International Association for Cryptologic Research

Displaying 1-40 of 441 results

  • White Papers // Mar 2014

    Efficient Fuzzy Search on Encrypted Data

    The authors study the problem of efficient (sub-linear) fuzzy search on encrypted outsourced data, in the symmetric-key setting. In particular, a user who stores encrypted data on a remote untrusted server forms queries that enable the server to efficiently locate the records containing the requested keywords, even though the user...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2014

    Verifiable Delegated Set Intersection Operations on Outsourced Encrypted Data

    The authors initiate the study of the following problem: suppose Alice and Bob would like to outsource their encrypted private data sets to the cloud, and they also want to conduct the set intersection operation on their plaintext data sets. The straightforward solution for them is to download their outsourced...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2014

    Non-Interactive Cryptography in the RAM Model of Computation

    Using recently developed techniques for program obfuscation, the authors show several constructions of non-interactive cryptosystems in the Random-Access Machine (RAM) model of computation that are asymptotically more efficient than what would be obtained using generic RAM-to-circuit compilation. In particular, let T denote the running time and n the memory size...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Outsourcing Private RAM Computation

    The authors construct the first schemes that allow a client to privately outsource arbitrary program executions to a remote server while ensuring that: the client's work is small and essentially independent of the complexity of the computation being outsourced, and the server's work is only proportional to the run-time of...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Reducing the Overhead of Cloud MPC

    The authors present a secure Multi-Party Computation (MPC) protocol in the honest-majority setting, which aims to reduce the communication costs in the situation where there are a large number of parties (as in a cloud scenario). Their goal is to reduce the usage of point-to-point channels, so as to enable...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Garbled RAM Revisited Part II

    In EUROCRYPT 2013, Lu and Ostrovsky proposed the notion of Garbled RAM (GRAM) programs. These GRAM programs are analogous to the classic result of Yao's garbled circuits: a large encrypted memory can first be provided to evaluator, and then a program can separately be garbled and sent to an evaluator...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Garbled RAM Revisited Part I

    The notion of garbled Random-Access Machines (garbled RAMs) was introduced by Lu and Ostrovsky (Eurocrypt 2013). It can be seen as an analogue of Yao's garbled circuits that allows a user to garble a RAM program directly, without performing the expensive step of converting it into a circuit. In particular,...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2014

    Improved Differential Fault Attack on MICKEY 2.0

    In this paper the authors describe several ideas related to Differential Fault Attack (DFA) on MICKEY 2.0, a stream cipher from eStream hardware profile. Using the standard assumptions for fault attacks, they first show that if the adversary can induce random single bit faults in the internal state of the...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Power and Timing Side Channels for PUFs and their Efficient Exploitation

    The authors discuss the first power and timing side channels on Strong Physical Unclonable Functions (Strong PUFs) in the literature, and describe their efficient exploitation via adapted Machine Learning (ML) techniques. Their method is illustrated by the example of the two currently most secure (CCS 2010, IEEE T-IFS 2013) electrical...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    How to Keep a Secret: Leakage Deterring Public-key Cryptography

    How is it possible to prevent the sharing of cryptographic functions? This question appears to be fundamentally hard to address since in this setting the owner of the key is the adversary: they wishes to share a program or device that (potentially only partly) implements the users' main cryptographic functionality....

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Property Preserving Symmetric Encryption

    The authors proposed the notion of Property Preserving symmetric Encryption (PPEnc). They defined several security notions for PPEnc and studied their relationship. They also proposed a concrete scheme which preserves the orthogonality of encrypted vectors. The proposed construction is claimed to achieve the strongest security notion of property preserving encryption,...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Weakness of Several Identity-Based Tripartite Authenticated Key Agreement Protocols

    It is necessary to guarantee confidentiality, integrity and other security services for the communication parties over the open network. Key agreement allows multi-parties exchanging public information to create a common secret key that is known only to those entities over an insecure network. In recent years, several identity-based authenticated key...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Chosen Ciphertext Secure (CCS): Symmetric Key CCA Encryption with Minimal Ciphertext Expansion

