Meaningful secret sharing technique with authentication and remedy abilities

Lin and Tasi, Yang et al., and Chang et al.’s meaningful secret sharing schemes provided authentication mechanisms but none included a remedy ability that would cause the secret image never to be completely obtained while some information of the stego-images are losing or tampering with. This paper proposes a meaningful secret-sharing scheme which includes both authentication and remedy abilities that allow for detection of the corrupted area and use of the hidden information to repair the secret image with reasonable visual quality. In comparison with previous schemes, this approach results in superior visual qualities of the stego-images by an average of more than 3 dB.     

两个可证明安全盲签名方案的密码学分析

最近,Liao等人提出了一个基于双线性时的在标准模型下可证明安全的盲签名方案;Chen等人提出了一个在随机预言机模型下可证明安全的限制性盲签名方案.在本文中,给出了这两个方案的密码学分析,指出它们都是不安全的.Liao等人的方案和Chen等人的方案都不满足不可伪造的特性.同时,Liao等人的方案也不满足盲性,Chen等人的方案不满足限制性.     

New efficient and practical verifiable multi-secret sharing schemes

In 2006, Zhao et al. proposed a practical verifiable multi-secret sharing based on Yang et al.’s and Feldman’s schemes. In this paper we propose two efficient, computationally secure (t,n), and verifiable multi-secret sharing schemes based on homogeneous linear recursion. The first scheme has the advantage of better performance, a new simple construction and various techniques for the reconstruction phase. The second scheme requires fewer public values with respect to Zhao et al.’s and Shao and Cao schemes. These schemes are easy to implement and provide great capabilities for many applications.     

New conference key agreement protocol with user anonymity

In 2003, Yang et al. presented a conference key distribution system that was intended to provide user anonymity. Subsequently, Lin et al. pointed out a security flaw in Yang et al.'s scheme based on solving linear equations and proposed a modified scheme. Accordingly, the current paper reviews the schemes proposed by Yang et al. and Lin et al., highlights the weakness in both schemes, and then proposes a new conference key agreement scheme with user anonymity.     

一种新的可验证的多秘密分享方案

2005年,Q．Li．Z．Wang,X．Mu等人基于Asmuth的模可验证秘密分享（modular verifiable secret sharing）出了一种新的可验证的秘密分享方案。但该秘密分享算法并不实用,此方案也不是多秘密分享方案。提出了一个新的可验证的多秘密分享方案,该方案可以同时恢复多个秘密．秘密份额可以重用。     

对一种秘密共享新个体加入协议的密码分析

董攀等人基于Shamir的(t,n)门限方案提出了一种为新个体分配秘密份额的方案。该方案具有无需信任中心,无需改动其他人秘密份额等优点。然而该方案存在一个缺陷,导致任意成员都可以求出其他成员的子密钥,进而重构群组密钥。论文对此进行了密码分析,并给出了详细的攻击方法。     

对一个代理签名方案的分析和更正

为了解决门限代理签名中谁是实际签名者的问题,Sun第1个提出了不可否认的门限代理签名方案,指出Sun方案的存在明显的错误,并对错误进行了更正,然后对更正后的方案进行了安全性分析,证明了更正后的方案容易受到内部攻击,原始签名者和可信中心完全可以伪造代理签名.     

一个改进型云存储共享方案

云存储安全一直是云安全研究的重点。Zhao等提出了一种云存储可信共享(TSCS)方案,但分析发现,该方案不能抵抗恶意CSP攻击。根据云存储安全需求,构建了云存储可信共享模型。随后,依据云存储可信共享模型构造了一个云存储可信共享方案。分析表明,新方案减弱了对随机数的依赖,不仅具有Zhao等的TSCS方案的安全性能,还能抵御服务器端的恶意篡改。新TSCS方案具有一定的应用前景。     

一种高效的不可否认门限代理签名方案的分析及改进

Yang等人在对Hsu等人的门限代理签名方案进行分析的基础上提出了一种高效的不可否认门限代理签名方案。本文指出Yang等人的方案不具备防伪造性，并提出两种改进方案 ，使其在保证高效性的前提下更加安全。     

主动多秘密共享方案

主动秘密共享机制是在保持被共享的秘密不变的情况下,定期地对各参与者的秘密份额进行更新。许春香等人提出了一种定期更新防欺诈的秘密共享方案,该方案在秘密共享过程中仅支持共享单个秘密。在许春香等人方案的基础上,结合YCH(C C Yang,T Y Chang和M S Hwang)多秘密共享机制提出了一种主动多秘密共享方案。在方案中,秘密份额能够在不改变秘密的前提下定期进行刷新,一次秘密共享过程可以同时共享多个秘密,并且每个参与者可以对其他参与者提供的秘密份额进行验证。方案的安全性基于Shamir门限机制和离散对数问题。     

Weaknesses and drawbacks of a password authentication scheme using neural networks for multiserver architecture

In 2001, Li et al. proposed a password authentication scheme for the multiserver architecture by using a pattern classification system based on neural networks. Herein, we demonstrate that Li et al.'s scheme is vulnerable to an offline password guessing attack and a privileged insider's attack, and is not reparable. Additionally, we show that Li et al.'s scheme has several drawbacks in practice.     

A lossless data embedding technique by joint neighboring coding

Information hiding methods are currently exploited by many researchers for various applications. Proposing an efficient and feasible information hiding method is valuable. This paper presents a new reversible information hiding method for vector quantization (VQ)-compressed grayscale images by using joint neighboring coding (JNC) technique. The proposed method embeds secret data by using the difference values between the current VQ-compressed index and left or upper neighboring indices. The experimental results show that the proposed method achieves the best visual quality of reconstructed images compared with the two related works. In addition, the proposed method obtains as high embedding capacity as Lin and Chang's method, followed by Yang et al.'s method. As for execution speed, Yang et al.'s method is fastest, followed by the proposed method, and then Lin and Chang's method. With respect to bit rate, the proposed method has a little higher bit rate in comparison with the two related works.     

