一种基于H.264 CABAC的视频加密方案

基于块的数字视频编码一般包括运动估计、残差块变换和熵编码三个阶段。针对传统的视频加密方案是对第二阶段中的残差变换系数进行的加密,提出了一种基于H.264CABAC熵编码的视频加密方案。该方案充分利用了流密码加密简单、运算快的优点,将加密过程置于视频编码的第三个阶段。并利用可灵活配置的加密模块和密文反馈模式,增强加密的安全性。理论分析和实验结果表明,提出的算法具有计算简单、安全高效、易于实现、不改变视频格式和压缩效率的优点。     

一种新的一阶段加密认证模式

 在信息安全的许多实际应用中往往需要同时提供私密性和认证性,通常采用加密模式和消息认证码的组合来实现这一目的,但这种实现方式须对同一消息分加密和认证两阶段进行处理,不仅密钥使用量大,而且效率低下.本文基于CBC加密模式设计了一种新的一阶段加密认证方案OXCBC,能够同时提供私密性和认证性,且仅使用一个密钥和一个Nonce,与同类型的加密认证方案相比具有较高的效率.在分组密码是强伪随机置换的假设下,证明了该方案的认证性.     

基于LWE的密文域可逆信息隐藏

该文提出了一种基于LWE(Learning With Errors)算法的密文域可逆隐写方案,利用LWE公钥密码算法对数据加密,用户在密文中嵌入隐藏信息,对于嵌入信息后的密文,用户使用隐写密钥可以有效提取隐藏信息,使用解密密钥可以无差错恢复出加密前数据实现了提取过程与解密过程的可分离。通过推导方案在解密与提取信息过程中出错的概率,得到直接影响方案正确性的参数为所选噪声的标准差,实验获得并验证了标准差的合理取值区间;通过推导嵌入后密文的分布函数,分析密文统计特征的变化情况,论证了嵌入密文的隐藏信息的不可感知性。该方案是在密文域进行的可逆隐写,与原始载体无关,适用于文本、图片、音频等各类载体。实验仿真结果表明该方案不仅能够保证可逆隐写的可靠性与安全性,而且1 bit明文在密文域最大可负载1 bit隐藏信息。     

High-performance and high-concurrency encryption scheme for Hadoop platform

To address the problem that as preventing data leakage on Hadoop platform,the existing encryption schemes suffer from several problems (e.g.,single encryption algorithm,complicated key management,low encryption performance) and they cannot protect data stored in Hadoop effectively,a high-performance encryption and key management scheme for Hadoop was proposed.Firstly,a three-level key management system was extended with the domestic commercial cipher algorithm.Then,a new data structure for encryption zone key to reduce time consumption was designed.Finally,the computing process of data stream in parallel was scheduled.The experimental results show that compared with the existing Hadoop schemes,the proposed scheme can improve the efficiency of key management,and can speed up file encryption.     

A Single-Key Attack on the Full GOST Block Cipher

The GOST block cipher is the Russian encryption standard published in 1989. In spite of considerable cryptanalytic efforts over the past 20 years, a key recovery attack on the full GOST block cipher without any key conditions (e.g., weak keys and related keys) has not been published yet. In this paper, we show the first single-key attack, which works for all key classes, on the full GOST block cipher. To begin, we develop a new attack framework called Reflection-Meet-in-the-Middle Attack. This approach combines techniques of the reflection attack and the meet-in-the-middle (MITM) attack. Then we apply it to the GOST block cipher employing bijective S-boxes. In order to construct the full-round attack, we use additional novel techniques which are the effective MITM techniques using equivalent keys on a small number of rounds. As a result, a key can be recovered with a time complexity of 2²²⁵ encryptions and 2³² known plaintexts. Moreover, we show that our attack is applicable to the full GOST block cipher using any S-boxes, including non-bijective S-boxes.     

Learning with error based searchable encryption scheme

A learning with error problem based encryption scheme that allows secure searching over the cipher text is proposed. Both the generation of cipher text and the trapdoor of the query are based on the problem of learning with errors. By performing an operation over the trapdoor and the cipher text, it is able to tell if the cipher text is the encryption of a plaintext. The secure searchable encryption scheme is both cipher text and trapdoor indistinguishable. The probabilities of missing and failing match occurrence in searching are both exponentially small.     

