In today’s fourth industrial revolution,various blockchain technologies are being actively researched.A blockchain is a peer-to-peer data-sharing structure lacking central control.If a user wishes to access stored da...In today’s fourth industrial revolution,various blockchain technologies are being actively researched.A blockchain is a peer-to-peer data-sharing structure lacking central control.If a user wishes to access stored data,she/he must employ a private key to prove ownership of the data and create a transaction.If the private key is lost,blockchain data cannot be accessed.To solve such a problem,public blockchain users can recover the key using a wallet program.However,key recovery in a permissioned blockchain(PBC)has been but little studied.The PBC server is Honest-but-Curious(HBC),and should not be able to learn anything of the user;the server should simply recover and store the key.The server must also be resistant to malicious attacks.Therefore,key recovery in a PBC must satisfy various security requirements.Here,we present a password-protected secret sharing(PPSS)key recovery system,protected by a secure password from a malicious key storage server of a PBC.We describe existing key recovery schemes and our PPSS scheme.展开更多
Key-recovery technology is often used by an adversary to attempt to recover the cryptographic key of an encryption scheme. The most obvious key-recovery attack is the exhaustive key-search attack. But modern ciphers o...Key-recovery technology is often used by an adversary to attempt to recover the cryptographic key of an encryption scheme. The most obvious key-recovery attack is the exhaustive key-search attack. But modern ciphers often have a key space of size 2128 or greater, making such attacks infeasible with current technology. Cache-based side channel attack is another way to get the cryptographic key of an encryption scheme, but there are random noises in side channel attack. In order to reduce random errors, it is advisable to repeat the key recovery process many times. This paper is focused on the way to improve the key recovery accuracy by dealing with the key sequences obtained from the repeated Cache-based side channel attacks. To get the real key, private key bits from side channel attack are collected firstly. And then the key sequences are aligned using sequence alignment algorithms based on dynamic programming. The provided method of key recovery is universal, which is not limited to any cryptographic algorithm. The experiment shows that the proposed method has a good performance and a high availability when the error rate of the collected key bit is within a reasonable range.展开更多
In recent years,the rise of blockchain technology and its applications has led the software development industry to consider blockchain-powered Decentralized Applications(dApps)as serverless REST APIs.However,to engag...In recent years,the rise of blockchain technology and its applications has led the software development industry to consider blockchain-powered Decentralized Applications(dApps)as serverless REST APIs.However,to engage with dApps,users require a blockchain wallet.This tool facilitates the generation and secure storage of a user’s private key and verfies their identity,among other functionalities.Despite their utility,blockchain wallets present significant challenges,such as reliance on trusted third parties,vulnerability to adversaries observing and potentially linking user interactions,key recovery issues,and synchronization of cryptographic keys across multiple devices.This paper addresses these challenges by introducing a fully decentralized multi-platform wallet that leverages blockchain and InterPlanetary File System(IPFS)technologies for managing asymmetric keys and enabling key recovery.This novel approach empowers users to interact with dApps built on blockchain smart contracts while preserving their privacy and ensuring seamless key recovery in the case of device theft or damage.The proposed system is economically viable,with in-depth cost analysis,and demonstrates resilience against security and privacy attacks.A comparative analysis highlights the advantages of the new scheme over existing mainstream and state-of-the-art solutions.Finally,a preliminary prototype implementation is presented to validate the system’s feasibility.展开更多
