Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top

2005 | Book

The Second-Preimage Attack on MD4 Read chapter Read first chapter

Cryptology and Network Security

4th International Conference, CANS 2005, Xiamen, China, December 14-16, 2005. Proceedings

Editors: Yvo G. Desmedt, Huaxiong Wang, Yi Mu, Yongqing Li

Publisher: Springer Berlin Heidelberg

Book Series : Lecture Notes in Computer Science

Part of: Springer Professional "Wirtschaft+Technik" , Springer Professional "Technik" , Springer Professional "Wirtschaft"

Login to get access
insite
SEARCH

Table of Contents

Frontmatter

Cryptanalysis

The Second-Preimage Attack on MD4
Abstract
In Eurocrypt’05, Wang et al. presented new techniques to find collisions of Hash function MD4. The techniques are not only efficient to search for collisions, but also applicable to explore the second- preimage of MD4. About the second-preimage attack, they showed that a random message was a weak message with probability 2− 122 and it only needed a one-time MD4 computation to find the second-preimage corresponding to the weak message. A weak message means that there exits a more efficient attack than the brute force attack to find its second-preimage. In this paper, we find another new collision differential path which can be used to find the second-preimage for more weak messages. For any random message, it is a weak message with probability 2− 56, and it can be converted into a weak message by message modification techniques with about 227 MD4 computations. Furthermore, the original message is close to the resulting message (weak message), i.e, the Hamming weight of the difference for two messages is about 44.
Hongbo Yu, Gaoli Wang, Guoyan Zhang, Xiaoyun Wang
On the Security of Certificateless Signature Schemes from Asiacrypt 2003
Abstract
In traditional digital signature schemes, certificates signed by a trusted party are required to ensure the authenticity of the public key. In Asiacrypt 2003, the concept of certificateless signature scheme was introduced. In the new paradigm, the necessity of certificates has been successfully removed. The security model for certificateless cryptography was also introduced in the same paper. However, as we shall show in this paper, the proposed certificateless signature is insecure in their defined model. We provide an attack that can successfully forge a certificateless signature in their model. We also fix this problem by proposing a new scheme.
Xinyi Huang, Willy Susilo, Yi Mu, Futai Zhang
On the Security of a Group Signcryption Scheme from Distributed Signcryption Scheme
Abstract
Signcryption denotes a cryptographic method, which can process encryption and digital signature simultaneously. So, adopting such schemes, computational cost of encryption and signature compared to traditional signature-then-encryption can be reduced to a great extent. Based on the existing distributed signcryption schemes, Kwak and Moon proposed a new distributed signcryption scheme with sender ID confidentiality and extended it to a group signcryption. Their scheme is more efficient in both communication and computation aspects. Unfortunately we will demonstrate that their scheme is insecure by identifying some security flaws. Exploring these flaws, an attacker without any secret can mount universal forging attacks. That is, anyone (not necessary the group member) can forge valid group signatures on arbitrary messages of his/her choice.
Haiyong Bao, Zhenfu Cao, Haifeng Qian
Cryptanalysis of Two Group Key Management Protocols for Secure Multicast
Abstract
Many emerging network applications are based upon group communication models and are implemented as either one-to-many or many-to-many multicast. As a result, providing multicast confidentiality is a critical networking issue and multicast security has become an active research area. To secure the sessions, a common group key is maintained to encrypt the traffic, and the key is updated whenever a new member joins the group or an existing member leaves. In this paper we analyze the security of a centralized key distribution protocol for one-to-many multicast and a decentralized key agreement protocol for many-to-many multicast. We show that they both fail to provide forward and backward security. The first protocol is revealed to be vulnerable to a single adversary due to an algorithmic issue. The second protocol, however, is subject to sophisticated collusion. Remedial approaches are proposed for both key management schemes to effectively resist relevant attacks.
Wen Tao Zhu
Security Analysis of Password-Authenticated Key Agreement Protocols
Abstract
Recently, there have been proposed a number of password-authenticated key agreement protocols for two-party setting or three-party setting. In this paper, we show that recently proposed three password-authenticated key agreement protocols in [11,12,10] are insecure against several active attacks including a stolen-verifier attack, an off-line password guessing attack and impersonation attacks.
Kyung-Ah Shim, Seung-Hyun Seo

