标准模型下抗CPA与抗CCA2的RSA型加密方案

RSA型加密系统（RSA加密系统及其改进系统的统称）至今仍然被广泛应用于许多注重电子数据安全的电子商务系统中.然而对现有的RSA型加密方案分析发现：（1）只有在随机谕言机模型下抗CCA2攻击的RSA型加密方案,还没有在标准模型下实现IND-CCA2安全的RSA型概率加密方案;（2）没有在标准模型下实现抗CPA且保持乘法同态性的RSA型同态加密方案,而同态性是实现安全多方计算和云计算安全服务的重要性质之一;（3）在实现密文不可区分方面,这些方案除HD-RSA外都是通过一个带hash的Feistel网络引入随机因子的,从而导致这些方案只能在随机谕言机模型下实现IND-CCA2安全.针对以上问题,本文在RSA加密系统的基础上,通过增加少量的有限域上的模指数运算,设计了一个标准模型下具有IND-CPA安全的RSA型概率同态加密方案和一个具有IND-CCA2安全的RSA型概率加密方案.这两个方案在实现密文不可区分时,都不再通过明文填充引入随机因子.此外,本文还提出一个RSA问题的变形问题（称作RSA判定性问题）.     

Secure and Efficient Code Encryption Scheme Based on Indexed Table

Software is completely exposed to an attacker after it is distributed because reverse engineering is widely known. To protect software, techniques against reverse engineering are necessary. A code encryption scheme is one of the techniques. A code encryption scheme encrypts the binary executable code. Key management is the most important part of the code encryption scheme. However, previous schemes had problems with key management. In an effort to solve these problems in this paper, we survey the previous code encryption schemes and then propose a new code encryption scheme based on an indexed table. Our scheme provides secure and efficient key management for code encryption.     

标准模型下安全的基于证书密钥封装方案

混合加密是将公钥加密与对称加密结合的一种加密技术.将密钥封装机制引入到基于证书加密方案中,提出了基于证书密钥封装机制的形式化定义及安全模型,构造了一个基于证书密钥封装方案.基于判定双线性Diffie-Hellman困难问题假定,在标准模型下证明提出的方案是自适应选择密文安全的.     

Provably Secure Length‐Saving Public‐Key Encryption Scheme under the Computational Diffie‐Hellman Assumption

Design of secure and efficient public‐key encryption schemes under weaker computational assumptions has been regarded as an important and challenging task. As far as ElGamal‐type encryption schemes are concerned, some variants of the original ElGamal encryption scheme based on weaker computational assumption have been proposed: Although security of the ElGamal variant of Fujisaki‐Okamoto public‐key encryption scheme and Cramer and Shoup's encryption scheme is based on the Decisional Diffie‐Hellman Assumption (DDH‐A), security of the recent Pointcheval's ElGamal encryption variant is based on the Computational Diffie‐Hellman Assumption (CDH‐A), which is known to be weaker than DDH‐A. In this paper, we propose new ElGamal encryption variants whose security is based on CDH‐A and the Elliptic Curve Computational Diffie‐Hellman Assumption (EC‐CDH‐A). Also, we show that the proposed variants are secure against the adaptive chosen‐ciphertext attack in the random oracle model. An important feature of the proposed variants is length‐efficiency which provides shorter ciphertexts than those of other schemes.     

An IND-CCA2 Secure Certificateless Hybrid Signcryption

This article proposes a hybrid certificateless signcryption scheme that is secure against adaptive chosen ciphertext adversary in the random oracle model. The scheme combines an asymmetric encryption which is one way against chosen plaintext attack and any One-Time secure symmetric encryption scheme, combined using Fujisaki–Okamoto transformation. Uncommon to many Fujisaki–Okamoto based constructions which ensure message integrity alone, this scheme provides entity authentication in addition. By the choice of a hash function that utilizes the advantage of sponge based construction, the scheme enables the user to incorporate any One-Time secure symmetric encryption by re-configuring the input/output parameters. Fujisaki–Okamoto transformation, which is currently a standard in hybrid constructions, guarantees the indistinguishability against adaptive chosen ciphertext attack. The provision for choosing symmetric encryption in the scheme enables it to be implemented in all sort of cryptographic requirements including those in wireless communication.

