International Association for Cryptologic Research

Displaying 1-40 of 448 results

  • White Papers // Dec 2014

    Security Weaknesses of an "Anonymous Attribute Based Encryption: Appeared in Asiaccs'13

    Attribute-Based Encryption (ABE) has found enormous application in ne-grained access control of shared data, particularly in public cloud. The researcher proposed a scheme called match-then-decrypt, where before running the decryption algorithm the user requires to perform a match operation with attribute(s) that provides the required information to identify whether a...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2014

    Armadillo: A Compilation Chain for Privacy Preserving Applications

    "In parallel with the research work which has lead to dramatic improvements with respect to the computational overhead of homomorphic encryption the compilation and parallelism community has also started to grow a strong interest to homomorphic encryption techniques as a new execution environment for computer programs with a highly promising...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2014

    Cryptanalysis of Full PRIDE Block Cipher

    "Due to the rapidly growing impact of mobile phones, smart cards, RFID tags and sensor networks, lightweight cryptography which is suitable for such resource-constrained devices becomes more and more important. PRIDE is a lightweight block ciphers designed by Albrecht et al., appears in CRYPTO 2014. The designers claim that the...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2014

    Web Tap Payment Authentication and Encryption With Zero Customer Effort

    "In tap-card-pay application (app), the authors remove the keyboarding from the customer and add the simplicity of tapping the credit card on the Smartphone when the customer tries to checkout on the merchant's webpage. They propose a public-key authentication and encryption application that secures the messages between Tap-Card-Pay application, Tap-Card-Pay...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2014

    A Proxy Re-Encryption Scheme With the Unforgeability of Re-Encryption Keys Against Collusion Attacks

    "Proxy Re-Encryption (PRE) schemes are cryptosystems which allow a proxy who has a re-encryption key to convert a cipher-text originally encrypted for one party into a cipher-text which can be decrypted by another party. In, Hayashi et al. proposed the new security notion for PRE called ""Unforgeability of Re-encryption Keys...

    Provided By International Association for Cryptologic Research

  • White Papers // Sep 2014

    Decoy-Based Information Security

    "In this paper, the authors discuss an emerging concept of decoy-based information security, or security without computational assumptions. In particular, they show how this concept can be implemented to provide security against (passive) computationally unbounded adversary in some public-key encryption protocols. In the world of symmetric cryptography, decoy-based security finds...

    Provided By International Association for Cryptologic Research

  • White Papers // Sep 2014

    A Survey of Fault Attacks in Pairing Based Cryptography

    "The latest implementations of pairings allow efficient schemes for pairing based cryptography. These make the use of pairings suitable for small and constrained devices (Smartphone's, smart cards) in addition to more powerful platforms. As for any cryptographic algorithm which may be deployed in insecure locations, these implementations must be secure...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2014

    Efficient Fuzzy Search on Encrypted Data

    The authors study the problem of efficient (sub-linear) fuzzy search on encrypted outsourced data, in the symmetric-key setting. In particular, a user who stores encrypted data on a remote untrusted server forms queries that enable the server to efficiently locate the records containing the requested keywords, even though the user...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2014

    Verifiable Delegated Set Intersection Operations on Outsourced Encrypted Data

    The authors initiate the study of the following problem: suppose Alice and Bob would like to outsource their encrypted private data sets to the cloud, and they also want to conduct the set intersection operation on their plaintext data sets. The straightforward solution for them is to download their outsourced...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2014

    Non-Interactive Cryptography in the RAM Model of Computation

    Using recently developed techniques for program obfuscation, the authors show several constructions of non-interactive cryptosystems in the Random-Access Machine (RAM) model of computation that are asymptotically more efficient than what would be obtained using generic RAM-to-circuit compilation. In particular, let T denote the running time and n the memory size...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Outsourcing Private RAM Computation

    The authors construct the first schemes that allow a client to privately outsource arbitrary program executions to a remote server while ensuring that: the client's work is small and essentially independent of the complexity of the computation being outsourced, and the server's work is only proportional to the run-time of...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Reducing the Overhead of Cloud MPC

