The theory of quadratic residues plays an important role in cryptography.In 2001,Cocks developed an identity-based encryption(IBE)scheme based on quadratic residues,resolving Shamir’s 17-year-old open problem.However...The theory of quadratic residues plays an important role in cryptography.In 2001,Cocks developed an identity-based encryption(IBE)scheme based on quadratic residues,resolving Shamir’s 17-year-old open problem.However,a notable drawback of Cocks’scheme is the significant expansion of the ciphertext,and some of its limitations have been addressed in subsequent research.Recently,Cotan and Teşeleanu highlighted that previous studies on Cocks’scheme relied on a trial-and-error method based on Jacobi symbols to generate the necessary parameters for the encryption process.They enhanced the encryption speed of Cocks’scheme by eliminating this trialand-error method.Based on security analysis,this study concludes that the security of Cotan-Teşeleanu’s proposal cannot be directly derived from the security of the original Cocks’scheme.Furthermore,by adopting the Cotan-Teşeleanu method and introducing an additional variable as a public element,this study develops a similar enhancement scheme that not only accelerates the encryption speed but also provides security equivalent to the original Cocks’scheme.展开更多
Tag key encapsulation mechanism (Tag-KEM)/data encapsulation mechanism (DEM) is a hybrid framework proposed in 2005. Tag-t(EM is one of its parts by using public-key encryption (PKE) technique to encapsulate a ...Tag key encapsulation mechanism (Tag-KEM)/data encapsulation mechanism (DEM) is a hybrid framework proposed in 2005. Tag-t(EM is one of its parts by using public-key encryption (PKE) technique to encapsulate a symmetric key. In hybrid encryptions, the long-raessage PKE is not desired due to its slow operation. A general method is presented for constructing Tag-KEM schemes with short-message PKEs. The chosen ciphertext security is proved in the random oracle model. In the method, the treatment of the tag part brings no additional ciphertext redundancy. Among all the methods for constructing Tag-KEM, the method is the first one without any validity checking on the tag part, thus showing that the Tag-KEM/DEM framework is superior to KEM+DEM one.展开更多
Yoon and Yoo recently proposed a robust authenticated encryption scheme and claimed their scheme has the properties of forward secrecy and confidentiality. The current paper, however, points out that Yoon-Yoo's schem...Yoon and Yoo recently proposed a robust authenticated encryption scheme and claimed their scheme has the properties of forward secrecy and confidentiality. The current paper, however, points out that Yoon-Yoo's scheme also can not provide forward secrecy and confidentiality such that any adversary can easily recover the transferred message. Based on intractability of reversing the one-way hash function and discrete logarithm problem, an improved authenticated encryption scheme with messages linkage is proposed. The above security faults get solved perfectly. The new scheme is proven to satisfy all the basic security requirements of the authenticated encryption scheme. And by the concrete comparison, it has the similar efficiency of the original scheme.展开更多
Investigated the properties of LUCas sequence(LUC), the paper proposed a new variant of (probabilistic) public-key encryption scheme. Security analysis of the proposed encryption schemes shows that its one-wayness is ...Investigated the properties of LUCas sequence(LUC), the paper proposed a new variant of (probabilistic) public-key encryption scheme. Security analysis of the proposed encryption schemes shows that its one-wayness is equivalent to partial LUC discrete logarithm problem in ZN, and for the proposed probabilistic encryption scheme, its semantic security is equivalent to decisional LUC Diffie-Hellman problem in ZN. At last, the efficiency of the proposed schemes is briefly analyzed.展开更多
In this paper, we propose a new attribute-based proxy re-encryption scheme, where a semi-trusted proxy, with some additional information, can transform a ciphertext under a set of attributes into a new ciphertext unde...In this paper, we propose a new attribute-based proxy re-encryption scheme, where a semi-trusted proxy, with some additional information, can transform a ciphertext under a set of attributes into a new ciphertext under another set of attributes on the same message, but not vice versa, furthermore, its security was proved in the standard model based on decisional bilinear Diffie-Hellman assumption. This scheme can be used to realize fine-grained selectively sharing of encrypted data, but the general proxy rencryption scheme severely can not do it, so the proposed schemecan be thought as an improvement of general traditional proxy re-encryption scheme.展开更多
