Rational cryptography is an emerging direction of the cross-discipline of cryptography and game theory. Game theory provides an opportunity to reach some secure goals in cryptography. In view of the fact that traditional cryptography only considers honest participants or malicious participants, starting with the similarity of game theory and cryptography, this paper first discusses basic research ideas of rational cryptography, and formalizes its game models and concepts based on introduction of selfish participants. This paper further introduces the security of rational cryptographic protocols, gives fairness of cryptographic protocols from the views of game equilibrium, and analyzes the security and fairness models in cryptography based on equilibrium theory. Furthermore, some known results about the rational fair exchange, rational secret sharing and rational multi-party computation are overviewed extensively. Then the definition of mechanism design in microeconomic is stated and its application prospect in rational cryptography is discussed. Finally, the designs of rational cryptographic protocols based on special game model, hybrid preference model and equilibrium theory in this field are introduced. In particular, the fair mechanism designs of rational cryptographic protocols are recommended. The challenges and opportunities of this promising topic are summarized at the end of this paper.

The studies on three FHE programs, HElib, FHE-CODE and FHE-master, which are based respectively on three different encryption algorithms, are conducted in this paper. Through debugging and parameter-modification, this paper analyzes noise, runtime and storage space, in order to verify the theoretical and practical properties of related algorithms. They can achieve high precision encryption by increasing security parameter. The longer security parameter, the longer the length of the cipher text, but the storage space occupied will be larger. As a result, increasing the length of the cipher text or encrypted cipher text can improve the security level of the algorithm. Meanwhile, reducing the modulus or reducing security parameters can reduce the noise and increase the efficiency. In addition, we analyze corresponding three kinds of algorithms: Gentry’s algorithm, DGHV and BGV. We compare the three schemes from the aspects of security, efficiency, program implementation and their relations.It is concluded that HElib is more complex and secure, and the running time is longer. The logic of FHE-CODE is relatively clear, and it is more efficient. FHE-master achieves the retrieval of the cipher text by file read operation. By means of comparison, this paper is intended to provide advice for the studies of the FHE-encryption algorithms.

In today’s rapid development of information technology, information hiding has become the focus in information security field. Since each Web site as well as network communication depends on digital works, such as audio, image, webpage, etc. And information hiding technology embeds the secret information into the digital works and does not damage the original carrier. Without the special detection tools, a third party is unaware of the existence of the secret information. Accordingly, digital signatures and private information can be transmitted over the Internet securely. Because of the small information redundancy of web documents, not much research results can be found. But the web application is very popular in information transmission; it has great significance to study web information hiding algorithms. Note that the existing algorithms of webpage information hiding have a common shortcoming that did not consider the capacity, robustness and invisibility completely. Based on the above, this paper proposes a webpage information hiding algorithm based on the class attribute and the process of webpage making. The algorithm is based on two basic ideas: the first idea is to hide information into the class attribute of the element, the second one is that the hidden information is regarded as a link between the structural layer, the presentation layer and the behavior layer, which is an organic part of the webpage rather than the redundancy of the webpage. Experimental results show that the algorithm greatly improves the webpage information hiding capacity, has strong robustness and invisibility, and the method for extraction is simple.

In 1984, Shamir first proposed the notion of identity-based encryption without giving a concrete construction. In 2001, the first IBE scheme was constructed by Boneh and Franklin, who also formally defined IND-aID-CPA security for IBE constructions. However, the security proof of their scheme was in the random oracle model. After the BF-IBE scheme, Boneh, Boyen and Waters constructed two typical IBE schemes with adaptive security based on number theory in the standard model in 2004 and 2005, respectively. However, in the former IBE scheme, the sizes of the decryption key and the ciphertext are both quite large, while the security proof of the latter IBE scheme is very complicated. In contrast to the above two schemes, the BF-IBE scheme has smaller size of secret key and ciphertext, it has practical significance as how to initiate RO in the BF-IBE scheme. The main contribution of this paper is to transform the original BF-IBE scheme in the random oracle model into one in the standard model, while maintaining smaller size of secret key and ciphertext and with more compact security proof. Specifically, we study and employ the method proposed by Hohenberger, Sahai and Waters in 2014, that initiates the random oracle with a concrete hash function in full domain hash applications, to transform the BF-IBE scheme with adaptive security in the random oracle model to that with the same security in the standard model.

