The theory of quadratic residues plays an important role in cryptography.In 2001,Cocks developed an identity-based encryption(IBE)scheme based on quadratic residues,resolving Shamir’s 17-year-old open problem.However...The theory of quadratic residues plays an important role in cryptography.In 2001,Cocks developed an identity-based encryption(IBE)scheme based on quadratic residues,resolving Shamir’s 17-year-old open problem.However,a notable drawback of Cocks’scheme is the significant expansion of the ciphertext,and some of its limitations have been addressed in subsequent research.Recently,Cotan and Teşeleanu highlighted that previous studies on Cocks’scheme relied on a trial-and-error method based on Jacobi symbols to generate the necessary parameters for the encryption process.They enhanced the encryption speed of Cocks’scheme by eliminating this trialand-error method.Based on security analysis,this study concludes that the security of Cotan-Teşeleanu’s proposal cannot be directly derived from the security of the original Cocks’scheme.Furthermore,by adopting the Cotan-Teşeleanu method and introducing an additional variable as a public element,this study develops a similar enhancement scheme that not only accelerates the encryption speed but also provides security equivalent to the original Cocks’scheme.展开更多
Tag key encapsulation mechanism (Tag-KEM)/data encapsulation mechanism (DEM) is a hybrid framework proposed in 2005. Tag-t(EM is one of its parts by using public-key encryption (PKE) technique to encapsulate a ...Tag key encapsulation mechanism (Tag-KEM)/data encapsulation mechanism (DEM) is a hybrid framework proposed in 2005. Tag-t(EM is one of its parts by using public-key encryption (PKE) technique to encapsulate a symmetric key. In hybrid encryptions, the long-raessage PKE is not desired due to its slow operation. A general method is presented for constructing Tag-KEM schemes with short-message PKEs. The chosen ciphertext security is proved in the random oracle model. In the method, the treatment of the tag part brings no additional ciphertext redundancy. Among all the methods for constructing Tag-KEM, the method is the first one without any validity checking on the tag part, thus showing that the Tag-KEM/DEM framework is superior to KEM+DEM one.展开更多
A safe and reliable application system frame based on Internet and Intranet for Stock Supervision and Administration Council of China is built up. An all sided, multi tier and multi technical security method has be...A safe and reliable application system frame based on Internet and Intranet for Stock Supervision and Administration Council of China is built up. An all sided, multi tier and multi technical security method has been adopted, which includes identity recognition, data encryption, digital signature, Domino and WWW servers, access control list, directory service, certificate authorization server, IC card and so on. The recognition system based on CA server is a high efficient, convenient and reliable system. The encryption technology and security method are proved to be reliable. The recognition system is of high security and is worthy of being popularized in some places where some special security requirements need meeting. Multi tier technology can improve the security of database. Double keys method is a useful data encryption method.展开更多
Public key encryption scheme with keyword search (PEKS) enables us to search the encrypted data in a cloud server with a keyword, and no one can obtain any infor- mation about the encrypted data without the trapdoor...Public key encryption scheme with keyword search (PEKS) enables us to search the encrypted data in a cloud server with a keyword, and no one can obtain any infor- mation about the encrypted data without the trapdoor corresponding to the keyword. The PEKS is useful to keep the management of large data storages secure such as those in a cloud. In this paper, to protect against quantum computer attacks, we present a lattice-based identity-based encryption scheme with key- word search. We have proved that our scheme can achieve ciphertext indistinguishability in the random oracle model, and our scheme can also achieve trapdoor security. In particular, our scheme can designate a unique tester to test and return the search results, therefore it does not need a secure channel. To the best of our knowledge, our scheme is the first iden- tity-based encryption scheme with keyword search from lattice assumption.展开更多
Distributed certification via threshold cryptography is much more secu re than other ways to protect certification authority (CA) 's private key,and c an tolerate some intrusions. As the original system such as IT...Distributed certification via threshold cryptography is much more secu re than other ways to protect certification authority (CA) 's private key,and c an tolerate some intrusions. As the original system such as ITTC,etc.,is unsaf e ,inefficient and impracitcal in actual network environment,this paper brings u p a new distributed certification scheme,which although it generates key shares concentratively,it updates key shares distributedly,and so,avoids single-po in t failure like ITTC. It not only enhances robustness with Feldman verification and SSL protocol,but can also change the threshold (t,k) flexibly and robu stly,and so,is much more practical. In this work,the authors implement the prototype sy stem of the new scheme and test and analyze its performance.展开更多
