Peris-Lopez et al. recently provides some guidelines that should be followed to design a secure yoking-proof protocol [10]. In addition, conforming to those guidelines and EPC C1 G2, they presented a yoking-proof for low-cost RFID tags, named Kazahaya. However, in this letter, we scrutinize its security showing how an passive adversary can retrieve secret parameters of patient’s tag in cost of ...

Provable Data Possession (PDP) enables cloud users to verify the integrity of their outsourced data without retrieving the entire file from cloud servers. At present, to execute data checking, many PDP schemes is delegated to some proxy to implement remote data possession checking task. Because the proxy may store some state information in cloud storage servers, it makes that many PDP scheme ar...

Signcryption is a cryptographic primitive which can offer simultaneously security requirements of confidentiality and authentication, and is more efficient than the traditional sign-then-encrypt way. Recently, Liu et al. proposed the first certificateless signcryption scheme in the standard model. However, their scheme is proved to have some security weaknesses. In this paper, we propose a corr...

Vehicular ad hoc network (VANETs) plays a major part in intelligent transportation to enhance traffic efficiency and safety. Security privacy are the essential matters needed be tackled due open communication channel. Most of existing schemes only provide message authentication without identity authentication, especially inability support forward secrecy which is security goal schemes. In this ...

Fake iris detection is to detect and defeat a fake (forgery) iris image input. To solve the problems of previous researches on fake iris detection, we propose the new method of detecting fake iris attack based on the Purkinje image. Especially, we calculated the theoretical positions and distances between the Purkinje images based on the human eye model and the performance of fake detection alg...

A simple and software-efficient algorithm for computing Message Authentication Codes for stream ciphers is described along with the analysis its security. The proposed algorithm was designed to employ some of the data already computed by the underlying stream cipher in the purpose of minimizing the computational cost of the operations required by the MAC algorithm. The performed analyses indica...

This paper proposes a new scheme for partially blind signature based on the difficulty in solving the discrete logarithm problem. Under the assumption of the generic model, random oracle model, and intractable ROS-problem, this paper formally proves that the proposed scheme is secure against one-more signature forgery under the adaptively parallel attack. Previous schemes using two signing equa...

An authenticated encryption allows the designated recipient to verify the authenticity while recovering the message. To protect the recipient’s benefit in case of a later dispute, a convertible authenticated encryption scheme allows the recipient to convert the authenticated encryption into an ordinary signature so that it becomes a publicly verifiable. This paper shows a universal forgery atta...

In this paper, we present universal forgery and key recovery attacks on the most popular hash-based MAC constructions, e.g., HMAC and NMAC, instantiated with an AES-like hash function Whirlpool. These attacks work with Whirlpool reduced to 6 out of 10 rounds in single-key setting. To the best of our knowledge, this is the first result on “original” key recovery for HMAC (previous works only suc...

In this paper, we present a universal forgery attack on Kang et al.’s identity-based strong designated verifier signature (IBSDVS) scheme. We show anyone can forge a valid IBSDVS on an arbitrary message without the knowledge of the private key of either the signer or the designated verifier. Moreover, we point out that Kang et al.’s scheme does not satisfy the properties of strongness and nonde...