Efficient fault-tolerant scheme based on the RSA system

1 / 14

# Efficient fault-tolerant scheme based on the RSA system - PowerPoint PPT Presentation

Efficient fault-tolerant scheme based on the RSA system. Author: N.-Y. Lee and W.-L. Tsai IEE Proceedings Presented by 詹益誌 2004/03/02. Outline. Introduction The scheme of Zhang Security flaw in the scheme of Zhang Improvement of the Zhang scheme Security analysis Conclusions.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

## PowerPoint Slideshow about 'Efficient fault-tolerant scheme based on the RSA system' - kieve

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

### Efficient fault-tolerant scheme based on the RSA system

Author: N.-Y. Lee and W.-L. Tsai

IEE Proceedings

Presented by 詹益誌 2004/03/02

Outline
• Introduction
• The scheme of Zhang
• Security flaw in the scheme of Zhang
• Improvement of the Zhang scheme
• Security analysis
• Conclusions
Introduction
• Zhang scheme can simultaneously deal with error detection and data correction.
• But Zhang scheme can suffer from an attack by a malicious receiver.
• This paper proposes improvement to the Zhang scheme to repair the security flaw.
The scheme of Zhang
• User A:
• User B:
• User B wants to send a message M to a user A.
• Step1: translate the message M into an n*m plaintext matrix X:
The scheme of Zhang
• Step2: Construct another

(n+1)*(m+1) matrix

• Step3: compute an (n+1)*(m+1)

ciphered matrix Ch:

The scheme of Zhang

and decrypts Ch.

So A will get

• Data can be corrected by
Security flaw in the scheme of Zhang
• Transform the into
• Compute
• New plaintext matrix is:
• Compute
• the new matrix

is constructed

Improvement of the Zhang scheme
• Step1: translate the message into matrix X.
• Step2: construct another matrix Xh
• Step3: generate the signature
Improvement of the Zhang scheme
• Step4: Construct an ciphered matrix Ch*.

B first computes

• Step5: transmit Ch* to A.
Improvement of the Zhang scheme
• A receive Ch*, and decrypts by use own private key:
• Then, A obtains the plaintext matrix Xh:
Improvement of the Zhang scheme
• A verifies the validity of B’s signature by computing:
• and checking
• If rure, A compute
• And checks
• If true, the signature is valid.
Security analysis
• A attacker will generate a different message for the existing signature.

He will first choose x11,…,x1,m-1 and then find a x1m, which must satisfy

Security analysis
• If an attacker wants to view the content of the plaintext matrix, he has to first get ZC.
• If an attacker wants to generate a valid signature for any message, he must compute Zc from Z.
Conclusion
• This paper proposed an improved scheme to withstand the attack.