Qredo Network
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Authenticating Computation on Groups: New Homomorphic Primitives and Applications
Universita` degli Studi di Catania Dipartimento di Matematica ed Informatica Dottorato di Ricerca in Matematica Pura ed Applicata XXVI ciclo Orazio Puglisi Authenticating Computation on Groups: New Homomorphic Primitives and Applications Advisor: Ch.mo Prof. Dario Catalano ANNO ACCADEMICO 2013-2014 Contents Contents i Acknowledgments iv 1 Introduction 1 1.1 Afewwordsaboutcryptographyhistory . 1 1.2 From Encryption to Homomorphic Encryption . 3 1.3 Whatabouthomomorphicsignatures? . 4 1.4 Fromaconcreteproblemtoanewprimitive . 6 1.5 Organizationofthisthesis . 8 2 Preliminaries and notations 10 2.1 BasicNotations .......................... 10 2.1.1 Probabilisticnotation. 10 2.1.2 NumberTheory...................... 11 2.1.3 Pairings .......................... 11 2.1.4 Computationalassumptions . 12 2.2 PrimitivesandSecurity. 13 2.2.1 Usersandprimitives . 13 2.2.2 Indistinguishability under CPA and CCA . 15 2.2.3 Theasymptoticapproach . 16 2.2.4 Primitives ......................... 17 2.2.4.1 HashFunction . 17 2.2.4.2 ChameleonHashFunction . 18 2.2.4.3 PublicKeyEncryption. 19 i CONTENTS ii 2.2.4.3.1 Security for Public Key Encryption Schemes. ............... 20 2.2.4.3.2 Paillier Encryption Scheme . 22 2.2.4.4 Signatures. 23 2.2.4.4.1 Security for Digital Signatures Schemes 24 2.2.4.4.2 WatersSignature . 26 2.2.4.5 AuthenticatedEncryption . 27 2.2.4.6 SigmaProtocol . 28 2.2.4.6.1 SchnorrSigmaProtocol . 30 2.2.5 Homomorphicprimitives . 30 3 A linearly homomorphic signature scheme to sign elements in bilinear groups 32 3.1 Linear Network Coding and Linearly Homomorphic Signatures 33 3.2 HomomorphicSignaturesscheme . 34 3.2.1 Correctness and Security for Homomorphic Signatures 35 3.3 LHSG:Definition ........................ -
Public Auditing for Secure and Efficient Cloud Data Storage: a Comprehensive Survey
Vol-7 Issue-4 2021 IJARIIE-ISSN(O)-2395-4396 Public Auditing for Secure and Efficient Cloud Data Storage: A Comprehensive Survey 1Ayesha Siddiqha Mukthar, 2Dr. Jitendra Sheetlani 1Research Scholar, Sri Satya Sai University of Technology and Medical Sciences, Sehore 2Associate Professor, Sri Satya Sai University of Technology and Medical Sciences, Sehore Abstract: Nowadays storage of data is big problem because the huge generation of multimedia data likes images, audio, video etc. whose size is very large. For storing of these data size of conventional storage is not sufficient so we need remote storage such as cloud which is resilient infrastructure, reliable and high quality performance for the cloud users. In the cloud there is no direct physical control over the records because the cloud uses its resource pool for storing. Consequently data reliability fortification and auditing is not a modest task. The user prerequisites to depend on a Third Party Auditor (TPA) who is working as a public auditor for authenticating the data integrity and privacy. This paper presents the various auditing techniques of cloud computing for improving security and then future research challenges which need to be adopt by researchers to make system obvious. Keywords: Auditing, Cloud Computing, Storage, TPA, Reliability, Integrity. Introduction: Cloud is offering the different services to its users. Data sharing between two organizations which common in many application areas. The current data sharing and integration among various organizations requires the central and trusted authority to collect data from all data sources and then integrate the collected data. In current trend, there is necessary condition which defines the data sharing while preserving privacy in cloud. -
Secure E-Voting System by Utilizing Homomorphic Properties of the Encryption Algorithm