    In some wireless environments, minimizing the size of messages is paramount due to the resulting significant energy savings. The authors present a new symmetric encryption scheme: CCS or Chosen Cipher-text Secure scheme. CCS has the property that modifications to the cipher-text randomize the resulting plaintext. Using this property, they prove...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Beyond Modes: Building a Secure Record Protocol from a Cryptographic Sponge Permutation

    Blinker is a light-weight cryptographic suite and record protocol built from a single permutation. Its design is based on the sponge construction used by the SHA-3 algorithm keccak. The authors examine the SpongeWrap authenticated encryption mode and expand its padding mechanism to offer explicit domain separation and enhanced security for...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    CBEAM: Efficient Authenticated Encryption from Feebly One-Way Functions

    The authors show how efficient and secure cryptographic mixing functions can be constructed from low-degree rotation-invariant functions rather than conventional S-Boxes. These novel functions have surprising properties; many exhibit inherent feeble (Boolean circuit) one-wayness and offer speed/area trade-offs unobtainable with traditional constructs. Recent theoretical results indicate that even if the...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Lattice Signatures and Bimodal Gaussians

    The authors' main result is a construction of a lattice-based digital signature scheme that represents an improvement, both in theory and in practice, over today's most efficient lattice schemes. The novel scheme is obtained as a result of a modification of the rejection sampling algorithm that is at the heart...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Functional Encryption for Randomized Functionalities

    Originally, encryption was thought of as a way to encrypt \"Point-to-point\" communication. However, in the contemporary world with cloud computing and complex networks, it has become clear that the people need encryption to offer more functionality. In this paper, the authors present the first definitions and constructions for functional encryption...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Verifier-Based Password-Authenticated Key Exchange: New Models and Constructions

    While Password-Authenticated Key Exchange (or PAKE) protocols have been deeply studied, a server corruption remains the main threat, with many concrete cases nowadays. Verifier-based PAKE (or VPAKE) protocols, initially called augmented-PAKE, have been proposed to limit the impact of any leakage. However, no satisfactory security model has ever been proposed...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Towards Leakage Exploitation Rate Optimality in Template Attack

    Template attack is widely accepted to be one of the most powerful side-channel attacks, because it is usually assumed that one has a full knowledge of the targeted crypto devices and thus be well capable of characterizing the side-channel leakages. However, the question of whether template attack is really optimal...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    RDAS: A Symmetric Key Scheme for Authenticated Query Processing in Outsourced Databases

    In this paper the authors address the problem of authenticated query processing in outsourced databases. An authenticated query processing mechanism allows a client to verify the validity of the query responses that it gets from an untrusted and remote server, who stores the client's database on its behalf. They introduce...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Formal Analysis of CRT-RSA Vigilant's Countermeasure Against the BellCoRe Attack

    In the authors' paper at PROOFS 2013, they formally studied a few known countermeasures to protect CRT- RSA against the BellCoRe fault injection attack. However, they left vigilant's countermeasure and its alleged repaired version by the researcher as future work, because the arithmetical framework of their tool was not sufficiently...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    SPHF-Friendly Non-Interactive Commitments

    In 2009, the author proposed a reasonably practical Password-Authenticated Key Exchange (PAKE) secure against adaptive adversaries in the Universal Composability (UC) framework. It exploited the canetti-fischlin methodology for commitments and the cramer-shoup Smooth Projective Hash Functions (SPHFs), following the gennaro-lindell approach for PAKE. In this paper, the authors revisit the...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Lower Bounds in the Hardware Token Model

    A protocol for secure two-party computation allows two mutually distrustful parties to jointly compute a function f of their respective inputs, x and y, in a way that does not reveal anything beyond the value f (x; y) being computed. Soon after the introduction of this powerful notion, it was...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    On the Relation of Random Grid, Probabilistic and Deterministic Visual Cryptography

    Visual cryptography is a special type of secret sharing. Two models of visual cryptography have been independently studied: deterministic visual cryptography, random grid visual cryptography, introduced by the researchers. In the context of the deterministic model, the researcher has introduced a third model, the probabilistic visual cryptography model. The connection...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Leakage Resilient Fully Homomorphic Encryption

