Boliya L. Yang

Bio: Boliya L. Yang is an academic researcher from Nankai University. The author has contributed to research in topics: Plaintext-aware encryption & Encryption. The author has an hindex of 1, co-authored 1 publications receiving 53 citations.

Problems with a probabilistic encryption scheme based on chaotic systems

Abstract: Recently S. Papadimitriou et al. have proposed a new probabilistic encryption scheme based on chaotic systems. In this letter, we point out some problems with Papadimitriou et al.'s chaotic cryptosystem: (1) the size of the ciphertext and the plaintext cannot simultaneously ensure practical implementation and high security; (2) the estimated number of all possible virtual states is wrong; (3) the practical security to exhaustive attack is overestimated; (4) the fast encryption speed is dependent on the first defect; (5) problems about the dynamical degradation of digital chaotic systems; (6) no explicit indications are given to explain how to construct the virtual state space with the 2^d virtual attractors, the 2^e virtual states and the permutation matrix P. The detailed analyses and discussions on the above problems show that the proposed chaotic cipher is insecure and unpractical. Also, we give our suggestions on the design of general digital chaotic ciphers, and give some open topics in this area.

DOT-M: A Dual Offline Transaction Scheme of Central Bank Digital Currency for Trusted Mobile Devices (Extended Version)

Abstract: . In recent years, many major economies have paid close attention to central bank digital currency (CBDC). As an optional attribute of CBDC, dual offline transaction is considered to have great practical value under the circumstances for payment without network connection. However, there is no public report or paper on how to securely design or implement the dual offline transaction function specifically for CBDC. In this paper, we propose DOT-M, a practical dual offline transaction scheme designed for the mobile device user as either a payer or a payee. Precisely, adopting secure element (SE) and trusted execution environment (TEE), the architecture of trusted mobile device is constructed to protect security-sensitive keys and execution of the transaction protocol. According to the trusted architecture, the data structure for offline transaction is designed as well. On this basis, we describe the core procedures of DOT-M in detail, including registration, account synchronization, dual offline transaction, and online data updating. We also enumerate the exceptional situations that may occur during the dual offline transaction, and give specific handling methods for each situation. Moreover, six security properties of the scheme are analyzed under realistic assumptions. A prototype system is implemented and finally tested with possible parameters. The security analysis and experimental results indicate that our scheme could meet the practical requirement of CBDC offline transaction for mobile users from both aspects of security and efficiency.

DOT-M: A Dual Offline Transaction Scheme of Central Bank Digital Currency for Trusted Mobile Devices

Abstract: In recent years, many major economies have paid close attention to central bank digital currency (CBDC). As an optional attribute of CBDC, dual offline transaction is considered to have great practical value under the circumstances for payment without network connection. However, there is no public report or paper on how to securely design or implement the dual offline transaction function specifically for CBDC. In this paper, we propose DOT-M, a practical dual offline transaction scheme designed for the mobile device user as either a payer or a payee. Precisely, adopting secure element (SE) and trusted execution environment (TEE), the architecture of trusted mobile device is constructed to protect security-sensitive keys and execution of the transaction protocol. According to the trusted architecture, the data structure for offline transaction is designed as well. On this basis, we describe the core procedures of DOT-M in detail, including registration, account synchronization, dual offline transaction, and online data updating. A prototype system is implemented and finally tested with possible parameters. The security analysis and experimental results indicate that our scheme could meet the practical requirement of CBDC offline transaction for mobile users from both aspects of security and efficiency.

Some basic cryptographic requirements for chaos-based cryptosystems

Abstract: In recent years, a large amount of work on chaos-based cryptosystems have been published. However, many of the proposed schemes fail to explain or do not possess a number of features that are fundamentally important to all kind of cryptosystems. As a result, many proposed systems are difficult to implement in practice with a reasonable degree of security. Likewise, they are seldom accompanied by a thorough security analysis. Consequently, it is difficult for other researchers and end users to evaluate their security and performance. This work is intended to provide a common framework of basic guidelines that, if followed, could benefit every new cryptosystem. The suggested guidelines address three main issues: implementation, key management and security analysis, aiming at assisting designers of new cryptosystems to present their work in a more systematic and rigorous way to fulfill some basic cryptographic requirements. Meanwhile, several recommendations are made regarding some practical aspects of analog chaos-based secure communications, such as channel noise, limited bandwith and attenuation.

A novel bit-level image encryption algorithm based on 2D-LICM hyperchaotic map

Abstract: In this paper, a new two-dimensional Logistic ICMIC cascade map (2D-LICM) is proposed based on cascade modulation couple (CMC) model. Performance evaluations show that it has hyperchaotic behavior, wide chaotic range and large complexity. Based on this map, a novel image encryption algorithm is designed by employing bit-level permutation and diffusion simultaneously. The bit-level permutation is performed by circular shifting, and the bit-level diffusion is carried out by exclusive or ( xor ) and reverse operations. In addition, the initial values of chaotic system are updated in real time according to the obtained ciphertext and it greatly improves the ability of resisting known plaintext attack and chosen plaintext attack. Simulation results and performance analysis show that this algorithm has good encryption effect and high efficiency. It can resist typical attacks including statistical, brute-force, differential attacks and so forth.

A fast chaotic encryption scheme based on piecewise nonlinear chaotic maps

Abstract: In recent years, a growing number of discrete chaotic cryptographic algorithms have been proposed. However, most of them encounter some problems such as the lack of robustness and security. In this Letter, we introduce a new image encryption algorithm based on one-dimensional piecewise nonlinear chaotic maps. The system is a measurable dynamical system with an interesting property of being either ergodic or having stable period-one fixed point. They bifurcate from a stable single periodic state to chaotic one and vice versa without having usual period-doubling or period-n-tupling scenario. Also, we present the KS-entropy of this maps with respect to control parameter. This algorithm tries to improve the problem of failure of encryption such as small key space, encryption speed and level of security.

Book review: Applied cryptography: Protocols, algorithms, and source code in C

Abstract: ebooks and guide Applied Cryptography Protocols Algorithms And Source Code In C Applied Cryptography Protocols Algorithms And Source Code In C By Schneier Bruce Author Nov 01 1995. This is Applied Cryptography Protocols Algorithms And Source Code In C Applied Cryptography Protocols Algorithms And Source Code In C By Schneier Bruce Author Nov 01 1995 the best ebook that you can get right now online.

On the security of a chaotic encryption scheme: problems with computerized chaos in finite computing precision

Abstract: Zhou et al. have proposed a chaotic encryption scheme, which is based on a kind of computerized piecewise linear chaotic map (PWLCM) realized in finite computing precision. In this paper, we point out that Zhou's encryption scheme is not secure enough from strict cryptographic viewpoint. The reason lies in the dynamical degradation of the computerized piecewise linear chaotic map employed by Zhou et al. The dynamical degradation of the computerized chaos induces many weak keys to cause large information leaking of the plaintext. In addition, we also discuss three simple countermeasures to enhance the security of Zhou's cryptosystem, but none of them can essentially enhance the security.