AEZ is an AES-based authenticated encryption submitted to the ongoing CAESAR competition and was presented at Eurocrypt2015 with AEZ v3. There are three models for AEZ, AEZ-core, AEZ-tiny and AEZ-prf. In this paper, w...AEZ is an AES-based authenticated encryption submitted to the ongoing CAESAR competition and was presented at Eurocrypt2015 with AEZ v3. There are three models for AEZ, AEZ-core, AEZ-tiny and AEZ-prf. In this paper, we consider the security of AEZprf for AEZ v4.2, the latest version of AEZ.Our major finding is a collision of any 256-bit associated data for AES-prf. Then we launch collision attacks in a quantum setting and a classical setting respectively under different assumptions. In the quantum setting, by Simon's quantum algorithm, we amount a forgery with O(n) quantum superposition queries and an overwhelming probability close to 1.In the classical setting, one with the key of AEZ-prf can also construct the forgeries. Our results show that the AEZ-prf models of AEZ v4.2 is not secure in both the quantum setting and classical world. Furthermore, our results can also be applied to AEZ v3, which has been published on Eurocrypt 2015. As far as we know, no cryptanalysis of AEZ v4.2 has been published so far.展开更多
Advances in quantum computers threaten to break public key cryptosystems such as RSA, ECC, and EIGamal on the hardness of factoring or taking a discrete logarithm, while no quantum algorithms are found to solve certai...Advances in quantum computers threaten to break public key cryptosystems such as RSA, ECC, and EIGamal on the hardness of factoring or taking a discrete logarithm, while no quantum algorithms are found to solve certain mathematical problems on non-commutative algebraic structures until now. In this background, Majid Khan et al.proposed two novel public-key encryption schemes based on large abelian subgroup of general linear group over a residue ring. In this paper we show that the two schemes are not secure. We present that they are vulnerable to a structural attack and that, it only requires polynomial time complexity to retrieve the message from associated public keys respectively. Then we conduct a detailed analysis on attack methods and show corresponding algorithmic description and efficiency analysis respectively. After that, we propose an improvement assisted to enhance Majid Khan's scheme. In addition, we discuss possible lines of future work.展开更多
This paper proposed an universal steganalysis program based on quantification attack which can detect several kinds of data hiding algorithms for grayscale images. In practice, most techniques produce stego images tha...This paper proposed an universal steganalysis program based on quantification attack which can detect several kinds of data hiding algorithms for grayscale images. In practice, most techniques produce stego images that are perceptually identical to the cover images but exhibit statistical irregularities that distinguish them from cover images. Attacking the suspicious images using the quantization method, we can obtain statistically different from embedded-and-quantization attacked images and from quantization attacked-but-not-embedded sources. We have developed a technique based on one-class SVM for discriminating between cover-images and stego-images. Simulation results show our approach is able to distinguish between cover and stego images with reasonable accuracy.展开更多
In this paper, we present Real-Time Flow Filter (RTFF) -a system that adopts a middle ground between coarse-grained volume anomaly detection and deep packet inspection. RTFF was designed with the goal of scaling to hi...In this paper, we present Real-Time Flow Filter (RTFF) -a system that adopts a middle ground between coarse-grained volume anomaly detection and deep packet inspection. RTFF was designed with the goal of scaling to high volume data feeds that are common in large Tier-1 ISP networks and providing rich, timely information on observed attacks. It is a software solution that is designed to run on off-the-shelf hardware platforms and incorporates a scalable data processing architecture along with lightweight analysis algorithms that make it suitable for deployment in large networks. RTFF also makes use of state of the art machine learning algorithms to construct attack models that can be used to detect as well as predict attacks.展开更多
This paper presents a new method for resynchronization attack, which is the combination of the differential cryptanalysis and algebraic attack. By using the new method one gets a system of linear equations or low-degr...This paper presents a new method for resynchronization attack, which is the combination of the differential cryptanalysis and algebraic attack. By using the new method one gets a system of linear equations or low-degree equations about initial keys, and the solution of the system of equations results in the recovery of the initial keys. This method has a lower computational complexity and better performance of attack in contrast to the known methods. Accordingly, the design of the resynchronization stream generators should be reconsidered to make them strong enough to avoid our attacks. When implemented to the Toyocrypt, our method gains the computational complexity of O(2^17), and that of 0(2^67) for LILI-128.展开更多
Recently, Liu et al. proposed a two-party quantum private comparison(QPC) protocol using entanglement swapping of Bell entangled state(Commun. Theor. Phys. 57(2012) 583). Subsequently, Liu et al. pointed out that in L...Recently, Liu et al. proposed a two-party quantum private comparison(QPC) protocol using entanglement swapping of Bell entangled state(Commun. Theor. Phys. 57(2012) 583). Subsequently, Liu et al. pointed out that in Liu et al.'s protocol, the TP can extract the two users' secret inputs without being detected by launching the Bell-basis measurement attack, and suggested the corresponding improvement to mend this loophole(Commun. Theor. Phys. 62(2014) 210). In this paper, we first point out the information leakage problem toward TP existing in both of the above two protocols, and then suggest the corresponding improvement by using the one-way hash function to encrypt the two users' secret inputs. We further put forward the three-party QPC protocol also based on entanglement swapping of Bell entangled state, and then validate its output correctness and its security in detail. Finally, we generalize the three-party QPC protocol into the multi-party case, which can accomplish arbitrary pair's comparison of equality among K users within one execution.展开更多
基金supported by the National Natural Science Foundation of China (Grant No.61572516, No.61272041 and No.61272488)
文摘AEZ is an AES-based authenticated encryption submitted to the ongoing CAESAR competition and was presented at Eurocrypt2015 with AEZ v3. There are three models for AEZ, AEZ-core, AEZ-tiny and AEZ-prf. In this paper, we consider the security of AEZprf for AEZ v4.2, the latest version of AEZ.Our major finding is a collision of any 256-bit associated data for AES-prf. Then we launch collision attacks in a quantum setting and a classical setting respectively under different assumptions. In the quantum setting, by Simon's quantum algorithm, we amount a forgery with O(n) quantum superposition queries and an overwhelming probability close to 1.In the classical setting, one with the key of AEZ-prf can also construct the forgeries. Our results show that the AEZ-prf models of AEZ v4.2 is not secure in both the quantum setting and classical world. Furthermore, our results can also be applied to AEZ v3, which has been published on Eurocrypt 2015. As far as we know, no cryptanalysis of AEZ v4.2 has been published so far.