This paper describes a new specialized Reconfigurable Cryptographic for Block ciphersArchitecture(RCBA).Application-specific computation pipelines can be configured according to thecharacteristics of the block cipher ...This paper describes a new specialized Reconfigurable Cryptographic for Block ciphersArchitecture(RCBA).Application-specific computation pipelines can be configured according to thecharacteristics of the block cipher processing in RCBA,which delivers high performance for crypto-graphic applications.RCBA adopts a coarse-grained reconfigurable architecture that mixes the ap-propriate amount of static configurations with dynamic configurations.RCBA has been implementedbased on Altera’s FPGA,and representative algorithms of block cipher such as DES,Rijndael and RC6have been mapped on RCBA architecture successfully.System performance has been analyzed,andfrom the analysis it is demonstrated that the RCBA architecture can achieve more flexibility and ef-ficiency when compared with other implementations.展开更多
Visual cryptography is a cryptographic technique which emerges in the information security domain in recent years. Each of the sharing sub-keys may be a stochastic noise image or a significative image with no informat...Visual cryptography is a cryptographic technique which emerges in the information security domain in recent years. Each of the sharing sub-keys may be a stochastic noise image or a significative image with no information on the original key. But a mass of sub-keys have to be saved actually, which faces the problem of inconvenient discrimination and management. This paper presents a visual cryptography scheme based on the digital signature for image discrimination and management, applying the digital signature and the time-stamp technology to the visual cryptography scheme. The scheme both solves the problem on the storage and management of the sharing sub-keys, increases the verification of image contents, thus enhances the validity of storage and management without security effect.展开更多
Attribute revocation is inevitable and al- so important for Attribute-Based Encryption (ABE) in practice. However, little attention has been paid to this issue, and it retrains one of the rmin obsta-cles for the app...Attribute revocation is inevitable and al- so important for Attribute-Based Encryption (ABE) in practice. However, little attention has been paid to this issue, and it retrains one of the rmin obsta-cles for the application of ABE. Most of existing ABE schemes support attribute revocation work under indirect revocation model such that all the users' private keys will be affected when the revo-cation events occur. Though some ABE schemes have realized revocation under direct revocation model such that the revocation list is embedded in the ciphertext and none of the users' private keys will be affected by revocation, they mostly focused on the user revocation that revokes the user's whole attributes, or they can only be proven to be selectively secure. In this paper, we first define a model of adaptively secure ABE supporting the at- tribute revocation under direct revocation model. Then we propose a Key-Policy ABE (KP-ABE) scheme and a Ciphertext-Policy ABE (CP-ABE) scheme on composite order bilinear groups. Finally, we prove our schemes to be adaptively secure by employing the methodology of dual system eno cryption.展开更多
The requirement of the flexible and effective implementation of the Elliptic Curve Cryptography (ECC) has become more and more exigent since its dominant position in the public-key cryptography application.Based on an...The requirement of the flexible and effective implementation of the Elliptic Curve Cryptography (ECC) has become more and more exigent since its dominant position in the public-key cryptography application.Based on analyzing the basic structure features of Elliptic Curve Cryptography (ECC) algorithms,the parallel schedule algorithm of point addition and doubling is presented.And based on parallel schedule algorithm,the Application Specific Instruction-Set Co-Processor of ECC that adopting VLIW architecture is also proposed in this paper.The coprocessor for ECC is implemented and validated using Altera’s FPGA.The experimental result shows that our proposed coprocessor has advantage in high performance and flexibility.展开更多
Autonomous aerial refueling(AAR)has demonstrated significant benefits to aviation by extending the aircraft range and endurance.It is of significance to assess system safety for autonomous aerial refueling.In this pap...Autonomous aerial refueling(AAR)has demonstrated significant benefits to aviation by extending the aircraft range and endurance.It is of significance to assess system safety for autonomous aerial refueling.In this paper,the reachability analysis method is adopted to assess system safety.Due to system uncertainties,the aerial refueling system can be considered as a stochastic system.Thus,probabilistic reachability is considered.Since there is a close relationship between reachability probability and collision probability,the collision probability of the AAR system is analyzed by using reachability analysis techniques.Then,the collision probability is accessed by using the Monte-Carlo experiment method.Finally,simulations demonstrate the effectiveness of the proposed safety assessment method.展开更多
