DOCSLIB.ORG

A ABE, See Attribute-Based Encryption (ABE) Additive Inverse Addition and Subtraction Property, 7, 8 Inverse Addition and Subtra

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
A ABE, See Attribute-Based Encryption (ABE) Additive Inverse Addition and Subtraction Property, 7, 8 Inverse Addition and Subtra Index A B ABE, see Attribute-based encryption (ABE) Baby-step giant-step algorithm, 30–31 Additive inverse Bilinear mapping, 20, 26–27, 34–35 addition and subtraction property, 7, 8 Blind signature schemes inverse Chaum’s RSA, 252–253 addition and subtraction property, 7, 8 Okomoto-Schnorr protocol, 254–255 modular arithmetic, 7 Schnorr protocol, 253–254 and multiplicative inverse, 2 BLS short signature/BLS signature scheme, notation, 158–161 260 Asymmetric encryption (ASE), 82 Boneh-Boyen IBE, 152–156 Asymmetric key cryptography, 37, 104, 113, algorithm 244 decryption, 155 Attribute-based encryption (ABE) encryption, 155 access policy, 230–231 extract, 154, 155 basic model basic scheme complexity assumptions, 230 additive notation, 158 categories decrypting, 160–161 CP-ABE, 235–237 encryption, 160 KP-ABE, 233–235 private key extraction, 60 comparisons, 239–240 security, 167–169 difference, 237 setup of parameters, 158–160 encryption, 226 classification of IBE schemes, 156–157 IBE, 228 full scheme literature review, 238–239 decrypting, 167 PKI, 227, 228 encrypting, 166 public key encryption, 226–227 private key extraction, 166 security, 225, 240 setup of parameters, 165–166 working, 231–233 HIBE Attributes decryption, 199 Boneh-Franklin IBE, 138 encryption, 198 FIBE, 206 extraction of the private key, 198 public parameters, 162 setup, 197–198 See also Attribute-based encryption (ABE) limitation, 152 © Springer Nature Switzerland AG 2021 303 K. A. B. Ahmad et al. (eds.), Functional Encryption, EAI/Springer Innovations in Communication and Computing, https://doi.org/10.1007/978-3-030-60890-3 304 Index Boneh-Boyen IBE (cont.) pairing-based (see Pairing-based multiplicative notation cryptography) decrypting, 164 public key, 188–189 encrypting, 163–164 XTR-DH protocol, 50–51 extraction of the private key, 162–163 XTR-DSA signature scheme, 52–53 setup of parameters, 162 XTR-ElGamal encryption scheme, 51 security, 167–169 XTR-Nyberg-Rueppel (NR) signature setup algorithm, 154 scheme, 52 Boneh-Franklin IBE, HIBE XTR version of DH problem and its Boneh-Boyen IBE, 197–199 variants, 49–50 decryption, 196–197 Cryptosystem encryption, 195–196 ElGamal, 247 extraction of the private key, 195 elliptic curve and bilinear mapping-based, lower level setup, 195 34–35 root setup, 194–195 log-based, 34 Boneh-Franklin scheme LUC, 104 bilinear Diffie-Hellman problem, 191 NTRU, 105–111 decryption, 141–143 physical faults, 97 elliptic curve, 156 pitfalls, 190 encryption, 141–143 proposed, 281 examples, 146–148 RSA-based, 34, 60 furtherworks on, 144–146 XTR, 38, 50, 53 HIBE, 194–199 CvA, see Chaum-Van Antwerper (CvA) IBE, 137–139 Cyclotomic polynomial, 40 private key extraction, 140–142 proof, 169 security, 144 D setup of parameters, 139–140, 142 Decryption, 110–111, 125–126, 141–143 algorithm, 155 encoded version, 11 C FE scheme, 2 Chaum-Van Antwerper (CvA), 256–258 HIBE, 196–197, 199 Ciphertext policy-ABE (CP-ABE), 233, hyperelliptic curve, 72–73 235–241 operation, 286–287 Cocks scheme private key, 104 correctness of cocks IBE, 130 public key cryptosystem, 104 decryption, 125–126 Sakai-Kasahara IBE, 177, 180 encryption, 123–125 table, 292, 294, 296 examples, 126–129 Diffie-Hellman key exchange, 35, 86–88, 280, features, 119 283, 289 IBE, 118 Digital signature algorithm (DSA), 24, 34, 49, mathematical concepts, 119–120 52–53, 283 parameters, 121–122 Digital signatures private key extraction, 122–123 algorithms, 244 security, 131–133 hash functions, 245 working, 118–119 hierarchical IBS, 264–267 Conjugate element, 39, 40 other schemes, 267 Convolutional multiplication, 