    The authors present a secure Multi-Party Computation (MPC) protocol in the honest-majority setting, which aims to reduce the communication costs in the situation where there are a large number of parties (as in a cloud scenario). Their goal is to reduce the usage of point-to-point channels, so as to enable...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Garbled RAM Revisited Part II

    In EUROCRYPT 2013, Lu and Ostrovsky proposed the notion of Garbled RAM (GRAM) programs. These GRAM programs are analogous to the classic result of Yao's garbled circuits: a large encrypted memory can first be provided to evaluator, and then a program can separately be garbled and sent to an evaluator...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Garbled RAM Revisited Part I

    The notion of garbled Random-Access Machines (garbled RAMs) was introduced by Lu and Ostrovsky (Eurocrypt 2013). It can be seen as an analogue of Yao's garbled circuits that allows a user to garble a RAM program directly, without performing the expensive step of converting it into a circuit. In particular,...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2014

    Improved Differential Fault Attack on MICKEY 2.0

    In this paper the authors describe several ideas related to Differential Fault Attack (DFA) on MICKEY 2.0, a stream cipher from eStream hardware profile. Using the standard assumptions for fault attacks, they first show that if the adversary can induce random single bit faults in the internal state of the...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Power and Timing Side Channels for PUFs and their Efficient Exploitation

    The authors discuss the first power and timing side channels on Strong Physical Unclonable Functions (Strong PUFs) in the literature, and describe their efficient exploitation via adapted Machine Learning (ML) techniques. Their method is illustrated by the example of the two currently most secure (CCS 2010, IEEE T-IFS 2013) electrical...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Property Preserving Symmetric Encryption

    The authors proposed the notion of Property Preserving symmetric Encryption (PPEnc). They defined several security notions for PPEnc and studied their relationship. They also proposed a concrete scheme which preserves the orthogonality of encrypted vectors. The proposed construction is claimed to achieve the strongest security notion of property preserving encryption,...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    How to Keep a Secret: Leakage Deterring Public-key Cryptography

    How is it possible to prevent the sharing of cryptographic functions? This question appears to be fundamentally hard to address since in this setting the owner of the key is the adversary: they wishes to share a program or device that (potentially only partly) implements the users' main cryptographic functionality....

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Weakness of Several Identity-Based Tripartite Authenticated Key Agreement Protocols

    It is necessary to guarantee confidentiality, integrity and other security services for the communication parties over the open network. Key agreement allows multi-parties exchanging public information to create a common secret key that is known only to those entities over an insecure network. In recent years, several identity-based authenticated key...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Chosen Ciphertext Secure (CCS): Symmetric Key CCA Encryption with Minimal Ciphertext Expansion

    In some wireless environments, minimizing the size of messages is paramount due to the resulting significant energy savings. The authors present a new symmetric encryption scheme: CCS or Chosen Cipher-text Secure scheme. CCS has the property that modifications to the cipher-text randomize the resulting plaintext. Using this property, they prove...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    CBEAM: Efficient Authenticated Encryption from Feebly One-Way Functions

    The authors show how efficient and secure cryptographic mixing functions can be constructed from low-degree rotation-invariant functions rather than conventional S-Boxes. These novel functions have surprising properties; many exhibit inherent feeble (Boolean circuit) one-wayness and offer speed/area trade-offs unobtainable with traditional constructs. Recent theoretical results indicate that even if the...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Beyond Modes: Building a Secure Record Protocol from a Cryptographic Sponge Permutation

    Blinker is a light-weight cryptographic suite and record protocol built from a single permutation. Its design is based on the sponge construction used by the SHA-3 algorithm keccak. The authors examine the SpongeWrap authenticated encryption mode and expand its padding mechanism to offer explicit domain separation and enhanced security for...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Lattice Signatures and Bimodal Gaussians

    The authors' main result is a construction of a lattice-based digital signature scheme that represents an improvement, both in theory and in practice, over today's most efficient lattice schemes. The novel scheme is obtained as a result of a modification of the rejection sampling algorithm that is at the heart...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Functional Encryption for Randomized Functionalities

