Some hints for the design of digital chaos-based cryptosystems: lessons learned from cryptanalysis

In this work we comment some conclusions derived from the analysis of recent proposals on the field of chaos-based cryptography. These observations remark the main problems detected in some of those schemes under examination. Therefore, this paper is a list of what to avoid when considering chaos as source of new strategies to conceal and protect information

Unforgeable Quantum Encryption

We study the problem of encrypting and authenticating quantum data in the presence of adversaries making adaptive chosen plaintext and chosen ciphertext queries. Classically, security games use string copying and comparison to detect adversarial cheating in such scenarios. Quantumly, this approach would violate no-cloning. We develop new techniques to overcome this problem: we use entanglement to detect cheating, and rely on recent results for characterizing quantum encryption schemes. We give definitions for (i.) ciphertext unforgeability , (ii.) indistinguishability under adaptive chosen-ciphertext attack, and (iii.) authenticated encryption. The restriction of each definition to the classical setting is at least as strong as the corresponding classical notion: (i) implies INT-CTXT, (ii) implies IND-CCA2, and (iii) implies AE. All of our new notions also imply QIND-CPA privacy. Combining one-time authentication and classical pseudorandomness, we construct schemes for each of these new quantum security notions, and provide several separation examples. Along the way, we also give a new definition of one-time quantum authentication which, unlike all previous approaches, authenticates ciphertexts rather than plaintexts.Comment: 22+2 pages, 1 figure. v3: error in the definition of QIND-CCA2 fixed, some proofs related to QIND-CCA2 clarifie

Cryptanalysis of a new chaotic cryptosystem based on ergodicity

This paper analyzes the security of a recent cryptosystem based on the ergodicity property of chaotic maps. It is shown how to obtain the secret key using a chosen-ciphertext attack. Some other design weaknesses are also shown.Comment: 10 pages, 5 figure

A Novel Latin Square Image Cipher

In this paper, we introduce a symmetric-key Latin square image cipher (LSIC) for grayscale and color images. Our contributions to the image encryption community include 1) we develop new Latin square image encryption primitives including Latin Square Whitening, Latin Square S-box and Latin Square P-box ; 2) we provide a new way of integrating probabilistic encryption in image encryption by embedding random noise in the least significant image bit-plane; and 3) we construct LSIC with these Latin square image encryption primitives all on one keyed Latin square in a new loom-like substitution-permutation network. Consequently, the proposed LSIC achieve many desired properties of a secure cipher including a large key space, high key sensitivities, uniformly distributed ciphertext, excellent confusion and diffusion properties, semantically secure, and robustness against channel noise. Theoretical analysis show that the LSIC has good resistance to many attack models including brute-force attacks, ciphertext-only attacks, known-plaintext attacks and chosen-plaintext attacks. Experimental analysis under extensive simulation results using the complete USC-SIPI Miscellaneous image dataset demonstrate that LSIC outperforms or reach state of the art suggested by many peer algorithms. All these analysis and results demonstrate that the LSIC is very suitable for digital image encryption. Finally, we open source the LSIC MATLAB code under webpage https://sites.google.com/site/tuftsyuewu/source-code.Comment: 26 pages, 17 figures, and 7 table

Comment on "Exposed-Key Weakness of Alpha-Eta" [Phys. Lett. A 370 (2007) 131]

We show that the insecurity claim of the AlphaEta cryptosystem made by C. Ahn and K. Birnbaum in Phys. Lett. A 370 (2007) 131-135 under heterodyne attack is based on invalid extrapolations of Shannon's random cipher analysis and on an invalid statistical independence assumption. We show, both for standard ciphers and AlphaEta, that expressions of the kind given by Ahn and Birnbaum can at best be interpreted as security lower bounds.Comment: Published versio