A new attack is proposed to show that a specified group of verifiers can cooperate to forge the signature for any message by secret key substitution due to the leaked secret key or by the group public key adjustment because of the renewed members. This paper presents the improvement scheme which overcomes the security weakness of Laih and Yen's scheme.

When designing cryptographic schemes, we usually rely on the assumption that every bit of the secret key is secret. However, in practice, loss of secrecy can happen due to side-channel attacks. For example, an adversary can get secret information using timing attacks, acoustic attacks, or even by getting access to parts of the memory used by a cryptographic protocol such as in the “cold-boot at...

A multi-secret sharing scheme, which is based on one-dimensional reversible cellular automata with memory, allowing any member of a set of participants to share a secret color image with the rest of participants is presented. Moreover, it is also explained that with this scheme, any participant is able to recover all the secret color images if and only if the whole set of participants pools the...

We present the first physical side-channel attack on elliptic curve cryptography running on a PC. The attack targets the ECDH public-key encryption algorithm, as implemented in the latest version of GnuPG’s Libgcrypt. By measuring the target’s electromagnetic emanations, the attack extracts the secret decryption key within seconds, from a target located in an adjacent room across a wall. The at...

Guo et al. recently presented a reaction attack against the QC-MDPC McEliece cryptosystem. Their attack is based on the observation that when a bit-flipping decoding algorithm is used in the QC-MDPC McEliece, then there exists a dependence between the secret matrix H and the failure probability of the bit-flipping algorithm. This dependence can be exploited to reveal the matrix H which constitu...

We show that RSA implementation present in OpenSSL can be successfully attacked using sidechannels. In OpenSSL, the modular exponentiation is implemented using m-ary method, where a table of size 2m entries is precomputed. The exponent is divided into words of m-bits each and the algorithm proceeds one word at a time using the precomputed table. Furthermore, to protect against side-channel atta...

In an identity-based proxy re-encryption scheme, a semi-trusted proxy can convert a ciphertext under Alice’s public identity into a ciphertext for Bob. The proxy does not know the secret key of Alice or Bob, and also does not know the plaintext during the conversion. In identity-based proxy re-encryption, the collusion of the proxy and a delegatee may result in the decryption of ciphertext for ...

Generating secret keys using physical properties of the wireless channel has recently become a popular research area. The main security assumption of these protocols is that a sufficiently distant adversary is unable to guess a generated secret due to the unpredictable behavior of multipath signal propagation. In this paper, we introduce a practical and efficient man-in-the-middle attack agains...