International Association for Cryptologic Research

Displaying 1-40 of 444 results

  • White Papers // Mar 2014

    Efficient Fuzzy Search on Encrypted Data

    The authors study the problem of efficient (sub-linear) fuzzy search on encrypted outsourced data, in the symmetric-key setting. In particular, a user who stores encrypted data on a remote untrusted server forms queries that enable the server to efficiently locate the records containing the requested keywords, even though the user...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2014

    Verifiable Delegated Set Intersection Operations on Outsourced Encrypted Data

    The authors initiate the study of the following problem: suppose Alice and Bob would like to outsource their encrypted private data sets to the cloud, and they also want to conduct the set intersection operation on their plaintext data sets. The straightforward solution for them is to download their outsourced...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2014

    Non-Interactive Cryptography in the RAM Model of Computation

    Using recently developed techniques for program obfuscation, the authors show several constructions of non-interactive cryptosystems in the Random-Access Machine (RAM) model of computation that are asymptotically more efficient than what would be obtained using generic RAM-to-circuit compilation. In particular, let T denote the running time and n the memory size...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Outsourcing Private RAM Computation

    The authors construct the first schemes that allow a client to privately outsource arbitrary program executions to a remote server while ensuring that: the client's work is small and essentially independent of the complexity of the computation being outsourced, and the server's work is only proportional to the run-time of...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Reducing the Overhead of Cloud MPC

    The authors present a secure Multi-Party Computation (MPC) protocol in the honest-majority setting, which aims to reduce the communication costs in the situation where there are a large number of parties (as in a cloud scenario). Their goal is to reduce the usage of point-to-point channels, so as to enable...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Garbled RAM Revisited Part II

    In EUROCRYPT 2013, Lu and Ostrovsky proposed the notion of Garbled RAM (GRAM) programs. These GRAM programs are analogous to the classic result of Yao's garbled circuits: a large encrypted memory can first be provided to evaluator, and then a program can separately be garbled and sent to an evaluator...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Garbled RAM Revisited Part I

    The notion of garbled Random-Access Machines (garbled RAMs) was introduced by Lu and Ostrovsky (Eurocrypt 2013). It can be seen as an analogue of Yao's garbled circuits that allows a user to garble a RAM program directly, without performing the expensive step of converting it into a circuit. In particular,...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2014

    Improved Differential Fault Attack on MICKEY 2.0

    In this paper the authors describe several ideas related to Differential Fault Attack (DFA) on MICKEY 2.0, a stream cipher from eStream hardware profile. Using the standard assumptions for fault attacks, they first show that if the adversary can induce random single bit faults in the internal state of the...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Power and Timing Side Channels for PUFs and their Efficient Exploitation

    The authors discuss the first power and timing side channels on Strong Physical Unclonable Functions (Strong PUFs) in the literature, and describe their efficient exploitation via adapted Machine Learning (ML) techniques. Their method is illustrated by the example of the two currently most secure (CCS 2010, IEEE T-IFS 2013) electrical...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Property Preserving Symmetric Encryption

    The authors proposed the notion of Property Preserving symmetric Encryption (PPEnc). They defined several security notions for PPEnc and studied their relationship. They also proposed a concrete scheme which preserves the orthogonality of encrypted vectors. The proposed construction is claimed to achieve the strongest security notion of property preserving encryption,...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    How to Keep a Secret: Leakage Deterring Public-key Cryptography

    How is it possible to prevent the sharing of cryptographic functions? This question appears to be fundamentally hard to address since in this setting the owner of the key is the adversary: they wishes to share a program or device that (potentially only partly) implements the users' main cryptographic functionality....

