MaTRU‐KE revisited: CCA2‐secure key establishment protocol based on MaTRU

Quantum attack–resistant cryptosystems are required for secure communication since there is a big demand to have quantum computers. Lattice‐based cryptography is one of the quantum‐secure families due to its key/ciphertext sizes and performance. NTRU‐based cryptosystems, a member of lattice‐based cryptosystems, have received much more attention. MaTRU, a noncommutative version of NTRU with some matrix properties, is used to obtain a key exchange protocol in 2018. In this paper, we focus on MaTRU‐based key exchange protocols having CCA2 properties. We propose CCA2‐secure versions of MaTRU‐KE and then provide a security analysis of CCA2‐secure key establishment protocols. We also provide a comparison with the previous ones.     

A pairing‐free identity‐based handover AKE protocol with anonymity in the heterogeneous wireless networks

Nowadays, seamless roaming service in heterogeneous wireless networks attracts more and more attention. When a mobile user roams into a foreign domain, the process of secure handover authentication and key exchange (AKE) plays an important role to verify the authenticity and establish a secure communication between the user and the access point. Meanwhile, to prevent the user's current location and moving history information from being tracked, privacy preservation should be also considered. However, existing handover AKE schemes have more or less defects in security aspects or efficiency. In this paper, a secure pairing‐free identity‐based handover AKE protocol with privacy preservation is proposed. In our scheme, users' temporary identities will be used to conceal their real identities during the handover process, and the foreign server can verify the legitimacy of the user with the home server's assistance. Besides, to resist ephemeral private key leakage attack, the session key is generated from the static private keys and the ephemeral private keys together. Security analysis shows that our protocol is provably secure in extended Canetti‐Krawczyk (eCK) model under the computational Diffie‐Hellman (CDH) assumption and can capture desirable security properties including key‐compromise impersonation resistance, ephemeral secrets reveal resistance, strong anonymity, etc. Furthermore, the efficiency of our identity‐based protocol is improved by removing pairings, which not only simplifies the complex management of public key infrastructure (PKI) but also reduces the computation overhead of ID‐based cryptosystem with pairings. It is shown that our proposed handover AKE protocol provides better security assurance and higher computational efficiency for roaming authentication in heterogeneous wireless networks.     

改进的Rabin密码体制安全性分析

Shamir和Schorr对Rabin数字签名方案提出一种有效的攻击方法,称为Shamir攻击.为了避免Shamir攻击,本文提出一种有效的比特位扰乱法(Bit Perturbation).基于Rabin公钥密码体制,Harn和Kiesler提出一种改进的公钥密码体制、数字签名方案和认证加密方案.本文指出Harn和Kiesler提出的密码体制是不安全的,并设计一种安全的数字签名方案.     

基于XTR公钥密码体制的群组密钥协商协议设计

群组密钥协商协议是网络中最基本的安全协议之一,相比两方密钥协商协议显得更为复杂,因此,如何设计安全、简洁、高效的群组密钥协商协议成为网络安全中的一个重要问题.文中使用XTR公钥密码体制设计了一个群组密钥协商协议,该协议通过对迹函数的有效计算,获得了3倍的密钥压缩比,减少了协议的通信量.与同类协议相比,具有密钥长度小、安全性高、发送消息少的优点.     

基于ECC和零知识证明的盲签名方案设计与实现

椭圆曲线密码系统具有稳定的数学结构和较高的安全性,与目前流行的RSA公钥密码系统相比较有很大优势,成为当前研究的热点。基于椭圆曲线密码体制,设计和实现了一种高效安全的盲签名方案。首先,对相关概念及文献进行了分析与比较,介绍了椭圆曲线密码系统和盲签名的基本原理;其次,基于椭圆曲线密码系统的优势,设计了一种盲签名新方案.在方案中,为了不向签名者泄漏请求签名者的身份信息,消息发送者使用零知识证明协议隐藏了身份信息;最后,对设计方案的盲化、不可追踪性进行了分析,并与常见的盲签名算法进了分析比较,证明了本设计方案的高效性。     

A scalable and efficient key escrow model for lawful interception of IDBC‐based secure communication

Key escrowing is one of the core technologies for the lawful interception (LI) of secure communications in the wired and wireless networks. Although many previous studies on the key escrowing have been done before, they are insufficient to be deployed in practical networks due to conflicts with the LI requirements. Moreover, there is lack of consideration on the LI of ID‐based cryptosystem (IDBC)‐based secure communication because the interest of the LI was moved to the industries and IDBC has the inherent key escrowing property. However, the inherent property of IDBC cannot prevent ‘illegal’ eavesdropping of all the communications in the networks from the law enforcement agency with the ‘legally’ obtained key. Thus, we propose a new key escrow model that satisfies the requirements of LI and overcomes the potential threats of IDBC. Our contributions enable the scalable and efficient key escrowing for the LI of secure one‐way and two‐pass communication in the mobile networks. Copyright © 2010 John Wiley & Sons, Ltd.     

