Showing total 65 results

1. Still wrong use of pairings in cryptography.

Author

Uzunkol, Osmanbey and Kiraz, Mehmet Sabır

Subjects

*CRYPTOGRAPHY, *CLOUD computing, *TECHNOLOGICAL innovations, *DISCRETE systems, *WEARABLE technology

Abstract

Recently many pairing-based cryptographic protocols have been designed with a wide variety of new novel applications including the ones in the emerging technologies like cloud computing, internet of things (IoT), e-health systems, and wearable technologies. There have been, however, a wide range of incorrect use of these primitives mainly because of their use in a “black-box” manner. Some new attacks on the discrete logarithm problem lead to either totally insecure or highly inefficient pairing-based protocols, and extend considerably the issues related to pairings originally pointed out by Galbraith et al. (2008). Other reasons are the implementation attacks, the minimal embedding field attacks, and the issues due to the existence of auxiliary inputs. Although almost all these issues are well-known to mathematical cryptographers, there is no state-of-the-art assessment covering all these new issues which could be used by the applied cryptography researchers and the IT-security developers. In order to illustrate this point, we give a list of recent papers having either wrong security assumptions or realizability/efficiency issues. Furthermore, we give a compact and an state-of-the-art recipe of the correct use of pairings for the correct design with a view towards efficient and secure implementation of security solutions using these primitives. [ABSTRACT FROM AUTHOR]

Published

2018

2. One private-key for all DL-based cryptosystems

Author

Pon, Shun-Fu, Lu, Erl-Huei, and Jeng, Albert B.

Subjects

*CRYPTOGRAPHY, *THREATS, *SECURITY systems, *MATHEMATICS

Abstract

Abstract: This paper proposes a method to use one single private-key for all different DL-based public-key cryptographic systems and also explores a way to introduce certain key-checking mechanism for preventing from various potential security threats including the so called “same private-key” attack method presented in this paper. [Copyright &y& Elsevier]

Published

2005

3. Cryptanalysis of large RSA exponent by using the LLL algorithm

Author

Chen, Chien-Yuan, Ku, Cheng-Yuan, and Yen, David C.

Subjects

*CRYPTOGRAPHY, *INFORMATION theory, *COMPUTER security, *ALGORITHMS

Abstract

Abstract: The study of paper “Cryptanalysis of RSA with Private Key d less than N 0.292’ [IEEE Trans. Information Theory, 46 (2000) 1339], which Boneh and Durfee published in IEEE Transactions on Information Theory in July 2000, supported that when d < N 0.292, the RSA system can be cracked by using the LLL algorithm. In this paper, we find ways to utilize the LLL algorithm to break the RSA system even when the value of d is large. According to the proposed cryptanalysis, if d satisfies ∣λ − d∣< N 0.25, the RSA system will be possible to be resolved computationally. [Copyright &y& Elsevier]

Published

2005

4. Cryptanalysis of and improvement on the Hwang–Chen multi-proxy multi-signature schemes

Author

Lyuu, Yuh-Dauh and Wu, Ming-Luen

Subjects

*POLYNOMIALS, *CRYPTOGRAPHY, *SIGNS & symbols, *DATA encryption

Abstract

Abstract: Hwang and Chen recently proposed new multi-proxy multi-signature schemes that allow a group of authorized proxy signers to sign messages on behalf of a group of original signers. This paper shows that their schemes are insecure because a malicious proxy signer can forge a signature for a message secretly while participating in the message signing process with the other proxy signers. This paper then proposes a method to remove this weakness with only small computational overheads and without impairing the security of the original schemes. [Copyright &y& Elsevier]

Published

2005

5. Algorithm of asynchronous binary signed-digit recoding on fast multiexponentiation

Author

Yang, Wu-Chuan, Guan, D.J., and Laih, Chi-Sung

Subjects

*CRYPTOGRAPHY, *DATA encryption, *ALGORITHMS, *COMPUTER security, *COMPUTER network security

Abstract

Abstract: Multiexponentiation, for the 2-dimension one especially, is a very important but time-consuming operation in many ElGamal-like public key cryptosystems. An efficient multiexponentiation method is firstly proposed by Shamir in ElGamal’s paper. Shamir’s method requires 1.75n modular multiplications in average, where n is the bit-length of the exponents. Using minimal weight binary signed-digit (BSD) representations in Shamir’s method can reduce the number of multiplications to 1.556n. Due to there are many minimal weight BSD representations for an integer, Dimitrov et al. proposed a new 2-dimension multiexponentiation algorithm to recode the canonical binary signed-digit representations. The average number of the number 1.556n is reduced to 1.534n. After the publish of the Dimitrov–Jullien–Miller algorithm, there are many research on receding BSD representation of a pair of integers. The most interesting one is the joint sparse form. The number of multiplication can be reduced to 1.500n in joint sparse form when the exponent length is near infinite. In this paper, we propose a new asynchronous recoding algorithm to reduce the factor to 1.509n. For comparison to all the previous algorithm, the property of asynchronous receding is especially suitable for multi-dimension multiexponentiation. [Copyright &y& Elsevier]

Published

2005

6. A novel proxy deposit protocol for e-cash systems

Author

Chen, Yu-Yi, Jan, Jinn-Ke, and Chen, Chin-Ling

Subjects

*MATHEMATICS, *BUSINESSPEOPLE, *BANKING industry, *ELECTRONIC commerce

Abstract

In this paper, we propose a refined proxy deposit protocol based on the scheme proposed by Yu and Lei, A proxy deposit protocol for e-cash systems, in: ICCSA2001, 2001, p. 289 and implement two mathematic models (for ElGamal and RSA scheme) base on the scheme of Chen et al., refined proxy deposit protocol for e-cash systems, in: ICCSA2002, 2002, p. 141. And in consideration of the relationship in most typical e-cash scheme (various studies), a merchant must maintain an account at the issuer for depositing the received e-cash from customers. Since there will be a lot of issuers in the real world, each merchant must maintain an account at each issuer for depositing all kinds of e-cash. In order to reduce the onus of the merchants, the concept of deposit-delegation protocol will be introduced in this paper such that a merchant only has to maintain an account at its trading bank (as an acquirer) and delegates all deposit business to it. [Copyright &y& Elsevier]

