Chen Jie

A New Method for Impossible Differential Cryptanalysis of 7-round Advanced Encryption Standard

this paper presents a new method for impossible differential cryptanalysis of 7-round Advanced Encryption Standard. This attack on the reduced 7-round AES requires about 2123.5 chosen plaintexts, demands 289 words of memory, and performs 2122 7-round AES encryptions. Furthermore, it is only 2?34.5 of the probability to fail to recover the secret key.

Impossible differential cryptanalysis of advanced encryption standard

Impossible differential cryptanalysis is a method recovering secret key, which gets rid of the keys that satisfy impossible differential relations. This paper concentrates on the impossible differential cryptanalysis of Advanced Encryption Standard (AES) and presents two methods for impossible differential cryptanalysis of 7-round AES-192 and 8-round AES-256 combined with time-memory trade-off by exploiting weaknesses in their key schedule. This attack on the reduced to 7-round AES-192 requires about 294.5 chosen plaintexts, demands 2129 words of memory, and performs 2157 7-round AES-192 encryptions. Furthermore, this attack on the reduced to 8-round AES-256 requires about 2101 chosen plaintexts, demands 2201 words of memory, and performs 2228 8-round AES-256 encryptions.

A new method for impossible differential cryptanalysis of 8-round advanced encryption standard

This paper first presents an impossible differential property for 5-round Advanced Encryption Standard (AES) with high probability. Based on the property and the impossible differential cryptanalytic method for the 5-round AES, a new method is proposed for cryptanalyzing the 8-round AES-192 and AES-256. This attack on the reduced 8-round AES-192 demands 2121 words of memory, and performs 2148 8-round AES-192 encryptions. This attack on the reduced 8-round AES-256 demands 2153 words of memory, and performs 2180 8-round AES-256 encryptions. Furthermore, both AES-192 and AES-256 require about 298 chosen plain-texts for this attack, and have the same probability that is only 23 to fail to recover the secret key.

Improvement of Identity-Based Threshold Proxy Signature Scheme with Known Signers

In 2006, Baoet al proposed an identity-based threshold proxy signature scheme with known signers. In this paper, we show that Baoet al s scheme is vulnerable to the forgery attack. An adversary can forge a valid threshold proxy signature for any message with knowing a previously valid threshold proxy signature. In addition, their scheme also suffers from the weakness that the proxy signers might change the threshold value. That is, the proxy signers can arbitrarily modify the threshold strategy without being detected by the original signer or verifiers, which might violate the original signers intent. Furthermore, we propose an improved scheme that remedies the weaknesses of Baoet al s scheme. The improved scheme satisfies all secure requirements for threshold proxy signature.