McEliece公钥体制的修正

本文针对Ｋｏｒｚｈｉｋ对Ｔｕｒｋｉｎ公钥密码体制的攻击，对ＭｃＥｌｉｅｃｅ密码体制提出一种修正方案。分析了它的安全性的其它性能，论证了这些修正方案不仅能有效地抗击Ｋｏｒｚｈｉｋ和Ｔｕｒｋｉｎ提出的攻击，而且也能很能好地抗击其它已知的攻击方法。     

Identity‐based proxy signature over NTRU lattice

Proxy signature scheme is an important cryptographic primitive, for an entity can delegate his signing right to another entity. Although identity‐based proxy signature schemes based on conventional number‐theoretic problems have been proposed for a long time, the researchers have paid less attention to lattice‐based proxy signature schemes that can resist quantum attack. In this paper, we first propose an identity‐based proxy signature scheme over Number Theory Research Unit (NTRU)‐lattice. We proved that the proposed paradigm is secure under the hardness of the γ‐shortest vector problem on the NTRU lattice in random oracle model; furthermore, the comparison with some existing schemes shows our scheme is more efficient in terms of proxy signature secret key size, proxy signature size, and computation complexity. As the elemental problem of the proposed scheme is difficult even for quantum computation model, our scheme can work well in quantum age.     

一种对优化的NTRU体制的可解密密文分析

Proos利用NTRU的解密出错的缺陷提出了一种对NTRU原始算法的可解密密文攻击[1].为了增强NTRU原始算法的速度和效率,文[2]提出了NTRU的优化算法.但是,Proos并未对NTRU的优化算法给出相关的密码分析.文中指出了Proos所提出的可解密密文攻击对NTRU优化算法的部分情况仍然有效,并指出在文[2]所给出的优化的NTRU参数选取中当N =503时可能会泄漏部分私钥信息.     

A New Secure Authenticated Group Key Transfer Protocol

Group key transfer protocols depend on a mutually trusted key generation center (KGC) to generate group keys and transport group keys to all group members secretly. Generally, KGC encrypts group keys under another secret key shared with each user during registration. In this paper, we propose a novel secure authenticated group key transfer protocol using a linear secret sharing scheme (LSSS) and ElGamal cryptosystem, where KGC broadcasts group key information to all group members. The confidentiality of this transformation is guaranteed by this LSSS and ElGamal cryptosystem. We also provide authentication for transporting this group key. Goals and security threats of our protocol are analyzed in detail.     

NTRU公开密钥体制快速实现算法

NTRU算法是一种基于环的公开密钥体制,与RSA和ECC等典型的加密算法相比,在安全性和速度方面具有明显的优势.分析了目前NTRU算法的研究状况,提出了具体、完整和快速实现NTRU公开密钥体制的方法,包括产生随机多项式、卷积计算和模p计算算法.给出的方法适用与NTRU-1998、NTRU-2001和NTRU-2005.可以提高NTRU算法的速度达50%以上.     

A simple three‐party password‐based key exchange protocol

In three‐party password‐based key exchange (3PAKE) protocol, a client is allowed to share a human‐memorable password with a trusted server such that two clients can agree on a secret session key for secure connectivity. Recently, many 3PAKE protocols have been developed. However, not all of them can simultaneously achieve security and efficiency. Without any server's public key, this article will propose a simple three‐party password‐based authenticated key exchange scheme. Compared with the existing schemes, the proposed scheme is not only more efficient, but also is secure. Copyright © 2009 John Wiley & Sons, Ltd.     

A secure proxy signature scheme based on elliptic curve cryptosystem

Proxy signature is a special digital signature which enables a proxy signer to sign messages on behalf of the original signer. This paper proposes a strongly secure proxy signature scheme and a secure multi-proxy signature scheme based on elliptic curve cryptosystem. Contrast with universal proxy signature schemes, they are secure against key substitute attack even if there is not a certificate authority in the system, and also secure against the original signer＇s forgery attack. Furtherlnore, based on the elliptic curve cryptosystem, they are more efficient and have smaller key size than other system. They can be used in electronics transaction and mobile agent environment.     