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Weakness of Several Identity-Based Tripartite Authenticated Key Agreement Protocols

    It is necessary to guarantee confidentiality, integrity and other security services for the communication parties over the open network. Key agreement allows multi-parties exchanging public information to create a common secret key that is known only to those entities over an insecure network. In recent years, several identity-based authenticated key...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Chosen Ciphertext Secure (CCS): Symmetric Key CCA Encryption with Minimal Ciphertext Expansion

    In some wireless environments, minimizing the size of messages is paramount due to the resulting significant energy savings. The authors present a new symmetric encryption scheme: CCS or Chosen Cipher-text Secure scheme. CCS has the property that modifications to the cipher-text randomize the resulting plaintext. Using this property, they prove...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    CBEAM: Efficient Authenticated Encryption from Feebly One-Way Functions

    The authors show how efficient and secure cryptographic mixing functions can be constructed from low-degree rotation-invariant functions rather than conventional S-Boxes. These novel functions have surprising properties; many exhibit inherent feeble (Boolean circuit) one-wayness and offer speed/area trade-offs unobtainable with traditional constructs. Recent theoretical results indicate that even if the...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Beyond Modes: Building a Secure Record Protocol from a Cryptographic Sponge Permutation

    Blinker is a light-weight cryptographic suite and record protocol built from a single permutation. Its design is based on the sponge construction used by the SHA-3 algorithm keccak. The authors examine the SpongeWrap authenticated encryption mode and expand its padding mechanism to offer explicit domain separation and enhanced security for...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Lattice Signatures and Bimodal Gaussians

    The authors' main result is a construction of a lattice-based digital signature scheme that represents an improvement, both in theory and in practice, over today's most efficient lattice schemes. The novel scheme is obtained as a result of a modification of the rejection sampling algorithm that is at the heart...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Functional Encryption for Randomized Functionalities

    Originally, encryption was thought of as a way to encrypt \"Point-to-point\" communication. However, in the contemporary world with cloud computing and complex networks, it has become clear that the people need encryption to offer more functionality. In this paper, the authors present the first definitions and constructions for functional encryption...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Verifier-Based Password-Authenticated Key Exchange: New Models and Constructions

    While Password-Authenticated Key Exchange (or PAKE) protocols have been deeply studied, a server corruption remains the main threat, with many concrete cases nowadays. Verifier-based PAKE (or VPAKE) protocols, initially called augmented-PAKE, have been proposed to limit the impact of any leakage. However, no satisfactory security model has ever been proposed...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Towards Leakage Exploitation Rate Optimality in Template Attack

    Template attack is widely accepted to be one of the most powerful side-channel attacks, because it is usually assumed that one has a full knowledge of the targeted crypto devices and thus be well capable of characterizing the side-channel leakages. However, the question of whether template attack is really optimal...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    RDAS: A Symmetric Key Scheme for Authenticated Query Processing in Outsourced Databases

    In this paper the authors address the problem of authenticated query processing in outsourced databases. An authenticated query processing mechanism allows a client to verify the validity of the query responses that it gets from an untrusted and remote server, who stores the client's database on its behalf. They introduce...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Formal Analysis of CRT-RSA Vigilant's Countermeasure Against the BellCoRe Attack

    In the authors' paper at PROOFS 2013, they formally studied a few known countermeasures to protect CRT- RSA against the BellCoRe fault injection attack. However, they left vigilant's countermeasure and its alleged repaired version by the researcher as future work, because the arithmetical framework of their tool was not sufficiently...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    SPHF-Friendly Non-Interactive Commitments

    In 2009, the author proposed a reasonably practical Password-Authenticated Key Exchange (PAKE) secure against adaptive adversaries in the Universal Composability (UC) framework. It exploited the canetti-fischlin methodology for commitments and the cramer-shoup Smooth Projective Hash Functions (SPHFs), following the gennaro-lindell approach for PAKE. In this paper, the authors revisit the...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Lower Bounds in the Hardware Token Model

    A protocol for secure two-party computation allows two mutually distrustful parties to jointly compute a function f of their respective inputs, x and y, in a way that does not reveal anything beyond the value f (x; y) being computed. Soon after the introduction of this powerful notion, it was...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Leakage Resilient Fully Homomorphic Encryption

