This paper presents an efficient subverted symmetric encryption scheme, which outputs a random initialization vector (IV). Compared with the available scheme of the same kind in the literature, our attack provides a saboteur (big brother) with much faster recovery of a key used in a victim's symmetric encryption scheme. Our result implies that care must be taken when a symmetric encryption scheme with a random IV such as randomized CBC is deployed.

This letter points out some flaws in the previous works on UKS (unknown key-share) attacks. We show that Blake-Wilson and Menezes' revised STS-MAC (Station-to-Station Message Authentication Code) protocol, which was proposed to prevent UKS attack, is still vulnerable to a new UKS attack. Also, Hirose and Yoshida's key agreement protocol presented at PKC'98 is shown to be insecure against public key substitution UKS attacks. Finally, we discuss countermeasures for such UKS attacks.

Recently, numerous service discovery protocols have been introduced in the open literature. Unfortunately, many of them did not consider security issues, and for those that did, many security and privacy problems still remain. One important issue is to protect the privacy of a service provider while enabling an end-user to search an alternative service using multiple keywords. To deal with this issue, the existing protocols assumed that a directory server should be trusted or owned by each service provider. However, an adversary may compromise the directory server due to its openness property. In this paper, we suggest an efficient verification of service subscribers to resolve this issue and analyze its performance and security. Using this method, we propose an efficient and secure service discovery protocol protecting the privacy of a service provider while providing multiple keywords search to an end-user. Also, we provide performance and security analysis of our protocol.