    Originally, encryption was thought of as a way to encrypt \"Point-to-point\" communication. However, in the contemporary world with cloud computing and complex networks, it has become clear that the people need encryption to offer more functionality. In this paper, the authors present the first definitions and constructions for functional encryption...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Verifier-Based Password-Authenticated Key Exchange: New Models and Constructions

    While Password-Authenticated Key Exchange (or PAKE) protocols have been deeply studied, a server corruption remains the main threat, with many concrete cases nowadays. Verifier-based PAKE (or VPAKE) protocols, initially called augmented-PAKE, have been proposed to limit the impact of any leakage. However, no satisfactory security model has ever been proposed...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    RDAS: A Symmetric Key Scheme for Authenticated Query Processing in Outsourced Databases

    In this paper the authors address the problem of authenticated query processing in outsourced databases. An authenticated query processing mechanism allows a client to verify the validity of the query responses that it gets from an untrusted and remote server, who stores the client's database on its behalf. They introduce...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Towards Leakage Exploitation Rate Optimality in Template Attack

    Template attack is widely accepted to be one of the most powerful side-channel attacks, because it is usually assumed that one has a full knowledge of the targeted crypto devices and thus be well capable of characterizing the side-channel leakages. However, the question of whether template attack is really optimal...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Formal Analysis of CRT-RSA Vigilant's Countermeasure Against the BellCoRe Attack

    In the authors' paper at PROOFS 2013, they formally studied a few known countermeasures to protect CRT- RSA against the BellCoRe fault injection attack. However, they left vigilant's countermeasure and its alleged repaired version by the researcher as future work, because the arithmetical framework of their tool was not sufficiently...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Lower Bounds in the Hardware Token Model

    A protocol for secure two-party computation allows two mutually distrustful parties to jointly compute a function f of their respective inputs, x and y, in a way that does not reveal anything beyond the value f (x; y) being computed. Soon after the introduction of this powerful notion, it was...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    SPHF-Friendly Non-Interactive Commitments

    In 2009, the author proposed a reasonably practical Password-Authenticated Key Exchange (PAKE) secure against adaptive adversaries in the Universal Composability (UC) framework. It exploited the canetti-fischlin methodology for commitments and the cramer-shoup Smooth Projective Hash Functions (SPHFs), following the gennaro-lindell approach for PAKE. In this paper, the authors revisit the...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Leakage Resilient Fully Homomorphic Encryption

    The authors construct the first leakage resilient variants of Fully Homomorphic Encryption (FHE) schemes. Their leakage model is bounded adaptive leakage resilience. They first construct a leakage-resilient leveled FHE scheme, meaning the scheme is both leakage resilient and homomorphic for all circuits of depth less than some pre-established maximum set...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    On the Relation of Random Grid, Probabilistic and Deterministic Visual Cryptography

    Visual cryptography is a special type of secret sharing. Two models of visual cryptography have been independently studied: deterministic visual cryptography, random grid visual cryptography, introduced by the researchers. In the context of the deterministic model, the researcher has introduced a third model, the probabilistic visual cryptography model. The connection...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Iterated Group Products and Leakage Resilience Against NC1

    The interplay between group theory and computational complexity has been the source of a number of elegant constructions and computational insights. A line of work [Bar89, CM87, BT88, BC92, CL94, Cle91, and IL95] in the late 1980s gave characterizations of various complexity classes in terms of products over finite groups....

