A Practical and Secure Stateless Order Preserving Encryption for Outsourced Databases

Order-preserving encryption (OPE) plays an important role in securing outsourced databases. OPE schemes can be either Stateless or Stateful. Stateful schemes can achieve the ideal security of order-preserving encryption, i.e., “reveal no information about the plaintexts besides order.” However, comparing to stateless schemes, stateful schemes require maintaining some state information locally besides encryption keys and the ciphertexts are mutable. On the other hand, stateless schemes only require remembering encryption keys and thus is more efficient. It is a common belief that stateless schemes cannot provide the same level of security as stateful ones because stateless schemes reveal the relative distance among their corresponding plaintext. In real world applications, such security defects may lead to the leakage of statistical and sensitive information, e.g., the data distribution, or even negates the whole encryption. In this paper, we propose a practical and secure stateless order-preserving encryption scheme. With prior knowledge of the data to be encrypted, our scheme can achieve IND-CCPA (INDistinguishability under Committed ordered Chosen Plaintext Attacks) security for static data set. Though the IND-CCPA security can\u27t be met for dynamic data set, our new scheme can still significantly improve the security in real world applications. Along with the encryption scheme, in this paper we also provide methods to eliminate access pattern leakage in communications and thus prevents some common attacks to OPE schemes in practice

Security Analysis of Shim\u27s Authenticated Key Agreement Protocols from Pairings

Recently, Shim proposed a tripartite authenticated key agreement protocol from Weil pairing to overcome the security flaw in Joux\u27s protocol. Later, Shim also proposed an ID-based authenticated key agreement protocol which is an improvement of Smart\u27s protocol in order to provide the forward secrecy. In this paper, we show that these two protocols are insecure against the key-compromise impersonation attack and the man-in-the-middle attack respectively

A Shoulder Surfing Resistant Graphical Authentication System

Authentication based on passwords is used largely in applications for computer security and privacy. However, human actions such as choosing bad passwords and inputting passwords in an insecure way are regarded as ”the weakest link” in the authentication chain. Rather than arbitrary alphanumeric strings, users tend to choose passwords either short or meaningful for easy memorization. With web applications and mobile apps piling up, people can access these applications anytime and anywhere with various devices. This evolution brings great convenience but also increases the probability of exposing passwords to shoulder surfing attacks. Attackers can observe directly or use external recording devices to collect users’ credentials. To overcome this problem, we proposed a novel authentication system PassMatrix, based on graphical passwords to resist shoulder surfing attacks. With a one-time valid login indicator and circulative horizontal and vertical bars covering the entire scope of pass-images, PassMatrix offers no hint for attackers to figure out or narrow down the password even they conduct multiple camera-based attacks. We also implemented a PassMatrix prototype on Android and carried out real user experiments to evaluate its memorability and usability. From the experimental result, the proposed system achieves better resistance to shoulder surfing attacks while maintaining usability

On the Improvement of Wiener Attack on RSA with Small Private Exponent

RSA system is based on the hardness of the integer factorization problem (IFP). Given an RSA modulus N=pq, it is difficult to determine the prime factors p and q efficiently. One of the most famous short exponent attacks on RSA is the Wiener attack. In 1997, Verheul and van Tilborg use an exhaustive search to extend the boundary of the Wiener attack. Their result shows that the cost of exhaustive search is 2r+8 bits when extending the Weiner's boundary r bits. In this paper, we first reduce the cost of exhaustive search from 2r+8 bits to 2r+2 bits. Then, we propose a method named EPF. With EPF, the cost of exhaustive search is further reduced to 2r-6 bits when we extend Weiner's boundary r bits. It means that our result is 214 times faster than Verheul and van Tilborg's result. Besides, the security boundary is extended 7 bits

Templated fabrication of large area subwavelength antireflection gratings on silicon

We report a cheap and scalable bottom-up technique for fabricating wafer-scale, subwavelength-structured antireflection coatings on single-crystalline silicon substrates. Spin-coated monolayer colloidal crystals are utilized as shadow masks to generate metallic nanohole arrays. Inverted pyramid arrays in silicon can then be templated against nanoholes by anisotropic wet etching. The resulting subwavelength gratings greatly suppress specular reflection at normal incidence. The reflection spectra for flat silicon and the templated gratings at long wavelengths agree well with the simulated results using a rigorous coupled wave analysis model. These subwavelength gratings are of great technological importance in crystalline silicon solar cells