A digital image encryption scheme using chaotic map lattices has been proposed recently. In this paper, two fatal flaws of the cryptosystem are pointed out. According to these two drawbacks, cryptanalysts could recove...A digital image encryption scheme using chaotic map lattices has been proposed recently. In this paper, two fatal flaws of the cryptosystem are pointed out. According to these two drawbacks, cryptanalysts could recover the plaintext by applying the chosen plaintext attack. Therefore, the proposed cryptosystem is not secure enough to be used in the image transmission system. Experimental results show the feasibility of the attack. As a result, we make some improvements to the encryption scheme, which can completely resist our chosen plaintext attack.展开更多
The security of quantum broadcast communication(QBC) and authentication protocol based on Greenberger–Horne–Zeilinger(GHZ) state and quantum one-time pad is analyzed. It is shown that there are some security iss...The security of quantum broadcast communication(QBC) and authentication protocol based on Greenberger–Horne–Zeilinger(GHZ) state and quantum one-time pad is analyzed. It is shown that there are some security issues in this protocol.Firstly, an external eavesdropper can take the intercept–measure–resend attack strategy to eavesdrop on 0.369 bit of every bit of the identity string of each receiver without being detected. Meanwhile, 0.524 bit of every bit of the secret message can be eavesdropped on without being detected. Secondly, an inner receiver can take the intercept–measure–resend attack strategy to eavesdrop on half of the identity string of the other's definitely without being checked. In addition, an alternative attack called the CNOT-operation attack is discussed. As for the multi-party QBC protocol, the attack efficiency increases with the increase of the number of users. Finally, the QBC protocol is improved to a secure one.展开更多
In this paper, we present the results for the security and the possible attacks on a new symmetric key encryption algorithm based on the ergodicity property of a logistic map. After analysis, we use mathematical induc...In this paper, we present the results for the security and the possible attacks on a new symmetric key encryption algorithm based on the ergodicity property of a logistic map. After analysis, we use mathematical induction to prove that the algorithm can be attacked by a chosen plaintext attack successfully and give an example to show how to attack it. According to the cryptanalysis of the originM Mgorithm, we improve the originM Mgorithm, and make a brief cryptanalysis. Compared with the original algorithm, the improved algorithm is able to resist a chosen plaintext attack and retain a considerable number of advantages of the original algorithm such as eneryption speed, sensitive dependence on the key, strong anti-attack capability, and so on.展开更多
We ayptanalyze Kim et. al's one-time proxy signature scheme used in mobileagents, and then a successful forgery is introduced It is showed that a dishonest customer cansuccessfully forge a valid one-time proxy sig...We ayptanalyze Kim et. al's one-time proxy signature scheme used in mobileagents, and then a successful forgery is introduced It is showed that a dishonest customer cansuccessfully forge a valid one-time proxy signature by impersonating the stiver Furthermore, he canrequest the server with responsibility for the forged bidding information.展开更多
In this paper, we analyze two signcryption schemes on elliptic curves proposed by Zheng Yu-liang and Hideki Imai. We point out a serious problem with the schemes that the elliptic curve based signcryption schemes lose...In this paper, we analyze two signcryption schemes on elliptic curves proposed by Zheng Yu-liang and Hideki Imai. We point out a serious problem with the schemes that the elliptic curve based signcryption schemes lose confidentiality to gain non-repudiation. We also propose two improvement versions that not only overcome the security leak inherent in the schemes but also provide public verifiability or forward security. Our improvement versions require smaller computing cost than that required by signature-then-encryption methods.展开更多
A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryp...A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryption scheme. We propose an algebraic key-recovery attack in the polynomial computational complexity. Furthermore, we peel off the encryption and decryption process and propose attack methods for solving the conjugator search problem over the given non-abelian group. Finally, we provide corresponding practical attack examples to illustrate the attack methods in our cryptanalysis, and provide some improved suggestions.展开更多