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    A Note on Bilinear Groups of a Large Composite Order

    Weil pairing plays a key role in elliptic curve cryptography. The authors remark that the structure of bilinear groups of a large composite order (at least 1024 bits) could make group operation inefficient and lose the advantages of elliptic curve cryptography which gained mainly from smaller parameter size. As of...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Constant-Round Black-Box Construction of Composable Multi-Party Computation Protocol

    The authors present the first general MPC protocol that satisfies the following: the construction is black-box, the protocol is universally composable in the plain model, and the number of rounds is constant. The security of their protocol is proven in angel-based UC security under the assumption of the existence of...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    NICV: Normalized Inter-Class Variance for Detection of Side-Channel Leakage

    Side-Channel Attacks (SCA) is considered a serious threat against embedded cryptography. Therefore security-critical chips must be tested for SCA resistance before deployment or certification. SCA are powerful but can need a lot of computation power, especially in the presence of countermeasures. The computation complexity of these attacks can be reduced...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Strongly Secure One-Round Group Authenticated Key Exchange in the Standard Model

    One-round Group Authenticated Key Exchange (GAKE) protocols typically provide implicit authentication and appealing bandwidth efficiency. As a special case of GAKE - the pairing-based one-round Tripartite Authenticated Key Exchange (3AKE), recently gains much attention of research community due to its strong security. Several pairing-based one-round 3AKE protocols have recently been...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Between a Rock and a Hard Place: Interpolating Between MPC and FHE

    In the last few years computing on encrypted data via either Fully Homomorphic Encryption (FHE) or Multi-Party Computation (MPC) has been subject to a remarkable number of improvements. Firstly, FHE was shown to be possible; and this was quickly followed by a variety of applications and performance improvements. Secondly, whilst...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Tamper Resilient Circuits: The Adversary at the Gates

    In this paper the authors initiate the investigation of gate-tampering attacks against cryptographic circuits. Their model is motivated by the plausibility of tampering directly with circuit gates and by the increasing use of tamper resilient gates among the known constructions that are shown to be resilient against wire-tampering adversaries. They...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Secure Multiparty Computations on BitCoin

    BitCoin is a decentralized digital currency, introduced in 2008, that has recently gained noticeable popularity. Its main features are: it lacks a central authority that controls the transactions, the list of transactions is publicly available, and its syntax allows more advanced transactions than simply transferring the money. This paper show...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2006

    Improving SHA-2 Hardware Implementations

    In this paper the authors propose a set of new techniques to improve the implementation of the SHA-2 hashing algorithm. These techniques consist mostly in operation rescheduling and hardware reutilization, allowing a significant reduction of the critical path while the required area also decreases. Both SHA256 and SHA512 hash functions...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2014

    Armadillo: A Compilation Chain for Privacy Preserving Applications

    "In parallel with the research work which has lead to dramatic improvements with respect to the computational overhead of homomorphic encryption the compilation and parallelism community has also started to grow a strong interest to homomorphic encryption techniques as a new execution environment for computer programs with a highly promising...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2014

    Cryptanalysis of Full PRIDE Block Cipher

    "Due to the rapidly growing impact of mobile phones, smart cards, RFID tags and sensor networks, lightweight cryptography which is suitable for such resource-constrained devices becomes more and more important. PRIDE is a lightweight block ciphers designed by Albrecht et al., appears in CRYPTO 2014. The designers claim that the...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2014

    Web Tap Payment Authentication and Encryption With Zero Customer Effort

    "In tap-card-pay application (app), the authors remove the keyboarding from the customer and add the simplicity of tapping the credit card on the Smartphone when the customer tries to checkout on the merchant's webpage. They propose a public-key authentication and encryption application that secures the messages between Tap-Card-Pay application, Tap-Card-Pay...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2014

    A Proxy Re-Encryption Scheme With the Unforgeability of Re-Encryption Keys Against Collusion Attacks

    "Proxy Re-Encryption (PRE) schemes are cryptosystems which allow a proxy who has a re-encryption key to convert a cipher-text originally encrypted for one party into a cipher-text which can be decrypted by another party. In, Hayashi et al. proposed the new security notion for PRE called ""Unforgeability of Re-encryption Keys...

    Provided By International Association for Cryptologic Research

  • White Papers // Sep 2014

    Decoy-Based Information Security

    "In this paper, the authors discuss an emerging concept of decoy-based information security, or security without computational assumptions. In particular, they show how this concept can be implemented to provide security against (passive) computationally unbounded adversary in some public-key encryption protocols. In the world of symmetric cryptography, decoy-based security finds...

