Bok-Min Goi

An efficient certificateless signature scheme

Certificateless public key cryptography (CLPKC) is a paradi-gm to solve the inherent key escrow problem suffered by identity-based cryptography (IBC). While certificateless signature is one of the most important security primitives in CLPKC, there are relatively few proposed schemes in the literature. In this paper, we manage to construct an efficient certificateless signature scheme based on the intractability of the computational Diffie-Hellman problem. By using a shorter public key, two pairing computations can be saved in the verification algorithm. Besides, no pairing computation is needed in the signing algorithm. The proposed scheme is existential unforgeable in the random oracle model. We also present an extended construction whose trust level is the same as that of a traditional signature scheme.

Cryptanalysis of simple three-party key exchange protocol (S-3PAKE)

Password-authenticated key exchange (PAKE) protocols allow parties to share secret keys in an authentic manner based on an easily memorizable password. Recently, Lu and Cao proposed a three-party password-authenticated key exchange protocol, so called S-3PAKE, based on ideas of the Abdalla and Pointcheval two-party SPAKE extended to three parties. S-3PAKE can be seen to have a structure alternative to that of another three-party PAKE protocol (3PAKE) by Abdalla and Pointcheval. Furthermore, a simple improvement to S-3PAKE was proposed very recently by Chung and Ku to resist the kind of attacks that applied to earlier versions of 3PAKE. In this paper, we show that S-3PAKE falls to unknown key-share attacks by any other client, and undetectable online dictionary attacks by any adversary. The latter attack equally applies to the recently improved S-3PAKE. Indeed, the provable security approach should be taken when designing PAKEs; and furthermore our results highlight that extra cautions still be exercised when defining models and constructing proofs in this direction.

Recognizing human gender in computer vision: a survey

Gender is an important demographic attribute of people. This paper provides a survey of human gender recognition in computer vision. A review of approaches exploiting information from face and whole body (either from a still image or gait sequence) is presented. We highlight the challenges faced and survey the representative methods of these approaches. Based on the results, good performance have been achieved for datasets captured under controlled environments, but there is still much work that can be done to improve the robustness of gender recognition under real-life environments.

Off-Line Keyword Guessing Attacks on Recent Public Key Encryption with Keyword Search Schemes

The Public Key Encryption with Keyword Search Scheme (PEKS) was first proposed by Boneh et al. in 2004. This scheme solves the problem of searching on data that is encrypted using a public key setting. Recently, Baek et al. proposed a Secure Channel Free Public Key Encryption with Keyword Search (SCF-PEKS) scheme that removes the secure channel for sending trapdoors. They later proposed another improved PEKS scheme that integrates with a public key encryption (PKE) scheme, called PKE/PEKS. In this paper, we present off-line keyword guessing attacks on SCF-PEKS and PKE/PEKS schemes. We demonstrate that outsider adversaries that capture the trapdoors sent in a public channel can reveal encrypted keywords by performing off-line keyword guessing attacks. While, insider adversaries can perform the attacks regardless the trapdoors sent in a public or secure channel.

Cryptanalysis of two anonymous buyer-seller watermarking protocols and an improvement for true anonymity

By combining techniques of watermarking and fingerprinting, a sound buyer-seller watermarking protocol can address the issue of copyright protection in e-commerce. In this paper, we analyze the security of two recent anonymous buyer-seller watermarking protocols proposed by Ju et. al and Choi et. al respectively, and prove that they do not provide the features and security as claimed. In particular, we show that i) the commutative cryptosystem used in Choi et. al’s protocol fails to prevent the watermark certification authority (WCA) from discovering the watermark (fingerprint) chosen by the buyer; ii) for both protocols, the seller can discover the watermark chosen by the buyer if he colludes with the WCA. Hence, these protocols cannot guard against conspiracy attacks. We further show that these protocols only provide “partial” anonymity, ie. the buyer’s anonymity is guaranteed only if WCA is honest. Our results suggest that the security of these protocols must assume the honesty of WCA, contrary to the designers’ original claim. Finally, we propose a new anonymous buyer-seller watermarking protocol which is more secure and efficient, and provides true anonymity.

Cryptanalysis of an improved client-to-client password-authenticated key exchange (C2C-PAKE) scheme

Password-Authenticated Key Establishment (PAKE) protocols allow two parties, to share common secret keys in an authentic manner based on an easily memorizable password. At ICCSA 2004, an improved PAKE protocol between two clients of different realms was proposed that was claimed to be secure against attacks including the replay attack. In this paper, we cryptanalyze this protocol by showing two replay attacks that allow an attacker to falsely share a secret key with a legal client.