    The authors construct the first leakage resilient variants of Fully Homomorphic Encryption (FHE) schemes. Their leakage model is bounded adaptive leakage resilience. They first construct a leakage-resilient leveled FHE scheme, meaning the scheme is both leakage resilient and homomorphic for all circuits of depth less than some pre-established maximum set...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    On the Relation of Random Grid, Probabilistic and Deterministic Visual Cryptography

    Visual cryptography is a special type of secret sharing. Two models of visual cryptography have been independently studied: deterministic visual cryptography, random grid visual cryptography, introduced by the researchers. In the context of the deterministic model, the researcher has introduced a third model, the probabilistic visual cryptography model. The connection...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Strongly Secure One-Round Group Authenticated Key Exchange in the Standard Model

    One-round Group Authenticated Key Exchange (GAKE) protocols typically provide implicit authentication and appealing bandwidth efficiency. As a special case of GAKE - the pairing-based one-round Tripartite Authenticated Key Exchange (3AKE), recently gains much attention of research community due to its strong security. Several pairing-based one-round 3AKE protocols have recently been...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    NICV: Normalized Inter-Class Variance for Detection of Side-Channel Leakage

    Side-Channel Attacks (SCA) is considered a serious threat against embedded cryptography. Therefore security-critical chips must be tested for SCA resistance before deployment or certification. SCA are powerful but can need a lot of computation power, especially in the presence of countermeasures. The computation complexity of these attacks can be reduced...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Iterated Group Products and Leakage Resilience Against NC1

    The interplay between group theory and computational complexity has been the source of a number of elegant constructions and computational insights. A line of work [Bar89, CM87, BT88, BC92, CL94, Cle91, and IL95] in the late 1980s gave characterizations of various complexity classes in terms of products over finite groups....

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    A Note on Bilinear Groups of a Large Composite Order

    Weil pairing plays a key role in elliptic curve cryptography. The authors remark that the structure of bilinear groups of a large composite order (at least 1024 bits) could make group operation inefficient and lose the advantages of elliptic curve cryptography which gained mainly from smaller parameter size. As of...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Constant-Round Black-Box Construction of Composable Multi-Party Computation Protocol

    The authors present the first general MPC protocol that satisfies the following: the construction is black-box, the protocol is universally composable in the plain model, and the number of rounds is constant. The security of their protocol is proven in angel-based UC security under the assumption of the existence of...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Between a Rock and a Hard Place: Interpolating Between MPC and FHE

    In the last few years computing on encrypted data via either Fully Homomorphic Encryption (FHE) or Multi-Party Computation (MPC) has been subject to a remarkable number of improvements. Firstly, FHE was shown to be possible; and this was quickly followed by a variety of applications and performance improvements. Secondly, whilst...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Tamper Resilient Circuits: The Adversary at the Gates

    In this paper the authors initiate the investigation of gate-tampering attacks against cryptographic circuits. Their model is motivated by the plausibility of tampering directly with circuit gates and by the increasing use of tamper resilient gates among the known constructions that are shown to be resilient against wire-tampering adversaries. They...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Secure Multiparty Computations on BitCoin

    BitCoin is a decentralized digital currency, introduced in 2008, that has recently gained noticeable popularity. Its main features are: it lacks a central authority that controls the transactions, the list of transactions is publicly available, and its syntax allows more advanced transactions than simply transferring the money. This paper show...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Linearly Homomorphic Structure Preserving Signatures: New Methodologies and Applications

    In this paper the authors introduced the notion of Linearly Homomorphic Structure Preserving Signatures (LHSPS) as a tool to perform verifiable computation on encrypted data and to create constant-size non malleable commitments to group elements. In this paper they improve their understanding of LH- SPS by putting forward new methodologies...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    New Insight into the Isomorphism of Polynomial Problem IP1S and its Use in Cryptography

    In this paper the authors investigate the mathematical structure of the \"Isomorphism of Polynomial with One Secret\" problem (IP1S). Their purpose is to understand why for practical parameter values of IP1S most random instances are easily solvable. They show that the structure of the problem is directly linked to the...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Notions of Black-Box Reductions, Revisited