    Provided By International Association for Cryptologic Research

  • White Papers // Sep 2014

    A Survey of Fault Attacks in Pairing Based Cryptography

    "The latest implementations of pairings allow efficient schemes for pairing based cryptography. These make the use of pairings suitable for small and constrained devices (Smartphone's, smart cards) in addition to more powerful platforms. As for any cryptographic algorithm which may be deployed in insecure locations, these implementations must be secure...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2014

    Security Weaknesses of an "Anonymous Attribute Based Encryption: Appeared in Asiaccs'13

    Attribute-Based Encryption (ABE) has found enormous application in ne-grained access control of shared data, particularly in public cloud. The researcher proposed a scheme called match-then-decrypt, where before running the decryption algorithm the user requires to perform a match operation with attribute(s) that provides the required information to identify whether a...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2013

    Throughput Optimized Implementations of QUAD

    The authors present several software and hardware implementations of QUAD, a recently introduced stream cipher designed to be provably secure and practical to implement. The software implementations target both a personal computer and an ARM microprocessor. The hardware implementations target field programmable gate arrays. The purpose of their work was...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2013

    Succinct Non-Interactive Zero Knowledge Arguments from Span Programs and Linear Error-Correcting Codes

    Recently, the researchers proposed an efficient non-interactive zero knowledge argument for Circuit-SAT, based on non-standard notions like conscientious and quadratic span programs. The authors propose a new non-interactive zero knowledge argument, based on a simple combination of standard span programs (that verify the correctness of every individual gate) and high-distance...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2013

    Practical Collision Attack on 40-Step RIPEMD-128

    RIPEMD-128 is an ISO/IEC standard cryptographic hash function proposed in 1996 by the researchers. There are two different and independent parallel lines called line1 operation and line2 operation, and each operation has 64 steps. The results of two line operations are combined at the end of every application of the...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2013

    Oblivious PAKE: Efficient Handling of Password Trials

    In this paper, the authors introduce the notion of Oblivious Password based Authenticated Key Exchange (O-PAKE) and a general compiler to transform a large class of PAKE into O-PAKE protocols. O-PAKE allows a client that shares one password with a server to use a set of passwords within one PAKE...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2013

    Yet Another Attack On the Chinese Remainder Theorem Based Hierarchical Access Control Scheme

    The hierarchical access control scheme based on Chinese Reminder Theorem based Hierarchical Access Control Scheme (CRTHACS) was supposed to be capable of hiding hierarchical structure, but the researcher showed practical attacks on CRTHACS to reveal the hierarchies it hides. Then, the researcher modified it, and gave a new CRTHACS to...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2012

    Iris: A Scalable Cloud File System with Efficient Integrity Checks

    The authors present Iris, a practical, authenticated file system designed to support workloads from large enterprises storing data in the cloud and be resilient against potentially untrustworthy service providers. As a transparent layer enforcing strong integrity guarantees, Iris lets an enterprise tenant maintain a large file system in the cloud....

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2014

    Efficient Fuzzy Search on Encrypted Data

    The authors study the problem of efficient (sub-linear) fuzzy search on encrypted outsourced data, in the symmetric-key setting. In particular, a user who stores encrypted data on a remote untrusted server forms queries that enable the server to efficiently locate the records containing the requested keywords, even though the user...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2014

    Non-Interactive Cryptography in the RAM Model of Computation

    Using recently developed techniques for program obfuscation, the authors show several constructions of non-interactive cryptosystems in the Random-Access Machine (RAM) model of computation that are asymptotically more efficient than what would be obtained using generic RAM-to-circuit compilation. In particular, let T denote the running time and n the memory size...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Outsourcing Private RAM Computation

    The authors construct the first schemes that allow a client to privately outsource arbitrary program executions to a remote server while ensuring that: the client's work is small and essentially independent of the complexity of the computation being outsourced, and the server's work is only proportional to the run-time of...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Garbled RAM Revisited Part II

    In EUROCRYPT 2013, Lu and Ostrovsky proposed the notion of Garbled RAM (GRAM) programs. These GRAM programs are analogous to the classic result of Yao's garbled circuits: a large encrypted memory can first be provided to evaluator, and then a program can separately be garbled and sent to an evaluator...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Garbled RAM Revisited Part I