一个安全的多群签名方案

基于Kim等人的可转换群签名的思想，提出了一个安全的多群签名方案,该方案不仅能实现单群签名，而且能实现多群签名，并且能抵抗Li和Wang等人对Kim等人方案提出的攻击．此外，新方案还具有注销群成员的特性.     

A novel ID-based group signature

Group signatures, first introduced by Chaum and Heyst at Eurocrypt'91, allow individual members of a group to make signatures on behalf of the group while providing the signer's anonymity. Most of the previously proposed group signature schemes are based on the discrete logarithm problem, the public keys of users are not identity information, except for the ID-based scheme proposed by Park et al. in 1997. However, Park et al.'s scheme has a serious problem, which is that all of the previous group signatures signed by other members will be no longer valid if the group is changed. Moreover, the length of the group signature grows linearly with the number of group members, which makes their proposed scheme inefficient. In this paper, the authors propose a novel ID-based group signature scheme which can solve the problem raised by the inclusion of a new group member or the exclusion of an old group member. Meanwhile, compared to Park et al.'s scheme, our scheme requires less computing time for generating the group signature and verifying the group signature. The security of the proposed ID-based group signature scheme is based on the difficulty of computing the discrete logarithm modulo for a composite number.     

Comment on “The enhanced quantum blind signature protocol”

Recently, Yang et al. (Quantum Inf Process 12:109–117, 2013) proposed an enhancement on a quantum blind signature based on the two-state vector formalism, afterward a special attack strategy on Yang et al.’s enhanced scheme is put forward, in which the dishonest signer can illegally reveal 25 % of the message of the blind signature requester, but an effective solution has not been presented in their paper. In this paper, we further analyze Yang el al.’s enhanced scheme and find that there is another potential loophole which the blind signature requester can forge the message signer’s signature. Then, an improvement scheme is proposed. Finally, analysis results show that our improved scheme can withstand the blind signature requester’s forgery attack and the above special attack strategy, and our quantum efficiency will still be the same as the primary scheme.     

一种具有可分性的支付方案*

通过对Wang等人的方案的改进和有限域上的多项式理论,提出了一种具有可分性的支付方案。该方案可以抵制Santis等人方案的攻击,增强其安全性,同时也实现了货币的可分性。进一步针对匿名的提升进行了更为详细的研究,给出了具体的实现方法。     

可转换签密的几种改进方案

基于椭圆曲线密码体制建立了几个具有语义安全的可转换签密方案。这些方案都实现了当签密者抵赖其签密时,接收者可将签密转换成普通签名以向第三方证明签密者的欺骗;解决了H-C方案和W-B方案不满足语安全的弱点以及H-C方案不能抵抗已知明文攻击的缺陷;相对目前的一些方案,本文方案具有更小的通信代价和计算代价。     

对一种多重数字签名方案的攻击和改进

对Zhang等人提出的基于身份的RSA多重数字签名方案进行安全分析,提出了一个完全攻击算法。首先介绍了Zhang签名方案以及攻击算法,然后针对此签名算法的安全缺陷,提出了两个改进方案。改进方案均修改了每个签名者的随机化处理过程,并转移了部分计算操作。结果表明,改进后的方案既能保证安全性又不会降低签名和验证性能。因此,改进方案更具有实际应用价值。     

高效的不可否认的门限代理签名新方案

基于Kim等人的门限代理签名方案,Sun提出了已知签名人的不可否认的门限代理签名方案。在Sun的方案中,代理签名人不能否认他们所进行的代理签名。随后,Hsu等人证明Sun方案不能抵抗共谋攻击,并提出了相应的改进方案。论文首先证明了Hsu等人的改进方案不能抵抗公钥替换的内部攻击,即任何恶意的内部攻击者,不需要其他代理签名人的密钥,对任意的消息能够伪造一个有效的门限代理签名。然后提出了一种不可否认的门限代理签名新方案,能同时抵抗内部的公钥替换攻击和共谋攻击。就计算复杂度和通信成本而言,该文的方案比Hsu等人的方案更有效、更实用。     

A secure and efficient authenticated encryption for electronic payment systems using elliptic curve cryptography

The use of e-payment system for electronic trade is on its way to make daily life more easy and convenient. Contrarily, there are a number of security issues to be addressed, user anonymity and fair exchange have become important concerns along with authentication, confidentiality, integrity and non-repudiation. In a number of existing e-payment schemes, the customer pays for the product before acquiring it. Furthermore, many such schemes require very high computation and communication costs. To address such issues recently Yang et al. proposed an authenticated encryption scheme and an e-payment scheme based on their authenticated encryption. They excluded the need of digital signatures for authentication. Further they claimed their schemes to resist replay, man-in-middle, impersonation and identity theft attack while providing confidentiality, authenticity, integrity and privacy protection. However our analysis exposed that Yang et al.’s both authenticated encryption scheme and e-payment system are vulnerable to impersonation attack. An adversary just having knowledge of public parameters can easily masquerade as a legal user. Furthermore, we proposed improved authenticated encryption and e-payment schemes to overcome weaknesses of Yang et al.’s schemes. We prove the security of our schemes using automated tool ProVerif. The improved schemes are more robust and more lightweight than Yang et al.’s schemes which is evident from security and performance analysis.