A key-exchange system based on imaginary quadratic fields

We describe another key-exchange system which, while based on the general idea of the well-known scheme of Diffie and Hellman, seems to be more secure than that technique. The new system is based on the arithmetic of an imaginary quadratic field, and makes use, specifically, of the properties of the class group of such a field.     

A One Round Protocol for Tripartite Diffie–Hellman

In this paper we propose a three participants variation of the Diffie--Hellman protocol. This variation is based on the Weil and Tate pairings on elliptic curves, which were first used in cryptography as cryptanalytic tools for reducing the discrete logarithm problem on some elliptic curves to the discrete logarithm problem in a finite field.     

Cryptanalysis of a Key Exchange Protocol Based on Commuting Matrices

A key exchange protocol is considered unsafe.The scheme is based on a set of n commuting square singular matrices of dimension n × n over a finite field,and its security is claimed to rely on the hardness of the matrix version discrete logarithm problem.However,the proposal's design allows for a clean attack strategy.We show that the key exchange protocol is vulnerable to a linear algebra attack which only requires polynomial time to obtain the equivalent keys for all given public keys.We conduct a detailed analysis on the attack method and provide some improved suggestions on the key exchange protocol based on commuting matrices.     

Efficient real data filtering using complex-input discrete Fourier transforms

A new algorithm for efficient linear convolution of real signals using discrete Fourier transforms is presented. The traditional method uses a considerable amount of pre-processing and post-processing of both the input and output signals. We show that plenty of this processing can be shifted to the impulse response of the system, whose operations can be precomputed and therefore have no computational cost. This method results in computational savings, reducing the total arithmetic operations and particularly the execution time with regard to previously proposed techniques.     

基于离散对数和二次剩余的门限数字签名体制

本文将数字签名体制与Shamir秘密分享方案相结合提出了一种门限数字答名体制，其安全性基于有限域上求解离散对数的困难性和在特定条件下求解二次剩余的困难性。提出了在该体制中防止恶意参与者利用假“部分签名”进行欺诈以阻止签名、非法用户或签名的生成者伪造签名的有效措施。     

An Improved Real-Quadratic-Field-Based Key Exchange Procedure

To date, the only non-group structure that has been suitably employed as the key space for Diffie-Hellman-type cryptographic key exchange is the infrastructure of a real quadratic (number or function) field. We present an implementation of a Diffie-Hellman-type protocol based on real quadratic number field arithmetic that provides a significant improvement in performance over previous versions of this scheme. This dramatic speed-up is achieved by replacing the ordinary multiplication and reduction procedures for reduced ideals by a new version of the NUCOMP algorithm due to Shanks.     

A Structural Comparison of the Computational Difficulty of Breaking Discrete Log Cryptosystems

The complexity of breaking cryptosystems of which security is based on the discrete logarithm problem is explored. The cryptosystems mainly discussed are the Diffie—Hellman key exchange scheme (DH), the Bellare—Micali noninteractive oblivious transfer scheme (BM), the ElGamal public-key cryptosystem (EG), the Okamoto conference-key sharing scheme (CONF), and the Shamir 3-pass key-transmission scheme (3PASS). The obtained relation among these cryptosystems is that where denotes the polynomial-time functionally many-to-one reducibility, i.e., a function version of the -reducibility. We further give some condition in which these algorithms have equivalent difficulty. One of such conditions suggest another advantage of the discrete logarithm associated with ordinary elliptic curves. Received 18 January 1996 and revised 7 September 1996     

A salient object detection framework using linear quadratic regulator controller

In this paper, a novel salient object detection framework based on Linear Quadratic Regulator (LQR) controller is proposed. The major goal of this research is to take advantage of optimal control theory for improving the performance of detecting salient objects in images. In this regard, for the sake of detection of salient and non-salient regions, two LQR-based control systems are employed. In the proposed framework, for the initialization of the control systems, background and foreground estimations have been done with two different strategies. Doing so, we would ultimately have more effective distinction between those regions. After the initialization step, the control systems refine both estimations in parallel until reaching a steady state for each of them. Within the mentioned process, by using optimal control concept, specifically LQR controller (for the first time in the field), control signals which are in charge of determining saliency values, would be constantly optimized. At the end, the raw saliency map will be generated by combination of background and foreground optimized initial maps. Finally, the integrated saliency map will be refined by using angular embedding method. The experimental evaluations on three benchmark datasets shows that the proposed framework performs well and introduces comparable results with some deep learning based methods.     