At the Annual International Cryptology Conference in 2019,Gohr introduced a deep learning based cryptanalysis technique applicable to the reduced-round lightweight block ciphers with a short block of SPECK32/64.One si...At the Annual International Cryptology Conference in 2019,Gohr introduced a deep learning based cryptanalysis technique applicable to the reduced-round lightweight block ciphers with a short block of SPECK32/64.One significant challenge left unstudied by Gohr's work is the implementation of key recovery attacks on large-state block ciphers based on deep learning.The purpose of this paper is to present an improved deep learning based framework for recovering keys for large-state block ciphers.First,we propose a key bit sensitivity test(KBST)based on deep learning to divide the key space objectively.Second,we propose a new method for constructing neural distinguisher combinations to improve a deep learning based key recovery framework for large-state block ciphers and demonstrate its rationality and effectiveness from the perspective of cryptanalysis.Under the improved key recovery framework,we train an efficient neural distinguisher combination for each large-state member of SIMON and SPECK and finally carry out a practical key recovery attack on the large-state members of SIMON and SPECK.Furthermore,we propose that the 13-round SIMON64 attack is the most effective approach for practical key recovery to date.Noteworthly,this is the first attempt to propose deep learning based practical key recovery attacks on18-round SIMON128,19-round SIMON128,14-round SIMON96,and 14-round SIMON64.Additionally,we enhance the outcomes of the practical key recovery attack on SPECK large-state members,which amplifies the success rate of the key recovery attack in comparison to existing results.展开更多
The security of CPU smart cards, which are widely used throughout China, is currently being threatened by side-channel analysis. Typical countermeasures to side-channel analysis involve adding noise and filtering the ...The security of CPU smart cards, which are widely used throughout China, is currently being threatened by side-channel analysis. Typical countermeasures to side-channel analysis involve adding noise and filtering the power consumption signal. In this paper, we integrate appropriate preprocessing methods with an improved attack strategy to generate a key recovery solution to the shortcomings of these countermeasures. Our proposed attack strategy improves the attack result by combining information leaked from two adjacent clock cycles. Using our laboratory-based power analysis system, we verified the proposed key recovery solution by performing a successful correlation power analysis on a Triple Data Encryption Standard (3DES) hardware module in a real-life 32-bit CPU smart card. All 112 key bits of the 3DES were recovered with about 80 000 power traces.展开更多
The quantum security of lightweight block ciphers is receiving more and more attention.However,the existing quantum attacks on lightweight block ciphers only focused on the quantum exhaustive search,while the quantum ...The quantum security of lightweight block ciphers is receiving more and more attention.However,the existing quantum attacks on lightweight block ciphers only focused on the quantum exhaustive search,while the quantum attacks combined with classical cryptanalysis methods haven’t been well studied.In this paper,we study quantum key recovery attack on SIMON32/64 using Quantum Amplitude Amplification algorithm in Q1 model.At first,we reanalyze the quantum circuit complexity of quantum exhaustive search on SIMON32/64.We estimate the Clifford gates count more accurately and reduce the T gate count.Also,the T-depth and full depth is reduced due to our minor modifications.Then,using four differentials given by Biryukov in FSE 2014 as our distinguisher,we give our quantum key recovery attack on 19-round SIMON32/64.We treat the two phases of key recovery attack as two QAA instances separately,and the first QAA instance consists of four sub-QAA instances.Then,we design the quantum circuit of these two QAA instances and estimate their corresponding quantum circuit complexity.We conclude that the quantum circuit of our quantum key recovery attack is lower than quantum exhaustive search.Our work firstly studies the quantum dedicated attack on SIMON32/64.And this is the first work to study the complexity of quantum dedicated attacks from the perspective of quantum circuit complexity,which is a more fine-grained analysis of quantum dedicated attacks’complexity.展开更多
The Type-2 generalized Feistel structure is widely used in block cipher design.This work conducts a quantum key recovery attack on TWINE-80,a lightweight block cipher based on the improved Type-2 generalized Feistel s...The Type-2 generalized Feistel structure is widely used in block cipher design.This work conducts a quantum key recovery attack on TWINE-80,a lightweight block cipher based on the improved Type-2 generalized Feistel structure.By constructing a round function,a new 7-round quantum distinguisher for TWINE-80 is identified.Leveraging the reuse characteristics of round keys in the algorithm,three pairs of repeated round keys are discovered during the 5-round transformation process.Using Grover’s algorithm to search for partial round keys,a 17-round quantum key recovery attack on TWINE-80 is successfully implemented,with a time complexity of 296 and requiring 327 qubits.Compared to similar studies,this work reduces the time complexity by 26 and slightly decreases the required quantum resources by 12 qubits.展开更多
