Rainbow is an effective multivariate digital signature scheme proposed by Ding and Schmidt. However, a lot of attacks against it have been proposed. To resist all these attacks, designer should be very careful with its choice of parameters. In this study, the authors will propose a new approach to build a secure variant of Rainbow. According to our security analysis, it could resist all the existing attacks against Rainbow and save some memory in the meantime.

Online social network (OSN) users are exhibiting an increased privacy-protective behaviour especially since multimedia sharing has emerged as a popular activity over most OSN sites. Popular OSN applications could reveal much of the users’ personal information or let it easily derived, hence favouring different types of misbehaviour. In this article the authors deal with these privacy concerns by applying fine-grained access control and co-ownership management over the shared data. This proposal defines access policy as any linear boolean formula that is collectively determined by all users being exposed in that data collection namely the co-owners. All co-owners are empowered to take part in the process of data sharing by expressing (secretly) their privacy preferences and, as a result, jointly agreeing on the access policy. Access policies are built upon the concept of secret sharing systems. A number of predicates such as gender, affiliation or postal code can define a particular privacy setting. User attributes are then used as predicate values. In addition, by the deployment of privacy-enhanced attribute-based credential technologies, users satisfying the access policy will gain access without disclosing their real identities. The authors have implemented this system as a Facebook application demonstrating its viability, and procuring reasonable performance costs.

A designated verifier proxy signature (DVPS), where only a designated verifier can verify the validity of a proxy signed message, is suitable for being applied in many scenarios. Many DVPS schemes have been proposed, but most of these schemes only provide informal proofs of security or incomplete formal proofs of security with limited power attackers (a weak security model), which make these schemes vulnerable to some attacks. To the best of their knowledge, none of the existing DVPS schemes provides a complete notion of security for DVPS. In this study, the authors first classify DVPS into weak DVPS (WDVPS) and strong DVPS (SDVPS). They then give a systematic analysis of the security requirements for WDVPS (SDVPS) and they present complete notions of security for WDVPS and SDVPS. They also propose WDVPS and SDVPS schemes, which are both provably secure, that is, satisfying their new notions of security in the random oracle model. Compared with other DVPS schemes (including WDVPS and SDVPS schemes), their schemes have more complete security and they are more efficient.

Certificate-based cryptography is a useful primitive that combines traditional public key cryptography (PKC) and identity-based cryptography (IBC). It not only solves the key escrow problem inherent in IBC, but also simplifies the certificate problem in traditional PKC. So far, several certificate-based signature (CBS) schemes have been proposed in the literature. However, none of them consider the malicious certificate authority (CA) attack. Cryptanalysis shows that two previous CBS schemes without random oracles fail in achieving unforgeability under such attack. To overcome the security weakness in these schemes, the authors propose an improved CBS scheme that can withstand malicious CA attacks. They prove it to be existentially unforgeable against chosen message attacks under the computational Diffie–Hellman assumption in the standard model. Compared with the previous standard-model CBS schemes, the proposed scheme has obvious advantages in both the computation and communication efficiency.

Pseudorandom binary sequences play a significant role in many fields, such as error control coding, spread spectrum communications, and cryptography. In recent years, chaotic system is regarded as an important pseudorandom source in the design of pseudorandom bit generators (PRBGs). Among them, most are based on one or more fixed chaotic systems, and the generated binary sequences come to be stationary. However, these kinds of chaotic PRBGs can be attacked by reconstructing the phase space or using some statistical analysis methods. In this study, a scheme for chaotic PRBG based on non-stationary logistic map is proposed. The authors design a dynamic algorithm to change the driven parameter sequence (not random) into a random-like sequence. The variable parameters disrupt the phase space of the system, which can resist the phase space reconstruction attacks effectively. They prove that the non-stationary logistic map is still chaotic under Wiggins’ chaos definition. The numerical analysis shows that the generated binary sequences have good cryptographic properties and can pass the well-known statistical tests. The authors’ chaotic PRBG based on non-stationary logistic map is a novel scheme in the design of PRBG, and is more secure than the PRBGs based on fixed chaotic systems.

Camellia is one of the widely used block ciphers, which has been included in the NESSIE block cipher portfolio and selected as a standard by ISO/IEC. In this study, the authors observe that there exist some interesting properties of the FL/FL ⁻¹ functions in Camellia. With this observation they derive some weak keys for the cipher, based on which they present the first known 8-round zero-correlation linear distinguisher of Camellia with FL/FL ⁻¹ layers. This result shows that the FL/FL ⁻¹ layers inserted in Camellia cannot resist zero-correlation linear cryptanalysis effectively for some weak keys since the currently best zero-correlation linear distinguisher for Camellia without FL/FL ⁻¹ layers also covers eight rounds. Moreover, by using the novel distinguisher, they launch key recovery attacks on 13-round Camellia-192 and 14-round Camellia-256. To their knowledge, these results are the best for Camellia-192 and Camellia-256 with FL/FL ⁻¹ and whitening layers.

Sequences with high linear complexity play a fundamental part in cryptography. In this study, the authors construct general forms of Whiteman's generalised cyclotomic quaternary sequences with period 2p ^m+1 q ⁿ⁺¹ of order two over 𝔽₄ and give the linear complexity of the proposed sequences. The conclusions reveal that such sequences have good balance property and high linear complexity.