Author name cluster

Shuwang Lü

Possible papers associated with this exact author name in Arrow. This page groups case-insensitive exact name matches and is not a full identity disambiguation profile.

4 papers

1 author row

TCS Journal 2016 Journal Article

A provably secure non-iterative hash function resisting birthday attack

Shenghui Su
Tao Xie
Shuwang Lü

To examine the integrity and authenticity of an IP address efficiently and economically, this paper proposes a new non-iterative hash function called JUNA that is based on a multivariate permutation problem and an anomalous subset product problem to which no subexponential time solutions are found so far. JUNA includes an initialization algorithm and a compression algorithm, and converts a short message of n bits which is regarded as only one block into a digest of m bits, where 80 ≤ m ≤ 232 and 80 ≤ m ≤ n ≤ 4096. The analysis and proof show that the new hash is one-way, weakly collision-free, and strongly collision-free, and its security against existent attacks such as birthday attack and meet-in-the-middle attack is to O ( 2 m ). Moreover, a detailed proof that the new hash function is resistant to the birthday attack is given. Compared with the Chaum–Heijst–Pfitzmann hash based on a discrete logarithm problem, the new hash is lightweight, and thus it opens a door to convenience for utilization of lightweight digital signing schemes.

Details DOI

TCS Journal 2016 Journal Article

A semantically secure public key cryptoscheme using bit-pair shadows

Shenghui Su
Shuwang Lü
Maozhi Xu
Tao Xie

This paper gives the definition and property of a bit-pair shadow, and devises the three algorithms of a public key cryptoscheme called JUOAN that is based on a multivariate permutation problem and an anomalous subset product problem to which no subexponential time solutions are found so far, and regards a bit-pair as a manipulation unit. The authors demonstrate that the decryption algorithm is correct, deduce the probability that a plaintext solution is nonunique is nearly zero, analyze the security of the new cryptoscheme against extracting a private key from a public key and recovering a plaintext from a ciphertext on the assumption that an integer factorization problem, a discrete logarithm problem, and a low-density subset sum problem can be solved efficiently, and prove that the new cryptoscheme using random padding and random permutation is semantically secure. The analysis shows that the bit-pair method increases the density D of a related knapsack to a number more than 1, and decreases the modulus length ⌈ lg M ⌉ of the new cryptoscheme to 464, 544, or 640.

Details DOI

TCS Journal 2012 Journal Article

A public key cryptosystem based on three new provable problems

Shenghui Su
Shuwang Lü

In this paper, the authors give the definitions of a coprime sequence and a lever function, and describe the five algorithms and six characteristics of a prototypal public key cryptosystem which is used for encryption and signature, and is based on three new problems and one existent problem: the multivariate permutation problem (MPP), the anomalous subset product problem (ASPP), the transcendental logarithm problem (TLP), and the polynomial root finding problem (PRFP). Prove by reduction that MPP, ASPP, and TLP are computationally at least equivalent to the discrete logarithm problem (DLP) in the same prime field, and meanwhile find some evidence which inclines people to believe that the new problems are harder than DLP each, namely unsolvable in DLP subexponential time. Demonstrate the correctness of the decryption and the verification, deduce the probability of a plaintext solution being nonunique is nearly zero, and analyze the exact securities of the cryptosystem against recovering a plaintext from a ciphertext, extracting a private key from a public key or a signature, and forging a signature through known signatures, public keys, and messages on the assumption that IFP, DLP, and LSSP can be solved. Studies manifest that the running times of effectual attack tasks are greater than or equal to O ( 2 n ) so far when n = 80, 96, 112, or 128 with lg M ≈ 696, 864, 1030, or 1216. As viewed from utility, it should be researched further how to decrease the length of a modulus and to increase the speed of the decryption.

Details DOI

TCS Journal 2011 Journal Article

Asymptotic granularity reduction and its application

Shenghui Su
Shuwang Lü
Xiubin Fan

It is well known that the inverse function of y = x with the derivative y ′ = 1 is x = y, the inverse function of y = c with the derivative y ′ = 0 is nonexistent, and so on. Hence, on the assumption that the noninvertibility of the univariate increasing function y = f ( x ) with x > 0 is in direct proportion to the growth rate reflected by its derivative, the authors put forward a method of comparing difficulties in inverting two functions on a continuous or discrete interval called asymptotic granularity reduction (AGR) which integrates asymptotic analysis with logarithmic granularities, and is an extension and a complement to polynomial time (Turing) reduction (PTR). Prove by AGR that inverting y ≡ x x ( mod p ) is computationally harder than inverting y ≡ g x ( mod p ), and inverting y ≡ g x n ( mod p ) is computationally equivalent to inverting y ≡ g x ( mod p ), which are compatible with the results from PTR. Besides, apply AGR to the comparison of inverting y ≡ x n ( mod p ) with y ≡ g x ( mod p ), y ≡ g g 1 x ( mod p ) with y ≡ g x ( mod p ), and y ≡ x n + x + 1 ( mod p ) with y ≡ x n ( mod p ) in difficulty, and observe that the results are consistent with existing facts, which further illustrates that AGR is suitable for comparison of inversion problems in difficulty. Last, prove by AGR that inverting y ≡ x n g x ( mod p ) is computationally equivalent to inverting y ≡ g x ( mod p ) when PTR cannot be utilized expediently. AGR with the assumption partitions the complexities of problems more detailedly, and finds out some new evidence for the security of cryptosystems.

Details DOI