    The authors construct the first leakage resilient variants of Fully Homomorphic Encryption (FHE) schemes. Their leakage model is bounded adaptive leakage resilience. They first construct a leakage-resilient leveled FHE scheme, meaning the scheme is both leakage resilient and homomorphic for all circuits of depth less than some pre-established maximum set...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Strongly Secure One-Round Group Authenticated Key Exchange in the Standard Model

    One-round Group Authenticated Key Exchange (GAKE) protocols typically provide implicit authentication and appealing bandwidth efficiency. As a special case of GAKE - the pairing-based one-round Tripartite Authenticated Key Exchange (3AKE), recently gains much attention of research community due to its strong security. Several pairing-based one-round 3AKE protocols have recently been...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    NICV: Normalized Inter-Class Variance for Detection of Side-Channel Leakage

    Side-Channel Attacks (SCA) is considered a serious threat against embedded cryptography. Therefore security-critical chips must be tested for SCA resistance before deployment or certification. SCA are powerful but can need a lot of computation power, especially in the presence of countermeasures. The computation complexity of these attacks can be reduced...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Iterated Group Products and Leakage Resilience Against NC1

    The interplay between group theory and computational complexity has been the source of a number of elegant constructions and computational insights. A line of work [Bar89, CM87, BT88, BC92, CL94, Cle91, and IL95] in the late 1980s gave characterizations of various complexity classes in terms of products over finite groups....

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Constant-Round Black-Box Construction of Composable Multi-Party Computation Protocol

    The authors present the first general MPC protocol that satisfies the following: the construction is black-box, the protocol is universally composable in the plain model, and the number of rounds is constant. The security of their protocol is proven in angel-based UC security under the assumption of the existence of...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    A Note on Bilinear Groups of a Large Composite Order

    Weil pairing plays a key role in elliptic curve cryptography. The authors remark that the structure of bilinear groups of a large composite order (at least 1024 bits) could make group operation inefficient and lose the advantages of elliptic curve cryptography which gained mainly from smaller parameter size. As of...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Between a Rock and a Hard Place: Interpolating Between MPC and FHE

    In the last few years computing on encrypted data via either Fully Homomorphic Encryption (FHE) or Multi-Party Computation (MPC) has been subject to a remarkable number of improvements. Firstly, FHE was shown to be possible; and this was quickly followed by a variety of applications and performance improvements. Secondly, whilst...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Tamper Resilient Circuits: The Adversary at the Gates

    In this paper the authors initiate the investigation of gate-tampering attacks against cryptographic circuits. Their model is motivated by the plausibility of tampering directly with circuit gates and by the increasing use of tamper resilient gates among the known constructions that are shown to be resilient against wire-tampering adversaries. They...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Secure Multiparty Computations on BitCoin

    BitCoin is a decentralized digital currency, introduced in 2008, that has recently gained noticeable popularity. Its main features are: it lacks a central authority that controls the transactions, the list of transactions is publicly available, and its syntax allows more advanced transactions than simply transferring the money. This paper show...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Data Security in Cloud Architecture Based on Diffie Hellman and Elliptical Curve Cryptography

    Technological advancements in cloud computing due to increased connectivity and exponentially proliferating data has resulted in migration towards cloud architecture. Cloud computing is technology where the users' can use high end services in form of software that reside on different servers and access data from all over the world. Cloud...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Notions of Black-Box Reductions, Revisited

    Reductions are the common technique to prove security of cryptographic constructions based on a primitive. They take an allegedly successful adversary against the construction and turn it into a successful adversary against the underlying primitive. To a large extent, these reductions are black-box in the sense that they consider the...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    New Insight into the Isomorphism of Polynomial Problem IP1S and its Use in Cryptography

    In this paper the authors investigate the mathematical structure of the \"Isomorphism of Polynomial with One Secret\" problem (IP1S). Their purpose is to understand why for practical parameter values of IP1S most random instances are easily solvable. They show that the structure of the problem is directly linked to the...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Linearly Homomorphic Structure Preserving Signatures: New Methodologies and Applications

    In this paper the authors introduced the notion of Linearly Homomorphic Structure Preserving Signatures (LHSPS) as a tool to perform verifiable computation on encrypted data and to create constant-size non malleable commitments to group elements. In this paper they improve their understanding of LH- SPS by putting forward new methodologies...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Homomorphic Authenticated Encryption Secure Against Chosen-Ciphertext Attack