Published

2005

7. A novel key management scheme for dynamic access control in a user hierarchy

Author

Chen, Tzer-Shyong and Huang, Jen-Yan

Subjects

*COMPUTER security, *CRYPTOGRAPHY, *PUBLIC key cryptography, *ACCESS control

Abstract

Considering the solution of dynamic access problems in a user hierarchy, a novel scheme based on one-way hash function is proposed to manage the cryptographic keys in the paper. The scheme attempts to achieve both efficiency and non-iteration in deriving the successor''s secret key. Besides, the other issues in relation with dynamic access control problems, such as adding/deleting classes, adding/deleting relationships and changing secret keys, can be held good to the scheme. In view of security, a competent Central Authority must provide the user a convenient way to change his/her key at any time; therefore, the design toward the algorithm in the paper contains such a function. What weight to mention especially among these characteristics of the scheme is the simplification of procedure in changing the private key, and no other current keys need altering simultaneously. [Copyright &y& Elsevier]

Published

2005

8. A randomness test for block ciphers

Author

Katos, Vasilios

Subjects

*CRYPTOGRAPHY, *CIPHERS, *DATA encryption, *COMPUTER security

Abstract

This paper describes a randomness test which can be used to measure the cryptographic strength of a block cipher or its underlying cryptographic primitive(s). Cryptographic strength in the context of this paper is related to the ability of the round function to produce a random output which in turn is defined as the distance between a theoretical calculation and an experimental measure. The measurements are based on the diffusion characteristic of the cipher. Potentially, the test for randomness proposed in this paper could be used as a distinguisher based on diffusion. [Copyright &y& Elsevier]

Published

2005

9. Use of SIMD-based data parallelism to speed up sieving in integer-factoring algorithms.

Author

Sengupta, Binanda and Das, Abhijit

Subjects

*SIMD (Computer architecture), *DATA analysis, *INTEGERS, *ALGORITHMS, *CRYPTOGRAPHY, *FACTORIZATION

Abstract

Many cryptographic protocols derive their security from the apparent computational intractability of the integer factorization problem. Currently, the best known integer-factoring algorithms run in subexponential time. Efficient parallel implementations of these algorithms constitute an important area of practical research. Most reported implementations use multi-core and/or distributed parallelization. In this paper, we use SIMD-based parallelization to speed up the sieving stage of integer-factoring algorithms. We experiment on the two fastest variants of factoring algorithms: the number-field sieve method and the multiple-polynomial quadratic sieve method. Using Intel’s SSE2 and AVX intrinsics, we have been able to speed up index calculations in each core during sieving. This performance enhancement is attributed to a reduction in the packing and unpacking overheads associated with SIMD registers. We handle both line sieving and lattice sieving. We also propose improvements to make our implementations cache-friendly. We obtain speedup figures in the range 5–40%. To the best of our knowledge, no public discussions on SIMD parallelization in the context of integer-factoring algorithms are available in the literature. [ABSTRACT FROM AUTHOR]

Published

2017

10. Parallel algorithms for modular multi-exponentiation.

Author

Borges, Fábio, Lara, Pedro, and Portugal, Renato

Subjects

*PARALLEL algorithms, *EXPONENTIATION, *MODULAR forms, *MATHEMATICAL optimization, *CRYPTOGRAPHY

Abstract

Modular exponentiation is a time-consuming operation widely used in cryptography. Modular multi-exponentiation, a generalization of modular exponentiation also used in cryptography, deserves further analysis from the algorithmic point of view. The parallelization of modular multi-exponentiation can be obtained by generalizing methods used to parallelize modular exponentiation. In this paper, we present a new parallelization method for the modular multi-exponentiation operation with two optimizations. The first one searches for the fastest solution without taking into account the number of processors. The second one balances the load among the processors and finds the smallest number of processors that achieves the fastest solution. In detail, our algorithms compute the product of i modular exponentiations. They split up each exponent in j blocks and start j threads. Each thread processes together i blocks from different exponents. Thus, each block of an exponent is processed in a different thread, but the blocks of different exponents are processed together in the same thread. Using addition chains, we show the minimum number of threads with load balance and optimal running time. Therefore, the algorithms are optimized to run with the minimum time and the minimum number of processors. [ABSTRACT FROM AUTHOR]

Published

2017

11. Aitken and Neville inverse interpolation methods for the Lucas logarithm problem

Author

Laskari, E.C., Meletiou, G.C., and Vrahatis, M.N.

Subjects

*LOGARITHMIC functions, *LUCAS numbers, *INTERPOLATION, *CRYPTOGRAPHY, *PROBLEM solving, *POLYNOMIALS

Abstract

Abstract: The Lucas function is a recently proposed one-way function used in public key cryptography. The security of cryptosystems based on the Lucas function relies on the difficulty of solving the Lucas logarithm problem. In this paper, the Lucas logarithm problem is studied using interpolation techniques. In particular, the inverse Aitken and the inverse Neville interpolation methods are applied to values of the Lucas sequence to obtain a polynomial that interpolates the Lucas logarithm. The results indicate that in all the considered instances of the problem a polynomial of low degree that interpolates the desired values exists. [Copyright &y& Elsevier]

