A New Lever Function with Adequate Indeterminacy

The key transform of the REESSE1+ asymmetrical cryptosystem is Ci = (Ai * W ^ l(i)) ^ d (% M) with l(i) in Omega = {5, 7, ..., 2n + 3} for i = 1, ..., n, where l(i) is called a lever function. In this paper, the authors give a simplified key transform Ci = Ai * W ^ l(i) (% M) with a new lever function l(i) from {1, ..., n} to Omega = {+/-5, +/-6, ..., +/-(n + 4)}, where "+/-" means the selection of the "+" or "-" sign. Discuss the necessity of the new l(i), namely that a simplified private key is insecure if the new l(i) is a constant but not one-to-one function. Further, expound the sufficiency of the new l(i) from four aspects: (1) indeterminacy of the new l(i), (2) insufficient conditions for neutralizing the powers of W and W ^-1 even if Omega = {5, 6, ..., n + 4}, (3) verification by examples, and (4) running times of continued fraction attack and W-parameter intersection attack which are the two most efficient algorithms of the probabilistic polytime attacks so far. Last, the authors detail the relation between a lever function and a random oracle.Comment: 13 page

Time Complexities of Multiple-precision Modular Operations and Related Ratios

Modular arithmetic used for cryptography includes modular adding, modular subtracting, modular multiplying, modular inverting, modular exponentiating etc. In this paper, the authors well analyze the bit complexity of a bitwise modular operation and the time complexity of a non-bitwise modular operation. Besides discuss the clock cycles for one bytewise modular operation utilizing directives from the ATmel 8-bit AVR instruction set. Last, reveal that the ratio of derivate numbers of clock cycles for two modular operations under different modulus lengths is almost a constant

Beauty of Cryptography: the Cryptographic Sequences and the Golden Ratio

In this paper, the authors construct a new type of cryptographic sequence which is named an extra-super increasing sequence, and give the definitions of the minimal super increasing sequence {a[1], a[2], ..., a[n]} and minimal extra-super increasing sequence {z[1], z[2], ..., z[n]}. Prove that the minimal extra-super increasing sequence is the odd-positioned subsequence of the Fibonacci sequence, namely {z[1], z[2], ..., z[n], ...} = {F[1], F[3], ..., F[2n-1], ...}, which indicates that the approach to the golden ratio phi through the term difference ratio (z[n+1] - z[n]) / z[n] is more smooth and expeditious than through the term ratio (F[n+1] / F[n]). Further prove that the limit of the term ratio difference between the two cryptographic sequences equals the golden ratio conjugate PHI, namely lim (n to infinity) (z[n+1] / z[n] - a[n+1] / a[n]) = PHI, which reveals the beauty of cryptography

A 128-bit Block Cipher Based on Three Group Arithmetics

Enlightened by the IDEA block cipher, the authors put forward a symmetric key cryptosystem called REESSE3+ based on three group arithmetics: addition modulo 2 (bit XOR), addition modulo 2 ^ 16, and multiplication modulo 2 ^ 16 + 1. Different from IDEA, REESSE3+ uses a 128-bit block, a 256-bit key, and a renovative round function. The authors describe the REESSE3+ cipher algorithm in the graph, and expound the encryption subkeys, encryption operation, decryption subkeys, and decryption operation. Further, demonstrate the correctness of the REESSE3+ cipher algorithm, and analyze the security of REESSE3+ from four aspects. The measures for assuring the security of REESSE3+ cover those for assuring the security of IDEA, which indicates that the ability of REESSE3+ in resisting differential cryptanalysis should be at least equivalent to that of IDEA. Moreover, experiments show that a mini-version of REESSE3+ is immune to differential cryptanalysis, thus it may be expected that REESSE3+ is secure against differential attack after 8 rounds

A Lightweight Hash Function Resisting Birthday Attack and Meet-in-the-middle Attack

To examine the integrity and authenticity of an IP address efficiently and economically, this paper proposes a new non-Merkle-Damgard structural (non-MDS) hash function called JUNA that is based on a multivariate permutation problem and an anomalous subset product problem to which no subexponential time solutions are found so far. JUNA includes an initialization algorithm and a compression algorithm, and converts a short message of n bits which is regarded as only one block into a digest of m bits, where 80 <= m <= 232 and 80 <= m <= n <= 4096. The analysis and proof show that the new hash is one-way, weakly collision-free, and strongly collision-free, and its security against existent attacks such as birthday attack and meet-in-the- middle attack is to O(2 ^ m). Moreover, a detailed proof that the new hash function is resistant to the birthday attack is given. Compared with the Chaum-Heijst-Pfitzmann hash based on a discrete logarithm problem, the new hash is lightweight, and thus it opens a door to convenience for utilization of lightweight digital signing schemes

A Public Key Cryptoscheme Using Bit-pair Shadows

This paper gives the definition and property of a bit-pair shadow, and devises the three algorithms of a public key cryptoscheme called JUOAN that is based on a multivariate permutation problem and an anomalous subset product problem to which no subexponential time solutions are found so far, and regards a bit-pair as a manipulation unit. The authors demonstrate that the decryption algorithm is correct, deduce the probability that a plaintext solution is nonunique is nearly zero, analyze the security of the new cryptoscheme against extracting a private key from a public key and recovering a plaintext from a ciphertext on the assumption that an integer factorization problem, a discrete logarithm problem, and a low-density subset sum problem can be solved efficiently, and prove that the new cryptoscheme using random padding and random permutation is semantically secure. The analysis shows that the bit-pair method increases the density D of a related knapsack to a number more than 1, and decreases the modulus length lgM of the new cryptoscheme to 464, 544, or 640