Kish proposed a scheme to exchange keys between two parties under the concealment of thermal noise. We show that the theoretical model in the scheme implicitly assumes thermal equilibrium throughout the communication channel. This assumption, however, is invalid in real communication systems. A slight temperature difference in the channel, as demonstrated in the paper, will lead to security failure.
We describe a forgery attack on the RPC incremental unforgeable encryption scheme. The attack allows an adversary to forge a new ciphertext with probability 1/2 using 2r/2 incremental update queries, where r is the parameter of random values used in the RPC scheme and is at most half the block length of the block cipher used. However, the original analysis claimed that on the order of 2r queries would be needed. When applying the attack to the scheme using a block cipher with 128-bit block length and assuming r = 48 as suggested in the original article of the RPC scheme, the adversary can obtain a forgery with probability 1/2 after 224 update queries. Even in the case of 256-bit RPC scheme with r = 64, the required number of queries is only 232. We also propose two methods to strengthen the RPC scheme for defeating the proposed attack.
Group signatures are generalised credential/member authentication schemes with wide applications. Membership revocation problem is a major issue of group signatures, and is often resolved through an additional protocol which would encumber the whole group signature both in computation and storage, as Camenisch et al. did to ACJT's group signature scheme (the first ever practical group signature based on RSA problem put forward by Ateniese et al. at Crypto'00) by dynamic accumulator. Boneh et al. applied Camenisch et al.'s dynamic accumulator based revocation reversely, resulted in short group signature. We formally define the method used by Boneh et al., named reversed dynamic accumulator in this paper, and apply it on some previous group signatures to obtain improved ones with revocation capability, reduced bandwidth (signature size) and less signature generation computations. We also address the problems unsolved in Boneh et al.'s work, e.g. how to open a group signature since the current certificate may no longer be the one stored when it is firstly generated.
In a multipartite access structure, the set of players is divided into K different classes in such a way that all players of the same class play the same role in the structure. Not many results are known about these structures, when K ≥ 3.Although the total characterisation of ideal multipartite access structures seems a very ambitious goal, we nevertheless take a first step in this direction. On the one hand, we detect some conditions that directly imply that a multipartite structure cannot be ideal. On the other hand, we introduce a new strategy which helps to prove that a multipartite access structure is ideal, and we apply this strategy to three wide families of multipartite access structures.
Baocang and Yupu proposed a relatively fast public key cryptosystem. The authors claim that the security of their system is based on two number-theoretic hard problems, namely the simultaneous Diophantine approximation problem and the integer factorisation problem. In this article we present a polynomial time heuristic attack that enables us to recover the private key from the public key. In particular, we show that breaking the system can be reduced to finding a short vector in a lattice which can be achieved using the L3-lattice reduction algorithm.