Tag key encapsulation mechanism (Tag-KEM)/data encapsulation mechanism (DEM) is a hybrid framework proposed in 2005. Tag-t(EM is one of its parts by using public-key encryption (PKE) technique to encapsulate a ...Tag key encapsulation mechanism (Tag-KEM)/data encapsulation mechanism (DEM) is a hybrid framework proposed in 2005. Tag-t(EM is one of its parts by using public-key encryption (PKE) technique to encapsulate a symmetric key. In hybrid encryptions, the long-raessage PKE is not desired due to its slow operation. A general method is presented for constructing Tag-KEM schemes with short-message PKEs. The chosen ciphertext security is proved in the random oracle model. In the method, the treatment of the tag part brings no additional ciphertext redundancy. Among all the methods for constructing Tag-KEM, the method is the first one without any validity checking on the tag part, thus showing that the Tag-KEM/DEM framework is superior to KEM+DEM one.展开更多
Investigated the properties of LUCas sequence(LUC), the paper proposed a new variant of (probabilistic) public-key encryption scheme. Security analysis of the proposed encryption schemes shows that its one-wayness is ...Investigated the properties of LUCas sequence(LUC), the paper proposed a new variant of (probabilistic) public-key encryption scheme. Security analysis of the proposed encryption schemes shows that its one-wayness is equivalent to partial LUC discrete logarithm problem in ZN, and for the proposed probabilistic encryption scheme, its semantic security is equivalent to decisional LUC Diffie-Hellman problem in ZN. At last, the efficiency of the proposed schemes is briefly analyzed.展开更多
The paper review the public-key cryptosystems based on the error correcting codes such as Goppa code, BCH code, RS code, rank distance code, algebraic geometric code as well as LDPC code, and made the comparative anal...The paper review the public-key cryptosystems based on the error correcting codes such as Goppa code, BCH code, RS code, rank distance code, algebraic geometric code as well as LDPC code, and made the comparative analyses of the merits and drawbacks of them. The cryptosystem based on Goppa code has high security, but can be achieved poor. The cryptosystems based on other error correcting codes have higher performance than Goppa code. But there are still some disadvantages to solve. At last, the paper produce an assumption of the Niederreiter cascade combination cryptosystem based on double public-keys under complex circumstances, which has higher performance and security than the traditional cryptosystems.展开更多
Based on the characteristic of key-insulated public-key cryptosystem, wepropose a distributed landora session keys distribution protocol without a key distribution center.The session key is generated by different user...Based on the characteristic of key-insulated public-key cryptosystem, wepropose a distributed landora session keys distribution protocol without a key distribution center.The session key is generated by different user and only used one time. So thekey is one-time key. Inaddition, the user who generates the next one-time key, is random selected by the current sessionkey. In the protocol of this paper, the characteristic of time in the key-insulated public-key, adistributed protocol, translates into the characteristic of spaee which every point has differentsecret key in the different period. At the same time, the system is fit for key management in AdHoe, and is a new scheme of key management in Ad Hoc.展开更多
The Internet of Things(IoT)is a network system that connects physical devices through the Internet,allowing them to interact.Nowadays,IoT has become an integral part of our lives,offering convenience and smart functio...The Internet of Things(IoT)is a network system that connects physical devices through the Internet,allowing them to interact.Nowadays,IoT has become an integral part of our lives,offering convenience and smart functionality.However,the growing number of IoT devices has brought about a corresponding increase in cybersecurity threats,such as device vulnerabilities,data privacy concerns,and network susceptibilities.Integrating blockchain technology with IoT has proven to be a promising approach to enhance IoT security.Nevertheless,the emergence of quantum computing poses a significant challenge to the security of traditional classical cryptography used in blockchain,potentially exposing it to quantum cyber-attacks.To support the growth of the IoT industry,mitigate quantum threats,and safeguard IoT data,this study proposes a robust blockchain solution for IoT that incorporates both classical and post-quantum security measures.Firstly,we present the Quantum-Enhanced Blockchain Architecture for IoT(QBIoT)to ensure secure data sharing and integrity protection.Secondly,we propose an improved Proof of Authority consensus algorithm called“Proof of Authority with Random Election”(PoARE),implemented within QBIoT for leader selection and new block creation.Thirdly,we develop a publickey quantum signature protocol for transaction verification in the blockchain.Finally,a comprehensive security analysis of QBIoT demonstrates its resilience against cyber threats from both classical and quantum adversaries.In summary,this research introduces an innovative quantum-enhanced blockchain solution to address quantum security concernswithin the realmof IoT.The proposedQBIoT framework contributes to the ongoing development of quantum blockchain technology and offers valuable insights for future research on IoT security.展开更多
