International Association for Cryptologic Research

Displaying 1-40 of 442 results

  • White Papers // Mar 2014

    Efficient Fuzzy Search on Encrypted Data

    The authors study the problem of efficient (sub-linear) fuzzy search on encrypted outsourced data, in the symmetric-key setting. In particular, a user who stores encrypted data on a remote untrusted server forms queries that enable the server to efficiently locate the records containing the requested keywords, even though the user...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2014

    Verifiable Delegated Set Intersection Operations on Outsourced Encrypted Data

    The authors initiate the study of the following problem: suppose Alice and Bob would like to outsource their encrypted private data sets to the cloud, and they also want to conduct the set intersection operation on their plaintext data sets. The straightforward solution for them is to download their outsourced...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2014

    Non-Interactive Cryptography in the RAM Model of Computation

    Using recently developed techniques for program obfuscation, the authors show several constructions of non-interactive cryptosystems in the Random-Access Machine (RAM) model of computation that are asymptotically more efficient than what would be obtained using generic RAM-to-circuit compilation. In particular, let T denote the running time and n the memory size...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Outsourcing Private RAM Computation

    The authors construct the first schemes that allow a client to privately outsource arbitrary program executions to a remote server while ensuring that: the client's work is small and essentially independent of the complexity of the computation being outsourced, and the server's work is only proportional to the run-time of...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Reducing the Overhead of Cloud MPC

    The authors present a secure Multi-Party Computation (MPC) protocol in the honest-majority setting, which aims to reduce the communication costs in the situation where there are a large number of parties (as in a cloud scenario). Their goal is to reduce the usage of point-to-point channels, so as to enable...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Garbled RAM Revisited Part II

    In EUROCRYPT 2013, Lu and Ostrovsky proposed the notion of Garbled RAM (GRAM) programs. These GRAM programs are analogous to the classic result of Yao's garbled circuits: a large encrypted memory can first be provided to evaluator, and then a program can separately be garbled and sent to an evaluator...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Garbled RAM Revisited Part I

    The notion of garbled Random-Access Machines (garbled RAMs) was introduced by Lu and Ostrovsky (Eurocrypt 2013). It can be seen as an analogue of Yao's garbled circuits that allows a user to garble a RAM program directly, without performing the expensive step of converting it into a circuit. In particular,...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2014

    Improved Differential Fault Attack on MICKEY 2.0

    In this paper the authors describe several ideas related to Differential Fault Attack (DFA) on MICKEY 2.0, a stream cipher from eStream hardware profile. Using the standard assumptions for fault attacks, they first show that if the adversary can induce random single bit faults in the internal state of the...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Power and Timing Side Channels for PUFs and their Efficient Exploitation

    The authors discuss the first power and timing side channels on Strong Physical Unclonable Functions (Strong PUFs) in the literature, and describe their efficient exploitation via adapted Machine Learning (ML) techniques. Their method is illustrated by the example of the two currently most secure (CCS 2010, IEEE T-IFS 2013) electrical...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Property Preserving Symmetric Encryption

    The authors proposed the notion of Property Preserving symmetric Encryption (PPEnc). They defined several security notions for PPEnc and studied their relationship. They also proposed a concrete scheme which preserves the orthogonality of encrypted vectors. The proposed construction is claimed to achieve the strongest security notion of property preserving encryption,...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    How to Keep a Secret: Leakage Deterring Public-key Cryptography

    How is it possible to prevent the sharing of cryptographic functions? This question appears to be fundamentally hard to address since in this setting the owner of the key is the adversary: they wishes to share a program or device that (potentially only partly) implements the users' main cryptographic functionality....

