COPA is a block-cipher-based authenticated encryption mode with a provable birthday-bound security under the assumption that the underlying block cipher is a strong pseudorandom permutation, and its instantiation with the AES block cipher is called AES-COPA. Marble is an AES-based COPA-like authenticated encryption algorithm with a full security. In this paper, we analyse the security of COPA a...

In this note, we present a full key recovery attack on HMACAURORA-512 when 512-bit secret keys are used and the MAC length is 512-bit long. Our attack requires 2 queries and the off-line complexity is 2 AURORA-512 operations, which is significantly less than the complexity of the exhaustive search for a 512-bit key. The attack can be carried out with a negligible amount of memory. Our attack ca...

In this paper, we present a new identity-based signature scheme with message recovery based on bilinear map. Our scheme is proved secure against existential forgery on adaptive chosen message and ID attack under the random oracle model. This new scheme shortens the total length of the original message and the appended signature and adapts to the ubiquitous network scenario very well.

This paper presents a new signature forgery strategy. The attack is a sophisticated variant of Desmedt-Odlyzko’s method [11] where the attacker obtains the signatures of m1, . . . , mτ−1 and exhibits the signature of an mτ which was never submitted to the signer; we assume that all messages are padded by a redundancy function μ before

Radio frequency identification systems need protocols to provide confidentiality, user privacy, mutual authentication and etc. These protocols should resist active and passive attacks such as forgery, traceability, replay and desynchronization attacks. In this paper we cryptanalysis a hash based RFID mutual authentication protocol which has been recently proposed by Cho et al. More precisely, w...

After decades of evolution, the cellular system has become an indispensable part of modern life. Together with the convenience brought by the cellular system, many security issues have arisen. Message integrity protection is one of the urgent problems. The integrity of a message is usually protected by message authentication code (MAC). Forgery attacks are the primary threat to message integrit...

In 2005, Lee-Lin-Chang proposed a low computation cost user authentication scheme for mobile communication. However, the current paper demonstrates the vulnerability of Lee-Lin-Chang’s scheme to a forgery attack, where an attacker can easily masquerade other legal users to access the resources at a remote system and then presents an simple solution to isolate such a problem.

In the Web 2.0 generation, network system faced the racket “Web attack”. Traditional network security devices like Firewall and Intrusion Detection System deal can hardly confront the threat of Web attacks since Hackers often use multi-level or multi-type encoding attack to evade Intrusion Detection Systems. The Intrusion Detection System usually uses the attack signature and Regular Expression...

Abstract Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2006, Khan et al.[12] proposed an improved fingerprint-based remote user authentication scheme using smart cards that is achieved mutual authentication between the user and the server, while eliminating the drawback of Lee...

Password security can no longer provide enough security in the area of remote user authentication. Considering this security drawback, researchers are trying to find solution with multifactor remote user authentication system. Recently, three factor remote user authentication using biometric and smart card has drawn a considerable attention of the researchers. However, most of the current propo...