Paper 2013/050

Cryptanalysis and Improvement of Akleylek et al.'s cryptosystem

Roohallah Rastaghi

Abstract

Akleylek et al. [S. Akleylek, L. Emmungil and U. Nuriyev, A modified algorithm for peer-to-peer security, \textit{journal of Appl. Comput. Math.}, vol. 6(2), pp.258-264, 2007.], introduced a modified public-key encryption scheme with steganographic approach for security in peer-to-peer (P2P) networks. In this cryptosystem, Akleylek et al. attempt to increase security of the P2P networks by mixing ElGamal cryptosystem with knapsack problem. In this paper, we present a ciphertext-only attack against their system to recover message. In addition, we show that for their scheme \textit{completeness} property is not holds, and therefore, the receiver cannot \textit{uniquely} decrypts messages. Furthermore, we also show that this system is not chosen-ciphertext secure, thus the proposed scheme is vulnerable to man-in-the-middle-attack, one of the most pernicious attacks against P2P networks. Therefore, this scheme is not suitable to implement in the P2P networks. We modify this cryptosystem in order to increase its security and efficiency. Our construction is the efficient CCA2-secure variant of the Akleylek et al.'s encryption scheme in the standard model, the \textit{de facto} security notion for public-key encryption schemes.

Metadata
Available format(s)
PDF PS
Publication info
Published elsewhere. This article is an extended/revised version of an ISCISC'12 paper.
Keywords
CryptographyCryptanalysisCiphertext-only attackElGamal cryptosystemKnapsack problemCCA2 securityStandard model.
Contact author(s)
r rastaghi59 @ gmail com
History
2013-04-25: last of 3 revisions
2013-02-06: received
See all versions
Short URL
https://ia.cr/2013/050
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2013/050,
      author = {Roohallah Rastaghi},
      title = {Cryptanalysis and Improvement of Akleylek et al.'s cryptosystem},
      howpublished = {Cryptology {ePrint} Archive, Paper 2013/050},
      year = {2013},
      url = {https://eprint.iacr.org/2013/050}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.