检索结果-南通市图书馆

New application methods for word-oriented cryptographic primitives

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Science china(information sciences) 2012年第9期55卷 2149-2160页

作者： YANG Yang 1,2,ZENG Guang 1,2,JIN ChengHui 1 & QU YunYing 1 1 Zhengzhou information Science and Technology institute,Zhengzhou 450002,china 2 state key laboratory of information security,institute of software,chinese academy of sciences,beijing 100190,china Zhengzhou information Science and Technology institute Zhengzhou China state key laboratory of information security Institute of Software Chinese Academy of Sciences Beijing China

Modern software oriented symmetric ciphers have become a key feature in utilizing word-oriented cryptographic *** the output sequence,in the order of its generation,of a word-oriented cryptographic primitive in the same way as traditional bit-oriented primitives,we can expose the intrinsic weakness of these primitives,especially for word-oriented linear feedback shift registers,T-functions,and so *** new methods for using word-oriented cryptographic primitives are presented in this paper,that is,the extracted state method and cascading extracted coordinate *** a T-function as an example,we research the different cryptographic properties of the output sequences of the original method and the two proposed methods,focusing mainly on period,linear complexity,and k-error linear *** conclusions show that the proposed methods could enhance at low cost the cryptographic properties of the output *** a result,since the new methods are simple and easy to implement,they could be used to design new word-oriented cryptographic primitives.

关键词： stream cipher single cycle T-function linear complexity k-error linear complexity

A Group-Oriented (t,n) Threshold Signature Scheme with Traceable Signers

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Wuhan University Journal of Natural sciences 2008年第6期13卷 680-684页

作者： TAN Zuowen1,2 1. School of information Technology, Jiangxi University of Finance and Economics, Nanchang 330013, Jiangxi, china 2. state key laboratory of information security/institute of software, chinese academy of sciences, beijing 100190, china School of information Technology Jiangxi University of Finance and Economics Nanchang China state key laboratory of information security/institute of software Chinese Academy of Sciences Beijing China

A group-oriented （t, n） threshold signature scheme employs the cryptographic techniques of secret share, allows any subset of t players out of n players to sign message on behalf of the group and disallows the creation of a valid signature if fewer than t players take part in the signature protocol. In this paper, we proposed a new group-oriented （t, n） threshold signature schemes with traceable signers based on Schnorr signature. The proposed scheme is proved traceable, robust and unforgeable against the ＂static＂ adversary with the discrete logarithm assumption in the random oracle model and existence of broadcast channel. The proofs of the strongest security （existential unforgeability against adaptively chosen message attacks under the discrete logarithm assumption） are provided in the random oracle model.

关键词： threshold signature random oracle model robustness

维普期刊数据库

Polar differential power attacks and evaluation

在线全文

学校读者我要写书评

暂无评论

Science china(information sciences) 2012年第7期55卷 1588-1604页

作者： TANG Ming 1 ,QIU ZhenLong 1 ,GAO Si 1,2 ,YI Mu 3 ,LIU ShuBo 1 ,ZHANG HuanGuo 1 & JIN YingZhen 1 1 School of Computer Science,Wuhan University,Wuhan 430072,china 2 state key laboratory of information security,institute of software,chinese academy of sciences,beijing 100190,china 3 Centre for Computer and information security Research School of Computer Science and software Engineering University of Wollongong,Wollongong,NSW 2522,Australia School of Computer Science Wuhan University Wuhan China state key laboratory of information security Institute of Software Chinese Academy of Sciences Beijing China Centre for Computer and information security Research School of Computer Science and software Engineering University of Wollongong Wollongong Australia

Side channel attacks (SCAs) on security software and hardware have become major concerns on computer and system *** existing SCAs generally require the knowledge of the corresponding cryptographic algorithm and implementation adopted in the target; therefore,they are not fully suitable for practical *** this paper,we propose a novel SCA-polar differential power attack (polar DPA).We found that DPA peaks have different biases for different cryptographic algorithms and *** on these biases,we can successfully attack a block cipher,assuming that the cipher algorithm uses a secret key in its first round,without the knowledge of the cipher algorithm or *** rounds can be treated as a black *** present a detailed theoretical analysis and experiment to demonstrate the correctness and efficiency of our ***,our scheme has demonstrated an improvement over the leakage evaluation scheme due to Ichikawa et al.(CHES 2005).Our evaluation method can be used in electronic design automatic (EDA) flows and can help security circuit designers to understand the data leakage due to SCAs.

