Cryptanalysis of an Encryption Scheme Based on Blind Source Separation

Recently Lin et al. proposed a method of using the underdetermined BSS (blind source separation) problem to realize image and speech encryption. In this paper, we give a cryptanalysis of this BSS-based encryption and point out that it is not secure against known/chosen-plaintext attack and chosen-ciphertext attack. In addition, there exist some other security defects: low sensitivity to part of the key and the plaintext, a ciphertext-only differential attack, divide-and-conquer (DAC) attack on part of the key. We also discuss the role of BSS in Lin et al.'s efforts towards cryptographically secure ciphers.Comment: 8 pages, 10 figures, IEEE forma

On the security of the Yen-Guo's domino signal encryption algorithm (DSEA)

Recently, a new domino signal encryption algorithm (DSEA) was proposed for digital signal transmission, especially for digital images and videos. This paper analyzes the security of DSEA, and points out the following weaknesses: 1) its security against the brute-force attack was overestimated; 2) it is not sufficiently secure against ciphertext-only attacks, and only one ciphertext is enough to get some information about the plaintext and to break the value of a sub-key; 3) it is insecure against known/chosen-plaintext attacks, in the sense that the secret key can be recovered from a number of continuous bytes of only one known/chosen plaintext and the corresponding ciphertext. Experimental results are given to show the performance of the proposed attacks, and some countermeasures are discussed to improve DSEA.Comment: 11 pages, 5 figure

On the Security of the Yi-Tan-Siew Chaos-Based Cipher

This paper presents a comprehensive analysis on the security of the Yi-Tan-Siew chaotic cipher proposed in [IEEE TCAS-I 49(12):1826-1829 (2002)]. A differential chosen-plaintext attack and a differential chosen-ciphertext attack are suggested to break the sub-key K, under the assumption that the time stamp can be altered by the attacker, which is reasonable in such attacks. Also, some security Problems about the sub-keys $\alpha$ and $\beta$ are clarified, from both theoretical and experimental points of view. Further analysis shows that the security of this cipher is independent of the use of the chaotic tent map, once the sub-key $K$ is removed via the proposed suggested differential chosen-plaintext attack.Comment: 5 pages, 3 figures, IEEEtrans.cls v 1.

Security of a biometric identity-based encryption scheme

Biometric identity-based encryption (Bio-IBE) is a kind of fuzzy identity-based encryption (fuzzy IBE) where a ciphertext encrypted under an identity w' can be decrypted using a secret key corresponding to the identity w which is close to w' as measured by some metric. Recently, Yang et al. proposed a constant-size Bio-IBE scheme and proved that it is secure against adaptive chosen-ciphertext attack (CCA2) in the random oracle model. Unfortunately, in this paper, we will show that their Bio-IBE scheme is even not chosen-plaintext secure. Specifically, user w using his secret key is able to decrypt any ciphertext encrypted under an identity w' even though w is not close to w'.Comment: Journal version of the paper will be appearing in International Journal of Network Securit

Unforgeable Quantum Encryption

We study the problem of encrypting and authenticating quantum data in the presence of adversaries making adaptive chosen plaintext and chosen ciphertext queries. Classically, security games use string copying and comparison to detect adversarial cheating in such scenarios. Quantumly, this approach would violate no-cloning. We develop new techniques to overcome this problem: we use entanglement to detect cheating, and rely on recent results for characterizing quantum encryption schemes. We give definitions for (i.) ciphertext unforgeability , (ii.) indistinguishability under adaptive chosen-ciphertext attack, and (iii.) authenticated encryption. The restriction of each definition to the classical setting is at least as strong as the corresponding classical notion: (i) implies INT-CTXT, (ii) implies IND-CCA2, and (iii) implies AE. All of our new notions also imply QIND-CPA privacy. Combining one-time authentication and classical pseudorandomness, we construct schemes for each of these new quantum security notions, and provide several separation examples. Along the way, we also give a new definition of one-time quantum authentication which, unlike all previous approaches, authenticates ciphertexts rather than plaintexts.Comment: 22+2 pages, 1 figure. v3: error in the definition of QIND-CCA2 fixed, some proofs related to QIND-CCA2 clarifie