A joint signature,encryption and error correction public-key cryptosystem is pre-sented based on an NP-completeness problem-the decoding problem of general linear codes inalgebraic coding theory,
As the use of cloud storage for various services increases,the amount of private personal information along with data stored in the cloud storage is also increasing.To remotely use the data stored on the cloud storage...As the use of cloud storage for various services increases,the amount of private personal information along with data stored in the cloud storage is also increasing.To remotely use the data stored on the cloud storage,the data to be stored needs to be encrypted for this reason.Since“searchable encryption”is enable to search on the encrypted data without any decryption,it is one of convenient solutions for secure data management.A public key encryption with keyword search(for short,PEKS)is one of searchable encryptions.Abdalla et al.firstly defined IND-CCA security for PEKS to enhance it’s security and proposed consistent IND-CCA secure PEKS based on the“robust”ANO-CCA secure identity-based encryption(IBE).In this paper,we propose two generic constructions of consistent IND-CCA secure PEKS combining(1)a hierarchical identity based encryption(for short,HIBE)and a signature scheme or(2)a HIBE,an encapsulation,and a message authentication code(for short,MAC)scheme.Our generic constructions identify that HIBE requires the security of a signature or a MAC as well as the weaker“ANO-CPA security(resp.,IND-CPA security)”of HIBE than“ANOCCA security(resp.,IND-CCA security)”of IBE required in for achieving IND-CCA secure(resp.,consistent)PEKS.Finally,we prove that our generic constructions satisfy IND-CCA security and consistency under the security models.展开更多
The real polynomial type public-key cryptosystems are broken up by computing the equivalent secure keys, then some computational problems related to securities of cryptosystems are discussed.
The most popular present-day public-key cryptosystems are RSA and ElGamal cryptosystems. Some practical algebraic generalization of the ElGamal cryptosystem is considered-basic modular matrix cryptosystem (BMMC) over ...The most popular present-day public-key cryptosystems are RSA and ElGamal cryptosystems. Some practical algebraic generalization of the ElGamal cryptosystem is considered-basic modular matrix cryptosystem (BMMC) over the modular matrix ring M2(Zn). An example of computation for an artificially small number n is presented. Some possible attacks on the cryptosystem and mathematical problems, the solution of which are necessary for implementing these attacks, are studied. For a small number n, computational time for compromising some present-day public-key cryptosystems such as RSA, ElGamal, and Rabin, is compared with the corresponding time for the ВММС. Finally, some open mathematical and computational problems are formulated.展开更多
With the development of quantum computing technology,quantum public-key cryptography is gradually becoming an alternative to the existing classical public-key cryptography.This paper designs a quantum trapdoor one-way...With the development of quantum computing technology,quantum public-key cryptography is gradually becoming an alternative to the existing classical public-key cryptography.This paper designs a quantum trapdoor one-way function via EPR pairs and quantum measurements.Based on this,a new quantum public-key cryptosystem is presented,which offers forward security,and can resist the chosen-plaintext attack and chosen-ciphertext attack.Compared with the existing quantum public-key cryptos,eavesdropping can be automatically detected in this new quantum public-key cryptosystem under a necessary condition,which is also detailed in the paper.展开更多
Public-key cryptosystems for quantum messages are considered from two aspects:public-key encryption and public-key authentication.Firstly,we propose a general construction of quantum public-key encryption scheme,and t...Public-key cryptosystems for quantum messages are considered from two aspects:public-key encryption and public-key authentication.Firstly,we propose a general construction of quantum public-key encryption scheme,and then construct an informationtheoretic secure instance.Then,we propose a quantum public-key authentication scheme,which can protect the integrity of quantum messages.This scheme can both encrypt and authenticate quantum messages.It is information-theoretic secure with regard to encryption,and the success probability of tampering decreases exponentially with the security parameter with regard to authentication.Compared with classical public-key cryptosystems,one private-key in our schemes corresponds to an exponential number of public-keys,and every quantum public-key used by the sender is an unknown quantum state to the sender.展开更多