     

基于共扼编码的量子概率加密方案(英文)

We present a quantum probabilistic encryption algorithm for a private-key encryption scheme based on conjugate coding of the qubit string. A probabilistic encryption algorithm is generally adopted in public-key encryption protocols. Here we consider the way it increases the unicity distance of both classical and quantum private-key encryption schemes. The security of quantum probabilistic privatekey encryption schemes against two kinds of attacks is analyzed. By using the no-signalling postulate, we show that the scheme can resist attack to the key. The scheme’s security against plaintext attack is also investigated by considering the information-theoretic indistinguishability of the encryption scheme. Finally, we make a conjecture regarding Breidbart’s attack.     

A blind source separation based method for speech encryption

The underdetermined problem poses a significant challenge in blind source separation (BSS) where the number of the source signals is greater than that of the mixed signals. Motivated by the fact that the security of many cryptosystems relies on the apparent intractability of the computational problems such as the integer factorization problem, we exploit the intractability of the underdetermined BSS problem to present a novel BSS-based speech encryption by properly constructing the underdetermined mixing matrix for encryption, and by generating the key signals that satisfy the necessary condition for the proposed method to be unconditionally secure. Both extensive computer simulations and performance analyses results show that the proposed method has high level of security while retaining excellent audio quality.     

基于遍历矩阵的公钥加密方案

 目前的公钥加密方案受到来自量子计算的威胁,研究在量子计算下安全的公开加密算法具有重要的意义.本文提出了遍历矩阵的概念,并给出了遍历矩阵的性质.同时提出了基于有限域上遍历矩阵的双侧幂乘问题(TEME:Two-side Ergodic Matrices Exponentiation),并证明了求解TEME问题是NP完全的.据此,本文提出了一个新的公钥加密方案,并在标准模型下,证明了该方案基于TEME问题的安全性,即该方案具有适应性选择密文攻击下的不可区分性.     

改进的Rabin密码体制安全性分析

Shamir和Schorr对Rabin数字签名方案提出一种有效的攻击方法,称为Shamir攻击.为了避免Shamir攻击,本文提出一种有效的比特位扰乱法(Bit Perturbation).基于Rabin公钥密码体制,Harn和Kiesler提出一种改进的公钥密码体制、数字签名方案和认证加密方案.本文指出Harn和Kiesler提出的密码体制是不安全的,并设计一种安全的数字签名方案.     

Improvement of McCullagh-Barreto key agreement with KCI-security

McCullagh-Barreto key agreement protocol and its variant achieve perfect forward security and key generation center (KGC) forward security, but provide no resistance to key compromise impersonation attack (KCI attack). In this paper, we give a formal treatment of key compromise impersonation (KCI) attack and define the security notion against it. Then an variant of McCullagh-Barreto protocol is presented with only one more Hash operation. The improved protocol preserves perfect forward security and KGC forward security, and furthermore is proved to be secure against KCI attack under k-Gap-BCAA1 assumption.     

基于遗传-超混沌的数字图像加密算法设计

针对当前置乱-扩散图像加密算法在像素位置置乱过程中存在容易遭受选择明(密)文攻击问题,尝试利用混沌理论产生随机序列,再进行加密,加密过程中涉及的参数通过遗传寻优得到。此算法引入明文反馈机制到图像置乱过程中,使得置乱效果不仅与混沌初始序列有关,而且与明文本身也密切相关,实现了图像特性与加密算法的有机融合。而通过在扩散加密过程中引入了明文反馈机制,来提高算法对明文的敏感性和算法的抗选择明文及密文攻击性能,有效融合了图像的特征信息进行加密算法设计,使得加密算法某种程度上具有数据驱动特性。最后,通过实验和相关分析表明,该算法不仅可以有效抵御选择明文攻击、抵抗统计攻击及信息熵攻击,而且还有效提高了图像加密效率,实现图像安全传输。     