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Weakness of Several Identity-Based Tripartite Authenticated Key Agreement Protocols

    It is necessary to guarantee confidentiality, integrity and other security services for the communication parties over the open network. Key agreement allows multi-parties exchanging public information to create a common secret key that is known only to those entities over an insecure network. In recent years, several identity-based authenticated key...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Chosen Ciphertext Secure (CCS): Symmetric Key CCA Encryption with Minimal Ciphertext Expansion

    In some wireless environments, minimizing the size of messages is paramount due to the resulting significant energy savings. The authors present a new symmetric encryption scheme: CCS or Chosen Cipher-text Secure scheme. CCS has the property that modifications to the cipher-text randomize the resulting plaintext. Using this property, they prove...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    CBEAM: Efficient Authenticated Encryption from Feebly One-Way Functions

    The authors show how efficient and secure cryptographic mixing functions can be constructed from low-degree rotation-invariant functions rather than conventional S-Boxes. These novel functions have surprising properties; many exhibit inherent feeble (Boolean circuit) one-wayness and offer speed/area trade-offs unobtainable with traditional constructs. Recent theoretical results indicate that even if the...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Beyond Modes: Building a Secure Record Protocol from a Cryptographic Sponge Permutation

    Blinker is a light-weight cryptographic suite and record protocol built from a single permutation. Its design is based on the sponge construction used by the SHA-3 algorithm keccak. The authors examine the SpongeWrap authenticated encryption mode and expand its padding mechanism to offer explicit domain separation and enhanced security for...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Functional Encryption for Randomized Functionalities

    Originally, encryption was thought of as a way to encrypt \"Point-to-point\" communication. However, in the contemporary world with cloud computing and complex networks, it has become clear that the people need encryption to offer more functionality. In this paper, the authors present the first definitions and constructions for functional encryption...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Lattice Signatures and Bimodal Gaussians

    The authors' main result is a construction of a lattice-based digital signature scheme that represents an improvement, both in theory and in practice, over today's most efficient lattice schemes. The novel scheme is obtained as a result of a modification of the rejection sampling algorithm that is at the heart...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Verifier-Based Password-Authenticated Key Exchange: New Models and Constructions

    While Password-Authenticated Key Exchange (or PAKE) protocols have been deeply studied, a server corruption remains the main threat, with many concrete cases nowadays. Verifier-based PAKE (or VPAKE) protocols, initially called augmented-PAKE, have been proposed to limit the impact of any leakage. However, no satisfactory security model has ever been proposed...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    RDAS: A Symmetric Key Scheme for Authenticated Query Processing in Outsourced Databases

    In this paper the authors address the problem of authenticated query processing in outsourced databases. An authenticated query processing mechanism allows a client to verify the validity of the query responses that it gets from an untrusted and remote server, who stores the client's database on its behalf. They introduce...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Towards Leakage Exploitation Rate Optimality in Template Attack

    Template attack is widely accepted to be one of the most powerful side-channel attacks, because it is usually assumed that one has a full knowledge of the targeted crypto devices and thus be well capable of characterizing the side-channel leakages. However, the question of whether template attack is really optimal...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Formal Analysis of CRT-RSA Vigilant's Countermeasure Against the BellCoRe Attack

    In the authors' paper at PROOFS 2013, they formally studied a few known countermeasures to protect CRT- RSA against the BellCoRe fault injection attack. However, they left vigilant's countermeasure and its alleged repaired version by the researcher as future work, because the arithmetical framework of their tool was not sufficiently...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Lower Bounds in the Hardware Token Model

    A protocol for secure two-party computation allows two mutually distrustful parties to jointly compute a function f of their respective inputs, x and y, in a way that does not reveal anything beyond the value f (x; y) being computed. Soon after the introduction of this powerful notion, it was...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    SPHF-Friendly Non-Interactive Commitments

    In 2009, the author proposed a reasonably practical Password-Authenticated Key Exchange (PAKE) secure against adaptive adversaries in the Universal Composability (UC) framework. It exploited the canetti-fischlin methodology for commitments and the cramer-shoup Smooth Projective Hash Functions (SPHFs), following the gennaro-lindell approach for PAKE. In this paper, the authors revisit the...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Leakage Resilient Fully Homomorphic Encryption

    The authors construct the first leakage resilient variants of Fully Homomorphic Encryption (FHE) schemes. Their leakage model is bounded adaptive leakage resilience. They first construct a leakage-resilient leveled FHE scheme, meaning the scheme is both leakage resilient and homomorphic for all circuits of depth less than some pre-established maximum set...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    On the Relation of Random Grid, Probabilistic and Deterministic Visual Cryptography