关键词： computer security differential power attack side channel attack

security model and modular design of fair authentication key exchange protocols

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Science china(information sciences) 2010年第2期53卷 278-287页

作者： FENG DengGuo & CHEN WeiDong state key laboratory of information security, institute of software, chinese academy of sciences, beijing 100190, china state key laboratory of information security Institute of Software Chinese Academy of Sciences Beijing China

It is traditionally assumed that the legal two parties in authentication key exchange (AKE) communications are both credible. However, in more and more network applications nowadays, it is often required that such protocols be run under the circumstances where ones do not trust in each other. Therefore, in this paper we propose the idea of fair authentication key exchange (FAKE), which has not only the basic properties of AKE protocols, but also some new properties: the "session proof" embedded in the input of protocols by the customer; and if not revealed, the protocols have the deniability, otherwise the transcript of protocol is binding for the identifications. Such a method is capable of solving the contradiction between protecting privacy and the dissension on network service. Then the security model of FAKE protocols is formulated systematically and a flaw of the security model of current signature schemes proposed by Kudla is also corrected. Finally, a kind of FAKE protocol based on current signature schemes is designed and the mBJM-AK security, conditional deniability and fairness of FAKE protocols are proved in the random oracle model.

关键词： authentication key exchange protocols deniability fairness concurrent signature provable security

Improved multi-pass fast correlation attacks with applications

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Science china(information sciences) 2011年第8期54卷 1635-1644页

作者： ZHANG Bin & FENG DengGuo state key laboratory of information security,institute of software,chinese academy of sciences,beijing 100190,china state key laboratory of information security Institute of Software Chinese Academy of Sciences Beijing China

In this paper we propose two new algorithms for multi-pass fast correlation attacks on stream *** first algorithm aims at fast symbol-wise decoding in the circumstances that the noise is not very high and we have little resource for *** second algorithm deals with the practical decoding problem in the high noise and limited keystream *** new algorithms are applicable to arbitrary form LFSR and compare favorably to the previously known algorithms in the scenarios under *** applications,we demonstrate new key recovery attacks on one-level Bluetooth E0 and LILI-128,*** 2 37 -bit keystream and 2 28-byte memory,our attack against one-level E0 needs 2 35.1 *** 2 24-bit keystream and 2 24.5 -byte memory,our attack on LILI-128 has time complexity 2 70.6 operations.

关键词： stream cipher fast correlation attacks linear feedback shift register (LFSR) Bluetooth E0 LILI-128

A two-round honest-verifier zero-knowledge protocol

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Science china(information sciences) 2010年第5期53卷 954-963页

作者： LIU HanWu 1,2 & LIN DongDai 1 1 The state key laboratory of information security, institute of software, chinese academy of sciences, beijing 100190, china 2 Graduate University of the chinese academy of sciences, beijing 100049, china The state key laboratory of information security Institute of Software Chinese Academy of Sciences Beijing China Graduate University of the chinese academy of sciences Beijing China

Since the concept of zero-knowledge protocols was introduced, it has attracted a lot of attention and in turn showed significant effect on the development of cryptography, complexity theory and other areas. The round complexity of a zero-knowledge protocol is a very important efficiency consideration, and it is required to be as small as possible. Generally, it is desirable to have zero-knowledge protocols with constant numbers of rounds. Goldreich and Oren proved that only languages in BPP have one-round and two-round zero-knowledge protocols. Moreover, they also showed that only languages in BPP have one-round honest-verifier zero-knowledge protocols. The notion of honest-verifier zero-knowledge protocols is highly non-trivial and fascinating itself, and has many other uses. Thus, the problem as to whether there exist two-round honest-verifier zero-knowledge protocols becomes an important open problem. In this paper, we introduce a new simulation technique and present a two-round honest-verifier zero-knowledge protocol for any language in N P under a standard complexity assumption based on this technique.

