We investigate the subset-resilience problem, defined in 2002 by Reyzin and Reyzin to analyze their HORS signature scheme. We show that textbook HORS is insecure against adaptive attacks, and present a practical attack based on a greedy algorithm. We also describe weak messages for HORS, that map to smaller subsets than expected, and are thus easier to cover. This leads to an improved attack ag...

People had developed some attack methods to attack hash function. These methods need to choose some "differential pattern"[Dau05]. We present a way to restrict the collisions that hold the "differential pattern". At the same time, to build a hash function that meet the different needs, we propose a construction.

We study the security of a block cipher-based pseudorandom number generator, both in the black box world and in the physical world, separately. We first show that the construction is a secure PRNG in the ideal cipher model. Then, we demonstrate its security against a Bayesian side-channel key recovery adversary. As a main result, we show that our construction guarantees that the success rate of...

A proxy re-encryption scheme enables a proxy to re-encrypt a ciphertext and designate it to a delegatee. Proxy re-encryption schemes have been found useful in many applications, including e-mail forwarding, law-enforcement monitoring, and content distribution. Libert and Vergnaud presented the first construction of unidirectional proxy re-encryption scheme with chosen ciphertext security in the...

Environment safety measurements have resulted in use of peroxide as bleaching chemical in place of chlorine and chlorine dioxide. Concentration and composition of chemicals affects corrosion aspects, the suitability of existing plant metallurgy and materials of construction of bleach plants. Accordingly long term immersion and electrochemical corrosion tests were conducted on stainless steel 30...

recently, baghery et al. [1, 2] presented some attacks on two rfid protocols, namely yoon and jung et al. protocols, and proposed the improved version of them. however, in this note, we show that the improved version of the jung et al. protocol suffers from desynchronization attack and the improved version of the yoon's protocol suffers from secret disclosure attack. the success probabilit...

Tree-structures have been proposed for both the construction of block ciphers by Kam and Davida 7], and self-synchronous stream ciphers by K uhn 9]. Attacks on these ciphers have been given by An-derson 2] and Heys and Tavares 6]. In this paper it is demonstrated that a more eecient attack can be conducted when the underlying Boolean functions for the cells are known. It is shown that this atta...

In this paper, we analyze the complexity of the construction of the 2-diamond structure proposed by Kelsey and Kohno [9]. We point out a flaw in their analysis and show that their construction may not produce the desired diamond structure. We then give a more rigorous and detailed complexity analysis of the construction of a diamond structure. For this, we appeal to random graph theory, which a...

In this paper, we present a proof theory for attack trees. Attack trees are a well established and useful model for the construction of attacks on systems since they allow a stepwise exploration of high level attacks in application scenarios. Using the expressiveness of Higher Order Logic in Isabelle, we succeed in developing a generic theory of attack trees with a state-based semantics based o...