This paper presents two types of cryptanalysis on a MerkleDamg̊ard hash based MAC, which computes a MAC value of a message M by Hash(K‖`‖M) with a shared key K and the message length `. This construction is often called LPMAC. Firstly, we present a distinguishingH attack against LPMAC instantiating any narrow-pipe Merkle-Damg̊ard hash function with O(2) queries, which indicates the incorrectness ...

In this paper, we present the pseudo-collision, pseudo-second-preimage and pseudo-preimage attacks on the SHA-3 candidate algorithm Luffa. The pseudocollisions and pseudo-second-preimages can be found easily by computing the inverse of the message injection function at the beginning of Luffa. We explain in details the pseudo-preimage attacks. For Luffa-224/256, given the hash value, only 2 iter...

Digital image forgery is one of the problems that, besides many benefits, appears with widespread use of digital images in all areas of life. Unfortunately, with rapidly developing and increasingly more powerful hardware and software, not only is digital photography manipulation for legitimate goals easier, but also for the forgery. One well-known forgery of digital images is the so-called copy...

— In a network, for remote accessing to a database server (DB Server) user usually has an account with a username and a password. But in fact, the password can be lost, cracked, stolen and the authentication process can be attacked (man-inthe-middle attack...). Current approach for BioPKI system based on physiological characteristics of persons, known as biometrics, provide solutions to securit...

In this paper we discuss the security of digital signature schemes based on error– correcting codes. Several attacks to the Xinmei scheme are surveyed, and some reasons given to explain why the Xinmei scheme failed, such as the linearity of the signature and the redundancy of public keys. Another weakness is found in the Alabbadi–Wicker scheme, which results in a universal forgery attack agains...

In 2006, Hui-Feng Huang and Chin-Chen Chang proposed a novel efficient threshold proxy signature scheme based on Schnorr's scheme. In their scheme, the original signer could know who generated the threshold proxy signature and the receiver could certify the actuality of the proxy group signers who made the proxy signature. However, their scheme had some security weaknesses. In this paper, by id...

In 1996, a new cryptosystem called NTRU was introduced, related to the hardness of finding short vectors in specific lattices. At Eurocrypt 2001, the NTRU Signature Scheme (NSS), a signature scheme apparently related to the same hard problem, was proposed. In this paper, we show that the problem on which NSS relies is much easier than anticipated, and we describe an attack that allows efficient...

Modification of a digital image by adding or removing some of its elements using a wide variety of image processing tools results in image forgery. As a result authentication of originality of a digital image is becoming a challenging task. Copy-paste forgery is one of the forgeries belonging to context based forgery. Copy-Paste Forgery Detection (CPFD) aims at finding regions that have been co...

The cryptographic hash function SHA-256 is one member of the SHA-2 hash family, which was proposed in 2000 and was standardized by NIST in 2002 as a successor of SHA-1. Although the differential fault attack on SHA-1compression function has been proposed, it seems hard to be directly adapted to SHA-256. In this paper, an efficient algebraic fault attack on SHA-256 compression function is propos...

Cross-Site Scripting is one of the major’s attacks described by OWASP. The Cross Site Scripting attack is possible by inserting or changing the programming logic, changing and syntax of HTML elements by code injection attacks. The Web application is XSS Vulnerable when there is no proper input validation. The many web applications like social networking sites are the victims of this attack. Thi...