This paper proposes a new public-key encryption scheme which removes one element from the public-key tuple of the original Cramer-Shoup scheme. As a result, a ciphertext is not a quadruple but a triple at the cost of ...This paper proposes a new public-key encryption scheme which removes one element from the public-key tuple of the original Cramer-Shoup scheme. As a result, a ciphertext is not a quadruple but a triple at the cost of a strong assumption, the third version of knowledge of exponent assumption (KEA3). Under assumptions of KEA3, a decision Diffie-Hellman (DDH) and a variant of target collision resistance (TCRv), the new scheme is proved secure against indistinguishable adaptive chosen ciphertext attack (IND-CCA2). This scheme is as efficient as Damgard ElGamal (DEG) scheme when it makes use of a well-known algorithm for product of exponentiations. The DEG scheme is recently proved IND-CCA1 secure by Bellare and Palacio in ASIACRYPT 2004 under another strong assumption. In addition to our IND-CCA2 secured scheme, we also believe that the security proof procedure itself provides a well insight for ElGamal-based encryption schemes which are secure in real world.展开更多
Identity-based hash proof system is a basic and important primitive. Ittographic schemes and protocols that are secure against key-leakage attacks. In thisupdatable identity-based hash proof system, in which the relat...Identity-based hash proof system is a basic and important primitive. Ittographic schemes and protocols that are secure against key-leakage attacks. In thisupdatable identity-based hash proof system, in which the related master secret keyis widely utilized to construct cryp-paper, we introduce the concept ofand the identity secret key can beupdated securely. Then, we instantiate this primitive based on lattices in the standard model. Moreover, we introduce anapplication of this new primitive by giving a generic construction of leakage-resilient public-key encryption schemes withanonymity. This construction can be considered as the integration of the bounded-retrieval model and the continual leakagemodel. Compared with the existing leakage-resilient schemes, our construction not only is more efficient but also can resistmuch more key leakage.展开更多
Okamoto public-key cryptosystem (abbr. OPKC)has drawn considerable attention for its convenience and rapidity of encryption and decryption. K. Koyama, A.Shamir, B. Vallee and others already analyzed it and presented s...Okamoto public-key cryptosystem (abbr. OPKC)has drawn considerable attention for its convenience and rapidity of encryption and decryption. K. Koyama, A.Shamir, B. Vallee and others already analyzed it and presented some attacks. This report gives OPKC an elementary attack, which can not only break completely both the systems of OPKC but also be used to attack other public-key cryptosystems similar to OPKC, such as展开更多
A tightly secure cryptographic scheme refers to a construction with a tight security reduction to a hardness assumption,where the reduction loss is a small constant.A scheme with tight security is preferred in practic...A tightly secure cryptographic scheme refers to a construction with a tight security reduction to a hardness assumption,where the reduction loss is a small constant.A scheme with tight security is preferred in practice since it could be implemented using a smaller parameter to improve efficiency.Recently,Bader et al.(EUROCRYPT 2016)have proposed a comprehensive study on the impossible tight security reductions for certain(e.g.,key-unique)public-key cryptographic schemes in the multi-user with adaptive corruptions(MU-C)setting built upon non-interactive assumptions.The assumptions of one-more version,such as one-more computational Diffie-Hellman(n-CDH),are variants of the standard assumptions and have found various applications.However,whether it is possible to have tightly secure key-unique schemes from the one-more assumptions or the impossible tight reduction results also hold for these assumptions remains unknown.In this paper,we give affirmative answers to the above question,i.e.,we can have efficient key-unique public-key cryptographic schemes with tight security built upon the one-more assumptions.Specifically,we propose a digital signature scheme and an encryption scheme,both of which are key-unique and have tight MU-C security under the one-more computational Diffie-Hellman(n-CDH)assumption.Our results also reflect from another aspect that there indeed exists a gap between the standard assumptions and their one-more version counterparts.展开更多
The present paper proposes a secure design of the energy-efficient multi-modular exponential techniques that use store and reward method and store and forward method.Computation of the multi-modular exponentiation can...The present paper proposes a secure design of the energy-efficient multi-modular exponential techniques that use store and reward method and store and forward method.Computation of the multi-modular exponentiation can be performed by three novel algorithms:store and reward,store and forward 1-bit(SFW1),and store and forward 2-bit(SFW2).Hardware realizations of the proposed algorithms are analyzed in terms of throughput and energy.The experimental results show the proposed algorithms SFW1 and SFW2 increase the throughput by orders of 3.98% and 4.82%,reducing the power by 5.32% and 6.15% and saving the energy in the order of 3.95% and 4.75%,respectively.The proposed techniques can prevent possible side-channel attacks and timing attacks as a consequence of an inbuilt confusion mechanism.Xilinx Vivado-21 on Virtex-7 evaluation board and integrated computer application for recognizing user services(ICARUS)Verilog simulation and synthesis tools are used for field programmable gate array(FPGA)for hardware realization.The hardware compatibility of proposed algorithms has also been checked using Cadence for application specific integrated circuit(ASIC).展开更多