106, 114 security CP-ABE, see Ciphertext policy-ABE models, 244–245 (CP-ABE) services, 243 Cryptography signcryption, 268–270 HECC (see Hyperelliptic curve Digital signature standard (DSS), 250–251, cryptography (HECC)) 260, 272 Index 305 Discrete logarithm (DL) problem, 30, 31, 34, F 38, 60, 83, 95, 138, 245 FE, see Functional encryption (FE) Divisors FIBE, see Fuzzy identity-based encryption explanation 1, 62 (FIBE) explanation 2, 63 Finite field, 24, 61–62, 85–86 explanation 3, 63 definitions and results, 39–40 explanation 4, 63 factoring polynomials, 33 explanation 5, 63 hyperelliptic curves, 68–73 semi-reduced and reduced divisors, 65–67 irreducible polynomials, 33 DL problem, see Discrete logarithm (DL) properties, 25–26 problem Functional encryption (FE) DSA, see Digital signature algorithm (DSA) applications, 6 DSS, see Digital signature standard (DSS) challenges, 5–6 cryptography impact, 98 data security, 1 encrypted version, 2 E fully homomorphic encryption, 4–5 ECC, see Elliptic curve cryptography (ECC) functionality, 3 EC discrete logarithm problem (ECDLP), 83, obfuscation, 4–5 94 scheme, 3–4 ECDLP, see EC discrete logarithm problem symmetric, 2 (ECDLP) Functional field sieve, 31 ECSTR, see Efficient and compact subgroup Functionalities test trace representation (ECSTR) equality test, 27–28 Efficient and compact subgroup trace inequality test, 28 representation (ECSTR), 38 inner product evaluation, 28 ElGamal scheme, 49, 51, 52, 54 Fuzzy IBE, 157 ElGamal signature method, 73–74 Fuzzy identity-based encryption (FIBE), 206, Elliptic curve cryptography (ECC) 222, 229, 230, 233 data files, 60 formal model, 210 MOV attack, 34 security properties, 210–211 Elliptic curve factorization, 31–32 Encryption flowchart, 298 G functional (see Functional encryption) Greatest common divisor (GCD), 14, 63, 66, hyperelliptic curve, 72 67 simulation, 289–298 Bezout’s algorithm, 15–16 Exponential Euclidean/ Euclid’s algorithm, 14–15 algorithms, 92 extended Euclid’s algorithm, 16–17 Cipher technique, 280 Groups (mathematical), 20 mathematical operations, 281 Group theory See also Quatro-inverse exponential cipher axiom, 21 technique (QUIET) bilinear mapping, 26–27 Extensions of IBE cryptography, 20 FIBE, 206, 209–211 cryptosystem, 33–35 IBCPRE, 220–221 finite field properties, 25–26 IBKA, 207–209 illustrations, 21–22 LEKS, 213–214 properties of group PEKS, 206, 214–216 Abelian group, 22–23 secret session key, 205 finite field, 24 TBEKS, 211–212 Lagrange’s theorem, 23 WIBE, 207, 216–217 Schnorr group, 23–24 WKD-IBE, 218–219 science and conceptual variable-based math, 19 306 Index H Boneh-Boyen (see Boneh-Boyen IBE) HECC, see Hyperelliptic curve cryptography classification (HECC) “commutative blinding”, 157 HECC signature algorithm “exponent inversion”, 157 ElGamal signature method, 73–74 “full domain hash”, 156–157 security, 76 “quadratic residuosity”, 156 signature FIBE (see Fuzzy identity-based encryption generation, 74–75 (FIBE)) verification, 75–76 HIBE (see Hierarchical identity-based HIBE, see Hierarchical identity-based encryption (HIBE)) encryption (HIBE) Sakai-Kasahara (see Sakai-Kasahara IBE) HIBS schemes, 265, 266 See also Boneh-Franklin scheme Hierarchical identity-based encryption (HIBE), Identity-based encryption with wildcard key 192–194 derivation (WKD-IBE) Boneh-Franklin IBE, 194–197 formal model, 218–219 identity-based encryption, 190–192 security requirements, 219 master secret sharing, 199–201 Identity-based key agreement (IBKA), 206, pitfalls, PKC, 190 207 public key cryptography, 188–189 formal model, 208 security, 201–202 security requirements Hyperelliptic curve cryptography (HECC) Oracles, 209 computer algorithm-based systems, 60 divisors, 62–63 ECC, 60 J encryption and decryption, 72–73 Jacobian finite fields hyper ECs, 84 proof, 68–70 hyperelliptic curve Jacobian Hasse-Weil theory, 64 Hasse-Weil theory, 64 instruction, 64 instruction, 