The design of an efficient one-way hash function with good performance is a hot spot in modern cryptography researches. In this paper, a hash function construction method based on cell neural network with hyper-chaos ...The design of an efficient one-way hash function with good performance is a hot spot in modern cryptography researches. In this paper, a hash function construction method based on cell neural network with hyper-chaos characteristics is proposed. First, the chaos sequence is gotten by iterating cellular neural network with Runge Kutta algorithm, and then the chaos sequence is iterated with the message. The hash code is obtained through the corre- sponding transform of the latter chaos sequence. Simulation and analysis demonstrate that the new method has the merit of convenience, high sensitivity to initial values, good hash performance, especially the strong stability.展开更多
During the past decade,rapid advances in wireless communication technologies have made it possible for users to access desired services using hand-held devices.Service providers have hosted multiple servers to ensure ...During the past decade,rapid advances in wireless communication technologies have made it possible for users to access desired services using hand-held devices.Service providers have hosted multiple servers to ensure seamless online services to end-users.To ensure the security of this online communication,researchers have proposed several multi-server authentication schemes incorporating various cryptographic primitives.Due to the low power and computational capacities of mobile devices,the hash-based multi-server authenticated key agreement schemes with offline Registration Server(RS)are the most efficient choice.Recently,Kumar-Om presented such a scheme and proved its security against all renowned attacks.However,we find that their scheme bears an incorrect login phase,and is unsafe to the trace attack,the Session-Specific Temporary Information Attack(SSTIA),and the Key Compromise Impersonation Attack(KCIA).In fact,all of the existing multi-server authentication schemes(hash-based with offline RS)do not withstand KCLA.To deal with this situation,we propose an improved hash-based multi-server authentication scheme(with offline RS).We analyze the security of the proposed scheme under the random oracle model and use the t4Automated Validation of Internet Security Protocols and Applications''(AVISPA)tool.The comparative analysis of communication overhead and computational complexity metrics shows the efficiency of the proposed scheme.展开更多
伪随机数发生器(pseudorandom number generator,PRNG)是重要的密码学概念.基于单向函数的伪随机数发生器起始于1982年的BMY发生器,将单向函数反复迭代,周期性地输出伪随机序列.单向函数的性质和种子长度关系到发生器的可实现性和安全性...伪随机数发生器(pseudorandom number generator,PRNG)是重要的密码学概念.基于单向函数的伪随机数发生器起始于1982年的BMY发生器,将单向函数反复迭代,周期性地输出伪随机序列.单向函数的性质和种子长度关系到发生器的可实现性和安全性,是此类发生器的2个重要参数.在分析现有工作的基础上,改进了单向函数的随机化迭代方式,基于不可逆性证明了迭代过程的安全性.迭代方式的改进消除了单向函数的长度保持性质,采用一般的压缩规范单向函数和通用散列函数构建伪随机数发生器.输出级与BMY发生器结构类似,以迭代函数的核心断言作为伪随机序列.基于与真随机序列的不可区分性,证明了伪随机数发生器的安全性.所构建的伪随机数发生器与现有同类发生器结构类似,但放松了对单向函数性质的要求,增强了可实现性,减小了种子长度,提高了效率.展开更多
This paper proposes a(t,n)-threshold verifiable secret sharing scheme with changeable parameters based on a trapdoor one-way function.This scheme consists of a generation phase,a distribution phase,an encoding phase a...This paper proposes a(t,n)-threshold verifiable secret sharing scheme with changeable parameters based on a trapdoor one-way function.This scheme consists of a generation phase,a distribution phase,an encoding phase and a reconstruction phase.The generation and distribution phases are,respectively,based on Shamir’s and Feldman’s approaches,while the encoding phase is based on a novel trapdoor one-way function.In the reconstruction phase,the shares and reconstructed secret are validated using a cryptographic hash function.In comparison with existing schemes,the proposed scheme leaks no direct information about the secret from public information.Furthermore,unlike some existing schemes,the generation and distribution phases of the proposed scheme are both independent of the secret.This feature leads to a number of advantages over existing approaches such as the dealer’s ability to perform the following modifications without updating the shares(i)modify the secret and(ii)adjust the threshold parameters of the scheme.Furthermore,each participant receives a single share,and designated participants can be given the privilege of choosing their own shares for reconstructing a secret S.Moreover,the proposed scheme possesses a high level of security which is inherited from the schemes of Shamir and Feldman,in addition to the trapdoor one-way function and the employed cryptographic hash function.展开更多
In order to meet people’s demand for various types of network services,researchers have conducted extensive research on authentication schemes for multi-server architecture.Although various schemes have been proposed...In order to meet people’s demand for various types of network services,researchers have conducted extensive research on authentication schemes for multi-server architecture.Although various schemes have been proposed,most of them still have safety defects and fail to meet safety requirements.Recently,Haq et al presented an efficient Hash-based authenticated key agreement scheme for multi-server scheme and claimed that their scheme can withstand all well-known attacks.However,we find that their scheme is vulnerable to replay attack,tracking attack and malicious server impersonation user attack.Then we propose an improved scheme.We also analyze the security of the improved scheme and compare with Haq et al’s scheme in security and computational efficiency.Furthermore,we use the AVISPA(Automated Validation of Internet Security Protocols and Applications)tool to verify the security of the improved scheme.展开更多
基金supported by Key Program of Natural Science Fund of Tianjin of China (Grant No 07JCZDJC06600)
文摘The design of an efficient one-way hash function with good performance is a hot spot in modern cryptography researches. In this paper, a hash function construction method based on cell neural network with hyper-chaos characteristics is proposed. First, the chaos sequence is gotten by iterating cellular neural network with Runge Kutta algorithm, and then the chaos sequence is iterated with the message. The hash code is obtained through the corre- sponding transform of the latter chaos sequence. Simulation and analysis demonstrate that the new method has the merit of convenience, high sensitivity to initial values, good hash performance, especially the strong stability.