Properties of third-order recurrence sequences were investigated and a new variant of the GH public-key cryptosystem,which was further improved to be a probabil-istic public-key cryptosystem,was proposed.Then security...Properties of third-order recurrence sequences were investigated and a new variant of the GH public-key cryptosystem,which was further improved to be a probabil-istic public-key cryptosystem,was proposed.Then security analysis of the proposed scheme was provided and it was proved that the one-wayness of the proposed scheme is equivalent to partial discrete logarithm and its semantic se-curity is equivalent to decisional Diffie-Hellman problem in ring extension.Finally,efficiency analysis of the proposed scheme was provided,and that these two encryption schemes need to transfer 2log N and 4log N bits data re-spectively.展开更多
The concept of sharing of personal health data over cloud storage in a healthcare-cyber physical system has become popular in recent times as it improves access quality.The privacy of health data can only be preserved...The concept of sharing of personal health data over cloud storage in a healthcare-cyber physical system has become popular in recent times as it improves access quality.The privacy of health data can only be preserved by keeping it in an encrypted form,but it affects usability and flexibility in terms of effective search.Attribute-based searchable encryption(ABSE)has proven its worth by providing fine-grained searching capabilities in the shared cloud storage.However,it is not practical to apply this scheme to the devices with limited resources and storage capacity because a typical ABSE involves serious computations.In a healthcare cloud-based cyber-physical system(CCPS),the data is often collected by resource-constraint devices;therefore,here also,we cannot directly apply ABSE schemes.In the proposed work,the inherent computational cost of the ABSE scheme is managed by executing the computationally intensive tasks of a typical ABSE scheme on the blockchain network.Thus,it makes the proposed scheme suitable for online storage and retrieval of personal health data in a typical CCPS.With the assistance of blockchain technology,the proposed scheme offers two main benefits.First,it is free from a trusted authority,which makes it genuinely decentralized and free from a single point of failure.Second,it is computationally efficient because the computational load is now distributed among the consensus nodes in the blockchain network.Specifically,the task of initializing the system,which is considered the most computationally intensive,and the task of partial search token generation,which is considered as the most frequent operation,is now the responsibility of the consensus nodes.This eliminates the need of the trusted authority and reduces the burden of data users,respectively.Further,in comparison to existing decentralized fine-grained searchable encryption schemes,the proposed scheme has achieved a significant reduction in storage and computational cost for the secret key associated with users.It has been verified both theoretically and practically in the performance analysis section.展开更多
RSA public key crypto system is a relatively safe technology, which is widely used in today’s secure electronic communication. In this paper, a new implementation method to optimize a 1 024 bit RSA processor was pres...RSA public key crypto system is a relatively safe technology, which is widely used in today’s secure electronic communication. In this paper, a new implementation method to optimize a 1 024 bit RSA processor was presented. Basically, a fast modular multiplication architecture based on Montgomery’s algorithm was proposed. Modular exponentiation algorithm scans encryption from right to left, so two modular multiplications can be processed parallel. The new architecture is also fit for an effective I/O interface. The time to calculate a modular exponentiation is about n 2 clock cycles. The proposed architecture has a data rate of 93.7 kb/s for 1 024 bit work with a 100 MHz clock.展开更多
An identity-based encryption(IBE) was studied with non-interactively opening property that the plain text of a ciphertext can be revealed without affecting the security of the encryption system.Two kinds of non-intera...An identity-based encryption(IBE) was studied with non-interactively opening property that the plain text of a ciphertext can be revealed without affecting the security of the encryption system.Two kinds of non-interactive opening properties for IBE schemes were defined along with a concrete scheme in each case.展开更多
基金Supported by the National Natural Science Foundation of China(60603010,60970120)~~
文摘Tag key encapsulation mechanism (Tag-KEM)/data encapsulation mechanism (DEM) is a hybrid framework proposed in 2005. Tag-t(EM is one of its parts by using public-key encryption (PKE) technique to encapsulate a symmetric key. In hybrid encryptions, the long-raessage PKE is not desired due to its slow operation. A general method is presented for constructing Tag-KEM schemes with short-message PKEs. The chosen ciphertext security is proved in the random oracle model. In the method, the treatment of the tag part brings no additional ciphertext redundancy. Among all the methods for constructing Tag-KEM, the method is the first one without any validity checking on the tag part, thus showing that the Tag-KEM/DEM framework is superior to KEM+DEM one.