Recently,Hwang et al.proposed a (t,n) threshold-proxy (c,m) thresholdsignature schemes,in which only any t or more original signers of n original signers can authorize a proxy group of m proxy signers and then onl...Recently,Hwang et al.proposed a (t,n) threshold-proxy (c,m) thresholdsignature schemes,in which only any t or more original signers of n original signers can authorize a proxy group of m proxy signers and then only c or more proxy signers can cooperatively generate threshold-proxy threshold-signature.In this scheme,they claimed that original signers cannot forge the proxy signature and the proxy signers cannot forge signature on behalf of the original signers.However,in this paper,we will give a attack to show that their scheme can not resist impersonation attacks.展开更多
The Tiny Encryption Algorithm (TEA) is a Feistel block cipher well known for its simple implementation, small memory footprint, and fast execution speed. In two previous studies, genetic algorithms (GAs) were employed...The Tiny Encryption Algorithm (TEA) is a Feistel block cipher well known for its simple implementation, small memory footprint, and fast execution speed. In two previous studies, genetic algorithms (GAs) were employed to investigate the randomness of TEA output, based on which distinguishers for TEA could be designed. In this study, we used quan-tum-inspired genetic algorithms (QGAs) in the cryptanalysis of TEA. Quantum chromosomes in QGAs have the advan-tage of containing more information than the binary counterpart of the same length in GAs, and therefore generate a more diverse solution pool. We showed that QGAs could discover distinguishers for reduced cycle TEA that are more efficient than those found by classical GAs in two earlier studies. Furthermore, we applied QGAs to break four-cycle and five-cycle TEAs, a considerably harder problem, which the prior GA approach failed to solve.展开更多
Advances in quantum computers threaten to break public key cryptosystems such as RSA, ECC, and EIGamal on the hardness of factoring or taking a discrete logarithm, while no quantum algorithms are found to solve certai...Advances in quantum computers threaten to break public key cryptosystems such as RSA, ECC, and EIGamal on the hardness of factoring or taking a discrete logarithm, while no quantum algorithms are found to solve certain mathematical problems on non-commutative algebraic structures until now. In this background, Majid Khan et al.proposed two novel public-key encryption schemes based on large abelian subgroup of general linear group over a residue ring. In this paper we show that the two schemes are not secure. We present that they are vulnerable to a structural attack and that, it only requires polynomial time complexity to retrieve the message from associated public keys respectively. Then we conduct a detailed analysis on attack methods and show corresponding algorithmic description and efficiency analysis respectively. After that, we propose an improvement assisted to enhance Majid Khan's scheme. In addition, we discuss possible lines of future work.展开更多
In a recent work [Quantum Inf. Process 12 (2013) 1077], a multi-user protocol of quantum private comparison of equality (QPCE) is presented. Here we point out that if we relax the constraint of a semi-honest third...In a recent work [Quantum Inf. Process 12 (2013) 1077], a multi-user protocol of quantum private comparison of equality (QPCE) is presented. Here we point out that if we relax the constraint of a semi-honest third party, the private information of the users will be totally leaked out to the third party. A special attack is demonstrated in detail. Furthermore, a possible improvement is proposed, which makes the protocol secure against this kind of attack.展开更多
This paper first presents an impossible differential property for 5-round Advanced Encryption Standard (AES) with high probability. Based on the property and the impossible differential cryptanalytic method for the ...This paper first presents an impossible differential property for 5-round Advanced Encryption Standard (AES) with high probability. Based on the property and the impossible differential cryptanalytic method for the 5-round AES, a new method is proposed for cryptanalyzing the 8-round AES-192 and AES-256. This attack on the reduced 8-round AES-192 demands 2^121 words of memory, and performs 2^148 8-round AES-192 encryptions. This attack on the reduced 8-round AES-256 demands 2^153 words of memory, and performs 2^180 8-round AES-256 encryptions. Furthermore, both AES-192 and AES-256 require about 2^98 chosen plaintexts for this attack, and have the same probability that is only 2^-3 to fail to recover the secret key.展开更多