To enhance the anti-breaking performance of privacy information, this article proposes a new encryption method utilizing the leaping peculiarity of the periodic orbits of chaos systems. This method maps the secret seq...To enhance the anti-breaking performance of privacy information, this article proposes a new encryption method utilizing the leaping peculiarity of the periodic orbits of chaos systems. This method maps the secret sequence to several chaos periodic orbits, and a short sequence obtained by evolving the system parameters of the periodic orbits in another nonlinear system will be the key to reconstruct these periodic orbits. In the decryption end, the shadowing method of chaos trajectory based on the modified Newton-Raphson algorithm is adopted to restore these system parameters. Through deciding which orbit each pair coordinate falls on, the original digital sequence can be decrypted.展开更多
In the content distribution services,traitor tracing encryption schemes are useful tools to trace illegal users that distribute content illegally to unauthorized users.However,solo use of these schemes does not necess...In the content distribution services,traitor tracing encryption schemes are useful tools to trace illegal users that distribute content illegally to unauthorized users.However,solo use of these schemes does not necessarily work well and has vulnerability.To complement the property of the traitor tracing schemes,it is effective to use watermarking scheme with them and the watermarking schemes with light load are required.A number of video watermarking methods with light load have been proposed that embed information into compressed video streams.When the compression scheme is MPEG2-Video,its codes are mostly pre-defined using coding tables,and therefore,information can be embedded in the compressed stream by substituting some of the codes.On the other hand,HEVC/H.265 uses arithmetic coding(CABAC)and it is not easy to substitute one code for another in a stream.To deal with this problem,a watermarking scheme for HEVC/H.265 video streams is proposed.It embeds information while the video is being encoded.A broadcasting system incorporating the scheme is also proposed.展开更多
The existing homomorphie eneryption scheme is based on ring of the integer, and the possible operators are restricted to addition and multiplication only. In this paper, a new operation is defined Similar Modul. Base ...The existing homomorphie eneryption scheme is based on ring of the integer, and the possible operators are restricted to addition and multiplication only. In this paper, a new operation is defined Similar Modul. Base on the Similar Modul, the number sets of the homomorphic encryption scheme is extended to real number, and the possible operators are extended to addition, subtraction, multiplication and division. Our new approach provides a practical ways of implementation because of the extension of the operators and the number sets.展开更多
This paper presents a ZUC-256 stream cipher algorithm hardware system in order to prevent the advanced security threats for 5 G wireless network.The main innovation of the hardware system is that a six-stage pipeline ...This paper presents a ZUC-256 stream cipher algorithm hardware system in order to prevent the advanced security threats for 5 G wireless network.The main innovation of the hardware system is that a six-stage pipeline scheme comprised of initialization and work stage is employed to enhance the solving speed of the critical logical paths.Moreover,the pipeline scheme adopts a novel optimized hardware structure to fast complete the Mod(231-1)calculation.The function of the hardware system has been validated experimentally in detail.The hardware system shows great superiorities.Compared with the same type system in recent literatures,the logic delay reduces by 47%with an additional hardware resources of only 4 multiplexers,the throughput rate reaches 5.26 Gbps and yields at least 45%better performance,the throughput rate per unit area increases 14.8%.The hardware system provides a faster and safer encryption module for the 5G wireless network.展开更多
1 Introduction The Internet of Things(IoT)has facilitated the development of numerous fields in our lives.However,some equipment in IoT environment lacks sufficient storage and data processing capabilities[1].A feasib...1 Introduction The Internet of Things(IoT)has facilitated the development of numerous fields in our lives.However,some equipment in IoT environment lacks sufficient storage and data processing capabilities[1].A feasible strategy is to leverage the powerful computing capabilities of cloud servers to process the data within the IoT devices.展开更多