基金Supported by the 973 State Key Project of China (No.G1999035803)the National Natural Science Foundation of China (No.69931010).
文摘Investigated the properties of LUCas sequence(LUC), the paper proposed a new variant of (probabilistic) public-key encryption scheme. Security analysis of the proposed encryption schemes shows that its one-wayness is equivalent to partial LUC discrete logarithm problem in ZN, and for the proposed probabilistic encryption scheme, its semantic security is equivalent to decisional LUC Diffie-Hellman problem in ZN. At last, the efficiency of the proposed schemes is briefly analyzed.
基金Supported by the Postgraduate Project of Military Science of PLA(2013JY431)55th Batch of China Postdoctoral Second-Class on Fund Projects(2014M552656)
文摘The paper review the public-key cryptosystems based on the error correcting codes such as Goppa code, BCH code, RS code, rank distance code, algebraic geometric code as well as LDPC code, and made the comparative analyses of the merits and drawbacks of them. The cryptosystem based on Goppa code has high security, but can be achieved poor. The cryptosystems based on other error correcting codes have higher performance than Goppa code. But there are still some disadvantages to solve. At last, the paper produce an assumption of the Niederreiter cascade combination cryptosystem based on double public-keys under complex circumstances, which has higher performance and security than the traditional cryptosystems.
文摘Based on the characteristic of key-insulated public-key cryptosystem, wepropose a distributed landora session keys distribution protocol without a key distribution center.The session key is generated by different user and only used one time. So thekey is one-time key. Inaddition, the user who generates the next one-time key, is random selected by the current sessionkey. In the protocol of this paper, the characteristic of time in the key-insulated public-key, adistributed protocol, translates into the characteristic of spaee which every point has differentsecret key in the different period. At the same time, the system is fit for key management in AdHoe, and is a new scheme of key management in Ad Hoc.
基金supported by National Key RD Program of China(Grant No.2022YFB3104402,the Research on Digital Identity Trust System for Massive Heterogeneous Terminals in Road Traffic System)the Fundamental Research Funds for the Central Universities(Grant Nos.3282023015,3282023035,3282023051)National First-Class Discipline Construction Project of Beijing Electronic Science and Technology Institute(No.3201012).
文摘The Internet of Things(IoT)is a network system that connects physical devices through the Internet,allowing them to interact.Nowadays,IoT has become an integral part of our lives,offering convenience and smart functionality.However,the growing number of IoT devices has brought about a corresponding increase in cybersecurity threats,such as device vulnerabilities,data privacy concerns,and network susceptibilities.Integrating blockchain technology with IoT has proven to be a promising approach to enhance IoT security.Nevertheless,the emergence of quantum computing poses a significant challenge to the security of traditional classical cryptography used in blockchain,potentially exposing it to quantum cyber-attacks.To support the growth of the IoT industry,mitigate quantum threats,and safeguard IoT data,this study proposes a robust blockchain solution for IoT that incorporates both classical and post-quantum security measures.Firstly,we present the Quantum-Enhanced Blockchain Architecture for IoT(QBIoT)to ensure secure data sharing and integrity protection.Secondly,we propose an improved Proof of Authority consensus algorithm called“Proof of Authority with Random Election”(PoARE),implemented within QBIoT for leader selection and new block creation.Thirdly,we develop a publickey quantum signature protocol for transaction verification in the blockchain.Finally,a comprehensive security analysis of QBIoT demonstrates its resilience against cyber threats from both classical and quantum adversaries.In summary,this research introduces an innovative quantum-enhanced blockchain solution to address quantum security concernswithin the realmof IoT.The proposedQBIoT framework contributes to the ongoing development of quantum blockchain technology and offers valuable insights for future research on IoT security.
