Informatica

Recently, Yang et al. proposed an improvement to Tseng et al.’s protected password changing scheme that can withstand denial of service attack. However, the improved scheme is still susceptible to stolen-verifier attack and denial of service attack. Accordingly, the current paper demonstrates the vulnerability of Yang et al.’s scheme to two simple attacks and presents an improved protected password change scheme to resolve such problems. In contrast to Yang et al.’s protected password changing scheme and the existing password change schemes using server’s public key, the proposed scheme can securely update user passwords without a complicated process and server’s public key.

Since threshold proxy signature has been proposed, all threshold proxy signature schemes are based on the discrete logarithm problems in the modular multiplicative group which has an element g with a large prime order. Nowadays this kind of threshold proxy signature schemes become more and more complex and time-consuming for security and specific requirement. In this paper, we propose a (bilinear) pairing-based threshold proxy signature scheme with known signers, analyze its security and check the following properties the proposed scheme has: non-repudiation, unforgeability, identifiability, distinguishability, verifiability, prevention of misuse of proxy signing right, etc. Moreover, we point out that the proposed scheme is of great efficiency by comparing it with Sun’s and Hsu et al.’s scheme.

In 1995, Wu proposed a remote login authentication scheme based on geometric approach. However, Chien, Jan and Tseng presented a cryptanalysis of Wu’s scheme to show that it is not secure. Moreover, they proposed a modified version of Wu’s scheme. This paper presents there is a serious weakness in this modified remote login authentication scheme. We show that an illegal user can easily forge a valid login request in the modified version proposed previously.

This paper proposes a new family of 4-dimensional chaotic cat maps. This family is then used in the design of a novel block-based image encryption scheme. This scheme is composed of two independent phases, a robust light shuffling phase and a masking phase which operate on image-blocks. It utilizes measures of central tendency to mix blocks of the image at hand to enhance security against a number of cryptanalytic attacks. The mixing is designed so that while encryption is highly sensitive to the secret key and the input image, decryption is robust against noise and cropping of the cipher-image. Empirical results show high performance of the suggested scheme and its robustness against well-known cryptanalytic attacks. Furthermore, comparisons with existing image encryption methods are presented which demonstrate the superiority of the proposed scheme.

The vulnerable part of communications between user and server is the poor authentication level at the user’s side. For example, in e-banking systems for user authentication are used passwords that can be lost or swindled by a person maliciously impersonating bank.

In this paper we consider an improved version of earlier published asymmetric encryption protocol based on matrix power function (MPF). Recently, a linear algebra attack on earlier version of this protocol was found. This attack allows an attacker to break suggested protocol in polynomial time.

ID-based cryptographic protocol is an extremely valuable apparatus in the field of cryptography and has numerous latent applications. The safety of conventional ID-based cryptographic protocol is entirely contingent in light of the safety of private keys. Revelation of private keys needs reissuing all beforehand doled out encryptions. This confinement turns out to be clearer today as key presentation is more regular with expanding utilization of unprotected gadgets and mobile technology. In this context, relieving the loss of key disclosure in ID-based cryptographic protocol is a critical issue. To manage this issue, we present to include onward security into ID-based cryptographic protocol. Besides, we propose another development of indistinguishability-ID-based cryptographic protocol using Integer Factorization Problem (IFP) and Generalized Discrete Logarithm Problem (GDLP) which is semantically protected against Chosen Plaintext Attack (CPA) in random oracle. We show that our presented protocol beats the other standing protocol as far as security, the length of public key and computational cost are concerned. We shed light on some applications and future scope.

Generating sequences of random numbers or bits is a necessity in many situations (cryptography, modeling, simulations, etc…). Those sequences must be random in the sense that their behavior should be unpredictable. For example, the security of many cryptographic systems depends on the generation of unpredictable values to be used as keys. Since randomness is related to the unpredictable property, it can be described in probabilistic terms, studying the randomness of a sequence by means of a hypothesis test. A new statistical test for randomness of bit sequences is proposed in the paper. The created test is focused on determining the number of different fixed length patterns that appear along the binary sequence. When ‘few’ distinct patterns appear in the sequence, the hypothesis of randomness is rejected. On the contrary, when ‘many’ different patterns appear in the sequence, the hypothesis of randomness is accepted.

A new pseudo-random number generator (PRNG) is proposed. The principle of the method consists in mixing chaotic maps produced from an input initial vector. The algorithm uses permutations whose positions are computed and indexed by a chaotic function based on linear congruences. The performance of this scheme is evaluated through statistical analysis. Such a cryptosystem lets appear significant cryptographic qualities for a good security level.

Fuzzy identity based encryption (FIBE), proposed by Sahai and Waters, is a new kind of identity based encryption. It allows users with identity w can decrypt ciphertext for w' if and only if w is close enough to w'. Recently, Ren et al. proposed a new FIBE scheme and claimed it is fully CCA2 secure in the standard model with a tight reduction. However, in this paper we will show that their scheme is not correct. Furthermore, the key generation process of their scheme cannot resist the collusion attack, which is a basic security requirement for FIBE. At last, we propose a new fully secure FIBE scheme based on the Sahai–Waters FIBE scheme and prove its security by using the “dual system encryption” technique.