    The authors study homomorphic authenticated encryption, where privacy and authenticity of data are protected simultaneously. They define homomorphic versions of various security notions for privacy and authenticity, and investigate relations between them. In particular, they show that it is possible to give a natural definition of IND-CCA for homomorphic authenticated...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Obfuscation from Semantically-Secure Multi-Linear Encodings

    The goal of program obfuscation is to \"Scramble\" a computer program, hiding its implementation details (making it hard to \"Reverse-engineer\"), while preserving the functionality (i.e, input/output behavior) of the program. Precisely defining what it means to \"Scramble\" a program is non-trivial: on the one hand, the authors want a definition...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Behind the Scene of Side Channel Attacks

    Since the introduction of side channel attacks in the nineties, a large amount of work has been devoted to their effectiveness and efficiency improvements. On the one side, general results and conclusions are drawn in theoretical frameworks, but the latter ones are often set in a too ideal context to...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2010

    Further Observations on Optimistic Fair Exchange Protocols in the Multi-User Setting

    Recent research has shown that the single-user security of optimistic fair exchange cannot guarantee the multi-user security. This paper investigates the conditions under which the security of optimistic fair exchange in the single-user setting is preserved in the multi-user setting. The authors first introduce and define a property called "Strong...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2013

    Faster Index Calculus for the Medium Prime Case Application to 1175-Bit and 1425-Bit Finite Fields

    Many index calculus algorithms generate multiplicative relations between smoothness basis elements by using a process called Sieving. This process allows filtering potential candidate relations very quickly, without spending too much time to consider bad candidates. However, from an asymptotic point of view, there is not much difference between sieving and...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2012

    An Ideal Multi-Secret Sharing Scheme Based on Minimal Privileged Coalitions

    How to construct an ideal multi-secret sharing scheme for general access structures is difficult. In this paper, the authors solve an open problem proposed by Spiez et al. recently, namely to design an algorithm of privileged coalitions of any length if such coalitions exist. Furthermore, in terms of privileged coalitions,...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2012

    Cryptanalysis of Matrix Conjugation Schemes

    The conjugacy search problem plays a special role in group-based cryptography. Most of the cryptosystems based on groups use one or another variation of that problem. For instance: employs conjugacy search problem in braid groups, employ simultaneous conjugacy search problem in braid groups, employs twisted conjugacy problem, employ decomposition problem...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2011

    Design of Secure Image Transmission in MANET Using Number Theory Based Image Compression and Quasigroup Encryption (NTICQE) Algorithm

    Image compression and image encryption are pivotal to proper storage and transmission of images over MANET. Simultaneous image compression and encryption aims at achieving enhanced bandwidth utilization and security at the same time. The Number Theory based Image Compression and Quasigroup Encryption (NTICQE) algorithm employs number theoretic paradigm - Chinese...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2012

    Towards Fully Collusion-Resistant ID-Based Establishment of Pairwise Keys

    Usually a communication link is secured by means of a symmetric-key algorithm. For that, a method is required to securely establish a symmetric-key for that algorithm. This old key establishment problem is still relevant and of paramount importance both in existing computer networks and new large-scale ubiquitous systems comprising resource-constrained...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2012

    Improved Side Channel Attack on the Block Cipher NOEKEON

    Classical cryptanalysis generally considers adversaries getting black box access to the cryptographic primitives they target, e.g. the inputs and outputs of a block cipher. However, considering the practical implementations of a block cipher, especially in resource limited systems such as smart cards, there is a stronger attack model, namely the...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2012

    Differential Analysis of the LED Block Cipher

    In this paper, the authors present a security analysis of the lightweight block cipher LED proposed by Guo et al. at CHES 2011. Since the design of LED is very similar to the Even-Mansour scheme, they first review existing attacks on this scheme and extend them to related-key and related-key-cipher...