Published

2009

12. Group law on affine conics and applications to cryptography.

Author

Bellini, Emanuele, Murru, Nadir, Di Scala, Antonio J., and Elia, Michele

Subjects

*ELLIPTIC curves, *FINITE fields, *CYCLIC groups, *ALGORITHMS, *EXPONENTIATION, *CRYPTOGRAPHY

Abstract

• We give an overview of the group's structure of conics seen as the irreducible component of a projective reducible cubic. • We explicit group's operations and parametrizations for conics. • We focus on conics over finite fields for providing a public-key cryptosystem. • We perform exponentiation over the Pell's hyperbola by means of the Réc dei rational functions. • We improve the More's algorithm for a fast evaluation of the Réc dei rational functions. In this paper, we highlight that the point group structure of elliptic curves, over finite or infinite fields, may be also observed on reducible cubics with an irreducible quadratic component. Starting from this, we introduce in a very general way a group's structure over any kind of conic. In the case of conics over finite fields, we see that the point group is cyclic and lies on the quadratic component. Thanks to this, some applications to cryptography are described, considering convenient parametrizations of the conics. We perform an evaluation of the complexity of the operations involved in the parametric groups and consequently in the cryptographic applications. In the case of the hyperbolas, the Rédei rational functions can be used for performing the operations of encryption and decryption, and the More's algorithm can be exploited for improving the time costs of computation. Finally, we provide also an improvement of the More's algorithm. [ABSTRACT FROM AUTHOR]

Published

2021

13. Elliptic curve scalar multiplication algorithm using complementary recoding

Author

Balasubramaniam, P. and Karthikeyan, E.

Subjects

*ALGEBRAIC curves, *MULTIPLICATION, *DATA encryption, *COMPUTER security

Abstract

Abstract: Elliptic curve based cryptosystem is an efficient public key cryptosystem, which is more suitable for limited environments. The very expensive operation in elliptic curve based cryptographic protocol is the scalar multiplication. In this paper, scalar multiplication using complementary recoding method is proposed. The intermediate operations carried out in conversion are less than the other existing scalar multiplication algorithm. The efficiency of our proposed method is tested and found that our method is an efficient than the other methods. [Copyright &y& Elsevier]

Published

2007

14. Further refinement of pairing computation based on Miller’s algorithm

Author

Liu, Chao-Liang, Horng, Gwoboa, and Chen, Te-Yu

Subjects

*ALGORITHMS, *CRYPTOGRAPHY, *CURVES, *CALCULUS

Abstract

Abstract: In 2006, Blake, Murty and Xu proposed three refinements to Miller’s algorithm for computing Weil/Tate pairings. In this paper we extend their work and propose a generalized algorithm, which integrates their first two algorithms. Our approach is to pre-organize the binary representation of the involved integer to the best cases of Blake’s algorithms. Further, our refinement is more suitable for Solinas numbers than theirs. We analyze our algorithm and show that our refinement has better performance than the original algorithms. [Copyright &y& Elsevier]

Published

2007

15. Inefficiency of common-multiplicand multiplication and exponentiation algorithms by performing binary complements

Author

Yen, Sung-Ming, Lien, Wei-Chih, and Moon, SangJae

Subjects

*CRYPTOGRAPHY, *WEIGHT loss, *ALGEBRA, *ALGORITHMS

Abstract

Abstract: In order to speed up long integer modular multiplication and modular exponentiation computations that play the most important role of implementing public-key cryptographic systems, recently a result has been reported by developing a binary complement based approach on operands with larger Hamming weight in their binary representations. It is claimed that this new proposal achieves extremely good performance improvement due to the possible extensive Hamming weight reduction. Furthermore, in the conclusion of this recent result, it is claimed that the larger the bit length of the operands is, the better the performance will be in their algorithms. However, in this paper it will be shown precisely that the considered binary complement based approach on operands can only lead to an extremely negligible Hamming weight reduction. Detailed and exact analysis result is contrary to their claim, i.e., performance improvement of the binary complement based algorithms decreases considerably for larger bit length of the operands. [Copyright &y& Elsevier]

Published

2007

16. Performance improvement for the GGM-construction of pseudorandom functions

Author

Chen, Yu-Sheng, Horng, Gwoboa, and Liu, Chao-Liang

Subjects

*PERFORMANCE, *MATHEMATICS, *MATHEMATICAL analysis, *MATHEMATICAL functions

Abstract

Abstract: A pseudorandom function is a function that cannot be efficiently distinguished from a truly random function. The first construction of pseudorandom functions was introduced by Goldreich, Goldwasser, and Micali (GGM-construction). In this paper, we propose a variant of the GGM-construction and compare its performance with the original construction. We show that a 4-ary-tree variant construction can achieve the best performance under the assumption that the underlying pseudorandom generators generate pseudorandom bits sequentially. [Copyright &y& Elsevier]

Published

2006

17. An iterative modular multiplication algorithm in RNS

Author

Yang, Jen-Ho, Chang, Chin-Chen, and Wang, Chih-Hung

Subjects

*MATHEMATICS, *MULTIPLICATION, *ALGORITHMS, *DATA encryption

Abstract

Abstract: Most current cryptosystems need to compute modular multiplication with large numbers. Modular multiplication is a time-consuming operation, and thus many different techniques have been proposed for the acceleration. A novel approach, residue number system (RNS), which has the advantages of parallel, carry-free, and high-speed arithmetic, is usually used for large number computations. However, division and the magnitude comparison, which most modular multiplication algorithms involve, are difficult to be processed in RNS. In this paper, we present an iterative modular multiplication algorithm in RNS. A subtle iterative model, eliminating division and the magnitude comparison in modular multiplications, proposed by Chiou and Yang, and improved further by Leong et al., can be used to achieve our purpose. Our new algorithm has the property of easy parallelization and is more efficient than other iterative modular multiplication algorithms proposed previously. [Copyright &y& Elsevier]