64 methodology, 65 methodology, 65 zeta function, 64–65 zeta function, 64–65 quotient group, 74 mathematical terminologies arithmetical closure, 61 cryptography of hyperelliptic curve, 61 finite field, 61–62 K interpretation, 62 Key policy-ABE (KP-ABE), 233–235, 237, Mumford arithmetic, 67–68 238, 241 pair generation, 70–72 Keyword search, 206 semi-reduced and reduced divisors, 65–67 IBCPRE, 220–221 signature algorithm, 73–76 LEKS, 213–214 PEKS, 206, 214–216 WIBE, 207, 216–217 I WKD-IBE, 218–219 IBCPRE, see Identity-based conditional proxy KP-ABE, see Key policy-ABE (KP-ABE) re-encryption (IBCPRE) IBE, see Identity-based encryption (IBE) IBKA, see Identity-based key agreement L (IBKA) Lagrange’s theorem, 23, 34 Identity-based conditional proxy re-encryption Lattice, 104, 112–114 (IBCPRE), 207, 222 LC, see Linear congruence (LC) formal model, 220–221 LEKS, see Linear encryption with keyword security requirements, 221 search (LEKS) Identity-based encryption (IBE), 118, 138–140 Linear congruence (LC), 11–12 Index 307 Linear encryption with keyword search encryption, 109 (LEKS), 206, 222 improvements, 113 formal model, 213 key generation, 107–109 security requirements, 213–214 optimization, 111–112 Low-Hamming-weight product, 112 parameters, 107 public key cryptosystem, 104 security, 112 M symbols and notations, 105–107 Master secret working method, 111 basic scheme—additive notation, 159 PKG, 121 public parameters, 154 O sharing, 199–201 Obfuscation, 2, 4–6 user’s identity, 190 Mathematical tools elliptic curve factorization, 31–32 P factoring polynomials, 33 Pair generation functional field sieve, 31 divisor order, 70–71 functionalities, 27–28 hyperelliptic curve cryptographic irreducible polynomials, 33 arrangement, 71–72 Paley–Wiener hypothesis, 28 Pairing-based cryptography primality test |set 1 Ate, 94 Fermat’s little theorem, 29 drawbacks/vulnerabilities, 94–95 Fermat’s strategy, 29 Eta, 93 Miller-Rabin method, 29 mathematical terms and concepts school method, 29 ASE, 82 Solovay–Strassen primality test, 29–30 Diffie–Hellman algorithm, 86–88 random square
Load more

Recommended publications
  • Bilinear Map Cryptography from Progressively Weaker Assumptions
    Full version of an extended abstract published in Proceedings of CT-RSA 2013, Springer-Verlag, Feb. 2013. Available from the IACR Cryptology ePrint Archive as Report 2012/687. The k-BDH Assumption Family: Bilinear Map Cryptography from Progressively Weaker Assumptions Karyn Benson, Hovav Shacham ∗ Brent Watersy University of California, San Diego University of Texas at Austin fkbenson, [email protected] [email protected] February 4, 2013 Abstract Over the past decade bilinear maps have been used to build a large variety of cryptosystems. In addition to new functionality, we have concurrently seen the emergence of many strong assump- tions. In this work, we explore how to build bilinear map cryptosystems under progressively weaker assumptions. We propose k-BDH, a new family of progressively weaker assumptions that generalizes the de- cisional bilinear Diffie-Hellman (DBDH) assumption. We give evidence in the generic group model that each assumption in our family is strictly weaker than the assumptions before it. DBDH has been used for proving many schemes secure, notably identity-based and functional encryption schemes; we expect that our k-BDH will lead to generalizations of many such schemes. To illustrate the usefulness of our k-BDH family, we construct a family of selectively secure Identity-Based Encryption (IBE) systems based on it. Our system can be viewed as a generalization of the Boneh-Boyen IBE, however, the construction and proof require new ideas to fit the family. We then extend our methods to produces hierarchical IBEs and CCA security; and give a fully secure variant. In addition, we discuss the opportunities and challenges of building new systems under our weaker assumption family.