    Reductions are the common technique to prove security of cryptographic constructions based on a primitive. They take an allegedly successful adversary against the construction and turn it into a successful adversary against the underlying primitive. To a large extent, these reductions are black-box in the sense that they consider the...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Data Security in Cloud Architecture Based on Diffie Hellman and Elliptical Curve Cryptography

    Technological advancements in cloud computing due to increased connectivity and exponentially proliferating data has resulted in migration towards cloud architecture. Cloud computing is technology where the users' can use high end services in form of software that reside on different servers and access data from all over the world. Cloud...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Homomorphic Authenticated Encryption Secure Against Chosen-Ciphertext Attack

    The authors study homomorphic authenticated encryption, where privacy and authenticity of data are protected simultaneously. They define homomorphic versions of various security notions for privacy and authenticity, and investigate relations between them. In particular, they show that it is possible to give a natural definition of IND-CCA for homomorphic authenticated...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Behind the Scene of Side Channel Attacks

    Since the introduction of side channel attacks in the nineties, a large amount of work has been devoted to their effectiveness and efficiency improvements. On the one side, general results and conclusions are drawn in theoretical frameworks, but the latter ones are often set in a too ideal context to...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Obfuscation from Semantically-Secure Multi-Linear Encodings

    The goal of program obfuscation is to \"Scramble\" a computer program, hiding its implementation details (making it hard to \"Reverse-engineer\"), while preserving the functionality (i.e, input/output behavior) of the program. Precisely defining what it means to \"Scramble\" a program is non-trivial: on the one hand, the authors want a definition...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2014

    Non-Interactive Cryptography in the RAM Model of Computation

    Using recently developed techniques for program obfuscation, the authors show several constructions of non-interactive cryptosystems in the Random-Access Machine (RAM) model of computation that are asymptotically more efficient than what would be obtained using generic RAM-to-circuit compilation. In particular, let T denote the running time and n the memory size...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Garbled RAM Revisited Part II

    In EUROCRYPT 2013, Lu and Ostrovsky proposed the notion of Garbled RAM (GRAM) programs. These GRAM programs are analogous to the classic result of Yao's garbled circuits: a large encrypted memory can first be provided to evaluator, and then a program can separately be garbled and sent to an evaluator...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Outsourcing Private RAM Computation

    The authors construct the first schemes that allow a client to privately outsource arbitrary program executions to a remote server while ensuring that: the client's work is small and essentially independent of the complexity of the computation being outsourced, and the server's work is only proportional to the run-time of...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Reducing the Overhead of Cloud MPC

    The authors present a secure Multi-Party Computation (MPC) protocol in the honest-majority setting, which aims to reduce the communication costs in the situation where there are a large number of parties (as in a cloud scenario). Their goal is to reduce the usage of point-to-point channels, so as to enable...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Garbled RAM Revisited Part I

    The notion of garbled Random-Access Machines (garbled RAMs) was introduced by Lu and Ostrovsky (Eurocrypt 2013). It can be seen as an analogue of Yao's garbled circuits that allows a user to garble a RAM program directly, without performing the expensive step of converting it into a circuit. In particular,...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2014

    Verifiable Delegated Set Intersection Operations on Outsourced Encrypted Data

    The authors initiate the study of the following problem: suppose Alice and Bob would like to outsource their encrypted private data sets to the cloud, and they also want to conduct the set intersection operation on their plaintext data sets. The straightforward solution for them is to download their outsourced...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2014

    Efficient Fuzzy Search on Encrypted Data

    The authors study the problem of efficient (sub-linear) fuzzy search on encrypted outsourced data, in the symmetric-key setting. In particular, a user who stores encrypted data on a remote untrusted server forms queries that enable the server to efficiently locate the records containing the requested keywords, even though the user...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2013