Security of wireless sensor networks has received considerable attention. It is a critical challenge to find out suitable encryption schemes for wireless sensor networks due to limitations of power, computation capabi...Security of wireless sensor networks has received considerable attention. It is a critical challenge to find out suitable encryption schemes for wireless sensor networks due to limitations of power, computation capability and storage resources of these networks. Many encryption schemes based on asymmetric and symmetric have been investigated. In this paper, we present an authenticated identity-based key encryption scheme for wireless sensor networks. We first review briefly about identity-based encryption and decryption, particularly, the Boneh-Franklin algorithms, then describe an authenticated identity-based key encryption scheme based on Boneh-Franklin algorithms, and finally show the integrity of our scheme and discuss its efficiency and security by comparing it with other asymmetric and symmetric encryption schemes.展开更多
Using lattice basis delegation in a fixed dimension, we propose an efficient lattice-based hierarchical identity based encryption(HIBE) scheme in the standard model whose public key size is only(dm^2+ mn) log q b...Using lattice basis delegation in a fixed dimension, we propose an efficient lattice-based hierarchical identity based encryption(HIBE) scheme in the standard model whose public key size is only(dm^2+ mn) log q bits and whose message-ciphertext expansion factor is only log q, where d is the maximum hierarchical depth and(n, m, q)are public parameters. In our construction, a novel public key assignment rule is used to averagely assign one random and public matrix to two identity bits, which implies that d random public matrices are enough to build the proposed HIBE scheme in the standard model, compared with the case in which 2d such public matrices are needed in the scheme proposed at Crypto 2010 whose public key size is(2dm^2+ mn + m) log q. To reduce the message-ciphertext expansion factor of the proposed scheme to log q, the encryption algorithm of this scheme is built based on Gentry's encryption scheme, by which m^2 bits of plaintext are encrypted into m^2 log q bits of ciphertext by a one time encryption operation. Hence, the presented scheme has some advantages with respect to not only the public key size but also the message-ciphertext expansion factor. Based on the hardness of the learning with errors problem, we demonstrate that the scheme is secure under selective identity and chosen plaintext attacks.展开更多
为解决医疗云平台共享个人健康档案(personal health record,PHR)存在的隐私泄露和加解密效率不理想的问题,以医疗云平台中帕金森病患者的转诊场景为例,提出了一种基于线性秘密共享的改进密文属性代理重加密方案(improved linear secret...为解决医疗云平台共享个人健康档案(personal health record,PHR)存在的隐私泄露和加解密效率不理想的问题,以医疗云平台中帕金森病患者的转诊场景为例,提出了一种基于线性秘密共享的改进密文属性代理重加密方案(improved linear secret sharing based ciphertext attribute proxy re-encryption scheme,LCPS)。该方案利用线性秘密共享技术来隐藏访问策略中的隐私属性,降低因访问策略暴露引发的隐私泄露风险;该方案还对代理重加密算法进行改进,通过减少复杂的双线性运算,提高了加解密效率。结果表明,LCPS在加解密方面的表现要优于其他方案。在判定性q-BDHE(q-decisional bilinear Diffie-Hellman exponent)困难假设下具有选择明文攻击时的不可区分性(indistinguishability under chosen-plaintext attack,IND-CPA)。该方案具有可移植性,同样适用于医疗云中其他病症转诊时的个人健康档案安全共享。展开更多
Recently, Tseng et al. proposed authenticated encryption scheme with message recovery using self-certified public keys. Hwang et al. proposed an attack to show that the Tseng et al.'s scheme was not secure. And Hwang...Recently, Tseng et al. proposed authenticated encryption scheme with message recovery using self-certified public keys. Hwang et al. proposed an attack to show that the Tseng et al.'s scheme was not secure. And Hwang et al. proposed an improved scheme and claimed to that the new scheme satisfy the security requirement. However, we will show that the improved signature proposed by Hwang et al. is still insecure.展开更多
The timing and Hamming weight attacks on the data encryption standard (DES) cryptosystem for minimal cost encryption scheme is presented in this article. In the attack, timing information on encryption processing is...The timing and Hamming weight attacks on the data encryption standard (DES) cryptosystem for minimal cost encryption scheme is presented in this article. In the attack, timing information on encryption processing is used to select and collect effective plaintexts for attack. Then the collected plaintexts are utilized to infer the expanded key differences of the secret key, from which most bits of the expanded secret key are recovered. The remaining bits of the expanded secret key are deduced by the correlations between Hamming weight values of the input of the S-boxes in the first-round. Finally, from the linear relation of the encryption time and the secret key's Hamming weight, the entire 56 bits of the secret key are thoroughly recovered. Using the attack, the minimal cost encryption scheme can be broken with 2^23 known plaintexts and about 2^21 calculations at a success rate a 〉 99%. The attack has lower computing complexity, and the method is more effective than other previous methods.展开更多