文摘During the past decade,rapid advances in wireless communication technologies have made it possible for users to access desired services using hand-held devices.Service providers have hosted multiple servers to ensure seamless online services to end-users.To ensure the security of this online communication,researchers have proposed several multi-server authentication schemes incorporating various cryptographic primitives.Due to the low power and computational capacities of mobile devices,the hash-based multi-server authenticated key agreement schemes with offline Registration Server(RS)are the most efficient choice.Recently,Kumar-Om presented such a scheme and proved its security against all renowned attacks.However,we find that their scheme bears an incorrect login phase,and is unsafe to the trace attack,the Session-Specific Temporary Information Attack(SSTIA),and the Key Compromise Impersonation Attack(KCIA).In fact,all of the existing multi-server authentication schemes(hash-based with offline RS)do not withstand KCLA.To deal with this situation,we propose an improved hash-based multi-server authentication scheme(with offline RS).We analyze the security of the proposed scheme under the random oracle model and use the t4Automated Validation of Internet Security Protocols and Applications''(AVISPA)tool.The comparative analysis of communication overhead and computational complexity metrics shows the efficiency of the proposed scheme.
文摘伪随机数发生器(pseudorandom number generator,PRNG)是重要的密码学概念.基于单向函数的伪随机数发生器起始于1982年的BMY发生器,将单向函数反复迭代,周期性地输出伪随机序列.单向函数的性质和种子长度关系到发生器的可实现性和安全性,是此类发生器的2个重要参数.在分析现有工作的基础上,改进了单向函数的随机化迭代方式,基于不可逆性证明了迭代过程的安全性.迭代方式的改进消除了单向函数的长度保持性质,采用一般的压缩规范单向函数和通用散列函数构建伪随机数发生器.输出级与BMY发生器结构类似,以迭代函数的核心断言作为伪随机序列.基于与真随机序列的不可区分性,证明了伪随机数发生器的安全性.所构建的伪随机数发生器与现有同类发生器结构类似,但放松了对单向函数性质的要求,增强了可实现性,减小了种子长度,提高了效率.
文摘This paper proposes a(t,n)-threshold verifiable secret sharing scheme with changeable parameters based on a trapdoor one-way function.This scheme consists of a generation phase,a distribution phase,an encoding phase and a reconstruction phase.The generation and distribution phases are,respectively,based on Shamir’s and Feldman’s approaches,while the encoding phase is based on a novel trapdoor one-way function.In the reconstruction phase,the shares and reconstructed secret are validated using a cryptographic hash function.In comparison with existing schemes,the proposed scheme leaks no direct information about the secret from public information.Furthermore,unlike some existing schemes,the generation and distribution phases of the proposed scheme are both independent of the secret.This feature leads to a number of advantages over existing approaches such as the dealer’s ability to perform the following modifications without updating the shares(i)modify the secret and(ii)adjust the threshold parameters of the scheme.Furthermore,each participant receives a single share,and designated participants can be given the privilege of choosing their own shares for reconstructing a secret S.Moreover,the proposed scheme possesses a high level of security which is inherited from the schemes of Shamir and Feldman,in addition to the trapdoor one-way function and the employed cryptographic hash function.
基金Supported by the Applied Basic and Advanced Technology Research Programs of Tianjin(15JCYBJC15900)。
文摘In order to meet people’s demand for various types of network services,researchers have conducted extensive research on authentication schemes for multi-server architecture.Although various schemes have been proposed,most of them still have safety defects and fail to meet safety requirements.Recently,Haq et al presented an efficient Hash-based authenticated key agreement scheme for multi-server scheme and claimed that their scheme can withstand all well-known attacks.However,we find that their scheme is vulnerable to replay attack,tracking attack and malicious server impersonation user attack.Then we propose an improved scheme.We also analyze the security of the improved scheme and compare with Haq et al’s scheme in security and computational efficiency.Furthermore,we use the AVISPA(Automated Validation of Internet Security Protocols and Applications)tool to verify the security of the improved scheme.