    More on the Impossibility of Virtual-Black-Box Obfuscation with Auxiliary Input

    The authors show that if there exist in-distinguishability obfuscators for a certain class C of circuits then there do not exist independent-auxiliary-input Virtual-Black-Box (VBB) obfuscators for any family of circuits that compute a pseudo-entropic function. A function fk is pseudo-entropic if it is hard, given oracle access to fk but...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2013

    Bootstrapping Obfuscators via Fast Pseudorandom Functions

    The authors show that it is possible to upgrade an obfuscator for a weak complexity class WEAK into an obfuscator for arbitrary polynomial size circuits, assuming that the class WEAK can compute pseudorandom functions. Specifically, under standard intractability assumptions (e.g., hardness of factoring, decisional Diffie-Hellman, or learning with errors), the...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2013

    Cryptanalysis and Improvement of a Dynamic and Secure Key Management Model for Hierarchical Heterogeneous Sensor Networks

    In 2012, the authors presented a dynamic and secure key management model for hierarchical heterogeneous sensor networks. They proposed a signcryption algorithm which is the main building block in their key management model. They proved the algorithm is as strong as the elliptical curve discrete logarithm problem. In this paper,...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2013

    Secure Key Exchange and Sessions without Credentials

    Secure communication is a fundamental cryptographic primitive. Typically, security is achieved by relying on an existing credential infrastructure, such as a PKI or passwords, for identifying the end points to each other. But what can be obtained when no such credential infrastructure is available? Clearly, when there is no pre-existing...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2013

    Unbalancing Pairing-Based Key Exchange Protocols

    In many pairing-based protocols more than one party is involved, and some or all of them may be required to calculate pairings. Commonly it is the pairing calculation itself which takes most time. However some parties may be better equipped than others in terms of computational power. By exploiting the...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2013

    Public-Key Encryption with Weak Randomness: Security Against Strong Chosen Distribution Attacks

    Chosen Distribution Attacks (CDA) were introduced by the researcher (Asiacrypt '09) to model attacks where an adversary can control the distribution of both messages and random coins used in an encryption scheme. One important restriction in their definition is that the distributions chosen by the adversary cannot depend on the...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2013

    Formal Verification of a Software Countermeasure Against Instruction Skip Attacks

    Fault attacks against embedded circuits enabled to de ne many new attack paths against secure circuits. Every attack path relies on a specific fault model which defines the type of faults that the attacker can perform. On embedded processors, a fault model in which an attacker is able to skip...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Universally Composable Privacy Preserving Finite Automata Execution with Low Online and Offline Complexity

    In this paper, the authors propose efficient protocols to obliviously execute Non-deterministic and Deterministic Finite Automata (NFA and DFA) in the Arithmetic Black Box (ABB) model. In contrast to previous approaches, their protocols do not use expensive public-key operations, relying instead only on computation with secret-shared values. Additionally, the complexity...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Automatic Security Evaluation for Bit-Oriented Block Ciphers in Related-Key Model: Application to Present-80, LBlock and Others

    Since AES and PRESENT are two international standard block ciphers representing the most elegant design strategies for byte-oriented and bit-oriented designs respectively,. In this paper the authors regard AES and PRESENT the two most significant candidates to scrutinize with respect to related-key differential attack. In EUROCRYPT 2010 and CRYPTO 2013,...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2013

    Switching Lemma for Bilinear Tests and Constant-Size NIZK Proofs for Linear Subspaces

    The authors state a switching lemma for tests on adversarial inputs involving bilinear pairings in hard groups, where the tester can effectively switch the randomness used in the test from being given to the adversary to being chosen after the adversary commits its input. The switching lemma can be based...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2013

    Attribute-Based Encryption for Arithmetic Circuits

    The authors present an attribute based encryption system where access policies are expressed as polynomial size arithmetic circuits. They prove security against arbitrary collusions of users based on the learning with errors problem on integer lattices. The system has two additional useful properties: first, it naturally handles arithmetic circuits with...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Linear Cryptanalysis of Round Reduced SIMON

