encryption, we present a practical approach to achieve the （adaptively） chosen eiphertext security. The time cost of encryption/decryption of proposed scheme is similar to OAEP and the bandwidth of message recovery is 92% for standard security parameter, while RSA-OAEP is 84%. The scheme is also provably secure against adaptively chosen ciphertext attacks in the random oracle model. We conclude that the approach is practical in more extensive application.