Pub Date : 2016-01-06DOI: 10.22042/ISECURE.2016.7.2.2
S. Mashhadi
A multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants. In such a way a multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants, such that any authorized subset of participants can reconstruct the secrets. Up to now, existing MSSs either require too long shares for participants to be perfect secure, or do not have a formal security analysis/proof. In 2013, Herranz et al. provided the first formal definition of computational security for multi-stage secret sharing scheme (MSSS) in the standard model and proposed a practical and secure scheme. As far as we know, their scheme is the only computationally secureMSSin the standard model, and there is no formal definition of the computational security for other categories of MSSs. Based on this motivation, in this paper, we define the first formal model of in distinguishability against the chosen secret attacks (CSA) for other types of MSSs in the standard model. Furthermore, we present two practical CSA-secure MSSs, belonging to different types of MSSs and enjoying the advantage of short shares. They are also provably secure in the standard model. Based on the semantic security of the underlying encryption schemes, we prove the security of our schemes.
{"title":"Computationally secure multiple secret sharing: models, schemes, and formal security analysis","authors":"S. Mashhadi","doi":"10.22042/ISECURE.2016.7.2.2","DOIUrl":"https://doi.org/10.22042/ISECURE.2016.7.2.2","url":null,"abstract":"A multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants. In such a way a multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants, such that any authorized subset of participants can reconstruct the secrets. Up to now, existing MSSs either require too long shares for participants to be perfect secure, or do not have a formal security analysis/proof. In 2013, Herranz et al. provided the first formal definition of computational security for multi-stage secret sharing scheme (MSSS) in the standard model and proposed a practical and secure scheme. As far as we know, their scheme is the only computationally secureMSSin the standard model, and there is no formal definition of the computational security for other categories of MSSs. Based on this motivation, in this paper, we define the first formal model of in distinguishability against the chosen secret attacks (CSA) for other types of MSSs in the standard model. Furthermore, we present two practical CSA-secure MSSs, belonging to different types of MSSs and enjoying the advantage of short shares. They are also provably secure in the standard model. Based on the semantic security of the underlying encryption schemes, we prove the security of our schemes.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"170 7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114360031","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-01-06DOI: 10.22042/ISECURE.2016.7.2.5
J. Alizadeh, M. Aref, N. Bagheri, H. Sadeghi
AES _ CMCCv1, AVALANCHEv1, CLOCv1, and SILCv1 are four candidates of the first round of CAESAR. CLOCv1 is presented in FSE 2014 and SILCv1 is designed upon it with the aim of optimizing the hardware implementation cost. In this paper, structural weaknesses of these candidates are studied. We present distinguishing attacks against AES _ CMCCv1 with the complexity of two queries and the success probability of almost 1, and distinguishing attacks on CLOCv1 and SILCv1 with the complexity of O(2n/2) queries and the success probability of 0.63, in which n is bit length of message blocks. In addition, a forgery attack is presented against AVALANCHEv1 which requires only one query and has the success probability of 1. The attacks reveal weaknesses in the structure of these first round candidates and inaccuracy of their security claims.
{"title":"Cryptanalysis of some first round CAESAR candidates","authors":"J. Alizadeh, M. Aref, N. Bagheri, H. Sadeghi","doi":"10.22042/ISECURE.2016.7.2.5","DOIUrl":"https://doi.org/10.22042/ISECURE.2016.7.2.5","url":null,"abstract":"AES _ CMCCv1, AVALANCHEv1, CLOCv1, and SILCv1 are four candidates of the first round of CAESAR. CLOCv1 is presented in FSE 2014 and SILCv1 is designed upon it with the aim of optimizing the hardware implementation cost. In this paper, structural weaknesses of these candidates are studied. We present distinguishing attacks against AES _ CMCCv1 with the complexity of two queries and the success probability of almost 1, and distinguishing attacks on CLOCv1 and SILCv1 with the complexity of O(2n/2) queries and the success probability of 0.63, in which n is bit length of message blocks. In addition, a forgery attack is presented against AVALANCHEv1 which requires only one query and has the success probability of 1. The attacks reveal weaknesses in the structure of these first round candidates and inaccuracy of their security claims.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"149 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124173903","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-01-06DOI: 10.22042/ISECURE.2016.7.2.7
Mina Niknafs, Sadegh Dorri Nogoorani, R. Jalili
Reputation management systems are in wide-spread use to regulate collaborations in cooperative systems. Collusion is one of the most destructive malicious behaviors in which colluders seek to affect a reputation management system in an unfair manner. Many reputation systems are vulnerable to collusion, and some model-specific mitigation methods are proposed to combat collusion. Detection of colluders is shown to be an NP-complete problem. In this paper, we propose the Colluders Similarity Measure (CSM) which is used by a heuristic clustering algorithm (the Colluders Detection Algorithm (CDA)) to detect colluders in O (n2m + n4) in which m and n are the total number of nodes and colluders, respectively. Furthermore, we propose architecture to implement the algorithm in a distributed manner which can be used together with compatible reputation management systems. Implementation results and comparison with other mitigation approaches show that our scheme prevents colluders from unfairly increasing their reputation and decreasing the reputation of the other nodes.