    Visual cryptography is a special type of secret sharing. Two models of visual cryptography have been independently studied: deterministic visual cryptography, random grid visual cryptography, introduced by the researchers. In the context of the deterministic model, the researcher has introduced a third model, the probabilistic visual cryptography model. The connection...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    NICV: Normalized Inter-Class Variance for Detection of Side-Channel Leakage

    Side-Channel Attacks (SCA) is considered a serious threat against embedded cryptography. Therefore security-critical chips must be tested for SCA resistance before deployment or certification. SCA are powerful but can need a lot of computation power, especially in the presence of countermeasures. The computation complexity of these attacks can be reduced...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Iterated Group Products and Leakage Resilience Against NC1

    The interplay between group theory and computational complexity has been the source of a number of elegant constructions and computational insights. A line of work [Bar89, CM87, BT88, BC92, CL94, Cle91, and IL95] in the late 1980s gave characterizations of various complexity classes in terms of products over finite groups....

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    A Note on Bilinear Groups of a Large Composite Order

    Weil pairing plays a key role in elliptic curve cryptography. The authors remark that the structure of bilinear groups of a large composite order (at least 1024 bits) could make group operation inefficient and lose the advantages of elliptic curve cryptography which gained mainly from smaller parameter size. As of...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Constant-Round Black-Box Construction of Composable Multi-Party Computation Protocol

    The authors present the first general MPC protocol that satisfies the following: the construction is black-box, the protocol is universally composable in the plain model, and the number of rounds is constant. The security of their protocol is proven in angel-based UC security under the assumption of the existence of...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Strongly Secure One-Round Group Authenticated Key Exchange in the Standard Model

    One-round Group Authenticated Key Exchange (GAKE) protocols typically provide implicit authentication and appealing bandwidth efficiency. As a special case of GAKE - the pairing-based one-round Tripartite Authenticated Key Exchange (3AKE), recently gains much attention of research community due to its strong security. Several pairing-based one-round 3AKE protocols have recently been...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Between a Rock and a Hard Place: Interpolating Between MPC and FHE

    In the last few years computing on encrypted data via either Fully Homomorphic Encryption (FHE) or Multi-Party Computation (MPC) has been subject to a remarkable number of improvements. Firstly, FHE was shown to be possible; and this was quickly followed by a variety of applications and performance improvements. Secondly, whilst...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Tamper Resilient Circuits: The Adversary at the Gates

    In this paper the authors initiate the investigation of gate-tampering attacks against cryptographic circuits. Their model is motivated by the plausibility of tampering directly with circuit gates and by the increasing use of tamper resilient gates among the known constructions that are shown to be resilient against wire-tampering adversaries. They...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Secure Multiparty Computations on BitCoin

    BitCoin is a decentralized digital currency, introduced in 2008, that has recently gained noticeable popularity. Its main features are: it lacks a central authority that controls the transactions, the list of transactions is publicly available, and its syntax allows more advanced transactions than simply transferring the money. This paper show...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Data Security in Cloud Architecture Based on Diffie Hellman and Elliptical Curve Cryptography

    Technological advancements in cloud computing due to increased connectivity and exponentially proliferating data has resulted in migration towards cloud architecture. Cloud computing is technology where the users' can use high end services in form of software that reside on different servers and access data from all over the world. Cloud...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Notions of Black-Box Reductions, Revisited

    Reductions are the common technique to prove security of cryptographic constructions based on a primitive. They take an allegedly successful adversary against the construction and turn it into a successful adversary against the underlying primitive. To a large extent, these reductions are black-box in the sense that they consider the...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Linearly Homomorphic Structure Preserving Signatures: New Methodologies and Applications

    In this paper the authors introduced the notion of Linearly Homomorphic Structure Preserving Signatures (LHSPS) as a tool to perform verifiable computation on encrypted data and to create constant-size non malleable commitments to group elements. In this paper they improve their understanding of LH- SPS by putting forward new methodologies...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    New Insight into the Isomorphism of Polynomial Problem IP1S and its Use in Cryptography

