The Kurosawa-Desmedt key encapsulation is not chosen-ciphertext secure

At CRYPTO 2004, Kurosawa and Desmedt presented a new hybrid encryption scheme that is chosen-ciphertext (CCA2) secure in the standard model. Until now it was unknown if the key encapsulation part of the Kurosawa-Desmedt scheme by itself is still CCA2-secure or not. In this note we answer this question to the negative, namely we present a simple CCA2 attack on the Kurosawa-Desmedt key encapsulation mechanism. Our attack further supports the design paradigm of Kurosawa and Desmedt to build CCA2-secure hybrid encryption from weak key encapsulation.     

Parallel Collision Search with Cryptanalytic Applications

A simple new technique of parallelizing methods for solving search problems which seek collisions in pseudorandom walks is presented. This technique can be adapted to a wide range of cryptanalytic problems which can be reduced to finding collisions. General constructions are given showing how to adapt the technique to finding discrete logarithms in cyclic groups, finding meaningful collisions in hash functions, and performing meet-in-the-middle attacks such as a known-plaintext attack on double encryption. The new technique greatly extends the reach of practical attacks, providing the most cost-effective means known to date for defeating: the small subgroup used in certain schemes based on discrete logarithms such as Schnorr, DSA, and elliptic curve cryptosystems; hash functions such as MD5, RIPEMD, SHA-1, MDC-2, and MDC-4; and double encryption and three-key triple encryption. The practical significance of the technique is illustrated by giving the design for three $10 million custom machines which could be built with current technology: one finds elliptic curve logarithms in GF(2¹⁵⁵) thereby defeating a proposed elliptic curve cryptosystem in expected time 32 days, the second finds MD5 collisions in expected time 21 days, and the last recovers a double-DES key from two known plaintexts in expected time 4 years, which is four orders of magnitude faster than the conventional meet-in-the-middle attack on double-DES. Based on this attack, double-DES offers only 17 more bits of security than single-DES. Received 21 December 1995 and revised 24 September 1996     

Practices of backuping homomorphically encrypted databases

Ideal homomorphic encryption is theoretically achievable but impractical in reality due to tremendous computing overhead. Homomorphically encrypted databases, such as CryptDB, leverage replication with partially homomorphic encryption schemes to support different SQL queries over encrypted data directly. These databases reach a balance between security and efficiency, but incur considerable storage overhead, especially when making backups. Unfortunately, general data compression techniques relying on data similarity exhibit inefficiency on encrypted data. We present CryptZip, a backup and recovery system that could highly reduce the backup storage cost of encrypted databases. The key idea is to leverage the metadata information of encryption schemes and selectively backup one or several columns among semantically redundant columns. The experimental results show that CryptZip could reduce up to 90.5% backup storage cost on TPC-C benchmark.     

异构数据库加解密系统的关键技术研究与实现

对数据进行加密是保护信息机密性的一种有效途径,针对一般加解密系统的异构数据库兼容性差以及密文查询方式单一的问题,提出了一种新的数据库加密方式：以领域元数据为支撑,采用对象关系映射模型屏蔽异构数据库,通过构建密文索引来实现灵活多样的密文查询;设计并实现了异构数据库加解密系统。实验结果和理论分析表明：系统能够支持多种类型数据库的加解密,提供多种方式的密文查询,并提高了数据库加密的安全性。     

构建无证书的两方认证密钥协商协议

基于无证书的认证密钥协商方案相比基于PKI的方案具有身份管理的简单性,同时相比基于身份的方案具有无密钥托管性。基于可证安全的无证书加密方案提出了一个两方认证密钥协商方案.通过与其他方案在安全性和有效性方面的比较,该方案满足更多的安全属性要求,如完美前向安全性,PKG前向安全性,已知会话相关临时秘密信息安全性和无密钥托管等安全特性,同时具有良好的计算有效性。     

面向重复数据消除的备份数据加密方法

为解决保证数据机密性与提高重复数据消除率之间的矛盾,提出了一种面向重复数据消除的备份数据加密方法,该方法利用分块内容的哈希值生成分块对称密钥,保证了明文分块与密文分块之间的一一对应。只要用户私钥和身份识别口令不同时泄露,该方法能够有效保证备份数据存储及传输过程中的机密性。实验结果表明,该方法较好地解决了传统加密方法与重复数据消除技术不兼容的问题,大幅度提高了加密备份数据的存储空间利用率,适用于对数据机密性有要求的海量数据备份应用。     

新三维拟仿射变换应用于图像加密

三维拟仿射变换是一种经典的图像加密算法,为了改善算法的加密效果及其安全性,在其基础上,提出一种新三维拟仿射变换图像加密算法.该算法将明文图像从左到右、从上到下、逐个像素地进行非线性扩散,同时将图像分成多个块,根据混沌序列的随机值加密相应的图像块.分析结果表明,新三维拟仿射变换图像加密算法的密钥空间非常大,运算速度快,安...     

基于哈希链的图像ROI多级访问控制方案

为了满足信息多级安全性要求,提出了一种基于单向函数的等级加密方案,并结合小波变换,实现了一种基于哈希链的图像ROI多级访问控制方案。用户根据权限不同,在访问时得到不同敏感度的明文信息。经实验分析,该方案密钥管理简单,加密数据量少,在数据库中只需存放一份含密图像,有效减少了存储所需空间。     

一种基于光全息的图像混合加密算法

为了使图像保密性更好,提出一种新的加密算法。研究了传统的Arnold变换,分析其周期性,指出Arnold变换的保密性能与图像尺寸有关。为保证图像直方图均匀化且增大密钥空间,进而提出一种基于随机数序列的像素置乱算法,比较了扭曲法、移位寄存器、修正SWB算法、混沌算法,发现扭曲法生成的随机数序列的周期与密钥空间最大。计算二维图像的光全息图作为加密图像。实验证实了该算法的有效性,对剪切攻击、噪声攻击、JPEG攻击等具有强脆弱性。     

新的不使用冗余和Hash的安全认证加密方案

最近提出的一类新的认证加密方案首次将消息可恢复签名和对称加密有机结合,而且不需要使用Hash函数或Redundancy函数。但分析发现该方案不具有数字签名所要求的基本条件,不能抵抗消息接收者的伪造攻击。为此提出了一种新的认证加密方案,该方案的安全性以求解离散对数难题和双重模难题为基础,而且可以在发生纠纷时将认证加密的签名转化为普通的签名,任何人都可以验证签名的有效性。