{"title":"A collusion mitigation scheme for reputation systems","authors":"Mina Niknafs, Sadegh Dorri Nogoorani, R. Jalili","doi":"10.22042/ISECURE.2016.7.2.7","DOIUrl":"https://doi.org/10.22042/ISECURE.2016.7.2.7","url":null,"abstract":"Reputation management systems are in wide-spread use to regulate collaborations in cooperative systems. Collusion is one of the most destructive malicious behaviors in which colluders seek to affect a reputation management system in an unfair manner. Many reputation systems are vulnerable to collusion, and some model-specific mitigation methods are proposed to combat collusion. Detection of colluders is shown to be an NP-complete problem. In this paper, we propose the Colluders Similarity Measure (CSM) which is used by a heuristic clustering algorithm (the Colluders Detection Algorithm (CDA)) to detect colluders in O (n2m + n4) in which m and n are the total number of nodes and colluders, respectively. Furthermore, we propose architecture to implement the algorithm in a distributed manner which can be used together with compatible reputation management systems. Implementation results and comparison with other mitigation approaches show that our scheme prevents colluders from unfairly increasing their reputation and decreasing the reputation of the other nodes.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"49 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133427702","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-01-06DOI: 10.22042/ISECURE.2016.7.2.3
Bahram Rashidi, R. R. Farashahi, S. Sayedi
This paper presents two efficient implementations of fast and pipelined bit-parallel polynomial basis multipliers over GF (2m) by irreducible pentanomials and trinomials. The architecture of the first multiplier is based on a parallel and independent computation of powers of the polynomial variable. In the second structure only even powers of the polynomial variable are used. The parallel computation provides regular and low-cost structure with low critical path delay. In addition, the pipelining technique is applied to the proposed structures to shorten the critical path and to perform the computation in two clock cycles. The implementations of the proposed methods over the binary extension fields GF(2163) and GF(2233) have been successfully verified and synthesized using Xilinx ISE 11 by Virtex-4, XC4VLX200 FPGA.
本文利用不可约五异项和三项式在GF (2m)上实现了快速的流水线式位并行多项式基乘法器。第一个乘法器的结构是基于多项式变量的并行和独立的幂计算。在第二种结构中,只使用多项式变量的偶次。并行计算提供了规则和低成本的结构,具有低的关键路径延迟。此外,所提出的结构采用流水线技术,缩短了关键路径,并在两个时钟周期内完成计算。该方法在二进制扩展域GF(2163)和GF(2233)上的实现已在Xilinx ISE 11上通过Virtex-4、XC4VLX200 FPGA成功验证和合成。
{"title":"Efficient implementation of low time complexity and pipelined bit-parallel polynomial basis multiplier over binary finite fields","authors":"Bahram Rashidi, R. R. Farashahi, S. Sayedi","doi":"10.22042/ISECURE.2016.7.2.3","DOIUrl":"https://doi.org/10.22042/ISECURE.2016.7.2.3","url":null,"abstract":"This paper presents two efficient implementations of fast and pipelined bit-parallel polynomial basis multipliers over GF (2m) by irreducible pentanomials and trinomials. The architecture of the first multiplier is based on a parallel and independent computation of powers of the polynomial variable. In the second structure only even powers of the polynomial variable are used. The parallel computation provides regular and low-cost structure with low critical path delay. In addition, the pipelining technique is applied to the proposed structures to shorten the critical path and to perform the computation in two clock cycles. The implementations of the proposed methods over the binary extension fields GF(2163) and GF(2233) have been successfully verified and synthesized using Xilinx ISE 11 by Virtex-4, XC4VLX200 FPGA.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129102846","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-01-06DOI: 10.22042/ISECURE.2016.7.2.6
Karim Baghery, B. Abdolmaleki, Bahareh Akhbari, M. Aref
Nowadays Radio Frequency Identification (RFID) systems have appeared in lots of identification and authentication applications. In some sensitive applications, providing secure and confidential communication is very important for end-users. To this aim, different RFID authentication protocols have been proposed, which have tried to provide security and privacy of RFID users. In this paper, we analyze the privacy of two recently proposed RFID authentication protocols in 2012 and 2013. We present several traceability attacks including traceability, backward traceability and forward traceability against the first protocol. We also show that, the second protocol not only suffers from Denial-of-Service (DoS) attack, but also it is vulnerable to traceability and backward traceability attacks. We present our privacy analysis based on a well-known formal RFID privacy model which has been proposed by Ouafi and Phan in 2008. Then, in order to overcome the weaknesses, we apply some modifications on these protocols and propose two modified versions.
