A digital image encryption scheme using chaotic map lattices has been proposed recently. In this paper, two fatal flaws of the cryptosystem are pointed out. According to these two drawbacks, cryptanalysts could recove...A digital image encryption scheme using chaotic map lattices has been proposed recently. In this paper, two fatal flaws of the cryptosystem are pointed out. According to these two drawbacks, cryptanalysts could recover the plaintext by applying the chosen plaintext attack. Therefore, the proposed cryptosystem is not secure enough to be used in the image transmission system. Experimental results show the feasibility of the attack. As a result, we make some improvements to the encryption scheme, which can completely resist our chosen plaintext attack.展开更多
The security of quantum broadcast communication(QBC) and authentication protocol based on Greenberger–Horne–Zeilinger(GHZ) state and quantum one-time pad is analyzed. It is shown that there are some security iss...The security of quantum broadcast communication(QBC) and authentication protocol based on Greenberger–Horne–Zeilinger(GHZ) state and quantum one-time pad is analyzed. It is shown that there are some security issues in this protocol.Firstly, an external eavesdropper can take the intercept–measure–resend attack strategy to eavesdrop on 0.369 bit of every bit of the identity string of each receiver without being detected. Meanwhile, 0.524 bit of every bit of the secret message can be eavesdropped on without being detected. Secondly, an inner receiver can take the intercept–measure–resend attack strategy to eavesdrop on half of the identity string of the other's definitely without being checked. In addition, an alternative attack called the CNOT-operation attack is discussed. As for the multi-party QBC protocol, the attack efficiency increases with the increase of the number of users. Finally, the QBC protocol is improved to a secure one.展开更多
In this paper, we present the results for the security and the possible attacks on a new symmetric key encryption algorithm based on the ergodicity property of a logistic map. After analysis, we use mathematical induc...In this paper, we present the results for the security and the possible attacks on a new symmetric key encryption algorithm based on the ergodicity property of a logistic map. After analysis, we use mathematical induction to prove that the algorithm can be attacked by a chosen plaintext attack successfully and give an example to show how to attack it. According to the cryptanalysis of the originM Mgorithm, we improve the originM Mgorithm, and make a brief cryptanalysis. Compared with the original algorithm, the improved algorithm is able to resist a chosen plaintext attack and retain a considerable number of advantages of the original algorithm such as eneryption speed, sensitive dependence on the key, strong anti-attack capability, and so on.展开更多
Recently,Hwang et al.proposed a (t,n) threshold-proxy (c,m) thresholdsignature schemes,in which only any t or more original signers of n original signers can authorize a proxy group of m proxy signers and then onl...Recently,Hwang et al.proposed a (t,n) threshold-proxy (c,m) thresholdsignature schemes,in which only any t or more original signers of n original signers can authorize a proxy group of m proxy signers and then only c or more proxy signers can cooperatively generate threshold-proxy threshold-signature.In this scheme,they claimed that original signers cannot forge the proxy signature and the proxy signers cannot forge signature on behalf of the original signers.However,in this paper,we will give a attack to show that their scheme can not resist impersonation attacks.展开更多
A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryp...A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryption scheme. We propose an algebraic key-recovery attack in the polynomial computational complexity. Furthermore, we peel off the encryption and decryption process and propose attack methods for solving the conjugator search problem over the given non-abelian group. Finally, we provide corresponding practical attack examples to illustrate the attack methods in our cryptanalysis, and provide some improved suggestions.展开更多
Advances in quantum computers threaten to break public key cryptosystems such as RSA, ECC, and EIGamal on the hardness of factoring or taking a discrete logarithm, while no quantum algorithms are found to solve certai...Advances in quantum computers threaten to break public key cryptosystems such as RSA, ECC, and EIGamal on the hardness of factoring or taking a discrete logarithm, while no quantum algorithms are found to solve certain mathematical problems on non-commutative algebraic structures until now. In this background, Majid Khan et al.proposed two novel public-key encryption schemes based on large abelian subgroup of general linear group over a residue ring. In this paper we show that the two schemes are not secure. We present that they are vulnerable to a structural attack and that, it only requires polynomial time complexity to retrieve the message from associated public keys respectively. Then we conduct a detailed analysis on attack methods and show corresponding algorithmic description and efficiency analysis respectively. After that, we propose an improvement assisted to enhance Majid Khan's scheme. In addition, we discuss possible lines of future work.展开更多
In a recent work [Quantum Inf. Process 12 (2013) 1077], a multi-user protocol of quantum private comparison of equality (QPCE) is presented. Here we point out that if we relax the constraint of a semi-honest third...In a recent work [Quantum Inf. Process 12 (2013) 1077], a multi-user protocol of quantum private comparison of equality (QPCE) is presented. Here we point out that if we relax the constraint of a semi-honest third party, the private information of the users will be totally leaked out to the third party. A special attack is demonstrated in detail. Furthermore, a possible improvement is proposed, which makes the protocol secure against this kind of attack.展开更多