Intrusion Detection and Viruses

An Immune-Based Model for Computer Virus Detection
Abstract
Inspired by biological immune systems, a new immune-based model for computer virus detection is proposed in this paper. Quantitative description of the model is given. A dynamic evolution model for self/nonself description is presented, which reduces the size of self set. Furthermore, an evolutive gene library is introduced to improve the generating efficiency of mature detectors, reducing the system time spending, false-negative and false-positive rates. Experiments show that this model has better time efficiency and detecting ability than the classical model ARTIS.
Tao Li, Xiaojie Liu, Hongbin Li
A New Model for Dynamic Intrusion Detection
Abstract
Building on the concepts and the formal definitions of self, nonself, antigen, and detector introduced in the research of network intrusion detection, the dynamic evolution models and the corresponding recursive equations of self, antigen, immune-tolerance, lifecycle of mature detectors, and immune memory are presented. Following that, an immune-based model, referred to as AIBM, for dynamic intrusion detection is developed. Simulation results show that the proposed model has several desirable features including self-learning, self-adaption and diversity, thus providing a effective solution for network intrusion detection.
Tao Li, Xiaojie Liu, Hongbin Li
Self Debugging Mode for Patch-Independent Nullification of Unknown Remote Process Infection
Abstract
The rapid increase of software vulnerabilities shows us the limitation of patch-dependent countermeasures for malicious code. We propose a patch-independent protection technique of remote infection which enables each process to identify itself with ”being infected” and nullify itself spontaneously. Our system is operating system independent and therefore does not need software rebuilding. Previously, no method for stopping malicious process without recompiling source code or rebuilding software has been proposed. In proposal system, target process is running under self debugging mode which is activated by enhancing debug() exception handler and utilizing MSR debug register. In this paper we show the effectiveness of proposal method by protecting the remote process infection without patching security holes. Implemention of device driver call back function and BranchIP recorder provides the real-time prevention of unregistered worm attack through Internet. In experiment, function test of stack buffer overflow of Win32.SQLExp.Worm is presented. Also CPU utilization corresponding to the number of calling function and some database operations is showed.
Ruo Ando, Yoshiyasu Takefuji
A New Unsupervised Anomaly Detection Framework for Detecting Network Attacks in Real-Time
Abstract
In this paper, we propose a new unsupervised anomaly detection framework for detecting network intrusions online. The framework consists of new anomalousness metrics named IP Weight and an outlier detection algorithm based on Gaussian mixture model (GMM). IP Weights convert the features of IP packets into a four-dimensional numerical feature space, in which the outlier detection takes place. Intrusion decisions are made based on the outcome of outlier detections. Two sets of experiments are conducted to evaluate our framework. In the first experiment, we conduct an offline evaluation based on the 1998 DARPA intrusion detection dataset, which detects 16 types of attacks out of a total of 19 network attack types. In the second experiment, an online evaluation is performed in a live networking environment. The evaluation result not only confirms the detection effectiveness with DARPA dataset, but also shows a strong runtime efficiency, with response times falling within seconds.
Wei Lu, Issa Traore

Authentication and Signature

ID-Based Aggregate Signatures from Bilinear Pairings
Abstract
Aggregate signature scheme was recently proposed by Boneh, Gentry, Lynn and Shacham, which presented a method for combining n signatures from n different signers on n different messages into one signature. In this paper, we propose an identity-based aggregate signature scheme based on the bilinear pairings. This enhances the efficiency of communication and signature verification process. We show that the security of our scheme is tightly related to the computational Diffie-Hellman assumption in the random oracle model.
Jing Xu, Zhenfeng Zhang, Dengguo Feng
Efficient Identity-Based Signatures and Blind Signatures
Abstract
In this paper, we first propose an efficient provably secure identity-based signature (IBS) scheme based on bilinear pairings, then propose an efficient identity-based blind signature (IBBS) scheme based on our IBS scheme. Assuming the intractability of the Computational Diffie-Hellman Problem, our IBS scheme is unforgeable under adaptive chosen-message and ID attack. Efficiency analyses show that our schemes can offer advantages in runtime over the schemes available. Furthermore, we show that, contrary to the authors claimed, Zhang and Kim’s scheme in ACISP 2003 is one-more forgeable, if the ROS-problem is solvable.
Zhenjie Huang, Kefei Chen, Yumin Wang
How to Authenticate Real Time Streams Using Improved Online/Offline Signatures
Abstract
Providing authentication protocols for real time streams is a challenging task. This is because the authentication rate is very important for real time streams, whereas it is usually a bottleneck. Using improved online/offline signatures and hash chain techniques as tools, our proposed protocol greatly reduces the online computational and communicational cost and thus is more applicable to authenticate real time streams.
Chong-zhi Gao, Zheng-an Yao
New Authentication Scheme Based on a One-Way Hash Function and Diffie-Hellman Key Exchange
Abstract
In 2004, Wu-Chieu proposed improvements to their original authentication scheme in order to strengthen it to withstand impersonation attacks. In 2005, Lee-Lin-Chang proposed improvements on Wu-Chieu’s original scheme so that not only could it withstand a forgery attack, but it required less computational costs and it was suitable for mobile communication. The current paper, however, demonstrates that Wu-Chieu’s improved scheme is vulnerable to an off-line password guessing attack and an impersonation attack by the use of a stolen smart card. Also, we demonstrates that Lee-Lin-Chang’s scheme is vulnerable to a forgery attack. Furthermore, we present a new authentication scheme based on a one-way hash function and Diffie-Hellman key exchange in order to isolate such problems and to provide mutual authentication between the user and the remote system.
Eun-Jun Yoon, Kee-Young Yoo

