一种标准模型下无证书签名方案的安全性分析与改进

无证书签名具有基于身份密码体制和传统公钥密码体制的优点，可解决复杂的公钥证书管理和密钥托管问题.Wu和Jing提出了一种强不可伪造的无证书签名方案，其安全性不依赖于理想的随机预言机.针对该方案的安全性，提出了两类伪造攻击.分析结果表明，该方案无法实现强不可伪造性，并在"malicious-but-passive"的密钥生成中心攻击下也是不安全的.为了提升该方案的安全性，设计了一个改进的无证书签名方案.在标准模型中证明了改进的方案对于适应性选择消息攻击是强不可伪造的，还能抵抗恶意的密钥生成中心攻击.此外，改进的方案具有较低的计算开销和较短的私钥长度，可应用于区块链、车联网、无线体域网等领域.     

Low-cost and two-cycle hardware structures of PRINCE lightweight block cipher

In this paper, low-cost and two-cycle hardware structures of the PRINCE lightweight block cipher are presented. In the first structure, we proposed an area-constrained structure, and in the second structure, a high-speed implementation of the PRINCE cipher is presented. The substitution box (S-box) and the inverse of S-box (S-box⁻¹) blocks are the most complex blocks in the PRINCE cipher. These blocks are designed by an efficient structure with low critical path delay. In the low-cost structure, the S-boxes and S-boxes⁻¹ are shared between the round computations and the intermediate step of PRINCE cipher. Therefore, the proposed architecture is implemented based on the lowest number of computation resources. The two-cycle implementation of PRINCE cipher is designed by a processing element (PE), which is a general and reconfigurable element. This structure has a regular form with the minimum number of the control signal. Implementation results of the proposed structures in 180-nm CMOS technology and Virtex-4 and Virtex-6 FPGA families are achieved. The proposed structures, based on the results, have better critical path delay and throughput compared with other's related works.     

Low area field-programmable gate array implementation of PRESENT image encryption with key rotation and substitution

Lightweight ciphers are increasingly employed in cryptography because of the high demand for secure data transmission in wireless sensor network, embedded devices, and Internet of Things. The PRESENT algorithm as an ultra-lightweight block cipher provides better solution for secure hardware cryptography with low power consumption and minimum resource. This study generates the key using key rotation and substitution method, which contains key rotation, key switching, and binary-coded decimal-based key generation used in image encryption. The key rotation and substitution-based PRESENT architecture is proposed to increase security level for data stream and randomness in cipher through providing high resistance to attacks. Lookup table is used to design the key scheduling module, thus reducing the area of architecture. Field-programmable gate array (FPGA) performances are evaluated for the proposed and conventional methods. In Virtex 6 device, the proposed key rotation and substitution PRESENT architecture occupied 72 lookup tables, 65 flip flops, and 35 slices which are comparably less to the existing architecture.     

基于水印和密码技术的数字版权保护模式

综合考虑数字版权保护的实际需求和安全隐患,结合水印技术和密码技术提出了一种新的数字版权保护模式(WCDRM),模式中共有7个实体,其中有3个权威机构。讨论了模式的注册过程、在线交易过程、验证过程和仲裁过程,该模式可以提供多种服务。模式将作者身份标识、版权发行机构身份标识和消费者身份标识作为盲信息水印数据隐藏在数据作品中,还采用了密码算法、密码协议和水印协议技术,可以抵抗各种算法攻击和协议攻击,具有较高的安全性和较好的实用性     

New privilege-based visual cryptography with arbitrary privilege levels

Recently, Hou et al. introduced a novel (2, n) privilege-based visual cryptography scheme (PVCS) with various privilege levels of shadow images. In this scheme, a shadow with a higher privilege contributes more recovered information, while a lower privileged shadow has the less recovery capability. Moreover, the visual quality of stacked result depends on the total sum of privilege levels for all involved shadows in reconstruction. Unfortunately, the PVC scheme has the inconsistency of the contrast of recovered image and the sum of privilege levels. Accordingly, an enhanced Hou et al.’s (2, n)-PVC scheme (EPVCS) is proposed to solve this inconsistency problem. However, the EPVCS is not a general solution to implement all PVCSs with arbitrary privilege levels, and it also has the unequal whiteness of shadows. In this paper, we first extend Hou et al.’s (2, n)-EPVCS with a correct privilege levels achieving the consistency of the contrast and the sum of privilege levels. Then we construct a (2, n)-PVCS to allow arbitrary privilege levels and provide the equal whiteness for each shadow.     

Two-party secure connection in Bluetooth-enabled devices

Secure Simple Pairing, a Bluetooth-pairing protocol, suffers from passive off-line and active online-guessing attack. These assaults are a direct result of the shortcomings in Bluetooth specification. Bluetooth technology uses the principles of device inquiry and inquiry scan. Scanning devices listen in on known frequencies for devices that are actively inquiring. If two Bluetooth devices know absolutely nothing about each other, one must run an inquiry to try to discover the other. One device sends out the inquiry request, and any device listening for such a request will respond with its address, and possibly its name, Input/Output capability and other information. Before connection, each device knows the address, their name, their capability, Quality-of-Service, etc. During pairing, Man-In-The-Middle attacker may capture all the information of connecting devices and impersonate them. This paper introduces the security augmentation in Bluetooth pairing by postponing exchange of Input-Output capability and other information like Quality-of-Service until it is essentially required and by casing the link key with a pair of Elliptic Curve Diffie-Hellman keys. Consequently, this leads to increased pairing time. Yet, we overlooked the increased pairing time, as the proposed Bluetooth-pairing protocol improves security by strengthening the link key.     

Lightweight authenticated encryption for embedded on-chip systems

ABSTRACT

Embedded systems are routinely deployed in critical infrastructures nowadays, therefore their security is increasingly important. This, combined with the pressing requirement of deploying massive numbers of low-cost and low-energy embedded devices, stimulates the evolution of lightweight cryptography and other green-computing security mechanisms. New crypto-primitives are being proposed that offer moderate security and produce compact implementations. In this article, we present a lightweight authenticated encryption scheme based on the integrated hardware implementation of the lightweight block cipher PRESENT and the lightweight hash function SPONGENT. The presented combination of a cipher and a hash function is appropriate for implementing authenticated encryption schemes that are commonly utilized in one-way and mutual authentication protocols. We exploit their inner structure to discover hardware elements usable by both primitives, thus reducing the circuit’s size. The integrated versions demonstrate a 27% reduction in hardware area compared to the simple combination of the two primitives. The resulting solution is ported on a field-programmable gate array (FPGA) and a complete security application with input/output from a universal asynchronous receiver/transmitter (UART) gate is created. In comparison with similar implementations in hardware and software, the proposed scheme represents a better overall status.