    In this paper the authors investigate the mathematical structure of the \"Isomorphism of Polynomial with One Secret\" problem (IP1S). Their purpose is to understand why for practical parameter values of IP1S most random instances are easily solvable. They show that the structure of the problem is directly linked to the...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Homomorphic Authenticated Encryption Secure Against Chosen-Ciphertext Attack

    The authors study homomorphic authenticated encryption, where privacy and authenticity of data are protected simultaneously. They define homomorphic versions of various security notions for privacy and authenticity, and investigate relations between them. In particular, they show that it is possible to give a natural definition of IND-CCA for homomorphic authenticated...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Behind the Scene of Side Channel Attacks

    Since the introduction of side channel attacks in the nineties, a large amount of work has been devoted to their effectiveness and efficiency improvements. On the one side, general results and conclusions are drawn in theoretical frameworks, but the latter ones are often set in a too ideal context to...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Obfuscation from Semantically-Secure Multi-Linear Encodings

    The goal of program obfuscation is to \"Scramble\" a computer program, hiding its implementation details (making it hard to \"Reverse-engineer\"), while preserving the functionality (i.e, input/output behavior) of the program. Precisely defining what it means to \"Scramble\" a program is non-trivial: on the one hand, the authors want a definition...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2013

    Complete and Unified Group Laws are not Enough for Elliptic Curve Cryptography

    In several recent publications normal forms for elliptic curves are proposed that have some advantages over the typical Weierstrass versions, like faster, complete, or unified group laws. Though all of these constructions are very interesting from a purely mathematical point of view, they fall short of suitability for cryptographic application...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2013

    Revocable Identity-Based Encryption Revisited: Security Model and Construction

    In ACM CCS 2008, the researcher proposed an elegant way of achieving an Identity-Based Encryption (IBE) with efficient revocation, which the authors call Revocable IBE (RIBE). One of the significant benefits of their construction is scalability, where the overhead of the trusted authority is logarithmically increased in the number of...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2013

    Rate-Limited Secure Function Evaluation: Definitions and Constructions

    The authors introduce the notion of Rate-Limited Secure Function Evaluation (RL-SFE). Loosely speaking, in an RL-SFE protocol participants can monitor and limit the number of distinct inputs (i.e., rate) used by their counterparts in multiple executions of an SFE, in a private and verifiable manner. The need for RL-SFE naturally...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2013

    The IITM Model: a Simple and Expressive Model for Universal Composability

    The universal composability paradigm allows for the modular design and analysis of cryptographic protocols. It has been widely and successfully used in cryptography. However, devising a coherent yet simple and expressive model for universal composability is, as the history of such models shows, highly non-trivial. For example, several partly severe...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2013

    Anonymity Guarantees of the UMTS/LTE Authentication and Connection Protocol

    The UMTS/LTE protocol for mobile phone networks has been designed to offer a limited form of anonymity for mobile phone users. In this paper the authors quantify precisely what this limited form of anonymity actually provides via a formal security model. The model considers an execution where the home and...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2014

    Improved Differential Fault Attack on MICKEY 2.0

    In this paper the authors describe several ideas related to Differential Fault Attack (DFA) on MICKEY 2.0, a stream cipher from eStream hardware profile. Using the standard assumptions for fault attacks, they first show that if the adversary can induce random single bit faults in the internal state of the...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2013

    Detection of Cheaters in Non-Interactive Polynomial Evaluation

    Secure MultiParty Computation (MPC for short) enables multiple players to cooperatively compute arbitrary function without revealing its inputs. Because of its importance in cryptography, there have been presented various type of MPCs based on various techniques so far. Among them, the technique utilizing multiplicative property of certain secret sharing schemes...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2012

    Complexity of Multi-Party Computation Functionalities

    Computational complexity studies the amount of computational resources needed for a computing device to evaluate various functions. In this setting, a function takes a single input and produces a single output. (Indeed, multiple input and output values can simply be encoded as single values.) However, in the cryptographic context of...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2013

    Lower Bounds on the Information Ratio of Linear Secret Sharing Schemes

    In a secret sharing scheme, a secret value is distributed into shares among a set of participants in such a way that only the qualified sets of participants can recover the secret value, while no information at all on the secret value is provided by the shares from an unqualified...