基金Subject supported by the National Natural Science Fund of China
文摘A joint signature,encryption and error correction public-key cryptosystem is pre-sented based on an NP-completeness problem-the decoding problem of general linear codes inalgebraic coding theory,
文摘As the use of cloud storage for various services increases,the amount of private personal information along with data stored in the cloud storage is also increasing.To remotely use the data stored on the cloud storage,the data to be stored needs to be encrypted for this reason.Since“searchable encryption”is enable to search on the encrypted data without any decryption,it is one of convenient solutions for secure data management.A public key encryption with keyword search(for short,PEKS)is one of searchable encryptions.Abdalla et al.firstly defined IND-CCA security for PEKS to enhance it’s security and proposed consistent IND-CCA secure PEKS based on the“robust”ANO-CCA secure identity-based encryption(IBE).In this paper,we propose two generic constructions of consistent IND-CCA secure PEKS combining(1)a hierarchical identity based encryption(for short,HIBE)and a signature scheme or(2)a HIBE,an encapsulation,and a message authentication code(for short,MAC)scheme.Our generic constructions identify that HIBE requires the security of a signature or a MAC as well as the weaker“ANO-CPA security(resp.,IND-CPA security)”of HIBE than“ANOCCA security(resp.,IND-CCA security)”of IBE required in for achieving IND-CCA secure(resp.,consistent)PEKS.Finally,we prove that our generic constructions satisfy IND-CCA security and consistency under the security models.
基金Supported by the National Natural Science Foundation of Chinathe Fund of the State Education Commission of China
文摘The real polynomial type public-key cryptosystems are broken up by computing the equivalent secure keys, then some computational problems related to securities of cryptosystems are discussed.
文摘The most popular present-day public-key cryptosystems are RSA and ElGamal cryptosystems. Some practical algebraic generalization of the ElGamal cryptosystem is considered-basic modular matrix cryptosystem (BMMC) over the modular matrix ring M2(Zn). An example of computation for an artificially small number n is presented. Some possible attacks on the cryptosystem and mathematical problems, the solution of which are necessary for implementing these attacks, are studied. For a small number n, computational time for compromising some present-day public-key cryptosystems such as RSA, ElGamal, and Rabin, is compared with the corresponding time for the ВММС. Finally, some open mathematical and computational problems are formulated.
基金supported by the National Key Research and Development Program of China(Grant No.2020YFA0309702)the National Natural Science Foundation of China(Grant No.61502526)+1 种基金the National Safety Academic Fund(Grant No.U2130205)the Natural Science Foundation of Henan(Grant No.202300410532)。
文摘With the development of quantum computing technology,quantum public-key cryptography is gradually becoming an alternative to the existing classical public-key cryptography.This paper designs a quantum trapdoor one-way function via EPR pairs and quantum measurements.Based on this,a new quantum public-key cryptosystem is presented,which offers forward security,and can resist the chosen-plaintext attack and chosen-ciphertext attack.Compared with the existing quantum public-key cryptos,eavesdropping can be automatically detected in this new quantum public-key cryptosystem under a necessary condition,which is also detailed in the paper.
基金supported by the National Natural Science Foundation of China (Grant No. 61173157)Strategy Pilot Project of Chinese Academy of Sciences (Grant No. Sub-project XD06010702)IIE’s Cryptography Research Project
文摘Public-key cryptosystems for quantum messages are considered from two aspects:public-key encryption and public-key authentication.Firstly,we propose a general construction of quantum public-key encryption scheme,and then construct an informationtheoretic secure instance.Then,we propose a quantum public-key authentication scheme,which can protect the integrity of quantum messages.This scheme can both encrypt and authenticate quantum messages.It is information-theoretic secure with regard to encryption,and the success probability of tampering decreases exponentially with the security parameter with regard to authentication.Compared with classical public-key cryptosystems,one private-key in our schemes corresponds to an exponential number of public-keys,and every quantum public-key used by the sender is an unknown quantum state to the sender.
基金Supported by the National Grand Fundamental Research 973 Program of Chine under Grant No. 1999035803 and the National Natural Science Foundation of China under Grant No. 60473027. The authors would like to thank Dr. Qian-Hong Wu from Wollongong Univ. and Dr. Zheng-Tao Jiang from Xidian Univ. for their fruitful discussions. We also take the opportunity to appreciate valuable comments from editors and reviewers.