4-bit linear relations play an important role in cryptanalysis of 4-bit crypto S-boxes. 4-bit finite differences have also been a major part of cryptanalysis of 4-bit S-boxes. Existence of all 4-bit linear relations h...4-bit linear relations play an important role in cryptanalysis of 4-bit crypto S-boxes. 4-bit finite differences have also been a major part of cryptanalysis of 4-bit S-boxes. Existence of all 4-bit linear relations have been counted for all of 16 input and 16 output 4-bit bit patterns of 4-bit Crypto S-boxes said as S-boxes has been reported in Linear Cryptanalysis of 4-bit S-boxes. Count of existing finite differences from each element of output S-boxes to distant output S-boxes have been noted in Differential Cryptanalysis of S-boxes. In this paper a brief review of these two cryptanalytic methods for 4-bit S-boxes has been introduced in a very lucid and conceptual manner. Two new analysis techniques, one to search for the existing linear approximations among the input vectors (IPVs) and output Boolean functions (BFs) of a particular S-box has also been introduced in this paper. The search is limited to find the existing linear relations or approximations in the contrary to count the number of existent linear relations among all 16, 4-bit input and output bit patterns within all possible linear approximations. Another is to find number of balanced BFs in difference output S-boxes. Better the number of Balanced BFs, Better the security.展开更多
A new attack on block ciphers is introduced, which is termed linear-differential cryptanalysis. It bases the combining of linear cryptanalysis and differential cryptanalysis, and works by using linear-differential pro...A new attack on block ciphers is introduced, which is termed linear-differential cryptanalysis. It bases the combining of linear cryptanalysis and differential cryptanalysis, and works by using linear-differential probability (LDP). Moreover, we present a new method for upper bounding the maximum linear-differential probability (MLDP) for 2 rounds of substitution permutation network (SPN) cipher structure. When our result applies to 2-round advanced encryption standard(AES), It is shown that the upper bound of MLDP is up to 1.68×2^-19, which extends the known results for the 2-round SPN. Furthermore, when using a recursive technique, we obtain that the MLDP for 4 rounds of AES is bounded by 2^-73.展开更多
Zhang et al. proposed a sequential multisignature scheme based on RSA. The scheme has advantages of low computation and communication costs, and so on. However, we find a problem in their scheme that the verifier can ...Zhang et al. proposed a sequential multisignature scheme based on RSA. The scheme has advantages of low computation and communication costs, and so on. However, we find a problem in their scheme that the verifier can not distinguish whether the multisignature is signed by all the signers of the group or only by the last signer. Thus, any single signature created by the last signer can be used as a multisignaturr created by the whole group members. This paper proposes an improved scheme that can overcome the defect. In the new scheme, the identity messages of all the signers are added in the multisignature and used in verification phase, so that the verifier can know the signature is generated by which signers. Performance analysis shows that the proposed scheme costs less computation than the original scheme in both signature and verification phases. Furthermore, each partial signature is based on the signer's identity certificate, which makes the scheme more secure.展开更多
In this paper we provide a novel approach for breaking a significant class of block ciphers, the so-called SPN ciphers, using the process of gene assembly in ciliates. Our proposed scheme utilizes, for the first time,...In this paper we provide a novel approach for breaking a significant class of block ciphers, the so-called SPN ciphers, using the process of gene assembly in ciliates. Our proposed scheme utilizes, for the first time, the Turing-powerful potential of gene assembly procedure of ciliated protozoa into the real world computations and has a fewer number of steps than the other proposed schemes to break a cipher. We elaborate notions of formal language theory based on AIR systems, which can be thought of as a modified version of intramolecular scheme to model the ciliate bio-operations, for construction of building blocks necessary for breaking the cipher, and based on these nature-inspired constructions which are as powerful as Turing machines, we propose a theoretical approach for breaking SPN ciphers. Then, we simulate our proposed plan for breaking these ciphers on a sample block cipher based on this structure. Our results show that the proposed scheme has 51.5 percent improvement over the best previously proposed nature-inspired scheme for breaking a cipher.展开更多
This paper studies the security of an image encryption scheme based on the Hill cipher (Ismail et al., 2006) and reports its following problems: (1) There is a simple necessary and sufficient condition that makes a nu...This paper studies the security of an image encryption scheme based on the Hill cipher (Ismail et al., 2006) and reports its following problems: (1) There is a simple necessary and sufficient condition that makes a number of secret keys invalid; (2) It is insensitive to the change of the secret key; (3) It is insensitive to the change of the plain-image; (4) It can be broken with only one known/chosen plaintext; (5) It has some other minor defects. The proposed cryptanalysis discourages any use of the scheme in practice.展开更多