关键词： proof system argument system zero-knowledge witness indistinguishability black-box one-way permutation commitment scheme zap

CMQV+:An authenticated key exchange protocol from CMQV

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Science china(information sciences) 2012年第7期55卷 1666-1674页

作者： LI Hui 1,2 & WU ChuanKun 1 1 state key laboratory of information security,institute of software,chinese academy of sciences,beijing 100190,china 2 Graduate University of chinese academy of sciences,beijing 100049,china state key laboratory of information security Institute of Software Chinese Academy of Sciences Beijing China Graduate University of chinese academy of sciences Beijing China

Ustaoglu presents a secure and efficient key exchange protocol named CMQV,based on the design rationales of HMQV and *** with the latter two protocols,on one hand,CMQV achieves high performance of HMQV,and on the other,it is proven secure in eCK model as NAXOS ***,CMQV enjoys the security proof under gap Diffie-Hellman assumption as indicated by its *** this paper,we propose a variant of CMQV,called CMQV+,which is proven secure under a weaker assumption (*** Diffie-Hellman assumption) in eCK model with random oracles while maintaining the high-performance feature of CMQV as much as possible.

关键词： key exchange eCK model trapdoor-test technique provable security CDH assumption

CBCR:CBC MAC with rotating transformations

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Science china(information sciences) 2011年第11期54卷 2247-2255页

作者： ZHANG LiTing 1,2,WU WenLing 1,ZHANG Lei 1 & WANG Peng 21 state key laboratory of information security,institute of software,chinese academy of sciences,beijing 100190,china 2 Graduate University of chinese academy of sciences,beijing 100049,china state key laboratory of information security Institute of Software Chinese Academy of Sciences Beijing China Graduate University of chinese academy of sciences Beijing China

Message authentication codes (MACs) are widely used to protect data integrity and data origin authentication in *** this paper,we propose a new block-cipher-based MAC algorithm,CBCR,with provable security for arbitrary-length *** adopts rotating operations in the end of cipherblock-chaining structure,and it appends fixed-length prefixes to all messages,which implies flexible usages in *** example,these fixed-length prefixes can be filled with some security parameters,message redundancies,*** also propose CBCR0,a special case of CBCR that sets its prefix to be an all-zero *** with CMAC,a recommended standard by the US National institute of Standards and Technology (NIST),CBCR0 enjoys all the advantages that CMAC has,but requires less memory;so,in practical applications,CBCR0 behaves as well as CMAC does,and it is even more suitable for environments with limited memory resources,*** cards.

关键词： message authentication code cipher block chaining block cipher provable security

A property-based attestation protocol for TCM

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Science china(information sciences) 2010年第3期53卷 454-464页

作者： FENG DengGuo1,2 & QIN Yu1,2 1state key laboratory of information security, institute of software, chinese academy of Science, beijing 100190, china 2National Engineering Research Center of information security, beijing 100190, china state key laboratory of information security Institute of Software Chinese Academy of Science Beijing China National Engineering Research Center of information security Beijing China

This paper presents a property attestation protocol for the security chip TCM (trusted cryptographic module) via analyzing the problems of the current property attestation, which is built on the property attestation model with the online trust third party. In the protocol the prover utilizes the zero-knowledge proof by the attribute certificates, configuration commitment and TCM signature, and attests its configuration and status which are compliant with the declarative security property. The protocol is characterized by shorter signature length and lower computations. The security of the protocol is proved at the random oracle model. The protocol can help extend application and improve standard for security chip TCM, and it also has practical value and immediate significance.

关键词： trust computing trust cryptographic module (TCM) property attestation signature of knowl- edge configuration commitment