View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by TELKOMNIKA (Telecommunication Computing Electronics and Control) TELKOMNIKA, Vol.16, No.2, April 2018, pp. 862~867 ISSN: 1693-6930, accredited A by DIKTI, Decree No: 58/DIKTI/Kep/2013 DOI: 10.12928/TELKOMNIKA.v16i2.8420 862 Secure E-voting System by Utilizing Homomorphic Properties of the Encryption Algorithm Rifki Suwandi*, Surya Michrandi Nasution, Fairuz Azmi Electrical Engineering Faculty, Telkom University, Bandung, Indonesia *Corresponding author, e-mail: [email protected], [email protected], [email protected] Abstract The use of cryptography in the e-voting system to secure data is a must to ensure the authenticity of the data. In contrast to common encryption algorithms, homomorphic encryption algorithms had unique properties that can perform mathematical operations against ciphertext. This paper proposed the use of the Paillier and Okamoto-Uchiyama algorithms as two homomorphic encryption algorithms that have the additional properties so that it can calculate the results of voting data that has been encrypted without having to be decrypted first. The main purpose is to avoid manipulation and data falsification during vote tallying process by comparing the advantages and disadvantages of each algorithm. Keywords: cryptography, encryption, homomorphic, Paillier, Okamoto-Uchiyama Copyright © 2018 Universitas Ahmad Dahlan. All rights reserved. 1. Introduction There are numerous issues with the electronic vote casting system, together with system errors, network safety, information security, and so on. One of the primary issues is cheating committed by either insider or outsider, especially for some important role holders with authority that can access the system itself. -
Two-Party ECDSA from Hash Proof Systems and Efficient Instantiations
Two-Party ECDSA from Hash Proof Systems and Efficient Instantiations Guilhem Castagnos, Dario Catalano, Fabien Laguillaumie, Federico Savasta, Ida Tucker To cite this version: Guilhem Castagnos, Dario Catalano, Fabien Laguillaumie, Federico Savasta, Ida Tucker. Two-Party ECDSA from Hash Proof Systems and Efficient Instantiations. CRYPTO 2019 - 39th Annual Inter- national Cryptology Conference, Aug 2019, Santa Barbara, United States. pp.191-221, 10.1007/978- 3-030-26954-8_7. hal-02281931 HAL Id: hal-02281931 https://hal.archives-ouvertes.fr/hal-02281931 Submitted on 9 Sep 2019 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Two-Party ECDSA from Hash Proof Systems and Efficient Instantiations Guilhem Castagnos1, Dario Catalano2, Fabien Laguillaumie3, Federico Savasta2;4, and Ida Tucker3 1 Université de Bordeaux, INRIA, CNRS, IMB UMR 5251, F-33405 Talence, France. 2 Università di Catania, Italy. 3 Univ Lyon, EnsL, UCBL, CNRS, Inria, LIP, F-69342, LYON Cedex 07, France. 4 Scuola Superiore di Catania, Italy Abstract. ECDSA is a widely adopted digital signature standard. Unfortunately, efficient distributed variants of this primitive are notoriously hard to achieveand known solutions often require expensive zero knowledge proofs to deal with malicious adversaries. -
On the Implementation of Pairing-Based Cryptosystems a Dissertation Submitted to the Department of Computer Science and the Comm
ON THE IMPLEMENTATION OF PAIRING-BASED CRYPTOSYSTEMS A DISSERTATION SUBMITTED TO THE DEPARTMENT OF COMPUTER SCIENCE AND THE COMMITTEE ON GRADUATE STUDIES OF STANFORD UNIVERSITY IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF DOCTOR OF PHILOSOPHY Ben Lynn June 2007 c Copyright by Ben Lynn 2007 All Rights Reserved ii I certify that I have read this dissertation and that, in my opinion, it is fully adequate in scope and quality as a dissertation for the degree of Doctor of Philosophy. Dan Boneh Principal Advisor I certify that I have read this dissertation and that, in my opinion, it is fully adequate in scope and quality as a dissertation for the degree of Doctor of Philosophy. John Mitchell I certify that I have read this dissertation and that, in my opinion, it is fully adequate in scope and quality as a dissertation for the degree of Doctor of Philosophy. Xavier Boyen Approved for the University Committee on Graduate Studies. iii Abstract Pairing-based cryptography has become a highly active research area. We define bilinear maps, or pairings, and show how they give rise to cryptosystems with new functionality. There is only one known mathematical setting where desirable pairings exist: hyperellip- tic curves. We focus on elliptic curves, which are the simplest case, and also the only curves used in practice. All existing implementations of pairing-based cryptosystems are built with elliptic curves. Accordingly, we provide a brief overview of elliptic curves, and functions known as the Tate and Weil pairings from which cryptographic pairings are derived. We describe several methods for obtaining curves that yield Tate and Weil pairings that are efficiently computable yet are still cryptographically secure. -