    Provided By International Association for Cryptologic Research

  • White Papers // Jul 2012

    Efficient Implementation of RSA Algorithm with MKE

    The aim of this paper is to improve the implementation of RSA algorithm in some certain situations. This improvement is based on the ideas of H. Ren-Junn, S. Feng-Fu, Y. Yi-Shiung and C. Chia-Yao and allows users to speed up the transmission of data between various nodes in networks. The...

    Provided By International Association for Cryptologic Research

  • White Papers // Aug 2012

    On the Immunity of Boolean Functions Against Fast Algebraic Attacks Using Bivariate Polynomial Representation

    Boolean functions are frequently used in the design of stream ciphers, block ciphers and hash functions. One of the most vital roles in cryptography of Boolean functions is to be used as filter and combination generators of stream ciphers based on Linear Feedback Shift Registers (LFSR). In the last decade,...

    Provided By International Association for Cryptologic Research

  • White Papers // Aug 2012

    Approaches for the Parallelization of Software Implementation of Integer Multiplication

    In this paper, there are considered several approaches for the increasing performance of software implementation of integer multiplication algorithm for the 32-bit & 64-bit platforms via parallelization. The main idea of algorithm parallelization consists in delayed carry mechanism using which authors have proposed earlier. The delayed carry allows to get...

    Provided By International Association for Cryptologic Research

  • White Papers // Sep 2012

    Some Connections Between Primitive Roots and Quadratic Non-Residues Modulo a Prime

    Generating primitive roots modulo a prime is a fundamental problem in number theory, with major applications in cryptography. Diffie-Hellman key establishment scheme, ElGamal public-key cryptosystem, Schnorr identification scheme and Digital Signature Scheme are only a few examples which rely on generating primitive roots or elements of a certain order. Finding...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2012

    Rational Authentication Protocols and Their Use in Nancial Transactions

    The authors use ideas from game theory to improve two families of authentication protocols, namely password-based and manual authentication schemes. The protocols will be transformed so that even if an intruder attacks different protocol runs between honest nodes, its expected payoff will still be lower than when it does not...

    Provided By International Association for Cryptologic Research

  • White Papers // Jul 2012

    Constructing Pairing-Friendly Genus 2 Curves with Split Jacobian

    Genus 2 curves with simple but not absolutely simple jacobians can be used to construct pairing-based cryptosystems more efficient than for a generic genus 2 curve. The authors show that there is a full analogy between methods for constructing ordinary pairing-friendly elliptic curves and simple abelian varieties, which are iogenous...

    Provided By International Association for Cryptologic Research

  • White Papers // Jul 2012

    A Generalised Formula for Calculating the Resilience of Random Key Predistribution Schemes

    A commonly used metric for comparing the resilience of key pre-distribution schemes is fails, which measures the proportion of network connections which are 'broken' by an adversary which has compromised s nodes. In 'Random key pre-distribution schemes for sensor networks', Chan, Perrig and Song present a formula for measuring the...

    Provided By International Association for Cryptologic Research

  • White Papers // Jul 2012

    Beyond eCK: Perfect Forward Secrecy under Actor Compromise and Ephemeral-Key Reveal

    The majority of recently developed key exchange protocols have been proven secure with respect to game-based security models for key exchange protocols. The first such security model was introduced by Bellare and Rogaway. In this model, the adversary is modeled as a probabilistic polynomial-time Turing machine that interacts with the...

    Provided By International Association for Cryptologic Research

  • White Papers // Jul 2012

    Revisiting Key Schedule's Diffusion In Relation with Round Function's Diffusion

    The authors study the weakness of key schedules from an observation: many existing attacks use the fact that the key schedules poorly distribute key bits in the diffusion path of round function. This reminds them the importance of the diffusion's relation between key schedule and round function. They present new...

    Provided By International Association for Cryptologic Research

  • White Papers // Jul 2009

    SSE Implementation of Multivariate PKCs on Modern X86 CPUs

    Multivariate Public Key Cryptosystems (MPKCs) are often touted as future-proofing against Quantum Computers. It also has been known for efficiency compared to "Traditional" alternatives. However, this advantage seems to erode with the increase of arithmetic resources in modern CPUs and improved algorithms, especially with respect to Elliptic Curve Cryptography (ECC)....