Since Multivatriate Quadratic(MQ)-based Public Key Cryptosystem(MPKC)has been one of the hot research fields of post-quantum cryptography,it becomes important to analyze the security of new MPKC schemes.Wang et al.pro...Since Multivatriate Quadratic(MQ)-based Public Key Cryptosystem(MPKC)has been one of the hot research fields of post-quantum cryptography,it becomes important to analyze the security of new MPKC schemes.Wang et al.proposed a novel multivariate signature scheme with Hash-based Tame Transformation and Minus(HTTM)in 2011.For this extended MQ-based signature,we can transform it into an SFLASH variant by splitting and merging HT transformation,and solve an equivalent private key corresponding to the public key of HTTM.Thus,the adversary can forge legitimate signature for any message by using this equivalent private key.展开更多
This paper observes approaches to algebraic analysis of GOST 28147-89 encryption algorithm (also known as simply GOST), which is the basis of most secure information systems in Russia. The general idea of algebraic an...This paper observes approaches to algebraic analysis of GOST 28147-89 encryption algorithm (also known as simply GOST), which is the basis of most secure information systems in Russia. The general idea of algebraic analysis is based on the representation of initial encryption algorithm as a system of multivariate quadratic equations, which define relations between a secret key and a cipher text. Extended linearization method is evaluated as a method for solving the nonlinear sys- tem of equations.展开更多
The security of Canard-Traore fair e-cash system scheme was believed to depend on the strong-RSA assumption and the Decision Diffie-Hellman assumption in groups of unknown order. But it is not the case. The cryptanaly...The security of Canard-Traore fair e-cash system scheme was believed to depend on the strong-RSA assumption and the Decision Diffie-Hellman assumption in groups of unknown order. But it is not the case. The cryptanalysis on Canard-Traore fair e-cash system was presented. An algorithm was designed to show that Canard-Traore fair e-cash system is insecure: It is forgeability. Further, two drawbacks on Canard-Traore fair e-cash system scheme were pointed out. One is that those integer intervals for si(i=1,…,9) are unappropriate. The other is that the datum s3 in signature data is redundant. Moreover, a minute description of the technique to shun the challenge in the scheme was presented. The technique is helpful for designing new group signature schemes in the future.展开更多
基金Project supported by the National Natural Science Foundation of China (Grant Nos. 61173183, 60973152, and 60573172)the Doctoral Program Foundation of Institution of Higher Education of China (Grant No. 20070141014)+2 种基金the Program for Excellent Talents in Universities of Liaoning Province, China (Grant No. LR2012003)the Natural Science Foundation of Liaoning Province, China (Grant No. 20082165)the Fundamental Research Funds for the Central Universities of China (Grant No. DUT12JB06)
文摘A digital image encryption scheme using chaotic map lattices has been proposed recently. In this paper, two fatal flaws of the cryptosystem are pointed out. According to these two drawbacks, cryptanalysts could recover the plaintext by applying the chosen plaintext attack. Therefore, the proposed cryptosystem is not secure enough to be used in the image transmission system. Experimental results show the feasibility of the attack. As a result, we make some improvements to the encryption scheme, which can completely resist our chosen plaintext attack.
基金supported by the National Natural Science Foundation of China(Grant Nos.61502101 and 61170321)the Natural Science Foundation of Jiangsu Province,China(Grant No.BK20140651)+2 种基金the Research Fund for the Doctoral Program of Higher Education,China(Grant No.20110092110024)Funded by PAPDCICAEET
文摘The security of quantum broadcast communication(QBC) and authentication protocol based on Greenberger–Horne–Zeilinger(GHZ) state and quantum one-time pad is analyzed. It is shown that there are some security issues in this protocol.Firstly, an external eavesdropper can take the intercept–measure–resend attack strategy to eavesdrop on 0.369 bit of every bit of the identity string of each receiver without being detected. Meanwhile, 0.524 bit of every bit of the secret message can be eavesdropped on without being detected. Secondly, an inner receiver can take the intercept–measure–resend attack strategy to eavesdrop on half of the identity string of the other's definitely without being checked. In addition, an alternative attack called the CNOT-operation attack is discussed. As for the multi-party QBC protocol, the attack efficiency increases with the increase of the number of users. Finally, the QBC protocol is improved to a secure one.
