IET Information Security
Volume 10, Issue 2, March 2016
Volumes & issues:
Volume 10, Issue 2
March 2016
-
- Author(s): Yang Tan ; Shaohua Tang ; Jie Chen ; Yong Yu ; Xiangxue Li
- Source: IET Information Security, Volume 10, Issue 2, p. 53 –59
- DOI: 10.1049/iet-ifs.2015.0016
- Type: Article
- + Show details - Hide details
-
p.
53
–59
(7)
Rainbow is an effective multivariate digital signature scheme proposed by Ding and Schmidt. However, a lot of attacks against it have been proposed. To resist all these attacks, designer should be very careful with its choice of parameters. In this study, the authors will propose a new approach to build a secure variant of Rainbow. According to our security analysis, it could resist all the existing attacks against Rainbow and save some memory in the meantime.
- Author(s): Esther Palomar ; Lorena González-Manzano ; Almudena Alcaide ; Álvaro Galán
- Source: IET Information Security, Volume 10, Issue 2, p. 60 –68
- DOI: 10.1049/iet-ifs.2014.0466
- Type: Article
- + Show details - Hide details
-
p.
60
–68
(9)
Online social network (OSN) users are exhibiting an increased privacy-protective behaviour especially since multimedia sharing has emerged as a popular activity over most OSN sites. Popular OSN applications could reveal much of the users’ personal information or let it easily derived, hence favouring different types of misbehaviour. In this article the authors deal with these privacy concerns by applying fine-grained access control and co-ownership management over the shared data. This proposal defines access policy as any linear boolean formula that is collectively determined by all users being exposed in that data collection namely the co-owners. All co-owners are empowered to take part in the process of data sharing by expressing (secretly) their privacy preferences and, as a result, jointly agreeing on the access policy. Access policies are built upon the concept of secret sharing systems. A number of predicates such as gender, affiliation or postal code can define a particular privacy setting. User attributes are then used as predicate values. In addition, by the deployment of privacy-enhanced attribute-based credential technologies, users satisfying the access policy will gain access without disclosing their real identities. The authors have implemented this system as a Facebook application demonstrating its viability, and procuring reasonable performance costs.
- Author(s): Xiaoming Hu ; Wenan Tan ; Huajie Xu ; Jian Wang
- Source: IET Information Security, Volume 10, Issue 2, p. 69 –79
- DOI: 10.1049/iet-ifs.2014.0434
- Type: Article
- + Show details - Hide details
-
p.
69
–79
(11)
A designated verifier proxy signature (DVPS), where only a designated verifier can verify the validity of a proxy signed message, is suitable for being applied in many scenarios. Many DVPS schemes have been proposed, but most of these schemes only provide informal proofs of security or incomplete formal proofs of security with limited power attackers (a weak security model), which make these schemes vulnerable to some attacks. To the best of their knowledge, none of the existing DVPS schemes provides a complete notion of security for DVPS. In this study, the authors first classify DVPS into weak DVPS (WDVPS) and strong DVPS (SDVPS). They then give a systematic analysis of the security requirements for WDVPS (SDVPS) and they present complete notions of security for WDVPS and SDVPS. They also propose WDVPS and SDVPS schemes, which are both provably secure, that is, satisfying their new notions of security in the random oracle model. Compared with other DVPS schemes (including WDVPS and SDVPS schemes), their schemes have more complete security and they are more efficient.
- Author(s): Yang Lu and Jiguo Li
- Source: IET Information Security, Volume 10, Issue 2, p. 80 –86
- DOI: 10.1049/iet-ifs.2015.0188
- Type: Article
- + Show details - Hide details
-
p.
80
–86
(7)
Certificate-based cryptography is a useful primitive that combines traditional public key cryptography (PKC) and identity-based cryptography (IBC). It not only solves the key escrow problem inherent in IBC, but also simplifies the certificate problem in traditional PKC. So far, several certificate-based signature (CBS) schemes have been proposed in the literature. However, none of them consider the malicious certificate authority (CA) attack. Cryptanalysis shows that two previous CBS schemes without random oracles fail in achieving unforgeability under such attack. To overcome the security weakness in these schemes, the authors propose an improved CBS scheme that can withstand malicious CA attacks. They prove it to be existentially unforgeable against chosen message attacks under the computational Diffie–Hellman assumption in the standard model. Compared with the previous standard-model CBS schemes, the proposed scheme has obvious advantages in both the computation and communication efficiency.