基金Rising-Star Program of Shanghai 2023 Science and Technology Innovation Action Plan(Yangfan Special Project),China(No.23YF1401000)Fundamental Research Funds for the Central Universities,China(No.2232022D-25)。
文摘The theory of quadratic residues plays an important role in cryptography.In 2001,Cocks developed an identity-based encryption(IBE)scheme based on quadratic residues,resolving Shamir’s 17-year-old open problem.However,a notable drawback of Cocks’scheme is the significant expansion of the ciphertext,and some of its limitations have been addressed in subsequent research.Recently,Cotan and Teşeleanu highlighted that previous studies on Cocks’scheme relied on a trial-and-error method based on Jacobi symbols to generate the necessary parameters for the encryption process.They enhanced the encryption speed of Cocks’scheme by eliminating this trialand-error method.Based on security analysis,this study concludes that the security of Cotan-Teşeleanu’s proposal cannot be directly derived from the security of the original Cocks’scheme.Furthermore,by adopting the Cotan-Teşeleanu method and introducing an additional variable as a public element,this study develops a similar enhancement scheme that not only accelerates the encryption speed but also provides security equivalent to the original Cocks’scheme.
基金Supported by the National Natural Science Foundation of China(60603010,60970120)~~
文摘Tag key encapsulation mechanism (Tag-KEM)/data encapsulation mechanism (DEM) is a hybrid framework proposed in 2005. Tag-t(EM is one of its parts by using public-key encryption (PKE) technique to encapsulate a symmetric key. In hybrid encryptions, the long-raessage PKE is not desired due to its slow operation. A general method is presented for constructing Tag-KEM schemes with short-message PKEs. The chosen ciphertext security is proved in the random oracle model. In the method, the treatment of the tag part brings no additional ciphertext redundancy. Among all the methods for constructing Tag-KEM, the method is the first one without any validity checking on the tag part, thus showing that the Tag-KEM/DEM framework is superior to KEM+DEM one.
基金Supported by the National Natural Science Foun-dation of China (60473072)
文摘Yoon and Yoo recently proposed a robust authenticated encryption scheme and claimed their scheme has the properties of forward secrecy and confidentiality. The current paper, however, points out that Yoon-Yoo's scheme also can not provide forward secrecy and confidentiality such that any adversary can easily recover the transferred message. Based on intractability of reversing the one-way hash function and discrete logarithm problem, an improved authenticated encryption scheme with messages linkage is proposed. The above security faults get solved perfectly. The new scheme is proven to satisfy all the basic security requirements of the authenticated encryption scheme. And by the concrete comparison, it has the similar efficiency of the original scheme.
基金Supported by the 973 State Key Project of China (No.G1999035803)the National Natural Science Foundation of China (No.69931010).
文摘Investigated the properties of LUCas sequence(LUC), the paper proposed a new variant of (probabilistic) public-key encryption scheme. Security analysis of the proposed encryption schemes shows that its one-wayness is equivalent to partial LUC discrete logarithm problem in ZN, and for the proposed probabilistic encryption scheme, its semantic security is equivalent to decisional LUC Diffie-Hellman problem in ZN. At last, the efficiency of the proposed schemes is briefly analyzed.
基金the Natural Science Foundation of Shandong Province (Y2007G37)the Science and Technology Development Program of Shandong Province (2007GG10001012)
文摘In this paper, we propose a new attribute-based proxy re-encryption scheme, where a semi-trusted proxy, with some additional information, can transform a ciphertext under a set of attributes into a new ciphertext under another set of attributes on the same message, but not vice versa, furthermore, its security was proved in the standard model based on decisional bilinear Diffie-Hellman assumption. This scheme can be used to realize fine-grained selectively sharing of encrypted data, but the general proxy rencryption scheme severely can not do it, so the proposed schemecan be thought as an improvement of general traditional proxy re-encryption scheme.