Published

2005

18. The design of integrating subliminal channel with access control

Author

Lee, Narn-Yih and Yang, Shu-Ya

Subjects

*DATA encryption, *COMPUTER security, *COMPUTER network security, *DIGITAL signatures

Abstract

Abstract: Simmons first introduced the concept of subliminal channel in 1984. After that, many researches of digital signature with subliminal channels have been proposed. But these schemes just allow a subliminal receiver to get one subliminal message unless he/she maintains more secret keys. In this paper, we will integrate the concepts of subliminal channel and access control to construct two digital signature schemes with subliminal channels. In the proposed schemes, the subliminal receivers can get different number of subliminal messages in accordance with users’ positions. Moreover, each subliminal receiver only needs to keep one secret key. [Copyright &y& Elsevier]

Published

2005

19. Comment on traceability on RSA-based partially signature with low computation

Author

Wu, Lin-Chuan and Yeh, Yi-Shiung

Subjects

*MATHEMATICAL optimization, *COMBINATORIAL optimization, *EXPERIMENTAL design, *PRESSURE vessels

Abstract

Abstract: Recently, Chien et al. proposed RSA-based partially blind signature with low computation for mobile and smart-card applications. Hwang et al. claimed that Chien et al.’s scheme cannot meet the untraceability property of the blind signature later. In this paper, we show that Hwang et al.’s claim is incorrect and Chien et al.’s scheme is still satisfy the untraceability property. [Copyright &y& Elsevier]

Published

2005

20. Security of meta-He digital signature scheme based on factoring and discrete logarithms

Author

Shao, Zuhua

Subjects

*MATHEMATICS problems & exercises, *DIGITAL signatures, *DATA encryption, *AUTHENTICATION (Law)

Abstract

Abstract: To enhance the security of signature schemes, Pon et al., recently, investigated all eight variants of the He’s digital signature scheme. The security of the proposed schemes is based on the difficulties of simultaneously solving the factoring and discrete logarithm problems with almost the same sizes of arithmetic modulus. This paper shows that the all eight variants of the He’s digital signature scheme, as well as two more variants, are not secure if attackers can solve discrete logarithm problems. Moreover, the attackers can easily forge signatures of the most optimal signature schemes of the generalized He’ signature schemes even though they can solve neither discrete logarithm problems nor factoring. [Copyright &y& Elsevier]

Published

2005

21. Comment: A new blind signature based on the discrete logarithm problem for untraceability

Author

Wu, Ting and Wang, Jin-Rong

Subjects

*ALGEBRA, *MATHEMATICS, *CRYPTOGRAPHY, *SIGNS & symbols

Abstract

Abstract: In 2004, Lee et al. [C.C. Lee, M.S. Hwang, W.P. Yang, A new blind signature based on the discrete logarithm problem for untraceability, Appl. Math. Comput., in press] proposed a new untraceable blind signature based on DLP in order to overcome the “security limits” of Carmenisch et al.’s scheme. However, we show there are two mistakes in [C.C. Lee, M.S. Hwang, W.P. Yang, A new blind signature based on the discrete logarithm problem for untraceability, Appl. Math. Comput., in press]: 1. The Carmenisch et al.’s scheme does meet the requirement of untraceability and the cryptanalysis proposed by Lee et al. is not correct; 2. Though Lee et al.’s scheme is untraceable, the proof of its untraceability in [C.C. Lee, M.S. Hwang, W.P. Yang, A new blind signature based on the discrete logarithm problem for untraceability, Appl. Math. Comput., in press] is wrong (in this paper we also give the correct proof of its untraceability). So Lee et al.’s scheme does not have any advantage and it is unpractical since the cost of the scheme is higher compared with Carmenisch et al.’s scheme. [Copyright &y& Elsevier]

Published

2005

22. Cryptanalysis of Rijndael S-box and improvement

Author

Jing-mei, Liu, Bao-dian, Wei, Xiang-guo, Cheng, and Xin-mei, Wang

Subjects

*CRYPTOGRAPHY, *UNIVERSAL algebra, *ABSTRACT algebra, *SIGNS & symbols

Abstract

Abstract: By the discovered correlation between linear functions over GF(q n ) and matrices over GF(q), a new scheme is presented to resolve the algebraic expression of Rijndael S-box in this paper. This new scheme has the advantage of predetermining in the case of a given random basis over GF(q n ). The reason why only nine terms are involved in the algebraic expression of Rijndael S-box is presented, which corrects the available inaccurate illustration. An improved AES S-box is presented to improve the complexity of AES S-box algebraic expression with terms increasing from 9 to 255 and algebraic degree invariable. The improved AES S-box also has good properties of Boolean functions in SAC and balance, and is capable of attacking against differential cryptanalysis with high reliable security. We finally summarize all the available methods to determine the algebraic expression of Rijndael S-box. [Copyright &y& Elsevier]

Published

2005

23. Security of Pon–Lu–Jeng’s Meta-He digital signature schemes

Author

Qian, Haifeng, Cao, Zhenfu, and Bao, Haiyong

Subjects

*DATA encryption, *COMPUTER security, *DIGITAL signatures, *ALGEBRA

Abstract

Abstract: In 2001 He proposed a signature scheme that has the previously described advantages, notably: (1) It is based on two hard problems; (2) it uses the same modulus; and (3) it only requires one pair of public and private keys. Soon, Pon et al. generalized He’s scheme in order to get efficient digital signature schemes with high security (their schemes are claimed to be based on two cryptographic assumptions simultaneously). In this paper, we shall point out that He and Pon et al.’s signature schemes are not based on two cryptographic assumptions simultaneously. So all their signature schemes in fact have not any efficiency advantage if only based on one cryptographic assumptions. Meanwhile, the task of designing efficient digital signature schemes based on two cryptographic assumptions simultaneously is still an open problem. [Copyright &y& Elsevier]