基于核Rayleigh商二次相关滤波器的红外目标检测

Rayleigh商二次相关滤波器(RQQCF)是一种重要的目标检测方法,但其直接对原始图像数据进行操作,目标检测效果不总是很理想.核方法可以描述图像的高阶统计特性,有效抑制噪声及杂波,提高目标检测效果.将Rayleigh商二次相关滤波器映射到高维核特征空间,完整推导核Rayleigh商二次相关滤波器(KRQQCF),提...     

A perfect zero-knowledge proof system for a problem equivalent to the discrete logarithm

An interactive proof system is calledperfect zero-knowledge if the probability distribution generated by any probabilistic polynomial-time verifier interacting with the prover on input theoremϕ, can be generated by another probabilistic polynomial-time machine which only getsϕ as input (and interacts with nobody!). In this paper we present aperfect zero-knowledge proof system for a decision problem which is computationally equivalent to the Discrete Logarithm Problem. Doing so we provide additional evidence to the belief thatperfect zero-knowledge proof systems exist in a nontrivial manner (i.e., for languages not inBPP). Our results extend to the logarithm problem in any finite Abelian group. This research was partially supported by the Fund for Basic Research Administered by the Israeli Academy of Sciences and Humanities. An early version of this paper appeared inAdvances in Cryptology —Crypto 88 (Proceedings), S. Goldwasser (ed.), pp. 57–70, Lecture Notes in Computer Science, vol. 403, Springer-Verlag, Berlin, 1990.     

A new forgery attack on message recovery signatures

After extending the forgery attacks to Nyberg-Rueppel's signatures with message recovery, Atsuko Miyaji in 1997 proposed two suitable message recovery signatures, (F1) and (F2). In this paper, another new forgery attacks to (F1), (F2) and Nyberg-Rueppel's signatures are presented.     

A lightweight password‐based authentication protocol using smart card

With its simplicity and feasibility, password‐based remote user authentication becomes a popular way to control remote access to network. These years, numerous password‐based authentication schemes have been proposed. Recently, Maitra et al proposed a smart card–based scheme which claims to be resistant to various attacks. Unfortunately, we found some important flaws in this scheme. Therefore, in this paper, we will demonstrate that the scheme of Maitra et al is not secure enough as claimed: neither resisting against off‐line password guessing attack and insider attack nor preserve forward secrecy. To overcome those flaws, we put forward an improved new scheme which not only is resistant to all known attacks but also provides many attractive attributes, such as user revocation and re‐register. Also, we compared the scheme with other related schemes, the result proved the superiority of our scheme. Particularly, we show a new way (beyond the conventional Deffie‐Hellman approach) to achieve forward secrecy. Furthermore, we put some efforts into exploring the design principle of authentication schemes.     

有限域上多项式形式的ElGamal体制及数字签名方案

提出了有限域上多项式形式的ElGamal公钥体制,并基于新体制,提出了一个多项式形式的ElGamal数字签名方案。新的公钥体制一次可以加密多个明文,新的签名方案一次可对多个文件进行签名。两个体制的安全性都主要基于离散对数问题的难解性。     

Linear and quadratic estimation using uncertain observations from multiple sensors with correlated uncertainty

In this paper, filtering algorithms are derived for the least-squares linear and quadratic estimation problems in linear systems with uncertain observations coming from multiple sensors with different uncertainty characteristics. It is assumed that, at each sensor, the state is measured in the presence of additive white noise and that the Bernoulli random variables describing the uncertainty are correlated at consecutive sampling times but independent otherwise. The least-squares linear estimation problem is solved by using an innovation approach, and the quadratic estimation problem is reduced to a linear estimation one in a suitable augmented system. The performance of the linear and quadratic estimators is illustrated by a numerical simulation example wherein a scalar signal is estimated from correlated uncertain observations coming from two sensors with different uncertainty characteristics.     