基金This project was supported by the National Natural Science Foundation of Shaan'Xi Province, China (2003F40).
文摘To enhance the anti-breaking performance of privacy information, this article proposes a new encryption method utilizing the leaping peculiarity of the periodic orbits of chaos systems. This method maps the secret sequence to several chaos periodic orbits, and a short sequence obtained by evolving the system parameters of the periodic orbits in another nonlinear system will be the key to reconstruct these periodic orbits. In the decryption end, the shadowing method of chaos trajectory based on the modified Newton-Raphson algorithm is adopted to restore these system parameters. Through deciding which orbit each pair coordinate falls on, the original digital sequence can be decrypted.
文摘In the content distribution services,traitor tracing encryption schemes are useful tools to trace illegal users that distribute content illegally to unauthorized users.However,solo use of these schemes does not necessarily work well and has vulnerability.To complement the property of the traitor tracing schemes,it is effective to use watermarking scheme with them and the watermarking schemes with light load are required.A number of video watermarking methods with light load have been proposed that embed information into compressed video streams.When the compression scheme is MPEG2-Video,its codes are mostly pre-defined using coding tables,and therefore,information can be embedded in the compressed stream by substituting some of the codes.On the other hand,HEVC/H.265 uses arithmetic coding(CABAC)and it is not easy to substitute one code for another in a stream.To deal with this problem,a watermarking scheme for HEVC/H.265 video streams is proposed.It embeds information while the video is being encoded.A broadcasting system incorporating the scheme is also proposed.
基金Supported by the National Natural Science Foun-dation of China (90104005)
文摘The existing homomorphie eneryption scheme is based on ring of the integer, and the possible operators are restricted to addition and multiplication only. In this paper, a new operation is defined Similar Modul. Base on the Similar Modul, the number sets of the homomorphic encryption scheme is extended to real number, and the possible operators are extended to addition, subtraction, multiplication and division. Our new approach provides a practical ways of implementation because of the extension of the operators and the number sets.
基金supported in part by the National R&D Program for Major Research Instruments of China(Grant No:62027814)the National Natural Science Foundation of China(Grant No:62104054)+2 种基金the Natural Science Foundation of Heilongjiang Province(Grant No:F2018010)the Postdoctoral Science Foundation of Heilongjiang Province,China(No:LBH-Z20133)the Fundamental Research Funds for The Central Universities,China(3072021CF0806)。
文摘This paper presents a ZUC-256 stream cipher algorithm hardware system in order to prevent the advanced security threats for 5 G wireless network.The main innovation of the hardware system is that a six-stage pipeline scheme comprised of initialization and work stage is employed to enhance the solving speed of the critical logical paths.Moreover,the pipeline scheme adopts a novel optimized hardware structure to fast complete the Mod(231-1)calculation.The function of the hardware system has been validated experimentally in detail.The hardware system shows great superiorities.Compared with the same type system in recent literatures,the logic delay reduces by 47%with an additional hardware resources of only 4 multiplexers,the throughput rate reaches 5.26 Gbps and yields at least 45%better performance,the throughput rate per unit area increases 14.8%.The hardware system provides a faster and safer encryption module for the 5G wireless network.
基金supported by the National Key R&D Program of China(No.2022YFB4400703)the Special Project for Industrial Foundation Reconstruction and High Quality Development of Manufacturing Industry(TC220A04X-1)the Basic Research Program(No.JCKY2020604C011).
文摘1 Introduction The Internet of Things(IoT)has facilitated the development of numerous fields in our lives.However,some equipment in IoT environment lacks sufficient storage and data processing capabilities[1].A feasible strategy is to leverage the powerful computing capabilities of cloud servers to process the data within the IoT devices.