Zhang et al. proposed a sequential multisignature scheme based on RSA. The scheme has advantages of low computation and communication costs, and so on. However, we find a problem in their scheme that the verifier can ...Zhang et al. proposed a sequential multisignature scheme based on RSA. The scheme has advantages of low computation and communication costs, and so on. However, we find a problem in their scheme that the verifier can not distinguish whether the multisignature is signed by all the signers of the group or only by the last signer. Thus, any single signature created by the last signer can be used as a multisignaturr created by the whole group members. This paper proposes an improved scheme that can overcome the defect. In the new scheme, the identity messages of all the signers are added in the multisignature and used in verification phase, so that the verifier can know the signature is generated by which signers. Performance analysis shows that the proposed scheme costs less computation than the original scheme in both signature and verification phases. Furthermore, each partial signature is based on the signer's identity certificate, which makes the scheme more secure.展开更多
Unified Irrpossible Differential (UID) cryptanalysis is a systeimtic method for finding impossible differentials for block ciphers. Regarding to the problem of automatically retrieving the impossible differential ch...Unified Irrpossible Differential (UID) cryptanalysis is a systeimtic method for finding impossible differentials for block ciphers. Regarding to the problem of automatically retrieving the impossible differential characteristics of block ciphers, with the use of particular intermediate difference state expression, UID gets the same or better results compared with other present cryptanalysis results. ARIA is a Korean block cipher expecting that there are no impossible differentials on four or rmre rounds. Based on a property of the Diffusion layer (DL) of ARIA, a specific selection is used before conflict searching to optimize. UID is applied to ARIA, and 6 721 impossible differential chains are found. The length of those chains is four rounds, the same as eisting results, but more varied in form Moreover, ARIA is a Substitution-Penmtation Network (SPN), not a Feistel structure or generalized Feistel structure as UID was applied to before.展开更多
基金Project supported by the National Natural Science Foundation of China (Grant Nos. 61173183, 60973152, and 60573172)the Doctoral Program Foundation of Institution of Higher Education of China (Grant No. 20070141014)+2 种基金the Program for Excellent Talents in Universities of Liaoning Province, China (Grant No. LR2012003)the Natural Science Foundation of Liaoning Province, China (Grant No. 20082165)the Fundamental Research Funds for the Central Universities of China (Grant No. DUT12JB06)
文摘A digital image encryption scheme using chaotic map lattices has been proposed recently. In this paper, two fatal flaws of the cryptosystem are pointed out. According to these two drawbacks, cryptanalysts could recover the plaintext by applying the chosen plaintext attack. Therefore, the proposed cryptosystem is not secure enough to be used in the image transmission system. Experimental results show the feasibility of the attack. As a result, we make some improvements to the encryption scheme, which can completely resist our chosen plaintext attack.
基金supported by the National Natural Science Foundation of China(Grant Nos.61502101 and 61170321)the Natural Science Foundation of Jiangsu Province,China(Grant No.BK20140651)+2 种基金the Research Fund for the Doctoral Program of Higher Education,China(Grant No.20110092110024)Funded by PAPDCICAEET
文摘The security of quantum broadcast communication(QBC) and authentication protocol based on Greenberger–Horne–Zeilinger(GHZ) state and quantum one-time pad is analyzed. It is shown that there are some security issues in this protocol.Firstly, an external eavesdropper can take the intercept–measure–resend attack strategy to eavesdrop on 0.369 bit of every bit of the identity string of each receiver without being detected. Meanwhile, 0.524 bit of every bit of the secret message can be eavesdropped on without being detected. Secondly, an inner receiver can take the intercept–measure–resend attack strategy to eavesdrop on half of the identity string of the other's definitely without being checked. In addition, an alternative attack called the CNOT-operation attack is discussed. As for the multi-party QBC protocol, the attack efficiency increases with the increase of the number of users. Finally, the QBC protocol is improved to a secure one.
基金supported by the National Natural Science Foundation of China (Grant Nos. 61173183, 60573172, and 60973152)the Doctoral Program Foundation of Institution of Higher Education of China (Grant No. 20070141014)the Natural Science Foundation of Liaoning Province, China (Grant No. 20082165)
文摘In this paper, we present the results for the security and the possible attacks on a new symmetric key encryption algorithm based on the ergodicity property of a logistic map. After analysis, we use mathematical induction to prove that the algorithm can be attacked by a chosen plaintext attack successfully and give an example to show how to attack it. According to the cryptanalysis of the originM Mgorithm, we improve the originM Mgorithm, and make a brief cryptanalysis. Compared with the original algorithm, the improved algorithm is able to resist a chosen plaintext attack and retain a considerable number of advantages of the original algorithm such as eneryption speed, sensitive dependence on the key, strong anti-attack capability, and so on.
基金Supported by the National Natural Science Foundation of China(10871205)
文摘Recently,Hwang et al.proposed a (t,n) threshold-proxy (c,m) thresholdsignature schemes,in which only any t or more original signers of n original signers can authorize a proxy group of m proxy signers and then only c or more proxy signers can cooperatively generate threshold-proxy threshold-signature.In this scheme,they claimed that original signers cannot forge the proxy signature and the proxy signers cannot forge signature on behalf of the original signers.However,in this paper,we will give a attack to show that their scheme can not resist impersonation attacks.