Cryptanalysis of an identity‐based authenticated key exchange protocol

Authenticated key exchange protocols represent an important cryptographic mechanism that enables several parties to communicate securely over an open network. Elashry, Mu, and Susilo proposed an identity‐based authenticated key exchange (IBAKE) protocol where different parties establish secure communication by means of their public identities.The authors also introduced a new security notion for IBAKE protocols called resiliency, that is, if the secret shared key is compromised, the entities can generate another shared secret key without establishing a new session between them. They then claimed that their IBAKE protocol satisfies this security notion. We analyze the security of their protocol and prove that it has a major security flaw, which renders it insecure against an impersonation attack. We also disprove the resiliency property of their scheme by proposing an attack where an adversary can compute any shared secret key if just one secret bit is leaked.     

基于离散对数的动态(k,n)-门限方案

该文给出了一个基于离散对数的动态(k,n)一门限方案,它具有下述特点:(1)每个成员的子密钥可无限制地多次使用;(2)能够确认欺骗者;(3)当某个成员的子密钥泄密时,系统只须为该成员重新分配子密钥而不必更改其它成员的子密钥;(4)系统可以很方便地增加或删除一个成员;(5)恢复系统密钥时,采用并行过程。     

A key distribution system equivalent to factoring

We propose a variation of the Diffie and Hellman key distribution scheme for which we can prove that decryption of a single key requires the ability to factor a number that is the product of two large primes. The practical advantage of such a scheme is that it will still be secure if the cryptanalyst knows a very fast algorithm for either factoring or computing discrete logarithms, but not for both. Using these keys in the ElGamal public-key cryptosystem provides a scheme for which the decryption of a message requires the ability to factor the modulus and break the original Diffie and Hellman scheme. Research supported in part by grants from the USC Faculty Research and Innovation Fund and the National Security Agency.     

一个预防欺诈的(t,n)门限数字签名方案

基于离散对数的安全机制,该文提出了一个预防欺诈的ElGamal型(t, n)门限数字签名方案。在密钥生成阶段,参与者的公、私钥以及群公钥由所有参与者共同协商而无需可信中心支持;在签名生成阶段,参与者之间不需要进行任何安全通信;能够抵御合法参与者间的相互欺诈和外部攻击者的攻击。方案的安全性是基于离散对数问题的难解性。分析发现,该方案具有良好的安全性和执行效率。     

Authenticated Key Exchange Provably Secure Against the Man-in-the-Middle Attack

The standard Diffie—Hellman key exchange is suseptible to an attack known as the man-in-the-middle attack. Lack of authentication in the protocol makes this attack possible. Adding separate authentication to the protocol solves the problem but adds extra transmission and computation costs. Protocols which combine the authentication with the key exchange (an authenticated key exchange) are more efficient but until now none were provably secure against the man-in-the-middle attack. This paper describes an authenticated key exchange based on the difficulty of the q th-root problem, a problem believed to be equivalent to the discrete logarithm problem over groups of order q ² (where q is a large prime) and parallel to the square-root problem over the ring modulo N , where N is a strong two prime composite integer. We show that mounting a man-in-the-middle attack for our protocol is equivalent to breaking the Diffie—Hellman problem in the group. Received March 2000 and revised August 2001 Online publication 23 November 2001     

AN IMPLEMENTATION OF FAST ALGORITHM FOR ELLIPTIC CURVE CRYPTOSYSTEM OVER GF（p）

The design and implementation of fast algorithms related to Elliptic Curve Cryptography (ECC) over the field GF(p), such as modular addition, modular subtraction, point addition, point production, choice of embedding plaintext to a point, etc. are given. A practical software library has been produced which supports variable length implementation of the ECCbased ElGamal cryptosystem. More importantly, this scalable architecture of the design enables the ECC being used in restricted platforms as well as high-end servers based on Intel Pentium CPU. Applications such as electronic commerce security, data encryption communication, etc.are thus made possible for real time and effective ECC.