    Provided By International Association for Cryptologic Research

  • White Papers // Apr 2013

    Cryptanalysis and Improvement of Akleylek Et Al.' s Cryptosystem

    The researcher introduced a modified public-key encryption scheme with steganographic approach for security in Peer-To-Peer (P2P) networks. In this cryptosystem, the researcher attempt to increase security of the P2P networks by mixing ElGamal cryptosystem with knapsack problem. In this paper, the authors present a ciphertext-only attack against their system to...

    Provided By International Association for Cryptologic Research

  • White Papers // Jun 2013

    Garbled Circuits Checking Garbled Circuits: More Efficient and Secure Two-Party Computation

    Applying cut-and-choose techniques to Yao's garbled circuit protocol has been a promising approach for designing efficient Two-Party Computation (2PC) with malicious and covert security, as is evident from various optimizations and software implementations in the recent years. The authors revisit the security and efficiency properties of this popular approach and...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2013

    On Constructions of MDS Matrices from Companion Matrices for Lightweight Cryptography

    Claude Shannon, in this paper \"Communication theory of secrecy systems\", defined confusion and diffusion as two properties, required for the design of block ciphers. In, Heys and Tavares showed that the replacement of the permutation layer of Substitution Permutation Networks (SPNs) with a diffusive linear transformation improves the avalanche characteristics...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2013

    CRT-Based Fully Homomorphic Encryption Over the Integers

    The researchers introduced the basic concept of privacy homomorphism that allows computation on encrypted data without decryption. It was elegant work that precedes the recent development of fully homomorphic encryption schemes although there were found some security flaws, e.g., ring homomorphic schemes are broken by the known plaintext attacks. In...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2013

    Cryptanalysis of the Dragon'y Key Exchange Protocol

    Dragonfly is a password authenticated key exchange protocol specified by the researcher for exchanging session keys with mutual authentication within mesh networks. Recently, Harkins submitted a variant of the protocol to the Internet Engineering Task Force (IETF) as a candidate standard for general Internet use. The authors observe that both...

    Provided By International Association for Cryptologic Research

  • White Papers // Aug 2013

    Zero-Knowledge Using Garbled Circuits or How To Prove Non-Algebraic Statements Efficiently

    Zero-knowledge protocols are one of the fundamental concepts in modern cryptography and have countless applications. However, after more than 30 years from their introduction, there are only very few languages (essentially those with a group structure) for which the authors can construct zero-knowledge protocols that are efficient enough to be...

    Provided By International Association for Cryptologic Research

  • White Papers // Jun 2013

    On the Function Field Sieve and the Impact of Higher Splitting Probabilities

    When it comes to selecting appropriate parameters for public-key cryptosystems, one invariably observes a trade-off between security and efficiency. At a most basic level, for example, larger keys usually mean higher security, but worse performance. A related rule of thumb which one does well to keep in mind is that...

    Provided By International Association for Cryptologic Research

  • White Papers // Apr 2013

    UC-Secure Multi-Session OT Using Tamper-Proof Hardware Tokens

    In this paper, the authors show the first UC-secure multi-session OT protocol using tamper-proof hardware tokens. The sender and the receiver exchange tokens only at the beginning. Then these tokens are reused in arbitrarily many sessions of OT. The proposed scheme is UC-secure against static adversaries if the DDH assumption...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Between a Rock and a Hard Place: Interpolating Between MPC and FHE

    In the last few years computing on encrypted data via either Fully Homomorphic Encryption (FHE) or Multi-Party Computation (MPC) has been subject to a remarkable number of improvements. Firstly, FHE was shown to be possible; and this was quickly followed by a variety of applications and performance improvements. Secondly, whilst...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2013

    Filtered Nonlinear Cryptanalysis of Reduced-Round Serpent, and the Wrong-Key Randomization Hypothesis