基金supported by the State Key Program of National Natural Science of China(Grant Nos. 61332019)the National Natural Science Foundation of China (61572303)+7 种基金National Key Research and Development Program of China ( 2017YFB0802003 , 2017YFB0802004)National Cryptography Development Fund during the 13th Five-year Plan Period (MMJJ20170216)the Foundation of State Key Laboratory of Information Security (2017-MS-03)the Fundamental Research Funds for the Central Universities(GK201702004,GK201603084)Major State Basic Research Development Program of China (973 Program) (No.2014CB340600)National High-tech R&D Program of China(2015AA016002, 2015AA016004)Natural Science Foundation of He Bei Province (No. F2017201199)Science and technology research project of Hebei higher education (No. QN2017020)
文摘A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryption scheme. We propose an algebraic key-recovery attack in the polynomial computational complexity. Furthermore, we peel off the encryption and decryption process and propose attack methods for solving the conjugator search problem over the given non-abelian group. Finally, we provide corresponding practical attack examples to illustrate the attack methods in our cryptanalysis, and provide some improved suggestions.
基金supported in part by the National Natural Science Foundation of China(Grant Nos.61303212,61170080,61202386)the State Key Program of National Natural Science of China(Grant Nos.61332019,U1135004)+2 种基金the Major Research Plan of the National Natural Science Foundation of China(Grant No.91018008)Major State Basic Research Development Program of China(973 Program)(No.2014CB340600)the Hubei Natural Science Foundation of China(Grant Nos.2011CDB453,2014CFB440)
文摘Advances in quantum computers threaten to break public key cryptosystems such as RSA, ECC, and EIGamal on the hardness of factoring or taking a discrete logarithm, while no quantum algorithms are found to solve certain mathematical problems on non-commutative algebraic structures until now. In this background, Majid Khan et al.proposed two novel public-key encryption schemes based on large abelian subgroup of general linear group over a residue ring. In this paper we show that the two schemes are not secure. We present that they are vulnerable to a structural attack and that, it only requires polynomial time complexity to retrieve the message from associated public keys respectively. Then we conduct a detailed analysis on attack methods and show corresponding algorithmic description and efficiency analysis respectively. After that, we propose an improvement assisted to enhance Majid Khan's scheme. In addition, we discuss possible lines of future work.
基金Supported by the National Natural Science Foundation of China under Grant Nos 61402058,61572086 and 61370203the Fund for Middle and Young Academic Leaders of Chengdu University of Information Technology under Grant No J201511+2 种基金the Science and Technology Support Project of Sichuan Province under Grant No 2013GZX0137the Fund for Young Persons Project of Sichuan Province under Grant No 12ZB017the Foundation of Cyberspace Security Key Laboratory of Sichuan Higher Education Institutions under Grant No szjj2014-074
文摘In a recent work [Quantum Inf. Process 12 (2013) 1077], a multi-user protocol of quantum private comparison of equality (QPCE) is presented. Here we point out that if we relax the constraint of a semi-honest third party, the private information of the users will be totally leaked out to the third party. A special attack is demonstrated in detail. Furthermore, a possible improvement is proposed, which makes the protocol secure against this kind of attack.
基金The National Natural Science Foundation of China (No.60403027)
文摘Zhang et al. proposed a sequential multisignature scheme based on RSA. The scheme has advantages of low computation and communication costs, and so on. However, we find a problem in their scheme that the verifier can not distinguish whether the multisignature is signed by all the signers of the group or only by the last signer. Thus, any single signature created by the last signer can be used as a multisignaturr created by the whole group members. This paper proposes an improved scheme that can overcome the defect. In the new scheme, the identity messages of all the signers are added in the multisignature and used in verification phase, so that the verifier can know the signature is generated by which signers. Performance analysis shows that the proposed scheme costs less computation than the original scheme in both signature and verification phases. Furthermore, each partial signature is based on the signer's identity certificate, which makes the scheme more secure.
基金Acknowledgements This paper was supported by the National Natural Science Foundation of China under Ccant No.61073149 the Research Fund for the Doctoral Program of Higher Education of China under Grant No. 20090073110027.
文摘Unified Irrpossible Differential (UID) cryptanalysis is a systeimtic method for finding impossible differentials for block ciphers. Regarding to the problem of automatically retrieving the impossible differential characteristics of block ciphers, with the use of particular intermediate difference state expression, UID gets the same or better results compared with other present cryptanalysis results. ARIA is a Korean block cipher expecting that there are no impossible differentials on four or rmre rounds. Based on a property of the Diffusion layer (DL) of ARIA, a specific selection is used before conflict searching to optimize. UID is applied to ARIA, and 6 721 impossible differential chains are found. The length of those chains is four rounds, the same as eisting results, but more varied in form Moreover, ARIA is a Substitution-Penmtation Network (SPN), not a Feistel structure or generalized Feistel structure as UID was applied to before.