In ASIACCS 2015, Nu nez, et al. proposed a proxy re-encryption scheme, named NTRURe Encrypt, based on NTRU, which allows a proxy to translate ciphertext under the delegator’s public key into a re-encrypted ciphertext...In ASIACCS 2015, Nu nez, et al. proposed a proxy re-encryption scheme, named NTRURe Encrypt, based on NTRU, which allows a proxy to translate ciphertext under the delegator’s public key into a re-encrypted ciphertext that can be decrypted correctly by delegatee’s private key. Because of the potential resistance to quantum algorithm, high efficiency and various applications in real life,NTRURe Encrypt has drawn lots of attention and its security has been widely discussed and analyzed.In PQCrypto2019, Liu, et al. proposed two key recovery attacks against it. However, their first attack heavily relies on a weaken decryption oracle, and the second attack needs to collect about 260ciphertexts from the same message by theoretical analysis, which makes both of the attacks unrealistic. In this paper, inspired by the broadcast attack against NTRU, the authors find out that for NTRURe Encrypt the delegator and the delegatee can efficiently recover each other’s private key in polynomial time without any unrealistic assumptions. In addition, the authors also show how to fix NTRURe Encrypt to resist the proposed attacks. As a by-product, the authors also show how to commit broadcast attacks against NTRU 2001 with even dg, which was thought infeasible before.展开更多
The security of certain classes of the generalized self-shrinking sequence (GSS) generators is analyzed. Firstly, it is shown that the security of these GSS generators is equivalent to the security of the GSS genera...The security of certain classes of the generalized self-shrinking sequence (GSS) generators is analyzed. Firstly, it is shown that the security of these GSS generators is equivalent to the security of the GSS generators of the class-1, after which two effective key recovery attacks on the GSS generators of the class-1 are developed to evaluate their security.展开更多
基金This research was supported by the MSIT(Ministry of Science and ICT),Korea,under the ITRC(Information Technology Research Center)support program(IITP-2020-2015-0-00403)supervised by the IITP(Institute for Information&communications Technology Planning&Evaluation)This research was supported by the Soonchunhyang University Research Fund.
文摘In today’s fourth industrial revolution,various blockchain technologies are being actively researched.A blockchain is a peer-to-peer data-sharing structure lacking central control.If a user wishes to access stored data,she/he must employ a private key to prove ownership of the data and create a transaction.If the private key is lost,blockchain data cannot be accessed.To solve such a problem,public blockchain users can recover the key using a wallet program.However,key recovery in a permissioned blockchain(PBC)has been but little studied.The PBC server is Honest-but-Curious(HBC),and should not be able to learn anything of the user;the server should simply recover and store the key.The server must also be resistant to malicious attacks.Therefore,key recovery in a PBC must satisfy various security requirements.Here,we present a password-protected secret sharing(PPSS)key recovery system,protected by a secure password from a malicious key storage server of a PBC.We describe existing key recovery schemes and our PPSS scheme.
基金Supported in part by the Fundamental Research Funds for the Central Universities of China(2015JBM034)
文摘Key-recovery technology is often used by an adversary to attempt to recover the cryptographic key of an encryption scheme. The most obvious key-recovery attack is the exhaustive key-search attack. But modern ciphers often have a key space of size 2128 or greater, making such attacks infeasible with current technology. Cache-based side channel attack is another way to get the cryptographic key of an encryption scheme, but there are random noises in side channel attack. In order to reduce random errors, it is advisable to repeat the key recovery process many times. This paper is focused on the way to improve the key recovery accuracy by dealing with the key sequences obtained from the repeated Cache-based side channel attacks. To get the real key, private key bits from side channel attack are collected firstly. And then the key sequences are aligned using sequence alignment algorithms based on dynamic programming. The provided method of key recovery is universal, which is not limited to any cryptographic algorithm. The experiment shows that the proposed method has a good performance and a high availability when the error rate of the collected key bit is within a reasonable range.