    The authors present a deterministic algorithm to find nonlinear S-box approximations, and a new non-linear cryptanalytic technique; the \"Filtered\" nonlinear attack, which achieves the lowest data complexity of any known-plaintext attack on reduced-round serpent so far. They demonstrate that the wrong-key randomization hypothesis is not entirely valid for attacks on...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2013

    Biclique Cryptanalysis of the Full-Round KLEIN Block Cipher

    Biclique cryptanalysis, first introduced in cryptanalysis of AES, is the most recent technique for security evaluation of block ciphers. Soon after publishing the seminal paper of AES cryptanalysis, lots of cryptanalytical results on the other block ciphers were proposed. Biclique cryptanalysis often breaks the full version of the cipher with...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2013

    Batch Fully Homomorphic Encryption Over the Integers

    Fully Homomorphic Encryption (FHE) allows a worker to perform implicit additions and multiplications on plaintext values while exclusively manipulating encrypted data. The authors extend the fully homomorphic encryption scheme over the integers of (DGHV) to batch fully homomorphic encryption, i.e. to a scheme that supports encrypting and homomorphically processing a...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2013

    Aggregate and Verifiably Encrypted Signatures from Multilinear Maps without Random Oracles

    Aggregate signatures provide bandwidth-saving aggregation of ordinary signatures. The authors present the first unrestricted instantiation in the standard model; moreover, their construction yields a multi-signature scheme where a single message is signed by a number of signers. Their second result is an application to verifiably encrypted signatures. There, signers encrypt...

    Provided By International Association for Cryptologic Research

  • White Papers // Jul 2013

    New Smooth Projective Hash Functions and One-Round Authenticated Key Exchange

    Password-Authenticated Key Exchange (PAKE) has received deep attention in the last few years, with a recent improvement by the researchers, and their one-round protocols: the two players just have to send simultaneous flows to each other, which depend on their own passwords only, to agree on a shared high entropy...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2013

    Efficient Delegation of Key Generation and Revocation Functionalities in Identity-Based Encryption

    In the public key cryptosystems, revocation functionality is required when a secret key is corrupted by hacking or the period of a contract expires. In the public key infrastructure setting, numerous solutions have been proposed, and in the Identity Based Encryption (IBE) setting, a recent series of papers proposed revocable...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2013

    CCA-Secure IB-KEM from Identity-Based Extractable Hash Proof System

    In this paper, the authors introduce a general paradigm called Identity-Based Extractable Hash Proof System (IB-EHPS), which is an extension of Extractable Hash Proof System (EHPS) proposed by wee (CRYPTO '10). They show how to construct Identity-Based Key Encapsulation Mechanism (IB-KEM) from IB-EHPS in a simple and modular fashion. Their...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2013

    Provable Security of S-BGP and Other Path Vector Protocols: Model, Analysis and Extensions

    In this paper the authors provide the provable-security treatment of path vector routing protocols. They first design a security definition for routing path vector protocols by studying, generalizing, and formalizing numerous known threats. Their model incorporates three major security goals. It is quite strong, yet simple to use. They prove...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2013

    Revocable Identity-Based Encryption: Security Model and Construction

    The researchers proposed an elegant way of achieving an Identity-Based Encryption (IBE) with efficient revocation, which they call Revocable IBE (RIBE). One of the significant benefits of their construction is scalability, where the overhead of the trusted authority is logarithmically increased in the number of users, whereas that in the...

    Provided By International Association for Cryptologic Research

  • White Papers // Aug 2013

    On Formal and Automatic Security Verification of WSN Transport Protocols

    In this paper, the authors address the problem of formal and automated security verification of WSN transport protocols that may perform cryptographic operations. The verification of this class of protocols is difficult because they typically consist of complex behavioral characteristics, such as real-time, probabilistic, and cryptographic operations. To solve this...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2013

    Non-Black-Box Simulation from One-Way Functions and Applications to Resettable Security

    The simulation paradigm, introduced by the researchers, is of fundamental importance to modern cryptography. In a breakthrough work from 2001, barak (FOCS'01) introduced a novel non-black-box simulation technique. This technique enabled the construction of new cryptographic primitives, such as resettably-sound zero-knowledge arguments, that cannot be proven secure using just black-box...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Property Preserving Symmetric Encryption