Homomorphic Encryption: Working and Analytical Assessment DGHV, Helib, Paillier, FHEW and HE in Cloud Security
Master of Science in Computer Science February 2017 Homomorphic Encryption: Working and Analytical Assessment DGHV, HElib, Paillier, FHEW and HE in cloud security Srinivas Divya Papisetty Faculty of Computing Blekinge Institute of Technology SE-371 79 Karlskrona Sweden This thesis is submitted to the Faculty of Computing at Blekinge Institute of Technology in partial fulfillment of the requirements for the degree of Master of Science in Computer Science. The thesis is equivalent to 20 weeks of full time studies. Contact Information: Author(s): Srinivas Divya Papisetty E-mail: [email protected] University advisor: Dr. Emiliano Casalicchio Dept. of Computer Science & Engineering Faculty of Computing Internet : www.bth.se Blekinge Institute of Technology Phone : +46 455 38 50 00 SE-371 79 Karlskrona, Sweden Fax : +46 455 38 50 57 i i ABSTRACT Context. Secrecy has kept researchers spanning over centuries engaged in the creation of data protection techniques. With the growing rate of data breach and intervention of adversaries in confidential data storage and communication, efficient data protection has found to be a challenge. Homomorphic encryption is one such data protection technique in the cryptographic domain which can perform arbitrary computations on the enciphered data without disclosing the original plaintext or message. The first working fully homomorphic encryption scheme was proposed in the year 2009 and since then there has been a tremendous increase in the development of homomorphic encryption schemes such that they can be applied to a wide range of data services that demand security. All homomorphic encryption schemes can be categorized as partially homomorphic (PHE), somewhat homomorphic (SHE), leveled homomorphic (LHE), and fully homomorphic encryption (FHE). -
Eurocrypt'2000 Conference Report
Eurocrypt'2000 Conference Report May 15–18, 2000 Bruges Richard Graveman Telcordia Technologies Morristown, NJ USA [email protected] Welcome This was the nineteenth annual Eurocrypt conference. Thirty-nine out of 150 papers were accepted, and there were two invited talks along with the traditional rump session. About 480 participants from 39 countries were present. Bart Preneel was Program Chair. The Proceedings were published by Springer Verlag as Advances in Cryptology— Eurocrypt'98, Lecture Notes in Computer Science, Volume 1807, Bart Preneel, editor. Session 1: Factoring and Discrete Logarithm, Chair: Bart Preneel Factorization of a 512-bit RSA Modulus, Stefania Cavallar (CWI, The Netherlands), Bruce Dodson (Lehigh University, USA), Arjen K. Lenstra (Citibank, USA), Walter Lioen (CWI, The Netherlands), Peter L. Montgomery (Microsoft Research, USA and CWI, The Netherlands), Brian Murphy (The Australian National University, Australia), Herman te Riele (CWI, The Netherlands), Karen Aardal (Utrecht University, The Netherlands), Jeff Gilchrist (Entrust Technologies Ltd., Canada), Gérard Guillerm (École Polytechnique, France), Paul Leyland (Microsoft Research Ltd., UK), Joël Marchand (École Polytechnique/CNRS, France), François Morain (École Polytechnique, France), Alec Muffett (Sun Microsystems, UK), Chris and Craig Putnam (USA), Paul Zimmermann (Inria Lorraine and Loria, France) The authors factored the RSA challenge number RSA-512 with the general number field sieve (NFS). The algorithm has four steps: polynomial selection, sieving, linear algebra, and square root extraction. For N known to be composite, two irreducible polynomials with a common root mod N are needed. f1 (of degree 5 in this case) should have many roots modulo small primes as well as being as small as possible. -
Short Signatures from the Weil Pairing∗