对Zodiac算法的中间相遇攻击

Zodiac算法是由一批韩国专家设计的一个分组密码算法。该文首次研究了Zodiac算法抵抗中间相遇攻击的能力。找到了Zodiac算法新的9轮区分器和10轮区分器,基于这两个区分器分别对15轮和完整16轮Zodiac算法进行了中间相遇攻击。结果表明完整16轮Zodiac-128/192/256是不抗中间相遇攻击的。     

基于k-分割Feistel网络的FPE方案

基于对保留格式加密(FPE,format-preserving encryption)方案中Feistel网络构造特点的分析,针对当前使用2-分割Feistel网络构造的FPE密码分组长度范围较小的问题,提出基于k-分割type-2 Feistel网络的FPE方案,以适应各种长度数据的加密需求。通过实验验证,type-2 Feistel网络可以使用较小规模伪随机函数构造各种分组长度密码,具有广泛实用性。     

Elliptic Curve Paillier Schemes

This paper is concerned with generalisations of Paillier's probabilistic encryption scheme from the integers modulo a square to elliptic curves over rings. Paillier himself described two public key encryption schemes based on anomalous elliptic curves over rings. It is argued that these schemes are not secure. A more natural generalisation of Paillier's scheme to elliptic curves is given. Received January 2001 and revised June 2001 Online publication 23 November 2001     

基于H.264/AVC视频安全级别可分的加密方案

针对当前视频数据易复制、易篡改等特征,为了保护视频数据的安全,提出了一种基于H.264/AVC视频编码标准的视频加密方案.利用流密码加密简单、运算速度快等优点,采用高级加密标准(AES)的密码反馈模式(CFB)对H.264/AVC标准的序列参数集(SPS)、图像参数集(PPS)中能加密的语法元素和Ⅰ帧的码流进行加密.针对不同视频应用所需求的安全级别不同,在宏块级别选取一定数量的宏块进行选择性加密,得到安全级别可分的加密方案.最后,从算法的安全性、实时性、压缩率等方面进行分析.实验结果表明,该算法达到了视频内容安全的要求,满足实时性,并且减少了加密数据量.     

基于遍历矩阵的公钥加密方案

 目前的公钥加密方案受到来自量子计算的威胁,研究在量子计算下安全的公开加密算法具有重要的意义.本文提出了遍历矩阵的概念,并给出了遍历矩阵的性质.同时提出了基于有限域上遍历矩阵的双侧幂乘问题(TEME:Two-side Ergodic Matrices Exponentiation),并证明了求解TEME问题是NP完全的.据此,本文提出了一个新的公钥加密方案,并在标准模型下,证明了该方案基于TEME问题的安全性,即该方案具有适应性选择密文攻击下的不可区分性.     

多用户环境下无证书认证可搜索加密方案

可搜索加密技术的提出使用户能够将数据加密后存储在云端,而且可以直接对密文数据进行检索。但现有的大部分可搜索加密方案都是单用户对单用户的模式,部分多用户环境下的可搜索加密方案是基于传统公钥密码或基于身份公钥密码系统,因此这类方案存在证书管理和密钥托管问题,且容易遭受内部关键词猜测攻击。该文结合公钥认证加密和代理重加密技术,提出一个高效的多用户环境下无证书认证可搜索加密方案。方案使用代理重加密技术对部分密文进行重加密处理,使得授权用户可以利用关键字生成陷门查询对应密文。在随机预言模型下,证明方案具有抵抗无证书公钥密码环境下两类攻击者的内部关键词猜测攻击的能力,且该方案的计算和通信效率优于同类方案。     

Parallel Collision Search with Cryptanalytic Applications

A simple new technique of parallelizing methods for solving search problems which seek collisions in pseudorandom walks is presented. This technique can be adapted to a wide range of cryptanalytic problems which can be reduced to finding collisions. General constructions are given showing how to adapt the technique to finding discrete logarithms in cyclic groups, finding meaningful collisions in hash functions, and performing meet-in-the-middle attacks such as a known-plaintext attack on double encryption. The new technique greatly extends the reach of practical attacks, providing the most cost-effective means known to date for defeating: the small subgroup used in certain schemes based on discrete logarithms such as Schnorr, DSA, and elliptic curve cryptosystems; hash functions such as MD5, RIPEMD, SHA-1, MDC-2, and MDC-4; and double encryption and three-key triple encryption. The practical significance of the technique is illustrated by giving the design for three $10 million custom machines which could be built with current technology: one finds elliptic curve logarithms in GF(2¹⁵⁵) thereby defeating a proposed elliptic curve cryptosystem in expected time 32 days, the second finds MD5 collisions in expected time 21 days, and the last recovers a double-DES key from two known plaintexts in expected time 4 years, which is four orders of magnitude faster than the conventional meet-in-the-middle attack on double-DES. Based on this attack, double-DES offers only 17 more bits of security than single-DES. Received 21 December 1995 and revised 24 September 1996     

对ARIA算法中间相遇攻击的改进

对ARIA算法的结构特征进行了研究,利用“多重集”并结合截断差分的性质,将预计算的参数由30个减少到16个,构造新的4轮中间相遇区分器,有效地改进了ARIA-192算法的7轮中间相遇攻击。新攻击的预计算复杂度为2135.3,时间复杂度约为2123。     