Verifiably encrypted signatures are employed when a signer wants to sign a message for a verifier but does not want the verifier to possess his signature on the message until some certain requirements of his are satis...Verifiably encrypted signatures are employed when a signer wants to sign a message for a verifier but does not want the verifier to possess his signature on the message until some certain requirements of his are satisfied. This paper presented new verifiably encrypted signatures from bilinear pairings. The proposed signatures share the properties of simplicity and efficiency with existing verifiably encrypted signature schemes. To support the proposed scheme, it also exhibited security proofs that do not use random oracle assumption. For existential unforgeability, there exist tight security reductions from the proposed verifiably encrypted signature scheme to a strong but reasonable computational assumption.展开更多
基金Rising-Star Program of Shanghai 2023 Science and Technology Innovation Action Plan(Yangfan Special Project),China(No.23YF1401000)Fundamental Research Funds for the Central Universities,China(No.2232022D-25)。
文摘The theory of quadratic residues plays an important role in cryptography.In 2001,Cocks developed an identity-based encryption(IBE)scheme based on quadratic residues,resolving Shamir’s 17-year-old open problem.However,a notable drawback of Cocks’scheme is the significant expansion of the ciphertext,and some of its limitations have been addressed in subsequent research.Recently,Cotan and Teşeleanu highlighted that previous studies on Cocks’scheme relied on a trial-and-error method based on Jacobi symbols to generate the necessary parameters for the encryption process.They enhanced the encryption speed of Cocks’scheme by eliminating this trialand-error method.Based on security analysis,this study concludes that the security of Cotan-Teşeleanu’s proposal cannot be directly derived from the security of the original Cocks’scheme.Furthermore,by adopting the Cotan-Teşeleanu method and introducing an additional variable as a public element,this study develops a similar enhancement scheme that not only accelerates the encryption speed but also provides security equivalent to the original Cocks’scheme.
基金Supported by the National Natural Science Foundation of China(60603010,60970120)~~
文摘Tag key encapsulation mechanism (Tag-KEM)/data encapsulation mechanism (DEM) is a hybrid framework proposed in 2005. Tag-t(EM is one of its parts by using public-key encryption (PKE) technique to encapsulate a symmetric key. In hybrid encryptions, the long-raessage PKE is not desired due to its slow operation. A general method is presented for constructing Tag-KEM schemes with short-message PKEs. The chosen ciphertext security is proved in the random oracle model. In the method, the treatment of the tag part brings no additional ciphertext redundancy. Among all the methods for constructing Tag-KEM, the method is the first one without any validity checking on the tag part, thus showing that the Tag-KEM/DEM framework is superior to KEM+DEM one.
文摘A safe and reliable application system frame based on Internet and Intranet for Stock Supervision and Administration Council of China is built up. An all sided, multi tier and multi technical security method has been adopted, which includes identity recognition, data encryption, digital signature, Domino and WWW servers, access control list, directory service, certificate authorization server, IC card and so on. The recognition system based on CA server is a high efficient, convenient and reliable system. The encryption technology and security method are proved to be reliable. The recognition system is of high security and is worthy of being popularized in some places where some special security requirements need meeting. Multi tier technology can improve the security of database. Double keys method is a useful data encryption method.
基金supported by the National Natural Science Foundation of China (No.61370203)China Postdoctoral Science Foundation Funded Project (No.2017M623008)+1 种基金Scientific Research Starting Project of SWPU (No.2017QHZ023)State Scholarship Foundation of China Scholarship Council (No.201708515149)
文摘Public key encryption scheme with keyword search (PEKS) enables us to search the encrypted data in a cloud server with a keyword, and no one can obtain any infor- mation about the encrypted data without the trapdoor corresponding to the keyword. The PEKS is useful to keep the management of large data storages secure such as those in a cloud. In this paper, to protect against quantum computer attacks, we present a lattice-based identity-based encryption scheme with key- word search. We have proved that our scheme can achieve ciphertext indistinguishability in the random oracle model, and our scheme can also achieve trapdoor security. In particular, our scheme can designate a unique tester to test and return the search results, therefore it does not need a secure channel. To the best of our knowledge, our scheme is the first iden- tity-based encryption scheme with keyword search from lattice assumption.