Short Signatures from the Weil Pairing∗ Dan Boneh† Ben Lynn Hovav Shacham [email protected] [email protected] [email protected] Abstract We introduce a short signature scheme based on the Computational Diffie-Hellman assump- tion on certain elliptic and hyper-elliptic curves. For standard security parameters, the signature length is about half that of a DSA signature with a similar level of security. Our short signature scheme is designed for systems where signatures are typed in by a human or are sent over a low-bandwidth channel. We survey a number of properties of our signature scheme such as signature aggregation and batch verification. 1 Introduction Short digital signatures are needed in environments with strong bandwidth constraints. For ex- ample, product registration systems often ask users to key in a signature provided on a CD label. When a human is asked to type in a digital signature, the shortest possible signature is needed. Similarly, due to space constraints, short signatures are needed when one prints a bar-coded digital signature on a postage stamp [50, 45]. As a third example, consider legacy protocols that allocate a fixed short field for non-repudiation [1, 32]. One would like to use the most secure signature that fits in the allotted field length. The two most frequently used signatures schemes, RSA and DSA, produce relatively long sig- natures compared to the security they provide. For example, when one uses a 1024-bit modulus, RSA signatures are 1024 bits long. Similarly, when one uses a 1024-bit modulus, standard DSA signatures are 320 bits long. -
The Paillier Cryptosystem
The Paillier Cryptosystem A Look Into The Cryptosystem And Its Potential Application By Michael O’Keeffe The College of New Jersey Mathematics Department April 18, 2008 ABSTRACT So long as there are secrets, there is a need for encryption to help guard these secrets. The Paillier Cryptosystem is an encryption scheme that can be used to conceal information, with a few interesting properties. These properties, when creatively applied, allow the Paillier Cryptosystem to be used in ways that other cryptographic systems simply can’t be used. This paper will explore how the Paillier Cryptosystem works, how these properties arise, and one way in which the system can be used in a real world situation as a result of these properties. 1. INTRODUCTION 1.1 A Brief History of Cryptography There are simply times when the intended recipient of a message needs to be the only person able to gather the information contained inside it. To this end, there exists the need for the ability to hide the contents of a message from all but the intended recipient. Primitively, one may choose to physically conceal a message in a location of which only the recipient is aware. However, there exists the risk of the message’s discovery, at which point all information contained within the message is no longer secure. Thus, the need for encryption arises: a way in which to alter a message in such a way that, should the message be intercepted by someone other than the intended recipient, it would be difficult, if not practically impossible, for this person to absorb the information contained within the message. -
Paillier Cryptosystem - Wikipedia, the Free Encyclopedia Paillier Cryptosystem from Wikipedia, the Free Encyclopedia
13/03/13 Paillier cryptosystem - Wikipedia, the free encyclopedia Paillier cryptosystem From Wikipedia, the free encyclopedia The Paillier cryptosystem, named after and invented by Pascal Paillier in 1999, is a probabilistic asymmetric algorithm for public key cryptography. The problem of computing n-th residue classes is believed to be computationally difficult. The decisional composite residuosity assumption is the intractability hypothesis upon which this cryptosystem is based. The scheme is an additive homomorphic cryptosystem; this means that, given only the public-key and the encryption of and , one can compute the encryption of . Contents 1 Algorithm 1.1 Key generation 1.2 Encryption 1.3 Decryption 1.4 Homomorphic properties 1.5 Background 1.6 Semantic Security 1.7 Applications 2 See also 3 References 3.1 Notes 4 External links Algorithm The scheme works as follows: Key generation 1. Choose two large prime numbers p and q randomly and independently of each other such that . This property is assured if both primes are of equivalent length, i.e., for security parameter .