The weak password problem: chaos, criticality, and encrypted p-CAPTCHAs

Vulnerabilities related to weak passwords are a pressing global economic and security issue. We report a novel, simple, and effective approach to address the weak password problem. Building upon chaotic dynamics, criticality at phase transitions, CAPTCHA recognition, and computational round-off errors we design an algorithm that strengthens security of passwords. The core idea of our method is to split a long and secure password into two components. The first component is memorized by the user. The second component is transformed into a CAPTCHA image and then protected using evolution of a two-dimensional dynamical system close to a phase transition, in such a way that standard brute-force attacks become ineffective. We expect our approach to have wide applications for authentication and encryption technologies.Comment: 5 pages, 6 figer

Applications of tripled chaotic maps in cryptography

Security of information has become a major issue during the last decades. New algorithms based on chaotic maps were suggested for protection of different types of multimedia data, especially digital images and videos in this period. However, many of them fundamentally were flawed by a lack of robustness and security. For getting higher security and higher complexity, in the current paper, we introduce a new kind of symmetric key block cipher algorithm that is based on \emph{tripled chaotic maps}. In this algorithm, the utilization of two coupling parameters, as well as the increased complexity of the cryptosystem, make a contribution to the development of cryptosystem with higher security. In order to increase the security of the proposed algorithm, the size of key space and the computational complexity of the coupling parameters should be increased as well. Both the theoretical and experimental results state that the proposed algorithm has many capabilities such as acceptable speed and complexity in the algorithm due to the existence of two coupling parameter and high security. Note that the ciphertext has a flat distribution and has the same size as the plaintext. Therefore, it is suitable for practical use in secure communications.Comment: 21 pages, 10 figure

Chosen-Plaintext Cryptanalysis of a Clipped-Neural-Network-Based Chaotic Cipher

In ISNN'04, a novel symmetric cipher was proposed, by combining a chaotic signal and a clipped neural network (CNN) for encryption. The present paper analyzes the security of this chaotic cipher against chosen-plaintext attacks, and points out that this cipher can be broken by a chosen-plaintext attack. Experimental analyses are given to support the feasibility of the proposed attack.Comment: LNCS style, 7 pages, 1 figure (6 sub-figures

Synchronization of spatiotemporal semiconductor lasers and its application in color image encryption

Optical chaos is a topic of current research characterized by high-dimensional nonlinearity which is attributed to the delay-induced dynamics, high bandwidth and easy modular implementation of optical feedback. In light of these facts, which adds enough confusion and diffusion properties for secure communications, we explore the synchronization phenomena in spatiotemporal semiconductor laser systems. The novel system is used in a two-phase colored image encryption process. The high-dimensional chaotic attractor generated by the system produces a completely randomized chaotic time series, which is ideal in the secure encoding of messages. The scheme thus illustrated is a two-phase encryption method, which provides sufficiently high confusion and diffusion properties of chaotic cryptosystem employed with unique data sets of processed chaotic sequences. In this novel method of cryptography, the chaotic phase masks are represented as images using the chaotic sequences as the elements of the image. The scheme drastically permutes the positions of the picture elements. The next additional layer of security further alters the statistical information of the original image to a great extent along the three-color planes. The intermediate results during encryption demonstrate the infeasibility for an unauthorized user to decipher the cipher image. Exhaustive statistical tests conducted validate that the scheme is robust against noise and resistant to common attacks due to the double shield of encryption and the infinite dimensionality of the relevant system of partial differential equations.Comment: 20 pages, 11 figures; Article in press, Optics Communications (2011