{"title":"Enhancing privacy of recent authentication schemes for low-cost RFID systems","authors":"Karim Baghery, B. Abdolmaleki, Bahareh Akhbari, M. Aref","doi":"10.22042/ISECURE.2016.7.2.6","DOIUrl":"https://doi.org/10.22042/ISECURE.2016.7.2.6","url":null,"abstract":"Nowadays Radio Frequency Identification (RFID) systems have appeared in lots of identification and authentication applications. In some sensitive applications, providing secure and confidential communication is very important for end-users. To this aim, different RFID authentication protocols have been proposed, which have tried to provide security and privacy of RFID users. In this paper, we analyze the privacy of two recently proposed RFID authentication protocols in 2012 and 2013. We present several traceability attacks including traceability, backward traceability and forward traceability against the first protocol. We also show that, the second protocol not only suffers from Denial-of-Service (DoS) attack, but also it is vulnerable to traceability and backward traceability attacks. We present our privacy analysis based on a well-known formal RFID privacy model which has been proposed by Ouafi and Phan in 2008. Then, in order to overcome the weaknesses, we apply some modifications on these protocols and propose two modified versions.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116177536","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-01-06DOI: 10.22042/ISECURE.2016.7.2.4
Reza Ebrahimi Atani, S. E. Atani, A. Karbasi
GGH class of public-key cryptosystems relies on computational problems based on the closest vector problem (CVP) in lattices for their security. The subject of lattice based cryptography is very active and there have recently been new ideas that revolutionized the field. We present EEH, a GGH-Like public key cryptosystem based on the Eisenstein integers Z [_3] where _3 is a primitive cube root of unity. EEH applies representations of polynomials to the GGH encryption scheme and we discuss its key size and parameters selection. We also provide theoretical and experimental data to compare the security and efficiency of EEH to GGH with comparable parameter sets and show that EEH is an improvement over GGH in terms of security and efficiency.
{"title":"EEH: AGGH-like public key cryptosystem over the eisenstein integers using polynomial representations","authors":"Reza Ebrahimi Atani, S. E. Atani, A. Karbasi","doi":"10.22042/ISECURE.2016.7.2.4","DOIUrl":"https://doi.org/10.22042/ISECURE.2016.7.2.4","url":null,"abstract":"GGH class of public-key cryptosystems relies on computational problems based on the closest vector problem (CVP) in lattices for their security. The subject of lattice based cryptography is very active and there have recently been new ideas that revolutionized the field. We present EEH, a GGH-Like public key cryptosystem based on the Eisenstein integers Z [_3] where _3 is a primitive cube root of unity. EEH applies representations of polynomials to the GGH encryption scheme and we discuss its key size and parameters selection. We also provide theoretical and experimental data to compare the security and efficiency of EEH to GGH with comparable parameter sets and show that EEH is an improvement over GGH in terms of security and efficiency.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121748385","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-01-04DOI: 10.22042/ISECURE.2016.8.1.5
A. Khalesi, H. Bahramgiri, D. Mansuri
Impossible differential cryptanalysis, the extension of differential cryptanalysis, is one of the most efficient attacks against block ciphers. This cryptanalysis method has been applied to most of the block ciphers and has shown significant results. Using structures, key schedule considerations, early abort, and pre-computation are some common methods to reduce complexities of this attack. In this paper, we present a new method for decreasing the time complexity of impossible differential cryptanalysis through breaking down the target key space into subspaces, and extending the results on subspaces to the main target key space. The main advantage of this method is that there is no need to consider the effects of changes in the values of independent key bits on each other. Using the 14-round impossible differential characteristic observed by Boura et al. at ASIACRYPT 2014, we implement this method on 23-round LBlock and demonstrate that it can reduce the time complexity of the previous attacks to 271.8 23-round encryptions using 259 chosen plaintexts and 2 73 blocks of memory.
{"title":"A new method for accelerating impossible differential cryptanalysis and its application on LBlock","authors":"A. Khalesi, H. Bahramgiri, D. Mansuri","doi":"10.22042/ISECURE.2016.8.1.5","DOIUrl":"https://doi.org/10.22042/ISECURE.2016.8.1.5","url":null,"abstract":"Impossible differential cryptanalysis, the extension of differential cryptanalysis, is one of the most efficient attacks against block ciphers. This cryptanalysis method has been applied to most of the block ciphers and has shown significant results. Using structures, key schedule considerations, early abort, and pre-computation are some common methods to reduce complexities of this attack. In this paper, we present a new method for decreasing the time complexity of impossible differential cryptanalysis through breaking down the target key space into subspaces, and extending the results on subspaces to the main target key space. The main advantage of this method is that there is no need to consider the effects of changes in the values of independent key bits on each other. Using the 14-round impossible differential characteristic observed by Boura et al. at ASIACRYPT 2014, we implement this method on 23-round LBlock and demonstrate that it can reduce the time complexity of the previous attacks to 271.8 23-round encryptions using 259 chosen plaintexts and 2 73 blocks of memory.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-01-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115740902","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: