International Association for Cryptologic Research

Displaying 1-40 of 442 results

  • White Papers // Mar 2014

    Efficient Fuzzy Search on Encrypted Data

    The authors study the problem of efficient (sub-linear) fuzzy search on encrypted outsourced data, in the symmetric-key setting. In particular, a user who stores encrypted data on a remote untrusted server forms queries that enable the server to efficiently locate the records containing the requested keywords, even though the user...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2014

    Verifiable Delegated Set Intersection Operations on Outsourced Encrypted Data

    The authors initiate the study of the following problem: suppose Alice and Bob would like to outsource their encrypted private data sets to the cloud, and they also want to conduct the set intersection operation on their plaintext data sets. The straightforward solution for them is to download their outsourced...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2014

    Non-Interactive Cryptography in the RAM Model of Computation

    Using recently developed techniques for program obfuscation, the authors show several constructions of non-interactive cryptosystems in the Random-Access Machine (RAM) model of computation that are asymptotically more efficient than what would be obtained using generic RAM-to-circuit compilation. In particular, let T denote the running time and n the memory size...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Outsourcing Private RAM Computation

    The authors construct the first schemes that allow a client to privately outsource arbitrary program executions to a remote server while ensuring that: the client's work is small and essentially independent of the complexity of the computation being outsourced, and the server's work is only proportional to the run-time of...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Reducing the Overhead of Cloud MPC

    The authors present a secure Multi-Party Computation (MPC) protocol in the honest-majority setting, which aims to reduce the communication costs in the situation where there are a large number of parties (as in a cloud scenario). Their goal is to reduce the usage of point-to-point channels, so as to enable...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Garbled RAM Revisited Part II

    In EUROCRYPT 2013, Lu and Ostrovsky proposed the notion of Garbled RAM (GRAM) programs. These GRAM programs are analogous to the classic result of Yao's garbled circuits: a large encrypted memory can first be provided to evaluator, and then a program can separately be garbled and sent to an evaluator...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2014

    Garbled RAM Revisited Part I

    The notion of garbled Random-Access Machines (garbled RAMs) was introduced by Lu and Ostrovsky (Eurocrypt 2013). It can be seen as an analogue of Yao's garbled circuits that allows a user to garble a RAM program directly, without performing the expensive step of converting it into a circuit. In particular,...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2014

    Improved Differential Fault Attack on MICKEY 2.0

    In this paper the authors describe several ideas related to Differential Fault Attack (DFA) on MICKEY 2.0, a stream cipher from eStream hardware profile. Using the standard assumptions for fault attacks, they first show that if the adversary can induce random single bit faults in the internal state of the...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Power and Timing Side Channels for PUFs and their Efficient Exploitation

    The authors discuss the first power and timing side channels on Strong Physical Unclonable Functions (Strong PUFs) in the literature, and describe their efficient exploitation via adapted Machine Learning (ML) techniques. Their method is illustrated by the example of the two currently most secure (CCS 2010, IEEE T-IFS 2013) electrical...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Property Preserving Symmetric Encryption

    The authors proposed the notion of Property Preserving symmetric Encryption (PPEnc). They defined several security notions for PPEnc and studied their relationship. They also proposed a concrete scheme which preserves the orthogonality of encrypted vectors. The proposed construction is claimed to achieve the strongest security notion of property preserving encryption,...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    How to Keep a Secret: Leakage Deterring Public-key Cryptography

    How is it possible to prevent the sharing of cryptographic functions? This question appears to be fundamentally hard to address since in this setting the owner of the key is the adversary: they wishes to share a program or device that (potentially only partly) implements the users' main cryptographic functionality....

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Weakness of Several Identity-Based Tripartite Authenticated Key Agreement Protocols

    It is necessary to guarantee confidentiality, integrity and other security services for the communication parties over the open network. Key agreement allows multi-parties exchanging public information to create a common secret key that is known only to those entities over an insecure network. In recent years, several identity-based authenticated key...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Chosen Ciphertext Secure (CCS): Symmetric Key CCA Encryption with Minimal Ciphertext Expansion

    In some wireless environments, minimizing the size of messages is paramount due to the resulting significant energy savings. The authors present a new symmetric encryption scheme: CCS or Chosen Cipher-text Secure scheme. CCS has the property that modifications to the cipher-text randomize the resulting plaintext. Using this property, they prove...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    CBEAM: Efficient Authenticated Encryption from Feebly One-Way Functions

    The authors show how efficient and secure cryptographic mixing functions can be constructed from low-degree rotation-invariant functions rather than conventional S-Boxes. These novel functions have surprising properties; many exhibit inherent feeble (Boolean circuit) one-wayness and offer speed/area trade-offs unobtainable with traditional constructs. Recent theoretical results indicate that even if the...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Beyond Modes: Building a Secure Record Protocol from a Cryptographic Sponge Permutation

    Blinker is a light-weight cryptographic suite and record protocol built from a single permutation. Its design is based on the sponge construction used by the SHA-3 algorithm keccak. The authors examine the SpongeWrap authenticated encryption mode and expand its padding mechanism to offer explicit domain separation and enhanced security for...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Lattice Signatures and Bimodal Gaussians

    The authors' main result is a construction of a lattice-based digital signature scheme that represents an improvement, both in theory and in practice, over today's most efficient lattice schemes. The novel scheme is obtained as a result of a modification of the rejection sampling algorithm that is at the heart...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Functional Encryption for Randomized Functionalities

    Originally, encryption was thought of as a way to encrypt \"Point-to-point\" communication. However, in the contemporary world with cloud computing and complex networks, it has become clear that the people need encryption to offer more functionality. In this paper, the authors present the first definitions and constructions for functional encryption...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Verifier-Based Password-Authenticated Key Exchange: New Models and Constructions

    While Password-Authenticated Key Exchange (or PAKE) protocols have been deeply studied, a server corruption remains the main threat, with many concrete cases nowadays. Verifier-based PAKE (or VPAKE) protocols, initially called augmented-PAKE, have been proposed to limit the impact of any leakage. However, no satisfactory security model has ever been proposed...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Towards Leakage Exploitation Rate Optimality in Template Attack

    Template attack is widely accepted to be one of the most powerful side-channel attacks, because it is usually assumed that one has a full knowledge of the targeted crypto devices and thus be well capable of characterizing the side-channel leakages. However, the question of whether template attack is really optimal...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    RDAS: A Symmetric Key Scheme for Authenticated Query Processing in Outsourced Databases

    In this paper the authors address the problem of authenticated query processing in outsourced databases. An authenticated query processing mechanism allows a client to verify the validity of the query responses that it gets from an untrusted and remote server, who stores the client's database on its behalf. They introduce...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Formal Analysis of CRT-RSA Vigilant's Countermeasure Against the BellCoRe Attack

    In the authors' paper at PROOFS 2013, they formally studied a few known countermeasures to protect CRT- RSA against the BellCoRe fault injection attack. However, they left vigilant's countermeasure and its alleged repaired version by the researcher as future work, because the arithmetical framework of their tool was not sufficiently...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    SPHF-Friendly Non-Interactive Commitments

    In 2009, the author proposed a reasonably practical Password-Authenticated Key Exchange (PAKE) secure against adaptive adversaries in the Universal Composability (UC) framework. It exploited the canetti-fischlin methodology for commitments and the cramer-shoup Smooth Projective Hash Functions (SPHFs), following the gennaro-lindell approach for PAKE. In this paper, the authors revisit the...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Lower Bounds in the Hardware Token Model

    A protocol for secure two-party computation allows two mutually distrustful parties to jointly compute a function f of their respective inputs, x and y, in a way that does not reveal anything beyond the value f (x; y) being computed. Soon after the introduction of this powerful notion, it was...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Leakage Resilient Fully Homomorphic Encryption

    The authors construct the first leakage resilient variants of Fully Homomorphic Encryption (FHE) schemes. Their leakage model is bounded adaptive leakage resilience. They first construct a leakage-resilient leveled FHE scheme, meaning the scheme is both leakage resilient and homomorphic for all circuits of depth less than some pre-established maximum set...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    On the Relation of Random Grid, Probabilistic and Deterministic Visual Cryptography

    Visual cryptography is a special type of secret sharing. Two models of visual cryptography have been independently studied: deterministic visual cryptography, random grid visual cryptography, introduced by the researchers. In the context of the deterministic model, the researcher has introduced a third model, the probabilistic visual cryptography model. The connection...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Strongly Secure One-Round Group Authenticated Key Exchange in the Standard Model

    One-round Group Authenticated Key Exchange (GAKE) protocols typically provide implicit authentication and appealing bandwidth efficiency. As a special case of GAKE - the pairing-based one-round Tripartite Authenticated Key Exchange (3AKE), recently gains much attention of research community due to its strong security. Several pairing-based one-round 3AKE protocols have recently been...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    NICV: Normalized Inter-Class Variance for Detection of Side-Channel Leakage

    Side-Channel Attacks (SCA) is considered a serious threat against embedded cryptography. Therefore security-critical chips must be tested for SCA resistance before deployment or certification. SCA are powerful but can need a lot of computation power, especially in the presence of countermeasures. The computation complexity of these attacks can be reduced...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Iterated Group Products and Leakage Resilience Against NC1

    The interplay between group theory and computational complexity has been the source of a number of elegant constructions and computational insights. A line of work [Bar89, CM87, BT88, BC92, CL94, Cle91, and IL95] in the late 1980s gave characterizations of various complexity classes in terms of products over finite groups....

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    A Note on Bilinear Groups of a Large Composite Order

    Weil pairing plays a key role in elliptic curve cryptography. The authors remark that the structure of bilinear groups of a large composite order (at least 1024 bits) could make group operation inefficient and lose the advantages of elliptic curve cryptography which gained mainly from smaller parameter size. As of...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Constant-Round Black-Box Construction of Composable Multi-Party Computation Protocol

    The authors present the first general MPC protocol that satisfies the following: the construction is black-box, the protocol is universally composable in the plain model, and the number of rounds is constant. The security of their protocol is proven in angel-based UC security under the assumption of the existence of...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Between a Rock and a Hard Place: Interpolating Between MPC and FHE

    In the last few years computing on encrypted data via either Fully Homomorphic Encryption (FHE) or Multi-Party Computation (MPC) has been subject to a remarkable number of improvements. Firstly, FHE was shown to be possible; and this was quickly followed by a variety of applications and performance improvements. Secondly, whilst...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2013

    Tamper Resilient Circuits: The Adversary at the Gates

    In this paper the authors initiate the investigation of gate-tampering attacks against cryptographic circuits. Their model is motivated by the plausibility of tampering directly with circuit gates and by the increasing use of tamper resilient gates among the known constructions that are shown to be resilient against wire-tampering adversaries. They...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Secure Multiparty Computations on BitCoin

    BitCoin is a decentralized digital currency, introduced in 2008, that has recently gained noticeable popularity. Its main features are: it lacks a central authority that controls the transactions, the list of transactions is publicly available, and its syntax allows more advanced transactions than simply transferring the money. This paper show...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Data Security in Cloud Architecture Based on Diffie Hellman and Elliptical Curve Cryptography

    Technological advancements in cloud computing due to increased connectivity and exponentially proliferating data has resulted in migration towards cloud architecture. Cloud computing is technology where the users' can use high end services in form of software that reside on different servers and access data from all over the world. Cloud...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Notions of Black-Box Reductions, Revisited

    Reductions are the common technique to prove security of cryptographic constructions based on a primitive. They take an allegedly successful adversary against the construction and turn it into a successful adversary against the underlying primitive. To a large extent, these reductions are black-box in the sense that they consider the...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Linearly Homomorphic Structure Preserving Signatures: New Methodologies and Applications

    In this paper the authors introduced the notion of Linearly Homomorphic Structure Preserving Signatures (LHSPS) as a tool to perform verifiable computation on encrypted data and to create constant-size non malleable commitments to group elements. In this paper they improve their understanding of LH- SPS by putting forward new methodologies...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    New Insight into the Isomorphism of Polynomial Problem IP1S and its Use in Cryptography

    In this paper the authors investigate the mathematical structure of the \"Isomorphism of Polynomial with One Secret\" problem (IP1S). Their purpose is to understand why for practical parameter values of IP1S most random instances are easily solvable. They show that the structure of the problem is directly linked to the...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Homomorphic Authenticated Encryption Secure Against Chosen-Ciphertext Attack

    The authors study homomorphic authenticated encryption, where privacy and authenticity of data are protected simultaneously. They define homomorphic versions of various security notions for privacy and authenticity, and investigate relations between them. In particular, they show that it is possible to give a natural definition of IND-CCA for homomorphic authenticated...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Behind the Scene of Side Channel Attacks

    Since the introduction of side channel attacks in the nineties, a large amount of work has been devoted to their effectiveness and efficiency improvements. On the one side, general results and conclusions are drawn in theoretical frameworks, but the latter ones are often set in a too ideal context to...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2013

    Obfuscation from Semantically-Secure Multi-Linear Encodings

    The goal of program obfuscation is to \"Scramble\" a computer program, hiding its implementation details (making it hard to \"Reverse-engineer\"), while preserving the functionality (i.e, input/output behavior) of the program. Precisely defining what it means to \"Scramble\" a program is non-trivial: on the one hand, the authors want a definition...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2010

    Further Observations on Optimistic Fair Exchange Protocols in the Multi-User Setting

    Recent research has shown that the single-user security of optimistic fair exchange cannot guarantee the multi-user security. This paper investigates the conditions under which the security of optimistic fair exchange in the single-user setting is preserved in the multi-user setting. The authors first introduce and define a property called "Strong...

    Provided By International Association for Cryptologic Research

  • White Papers // Jan 2013

    Faster Index Calculus for the Medium Prime Case Application to 1175-Bit and 1425-Bit Finite Fields

    Many index calculus algorithms generate multiplicative relations between smoothness basis elements by using a process called Sieving. This process allows filtering potential candidate relations very quickly, without spending too much time to consider bad candidates. However, from an asymptotic point of view, there is not much difference between sieving and...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2012

    An Ideal Multi-Secret Sharing Scheme Based on Minimal Privileged Coalitions

    How to construct an ideal multi-secret sharing scheme for general access structures is difficult. In this paper, the authors solve an open problem proposed by Spiez et al. recently, namely to design an algorithm of privileged coalitions of any length if such coalitions exist. Furthermore, in terms of privileged coalitions,...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2012

    Cryptanalysis of Matrix Conjugation Schemes

    The conjugacy search problem plays a special role in group-based cryptography. Most of the cryptosystems based on groups use one or another variation of that problem. For instance: employs conjugacy search problem in braid groups, employ simultaneous conjugacy search problem in braid groups, employs twisted conjugacy problem, employ decomposition problem...

    Provided By International Association for Cryptologic Research

  • White Papers // Dec 2011

    Design of Secure Image Transmission in MANET Using Number Theory Based Image Compression and Quasigroup Encryption (NTICQE) Algorithm

    Image compression and image encryption are pivotal to proper storage and transmission of images over MANET. Simultaneous image compression and encryption aims at achieving enhanced bandwidth utilization and security at the same time. The Number Theory based Image Compression and Quasigroup Encryption (NTICQE) algorithm employs number theoretic paradigm - Chinese...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2012

    Towards Fully Collusion-Resistant ID-Based Establishment of Pairwise Keys

    Usually a communication link is secured by means of a symmetric-key algorithm. For that, a method is required to securely establish a symmetric-key for that algorithm. This old key establishment problem is still relevant and of paramount importance both in existing computer networks and new large-scale ubiquitous systems comprising resource-constrained...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2012

    Improved Side Channel Attack on the Block Cipher NOEKEON

    Classical cryptanalysis generally considers adversaries getting black box access to the cryptographic primitives they target, e.g. the inputs and outputs of a block cipher. However, considering the practical implementations of a block cipher, especially in resource limited systems such as smart cards, there is a stronger attack model, namely the...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2012

    Differential Analysis of the LED Block Cipher

    In this paper, the authors present a security analysis of the lightweight block cipher LED proposed by Guo et al. at CHES 2011. Since the design of LED is very similar to the Even-Mansour scheme, they first review existing attacks on this scheme and extend them to related-key and related-key-cipher...

    Provided By International Association for Cryptologic Research

  • White Papers // Jul 2012

    Efficient Implementation of RSA Algorithm with MKE

    The aim of this paper is to improve the implementation of RSA algorithm in some certain situations. This improvement is based on the ideas of H. Ren-Junn, S. Feng-Fu, Y. Yi-Shiung and C. Chia-Yao and allows users to speed up the transmission of data between various nodes in networks. The...

    Provided By International Association for Cryptologic Research

  • White Papers // Aug 2012

    On the Immunity of Boolean Functions Against Fast Algebraic Attacks Using Bivariate Polynomial Representation

    Boolean functions are frequently used in the design of stream ciphers, block ciphers and hash functions. One of the most vital roles in cryptography of Boolean functions is to be used as filter and combination generators of stream ciphers based on Linear Feedback Shift Registers (LFSR). In the last decade,...

    Provided By International Association for Cryptologic Research

  • White Papers // Aug 2012

    Approaches for the Parallelization of Software Implementation of Integer Multiplication

    In this paper, there are considered several approaches for the increasing performance of software implementation of integer multiplication algorithm for the 32-bit & 64-bit platforms via parallelization. The main idea of algorithm parallelization consists in delayed carry mechanism using which authors have proposed earlier. The delayed carry allows to get...

    Provided By International Association for Cryptologic Research

  • White Papers // Sep 2012

    Some Connections Between Primitive Roots and Quadratic Non-Residues Modulo a Prime

    Generating primitive roots modulo a prime is a fundamental problem in number theory, with major applications in cryptography. Diffie-Hellman key establishment scheme, ElGamal public-key cryptosystem, Schnorr identification scheme and Digital Signature Scheme are only a few examples which rely on generating primitive roots or elements of a certain order. Finding...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2012

    Rational Authentication Protocols and Their Use in Nancial Transactions

    The authors use ideas from game theory to improve two families of authentication protocols, namely password-based and manual authentication schemes. The protocols will be transformed so that even if an intruder attacks different protocol runs between honest nodes, its expected payoff will still be lower than when it does not...

    Provided By International Association for Cryptologic Research

  • White Papers // Jul 2012

    Constructing Pairing-Friendly Genus 2 Curves with Split Jacobian

    Genus 2 curves with simple but not absolutely simple jacobians can be used to construct pairing-based cryptosystems more efficient than for a generic genus 2 curve. The authors show that there is a full analogy between methods for constructing ordinary pairing-friendly elliptic curves and simple abelian varieties, which are iogenous...

    Provided By International Association for Cryptologic Research

  • White Papers // Jul 2012

    A Generalised Formula for Calculating the Resilience of Random Key Predistribution Schemes

    A commonly used metric for comparing the resilience of key pre-distribution schemes is fails, which measures the proportion of network connections which are 'broken' by an adversary which has compromised s nodes. In 'Random key pre-distribution schemes for sensor networks', Chan, Perrig and Song present a formula for measuring the...

    Provided By International Association for Cryptologic Research

  • White Papers // Jul 2012

    Beyond eCK: Perfect Forward Secrecy under Actor Compromise and Ephemeral-Key Reveal

    The majority of recently developed key exchange protocols have been proven secure with respect to game-based security models for key exchange protocols. The first such security model was introduced by Bellare and Rogaway. In this model, the adversary is modeled as a probabilistic polynomial-time Turing machine that interacts with the...

    Provided By International Association for Cryptologic Research

  • White Papers // Jul 2012

    Revisiting Key Schedule's Diffusion In Relation with Round Function's Diffusion

    The authors study the weakness of key schedules from an observation: many existing attacks use the fact that the key schedules poorly distribute key bits in the diffusion path of round function. This reminds them the importance of the diffusion's relation between key schedule and round function. They present new...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2010

    XBX: eXternal Benchmarking eXtension for the SUPERCOP Crypto Benchmarking Framework

    Supercop is a benchmarking framework for cryptographic algorithms like ciphers and hash functions. It automatically benchmarks algorithms across several implementations, compilers, compiler options and input data lengths. Since it is freely available for download the results are easily reproducible and benchmark results for virtually every computer that is capable of...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2010

    Public Key Perturbation of Randomized RSA Implementations

    Among all countermeasures that have been proposed to thwart side-channel attacks against RSA implementations, the exponent randomization method - also known as exponent blinding - has been very early suggested by a researcher in 1996, and formalized by other researcher in CHES 1999. Although it has been used for a...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2010

    Fault Sensitivity Analysis

    In this paper the authors propose a new fault-based attack called the Fault Sensitivity Analysis (FSA) attack, which unlike most existing fault-based analyses including Differential Fault Analysis (DFA) does not use values of faulty ciphertexts. Fault sensitivity means the critical condition when a faulty output begins to exhibit some detectable...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2010

    The Glitch PUF: A New Delay-PUF Architecture Exploiting Glitch Shapes

    In this paper the authors propose a new delay-PUF architecture that is expected to solve the current problem of delay-PUF that it is easy to predict the relation between delay information and generated information. Their architecture exploits glitches that behave non-linearly from delay variation between gates and the characteristic of...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2010

    Algebraic Side-Channel Analysis in the Presence of Errors

    Measurement errors make power analysis attacks difficult to mount when only a single power trace is available: the statistical methods that make DPA attacks so successful are not applicable since they require many (typically thousands) of traces. Recently it was suggested to use algebraic methods for the single-trace scenario, converting...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2010

    Secure Obfuscation for Encrypted Signatures

    Obfuscation is one of the most intriguing open problems in cryptography and only a few positive results are known. In TCC'07, the researcher proposed an obfuscator for a re-encryption functionality, which takes a ciphertext for a message encrypted under Alice's public key and transforms it into a ciphertext for the...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2010

    Efficient Device-Independent Quantum Key Distribution

    An efficient protocol for the quantum key distribution is proposed the security of which is entirely device-independent and not even based on the accuracy of quantum physics. A scheme of that type relies on the quantum-physical phenomenon of non-local correlations and on the assumption that no illegitimate information flows within...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2010

    Algebraic Cryptanalysis of McEliece Variants with Compact Keys

    In this paper the authors propose a new approach to investigate the security of the McEliece cryptosystem. They recall that this cryptosystem relies on the use of error-correcting codes. Since its invention thirty years ago, no efficient attack had been devised that managed to recover the private key. They prove...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2010

    Lattice Enumeration Using Extreme Pruning

    Lattice enumeration algorithms are the most basic algorithms for solving hard lattice problems such as the shortest vector problem and the closest vector problem, and are often used in public-key cryptanalysis either as standalone algorithms, or as the subroutines in lattice reduction algorithms. Here the authors revisit these fundamental algorithms...

    Provided By International Association for Cryptologic Research

  • White Papers // Feb 2010

    A Simple BGN-Type Cryptosystem from LWE

    The authors construct a simple public-key encryption scheme that supports polynomially many additions and one multiplication, similar to the cryptosystem of Boneh, Goh, and Nissim (BGN). Security is based on the hardness of the Learning With Errors (LWE) problem, which is known to be as hard as certain worst-case lattice...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2010

    Constructing Verifiable Random Functions with Large Input Spaces

    The authors present a family of verifiable random functions which are provably secure for exponentially-large input spaces under a non-interactive complexity assumption. Prior constructions required either an interactive complexity assumption or one that could tolerate a factor 2n security loss for n-bit inputs. Their construction is practical and inspired by...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2010

    Simple and Efficient Public-Key Encryption from Computational Diffie-Hellman in the Standard Model

    Security against Chosen-Ciphertext Attack (CCA) is now-a-days considered to be the standard security notion for public-key encryption. In this paper the authors are interested in practical schemes with proofs of security under mild security assumptions (such as the computational Diffie-Hellman assumption), without relying on heuristics such as the random oracle...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2010

    Constant Size Ciphertexts in Threshold Attribute-Based Encryption

    Attribute-based cryptography has emerged in the last years as a promising primitive for digital security. For instance, it provides good solutions to the problem of anonymous access control. In a ciphertext-policy attribute-based encryption scheme, the secret keys of the users depend on their attributes. When encrypting a message, the sender...

    Provided By International Association for Cryptologic Research

  • White Papers // Oct 2011

    APPA: Aggregate Privacy-Preserving Authentication in Vehicular Ad Hoc Networks

    Most security- and privacy-preserving protocols in Vehicular Ad hoc NETworks (VANETs) heavily rely on time-consuming cryptographic operations which produce a huge volume of cryptographic data. These data are usually employed for many kinds of decisions, which poses the challenge of processing the received cryptographic data fast enough to avoid unaffordable...

    Provided By International Association for Cryptologic Research

  • White Papers // Nov 2011

    Bridging Broadcast Encryption and Group Key Agreement

    Broadcast Encryption (BE) schemes allow a sender to securely broadcast to any subset of members but require a trusted party to distribute decryption keys. Group Key Agreement (GKA) protocols enable a group of members to negotiate a common encryption key via open networks so that only the members can decrypt...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2010

    Lightweight Privacy Preserving Authentication for RFID Using a Stream Cipher

    In this paper, a privacy preserving authentication protocol for RFID that relies on a single cryptographic component, a lightweight stream cipher, is constructed. This paper is to provide a more realistic balance between forward privacy and security, resistance against denial of service attacks, and computational efficiency (in tags and readers)...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2010

    Fast Software AES Encryption

    In this paper presents new software speed records for AES-128 encryption for architectures at both ends of the performance spectrum. On the one side the authors target the low-end 8-bit AVR microcontrollers and 32-bit ARM microprocessors, while on the other side of the spectrum they consider the high-performing cell broadband...

    Provided By International Association for Cryptologic Research

  • White Papers // Mar 2010

    Constructing Rate-1 MACs from Related-Key Unpredictable Block Ciphers: PGV Model

    Almost all current block-cipher-based MACs reduce their security to the pseudo-randomness of their underlying block ciphers, except for a few of them to the unpredictability, a strictly weaker security notion than pseudo-randomness. However, the latter MACs offer relatively low efficiency. In this paper, the authors investigate the feasibility of constructing...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2010

    Efficient Chosen-Ciphertext Security via Extractable Hash Proofs

    The most basic security guarantee the authors require of a Public Key Encryption scheme (PKE) is that of semantic security against Chosen-Plaintext Attacks (CPA): it is infeasible to learn anything about the plaintext from the ciphertext. On the other hand, there is a general consensus within the cryptographic research community...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2010

    Improved Differential Attacks for ECHO and Grostl

    The authors present improved cryptanalysis of two second-round SHA-3 candidates: the AES based hash functions ECHO and Grostl. They explain methods for building better differential trails for ECHO by increasing the granularity of the truncated differential paths previously considered. In the case of Grostl, they describe a new technique, the...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2010

    Equivalence of Uniform Key Agreement and Composition Insecurity

    One of the central questions in cryptography is the question of composition, which very broadly is the study of various ways to compose several basic primitives in a way that amplifies the hardness of the composed object. Naturally, this central question has received a lot of attention in various settings...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2011

    Cryptographic Extraction and Key Derivation: The HKDF Scheme

    In spite of the central role of Key Derivation Functions (KDF) in applied cryptography, there has been little formal work addressing the design and analysis of general multi-purpose KDFs. In practice, most KDFs (including those widely standardized) follow ad-hoc approaches that treat cryptographic hash functions as perfectly random functions. In...

    Provided By International Association for Cryptologic Research

  • White Papers // May 2010

    Sampling in a Quantum Population, and Applications

    The authors propose a framework for analyzing classical sampling strategies for estimating the hamming weight of a large string from a few sample positions, when applied to a multi-qubit quantum system instead. The framework shows how to interpret the result of such a strategy and how to define its accuracy...

    Provided By International Association for Cryptologic Research