ترغب بنشر مسار تعليمي؟ اضغط هنا

Refuting the Pseudo Attack on the REESSE1+ Cryptosystem

173   0   0.0 ( 0 )
 نشر من قبل Shenghui Su
 تاريخ النشر 2010
  مجال البحث الهندسة المعلوماتية
والبحث باللغة English




اسأل ChatGPT حول البحث

We illustrate through example 1 and 2 that the condition at theorem 1 in [8] dissatisfies necessity, and the converse proposition of fact 1.1 in [8] does not hold, namely the condition Z/M - L/Ak < 1/(2 Ak^2) is not sufficient for f(i) + f(j) = f(k). Illuminate through an analysis and ex.3 that there is a logic error during deduction of fact 1.2, which causes each of fact 1.2, 1.3, 4 to be invalid. Demonstrate through ex.4 and 5 that each or the combination of qu+1 > qu * D at fact 4 and table 1 at fact 2.2 is not sufficient for f(i) + f(j) = f(k), property 1, 2, 3, 4, 5 each are invalid, and alg.1 based on fact 4 and alg.2 based on table 1 are disordered and wrong logically. Further, manifest through a repeated experiment and ex.5 that the data at table 2 is falsified, and the example in [8] is woven elaborately. We explain why Cx = Ax * W^f(x) (% M) is changed to Cx = (Ax * W^f(x))^d (% M) in REESSE1+ v2.1. To the signature fraud, we point out that [8] misunderstands the existence of T^-1 and Q^-1 % (M-1), and forging of Q can be easily avoided through moving H. Therefore, the conclusion of [8] that REESSE1+ is not secure at all (which connotes that [8] can extract a related private key from any public key in REESSE1+) is fully incorrect, and as long as the parameter Omega is fitly selected, REESSE1+ with Cx = Ax * W^f(x) (% M) is secure.



قيم البحث

اقرأ أيضاً

163 - Shenghui Su , Shuwang Lv 2007
In this paper, the authors give the definitions of a coprime sequence and a lever function, and describe the five algorithms and six characteristics of a prototypal public key cryptosystem which is used for encryption and signature, and based on thre e new problems and one existent problem: the multivariate permutation problem (MPP), the anomalous subset product problem (ASPP), the transcendental logarithm problem (TLP), and the polynomial root finding problem (PRFP). Prove by reduction that MPP, ASPP, and TLP are computationally at least equivalent to the discrete logarithm problem (DLP) in the same prime field, and meanwhile find some evidence which inclines people to believe that the new problems are harder than DLP each, namely unsolvable in DLP subexponential time. Demonstrate the correctness of the decryption and the verification, deduce the probability of a plaintext solution being nonunique is nearly zero, and analyze the exact securities of the cryptosystem against recovering a plaintext from a ciphertext, extracting a private key from a public key or a signature, and forging a signature through known signatures, public keys, and messages on the assumption that IFP, DLP, and LSSP can be solved. Studies manifest that the running times of effectual attack tasks are greater than or equal to O(2^n) so far when n = 80, 96, 112, or 128 with lgM = 696, 864, 1030, or 1216. As viewed from utility, it should be researched further how to decrease the length of a modulus and to increase the speed of the decryption.
In this paper, we propose a known-plaintext attack (KPA) method based on deep learning for traditional chaotic encryption scheme. We employ the convolutional neural network to learn the operation mechanism of chaotic cryptosystem, and accept the trai ned network as the final decryption system. To evaluate the attack performance of different networks on different chaotic cryptosystem, we adopt two neural networks to perform known-plaintext attacks on two distinct chaotic encryption schemes. The experimental results demonstrate the potential of deep learning-based method for known-plaintext attack against chaotic cryptosystem. Different from the previous known-plaintext attack methods, which were usually limited to a specific chaotic cryptosystem, a neural network can be applied to the cryptanalysis of various chaotic cryptosystems with deep learning-based approach, while several different networks can be designed for the cryptanalysis of chaotic cryptosystems. This paper provides a new idea for the cryptanalysis of chaotic image encryption algorithm.
We present a method to control the detection events in quantum key distribution systems that use gated single-photon detectors. We employ bright pulses as faked states, timed to arrive at the avalanche photodiodes outside the activation time. The att ack can remain unnoticed, since the faked states do not increase the error rate per se. This allows for an intercept-resend attack, where an eavesdropper transfers her detection events to the legitimate receiver without causing any errors. As a side effect, afterpulses, originating from accumulated charge carriers in the detectors, increase the error rate. We have experimentally tested detectors of the system id3110 (Clavis2) from ID Quantique. We identify the parameter regime in which the attack is feasible despite the side effect. Furthermore, we outline how simple modifications in the implementation can make the device immune to this attack.
Recently, it has been shown how McEliece public-key cryptosystems based on moderate-density parity-check (MDPC) codes allow for very compact keys compared to variants based on other code families. In this paper, classical (iterative) decoding schemes for MPDC codes are considered. The algorithms are analyzed with respect to their error-correction capability as well as their resilience against a recently proposed reaction-based key-recovery attack on a variant of the MDPC-McEliece cryptosystem by Guo, Johansson and Stankovski (GJS). New message-passing decoding algorithms are presented and analyzed. Two proposed decoding algorithms have an improved error-correction performance compared to existing hard-decision decoding schemes and are resilient against the GJS reaction-based attack for an appropriate choice of the algorithms parameters. Finally, a modified belief propagation decoding algorithm that is resilient against the GJS reaction-based attack is presented.
83 - Zhengjun Cao , Lihua Liu 2015
At Eurocrypt99, Paillier presented a public-key cryptosystem based on a novel computational problem. It has interested many researchers because it was additively homomorphic. In this paper, we show that there is a big difference between the original Pailliers encryption and some variants. The Pailliers encryption can be naturally transformed into a signature scheme but these variants miss the feature. In particular, we simplify the alternative decryption procedure of Bresson-Catalano-Pointcheval encryption scheme proposed at Asiacrypt03. The new version is more applicable to cloud computing because of its double trapdoor decryption mechanism and its flexibility to be integrated into other cryptographic schemes. It captures a new feature that its two groups of secret keys can be distributed to different users so as to enhance the robustness of key management.
التعليقات
جاري جلب التعليقات جاري جلب التعليقات
سجل دخول لتتمكن من متابعة معايير البحث التي قمت باختيارها
mircosoft-partner

هل ترغب بارسال اشعارات عن اخر التحديثات في شمرا-اكاديميا