Published

2005

24. Cryptanalysis of Zhang-Xiao’s multisignature scheme for specified group of verifiers

Author

Yoon, Eun-Jun and Yoo, Kee-Young

Subjects

*CRYPTOGRAPHY, *LINEAR programming, *MATHEMATICAL programming, *MATHEMATICS

Abstract

Abstract: Recently, Zhang-Xiao proposed a new multisignature scheme for specified group of verifiers. However, Zhang-Xiao’s scheme is still susceptible to forgery attack. Accordingly, the current paper demonstrates the vulnerability of Zhang-Xiao’s scheme to fogery attack that an attacker can forge the multisignature for any message. [Copyright &y& Elsevier]

Published

2005

25. Cryptanalysis of some signature schemes with message recovery

Author

Zhang, Zhenfeng and Feng, Dengguo

Subjects

*CRYPTOGRAPHY, *DATA encryption, *COMPUTER network security, *MATHEMATICS

Abstract

Abstract: The notion of a self-certified public key was introduced by Girault in 1991. Recently, Tseng, Jan and Chien proposed a digital signature scheme with message recovery and some variants extended from the self-certified public key system proposed by Girault. A trusted system authority is assumed in their schemes. Chang et al. propose digital signature schemes that provide the same properties as Tseng et al.’s method without the assumption that the system authority is trustworthy. In this paper, we show that Tseng et al.’s signature schemes are existential forgable after getting a valid message–signature pair, and Chang et al.’s improved signature schemes are still not secure against an un-trusted system authority. [Copyright &y& Elsevier]

Published

2005

26. A secure and efficient authentication protocol for anonymous channel in wireless communications

Author

Yang, Chou-Chen, Tang, Yuan-Liang, Wang, Ren-Chiun, and Yang, Hung-Wen

Subjects

*MOBILE communication systems, *WIRELESS communications, *AUTHENTICATION (Law), *CRYPTOGRAPHY

Abstract

Abstract: For enhancing the efficiency and the security in anonymous channel of wireless systems, many protocols were proposed. However, most of them employed asymmetric cryptosystems to protect the identity of the mobile user. As we know, the drawbacks of asymmetric cryptosystem are complex and high computation cost. Therefore, if the wireless system is based on asymmetric cryptosystem, that is not convenience for the mobile device and infrastructure. Not only that, an important problem also exists in the previous protocols. That is when the mobile user copies his anonymous ticket and shares it with friends, the visiting network cannot discriminate the copy of the ticket. That seriously effects the right of the visiting network. In this paper, we shall propose a secure and efficient authentication protocol to withstand the above weakness without employing any asymmetric cryptosystems. [Copyright &y& Elsevier]

Published

2005

27. Identity based group-oriented undeniable signature scheme

Author

Guo, Xing-Yang and Tang, Chao-Jing

Subjects

*DATA encryption, *CRYPTOGRAPHY

Abstract

Abstract: Group-oriented undeniable signature enables any subset of at least t members to represent a group to generate, confirm and disavow a signature. Several schemes were proposed and many of them are not secure. In this paper, we present an identity based (ID-based) group-oriented undeniable signature scheme which is secure in the random oracle model. To the best of authors’ knowledge, our scheme is the first ID-based group-oriented undeniable signature scheme. A great merit of our scheme is that the signature confirmation and disavowal is completely non-interactive: the protocol of the verifier and confirmers is non-interactive and nothing is needed to exchange in between confirmers. [Copyright &y& Elsevier]

Published

2005

28. Designated verifier proxy signature scheme with message recovery

Author

Lu, Rongxing and Cao, Zhenfu

Subjects

*ALGEBRAIC curves, *PERTURBATION theory, *MATRICES (Mathematics), *LINEAR systems

Abstract

Abstract: Proxy signature is an active cryptographic research area. In recent years, many proxy signature schemes to suggest improvement and generalization of existing protocols have been proposed. In this paper, we will propose a new designated verifier proxy signature scheme with message recovery. Since the signed message is included in the proxy signature, and only the designated verifier can recover the signed message and verify the signature, compared with other proxy signatures, the proposed scheme not only reduces the communication cost but also satisfies the confidentiality property. [Copyright &y& Elsevier]

Published

2005

29. Two provably secure k-out-of-n oblivious transfer schemes

Author

Zhang, Jianhong and Wang, Yumin

Subjects

*CRYPTOGRAPHY, *SYMBOLISM, *COST effectiveness, *REGRESSION analysis

Abstract

Abstract: Oblivious transfer (OT) is a fundamental cryptographic tool. In a k-out-of-n oblivious transfer (OT) model, one party Alice (the sender) sends n bits to another party Bob (the receiver), Bob can get only k bits from n bits. However, Alice cannot know which k bits Bob received. In this paper, we propose two efficient k-out-of-n oblivious transfer schemes, which are proved security without using random oracle. At the same time, security of the two schemes is based on DDH assumption. As efficiency of computation and communication, the cost of communication and computation of the receiver is independent of number n of messages; a prominent advantage is that the sender only computes one exponentiation in the second oblivious transfer scheme. To the best of my knowledge, it is least computation in the oblivious transfer available. [Copyright &y& Elsevier]

Published

2005

30. One-to-one mapping matrix

Author

Wu, Tzong-Mou

Subjects

*MATRICES (Mathematics), *DATA encryption, *MATHEMATICAL analysis, *LINEAR algebra

Abstract

Abstract: The one-to-one mapping matrix is presented. This paper defines a new matrix “one-to-one mapping matrix”. The new matrix can execute a “path change”. When we input a column vector and define the matrix elements by 1 (change) or 0 (not change), the output column vector will be determined easily by some simple rules. Moreover, the inversion of this matrix is so easy. What we have to do is to rewrite the row vector in this matrix by inversion. In other words, we just have to substitute row 1 by row n, row 2 by row n −1,…, row n by row 1, and so on. Therefore, the one-to-one mapping matrix can be used to encode and decode our secret data. [Copyright &y& Elsevier]

Published

2005

31. Off-line password-guessing attacks on the generalized key agreement and password authentication protocol

Author

Shim, Kyungah

Subjects

*AUTHENTICATION (Law), *COMPUTER passwords, *DATA protection, *CRYPTOGRAPHY

Abstract

Abstract: In this paper, we show that the generalized key agreement and password authentication protocol, proposed by Kwon and Song [T. Kwon, J. Song, A study on the generalized key agreement and password authentication protocol, IEICE Trans. Comm. E83-E (9) (2000) 2044–2050], is vulnerable to off-line password guessing attacks. [Copyright &y& Elsevier]

Published

2005

32. A note on digital signature scheme using a self-pairing map

Author

Park, Je Hong and Chee, Seongtaek

Subjects

*DATA encryption, *COMPUTER security, *DIGITAL signatures, *DATA protection

Abstract

Abstract: Recently, Lee proposed a notion of self-pairing map and presented two cryptographic applications: one is a key agreement scheme and the other is a digital signature scheme. In this paper, we show that the self-pairing map of Lee is not applicable to the suggested applications and that the signature scheme is even totally broken. [Copyright &y& Elsevier]

Published

2005

33. ID-based multi-proxy signature, proxy multi-signature and multi-proxy multi-signature schemes from bilinear pairings

Author

Li, Xiangxue and Chen, Kefei

Subjects

*DATA encryption, *COMPUTER security, *CRYPTOGRAPHY, *DATA protection

Abstract

Abstract: In electronic world, proxy signature is a solution of delegation of signing capabilities. Proxy signatures can combine other special signatures to obtain some new types of proxy signatures. Due to the various applications of the bilinear pairings in cryptography, many identity based signature schemes have been proposed. In this paper, we propose an identity based multi-proxy signature scheme and an identity based proxy multi-signature scheme from bilinear pairings. Both of them can be regarded as a special case of corresponding variants of identity based threshold signature scheme. Based on these two schemes, we propose an identity based multi-proxy multi-signature scheme. [Copyright &y& Elsevier]

Published

2005

34. Weakness and solution of Yang et al.’s protected password changing scheme

Author

Yoon, Eun-Jun and Yoo, Kee-Young

Subjects

*DATA encryption, *ALGEBRA, *AUTHENTICATION (Law), *PRIVACY

Abstract

Abstract: Recently, Yang et al. proposed an improvement to Tseng et al.’s protected password changing scheme that can withstand denial of service attack. However, the improved scheme is still susceptible to stolen-verifier attack and denial of service attack. Accordingly, the current paper demonstrates the vulnerability of Yang et al.’s scheme to two simple attacks and presents a new protected password change scheme using a public server key to resolve such problems. In contrast to Yang et al.’s protected password changing scheme, the proposed scheme can simply update user passwords without a complicated process, and also provides explicit key authentication and perfect forward secrecy in the case of a session key agreement. [Copyright &y& Elsevier]

Published

2005

35. Cryptanalysis of Zhou et al.’s proxy-protected signature schemes

Author

Park, Je Hong, Kang, Bo Gyeong, and Han, Jae Woo

Subjects

*DATA encryption, *COMPUTER security, *MATHEMATICS, *DATA protection

Abstract

Abstract: Quite recently, Zhou et al. proposed two proxy-protected signature schemes based on the RSA assumption and the hardness of integer factorization, respectively. They also provided security proofs for each signature scheme in the random oracle model. In this paper, we show that both schemes are not secure and suggest a method for fixing the security flaw. [Copyright &y& Elsevier]

Published

2005

36. A new deniable authentication protocol from bilinear pairings

Author

Lu, Rongxing and Cao, Zhenfu

Subjects

*AUTHENTICATION (Law), *DATA encryption, *CONTRACTS, *NON-contentious jurisdiction

Abstract

Abstract: Deniable authentication protocol is a new technique of modern cryptography, and several such schemes have been proposed. However, to our knowledge, most of these schemes are interactive and less efficient, and only Shao proposed an efficient non-interactive deniable authentication protocol based on generalized ElGamal signature scheme. Therefore, there is a desire to design other secure and efficient non-interactive deniable authentication protocol. In this paper, based on the bilinear pairings, we would like to propose such a new non-interactive deniable authentication protocol. What’s more, we also prove the proposed protocol is secure in the random oracle model. [Copyright &y& Elsevier]

Published

2005

37. Forward-secure multisignature and blind signature schemes

Author

Chow, Sherman S.M., Hui, Lucas C.K., Yiu, S.M., and Chow, K.P.

Subjects

*DATA encryption, *ELECTRONIC commerce, *INTERNET industry, *COMPUTER security

Abstract

Abstract: Forward-secure signature schemes address the key exposure problem, in which all previously generated signatures are still considered to be valid even after the secret key is compromised. Multisignature scheme allow any subgroup of a group of users to jointly sign a document such that a verifier is convinced that each member of the subgroup participated in signing. Such schemes are very important technologies in this highly group-oriented society. Blind signature scheme are protocols for obtaining a signature from a signer, but the signer can neither learn the messages he/she sign nor the signatures the recipients obtain afterward. Such schemes are very important technologies in privacy oriented e-commerce applications. In this paper, we propose a forward-secure multisignature scheme and a forward-secure blind signature scheme. Our constructions are based on the recently proposed forward-secure signature scheme by bilinear pairings. [Copyright &y& Elsevier]

Published

2005

38. Cryptanalysis of Lee–Kim–Yoo password-based key agreement scheme

Author

Kwon, Jeoung Ok, Hwang, Jung Yeon, Kim, Changwook, and Lee, Dong Hoon

Subjects

*DATA encryption, *MATHEMATICS, *COMPUTER security, *COMPUTER network security

Abstract

Abstract: Recently, Lee et al. [S.W. Lee, H.S. Kim, K.Y. Yoo, Improvement of Lee and Lee’s authenticated key agreement scheme, Appl. Math. Comput., in press] showed that Lee–Lee password-based authenticated key agreement scheme [N.Y. Lee, M.F. Lee, Further improvement on the modified authenticated key agreement scheme, Appl. Math. Comput. 157 (2004) 729–733] is vulnerable to an off-line dictionary attack and proposed an improved scheme. In this paper, we show that Lee et al.’s scheme is not only incomplete, i.e., two parties establishing a session key may not share a common session key, but also still vulnerable to an off-line dictionary attack, i.e., an adversary can confirm the correctness of a guessed-password by checking if the scheme’s flows are in a domain (for example, whether a flow is in GF(n) or not). A main reason causing these security breaches is that the scheme’s flows are constructed by using two different types of group operations. Finally, we suggest a simple counter-measure to overcome the problems. [Copyright &y& Elsevier]

Published

2005

39. A new efficient (t, n) verifiable multi-secret sharing (VMSS) based on YCH scheme

Author

Shao, Jun and Cao, Zhenfu

Subjects

*DATA encryption, *MATHEMATICS, *ALGEBRA, *CYBERNETICS

Abstract

Abstract: A verifiable multi-secret sharing scheme (VMSS) is a multi-secret sharing scheme with the verifiable property. This paper presents a new efficient verifiable multi-secret sharing based on YCH [C.-C. Yang, T.-Y. Chang, M.-S. Hwang, A (t, n) multi-secret sharing scheme, Appl. Math. Comput. 151 (2004) 483–490] scheme and the intractability of the discrete logarithm (DL). And it just needs few public values and low modular exponentiation operation. [Copyright &y& Elsevier]

Published

2005

40. Efficient verifier-based key agreement protocol for three parties without server’s public key

Author

Lee, Sung-Woon, Kim, Hyun-Sung, and Yoo, Kee-Young

Subjects

*COMPUTER security, *DATA encryption, *DATA protection, *SECURITY systems

Abstract

Abstract: So far, there have been several key agreement protocols for three-parties, in which two clients establish a common session key through a authentication server. Most of those protocols require to use server’s public key to prevent password guessing attacks. However, because clients need to verify and safely keep the server’s public key, the protocols may not be practical for some environments. This paper proposes a new efficient verifier-based key agreement protocol for three parties which does not require server’s public key. The proposed protocol is resistant against various attacks and provides the perfect forward secrecy. [Copyright &y& Elsevier]

Published

2005

41. Improvement of Chien–Jan’s authenticated multiple-key agreement protocol without using conventional one-way function

Author

Yoon, Eun-Jun, Ryu, Eun-Kyung, and Yoo, Kee-Young

Subjects

*DATA encryption, *POLYNOMIALS, *ALGEBRA, *MORPHISMS (Mathematics)

Abstract

Abstract: In 2004, Chien and Jan pointed out that Yeh et al.’s authenticated multiple-key key agreement protocol was vulnerable to the impersonation attack. For enhancing the security and key utilization, Chien and Jan proposed an improved protocol. However, Yang and Wang showed that Chien–Jan’s protocol is vulnerable to the impersonation attack. This paper proposes an improved protocol to overcome the weakness while maintaining the advantages of Chien-Jan’s protocol. [Copyright &y& Elsevier]

Published

2005

42. A new key authentication scheme for cryptosystems based on discrete logarithms

Author

Shao, Zuhua

Subjects

*CRYPTOGRAPHY, *DATA encryption, *COMPUTER network security, *DATA protection

Abstract

Abstract: Key authentication is very important in private communication and data integrity. Recently, Peinado, Zhang and Kim showed that the LHL scheme is not secure, respectively. From public messages, anyone can derive private keys of users. Then they proposed their modifications to overcome this severe weakness, respectively. In this paper, we show that the Peinado’s modification is still insecure, since anyone can still derive private keys of users by a guessing attack. Meanwhile, the modification of Zhang and Kim is based on three security prerequisites, which are expensive in an open environment. To overcome these shortcomings, we propose a new key authentication scheme for cryptosystems based on discrete logarithms. [Copyright &y& Elsevier]

Published

2005

43. Weakness in ID-based one round authenticated tripartite multiple-key agreement protocol with pairings

Author

Shim, Kyungah and Woo, Sungsik

Subjects

*INFORMATION theory, *CYBERNETICS, *CRYPTOGRAPHY, *SYMBOLISM

Abstract

Abstract: In this paper, we show that the ID-based tripartite authenticated multiple-key agreement protocol by Liu et al. [ID-based tripartite key agreement protocol with pairing, 2003 IEEE International Symposium on Information Theory, 2003, pp. 136–143, or available at Cryptology ePrint Archive, Report 2002/122] is insecure against an unknown key-share attack. And then we propose a more efficient ID-based tripartite authenticated multiple-key agreement protocol to overcome the attack. [Copyright &y& Elsevier]

Published

2005

44. Cryptanalysis of Li–Tzeng–Hwang’s improved signature schemes based on factoring and discrete logarithms

Author

Qian, Haifeng, Cao, ZhenFu, and Bao, Haiyong

Subjects

*CRYPTOGRAPHY, *ALGEBRA, *DATA encryption, *DIGITAL signatures

Abstract

Abstract: Laih and Kuo proposed two efficient signature schemes based on discrete logarithms and factorization. Recently, Li et al. improve one of their schemes in order to use fewer keys for a signing document. In this paper, we shall prove that their improvement of Laih and Kuo’s signature scheme is insecure. Moreover the improved signature scheme in fact is not based on two cryptographic assumptions simultaneously, and forging a signature on any message would not need to solve any difficult problems. [Copyright &y& Elsevier]