    Provided By International Association for Cryptologic Research

  • White Papers // Apr 2011

    Secure Computation on the Web: Computing without Simultaneous Interaction

    Secure computation enables mutually suspicious parties to compute a joint function of their private inputs while providing strong security guarantees. Amongst other things, even if some of the participants are corrupted the output is still correctly computed, and parties do not learn anything about each other's inputs except for that...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2011

    Information-theoretic Bounds for Differentially Private Mechanisms

    There are two active and independent lines of research that aim at quantifying the amount of information that is disclosed by computing on confidential data. Each line of research has developed its own notion of confidentiality: on the one hand, differential privacy is the emerging consensus guarantee used for privacy-preserving...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2011

    Is Privacy Compatible With Truthfulness?

    The authors investigate the mainstream interpretation of differential privacy, which says that given a differentially private mechanism, people are likely to share their data truthfully because they are at little risk of revealing their own information. They argue that this interpretation is incomplete because people value their privacy, and so...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2010

    Security Weakness of Two Authenticated Key Exchange Protocols From Pairings

    Recently, Liu proposed two authenticated multiple key exchange protocols using pairings, and claimed two protocols featured many security attributes. In this paper, the authors show that Liu's protocols are insecure. Both of Liu's protocols cannot provide perfect forward secrecy. Authenticated Key Exchange (AKE) plays an important role in secure communications....

    Provided By International Association for Cryptologic Research

  • White Papers // Jul 2012

    Two Grumpy Giants and a Baby

    Pollard's rho algorithm, along with parallelized, vectorized, and negating variants, is the standard method to compute discrete logarithms in generic prime-order groups. This paper presents two reasons that Pollard's rho algorithm is farther from optimality than generally believed; "Higher-Degree Local Anti-Collisions" make the rho walk less random than the predictions...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2012

    Ring Group Signatures

    In many applications of group signatures, not only a signer's identity but also which group the signer belongs to is sensitive information regarding signer privacy. In this paper, the authors study these applications and combine a group signature with a ring signature to create a ring group signature, which specifies...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2012

    Cyptanalysis CDHP, BDHP and Tate Pairing Under Certain Conditions the Tate Pairing is Less Secure Than Weil

    This paper fall within the cadre of Cryptanalysis. Because, under certain condition, the authors would give a fairly simple method to solve the CDHP (the Problem Computational of Diffie and Hellman) and others problems associated to it. Since, solving this problem, will help them to provide a solution to the...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2012

    Compilation Techniques for Efficient Encrypted Computation

    Fully Homomorphic Encryption (FHE) techniques are capable of performing encrypted computation on Boolean circuits, i.e., the user specifies encrypted inputs to the program, and the server computes on the encrypted inputs. Applying these techniques to general programs with recursive procedures and data-dependent loops has not been a focus of attention....

    Provided By International Association for Cryptologic Research

  • White Papers // May 2012

    Transposition of AES Key Schedule

    In this paper, the authors point out a new weakness of the AES key schedule by revisiting an old observation exploited by many known attacks. They also discover a major cause for this weakness is that the column-by-column word-wise property in the key schedule matches nicely with the MixColumns operation...

    Provided By International Association for Cryptologic Research

  • White Papers // Jun 2012

    Full Proof Cryptography: Verifiable Compilation of Efficient Zero-Knowledge Protocols

    Developers building cryptography into security-sensitive applications face a daunting task. Not only must they understand the security guarantees delivered by the constructions they choose, they must also implement and combine them correctly and efficiently. Cryptographic compilers free developers from having to implement cryptography on their own by turning high-level specifications...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2012

    A Secret Sharing Scheme Based on Group Presentations and the Word Problem

    A (t, n)-threshold secret sharing scheme is a method to distribute a secret among n participants in such a way that any t participants can recover the secret, but no t - 1 participants can. In this paper, the authors propose two secret sharing schemes using non-abelian groups; the special...

    Provided By International Association for Cryptologic Research

  • White Papers // Aug 2012

    Compress Multiple Ciphertexts Using Elgamal Encryption Schemes

    ElGamal encryption is one of fundamental public-key cryptosystems. One of its main advantages is that it is simple and efficient, but also that its chosen-plaintext security is clearly understood. Security overhead in terms of bandwidth, however, often becomes obstacles against its publicly wide use. In this paper, the authors deal...