[1] 2. Compute and . 3. Select random integer where 4. Ensure divides the order of by checking the existence of the following modular multiplicative inverse: , where function is defined as . Note that the notation does not denote the modular multiplication of times the modular en.wikipedia.org/wiki/Paillier_cryptosystem 1/5 13/03/13 Paillier cryptosystem - Wikipedia, the free encyclopedia multiplicative inverse of but rather the quotient of divided by , i.e., the largest integer value to satisfy the relation . The public (encryption) key is . The private (decryption) key is If using p,q of equivalent length, a simpler variant of the above key generation steps would be to set and , where .[1] Encryption 1. -
Fair Encryption of RSA Keys
Fair Encryption of RSA Keys Guillaume Poupard and Jacques Stern Ecole¶ Normale Sup¶erieure, D¶epartement d'informatique 45 rue d'Ulm, F-75230 Paris Cedex 05, France email: fGuillaume.Poupard,[email protected] Abstract. Cryptography is more and more concerned with elaborate protocols involving many participants. In some cases, it is crucial to be sure that players behave fairly especially when they use public key en- cryption. Accordingly, mechanisms are needed to check the correctness of encrypted data, without compromising secrecy. We consider an op- timistic scenario in which users have pairs of public and private keys and give an encryption of their secret key with the public key of a third party. In this setting we wish to provide a publicly veri¯able proof that the third party is able to recover the secret key if needed. Our emphasis is on size; we believe that the proof should be of the same length as the original key. In this paper, we propose such proofs of fair encryption for El Gamal and RSA keys, using the Paillier cryptosystem. Our proofs are really e±cient since in practical terms they are only a few hundred bytes long. As an application, we design a very simple and e±cient key recovery system. 1 Introduction In some cryptographic applications it is crucial to be sure that players behave fairly, especially when they use public key encryption. For example, we can consider a voting scheme where each player encrypts the name of his favorite candidate. It can be useful to convince anybody that the encrypted name is indeed in the list of the candidates without revealing any information about this name. -
Efficient Decentralized Tracing Protocol for Fingerprinting System
Proceedings of APSIPA Annual Summit and Conference 2019 18-21 November 2019, Lanzhou, China Efficient Decentralized Tracing Protocol for Fingerprinting System with Index Table Minoru Kuribayashi and Nobuo Funabiki Okayama University, Okayama, Japan E-mail: [email protected] Abstract—Due to the burden at a trusted center, a decen- From the different point of view, as differently fingerprinted tralized fingerprinting system has been proposed by delegating versions of same content are delivered to users, a coalition of authority to an authorized server so that the center does not users will be able to modify/delete the fingerprint, which is participate in the tracing protocol. As a fingerprinting code is used to retain a collusion resistance, the calculation of correlation called collusion attack. In order to tolerate for the collusion score for each user is required to identify illegal users from attack, fingerprinting codes [12], [13], [14], [15] enable a a pirated copy. Considering the secrecy of code parameters, seller to catch at least one illegal user from a pirated copy. the computation must be executed by a seller in an encrypted Among the codes, the Tardos code [14] and its variant [15] domain to realize the decentralized tracing protocol. It requires are attractive because its code length can be a theoretically much computational costs as well as the communication costs between the center and a seller because encrypted database (DB) minimum order. The codeword is produced by a probabilistic is necessary for the computation. In this paper, we propose a algorithm based on bias probabilities as secret parameter.