- Author(s): Lingfeng Liu ; Suoxia Miao ; Hanping Hu ; Yashuang Deng
- Source: IET Information Security, Volume 10, Issue 2, p. 87 –94
- DOI: 10.1049/iet-ifs.2014.0192
- Type: Article
- + Show details - Hide details
-
p.
87
–94
(8)
Pseudorandom binary sequences play a significant role in many fields, such as error control coding, spread spectrum communications, and cryptography. In recent years, chaotic system is regarded as an important pseudorandom source in the design of pseudorandom bit generators (PRBGs). Among them, most are based on one or more fixed chaotic systems, and the generated binary sequences come to be stationary. However, these kinds of chaotic PRBGs can be attacked by reconstructing the phase space or using some statistical analysis methods. In this study, a scheme for chaotic PRBG based on non-stationary logistic map is proposed. The authors design a dynamic algorithm to change the driven parameter sequence (not random) into a random-like sequence. The variable parameters disrupt the phase space of the system, which can resist the phase space reconstruction attacks effectively. They prove that the non-stationary logistic map is still chaotic under Wiggins’ chaos definition. The numerical analysis shows that the generated binary sequences have good cryptographic properties and can pass the well-known statistical tests. The authors’ chaotic PRBG based on non-stationary logistic map is a novel scheme in the design of PRBG, and is more secure than the PRBGs based on fixed chaotic systems.
- Author(s): Zhiqiang Liu ; Bing Sun ; Qingju Wang ; Kerem Varici ; Dawu Gu
- Source: IET Information Security, Volume 10, Issue 2, p. 95 –103
- DOI: 10.1049/iet-ifs.2014.0614
- Type: Article
- + Show details - Hide details
-
p.
95
–103
(9)
Camellia is one of the widely used block ciphers, which has been included in the NESSIE block cipher portfolio and selected as a standard by ISO/IEC. In this study, the authors observe that there exist some interesting properties of the FL/FL −1 functions in Camellia. With this observation they derive some weak keys for the cipher, based on which they present the first known 8-round zero-correlation linear distinguisher of Camellia with FL/FL −1 layers. This result shows that the FL/FL −1 layers inserted in Camellia cannot resist zero-correlation linear cryptanalysis effectively for some weak keys since the currently best zero-correlation linear distinguisher for Camellia without FL/FL −1 layers also covers eight rounds. Moreover, by using the novel distinguisher, they launch key recovery attacks on 13-round Camellia-192 and 14-round Camellia-256. To their knowledge, these results are the best for Camellia-192 and Camellia-256 with FL/FL −1 and whitening layers.
- Author(s): Dan-dan Li ; Zu-ling Chang ; Qiao-yan Wen ; Jie Zhang
- Source: IET Information Security, Volume 10, Issue 2, p. 104 –111
- DOI: 10.1049/iet-ifs.2015.0006
- Type: Article
- + Show details - Hide details
-
p.
104
–111
(8)
Sequences with high linear complexity play a fundamental part in cryptography. In this study, the authors construct general forms of Whiteman's generalised cyclotomic quaternary sequences with period 2p m+1 q n+1 of order two over 𝔽4 and give the linear complexity of the proposed sequences. The conclusions reveal that such sequences have good balance property and high linear complexity.
Building a new secure variant of Rainbow signature scheme
Implementing a privacy-enhanced attribute-based credential system for online social networks with co-ownership management
Short and provably secure designated verifier proxy signature scheme
Improved certificate-based signature scheme without random oracles
Pseudorandom bit generator based on non-stationary logistic maps
Improved zero-correlation linear cryptanalysis of reduced-round Camellia under weak keys
Linear complexity of generalised cyclotomic quaternary sequences of length 2p m+1 q n+1
Most viewed content
Most cited content for this Journal
-
High accuracy android malware detection using ensemble learning
- Author(s): Suleiman Y. Yerima ; Sakir Sezer ; Igor Muttik
- Type: Article
-
Crypto-based algorithms for secured medical image transmission
- Author(s): Ali Al-Haj ; Gheith Abandah ; Noor Hussein
- Type: Article
-
Pseudorandom bit generator based on non-stationary logistic maps
- Author(s): Lingfeng Liu ; Suoxia Miao ; Hanping Hu ; Yashuang Deng
- Type: Article
-
Constructing important features from massive network traffic for lightweight intrusion detection
- Author(s): Wei Wang ; Yongzhong He ; Jiqiang Liu ; Sylvain Gombault
- Type: Article
-
Empirical analysis of Tor Hidden Services
- Author(s): Gareth Owen and Nick Savage
- Type: Article