NORX is an authenticated encryption scheme introduced by Jean-Philippe Aumasson in 2014 as a candidate of the CAESAR competition. It is based on sponge structure which supports an arbitrary parallelism degree. The only operations used in the core permutation of NORX are AND, rotation, XOR and shift, called LRX construction, which improves hardware efficiency and simplifies cryptanalysis. To study the cryptographic properties of the core permutation is essential for its security evaluation. NORX consists of two variants denoted as NORX32 and NORX64, which provide128-bit security and 256-bit security respectively. There have been a few analysis results such as differential, higher differential and guess and determine cryptanalysis but no linear cryptanalysis has been found so far. In this paper, we start from the linear properties of basic function H, use probabilistic bits to analyze the simplified version of function H and get its bitwise probability distribution. Then we propose a fast computing algorithm to compute the correlation coefficient of H function. Depending on the algorithm, we derive the structure of correlation coefficient of H function. Furthermore, we analyze the function component of H in NORX, then derive a necessary and sufficient condition on input and output masks when linear approximation has nonzero-correlation. Based on the property that single input mask determines single output mask when the correlation coefficient is nonzero, we derive some nonzero-correlation properties on the core permutation function G. These analysis results can be a basis for further linear and zero-correlation linear cryptanalysis of NORX.

Midori is a lightweight block cipher of 128-bit key size proposed at ASIACRYPT 2015. It is a family of two block ciphers: Midori64 and Midori128 with 64-bit and 128-bit block size respectively, they can be used to protect small computing devices in IoT. The resistance of Midori64 and Midori128 against fault attacks is evaluated. Firstly, the remained key entropy of Midori is evaluated by analyzing the fault propagation path based on information theory. Theoretical analysis results show that: based on half byte and full byte fault model in round R–3, one fault injection can reduce the key entropy of Midori64 and Midori128 to 68.47 and 8.03 bits, respectively. However, the computation complexity in analyzing faults in round R–2 to round R–3 is unaffordable and multiple fault injections can solve this problem. Then, the remained key entropy of Midori is verified by differential fault analysis (DFA) technique. The result demonstrates that: three random half byte fault injections can reduce the key entropy of Midori64 to 8.10 bits and two random byte fault injections can recover the full secret key of Midori128. Finally, an algebraic technique is introduced into fault attack on Midori and an algebraic fault analysis (AFA) is applied to optimize the DFA result. The results show that: AFA can extend fault attack on Midori64 to more complicated fault models. Based on the byte fault model in round R–3 and half byte fault model in round R–4, four and ten fault injections can recover the full 128-bit key of Midori64, respectively. Based on the byte fault model in round R–3, single fault injection can reduce the key entropy of Midori128 to less than 16-bit for 94% of the cases. Thus, the last 5 rounds of Midori should be protected against fault attacks.

Pseudorandom sequences with good properties are widely used in simulation, ranging system, spread spectrum communication, especially in stream cipher systems. Since 2011, when A Ostafe, I E Shparlinski proposed the idea to use Fermat quotient to design cryptographic primitives, based on Fermat quotient and its extended functions, the construction and the property analysis of pseudorandom sequences has become a new research direction. This paper extends the polynomial quotient modulo an odd prime to its general case with modulo p^{r} and r>=1. From the new quotient proposed, we define a class of p^{r+1}-periodic binary threshold sequences and discuss their linear complexities with the restriction of 2 being a primitive root of modulo p^{2}, and the parameter w can take an arbitrary value. The linear complexities are very close to their periods and are of desired value for cryptographic purpose. The constructed sequences are not simple extension of the existing ones, they have high linear complexity and can resist the attack of Berlekamp-Massey algorithm, which has potential application in the field of secure communication.

With the development of mobile Internet and cloud computing, information security becomes an increasingly serious issue. To improve the security of voice transmission, a new hyperchaotic digital voice encryption algorithm for mobile communications is proposed. In this algorithm, the G.711A-law standard is used to compress the 16-bit voice into 8-bit binary sequences. Then a pseudo-random sequence generator is designed based on Folded-towel hyperchaotic map. This map is hyperchaotic with two positive Lyapunov exponents, so it can generate more complex key sequences. In the encryption process, to improve the resistance against differential attack, the nonlinear cross Xor operation is designed for binary sequences to improve the plaintext sensitivity. Each frame of the acquired voice is taken as a group. Combined with the ciphertext cross diffusion technique and the cross Xor operation, two rounds of alternative encryption operations are carried out, and the final ciphertext is transmitted to the next group to conduct the diffusion between groups. Afterwards, this algorithm is applied to the Android platform, and an IP security communication software is developed. The experimental results and performance analysis show that this algorithm has high security and encryption speed. Furthermore, it has a large key space and high key sensitivity, and can resist the statistical, differential and brute-force attacks. Therefore, it has good application prospect in real-time and secure transmission of voice