文摘Security of wireless sensor networks has received considerable attention. It is a critical challenge to find out suitable encryption schemes for wireless sensor networks due to limitations of power, computation capability and storage resources of these networks. Many encryption schemes based on asymmetric and symmetric have been investigated. In this paper, we present an authenticated identity-based key encryption scheme for wireless sensor networks. We first review briefly about identity-based encryption and decryption, particularly, the Boneh-Franklin algorithms, then describe an authenticated identity-based key encryption scheme based on Boneh-Franklin algorithms, and finally show the integrity of our scheme and discuss its efficiency and security by comparing it with other asymmetric and symmetric encryption schemes.
基金Project supported by the National Natural Science Foundation of China(Nos.61303198,61471409,61472470,and 61402112) the Natural Science Foundation of Shandong Province,China(No.ZR2013FQ031)
文摘Using lattice basis delegation in a fixed dimension, we propose an efficient lattice-based hierarchical identity based encryption(HIBE) scheme in the standard model whose public key size is only(dm^2+ mn) log q bits and whose message-ciphertext expansion factor is only log q, where d is the maximum hierarchical depth and(n, m, q)are public parameters. In our construction, a novel public key assignment rule is used to averagely assign one random and public matrix to two identity bits, which implies that d random public matrices are enough to build the proposed HIBE scheme in the standard model, compared with the case in which 2d such public matrices are needed in the scheme proposed at Crypto 2010 whose public key size is(2dm^2+ mn + m) log q. To reduce the message-ciphertext expansion factor of the proposed scheme to log q, the encryption algorithm of this scheme is built based on Gentry's encryption scheme, by which m^2 bits of plaintext are encrypted into m^2 log q bits of ciphertext by a one time encryption operation. Hence, the presented scheme has some advantages with respect to not only the public key size but also the message-ciphertext expansion factor. Based on the hardness of the learning with errors problem, we demonstrate that the scheme is secure under selective identity and chosen plaintext attacks.
文摘为解决医疗云平台共享个人健康档案(personal health record,PHR)存在的隐私泄露和加解密效率不理想的问题,以医疗云平台中帕金森病患者的转诊场景为例,提出了一种基于线性秘密共享的改进密文属性代理重加密方案(improved linear secret sharing based ciphertext attribute proxy re-encryption scheme,LCPS)。该方案利用线性秘密共享技术来隐藏访问策略中的隐私属性,降低因访问策略暴露引发的隐私泄露风险;该方案还对代理重加密算法进行改进,通过减少复杂的双线性运算,提高了加解密效率。结果表明,LCPS在加解密方面的表现要优于其他方案。在判定性q-BDHE(q-decisional bilinear Diffie-Hellman exponent)困难假设下具有选择明文攻击时的不可区分性(indistinguishability under chosen-plaintext attack,IND-CPA)。该方案具有可移植性,同样适用于医疗云中其他病症转诊时的个人健康档案安全共享。
基金This project is supported by National Natural Science Foundation of China(60673053 90718011)
文摘Recently, Tseng et al. proposed authenticated encryption scheme with message recovery using self-certified public keys. Hwang et al. proposed an attack to show that the Tseng et al.'s scheme was not secure. And Hwang et al. proposed an improved scheme and claimed to that the new scheme satisfy the security requirement. However, we will show that the improved signature proposed by Hwang et al. is still insecure.
基金supported by the National Basic Research Program of China (2007CB807902, 2007CB807903)the Education Innovation Foundation of Institution and University of Beijing (2004).
文摘The timing and Hamming weight attacks on the data encryption standard (DES) cryptosystem for minimal cost encryption scheme is presented in this article. In the attack, timing information on encryption processing is used to select and collect effective plaintexts for attack. Then the collected plaintexts are utilized to infer the expanded key differences of the secret key, from which most bits of the expanded secret key are recovered. The remaining bits of the expanded secret key are deduced by the correlations between Hamming weight values of the input of the S-boxes in the first-round. Finally, from the linear relation of the encryption time and the secret key's Hamming weight, the entire 56 bits of the secret key are thoroughly recovered. Using the attack, the minimal cost encryption scheme can be broken with 2^23 known plaintexts and about 2^21 calculations at a success rate a 〉 99%. The attack has lower computing complexity, and the method is more effective than other previous methods.