基金supported by the National Natural Science Foundation of China (Grant Nos. 61173183, 60573172, and 60973152)the Doctoral Program Foundation of Institution of Higher Education of China (Grant No. 20070141014)the Natural Science Foundation of Liaoning Province, China (Grant No. 20082165)
文摘In this paper, we present the results for the security and the possible attacks on a new symmetric key encryption algorithm based on the ergodicity property of a logistic map. After analysis, we use mathematical induction to prove that the algorithm can be attacked by a chosen plaintext attack successfully and give an example to show how to attack it. According to the cryptanalysis of the originM Mgorithm, we improve the originM Mgorithm, and make a brief cryptanalysis. Compared with the original algorithm, the improved algorithm is able to resist a chosen plaintext attack and retain a considerable number of advantages of the original algorithm such as eneryption speed, sensitive dependence on the key, strong anti-attack capability, and so on.
文摘We ayptanalyze Kim et. al's one-time proxy signature scheme used in mobileagents, and then a successful forgery is introduced It is showed that a dishonest customer cansuccessfully forge a valid one-time proxy signature by impersonating the stiver Furthermore, he canrequest the server with responsibility for the forged bidding information.
文摘In this paper, we analyze two signcryption schemes on elliptic curves proposed by Zheng Yu-liang and Hideki Imai. We point out a serious problem with the schemes that the elliptic curve based signcryption schemes lose confidentiality to gain non-repudiation. We also propose two improvement versions that not only overcome the security leak inherent in the schemes but also provide public verifiability or forward security. Our improvement versions require smaller computing cost than that required by signature-then-encryption methods.
基金supported by the State Key Program of National Natural Science of China(Grant Nos. 61332019)the National Natural Science Foundation of China (61572303)+7 种基金National Key Research and Development Program of China ( 2017YFB0802003 , 2017YFB0802004)National Cryptography Development Fund during the 13th Five-year Plan Period (MMJJ20170216)the Foundation of State Key Laboratory of Information Security (2017-MS-03)the Fundamental Research Funds for the Central Universities(GK201702004,GK201603084)Major State Basic Research Development Program of China (973 Program) (No.2014CB340600)National High-tech R&D Program of China(2015AA016002, 2015AA016004)Natural Science Foundation of He Bei Province (No. F2017201199)Science and technology research project of Hebei higher education (No. QN2017020)
文摘A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryption scheme. We propose an algebraic key-recovery attack in the polynomial computational complexity. Furthermore, we peel off the encryption and decryption process and propose attack methods for solving the conjugator search problem over the given non-abelian group. Finally, we provide corresponding practical attack examples to illustrate the attack methods in our cryptanalysis, and provide some improved suggestions.
基金Supported by the National Natural Science Foundation of China(10871205)
文摘Recently,Hwang et al.proposed a (t,n) threshold-proxy (c,m) thresholdsignature schemes,in which only any t or more original signers of n original signers can authorize a proxy group of m proxy signers and then only c or more proxy signers can cooperatively generate threshold-proxy threshold-signature.In this scheme,they claimed that original signers cannot forge the proxy signature and the proxy signers cannot forge signature on behalf of the original signers.However,in this paper,we will give a attack to show that their scheme can not resist impersonation attacks.
文摘The Tiny Encryption Algorithm (TEA) is a Feistel block cipher well known for its simple implementation, small memory footprint, and fast execution speed. In two previous studies, genetic algorithms (GAs) were employed to investigate the randomness of TEA output, based on which distinguishers for TEA could be designed. In this study, we used quan-tum-inspired genetic algorithms (QGAs) in the cryptanalysis of TEA. Quantum chromosomes in QGAs have the advan-tage of containing more information than the binary counterpart of the same length in GAs, and therefore generate a more diverse solution pool. We showed that QGAs could discover distinguishers for reduced cycle TEA that are more efficient than those found by classical GAs in two earlier studies. Furthermore, we applied QGAs to break four-cycle and five-cycle TEAs, a considerably harder problem, which the prior GA approach failed to solve.