    [Show full text]
  • Circuit-Extension Handshakes for Tor Achieving Forward Secrecy in a Quantum World
    Proceedings on Privacy Enhancing Technologies ; 2016 (4):219–236 John M. Schanck*, William Whyte, and Zhenfei Zhang Circuit-extension handshakes for Tor achieving forward secrecy in a quantum world Abstract: We propose a circuit extension handshake for 2. Anonymity: Some one-way authenticated key ex- Tor that is forward secure against adversaries who gain change protocols, such as ntor [13], guarantee that quantum computing capabilities after session negotia- the unauthenticated peer does not reveal their iden- tion. In doing so, we refine the notion of an authen- tity just by participating in the protocol. Such pro- ticated and confidential channel establishment (ACCE) tocols are deemed one-way anonymous. protocol and define pre-quantum, transitional, and post- 3. Forward Secrecy: A protocol provides forward quantum ACCE security. These new definitions reflect secrecy if the compromise of a party’s long-term the types of adversaries that a protocol might be de- key material does not affect the secrecy of session signed to resist. We prove that, with some small mod- keys negotiated prior to the compromise. Forward ifications, the currently deployed Tor circuit extension secrecy is typically achieved by mixing long-term handshake, ntor, provides pre-quantum ACCE security. key material with ephemeral keys that are discarded We then prove that our new protocol, when instantiated as soon as the session has been established. with a post-quantum key encapsulation mechanism, Forward secret protocols are a particularly effective tool achieves the stronger notion of transitional ACCE se- for resisting mass surveillance as they resist a broad curity. Finally, we instantiate our protocol with NTRU- class of harvest-then-decrypt attacks.
    [Show full text]
  • Public Auditing for Secure and Efficient Cloud Data Storage: a Comprehensive Survey
    Vol-7 Issue-4 2021 IJARIIE-ISSN(O)-2395-4396 Public Auditing for Secure and Efficient Cloud Data Storage: A Comprehensive Survey 1Ayesha Siddiqha Mukthar, 2Dr. Jitendra Sheetlani 1Research Scholar, Sri Satya Sai University of Technology and Medical Sciences, Sehore 2Associate Professor, Sri Satya Sai University of Technology and Medical Sciences, Sehore Abstract: Nowadays storage of data is big problem because the huge generation of multimedia data likes images, audio, video etc. whose size is very large. For storing of these data size of conventional storage is not sufficient so we need remote storage such as cloud which is resilient infrastructure, reliable and high quality performance for the cloud users. In the cloud there is no direct physical control over the records because the cloud uses its resource pool for storing. Consequently data reliability fortification and auditing is not a modest task. The user prerequisites to depend on a Third Party Auditor (TPA) who is working as a public auditor for authenticating the data integrity and privacy. This paper presents the various auditing techniques of cloud computing for improving security and then future research challenges which need to be adopt by researchers to make system obvious. Keywords: Auditing, Cloud Computing, Storage, TPA, Reliability, Integrity. Introduction: Cloud is offering the different services to its users. Data sharing between two organizations which common in many application areas. The current data sharing and integration among various organizations requires the central and trusted authority to collect data from all data sources and then integrate the collected data. In current trend, there is necessary condition which defines the data sharing while preserving privacy in cloud.
    [Show full text]
  • Implementation and Performance Evaluation of XTR Over Wireless Network
    Implementation and Performance Evaluation of XTR over Wireless Network By Basem Shihada [email protected] Dept. of Computer Science 200 University Avenue West Waterloo, Ontario, Canada (519) 888-4567 ext. 6238 CS 887 Final Project 19th of April 2002 Implementation and Performance Evaluation of XTR over Wireless Network 1. Abstract Wireless systems require reliable data transmission, large bandwidth and maximum data security. Most current implementations of wireless security algorithms perform lots of operations on the wireless device. This result in a large number of computation overhead, thus reducing the device performance. Furthermore, many current implementations do not provide a fast level of security measures such as client authentication, authorization, data validation and data encryption. XTR is an abbreviation of Efficient and Compact Subgroup Trace Representation (ECSTR). Developed by Arjen Lenstra & Eric Verheul and considered a new public key cryptographic security system that merges high level of security GF(p6) with less number of computation GF(p2). The claim here is that XTR has less communication requirements, and significant computation advantages, which indicate that XTR is suitable for the small computing devices such as, wireless devices, wireless internet, and general wireless applications. The hoping result is a more flexible and powerful secure wireless network that can be easily used for application deployment. This project presents an implementation and performance evaluation to XTR public key cryptographic system over wireless network. The goal of this project is to develop an efficient and portable secure wireless network, which perform a variety of wireless applications in a secure manner. The project literately surveys XTR mathematical and theoretical background as well as system implementation and deployment over wireless network.