    SIMON is a family of lightweight block ciphers that was proposed by U.S National Security Agency (NSA). A cipher in this family with K-bit key and N-bit block is called SIMON N=K. In this paper the authors analyze the security of SIMON against linear cryptanalysis. They present several linear characteristics...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2013

    Anonymous Aggregation for Lightweight Multiparty Computations

    While multiparty computations are becoming more and more efficient, their performance has not reached the needed level to be widely deployed for many applications. Nevertheless, the heterogeneous environment of modern computing needs this functionality to provide users their right to privacy. For a wide range of applications there is no...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2013

    Security Analysis of Password-Authenticated Key Retrieval

    The problem of safely storing client's long-term static keys (e.g., symmetric keys, signature keys for digital signatures or decryption keys for public-key encryptions) can be addressed with credential services (including cloud services or SSO (Single Sign-On)), which also solve many usability constraints for clients. Consider a roaming client who accesses...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Enhanced Certificate Transparency (How Johnny Could Encrypt)

    The certificate authority model for authenticating public keys of websites has been attacked in recent years, and several proposals have been made to reinforce it. The authors develop and extend certificate transparency, a proposal in this direction, so that it efficiently handles certificate revocation. They show how this extension can...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    One-Sided Adaptively Secure Two-Party Computation

    Adaptive security is a strong security notion that captures additional security threats that are not addressed by static corruptions. For instance, it captures real-world scenarios where \"Hackers\" actively break into computers, possibly while they are executing secure protocols. Studying this setting is interesting from both theoretical and practical points of...

    Provided By International Association for Cryptologic Research

  • White Papers // Sep 2013

    Cryptanalysis of the Toorani-Falahati Hill Ciphers

    The hill cipher is a classical symmetric-key cipher that was published by the researcher in 1929. The hill cipher represents each plaintext as a vector of integer values, and encrypts this vector using a single multiplication by a square key matrix. This has the advantage of simplicity, but renders the...

    Provided By International Association for Cryptologic Research

  • White Papers // Sep 2013

    Smashing MASH-1

    MASH-1 is modular arithmetic based hash function. It is presented in part 4 of ISO/IEC 10118 standard for one and a half decade. Cryptographic strength of MASH-1 hash function is based on factorization problem of an RSA modulus along with redundancy in the input blocks of compression functions. Despite of...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    SPHF-Friendly Non-Interactive Commitments

    In 2009, the author proposed a reasonably practical Password-Authenticated Key Exchange (PAKE) secure against adaptive adversaries in the Universal Composability (UC) framework. It exploited the canetti-fischlin methodology for commitments and the cramer-shoup Smooth Projective Hash Functions (SPHFs), following the gennaro-lindell approach for PAKE. In this paper, the authors revisit the...

    Provided By International Association for Cryptologic Research

  • White Papers // Sep 2013

    A Method for Generation of High-Nonlinear S-Boxes Based on Gradient Descent

    S-boxes are one of the main components that determine the robustness of modern symmetric cryptographic primitives. Criteria based on the analysis of the properties of vectorial boolean functions for selection of substitutions (S-boxes) for symmetric cryptographic primitives are given. The authors propose an improved gradient descent method for increasing performance...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2013

    Efficient Delegation of Key Generation and Revocation Functionalities in Identity-Based Encryption

    In the public key cryptosystems, revocation functionality is required when a secret key is corrupted by hacking or the period of a contract expires. In the public key infrastructure setting, numerous solutions have been proposed, and in the Identity Based Encryption (IBE) setting, a recent series of papers proposed revocable...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2013

    CCA-Secure IB-KEM from Identity-Based Extractable Hash Proof System

    In this paper, the authors introduce a general paradigm called Identity-Based Extractable Hash Proof System (IB-EHPS), which is an extension of Extractable Hash Proof System (EHPS) proposed by wee (CRYPTO '10). They show how to construct Identity-Based Key Encapsulation Mechanism (IB-KEM) from IB-EHPS in a simple and modular fashion. Their...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2013

    Provable Security of S-BGP and Other Path Vector Protocols: Model, Analysis and Extensions

