Multivariate hash functions axe a type of hash functions whose compression function is explicitly defined as a sequence of multivariate equations.Billet et al designed the hash function MQ-HASH and Ding et al proposed a similar construction.In this paper,we analyze the security of multivariate hash functions and conclude that low degree multivariate functions such as MQ-HASH are neither pseudo-random nor unpredictable.There may be trivial collisions and fixed point attacks if the parameters of the compression function have been chosen. And they are also not computation-resistance,which makes MAC forgery easily.
In proxy signature schemes, an original signer A delegates its signing capability to a proxy signer B, in such a way that B can sign message on behalf of A.The recipient of the final message verifies at the same time that B computes the signature and that A has delegated its signing capability to B.Recently many identity-based(ID-based) proxy signature schemes have been proposed, however, the problem of key escrow is inherent in this setting.Certificateless cryptography can overcome the key escrow problem.In this paper, we present a general security model for certificateless proxy signature scheme.Then, we give a method to construct a secure certificateless proxy scheme from a secure certificateless signature scheme, and prove that the security of the construction can be reduced to the security of the original certificateless signature scheme.
HAVAL is a hash function proposed by Zheng et al.in 1992,including 3-,4-and 5-pass versions.We improve pseudo-preimage and preimage attacks on 3-pass HAVAL at the complexity of 2 172 and 2 209.6,respectively,as compared to the previous best known results:2 192 and 2 225 by Sasaki et al.in 2008.We extend the skip interval for partial-patching and apply the initial structure technique to find the better message chunks,and combine the indirect-partial-matching,partial-fixing and multi-neutral-word partial-fixing techniques to improve the attacks based on the meet-in-the-middle method.These are the best pseudo-preimage and preimage attacks on 3-pass HAVAL.
Leakage of the private key has become a serious problem of menacing the cryptosystem security. To reduce the underlying danger induced by private key leakage, Dodis et al.(2003) proposed the first key-insulated signature scheme. To handle issues concerning the private key leakage in certificateless signature schemes, we devise the first certificateless key-insulated signature scheme. Our scheme applies the key-insulated mechanism to certificateless cryptography, one with neither certificate nor key escrow. We incorporate Waters (2005)’s signature scheme, Paterson and Schuldt (2006)’s identity-based signature scheme, and Liu et al.(2007)’s certificateless signature scheme to obtain a certificateless key-insulated signature scheme. Our scheme has two desirable properties. First, its security can be proved under the non-pairing-based generalized bilinear Diffie-Hellman (NGBDH) conjecture, without utilizing the random oracle model; second, it solves the key escrow problem in identity-based key-insulated signatures.
Zhong-mei WANXue-jia LAIJian WENGSheng-li LIUYu LONGXuan HONG
To describe the design approaches of IND-CCA2(adaptive chosen ciphertext attack) secure public key encryption schemes systematically,the gaps between different kinds of intractable problems and IND-CCA2 security are studied.This paper points out that the construction of IND-CCA2 secure schemes is essentially to bridge these gaps.These gaps are categorized,analyzed and measured.Finally the methods to bridge these gaps are described.This explains the existing design approaches and gives aa intuition about the difficulty of designing IND-CCA2 secure public key encryption schemes based on different types of assumptions.
Keccak is one of the five hash functions selected for the final round of the SHA-3 competition,and its inner primitive is a permutation called Keccak-f.In this paper,we observe that for the inverse of the only nonlinear transformation in Keccak-f,the algebraic degree of any output coordinate and the one of the product of any two output coordinates are both 3,which is 2 less than its size of 5.Combining this observation with a proposition on the upper bound of the degree of iterated permutations,we improve the zero-sum distinguisher for the Keccak-f permutation with full 24 rounds by lowering the size of the zero-sum partition from 21590 to 21575.
In proxy signature schemes,the proxy signer B is permitted to produce a signature on behalf of the original signer A. However,exposure of proxy signing keys can be the most devastating attack on a proxy signature scheme since any adversary can sign messages on behalf of the proxy signer. In this paper,we applied Dodis,et al.’s key-insulation mechanism and proposed an Identity-Based (ID-based) Key-Insulated Proxy Signature (IBKIPS) scheme with secure key-updates. The proposed scheme is strong key-insulated and perfectly key-insulated. Our scheme also supports unbounded period numbers and random-access key-updates.
Wan ZhongmeiLai XuejiaWeng JianLiu ShengliHong Xuan