Multi-authority attribute-based encryption scheme with policy dynamic updating

Attribute-based encryption (ABE) is a new cryptographic technique which guarantees fine-grained access control of outsourced encrypted data in the cloud environment.However,a key limitation remains,namely policy updating.Thus,a multi-authority attribute-based encryption scheme with policy dynamic updating was proposed.In the scheme,an anonymous key issuing protocol was introduced to protect users’ privacy and resist collusion attack of attribute authority.The scheme with dynamic policy updating technique was secure against chosen plaintext attack under the standard model and can support any types of policy updating.Compared to the existing related schemes,the size of ciphertext and users’ secret key is reduced and can significantly reduce the computation and communication costs of updating ciphertext.It is more effective in the practical application.     

Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm

An authenticated encryption scheme is a symmetric encryption scheme whose goal is to provide both privacy and integrity. We consider two possible notions of authenticity for such schemes, namely integrity of plaintexts and integrity of ciphertexts, and relate them, when coupled with IND-CPA (indistinguishability under chosen-plaintext attack), to the standard notions of privacy IND-CCA and NM-CPA (indistinguishability under chosen-ciphertext attack and nonmalleability under chosen-plaintext attack) by presenting implications and separations between all notions considered. We then analyze the security of authenticated encryption schemes designed by “generic composition,” meaning making black-box use of a given symmetric encryption scheme and a given MAC. Three composition methods are considered, namely Encrypt-and-MAC, MAC-then-encrypt, and Encrypt-then-MAC. For each of these and for each notion of security, we indicate whether or not the resulting scheme meets the notion in question assuming that the given symmetric encryption scheme is secure against chosen-plaintext attack and the given MAC is unforgeable under chosen-message attack. We provide proofs for the cases where the answer is “yes” and counter-examples for the cases where the answer is “no.” M. Bellare’s work was supported in part by a 1996 Packard Foundation Fellowship in Science and Engineering, NSF CAREER Award CCR-9624439, NSF grants CNS-0524765 and CNS-0627779, and a gift from Intel Corporation. C. Namprempre’s work was supported in part by grants of the first author and the Thailand Research Fund.     

标准模型下可公开验证的匿名IBE方案

利用弱困难性假设构造强安全的加密系统在基于身份的加密（ Identity-Based Encryption ,IBE）中具有重要的理论与实际意义。本文基于弱困难性的判定性双线性Diffie-Hellman假设,构造了一个对于选择明文攻击安全的匿名的身份加密方案,解决了利用弱困难性假设构造强安全的基于身份加密系统的问题,同时也解决了基于身份的加密系统的隐私保护问题。与现有的基于较强困难性假设的方案相比,新方案实现的条件更容易满足,可以公开验证而且效率更高。     

An Intelligent Session Key-Based Hybrid Lightweight Image Encryption Algorithm Using Logistic-Tent Map and Crossover Operator for Internet of Multimedia Things

Due to the increasing demand for IoMT applications in numerous fields such as healthcare, smart city, smart grids, industrial internet, etc. The privacy and security become a major issue in front of various researchers working in this field. This work proposed a lightweight image encryption algorithm based on a logistic-tent map and crossover operator of a genetic algorithm. Various 1-D chaotic maps are discussed in the literature review, but in some cases, hybrid 1-D chaotic maps have higher performance than simple 1-D chaotic maps. So 1-D chaotic map along with a crossover operator is used in this work. Here logistic-tent map and crossover are used to generate the random session key for each image encryption. Also, a crossover operator is used in encryption rounds for increasing confusion and diffusion. Here in this work, for each image encryption, a new intelligent session key is generated. The strength of the proposed image cryptographic scheme is assessed against resistance to the differential attack (UACI and NPCR), statistical attack (histogram analysis, correlation coefficient and information entropy) and sensitivity to the secret key. The extensive experiments of performance and security assessment show that the proposed cryptographic image scheme is secure enough to withstand all potential cryptanalytic attacks.