    In this paper the authors provide the provable-security treatment of path vector routing protocols. They first design a security definition for routing path vector protocols by studying, generalizing, and formalizing numerous known threats. Their model incorporates three major security goals. It is quite strong, yet simple to use. They prove...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2013

    Revocable Identity-Based Encryption: Security Model and Construction

    The researchers proposed an elegant way of achieving an Identity-Based Encryption (IBE) with efficient revocation, which they call Revocable IBE (RIBE). One of the significant benefits of their construction is scalability, where the overhead of the trusted authority is logarithmically increased in the number of users, whereas that in the...

    Provided By International Association for Cryptologic Research

  • White Papers // Aug 2013

    On Formal and Automatic Security Verification of WSN Transport Protocols

    In this paper, the authors address the problem of formal and automated security verification of WSN transport protocols that may perform cryptographic operations. The verification of this class of protocols is difficult because they typically consist of complex behavioral characteristics, such as real-time, probabilistic, and cryptographic operations. To solve this...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2013

    Non-Black-Box Simulation from One-Way Functions and Applications to Resettable Security

    The simulation paradigm, introduced by the researchers, is of fundamental importance to modern cryptography. In a breakthrough work from 2001, barak (FOCS'01) introduced a novel non-black-box simulation technique. This technique enabled the construction of new cryptographic primitives, such as resettably-sound zero-knowledge arguments, that cannot be proven secure using just black-box...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Property Preserving Symmetric Encryption

    The authors proposed the notion of Property Preserving symmetric Encryption (PPEnc). They defined several security notions for PPEnc and studied their relationship. They also proposed a concrete scheme which preserves the orthogonality of encrypted vectors. The proposed construction is claimed to achieve the strongest security notion of property preserving encryption,...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Verifier-Based Password-Authenticated Key Exchange: New Models and Constructions

    While Password-Authenticated Key Exchange (or PAKE) protocols have been deeply studied, a server corruption remains the main threat, with many concrete cases nowadays. Verifier-based PAKE (or VPAKE) protocols, initially called augmented-PAKE, have been proposed to limit the impact of any leakage. However, no satisfactory security model has ever been proposed...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Power and Timing Side Channels for PUFs and their Efficient Exploitation

    The authors discuss the first power and timing side channels on Strong Physical Unclonable Functions (Strong PUFs) in the literature, and describe their efficient exploitation via adapted Machine Learning (ML) techniques. Their method is illustrated by the example of the two currently most secure (CCS 2010, IEEE T-IFS 2013) electrical...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Weakness of Several Identity-Based Tripartite Authenticated Key Agreement Protocols

    It is necessary to guarantee confidentiality, integrity and other security services for the communication parties over the open network. Key agreement allows multi-parties exchanging public information to create a common secret key that is known only to those entities over an insecure network. In recent years, several identity-based authenticated key...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    How to Keep a Secret: Leakage Deterring Public-key Cryptography

    How is it possible to prevent the sharing of cryptographic functions? This question appears to be fundamentally hard to address since in this setting the owner of the key is the adversary: they wishes to share a program or device that (potentially only partly) implements the users' main cryptographic functionality....

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2011

    Making NTRU as Secure as Worst-Case Problems Over Ideal Lattices

    NTRUEncrypt, proposed in 1996 by the researchers, is the fastest known lattice-based encryption scheme. Its moderate key-sizes, excellent asymptotic performance and conjectured resistance to quantum computers could make it a desirable alternative to factorization and discrete-log based encryption schemes. However, since its introduction, doubts have regularly arisen on its security....

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2011

    Pushing the Limits: A Very Compact and a Threshold Implementation of AES

    The authors' contribution is twofold: first they describe a very compact hardware implementation of AES-128, which requires only 2400 GE. This is to the best of their knowledge the smallest implementation reported so far. Then they apply the threshold countermeasure by researcher to the AES S-box and yield an implementation...

    Provided By International Association for Cryptologic Research