Your browser does not support JavaScript!
http://iet.metastore.ingenta.com
1887
banner image
image of Volume 3, Issue 4
Online ISSN 1751-8717 Print ISSN 1751-8709

IET Information Security

Volume 3, Issue 4, December 2009

Volumes & issues:

Volume 3, Issue 4

December 2009

Show / Hide details

    • Cryptanalysis of an Iterated Halving-based hash function: CRUSH
      • Author(s): N. Bagheri ; M. Henricksen ; L.R. Knudsen ; M. Naderi ; B. Sadeghyian
      • Source: IET Information Security, Volume 3, Issue 4, p. 129 –138
      • DOI:  10.1049/iet-ifs.2009.0055
      • Type: Article
      • + Show details - Hide details
      • p. 129 –138 (10)
        Iterated Halving has been suggested as a replacement to the Merkle–Damgård (MD) construction in 2004 anticipating the attacks on the MDx family of hash functions. The CRUSH hash function provides a specific instantiation of the block cipher for Iterated Halving. The authors identify structural problems with the scheme and show that they can trivially identify collisions and second preimages on many equal-length messages of length ten blocks or more. The cost is ten decryptions of the block cipher, this being less than the generation of a single digest. In addition, these attacks can be used to differentiate CRUSH from a random oracle in O(1). The authors show that the complexity of finding a preimage in the unpadded CRUSH with the length encoding is negligible and extend this attack on CRUSH with the length encoding in cost O(232). This attack is a multi-preimage attack, since the attacker can produce a large number of messages for a given message digest for the cost of O(232). Hence, this attack can be used as a multi-collision and a multi-second-preimage as well. They show that if the attacker knows the last 64-bits of the message digest in advance, he can do the time-consuming part of the attack off-line. The authors show that even if Iterated Halving is repaired, the construction has practical issues that means it is not suitable for general deployment.
        Add to favourites
        Export citations
      Non-iterative privacy preservation for online lotteries
      • Author(s): J.-S. Lee ; C.-S. Chan ; C.-C. Chang
      • Source: IET Information Security, Volume 3, Issue 4, p. 139 –147
      • DOI:  10.1049/iet-ifs.2008.0104
      • Type: Article
      • + Show details - Hide details
      • p. 139 –147 (9)
        Unlike gambling, lottery games can exist in a lawful form to raise funds for charitable institutions. Owing to the expeditious development of network technology, lotteries over the Internet have become an inevitable trend. Since the Internet allows people to communicate with each other without direct contact, it is more difficult to guarantee the security and fairness of online lotteries than for conventional lottery games. However, electronic lottery methods can also provide something that conventional lottery mechanisms cannot: they allow players to purchase tickets at any time and in any place where they can access the Internet. The authors propose an online lottery mechanism that can confirm the propositions of general lottery games. Specifically, this novel method not only allows players to make t-out-of-n numbers in lotteries without iterative selection but also preserves the privacy of players' choices, making the system more similar to traditional lottery games.
        Add to favourites
        Export citations
      Partial decryption attacks in security-mediated certificateless encryption
      • Author(s): S.S.M. Chow  and  W.-S. Yap
      • Source: IET Information Security, Volume 3, Issue 4, p. 148 –151
      • DOI:  10.1049/iet-ifs.2009.0028
      • Type: Article
      • + Show details - Hide details
      • p. 148 –151 (4)
        Certificateless encryption refers to public key encryption with implicit certification. Security-mediated certificateless (SMC) encryption takes one-step further, such that every decryption requires a security-mediator (SEM) to partially decrypt the ciphertext. One major benefit is that instant revocation can be done by simply instructing the SEM to reject any further decryption request. Similar to the conventional chosen-ciphertext attack, it is reasonable to assume that an adversary can obtain the partial decryption of many ciphertexts. The authors show that the schemes proposed by Yang-Wang-Wang in AINAW 2007, Lo-Hwang-Li in IET Information Security, 1(3) and Yang-Xiong-Su in Computer Applications, 28(11) are insecure against partial decryption attacks, and hence cannot be classified as SMC encryption according to the original Chow–Boyd–González Nieto's formulation in PKC 2006.
        Add to favourites
        Export citations
      Generic constructions for universal designated-verifier signatures and identity-based signatures from standard signatures
      • Author(s): S.F. Shahandashti  and  R. Safavi-Naini
      • Source: IET Information Security, Volume 3, Issue 4, p. 152 –176
      • DOI:  10.1049/iet-ifs.2009.0036
      • Type: Article
      • + Show details - Hide details
      • p. 152 –176 (25)
        The authors give a generic construction for universal (mutli) designated-verifier signature schemes from a large class of signature schemes, referred to as Class ℂ. The resulting schemes are efficient and have two important properties. Firstly, they are provably DV-unforgeable, non-transferable and also non-delegatable. Secondly, the signer and the designated verifier can independently choose their cryptographic settings. The authors also propose a generic construction for (hierarchical) identity-based signature schemes from any signature scheme in ℂ and prove that the construction is secure against adaptive chosen message and identity attacks. The authors discuss possible extensions of our constructions to identity-based ring signatures and identity-based designated-verifier signatures from any signature in ℂ. Finally, the authors show that it is possible to combine the above constructions to obtain signatures with combined functionalities.
        Add to favourites
        Export citations

Most viewed content for this Journal

Article
content/journals/iet-ifs
Journal
5
Loading

Most cited content for this Journal

Print this page
This is a required field
Please enter a valid email address