基金supported in part by the National Natural Science Foundation of China(Grant Nos.61303212,61170080,61202386)the State Key Program of National Natural Science of China(Grant Nos.61332019,U1135004)+2 种基金the Major Research Plan of the National Natural Science Foundation of China(Grant No.91018008)Major State Basic Research Development Program of China(973 Program)(No.2014CB340600)the Hubei Natural Science Foundation of China(Grant Nos.2011CDB453,2014CFB440)
文摘Advances in quantum computers threaten to break public key cryptosystems such as RSA, ECC, and EIGamal on the hardness of factoring or taking a discrete logarithm, while no quantum algorithms are found to solve certain mathematical problems on non-commutative algebraic structures until now. In this background, Majid Khan et al.proposed two novel public-key encryption schemes based on large abelian subgroup of general linear group over a residue ring. In this paper we show that the two schemes are not secure. We present that they are vulnerable to a structural attack and that, it only requires polynomial time complexity to retrieve the message from associated public keys respectively. Then we conduct a detailed analysis on attack methods and show corresponding algorithmic description and efficiency analysis respectively. After that, we propose an improvement assisted to enhance Majid Khan's scheme. In addition, we discuss possible lines of future work.
基金Supported by the National Natural Science Foundation of China under Grant Nos 61402058,61572086 and 61370203the Fund for Middle and Young Academic Leaders of Chengdu University of Information Technology under Grant No J201511+2 种基金the Science and Technology Support Project of Sichuan Province under Grant No 2013GZX0137the Fund for Young Persons Project of Sichuan Province under Grant No 12ZB017the Foundation of Cyberspace Security Key Laboratory of Sichuan Higher Education Institutions under Grant No szjj2014-074
文摘In a recent work [Quantum Inf. Process 12 (2013) 1077], a multi-user protocol of quantum private comparison of equality (QPCE) is presented. Here we point out that if we relax the constraint of a semi-honest third party, the private information of the users will be totally leaked out to the third party. A special attack is demonstrated in detail. Furthermore, a possible improvement is proposed, which makes the protocol secure against this kind of attack.
基金Supported by the Foundation of National Labora-tory for Modern Communications (51436030105DZ0105)
文摘This paper first presents an impossible differential property for 5-round Advanced Encryption Standard (AES) with high probability. Based on the property and the impossible differential cryptanalytic method for the 5-round AES, a new method is proposed for cryptanalyzing the 8-round AES-192 and AES-256. This attack on the reduced 8-round AES-192 demands 2^121 words of memory, and performs 2^148 8-round AES-192 encryptions. This attack on the reduced 8-round AES-256 demands 2^153 words of memory, and performs 2^180 8-round AES-256 encryptions. Furthermore, both AES-192 and AES-256 require about 2^98 chosen plaintexts for this attack, and have the same probability that is only 2^-3 to fail to recover the secret key.
文摘4-bit linear relations play an important role in cryptanalysis of 4-bit crypto S-boxes. 4-bit finite differences have also been a major part of cryptanalysis of 4-bit S-boxes. Existence of all 4-bit linear relations have been counted for all of 16 input and 16 output 4-bit bit patterns of 4-bit Crypto S-boxes said as S-boxes has been reported in Linear Cryptanalysis of 4-bit S-boxes. Count of existing finite differences from each element of output S-boxes to distant output S-boxes have been noted in Differential Cryptanalysis of S-boxes. In this paper a brief review of these two cryptanalytic methods for 4-bit S-boxes has been introduced in a very lucid and conceptual manner. Two new analysis techniques, one to search for the existing linear approximations among the input vectors (IPVs) and output Boolean functions (BFs) of a particular S-box has also been introduced in this paper. The search is limited to find the existing linear relations or approximations in the contrary to count the number of existent linear relations among all 16, 4-bit input and output bit patterns within all possible linear approximations. Another is to find number of balanced BFs in difference output S-boxes. Better the number of Balanced BFs, Better the security.
基金Supported by the National Natural Science Foun-dation of China(60503010) and the Foundation of National Laboratory for Modern communications(51436030105DZ0105)
文摘A new attack on block ciphers is introduced, which is termed linear-differential cryptanalysis. It bases the combining of linear cryptanalysis and differential cryptanalysis, and works by using linear-differential probability (LDP). Moreover, we present a new method for upper bounding the maximum linear-differential probability (MLDP) for 2 rounds of substitution permutation network (SPN) cipher structure. When our result applies to 2-round advanced encryption standard(AES), It is shown that the upper bound of MLDP is up to 1.68×2^-19, which extends the known results for the 2-round SPN. Furthermore, when using a recursive technique, we obtain that the MLDP for 4 rounds of AES is bounded by 2^-73.
基金The National Natural Science Foundation of China (No.60403027)
文摘Zhang et al. proposed a sequential multisignature scheme based on RSA. The scheme has advantages of low computation and communication costs, and so on. However, we find a problem in their scheme that the verifier can not distinguish whether the multisignature is signed by all the signers of the group or only by the last signer. Thus, any single signature created by the last signer can be used as a multisignaturr created by the whole group members. This paper proposes an improved scheme that can overcome the defect. In the new scheme, the identity messages of all the signers are added in the multisignature and used in verification phase, so that the verifier can know the signature is generated by which signers. Performance analysis shows that the proposed scheme costs less computation than the original scheme in both signature and verification phases. Furthermore, each partial signature is based on the signer's identity certificate, which makes the scheme more secure.
文摘In this paper we provide a novel approach for breaking a significant class of block ciphers, the so-called SPN ciphers, using the process of gene assembly in ciliates. Our proposed scheme utilizes, for the first time, the Turing-powerful potential of gene assembly procedure of ciliated protozoa into the real world computations and has a fewer number of steps than the other proposed schemes to break a cipher. We elaborate notions of formal language theory based on AIR systems, which can be thought of as a modified version of intramolecular scheme to model the ciliate bio-operations, for construction of building blocks necessary for breaking the cipher, and based on these nature-inspired constructions which are as powerful as Turing machines, we propose a theoretical approach for breaking SPN ciphers. Then, we simulate our proposed plan for breaking these ciphers on a sample block cipher based on this structure. Our results show that the proposed scheme has 51.5 percent improvement over the best previously proposed nature-inspired scheme for breaking a cipher.
基金the National Basic Research Program of China(No. 2006CB303104)the City University of Hong Kong under theSRG Project, China (No. 7002134)
文摘This paper studies the security of an image encryption scheme based on the Hill cipher (Ismail et al., 2006) and reports its following problems: (1) There is a simple necessary and sufficient condition that makes a number of secret keys invalid; (2) It is insensitive to the change of the secret key; (3) It is insensitive to the change of the plain-image; (4) It can be broken with only one known/chosen plaintext; (5) It has some other minor defects. The proposed cryptanalysis discourages any use of the scheme in practice.
基金Supported by the National Natural Science Foundation of China(No.61142007)Natural Science Foundation of Universities of Jiangsu Province(13KJB520005)the Research Fund for the Graduate Innovation Program of Jiangsu Province(CXZZ13_0493)
文摘Since Multivatriate Quadratic(MQ)-based Public Key Cryptosystem(MPKC)has been one of the hot research fields of post-quantum cryptography,it becomes important to analyze the security of new MPKC schemes.Wang et al.proposed a novel multivariate signature scheme with Hash-based Tame Transformation and Minus(HTTM)in 2011.For this extended MQ-based signature,we can transform it into an SFLASH variant by splitting and merging HT transformation,and solve an equivalent private key corresponding to the public key of HTTM.Thus,the adversary can forge legitimate signature for any message by using this equivalent private key.
文摘This paper observes approaches to algebraic analysis of GOST 28147-89 encryption algorithm (also known as simply GOST), which is the basis of most secure information systems in Russia. The general idea of algebraic analysis is based on the representation of initial encryption algorithm as a system of multivariate quadratic equations, which define relations between a secret key and a cipher text. Extended linearization method is evaluated as a method for solving the nonlinear sys- tem of equations.
文摘The security of Canard-Traore fair e-cash system scheme was believed to depend on the strong-RSA assumption and the Decision Diffie-Hellman assumption in groups of unknown order. But it is not the case. The cryptanalysis on Canard-Traore fair e-cash system was presented. An algorithm was designed to show that Canard-Traore fair e-cash system is insecure: It is forgeability. Further, two drawbacks on Canard-Traore fair e-cash system scheme were pointed out. One is that those integer intervals for si(i=1,…,9) are unappropriate. The other is that the datum s3 in signature data is redundant. Moreover, a minute description of the technique to shun the challenge in the scheme was presented. The technique is helpful for designing new group signature schemes in the future.