基金supported by Project HERMES funded by the European Union NextGenerationEU/PRTR via INCIBE,by the project PID2021-125962OB-C32"SECURING/DATA"funded by MCIN/AEI/10.13039/501100011033/FEDER,UE,and by the grant 2021SGR 00115 from the Government of Cataloniasupported by the Spanish Government under an FPU grant(ref.FPU20/03254).
文摘In recent years,the rise of blockchain technology and its applications has led the software development industry to consider blockchain-powered Decentralized Applications(dApps)as serverless REST APIs.However,to engage with dApps,users require a blockchain wallet.This tool facilitates the generation and secure storage of a user’s private key and verfies their identity,among other functionalities.Despite their utility,blockchain wallets present significant challenges,such as reliance on trusted third parties,vulnerability to adversaries observing and potentially linking user interactions,key recovery issues,and synchronization of cryptographic keys across multiple devices.This paper addresses these challenges by introducing a fully decentralized multi-platform wallet that leverages blockchain and InterPlanetary File System(IPFS)technologies for managing asymmetric keys and enabling key recovery.This novel approach empowers users to interact with dApps built on blockchain smart contracts while preserving their privacy and ensuring seamless key recovery in the case of device theft or damage.The proposed system is economically viable,with in-depth cost analysis,and demonstrates resilience against security and privacy attacks.A comparative analysis highlights the advantages of the new scheme over existing mainstream and state-of-the-art solutions.Finally,a preliminary prototype implementation is presented to validate the system’s feasibility.
基金Project supported by the National Natural Science Foundation of China(No.62206312)。
文摘At the Annual International Cryptology Conference in 2019,Gohr introduced a deep learning based cryptanalysis technique applicable to the reduced-round lightweight block ciphers with a short block of SPECK32/64.One significant challenge left unstudied by Gohr's work is the implementation of key recovery attacks on large-state block ciphers based on deep learning.The purpose of this paper is to present an improved deep learning based framework for recovering keys for large-state block ciphers.First,we propose a key bit sensitivity test(KBST)based on deep learning to divide the key space objectively.Second,we propose a new method for constructing neural distinguisher combinations to improve a deep learning based key recovery framework for large-state block ciphers and demonstrate its rationality and effectiveness from the perspective of cryptanalysis.Under the improved key recovery framework,we train an efficient neural distinguisher combination for each large-state member of SIMON and SPECK and finally carry out a practical key recovery attack on the large-state members of SIMON and SPECK.Furthermore,we propose that the 13-round SIMON64 attack is the most effective approach for practical key recovery to date.Noteworthly,this is the first attempt to propose deep learning based practical key recovery attacks on18-round SIMON128,19-round SIMON128,14-round SIMON96,and 14-round SIMON64.Additionally,we enhance the outcomes of the practical key recovery attack on SPECK large-state members,which amplifies the success rate of the key recovery attack in comparison to existing results.
基金supported by the Major Program“Core of Electronic DevicesHigh-End General Chips+1 种基金and Basis of Software Products”of the Ministry of Industry and Information Technology of China(No.2014ZX01032205)the Key Technologies Research and Development Program of the Twelfth Five-Year Plan of China(No.MMJJ201401009)
文摘The security of CPU smart cards, which are widely used throughout China, is currently being threatened by side-channel analysis. Typical countermeasures to side-channel analysis involve adding noise and filtering the power consumption signal. In this paper, we integrate appropriate preprocessing methods with an improved attack strategy to generate a key recovery solution to the shortcomings of these countermeasures. Our proposed attack strategy improves the attack result by combining information leaked from two adjacent clock cycles. Using our laboratory-based power analysis system, we verified the proposed key recovery solution by performing a successful correlation power analysis on a Triple Data Encryption Standard (3DES) hardware module in a real-life 32-bit CPU smart card. All 112 key bits of the 3DES were recovered with about 80 000 power traces.
基金National Natural Science Foundation of China(Grant No.61672517)National Natural Foundation of China(Key program,Grant No.61732021)+1 种基金National Cyrptography Development Fund(Grant No.MMJJ20170108)Beijing Municipal Science&Technology Commission(Grant No.Z191100007119006).