Signcryption

Two Proxy Signcryption Schemes from Bilinear Pairings
Abstract
Proxy signcryption is a cryptographic primitive which combines the functionalities of a proxy signature scheme and a signcryption scheme. In this paper, based on bilinear pairings, we would like to propose two efficient proxy singcryption schemes. One is certificate based and the other is identity based. Also we analyze the two proposed schemes from efficiency point of view. We show that the certificate based scheme achieves great efficiency in terms of communication cost and computation overhead. And the identity based scheme is much more efficient than the scheme proposed by Li and Chen. What’s more, we also argument that the two proposed schemes are secure in the random oracle model without a secure channel.
Qin Wang, Zhenfu Cao
Constructing Secure Warrant-Based Proxy Signcryption Schemes
Abstract
Proxy signcryption, proposed by Gamage et al. [1], is a cryptographic primitive, which combines the functionality of a proxy signature scheme with that of an encryption. But to date, no formal definitions of security have been provided. In this paper, we first propose the syntax of warrant-based proxy signcryption scheme, then formalize notions of security for it. After that, we present a warrant-based proxy signcryption scheme based on integer factorization assumption.
Yuan Zhou, Zhenfu Cao, Rongxing Lu

E-mail Security

Design and Implementation of an Inline Certified E-mail Service
Abstract
Nowadays, e-mail has become one of the most widely used communication medium. Because of its characteristics of inexpensivity and rapidity in the delivery of messages, e-mail is increasingly used in place of ordinary mail. However, the e-mail service exposes users to several risks related to the lack of security during the message exchange. Furthermore, regular mail offers services which are usually not provided by e-mail, and which are of crucial importance for “official” events.
Certified e-mail tries to provide users with additional guarantees on the content and the delivery of the messages, making e-mail equivalent and in some cases more convenient than the ordinary paper-based mail service. In literature, several distributed protocols for certified e-mail have been proposed, relying on an inline trusted third party to ensure the fairness of the protocol. In such protocols, the is actively involved in each message exchange. In this paper we provide a novel inline certified e-mail protocol which satisfies all the most important requirements which have been discussed for certified e-mail. Furthermore, we discuss a prototype implementation of our protocol targeted to the Windows platform.
Stelvio Cimato, Clemente Galdi, Raffaella Giordano, Barbara Masucci, Gildo Tomasco
Efficient Identity-Based Protocol for Fair Certified E-mail Delivery
Abstract
Certified e-mail delivery has become one of the basic requirement in performing business transactions over the Internet securely. How to construct efficient fair protocols for certified e-mail delivery is of great interest. The notion of identity based cryptosystem has attracted much interest since its introduction by Shamir in 1984, as it eliminates the need of certificates and simplifies the key management. In this paper, we propose a fair protocol for certified e-mail delivery based on identity-based signatures. A semi-trust third party (TTP) is involved in our protocol to ensure fairness, who does not need to store anything except its own private-key. There is no need for an additional registration between users and TTP. The proposed scheme is the first identity-based protocol with such a concise frame and is computation- and communication-efficient.
Zhenfeng Zhang, Jing Xu, Dengguo Feng