    The notion of garbled Random-Access Machines (garbled RAMs) was introduced by Lu and Ostrovsky (Eurocrypt 2013). It can be seen as an analogue of Yao's garbled circuits that allows a user to garble a RAM program directly, without performing the expensive step of converting it into a circuit. In particular,...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Reducing the Overhead of Cloud MPC

    The authors present a secure Multi-Party Computation (MPC) protocol in the honest-majority setting, which aims to reduce the communication costs in the situation where there are a large number of parties (as in a cloud scenario). Their goal is to reduce the usage of point-to-point channels, so as to enable...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2014

    Verifiable Delegated Set Intersection Operations on Outsourced Encrypted Data

    The authors initiate the study of the following problem: suppose Alice and Bob would like to outsource their encrypted private data sets to the cloud, and they also want to conduct the set intersection operation on their plaintext data sets. The straightforward solution for them is to download their outsourced...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2013

    CRT-Based Fully Homomorphic Encryption Over the Integers

    The researchers introduced the basic concept of privacy homomorphism that allows computation on encrypted data without decryption. It was elegant work that precedes the recent development of fully homomorphic encryption schemes although there were found some security flaws, e.g., ring homomorphic schemes are broken by the known plaintext attacks. In...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2013

    Cryptanalysis of the Dragon'y Key Exchange Protocol

    Dragonfly is a password authenticated key exchange protocol specified by the researcher for exchanging session keys with mutual authentication within mesh networks. Recently, Harkins submitted a variant of the protocol to the Internet Engineering Task Force (IETF) as a candidate standard for general Internet use. The authors observe that both...

    Provided By International Association for Cryptologic Research

  • White Papers // Aug 2013

    Zero-Knowledge Using Garbled Circuits or How To Prove Non-Algebraic Statements Efficiently

    Zero-knowledge protocols are one of the fundamental concepts in modern cryptography and have countless applications. However, after more than 30 years from their introduction, there are only very few languages (essentially those with a group structure) for which the authors can construct zero-knowledge protocols that are efficient enough to be...

    Provided By International Association for Cryptologic Research

  • White Papers // Jun 2013

    On the Function Field Sieve and the Impact of Higher Splitting Probabilities

    When it comes to selecting appropriate parameters for public-key cryptosystems, one invariably observes a trade-off between security and efficiency. At a most basic level, for example, larger keys usually mean higher security, but worse performance. A related rule of thumb which one does well to keep in mind is that...

    Provided By International Association for Cryptologic Research

  • White Papers // Apr 2013

    UC-Secure Multi-Session OT Using Tamper-Proof Hardware Tokens

    In this paper, the authors show the first UC-secure multi-session OT protocol using tamper-proof hardware tokens. The sender and the receiver exchange tokens only at the beginning. Then these tokens are reused in arbitrarily many sessions of OT. The proposed scheme is UC-secure against static adversaries if the DDH assumption...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Between a Rock and a Hard Place: Interpolating Between MPC and FHE

    In the last few years computing on encrypted data via either Fully Homomorphic Encryption (FHE) or Multi-Party Computation (MPC) has been subject to a remarkable number of improvements. Firstly, FHE was shown to be possible; and this was quickly followed by a variety of applications and performance improvements. Secondly, whilst...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2013

    Filtered Nonlinear Cryptanalysis of Reduced-Round Serpent, and the Wrong-Key Randomization Hypothesis

    The authors present a deterministic algorithm to find nonlinear S-box approximations, and a new non-linear cryptanalytic technique; the \"Filtered\" nonlinear attack, which achieves the lowest data complexity of any known-plaintext attack on reduced-round serpent so far. They demonstrate that the wrong-key randomization hypothesis is not entirely valid for attacks on...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2013