文摘Distributed certification via threshold cryptography is much more secu re than other ways to protect certification authority (CA) 's private key,and c an tolerate some intrusions. As the original system such as ITTC,etc.,is unsaf e ,inefficient and impracitcal in actual network environment,this paper brings u p a new distributed certification scheme,which although it generates key shares concentratively,it updates key shares distributedly,and so,avoids single-po in t failure like ITTC. It not only enhances robustness with Feldman verification and SSL protocol,but can also change the threshold (t,k) flexibly and robu stly,and so,is much more practical. In this work,the authors implement the prototype sy stem of the new scheme and test and analyze its performance.
文摘This paper describes a new specialized Reconfigurable Cryptographic for Block ciphersArchitecture(RCBA).Application-specific computation pipelines can be configured according to thecharacteristics of the block cipher processing in RCBA,which delivers high performance for crypto-graphic applications.RCBA adopts a coarse-grained reconfigurable architecture that mixes the ap-propriate amount of static configurations with dynamic configurations.RCBA has been implementedbased on Altera’s FPGA,and representative algorithms of block cipher such as DES,Rijndael and RC6have been mapped on RCBA architecture successfully.System performance has been analyzed,andfrom the analysis it is demonstrated that the RCBA architecture can achieve more flexibility and ef-ficiency when compared with other implementations.
文摘Visual cryptography is a cryptographic technique which emerges in the information security domain in recent years. Each of the sharing sub-keys may be a stochastic noise image or a significative image with no information on the original key. But a mass of sub-keys have to be saved actually, which faces the problem of inconvenient discrimination and management. This paper presents a visual cryptography scheme based on the digital signature for image discrimination and management, applying the digital signature and the time-stamp technology to the visual cryptography scheme. The scheme both solves the problem on the storage and management of the sharing sub-keys, increases the verification of image contents, thus enhances the validity of storage and management without security effect.
文摘Attribute revocation is inevitable and al- so important for Attribute-Based Encryption (ABE) in practice. However, little attention has been paid to this issue, and it retrains one of the rmin obsta-cles for the application of ABE. Most of existing ABE schemes support attribute revocation work under indirect revocation model such that all the users' private keys will be affected when the revo-cation events occur. Though some ABE schemes have realized revocation under direct revocation model such that the revocation list is embedded in the ciphertext and none of the users' private keys will be affected by revocation, they mostly focused on the user revocation that revokes the user's whole attributes, or they can only be proven to be selectively secure. In this paper, we first define a model of adaptively secure ABE supporting the at- tribute revocation under direct revocation model. Then we propose a Key-Policy ABE (KP-ABE) scheme and a Ciphertext-Policy ABE (CP-ABE) scheme on composite order bilinear groups. Finally, we prove our schemes to be adaptively secure by employing the methodology of dual system eno cryption.
基金supported by the national high technology research and development 863 program of China.(2008AA01Z103)
文摘The requirement of the flexible and effective implementation of the Elliptic Curve Cryptography (ECC) has become more and more exigent since its dominant position in the public-key cryptography application.Based on analyzing the basic structure features of Elliptic Curve Cryptography (ECC) algorithms,the parallel schedule algorithm of point addition and doubling is presented.And based on parallel schedule algorithm,the Application Specific Instruction-Set Co-Processor of ECC that adopting VLIW architecture is also proposed in this paper.The coprocessor for ECC is implemented and validated using Altera’s FPGA.The experimental result shows that our proposed coprocessor has advantage in high performance and flexibility.
基金This work was supported by the National Natural Science Foundation of China(No.61933010).
文摘Autonomous aerial refueling(AAR)has demonstrated significant benefits to aviation by extending the aircraft range and endurance.It is of significance to assess system safety for autonomous aerial refueling.In this paper,the reachability analysis method is adopted to assess system safety.Due to system uncertainties,the aerial refueling system can be considered as a stochastic system.Thus,probabilistic reachability is considered.Since there is a close relationship between reachability probability and collision probability,the collision probability of the AAR system is analyzed by using reachability analysis techniques.Then,the collision probability is accessed by using the Monte-Carlo experiment method.Finally,simulations demonstrate the effectiveness of the proposed safety assessment method.
文摘Verifiably encrypted signatures are employed when a signer wants to sign a message for a verifier but does not want the verifier to possess his signature on the message until some certain requirements of his are satisfied. This paper presented new verifiably encrypted signatures from bilinear pairings. The proposed signatures share the properties of simplicity and efficiency with existing verifiably encrypted signature schemes. To support the proposed scheme, it also exhibited security proofs that do not use random oracle assumption. For existential unforgeability, there exist tight security reductions from the proposed verifiably encrypted signature scheme to a strong but reasonable computational assumption.