文摘This paper proposes a new public-key encryption scheme which removes one element from the public-key tuple of the original Cramer-Shoup scheme. As a result, a ciphertext is not a quadruple but a triple at the cost of a strong assumption, the third version of knowledge of exponent assumption (KEA3). Under assumptions of KEA3, a decision Diffie-Hellman (DDH) and a variant of target collision resistance (TCRv), the new scheme is proved secure against indistinguishable adaptive chosen ciphertext attack (IND-CCA2). This scheme is as efficient as Damgard ElGamal (DEG) scheme when it makes use of a well-known algorithm for product of exponentiations. The DEG scheme is recently proved IND-CCA1 secure by Bellare and Palacio in ASIACRYPT 2004 under another strong assumption. In addition to our IND-CCA2 secured scheme, we also believe that the security proof procedure itself provides a well insight for ElGamal-based encryption schemes which are secure in real world.
基金This work was supported by the National Key Research and Development Program of China under Grant No. 2017YFt30802000, the National Natural Science Foundation of China under Grant Nos. 61802241, 61772326, 61572303, 61872229, 61802242, and 61602290, the National Natural Science Foundation of China for International Young Scientists under Grant No. 61750110528, the National Cryp-tographv Development Fund during the 13th Five-Year Plan Period of China under Grant Nos. MMJJ20170216 and MMJJ20180217, the Foundation of State Key Laboratory of Information Security of China under Grant No. 2017-MS-03, and the Fundamental Re- search Funds for the Central Universities of China under Grant Nos. GK201603084, GK201702004, GK201603092, GK201603093, and GK201703062.
文摘Identity-based hash proof system is a basic and important primitive. Ittographic schemes and protocols that are secure against key-leakage attacks. In thisupdatable identity-based hash proof system, in which the related master secret keyis widely utilized to construct cryp-paper, we introduce the concept ofand the identity secret key can beupdated securely. Then, we instantiate this primitive based on lattices in the standard model. Moreover, we introduce anapplication of this new primitive by giving a generic construction of leakage-resilient public-key encryption schemes withanonymity. This construction can be considered as the integration of the bounded-retrieval model and the continual leakagemodel. Compared with the existing leakage-resilient schemes, our construction not only is more efficient but also can resistmuch more key leakage.
基金Project supported by the National Natural Science Foundation of China.
文摘Okamoto public-key cryptosystem (abbr. OPKC)has drawn considerable attention for its convenience and rapidity of encryption and decryption. K. Koyama, A.Shamir, B. Vallee and others already analyzed it and presented some attacks. This report gives OPKC an elementary attack, which can not only break completely both the systems of OPKC but also be used to attack other public-key cryptosystems similar to OPKC, such as
基金This work was supported by the National Natural Science Foundation of China under Grant Nos.61672289,61972094,61802195,and 61902191the Natural Science Foundation of Jiangsu Province under Grant No.BK20190696the Purple Mountain Laboratories。
文摘A tightly secure cryptographic scheme refers to a construction with a tight security reduction to a hardness assumption,where the reduction loss is a small constant.A scheme with tight security is preferred in practice since it could be implemented using a smaller parameter to improve efficiency.Recently,Bader et al.(EUROCRYPT 2016)have proposed a comprehensive study on the impossible tight security reductions for certain(e.g.,key-unique)public-key cryptographic schemes in the multi-user with adaptive corruptions(MU-C)setting built upon non-interactive assumptions.The assumptions of one-more version,such as one-more computational Diffie-Hellman(n-CDH),are variants of the standard assumptions and have found various applications.However,whether it is possible to have tightly secure key-unique schemes from the one-more assumptions or the impossible tight reduction results also hold for these assumptions remains unknown.In this paper,we give affirmative answers to the above question,i.e.,we can have efficient key-unique public-key cryptographic schemes with tight security built upon the one-more assumptions.Specifically,we propose a digital signature scheme and an encryption scheme,both of which are key-unique and have tight MU-C security under the one-more computational Diffie-Hellman(n-CDH)assumption.Our results also reflect from another aspect that there indeed exists a gap between the standard assumptions and their one-more version counterparts.