    Biclique Cryptanalysis of the Full-Round KLEIN Block Cipher

    Biclique cryptanalysis, first introduced in cryptanalysis of AES, is the most recent technique for security evaluation of block ciphers. Soon after publishing the seminal paper of AES cryptanalysis, lots of cryptanalytical results on the other block ciphers were proposed. Biclique cryptanalysis often breaks the full version of the cipher with...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Notions of Black-Box Reductions, Revisited

    Reductions are the common technique to prove security of cryptographic constructions based on a primitive. They take an allegedly successful adversary against the construction and turn it into a successful adversary against the underlying primitive. To a large extent, these reductions are black-box in the sense that they consider the...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2013

    Lossy Chains and Fractional Secret Sharing

    In this paper, the authors introduce and study two related notions: lossy chains and fractional secret sharing. They start by describing the latter. Motivated by the goal of controlling the amount of work required to access a shared resource or to solve a cryptographic puzzle, they introduce and study the...

    Provided By International Association for Cryptologic Research

  • White Papers // Sep 2013

    Shorter Quasi-Adaptive NIZK Proofs for Linear Subspaces

    The authors define a novel notion of quasi-adaptive Non-Interactive Zero Knowledge (NIZK) proofs for probability distributions on parametrized languages. It is quasi-adaptive in the sense that the Common Reference String (CRS) generator can generate the CRS depending on the language parameters. However, the simulation is required to be uniform, i.e.,...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2013

    A Full Characterization of Functions that Imply Fair Coin Tossing and Ramifications to Fairness

    It is well known that it is impossible for two parties to toss a coin fairly. This result implies that it is impossible to securely compute with fairness any function that can be used to toss a coin fairly. In this paper, the authors focus on the class of deterministic...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2013

    Compact Hardware Implementations of ChaCha, BLAKE, Threesh, and Skein on FPGA

    The cryptographic hash functions BLAKE and Skein are built from the ChaCha stream cipher and the tweakable Threefish block cipher, respectively. Interestingly enough, they are based on the same arithmetic operations, and the same design philosophy allows one to design lightweight coprocessors for hashing and encryption. The key element of...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2013

    Complete and Unified Group Laws are not Enough for Elliptic Curve Cryptography

    In several recent publications normal forms for elliptic curves are proposed that have some advantages over the typical Weierstrass versions, like faster, complete, or unified group laws. Though all of these constructions are very interesting from a purely mathematical point of view, they fall short of suitability for cryptographic application...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2013

    Revocable Identity-Based Encryption Revisited: Security Model and Construction

    In ACM CCS 2008, the researcher proposed an elegant way of achieving an Identity-Based Encryption (IBE) with efficient revocation, which the authors call Revocable IBE (RIBE). One of the significant benefits of their construction is scalability, where the overhead of the trusted authority is logarithmically increased in the number of...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2013

    Rate-Limited Secure Function Evaluation: Definitions and Constructions

    The authors introduce the notion of Rate-Limited Secure Function Evaluation (RL-SFE). Loosely speaking, in an RL-SFE protocol participants can monitor and limit the number of distinct inputs (i.e., rate) used by their counterparts in multiple executions of an SFE, in a private and verifiable manner. The need for RL-SFE naturally...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2013

    The IITM Model: a Simple and Expressive Model for Universal Composability

    The universal composability paradigm allows for the modular design and analysis of cryptographic protocols. It has been widely and successfully used in cryptography. However, devising a coherent yet simple and expressive model for universal composability is, as the history of such models shows, highly non-trivial. For example, several partly severe...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2013

    Anonymity Guarantees of the UMTS/LTE Authentication and Connection Protocol

    The UMTS/LTE protocol for mobile phone networks has been designed to offer a limited form of anonymity for mobile phone users. In this paper the authors quantify precisely what this limited form of anonymity actually provides via a formal security model. The model considers an execution where the home and...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2014

    Improved Differential Fault Attack on MICKEY 2.0

    In this paper the authors describe several ideas related to Differential Fault Attack (DFA) on MICKEY 2.0, a stream cipher from eStream hardware profile. Using the standard assumptions for fault attacks, they first show that if the adversary can induce random single bit faults in the internal state of the...

    Provided By International Association for Cryptologic Research