    [Show full text]
  • DRAFT Special Publication 800-56A, Recommendation for Pair-Wise Key
    The attached DRAFT document (provided here for historical purposes) has been superseded by the following publication: Publication Number: NIST Special Publication (SP) 800-56A Revision 2 Title: Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography Publication Date: 05/13/2013 • Final Publication: https://doi.org/10.6028/NIST.SP.800-56Ar2 (which links to http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar2.pdf). • Information on other NIST Computer Security Division publications and programs can be found at: http://csrc.nist.gov/ The following information was posted with the attached DRAFT document: Aug 20, 2012 SP 800-56 A Rev.1 DRAFT Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography (Draft Revision) NIST announces the release of draft revision of Special Publication 800-56A, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography. SP 800-56A specifies key-establishment schemes based on the discrete logarithm problem over finite fields and elliptic curves, including several variations of Diffie-Hellman and MQV key establishment schemes. The revision is made on the March 2007 version. The main changes are listed in Appendix D. Please submit comments to 56A2012rev-comments @ nist.gov with "Comments on SP 800-56A (Revision)" in the subject line. The comment period closes on October 31, 2012. NIST Special Publication 800-56A Recommendation for Pair-Wise August 2012 Key-Establishment Schemes Using Discrete Logarithm Cryptography (Draft Revision) Elaine Barker, Lily Chen, Miles Smid and Allen Roginsky C O M P U T E R S E C U R I T Y Abstract This Recommendation specifies key-establishment schemes based on the discrete logarithm problem over finite fields and elliptic curves, including several variations of Diffie-Hellman and MQV key establishment schemes.
    [Show full text]
  • On the Implementation of Pairing-Based Cryptosystems a Dissertation Submitted to the Department of Computer Science and the Comm
    ON THE IMPLEMENTATION OF PAIRING-BASED CRYPTOSYSTEMS A DISSERTATION SUBMITTED TO THE DEPARTMENT OF COMPUTER SCIENCE AND THE COMMITTEE ON GRADUATE STUDIES OF STANFORD UNIVERSITY IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF DOCTOR OF PHILOSOPHY Ben Lynn June 2007 c Copyright by Ben Lynn 2007 All Rights Reserved ii I certify that I have read this dissertation and that, in my opinion, it is fully adequate in scope and quality as a dissertation for the degree of Doctor of Philosophy. Dan Boneh Principal Advisor I certify that I have read this dissertation and that, in my opinion, it is fully adequate in scope and quality as a dissertation for the degree of Doctor of Philosophy. John Mitchell I certify that I have read this dissertation and that, in my opinion, it is fully adequate in scope and quality as a dissertation for the degree of Doctor of Philosophy. Xavier Boyen Approved for the University Committee on Graduate Studies. iii Abstract Pairing-based cryptography has become a highly active research area. We define bilinear maps, or pairings, and show how they give rise to cryptosystems with new functionality. There is only one known mathematical setting where desirable pairings exist: hyperellip- tic curves. We focus on elliptic curves, which are the simplest case, and also the only curves used in practice. All existing implementations of pairing-based cryptosystems are built with elliptic curves. Accordingly, we provide a brief overview of elliptic curves, and functions known as the Tate and Weil pairings from which cryptographic pairings are derived. We describe several methods for obtaining curves that yield Tate and Weil pairings that are efficiently computable yet are still cryptographically secure.