    The authors proposed the notion of Property Preserving symmetric Encryption (PPEnc). They defined several security notions for PPEnc and studied their relationship. They also proposed a concrete scheme which preserves the orthogonality of encrypted vectors. The proposed construction is claimed to achieve the strongest security notion of property preserving encryption,...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Verifier-Based Password-Authenticated Key Exchange: New Models and Constructions

    While Password-Authenticated Key Exchange (or PAKE) protocols have been deeply studied, a server corruption remains the main threat, with many concrete cases nowadays. Verifier-based PAKE (or VPAKE) protocols, initially called augmented-PAKE, have been proposed to limit the impact of any leakage. However, no satisfactory security model has ever been proposed...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Power and Timing Side Channels for PUFs and their Efficient Exploitation

    The authors discuss the first power and timing side channels on Strong Physical Unclonable Functions (Strong PUFs) in the literature, and describe their efficient exploitation via adapted Machine Learning (ML) techniques. Their method is illustrated by the example of the two currently most secure (CCS 2010, IEEE T-IFS 2013) electrical...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Weakness of Several Identity-Based Tripartite Authenticated Key Agreement Protocols

    It is necessary to guarantee confidentiality, integrity and other security services for the communication parties over the open network. Key agreement allows multi-parties exchanging public information to create a common secret key that is known only to those entities over an insecure network. In recent years, several identity-based authenticated key...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    How to Keep a Secret: Leakage Deterring Public-key Cryptography

    How is it possible to prevent the sharing of cryptographic functions? This question appears to be fundamentally hard to address since in this setting the owner of the key is the adversary: they wishes to share a program or device that (potentially only partly) implements the users' main cryptographic functionality....

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2011

    Making NTRU as Secure as Worst-Case Problems Over Ideal Lattices

    NTRUEncrypt, proposed in 1996 by the researchers, is the fastest known lattice-based encryption scheme. Its moderate key-sizes, excellent asymptotic performance and conjectured resistance to quantum computers could make it a desirable alternative to factorization and discrete-log based encryption schemes. However, since its introduction, doubts have regularly arisen on its security....

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2011

    Pushing the Limits: A Very Compact and a Threshold Implementation of AES

    The authors' contribution is twofold: first they describe a very compact hardware implementation of AES-128, which requires only 2400 GE. This is to the best of their knowledge the smallest implementation reported so far. Then they apply the threshold countermeasure by researcher to the AES S-box and yield an implementation...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2011

    Semi-Homomorphic Encryption and Multiparty Computation

    An additively-homomorphic encryption scheme enables the authors to compute linear functions of an encrypted input by manipulating only the ciphertexts. They define the relaxed notion of a semi-homomorphic encryption scheme, where the plaintext can be recovered as long as the computed function does not increase the size of the input...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2011

    Computer-Aided Security Proofs for the Working Cryptographer

    The authors present EasyCrypt, an automated tool for elaborating security proofs of cryptographic systems from proof sketches - compact, formal representations of the essence of a proof as a sequence of games and hints. Proof sketches are checked automatically using off-the-shelf SMT solvers and automated theorem provers, and then compiled...

    Provided By International Association for Cryptologic Research

  • White Papers // Jun 2011

    Fully Homomorphic Encryption Over the Integers with Shorter Public Keys

    In this paper the authors reduce the public key size by encrypting with a quadratic form in the public key elements, instead of a linear form. They prove that the scheme remains semantically secure, based on a stronger variant of the approximate-GCD problem, already considered by researcher. They also describe...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2013

    Fully Homomorphic Encryption from Ring-LWE and Security for Key Dependent Messages

    The authors present a somewhat homomorphic encryption scheme that is both very simple to describe and analyze, and whose security (quantumly) reduces to the worst-case hardness of problems on ideal lattices. They then transform it into a fully homomorphic encryption scheme using standard \"Squashing\" and \"Bootstrapping\" techniques introduced by gentry...

    Provided By International Association for Cryptologic Research