University of Surrey

Test tubes in the lab Research in the ATI Dance Research

Security problems with improper implementations of improved FEA-M

Li, SJ and Lo, K-T (2007) Security problems with improper implementations of improved FEA-M Journal of Systems and Software, 80 (5). 791 - 794. ISSN 0164-1212

[img]
Preview
PDF (licence)
32Kb
[img]
Preview
PDF - Accepted Version
Available under License : See the attached licence file.
123Kb

Official URL: http://dx.doi.org/10.1016/j.jss.2006.05.002

Abstract

This paper reports security problems with improper implementations of an improved version of FEA-M (fast encryption algorithm for multimedia). It is found that an implementation-dependent differential chosen-plaintext attack or its chosen-ciphertext counterpart can reveal the secret key of the cryptosystem, if the involved (pseudo-)random process can be tampered (for example, through a public time service). The implementation-dependent differential attack is very efficient in complexity and needs only O(n2) chosen plaintext or ciphertext bits. In addition, this paper also points out a minor security problem with the selection of the session key. In real implementations of the cryptosystem, these security problems should be carefully avoided, or the cryptosystem has to be further enhanced to work under such weak implementations.

Item Type:Article
Additional Information:NOTICE: this is the author’s version of a work that was accepted for publication in Journal of Systems and Software. Changes resulting from the publishing process, such as peer review, editing, corrections, structural formatting, and other quality control mechanisms may not be reflected in this document. Changes may have been made to this work since it was submitted for publication. A definitive version was subsequently published in Journal of Systems and Software, 80(5), 2007, DOI 10.1016/j.jss.2006.05.002.
Divisions:Faculty of Engineering and Physical Sciences > Computing Science
Related URLs:
ID Code:532525
Deposited By:Symplectic Elements
Deposited On:30 May 2012 22:05
Last Modified:07 Apr 2013 14:34

Document Downloads

Repository Staff Only: item control page

Information about this web site

© The University of Surrey, Guildford, Surrey, GU2 7XH, United Kingdom.
+44 (0)1483 300800