    [Show full text]
  • 21. the Diffie-Hellman Problem
    Chapter 21 The Diffie-Hellman Problem This is a chapter from version 2.0 of the book “Mathematics of Public Key Cryptography” by Steven Galbraith, available from http://www.math.auckland.ac.nz/˜sgal018/crypto- book/crypto-book.html The copyright for this chapter is held by Steven Galbraith. This book was published by Cambridge University Press in early 2012. This is the extended and corrected version. Some of the Theorem/Lemma/Exercise numbers may be different in the published version. Please send an email to [email protected] if youfind any mistakes. This chapter gives a thorough discussion of the computational Diffie-Hellman problem (CDH) and related computational problems. We give a number of reductions between computational problems, most significantly reductions from DLP to CDH. We explain self-correction of CDH oracles, study the static Diffie-Hellman problem, and study hard bits of the DLP and CDH. We always use multiplicative notation for groups in this chapter (except for in the Maurer reduction where some operations are specific to elliptic curves). 21.1 Variants of the Diffie-Hellman Problem We present some computational problems related to CDH, and prove reductions among them. The main result is to prove that CDH and Fixed-CDH are equivalent. Most of the results in this section apply to both algebraic groups (AG) and algebraic group quotients (AGQ) of prime orderr (some exceptions are Lemma 21.1.9, Lemma 21.1.16 and, later, Lemma 21.3.1). For the algebraic group quotientsG considered in this book then one can obtain all the results by lifting from the quotient to the covering groupG ′ and applying the results there.
    [Show full text]
  • Public-Key Cryptography
    Public-key Cryptogra; Theory and Practice ABHIJIT DAS Department of Computer Science and Engineering Indian Institute of Technology Kharagpur C. E. VENIMADHAVAN Department of Computer Science and Automation Indian Institute ofScience, Bangalore PEARSON Chennai • Delhi • Chandigarh Upper Saddle River • Boston • London Sydney • Singapore • Hong Kong • Toronto • Tokyo Contents Preface xiii Notations xv 1 Overview 1 1.1 Introduction 2 1.2 Common Cryptographic Primitives 2 1.2.1 The Classical Problem: Secure Transmission of Messages 2 Symmetric-key or secret-key cryptography 4 Asymmetric-key or public-key cryptography 4 1.2.2 Key Exchange 5 1.2.3 Digital Signatures 5 1.2.4 Entity Authentication 6 1.2.5 Secret Sharing 8 1.2.6 Hashing 8 1.2.7 Certification 9 1.3 Public-key Cryptography 9 1.3.1 The Mathematical Problems 9 1.3.2 Realization of Key Pairs 10 1.3.3 Public-key Cryptanalysis 11 1.4 Some Cryptographic Terms 11 1.4.1 Models of Attacks 12 1.4.2 Models of Passive Attacks 12 1.4.3 Public Versus Private Algorithms 13 2 Mathematical Concepts 15 2.1 Introduction 16 2.2 Sets, Relations and Functions 16 2.2.1 Set Operations 17 2.2.2 Relations 17 2.2.3 Functions 18 2.2.4 The Axioms of Mathematics 19 Exercise Set 2.2 20 2.3 Groups 21 2.3.1 Definition and Basic Properties . 21 2.3.2 Subgroups, Cosets and Quotient Groups 23 2.3.3 Homomorphisms 25 2.3.4 Generators and Orders 26 2.3.5 Sylow's Theorem 27 Exercise Set 2.3 29 2.4 Rings 31 2.4.1 Definition and Basic Properties 31 2.4.2 Subrings, Ideals and Quotient Rings 34 2.4.3 Homomorphisms 37 2.4.4
    [Show full text]
  • Polynomial Interpolation of the Generalized Diffie
    Polynomial interpolation of the generalized Diffie–Hellman and Naor–Reingold functions Thierry Mefenza, Damien Vergnaud To cite this version: Thierry Mefenza, Damien Vergnaud. Polynomial interpolation of the generalized Diffie–Hellman and Naor–Reingold functions. Designs, Codes and Cryptography, Springer Verlag, 2019, 87 (1), pp.75-85. 10.1007/s10623-018-0486-1. hal-01990394 HAL Id: hal-01990394 https://hal.archives-ouvertes.fr/hal-01990394 Submitted on 10 May 2020 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Noname manuscript No. (will be inserted by the editor) Polynomial Interpolation of the Generalized Diffie-Hellman and Naor-Reingold Functions Thierry Mefenza · Damien Vergnaud the date of receipt and acceptance should be inserted later Abstract In cryptography, for breaking the security of the Generalized Diffie- Hellman and Naor-Reingold functions, it would be sufficient to have polynomials with small weight and degree which interpolate these functions. We prove lower bounds on the degree and weight of polynomials interpolating these functions for many keys in several fixed points over a finite field. Keywords. Naor-Reingold function, Generalized Diffie-Hellman function, polyno- mial interpolation, finite fields. MSC2010. 11T71, 94A60 1 Introduction The security of most cryptographic protocols relies on some unproven compu- tational assumption which states that a well-defined computational problem is intractable (i.e.