Cryptosystems

Similar Keys of Multivariate Quadratic Public Key Cryptosystems
Abstract
Most multivariate schemes have potentially much higher performance than other public key cryptosystems[15] [4] [1] [2]. Wolf and Preneel [16] show multivariate quadratic public key schemes have many equivalent keys and provide some transformations to identify the keys. In this paper, we propose the idea of similar keys of MQ-based public key cryptosystems(PKCs) and provide a method to reduce the size of private key in MQ-based PKCs to 50% ~ 70% of its original size. And our method is generic for most MQ-based PKCs except for UOV-like and STS-like schemes. Moreover, our method remains the equivalent security and efficiency with original MQ-based PKCs.
Yuh-Hua Hu, Lih-Chung Wang, Chun-Yen Chou, Feipei Lai
A Note on Signed Binary Window Algorithm for Elliptic Curve Cryptosystems
Abstract
The window algorithms for various signed binary representations have been used to speed up point multiplication on elliptic curves. While there’s been extensive research on the non-adjacent form, little attention has been devoted to non-sparse optimal signed binary representations. In the paper, we prove some properties of non-sparse optimal signed binary representations and present a precise analysis of the non-sparse signed window algorithm. The main contributions are described as follows. Firstly, we attain the lower bound k+1/3 of the expected length of non-sparse optimal signed binary representations of k-bit positive integers. Secondly, we propose a new non-sparse signed window partitioning algorithm. Finally, we analyze Koyama-Tsuruoka’s non-sparse signed window algorithm and the proposed algorithm and compare them with other methods. The upper bound \(\frac{5}{6}\cdot 2^{w-1} -1+\frac{(-1)^{w}}{3}\) of the number of precomputed windows of the non-sparse signed window algorithms is attained.
Fanyu Kong, Daxing Li
Constructions of Almost Resilient Functions
Abstract
The relation between almost resilient function and its component functions is investigated in this paper. We prove that if each nonzero linear combination of f 1,f 2,⋯,f m is an ε-almost(n,1,k)-resilient function, then F=(f 1,f 2,⋯,f m ) is a \(\frac{2^{m}-1}{2^{m}-1}\epsilon\)-almost(n,m,k)-resilient function. In the case ε equals 0, the theorem gives another proof of Linear Combination Lemma for resilient functions. As applications of this theorem, we introduce a method to construct a balanced \(\frac{9}{2}\epsilon\)-almost (3n,2,2k+1)-resilient function from a balanced ε-almost (n,1,k)-resilient function and present a method of improving the degree of the constructed functions with a small trade-off in the nonlinearity and resiliency. At the end of this paper, the relation between balanced almost CI function and its component functions are also concluded.
Pin-Hui Ke, Tai-Lin Liu, Qiao-Yan Wen

Privacy and Tracing

A Novel Method to Maintain Privacy in Mobile Agent Applications
Abstract
Two methods to implement privacy in network communication, anonymity and DCSC (data confidentiality and secure computation) are analysed and compared in regard to privacy in mobile agent applications. It is illustrated that privacy through DCSC is more suitable in mobile agent applications. To support this conclusion, privacy is concretely implemented in a bidding mobile agent scheme in this paper. Success of this example demonstrates that privacy can be practically achieved in mobile agent applications through DCSC without compromising the advantage of mobile agent.
Kun Peng, Ed Dawson, Juanma Gonzalez Nieto, Eiji Okamoto, Javier López
Non-expanding Transaction Specific Pseudonymization for IP Traffic Monitoring
Abstract
This paper presents a scheme for transaction pseudonymization of IP address data in a distributed passive monitoring infrastructure. The approach provides high resistance against traffic analysis and injection attacks, and it provides a technique for gradual release of data through a key management scheme. The scheme is non-expanding, and it should be suitable for hardware implementations for high-bandwidth monitoring systems.
Lasse Øverlier, Tønnes Brekne, André Årnes

Information Hiding

Revaluation of Error Correcting Coding in Watermarking Channel
Abstract
Robustness is one of the most important issues in digital watermarking. By modeling digital watermarking as digital communications, several researchers proposed using error correcting coding (ECC) to improve watermark robustness. However, the following important facts are neglected. i) The robust watermark channel suffers from a very high bit error ratio (BER), which may exceed the capability of ECC; ii) Due to the imperceptibility requirement, the redundancy introduced by ECC will lead to a decrease of the watermark magnitude. Could the usage of ECC effectively improve the robustness of watermark? This paper addresses this problem from the perspectives of both theoretical analysis and experiments. Our investigation shows that ECC cannot effectively improve the robustness of watermarking against a vast majority of various attacks except for cropping and jitter attacks. Hence, ECC should not be considered as a universal method applied to enhance the watermark robustness.
Limin Gu, Yanmei Fang, Jiwu Huang