    Provided By International Association for Cryptologic Research

  • White Papers // Apr 2012

    Zero-Knowledge for Multivariate Polynomials

    The first Zero-Knowledge schemes were based on the factorization problem (for example Fischer-Micali-Racko in 1984, or Fiat-Shamir in 1986) or the Graph Isomorphism Problem. However the factorization problem is not expected to be a NP complete problem (since it is in NP and Co NP) and it has sub-exponential algorithms...

    Provided By International Association for Cryptologic Research

  • White Papers // Jun 2012

    Ring-LWE in Polynomial Rings

    Since its recent introduction, the Ring-LWE problem [LPR10] has already been used as a building block for numerous cryptographic applications. In addition to its original functionality as the basis of efficient lattice-based cryptosystems [LPR10], it has since been used as a hardness assumption in the constructions of efficient signature schemes...

    Provided By International Association for Cryptologic Research

  • White Papers // Apr 2012

    Physical Unclonable Functions in Cryptographic Protocols: Security Proofs and Impossibility Results

    The authors investigate the power of Physical Unclonable Functions (PUFs) as a new primitive in cryptographic protocols. Their contributions split into three parts; they focus on the realizability of PUF-protocols in a special type of stand-alone setting (the "Stand-alone, good PUF setting") under minimal assumptions, they formally prove that there...

    Provided By International Association for Cryptologic Research

  • White Papers // Apr 2012

    Differentially Private Continual Monitoring of Heavy Hitters from Distributed Streams

    The authors consider applications scenarios where an untrusted aggregator wishes to continually monitor the heavy-hitters across a set of distributed streams. Since each stream can contain sensitive data, such as the purchase history of customers, they wish to guarantee the privacy of each stream, while allowing the untrusted aggregator to...

    Provided By International Association for Cryptologic Research

  • White Papers // Aug 2012

    Perfect Algebraic Immune Functions

    The study of the cryptanalysis of the filter and combination generators of stream ciphers based on Linear Feedback Shift Registers (LFSRs) has resulted in a wealth of cryptographic criteria for Boolean functions, such as balancedness, high algebraic degree, high nonlinearity, high correlation immunity and so on. An overview of cryptographic...

    Provided By International Association for Cryptologic Research

  • White Papers // Apr 2012

    Strongly Secure Authenticated Key Exchange from Factoring, Codes, and Lattices

    Establishing secure channels is one of the most important areas of cryptographic research. Secure channels provide secrecy and authenticity for both communication parties. When parties can share secret information via a public communication channel, secure channels would be constructed on (symmetric key) encryptions and message authentication codes with the shared...

    Provided By International Association for Cryptologic Research

  • White Papers // Apr 2012

    Zero Knowledge with Rubik's Cubes

    Since the invention of the Rubik's cube by Erno Rubik in 1974, similar puzzles have been produced, with various number of faces or stickers. The authors can use these toys to define several problems in computer science, such as go from one state of the puzzle to another one. In...

    Provided By International Association for Cryptologic Research

  • White Papers // Apr 2012

    Attacking RSA-CRT Signatures with Faults on Montgomery Multiplication

    In this paper, the authors present several efficient fault attacks against implementations of RSA-CRT signatures that use modular exponentiation algorithms based on Montgomery multiplication. They apply to any padding function, including randomized paddings, and as such are the first fault attacks effective against RSA-PSS. The new attacks work provided that...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2012

    Quantum Money From Hidden Subspaces

    Forty years ago, Wiesner pointed out that quantum mechanics raises the striking possibility of money that cannot be counterfeited according to the laws of physics. The authors propose the first quantum money scheme that is; public-key - meaning that anyone can verify a banknote as genuine, not only the bank...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2012

    Cryptanalysis of an Identity-Based Multiple Key Agreement Scheme

    Multiple Key Agreement (MKA) protocols allow two parties to generate two or more session keys in one session, which will be used for future secure communications in public network. In recent years, many MKA protocols have been proposed. However, most of them do not consider ephemeral key compromise resilience, and...

    Provided By International Association for Cryptologic Research