A non-invertible Randomized Graph-based Hamming Embedding for generating cancelable fingerprint template☆

Abstract Biometric technology is likely to provide a new level of security to various applications. Yet if the stored biometric template is compromised, invasion of user privacy is inevitable. Since biometric is irreplaceable and irrevocable, such an invasion implies a permanent loss of identity. In this paper, a fingerprint template protection technique is proposed to secure the fingerprint minutiae. Remarkably, by incorporating Randomized Graph-based Hamming Embedding (RGHE), the generated binary template can be strongly protected against inversion. The proposed method adopts a minutiae descriptor, dubbed as minutiae vicinity decomposition (MVD) to derive a set of randomized geometrical invariant features together with random projection. The discrimination of randomized MVD is then enhanced by User-specific Minutia Vicinities Collection scheme and embedded into a Hamming space by means of Graph-based Hamming Embedding. The resultant binary template enjoys four merits: (1) strong concealment of the minutia vicinity, thus effectively protects the location and orientation of minutiae. (2) Well preservation of the discriminability of MVD in the Hamming space with respect to the Euclidean space without accuracy performance degradation. (3) Template is revocable due to user-specific random projection. (4) Speedy matching attributed to bit-wise operations. Promising experimental results on FVC2002 database vindicate the feasibility of the proposed technique.

Biometric cryptosystems

Despite fuzzy commitment (FC) is a theoretically sound biometric-key binding scheme, it relies on error correction code (ECC) completely to mitigate biometric intra-user variations. Accordingly, FC suffers from the security-performance tradeoff. That is, the larger key size/higher security always trades with poor key release success rate and vice versa. Additionally, the FC is highly susceptible to a number of security and privacy attacks. Furthermore, the best achievable accuracy performance of FC is constrained by the simple distance metrics such as Hamming distance to measure the dissimilarity of binary biometric features. This implies many efficient matching algorithms are to be abandoned. In this paper, we propose an ECC-free key binding scheme along with cancellable transforms for minutiae-based fingerprint biometrics. Apart from that, the minutiae information is favorably protected by a strong non-invertible cancellable transform, which is crucial to prevent a number of security and privacy attacks. The scheme is not limited to binary biometrics as demanded in FC but instead can be applied to various types of biometric features and hence a more effective matcher can be chosen. Experiments conducted on FVC2002 and FVC2004 show that the accuracy performance is comparable to state-of-the-arts. We further demonstrate that the proposed scheme is robust against several major security and privacy attacks. A new ECC-free biometric key binding scheme and the realization in fingerprint biometrics are proposed.A modified randomized GHE in constructing the cancellable transform is proposed.We performed several security and privacy analysis for the proposed scheme, like privacy attacks ARM and SKI.The proposed scheme can be applied to variety of biometric feature representations, not only binary string and matcher.

Security Mediated Certificateless Signatures

In PKC 2006, Chow, Boyd and Gonzalez Neito introduced the notion of security mediated certificateless (SMC) cryptography. SMC cryptography equips certificateless cryptography with instantaneous revocation. They presented a formal security model with two constructions for SMC encryption. This paper studies SMC signatures. We first present a security analysis of a previous attempt by Ju et al.in constructing a SMC signature scheme. We then formalize the notion of SMC signatures and propose the first concrete provable scheme without bilinear pairing. Our scheme is existential unforgeable in the random oracle model based on the intractability of the discrete logarithm problem, has a short public key size, and achieves a trust level which is the same as that of a traditional public key signature.

Cryptanalysis of two provably secure cross-realm C2C-PAKE protocols

Password-Authenticated Key Exchange (PAKE) protocols allow parties to share secret keys in an authentic manner based on an easily memorizable password. Byun et al. first proposed a cross realm client-to-client (C2C) PAKE for clients of different realms (with different trusted servers) to establish a key. Subsequent work includes some attacks and a few other variants either to resist existing attacks or to improve the efficiency. However, all these variants were designed with heuristic security analysis despite that well founded provable security models already exist for PAKEs, e.g. the Bellare-Pointcheval-Rogaway model. Recently, the first provably secure cross-realm C2C-PAKE protocols were independently proposed by Byun et al. and Yin-Bao, respectively; i.e. security is proven rigorously within a formally defined security model and based on the hardness of some computationally intractable assumptions. In this paper, we show that both protocols fall to undetectable online dictionary attacks by any adversary. Further we show that malicious servers can launch successful man-in-the-middle attacks on the variant by Byun et al., while the Yin-Bao variant inherits a weakness against unknown key-share attacks. Designing provably secure protocols is indeed the right approach, but our results show that such proofs should be interpreted with care.