Algebraic Fault Analysis of SHA-256 Compression Function and Its Application

Cryptographic hash functions play an essential role in various aspects of cryptography, such as message authentication codes, pseudorandom number generation, digital signatures, and so on. Thus, the security of their hardware implementations is an important research topic. Hao et al. proposed an algebraic fault analysis (AFA) for the SHA-256 compression function in 2014. They showed that one could recover the whole of an unknown input of the SHA-256 compression function by injecting 65 faults and analyzing the outputs under normal and fault injection conditions. They also presented an almost universal forgery attack on HMAC-SHA-256 using this result. In our work, we conducted computer experiments for various fault-injection conditions in the AFA for the SHA-256 compression function. As a result, we found that one can recover the whole of an unknown input of the SHA-256 compression function by injecting an average of only 18 faults on average. We also conducted an AFA for the SHACAL-2 block cipher and an AFA for the SHA-256 compression function, enabling almost universal forgery of the chopMD-MAC function.

An improved efficient anonymous authentication with conditional privacy-preserving scheme for VANETs

The study of security and privacy in vehicular ad hoc networks (VANETs) has become a hot topic that is wide open to discussion. As the quintessence of this aspect, authentication schemes deployed in VANETs play a substantial role in providing secure communication among vehicles and the surrounding infrastructures. Many researchers have proposed a variety of schemes related to information verification and computation efficiency in VANETs. In 2018, Kazemi et al. proposed an evaluation and improvement work towards Azees et al.’s efficient anonymous authentication with conditional privacy-preserving (EAAP) scheme for VANETs. They claimed that the EAAP suffered from replaying attacks, impersonation attacks, modification attacks, and cannot provide unlinkability. However, we also found out if Kazemi et al.’s scheme suffered from the unlinkability issue that leads to a forgery attack. An adversary can link two or more messages sent by the same user by applying Euclid’s algorithm and derives the user’s authentication key. To remedy the issue, in this paper, we proposed an improvement by encrypting the message using a shared secret key between sender and receiver and apply a Nonce in the final message to guarantee the unlinkability between disseminated messages.

Rejection Sampling Revisit: How to Choose Parameters in Lattice-Based Signature

Rejection sampling technology is a core tool in the design of lattice-based signatures with ‘Fiat–Shamir with Aborts’ structure, and it is related to signing efficiency and signature, size as well as security. In the rejection sampling theorem proposed by Lyubashevsky, the masking vector of rejection sampling is chosen from discrete Gaussian distribution. However, in practical designs, the masking vector is more likely to be chosen from bounded uniform distribution due to better efficiency and simpler implementation. Besides, as one of the third-round candidate signatures in the NIST postquantum cryptography standardization process, the 3rd round version of CRYSTALS-Dilithium has proposed a new method to decrease the rejection probability in order to achieve better efficiency and smaller signature size by decreasing the number of nonzero coefficients of the challenge polynomial according to the security levels. However, it is seen that small entropies in this new method may lead to higher risk of forgery attack compared with former schemes proposed in its 2nd version. Thus, in this paper, we first analyze the complexity of forgery attack for small entropies and then introduce a new method to decrease the rejection probability without loss of security including the security against forgery attack. This method is achieved by introducing a new rejection sampling theorem with tighter bound by utilizing Rényi divergence where masking vector follows uniform distribution. By observing large gaps between the security claim and actual security bound in CRYSTALS-Dilithium, we propose two series of adapted parameters for CRYSTALS-Dilithium. The first set can improve the efficiency of the signing process in CRYSTALS-Dilithium by factors of 61.7 % and 41.7 % , according to the security levels, and ensure the security against known attacks, including forgery attack. And, the second set can reduce the signature size by a factor of 14.09 % with small improvements in efficiency at the same security level.

Frame Duplication Forgery Detection and Localization Algorithm Based on the Improved Levenshtein Distance

In this digital era of technology and software development tools, low-cost digital cameras and powerful video editing software (such as Adobe Premiere, Microsoft Movie Maker, and Magix Vegas) have become available for any common user. Through these softwares, editing the contents of digital videos became very easy. Frame duplication is a common video forgery attack which can be done by copying and pasting a sequence of frames within the same video in order to hide or replicate some events from the video. Many algorithms have been proposed in the literature to detect such forgeries from the video sequences through analyzing the spatial and temporal correlations. However, most of them are suffering from low efficiency and accuracy rates and high computational complexity. In this paper, we are proposing an efficient and robust frame duplication detection algorithm to detect duplicated frames from the video sequence based on the improved Levenshtein distance. Extensive experiments were performed on some selected video sequences captured by stationary and moving cameras. In the experimental results, the proposed algorithm showed efficacy compared with the state-of-the-art techniques.

A Traceable and Authenticated IoTs Trigger Event of Private Security Record Based on Blockchain

Recently, private security services have become increasingly needed by the public. The proposed scheme involves blockchain technology with a smart contract. When a private security company signs a contract with a client, they install an Internet of Things (IoTs) device in the client’s house and connect it with the IoT main controller; then, the IoT main controller connects to the security control center (SCC). Once there is an event triggered (e.g., a break-in or fire incident) by the IoTs device, the controller sends a message to the SCC. The SCC allocates a security guard (SG) to the incident scene immediately. After the task is accomplished, the SG sends a message to the SCC. All of these record the messages and events chained in the blockchain center. The proposed scheme makes security event records have the following characteristics: authenticated, traceable, and integral. The proposed scheme is proved by a security analysis with mutual authentication, traceability, integrity, and non-repudiation. The known attacks (e.g., man-in-the-middle attack, replay attack, forgery attack) are avoided by message encryption and a signing mechanism. Threat models in the communication phase can also be avoided. Finally, computation cost, communication performance, and comparison with related works are also discussed to prove its applicability. We also provide an arbitration mechanism, so that the proposed scheme can reduce disputes between private security companies and the client.

Fail-Stop Group Signature Scheme

In this study, a fail-stop group signature scheme (FSGSS) that combines the features of group and fail-stop signatures to enhance the security level of the original group signature is proposed. Assuming that FSGSS encounters an attack by a hacker armed with a supercomputer, this scheme can prove that the digital signature is forged. Based on the aforementioned objectives, this study proposes three lemmas and proves that they are indeed feasible. First, how does a recipient of a digitally signed document verify the authenticity of the signature? Second, when a digitally signed document is under dispute, how can the group’s manager determine the identity of the original group member who signed the document, if necessary, for an investigation? Third, how can one prove that the signature is indeed forged following an external attack from a supercomputer? Following an attack, the signature could be proved to be forged without exposing the key. In addition, the ultimate goal of the group fail-stop signature scheme is to stop using the same key immediately after the discovery of a forgery attack; this would prevent the attack from being repeated.

Experimental Study of Digipass Go3 and the Security of Authentication

Based on the analysis of 6-digit one-time passwords (OTP) generated by DIGIPASS GO3 we were able to reconstruct the synchronization system of the token, the OTP generating algorithm and the verification protocol in details necessary for an attack. The OTPs are more predictable than expected. A forgery attack is described. We argue the attack success probability is much higher than it may be expected if all the digits are independently and uniformly distributed. The implications for the security of authentication are discussed and open questions are formulated.