基金supported in part by the National Natural Science Foundation of China(Grant Nos.61303212,61170080,61202386)the State Key Program of National Natural Science of China(Grant Nos.61332019,U1135004)+2 种基金the Major Research Plan of the National Natural Science Foundation of China(Grant No.91018008)Major State Basic Research Development Program of China(973 Program)(No.2014CB340600)the Hubei Natural Science Foundation of China(Grant Nos.2011CDB453,2014CFB440)
文摘Advances in quantum computers threaten to break public key cryptosystems such as RSA, ECC, and EIGamal on the hardness of factoring or taking a discrete logarithm, while no quantum algorithms are found to solve certain mathematical problems on non-commutative algebraic structures until now. In this background, Majid Khan et al.proposed two novel public-key encryption schemes based on large abelian subgroup of general linear group over a residue ring. In this paper we show that the two schemes are not secure. We present that they are vulnerable to a structural attack and that, it only requires polynomial time complexity to retrieve the message from associated public keys respectively. Then we conduct a detailed analysis on attack methods and show corresponding algorithmic description and efficiency analysis respectively. After that, we propose an improvement assisted to enhance Majid Khan's scheme. In addition, we discuss possible lines of future work.
基金Science Fund of Shanghai Municipal Education Commission (03DZ13)
文摘This paper proposed an universal steganalysis program based on quantification attack which can detect several kinds of data hiding algorithms for grayscale images. In practice, most techniques produce stego images that are perceptually identical to the cover images but exhibit statistical irregularities that distinguish them from cover images. Attacking the suspicious images using the quantization method, we can obtain statistically different from embedded-and-quantization attacked images and from quantization attacked-but-not-embedded sources. We have developed a technique based on one-class SVM for discriminating between cover-images and stego-images. Simulation results show our approach is able to distinguish between cover and stego images with reasonable accuracy.
文摘In this paper, we present Real-Time Flow Filter (RTFF) -a system that adopts a middle ground between coarse-grained volume anomaly detection and deep packet inspection. RTFF was designed with the goal of scaling to high volume data feeds that are common in large Tier-1 ISP networks and providing rich, timely information on observed attacks. It is a software solution that is designed to run on off-the-shelf hardware platforms and incorporates a scalable data processing architecture along with lightweight analysis algorithms that make it suitable for deployment in large networks. RTFF also makes use of state of the art machine learning algorithms to construct attack models that can be used to detect as well as predict attacks.
基金Supported in part by the National Natural Science Foundation of China (No.60273084)the National Laboratory for Modern Communications Foundation of China (No.51436030105DZ0105).
文摘This paper presents a new method for resynchronization attack, which is the combination of the differential cryptanalysis and algebraic attack. By using the new method one gets a system of linear equations or low-degree equations about initial keys, and the solution of the system of equations results in the recovery of the initial keys. This method has a lower computational complexity and better performance of attack in contrast to the known methods. Accordingly, the design of the resynchronization stream generators should be reconsidered to make them strong enough to avoid our attacks. When implemented to the Toyocrypt, our method gains the computational complexity of O(2^17), and that of 0(2^67) for LILI-128.
基金Supported by the National Natural Science Foundation of China under Grant No.61402407
文摘Recently, Liu et al. proposed a two-party quantum private comparison(QPC) protocol using entanglement swapping of Bell entangled state(Commun. Theor. Phys. 57(2012) 583). Subsequently, Liu et al. pointed out that in Liu et al.'s protocol, the TP can extract the two users' secret inputs without being detected by launching the Bell-basis measurement attack, and suggested the corresponding improvement to mend this loophole(Commun. Theor. Phys. 62(2014) 210). In this paper, we first point out the information leakage problem toward TP existing in both of the above two protocols, and then suggest the corresponding improvement by using the one-way hash function to encrypt the two users' secret inputs. We further put forward the three-party QPC protocol also based on entanglement swapping of Bell entangled state, and then validate its output correctness and its security in detail. Finally, we generalize the three-party QPC protocol into the multi-party case, which can accomplish arbitrary pair's comparison of equality among K users within one execution.