Published

2005

45. Fixing problems in Lin et al.’s OSPA protocol

Author

Yoon, Eun-Jun, Ryu, Eun-Kyung, and Yoo, Kee-Young

Subjects

*COMPUTER passwords, *COMPUTER storage device industry, *DATA encryption, *COMPUTER network security

Abstract

Abstract: Recently, Lin et al. proposed an improvement on the OSPA protocol to make the protocol withstand the stolen-verifier attack, using smart card. However, Ku et al. demonstrated that Lin et al.’s protocol is vulnerable to the replay attack and the denial of service attack. In this paper, we will propose an enhancement of the protocol to isolate such problems. As a result, the proposed scheme can simply update user passwords and also provides mutual authentication between the user and a remote server. Besides all the above merits, the proposed has more efficient performance by reducing the number of hash operations. [Copyright &y& Elsevier]

Published

2005

46. Steganography of capacity required using modulo operator for embedding secret image

Author

Wang, Shiuh-Jeng

Subjects

*CRYPTOGRAPHY, *SIGNAL processing, *EMBEDDING theorems, *EMBEDDINGS (Mathematics)

Abstract

Abstract: In this paper, a novel mechanism using modulus operations to incorporate secret data (with image form) into a host-image is proposed. The used modulus is a threshold value that indicates how many bits of the secret image are being incorporated into the host-image. In our scheme, there are two kinds of secret images processed. The capacities of these two types are half the size and a quarter the size of the chosen host-image, respectively. As can be seen in the result of our experiment, not only can the secret images be totally embedded, but the extra information, such as the auxiliary table, assisting the secret extraction is released as well. Even then, there is still space remaining after the hiding procedure is completed. The result is a higher capacity exploration for embedding the secret into a host-image. Upon inspection of the quality of the stego-image using the measurement of PSNR it is noted that not only does the image display make the grade of the human vision system, i.e., it is imperceptible by human eyes as far as the embedded secret is concerned, but also the valued results of PSNR remain sufficiently stable for a variety of host-image selections. Therefore, our proposal scheme is notably superior to those in the previous literature [IEE Proc.––Vision Image Signal Process. 147(1) (2000) 29]. The advantages of this proposed scheme are the higher capacity exploration on secret embedding, and better stability on stego-image displays. [Copyright &y& Elsevier]

Published

2005

47. Proxy blind multi-signature scheme without a secure channel

Author

Lu, RongXing, Cao, ZhenFu, and Zhou, Yuan

Subjects

*CRYPTOGRAPHY, *CIPHERS, *SIGNS & symbols, WRITING

Abstract

Abstract: Proxy signature and blind signature are two active cryptographic research areas, and have been applied in many occasions respectively. At the same time, to cope with some particular settings, proxy blind signature, two signatures combination, also becomes a current research hotspot. To our knowledge, many proxy blind signature schemes have been put forth till now. However, most of these proposed schemes have not been provably secure and all should rely on secure channels to transmit proxy secret key, and yet a secure channel could not always be obtained in current network environment. Therefore, in this paper, we would like to present a new proxy blind multi-signature scheme, which does not need a secure channel and is provably secure under the Random Oracle model. [Copyright &y& Elsevier]

Published

2005

48. Cryptanalysis of Lee–Lee authenticated key agreement scheme

Author

Kim, Kee-Won, Ryu, Eun-Kyung, and Yoo, Kee-Young

Subjects

*CRYPTOGRAPHY, *AUTHENTICATION (Law), *MODIFICATIONS, *SIGNS & symbols

Abstract

Recently, Lee and Lee showed that the Hsu et al. improvement of modified authenticated key agreement scheme is vulnerable to the modification attack and proposed an improvement to withstand this attack. However, this paper will first show that this improvement is vulnerable to the guessing attack, and then propose an improvement to eliminate this security flaw. [Copyright &y& Elsevier]

Published

2005

49. Improvement of Tseng et al.'s authenticated encryption scheme with message linkages

Author

Zhang, Zhang, Araki, Shunsuke, and Xiao, Guozhen

Subjects

*DATA encryption, *DATA transmission systems, *AUTHENTICATION (Law), *COMMUNICATION

Abstract

An authenticated encryption scheme is a message transmission scheme which sends messages in a secure and authentic way. In large message transmission, traditional authenticated encryption scheme has the disadvantage that the communication and the computation costs are too high. Recently, Tseng et al. proposed an authenticated encryption scheme with message linkages to reduce the computation time and communication costs for large message transmission. In this paper, the authors point out a weakness in Tseng et al.''s scheme. Finally, we present a new authenticated encryption scheme with message linkages to overcome the weakness in Tseng et al.''s scheme. The proposed scheme is based on the Meta-message recovery signature scheme and it is efficient in the terms of communication and computation costs. [Copyright &y& Elsevier]

Published

2005

50. Improvement of HWWM-authenticated key agreement protocol

Author

Lee, Sung-Woon, Kim, Hyun-Sung, and Yoo, Kee-Young

Subjects

*CRYPTOGRAPHY, *COMPUTER network protocols, *COMPUTER passwords, *COMPUTER security

Abstract

Recently, Hsu et al. showed that Ku and Wang''s authenticated key agreement protocol is vulnerable to the modification attack and then proposed an improved protocol, called HWWM protocol. In this paper, we argue that the HWWM protocol is still vulnerable to the modification attack and cannot also withstand the password guessing attack. Then, we propose an improved protocol to solve these problems. [Copyright &y& Elsevier]

Published

2005