基于Turbo码的纠错加密联合编码方案

为了实现信息通信时纠错编码和加密的相结合,提出了一种在turbo编码器中融入加密算法的纠错加密联合编码方案。用混沌映射生成的伪随机二值序列密码对turbo编码器的第1路输出信息加密,同时控制第2、第3路分量编码器的生成矩阵;第1路加密算法是以Logistic映射产生的伪二值序列中0和1的位置信息将明文序列分成2部分,再分别对这2部分序列进行交织算法,并合并后得到加密的密文。对此方案进行了安全性和可靠性实验分析,仿真分析结果表明具有很好的纠错性能和安全性。     

Tag-KEM/DEM: A New Framework for Hybrid Encryption

This paper presents a novel framework for the generic construction of hybrid encryption schemes which produces more efficient schemes than the ones known before. A previous framework introduced by Shoup combines a key encapsulation mechanism (KEM) and a data encryption mechanism (DEM). While it is sufficient to require both components to be secure against chosen ciphertext attacks (CCA-secure), Kurosawa and Desmedt showed a particular example of KEM that is not CCA-secure but can be securely combined with a specific type of CCA-secure DEM to obtain a more efficient, CCA-secure hybrid encryption scheme. There are also many other efficient hybrid encryption schemes in the literature that do not fit into Shoup’s framework. These facts serve as motivation to seek another framework. The framework we propose yields more efficient hybrid scheme, and in addition provides insightful explanation about existing schemes that do not fit into the previous framework. Moreover, it allows immediate conversion from a class of threshold public-key encryption to a threshold hybrid one without considerable overhead, which may not be possible in the previous approach.     

HCH: A New Tweakable Enciphering Scheme Using the Hash-Counter-Hash Approach

The notion of tweakable block ciphers was formally introduced by Liskov-Rivest-Wagner at Crypto 2002 (the 2002 Annual International Cryptology Conference). The extension and the first construction, called CMC, of this notion to tweakable enciphering schemes which can handle variable length messages was given by Halevi-Rogaway at Crypto 2003. In this paper, we present HCH, which is a new construction of such a scheme. The construction uses two universal hash computations with a counter mode of encryption in-between. This approach was first proposed by McGrew-Viega to build a scheme called XCB and later used by Wang-Feng-Wu, to obtain a scheme called HCTR. A unique feature of HCH compared to all known tweakable enciphering schemes is that HCH uses a single key, can handle arbitrary length messages, and has a quadratic security bound. An important application of a tweakable enciphering scheme is disk encryption. HCH is well suited for this application. We also describe a variant, which can utilize precomputation and makes one less block cipher call. This compares favorably to other hash-encrypt-hash-type constructions, supports better key agility and requires less key material.     

A mutual authentication and privacy mechanism for WLAN security

IEEE 802.11 wireless local area networks (WLAN) has been increasingly deployed in various locations because of the convenience of wireless communication and decreasing costs of the underlying technology. However, the existing security mechanisms in wireless communication are vulnerable to be attacked and seriously threat the data authentication and confidentiality. In this paper, we mainly focus on two issues. First, the vulnerabilities of security protocols specified in IEEE 802.11 and 802.1X standards are analyzed in detail. Second, a new mutual authentication and privacy scheme for WLAN is proposed to address these security issues. The proposed scheme improves the security mechanisms of IEEE 802.11 and 802.1X by providing a mandatory mutual authentication mechanism between mobile station and access point (AP) based on public key infrastructure (PKI), offering data integrity check and improving data confidentiality with symmetric cipher block chain (CBC) encryption. In addition, this scheme also provides some other new security mechanisms, such as dynamic session key negotiation and multicast key notification. Hence, with these new security mechanisms, it should be much more secure than the original security scheme. Copyright © 2006 John Wiley & Sons, Ltd.     

分组密码TWIS的三子集中间相遇攻击

对轻量级分组密码TWIS的安全性做进一步分析,将三子集中间相遇攻击应用于忽略后期白化过程的10轮TWIS。基于TWIS密钥生成策略中存在的缺陷,即其实际密钥长度仅为62 bit且初始密钥混淆速度慢,攻击恢复10轮TWIS全部62 bit密钥的计算复杂度为245,数据复杂度达到最低,仅为一个已知明密文对。分析结果表明TWIS在三子集中间相遇攻击下是不安全的。     

FOX算法的中间相遇攻击

研究了FOX分组密码算法在中间相遇攻击下的安全性。首先,分别构造了FOX64和FOX128的3轮中间相遇区分器,实施了6轮中间相遇攻击,得到对6轮FOX64和FOX128较好的攻击结果。其次,将FOX128的中间相遇区分器扩展到4轮,并结合时间存储数据折衷的方法,攻击了7轮FOX128,与已有的攻击结果相比,攻击的时间复杂度和存储复杂度略大,而数据复杂度明显降低。