基于增强型智能网的接入控制及协议

本文针对个人通信系统的需求,给出一种基于公钥体系的认证和密钥约定协议的实现方案.在智能网体系结构中引入相应的接入控制实体,给出其实现结构、功能、协议和操作,描述了基于增强型智能网系统的安全接入.     

Efficient Image Chaotic Encryption Algorithm with No Propagation Error

Many chaos‐based encryption methods have been presented and discussed in the last two decades, but very few of them are suitable to secure transmission on noisy channels or respect the standard of the National Institute of Standards and Technology (NIST). This paper tackles the problem and presents a novel chaos‐based cryptosystem for secure transmitted images. The proposed cryptosystem overcomes the drawbacks of existing chaotic algorithms such as the Socek, Xiang, Yang, and Wong methods. It takes advantage of the increasingly complex behavior of perturbed chaotic signals. The perturbing orbit technique improves the dynamic statistical properties of generated chaotic sequences, permits the proposed algorithm reaching higher performance, and avoids the problem of error propagation. Finally, many standard tools, such as NIST tests, are used to quantify the security level of the proposed cryptosystem, and experimental results prove that the suggested cryptosystem has a high security level, lower correlation coefficients, and improved entropy.     

ID‐Based Optimistic Fair Exchange Scheme Based on RSA

Fairness of exchange is a significant property for secure online transactions, and a fair exchange scheme is a useful tool for ensuring the fairness of exchanges conducted over networks. In this paper, we propose an ID‐based optimistic fair exchange scheme based on the RSA function, one which is designed by combining a well‐known RSA‐based signature scheme and the (naive) RSA function. Note that the main contribution of this paper is to give the first provably secure ID‐based fair exchange scheme based on the RSA function, whose security can be proved under fully formalized security models. Our scheme has the following additional strongpoints. The scheme is setup‐free; hence, there is no registration step between a user and an arbitrator. Moreover, the proposed scheme is designed in an ID‐based setting; thus, it is possible to eliminate the need for certificates and avoid some related problems.     

适用于移动应用的口令认证多密钥协商协议

To achieve privacy and authentication simultaneously in mobile applications, various Three-party Password-authenticated key exchange (3PAKE) protocols have been proposed. However, some of these protocols are vulnerable to conventional attacks or have low efficiency so that they cannot be applied to mobile applications . In this paper, we proposed a password-authenticated multiple key exchange protocol for mobile applications using elliptic curve cryptosystem. The proposed protocol can achieve efficiency, reliability, flexibility and scalability at the same time. Compared with related works, the proposed protocol is more suitable and practical for mobile applications .     

高密度背包型公钥密码体制的设计

该文提出了一类新的易解背包问题,基于此问题构造了一个新的加法背包型公钥密码体制。该公钥密码体制具有较高的背包密度,因此可以抵抗低密度子集和攻击。对该密码体制的其它的攻击方法进行了分析。     

A robust ElGamal‐based password‐authentication protocol using smart card for client‐server communication

Smart card‐based client‐server authentication protocol is well popular for secure data exchange over insecure and hostile networks. Recently, Lee et al. put forward an authentication protocol by utilizing ElGamal cryptosystem and proved that it can withstand known security threats. This article evinces that the protocol of Lee et al. is unwilling to protect various important security vulnerabilities such as forgery attack and off‐line password‐guessing attack. To vanquish these loopholes, this article presents a robust authentication protocol for client‐server communication over any insecure networks. The security explanation of our protocol has done through the formal and informal mechanism and its outcome makes sure that the designed protocol is strong enough to resist the known vulnerabilities. In addition, we have simulated our protocol using ProVerif online software and its results certify that our protocol is safe against private information of the client and server. This paper also has made performance estimation of the presented protocol and others, and the outcome favors the presented protocol.     

分布式数据存储中的机密性保护

结合对称加密技术和门限加密技术,提出了一种适用于分布式数据存储需要的有效的系统机密性保护方案,其中对称加密技术用于对所存储的文件进行加密,分布式门限加密技术则对对称加密方案中所用的密钥进行保护,可在不带来密钥存储问题情况下满足恶意环境中分布式数据存储系统的机密性要求。