| dc.description.abstract | People throughout the world could communicate instantly and
transfer information with others on the Internet via variety
applications (e.g., e-mail, e-commerce, online banking, etc.).
Due to the very openness of the Internet, more and more security
issues were required to protect personal privacy and
commercial confidentiality. A reliable, trusted cryptography
is expected to protect private information according to the
increasing number of Internet services that applies cryptography.
The extensions usually cause security leaks. The Chosen
Ciphertext Attacks (CCA) is aimed at this kind of leaks. If
an adversary can intercept an encrypted message and modify
it, the adversary then resend modified message to the same
service and analyze the service response. Therefore, the adversary
can restore the original message.
It is hard for Internet service to discover CCA, since the
Internet service does not have enough information to distinguish
between the general error messages, which are created by normal
users, and sample messages, which are created by adversaries.
In fact, would rather fill up leak of standard then proven the
standard is secure against CCA in designed stage. Bellare
and Rogaway introduce a proof named random oracle model
and it can be used to prove that encryption scheme, signature
scheme and protocol are secure against CCA.
A new RSA padding scheme have by introduced as BLRP, will be proposed
to improve the cryptographic methods of RSA PKCS #1 v1.5 and
RSA PKCS #1 v2.1. Not only the efficiency is better than RSA
PKCS #1 v2.1, the security is also better than RSA PKCS #1 v1.5.
In addition, BLRP is proven in random oracle model and is secure
against CCA.
Besides, A new CCA attack is proposed to attack the most popular
internet S/MIME standard, S/MIME (Secure/Multipurpose Internet
Mail Extensions) which provides the following cryptographic
security services for electronic messaging applications:
authentication, message integrity and non-repudiation of
origin (using digital signatures) and privacy and data
security (using encryption). The new propose CCA attack can decrypt
E-mail of S/MIME encrypted format without private-key and just ask
oracle ones. We also propose the countermeasures in addition. | en_US |