基金the DST of India for sponsoring this project under Interdisciplinary Cyber Physical Systems(ICPS)Division individual category with reference number:DST/ICPS/CPSIndividual/2018/895(G)(T-895).
文摘The present paper proposes a secure design of the energy-efficient multi-modular exponential techniques that use store and reward method and store and forward method.Computation of the multi-modular exponentiation can be performed by three novel algorithms:store and reward,store and forward 1-bit(SFW1),and store and forward 2-bit(SFW2).Hardware realizations of the proposed algorithms are analyzed in terms of throughput and energy.The experimental results show the proposed algorithms SFW1 and SFW2 increase the throughput by orders of 3.98% and 4.82%,reducing the power by 5.32% and 6.15% and saving the energy in the order of 3.95% and 4.75%,respectively.The proposed techniques can prevent possible side-channel attacks and timing attacks as a consequence of an inbuilt confusion mechanism.Xilinx Vivado-21 on Virtex-7 evaluation board and integrated computer application for recognizing user services(ICARUS)Verilog simulation and synthesis tools are used for field programmable gate array(FPGA)for hardware realization.The hardware compatibility of proposed algorithms has also been checked using Cadence for application specific integrated circuit(ASIC).
基金supported by the National Natural Science Foundation of China(No.90412011)the Hi-Tech Research and Development Program of China(No.2002AA143021)。
文摘Properties of third-order recurrence sequences were investigated and a new variant of the GH public-key cryptosystem,which was further improved to be a probabil-istic public-key cryptosystem,was proposed.Then security analysis of the proposed scheme was provided and it was proved that the one-wayness of the proposed scheme is equivalent to partial discrete logarithm and its semantic se-curity is equivalent to decisional Diffie-Hellman problem in ring extension.Finally,efficiency analysis of the proposed scheme was provided,and that these two encryption schemes need to transfer 2log N and 4log N bits data re-spectively.
文摘The concept of sharing of personal health data over cloud storage in a healthcare-cyber physical system has become popular in recent times as it improves access quality.The privacy of health data can only be preserved by keeping it in an encrypted form,but it affects usability and flexibility in terms of effective search.Attribute-based searchable encryption(ABSE)has proven its worth by providing fine-grained searching capabilities in the shared cloud storage.However,it is not practical to apply this scheme to the devices with limited resources and storage capacity because a typical ABSE involves serious computations.In a healthcare cloud-based cyber-physical system(CCPS),the data is often collected by resource-constraint devices;therefore,here also,we cannot directly apply ABSE schemes.In the proposed work,the inherent computational cost of the ABSE scheme is managed by executing the computationally intensive tasks of a typical ABSE scheme on the blockchain network.Thus,it makes the proposed scheme suitable for online storage and retrieval of personal health data in a typical CCPS.With the assistance of blockchain technology,the proposed scheme offers two main benefits.First,it is free from a trusted authority,which makes it genuinely decentralized and free from a single point of failure.Second,it is computationally efficient because the computational load is now distributed among the consensus nodes in the blockchain network.Specifically,the task of initializing the system,which is considered the most computationally intensive,and the task of partial search token generation,which is considered as the most frequent operation,is now the responsibility of the consensus nodes.This eliminates the need of the trusted authority and reduces the burden of data users,respectively.Further,in comparison to existing decentralized fine-grained searchable encryption schemes,the proposed scheme has achieved a significant reduction in storage and computational cost for the secret key associated with users.It has been verified both theoretically and practically in the performance analysis section.
基金NSF of U nited States under Contract 5 978East Asia and Pacific Program(960 2 485 )
文摘RSA public key crypto system is a relatively safe technology, which is widely used in today’s secure electronic communication. In this paper, a new implementation method to optimize a 1 024 bit RSA processor was presented. Basically, a fast modular multiplication architecture based on Montgomery’s algorithm was proposed. Modular exponentiation algorithm scans encryption from right to left, so two modular multiplications can be processed parallel. The new architecture is also fit for an effective I/O interface. The time to calculate a modular exponentiation is about n 2 clock cycles. The proposed architecture has a data rate of 93.7 kb/s for 1 024 bit work with a 100 MHz clock.
文摘An identity-based encryption(IBE) was studied with non-interactively opening property that the plain text of a ciphertext can be revealed without affecting the security of the encryption system.Two kinds of non-interactive opening properties for IBE schemes were defined along with a concrete scheme in each case.