文摘The quantum security of lightweight block ciphers is receiving more and more attention.However,the existing quantum attacks on lightweight block ciphers only focused on the quantum exhaustive search,while the quantum attacks combined with classical cryptanalysis methods haven’t been well studied.In this paper,we study quantum key recovery attack on SIMON32/64 using Quantum Amplitude Amplification algorithm in Q1 model.At first,we reanalyze the quantum circuit complexity of quantum exhaustive search on SIMON32/64.We estimate the Clifford gates count more accurately and reduce the T gate count.Also,the T-depth and full depth is reduced due to our minor modifications.Then,using four differentials given by Biryukov in FSE 2014 as our distinguisher,we give our quantum key recovery attack on 19-round SIMON32/64.We treat the two phases of key recovery attack as two QAA instances separately,and the first QAA instance consists of four sub-QAA instances.Then,we design the quantum circuit of these two QAA instances and estimate their corresponding quantum circuit complexity.We conclude that the quantum circuit of our quantum key recovery attack is lower than quantum exhaustive search.Our work firstly studies the quantum dedicated attack on SIMON32/64.And this is the first work to study the complexity of quantum dedicated attacks from the perspective of quantum circuit complexity,which is a more fine-grained analysis of quantum dedicated attacks’complexity.
文摘The Type-2 generalized Feistel structure is widely used in block cipher design.This work conducts a quantum key recovery attack on TWINE-80,a lightweight block cipher based on the improved Type-2 generalized Feistel structure.By constructing a round function,a new 7-round quantum distinguisher for TWINE-80 is identified.Leveraging the reuse characteristics of round keys in the algorithm,three pairs of repeated round keys are discovered during the 5-round transformation process.Using Grover’s algorithm to search for partial round keys,a 17-round quantum key recovery attack on TWINE-80 is successfully implemented,with a time complexity of 296 and requiring 327 qubits.Compared to similar studies,this work reduces the time complexity by 26 and slightly decreases the required quantum resources by 12 qubits.
基金supported by National Key Research and Development Program of China under Grant No.2018YFA0704705the National Natural Science Foundation of China under Grant Nos. 62032009, 12201193+3 种基金12226006the Innovation Program for Quantum Science and Technology under Grant No. 2021ZD0302902the Innovation Group Project of the Natural Science Foundation of Hubei Province of China under Grant No.2023AFA021the Science and Technology Research Program of Education Department of Hubei Province under Grant No. Q20221008。
文摘In ASIACCS 2015, Nu nez, et al. proposed a proxy re-encryption scheme, named NTRURe Encrypt, based on NTRU, which allows a proxy to translate ciphertext under the delegator’s public key into a re-encrypted ciphertext that can be decrypted correctly by delegatee’s private key. Because of the potential resistance to quantum algorithm, high efficiency and various applications in real life,NTRURe Encrypt has drawn lots of attention and its security has been widely discussed and analyzed.In PQCrypto2019, Liu, et al. proposed two key recovery attacks against it. However, their first attack heavily relies on a weaken decryption oracle, and the second attack needs to collect about 260ciphertexts from the same message by theoretical analysis, which makes both of the attacks unrealistic. In this paper, inspired by the broadcast attack against NTRU, the authors find out that for NTRURe Encrypt the delegator and the delegatee can efficiently recover each other’s private key in polynomial time without any unrealistic assumptions. In addition, the authors also show how to fix NTRURe Encrypt to resist the proposed attacks. As a by-product, the authors also show how to commit broadcast attacks against NTRU 2001 with even dg, which was thought infeasible before.
基金the National Natural Science Foundation of China (60273084).
文摘The security of certain classes of the generalized self-shrinking sequence (GSS) generators is analyzed. Firstly, it is shown that the security of these GSS generators is equivalent to the security of the GSS generators of the class-1, after which two effective key recovery attacks on the GSS generators of the class-1 are developed to evaluate their security.