Firewalls, Denial of Service and DNS Security

On the Performance and Analysis of DNS Security Extensions
Abstract
The Domain Name System (DNS) is an essential component of the critical infrastructure of the Internet. The role of DNS is vital, as it is involved in virtually every Internet transaction. It is sometimes remarked that DNS works well as it is now and any changes to it may disrupt its functionality and add complexity. However, due to its importance, an insecure DNS is unacceptable for current and future networks. The astonishing simplicity of mounting an attack against the DNS and the damaging potential of such an attack should convince practitioners and system administrators to employ a secure version of DNS. However, security comes with a cost. In this paper, we examine the performance of two proposals for secure DNS and we discuss the advantages and disadvantages of both. In particular, we analyze the impact that security measures have on the performance of DNS. While it is clear that adding security will lower DNS performance, our results show that the impact of security can be mitigated by deploying different security extensions at different levels in the DNS tree.
We also describe the first implementation of the SK-DNSSEC [1] protocol. The code is freely downloadable and released under an open-source license.
Reza Curtmola, Aniello Del Sorbo, Giuseppe Ateniese
On Securing RTP-Based Streaming Content with Firewalls
Abstract
Delivery of real-time streaming content is an increasingly important Internet application. Applications involved in processing streaming content may have exploitable vulnerabilities, as many other applications have been discovered to have, and using a firewall to filter out malicious traffic may provide some benefit. However, as these applications largely rely on traffic carried by RTP/UDP, firewalls that are unaware of the behaviour of RTP data streams have difficulties in filtering out malicious traffic injected into a stream by an attacker. In this paper, we observe a vulnerability in the current RTP protocol which allows an attacker to inject malicious traffic into a data stream, and present a scheme that allows a stateful firewall that keeps state from RTP packets to detect such malicious traffic. Our technique uses non-static fields such as RTP sequence numbers to improve the inspection scheme by modelling streaming traffic and detecting malicious streams based on deviation for this model. We show effectiveness of our approach by giving the results of our experiments.
Liang Lu, Rei Safavi-Naini, Jeffrey Horton, Willy Susilo
Safeguard Information Infrastructure Against DDoS Attacks: Experiments and Modeling
Abstract
Nowadays Distributed Denial of Service (DDoS) attacks have made one of the most serious threats to the information infrastructure. In this paper we firstly present a new filtering approach, Mark-Aided Distributed Filtering (MADF), which is to find the network anomalies by using a back-propagation neural network, deploy the defense system at distributed routers, identify and filtering the attack packets before they can reach the victim; and secondly propose an analytical model for the interactions between DDoS attack party and defense party, which allows us to have a deep insight of the interactions between the attack and defense parties. According to the experimental results, we find that MADF can detect and filter DDoS attack packets with high sensitivity and accuracy, thus provide high legitimate traffic throughput and low attack traffic throughput. Through the comparison between experiments and numerical results, we also demonstrate the validity of the analytical model that can precisely estimate the effectiveness of a DDoS defense system before it encounters different attacks.
Yang Xiang, Wanlei Zhou

Trust Management

Distributed Credential Chain Discovery in Trust-Management with Parameterized Roles
Abstract
Trust-management subjects face the problem of discovering credential chain. In this paper, the distributed credential chain discovery algorithms in trust-management with parameterized roles are proposed. The algorithms extend the RT0’s and are goal-oriented also. Based on the concept of parameterized roles in RT1, they search the credential graph via the constant matching and variable solving mechanisms. The algorithms can perform chain discovery in most trust-management systems and can support the protection of access control policies during automated trust negotiation. Soundness and completeness of the algorithms are given.
Xian Zhu, Shaobin Wang, Fan Hong, Junguo Liao
Backmatter
Metadata
Title
Cryptology and Network Security
Editors
Yvo G. Desmedt
Huaxiong Wang
Yi Mu
Yongqing Li
Copyright Year
2005
Publisher
Springer Berlin Heidelberg
Electronic ISBN
978-3-540-32298-6
Print ISBN
978-3-540-30849-2
DOI
https://doi.org/10.1007/11599371

Premium Partner

    Image Credits