Recently,Hwang et al.proposed a (t,n) threshold-proxy (c,m) thresholdsignature schemes,in which only any t or more original signers of n original signers can authorize a proxy group of m proxy signers and then onl...Recently,Hwang et al.proposed a (t,n) threshold-proxy (c,m) thresholdsignature schemes,in which only any t or more original signers of n original signers can authorize a proxy group of m proxy signers and then only c or more proxy signers can cooperatively generate threshold-proxy threshold-signature.In this scheme,they claimed that original signers cannot forge the proxy signature and the proxy signers cannot forge signature on behalf of the original signers.However,in this paper,we will give a attack to show that their scheme can not resist impersonation attacks.展开更多
A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryp...A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryption scheme. We propose an algebraic key-recovery attack in the polynomial computational complexity. Furthermore, we peel off the encryption and decryption process and propose attack methods for solving the conjugator search problem over the given non-abelian group. Finally, we provide corresponding practical attack examples to illustrate the attack methods in our cryptanalysis, and provide some improved suggestions.展开更多
Recently, Mao, Zhang, Wu et al. constructed two key exchange(KE) protocols based on tensor ergodic problem(TEP). Although they conjectured that these constructions can potentially resist quantum computing attack, they...Recently, Mao, Zhang, Wu et al. constructed two key exchange(KE) protocols based on tensor ergodic problem(TEP). Although they conjectured that these constructions can potentially resist quantum computing attack, they did not provide a rigorous security proof for their KE protocols. In this paper, applying the properties of ergodic matrix, we first present a polynomial time algorithm to solve the TEP problem using O(n^6) arithmetic operations in the finite field, where n is the security parameter. Then, applying this polynomial time algorithm, we generate a common shared key for two TEP-based KE constructions, respectively. In addition, we also provide a polynomial time algorithm with O(n^6) arithmetic operations that directly recovers the plaintext from a ciphertext for the KE-based encryption scheme. Thus, the TEP-based KE protocols and their corresponding encryption schemes are insecure.展开更多
The need to simultaneously balance security and fairness in quantum key agreement(QKA) makes it challenging to design a flawless QKA protocol, especially a multiparty quantum key agreement(MQKA) protocol. When designi...The need to simultaneously balance security and fairness in quantum key agreement(QKA) makes it challenging to design a flawless QKA protocol, especially a multiparty quantum key agreement(MQKA) protocol. When designing an MQKA protocol,two modes can be used to transmit the quantum information carriers: travelling mode and distributed mode. MQKA protocols usually have a higher qubit efficiency in travelling mode than in distributed mode. Thus, several travelling mode MQKA protocols have been proposed. However, almost all of these are vulnerable to collusion attacks from internal betrayers. This paper proposes an improved MQKA protocol that operates in travelling mode with Einstein-Podolsky-Rosen pairs. More importantly, we present a new travelling mode MQKA protocol that uses single photons, which is more feasible than previous methods under current technologies.展开更多
基金Supported by the National Natural Science Foundation of China(10871205)
文摘Recently,Hwang et al.proposed a (t,n) threshold-proxy (c,m) thresholdsignature schemes,in which only any t or more original signers of n original signers can authorize a proxy group of m proxy signers and then only c or more proxy signers can cooperatively generate threshold-proxy threshold-signature.In this scheme,they claimed that original signers cannot forge the proxy signature and the proxy signers cannot forge signature on behalf of the original signers.However,in this paper,we will give a attack to show that their scheme can not resist impersonation attacks.
基金supported by the State Key Program of National Natural Science of China(Grant Nos. 61332019)the National Natural Science Foundation of China (61572303)+7 种基金National Key Research and Development Program of China ( 2017YFB0802003 , 2017YFB0802004)National Cryptography Development Fund during the 13th Five-year Plan Period (MMJJ20170216)the Foundation of State Key Laboratory of Information Security (2017-MS-03)the Fundamental Research Funds for the Central Universities(GK201702004,GK201603084)Major State Basic Research Development Program of China (973 Program) (No.2014CB340600)National High-tech R&D Program of China(2015AA016002, 2015AA016004)Natural Science Foundation of He Bei Province (No. F2017201199)Science and technology research project of Hebei higher education (No. QN2017020)
文摘A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryption scheme. We propose an algebraic key-recovery attack in the polynomial computational complexity. Furthermore, we peel off the encryption and decryption process and propose attack methods for solving the conjugator search problem over the given non-abelian group. Finally, we provide corresponding practical attack examples to illustrate the attack methods in our cryptanalysis, and provide some improved suggestions.
基金supported by the National Natural Science Foundation of China(No.61672270,61602216,61702236)the Qing Lan Project for Young Researchers of Jiangsu Province of China(No.KYQ14004)+1 种基金the Open Fund of State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciences(No.2015-MSB-10)Jiangsu Overseas Research&Training Program for University Prominent Young&Middle-aged Teachers and Presidents,Changzhou Sci&Tech Program,(Grant No.CJ20179027)
文摘Recently, Mao, Zhang, Wu et al. constructed two key exchange(KE) protocols based on tensor ergodic problem(TEP). Although they conjectured that these constructions can potentially resist quantum computing attack, they did not provide a rigorous security proof for their KE protocols. In this paper, applying the properties of ergodic matrix, we first present a polynomial time algorithm to solve the TEP problem using O(n^6) arithmetic operations in the finite field, where n is the security parameter. Then, applying this polynomial time algorithm, we generate a common shared key for two TEP-based KE constructions, respectively. In addition, we also provide a polynomial time algorithm with O(n^6) arithmetic operations that directly recovers the plaintext from a ciphertext for the KE-based encryption scheme. Thus, the TEP-based KE protocols and their corresponding encryption schemes are insecure.
基金supported by the National Natural Science Foundation of China(Grant Nos.61501414,61602045,61601171,61309029,11504024 and 61502041)
文摘The need to simultaneously balance security and fairness in quantum key agreement(QKA) makes it challenging to design a flawless QKA protocol, especially a multiparty quantum key agreement(MQKA) protocol. When designing an MQKA protocol,two modes can be used to transmit the quantum information carriers: travelling mode and distributed mode. MQKA protocols usually have a higher qubit efficiency in travelling mode than in distributed mode. Thus, several travelling mode MQKA protocols have been proposed. However, almost all of these are vulnerable to collusion attacks from internal betrayers. This paper proposes an improved MQKA protocol that operates in travelling mode with Einstein-Podolsky-Rosen pairs. More importantly, we present a new travelling mode MQKA protocol that uses single photons, which is more feasible than previous methods under current technologies.