     

云计算中一种紧凑型的外包访问控制方案

密文策略的属性加密是实现云平台上安全的访问控制方案的最佳选择。然而,在大多数密文策略的属性加密方案中,用户密钥长度与属性的个数之间成线性关系;用户的解密时间与访问结构的复杂度成正比关系。为了减少用户密钥的存储和解密计算开销,本文提出一种面向云计算平台的紧凑型的外包访问控制方案。方案中的访问结构可以支持“与”、“或”以及“门限”三种策略。它仅采用简单的哈希和异或运算就可以验证用户外包解密返回的数据是否正确。在随机预言机模型中,基于aMSE-DDH难题,证明了方案是选择密文攻击安全的。分析表明,本文方案能够安全的实现云计算环境下的访问控制,尤其当用户终端设备受限时实现的访问控制。      

基于DNA和元胞自动机的新型图像加密算法

针对现有图像加密算法密钥空间不足、鲁棒性较差的问题,在传统混沌加密基础上,文中设计了一种新的图像加密算法。该算法使用SHA256函数计算明文得到系统初值和密钥并省去了置乱环节,采用对明文和元胞自动机分组交错扩散的方式进行图像加密。通过对相关安全指标计算和分析发现,密钥空间达到2 ³²⁰以上,可以抵御30%的剪切攻击和各种类型的噪声攻击,表明该算法具有较好的安全性和鲁棒性。     

一种安全的数字视频水印算法

水印技术已成为国际上的研究热点,视频水印大量应用于版权保护、隐含标识、信息认证和隐蔽通信等。文中主要研究一种安全的数字视频水印系统,该系统基于一种视频帧的水印算法,使用二值图像作为水印信息,采用每帧索引的方法,能够很好地抵抗针对视频水印的攻击。此外,该系统使用NTRU加密,既能利用公钥来检测视频是否是正版产品,又能在遭受公钥攻击后,使用私钥进行版权认证。     

Privacy‐Preserving H.264 Video Encryption Scheme

As a growing number of individuals are exposed to surveillance cameras, the need to prevent captured videos from being used inappropriately has increased. Privacy‐related information can be protected through video encryption during transmission or storage, and several algorithms have been proposed for such purposes. However, the simple way of evaluating the security by counting the number of brute‐force trials is not proper for measuring the security of video encryption algorithms, considering that attackers can devise specially crafted attacks for specific purposes by exploiting the characteristics of the target video codec. In this paper, we introduce a new attack for recovering contour information from encrypted H.264 video. The attack can thus be used to extract face outlines for the purpose of personal identification. We analyze the security of previous video encryption schemes against the proposed attack and show that the security of these schemes is lower than expected in terms of privacy protection. To enhance security, an advanced block shuffling method is proposed, an analysis of which shows that it is more secure than the previous method and can be an improvement against the proposed attack.     

WDM-Compatible Channel Scrambling for Secure High-Data-Rate Optical Transmissions

We propose a noninvasive optical encryption technique, taking advantage of the specificities of the physical layer of a backbone transmission network, to secure optical transmissions at high data rates ( >10 Gb/s). Our goal is to secure data transmission without impacting the physical layer by guaranteeing the transparency of the encryption technique with respect to the transmission equipment. The proposed method belongs to the optical code-division multiple-access technique using spectral-phase encoding, based on pulse-overlapping sequence. The goal is to scale the protection levels to different threat and attack scenarios and to make them resilient to intrusions and robust to fiber-propagation parameters. In this paper, linear and nonlinear transmission effects (where self- and cross-phase modulations become important) are considered to maintain the quality of transmission. Finally, particular attention is paid to the ciphering key transmission for which we propose an adapted solution.