Online ISSN
1751-8717
Print ISSN
1751-8709
IET Information Security
Volume 3, Issue 4, December 2009
Volumes & issues:
Volume 3, Issue 4
December 2009
-
- Author(s): N. Bagheri ; M. Henricksen ; L.R. Knudsen ; M. Naderi ; B. Sadeghyian
- Source: IET Information Security, Volume 3, Issue 4, p. 129 –138
- DOI: 10.1049/iet-ifs.2009.0055
- Type: Article
- + Show details - Hide details
-
p.
129
–138
(10)
Iterated Halving has been suggested as a replacement to the Merkle–Damgård (MD) construction in 2004 anticipating the attacks on the MDx family of hash functions. The CRUSH hash function provides a specific instantiation of the block cipher for Iterated Halving. The authors identify structural problems with the scheme and show that they can trivially identify collisions and second preimages on many equal-length messages of length ten blocks or more. The cost is ten decryptions of the block cipher, this being less than the generation of a single digest. In addition, these attacks can be used to differentiate CRUSH from a random oracle in O(1). The authors show that the complexity of finding a preimage in the unpadded CRUSH with the length encoding is negligible and extend this attack on CRUSH with the length encoding in cost O(232). This attack is a multi-preimage attack, since the attacker can produce a large number of messages for a given message digest for the cost of O(232). Hence, this attack can be used as a multi-collision and a multi-second-preimage as well. They show that if the attacker knows the last 64-bits of the message digest in advance, he can do the time-consuming part of the attack off-line. The authors show that even if Iterated Halving is repaired, the construction has practical issues that means it is not suitable for general deployment. - Author(s): J.-S. Lee ; C.-S. Chan ; C.-C. Chang
- Source: IET Information Security, Volume 3, Issue 4, p. 139 –147
- DOI: 10.1049/iet-ifs.2008.0104
- Type: Article
- + Show details - Hide details
-
p.
139
–147
(9)
Unlike gambling, lottery games can exist in a lawful form to raise funds for charitable institutions. Owing to the expeditious development of network technology, lotteries over the Internet have become an inevitable trend. Since the Internet allows people to communicate with each other without direct contact, it is more difficult to guarantee the security and fairness of online lotteries than for conventional lottery games. However, electronic lottery methods can also provide something that conventional lottery mechanisms cannot: they allow players to purchase tickets at any time and in any place where they can access the Internet. The authors propose an online lottery mechanism that can confirm the propositions of general lottery games. Specifically, this novel method not only allows players to make t-out-of-n numbers in lotteries without iterative selection but also preserves the privacy of players' choices, making the system more similar to traditional lottery games. - Author(s): S.S.M. Chow and W.-S. Yap
- Source: IET Information Security, Volume 3, Issue 4, p. 148 –151
- DOI: 10.1049/iet-ifs.2009.0028
- Type: Article
- + Show details - Hide details
-
p.
148
–151
(4)
Certificateless encryption refers to public key encryption with implicit certification. Security-mediated certificateless (SMC) encryption takes one-step further, such that every decryption requires a security-mediator (SEM) to partially decrypt the ciphertext. One major benefit is that instant revocation can be done by simply instructing the SEM to reject any further decryption request. Similar to the conventional chosen-ciphertext attack, it is reasonable to assume that an adversary can obtain the partial decryption of many ciphertexts. The authors show that the schemes proposed by Yang-Wang-Wang in AINAW 2007, Lo-Hwang-Li in IET Information Security, 1(3) and Yang-Xiong-Su in Computer Applications, 28(11) are insecure against partial decryption attacks, and hence cannot be classified as SMC encryption according to the original Chow–Boyd–González Nieto's formulation in PKC 2006. - Author(s): S.F. Shahandashti and R. Safavi-Naini
- Source: IET Information Security, Volume 3, Issue 4, p. 152 –176
- DOI: 10.1049/iet-ifs.2009.0036
- Type: Article
- + Show details - Hide details
-
p.
152
–176
(25)
The authors give a generic construction for universal (mutli) designated-verifier signature schemes from a large class of signature schemes, referred to as Class ℂ. The resulting schemes are efficient and have two important properties. Firstly, they are provably DV-unforgeable, non-transferable and also non-delegatable. Secondly, the signer and the designated verifier can independently choose their cryptographic settings. The authors also propose a generic construction for (hierarchical) identity-based signature schemes from any signature scheme in ℂ and prove that the construction is secure against adaptive chosen message and identity attacks. The authors discuss possible extensions of our constructions to identity-based ring signatures and identity-based designated-verifier signatures from any signature in ℂ. Finally, the authors show that it is possible to combine the above constructions to obtain signatures with combined functionalities.
Cryptanalysis of an Iterated Halving-based hash function: CRUSH
Non-iterative privacy preservation for online lotteries
Partial decryption attacks in security-mediated certificateless encryption
Generic constructions for universal designated-verifier signatures and identity-based signatures from standard signatures
Most viewed content for this Journal
Article
content/journals/iet-ifs
Journal
5
Most cited content for this Journal
-
High accuracy android malware detection using ensemble learning
- Author(s): Suleiman Y. Yerima ; Sakir Sezer ; Igor Muttik
- Type: Article
-
Crypto-based algorithms for secured medical image transmission
- Author(s): Ali Al-Haj ; Gheith Abandah ; Noor Hussein
- Type: Article
-
Pseudorandom bit generator based on non-stationary logistic maps
- Author(s): Lingfeng Liu ; Suoxia Miao ; Hanping Hu ; Yashuang Deng
- Type: Article
-
Constructing important features from massive network traffic for lightweight intrusion detection
- Author(s): Wei Wang ; Yongzhong He ; Jiqiang Liu ; Sylvain Gombault
- Type: Article
-
Empirical analysis of Tor Hidden Services
- Author(s): Gareth Owen and Nick Savage
- Type: Article