Proxy signature is an important cryptographic primitive and has been suggested in numerous applications. In this paper, we present an attack on the aggregate-signaturebased proxy signature schemes, then point out there are two flaws in BPW notion of security for proxy signature. Furthermore, we give arguments for partial delegation with warrant proxy signature schemes. We construct a new proxy ...

In 2013, Li et al. pointed out the security problems of Chen’s password authentication scheme. they proposed an enhanced smart card based remote user password authentication scheme and claimed their scheme is secure against replay attacks, forgery attacks. In this paper, we state that the scheme is vulnerable to user impersonation attack. It also suffers from user anonymity violation and clock ...

Lu and Su [Comm. Of the CCISA 12(1) (2006) pp.93-104] proposed an authenticated key agreement scheme in Ad hoc Networks. Their scheme based on Shamir’s ID-based cryptosystem and Okamoto’s key distribution system attempts concurrently to achieve two goals: (1) any mobile node A can authenticate the other one B, who is communicating with A, is illegitimate node or not, and (2) A and B can obtain ...

A new type of signature scheme, called NTRUSign, based on solving the approximately closest vector problem in a NTRU lattice was proposed at CT-RSA’03. However no security proof against chosen messages attack has been made for this scheme. In this paper, we show that NTRUSign signature scheme contains the weakness of malleability. From this, one can derive new valid signatures from any previous...

This paper proposes a new scheme for partially blind signature based on the difficulty in solving the discrete logarithm problem. Under the assumption of the generic model, random oracle model, and intractable ROS-problem, this paper formally proves that the proposed scheme is secure against one-more signature forgery under the adaptively parallel attack. Previous schemes using two signing equa...

With multimedia developing rapidly, copyright protection and authentication is more and more important. Digital watermark is one of the most efficient methods to protect multimedia products. Print and scan attack is a challenging problem for most of digital watermarks. In this paper, the geometric distortion and halftone in print-and-scan process is analyzed for the sake of presenting a model o...

Cross Site Request Forgery (XSRF) is regarded as one of the major threats on the Web. In this paper, we propose an approach that automatically retrofits the source code of legacy web applications with a widely-used defense approach for this attack. Our approach addresses a number of shortcomings in prior blackbox solutions for automatic XSRF protection. Our approach has been implemented in a to...

A large variety of methods for using block ciphers, so called ‘modes of operation’, have been proposed, including some designed to provide both confidentiality and integrity protection. Such modes, usually known as ‘authenticated encryption’ modes, are increasingly important given the variety of issues now known with the use of unauthenticated encryption. In this paper we show that a mode known...

Radio Frequency Identification (RFID) system is a contact less automatic identification system that has attracted much attention recently. It consists of RFID tags, RFID reader and back-end server. The information stored in the RFID tag is easily exposed to the outside world. So various types of attacks are possible such as bruteforce attack, eavesdropping and man-in-the-middle attack. The adve...