    [Show full text]
  • Public-Key Cryptography
    http://dx.doi.org/10.1090/psapm/062 AMS SHORT COURSE LECTURE NOTES Introductory Survey Lectures published as a subseries of Proceedings of Symposia in Applied Mathematics Proceedings of Symposia in APPLIED MATHEMATICS Volume 62 Public-Key Cryptography American Mathematical Society Short Course January 13-14, 2003 Baltimore, Maryland Paul Garrett Daniel Lieman Editors ^tfEMAT , American Mathematical Society ^ Providence, Rhode Island ^VDED Editorial Board Mary Pugh Lenya Ryzhik Eitan Tadmor (Chair) LECTURE NOTES PREPARED FOR THE AMERICAN MATHEMATICAL SOCIETY SHORT COURSE PUBLIC-KEY CRYPTOGRAPHY HELD IN BALTIMORE, MARYLAND JANUARY 13-14, 2003 The AMS Short Course Series is sponsored by the Society's Program Committee for National Meetings. The series is under the direction of the Short Course Subcommittee of the Program Committee for National Meetings. 2000 Mathematics Subject Classification. Primary 54C40, 14E20, 14G50, 11G20, 11T71, HYxx, 94Axx, 46E25, 20C20. Library of Congress Cataloging-in-Publication Data Public-key cryptography / Paul Garrett, Daniel Lieman, editors. p. cm. — (Proceedings of symposia in applied mathematics ; v. 62) Papers from a conference held at the 2003 Baltimore meeting of the American Mathematical Society. Includes bibliographical references and index. ISBN 0-8218-3365-0 (alk. paper) 1. Computers—Access control-—Congresses. 2. Public key cryptography—Congresses. I. Garrett, Paul, 1952— II. Lieman, Daniel, 1965- III. American Mathematical Society. IV. Series. QA76.9.A25P82 2005 005.8'2—dc22 2005048178 Copying and reprinting. Material in this book may be reproduced by any means for edu• cational and scientific purposes without fee or permission with the exception of reproduction by services that collect fees for delivery of documents and provided that the customary acknowledg• ment of the source is given.
    [Show full text]
  • A Re-Examine on Assorted Digital Image Encryption Algorithm's
    Biostatistics and Biometrics Open Access Journal ISSN: 2573-2633 Review Article Biostat Biometrics Open Acc J Volume 4 Issue 2 - January 2018 Copyright © All rights are reserved by Thippanna G DOI: 10.19080/BBOAJ.2018.04.555633 A Re-Examine on Assorted Digital Image Encryption Algorithm’s Techniques Thippanna G* Assistant Professor, CSSR & SRRM Degree and PG College, India Submission: October 05, 2017; Published: January 17, 2018 *Corresponding author: Thippanna G, Assistant Professor, CSSR & SRRM Degree and PG College, India, Tel: ; Email: Abstract Image Encryption is a wide area epic topic to research. Encryption basically deals with converting data or information from its original form to another unreadable and unrecognizable form that hides the information in it. The protection of information from unauthorized access is important in network/internet communication. The use of Encryption is provides the data security. The Encrypted Image is secure from any kind cryptanalysis. In the proposed dissertation explain the different encryption algorithms and their approaches to encrypt the images. In this paper introduced a case study on assorted digital image encryption techniques, are helpful to gives knowledge on entire digital image encryption techniques. This can offer authentication of users, and integrity, accuracy and safety of images that is roaming over communication. Moreover, associate image based knowledge needs additional effort throughout encoding and cryptography. Keywords : Encryption; Cryptanalysis; Cryptographic; Algorithm; Block ciphers; Stream ciphers; Asymmetric Encryption Abbreviations : AES: Advanced Encryption Standard; DSA: Digital Signature Algorithm; DSS: Digital Signature Standard; ECDSA: Elliptic Curve Digital Signature Algorithm; DSA: Digital Signature Algorithm Introduction Some cryptographic methods rely on the secrecy of the Encryption algorithms encryption algorithms; such algorithms are only of historical Encryption algorithm, or cipher, is a mathematical function interest and are not adequate for real-world needs.
    [Show full text]
  • Short Signatures from the Weil Pairing∗
    Short Signatures from the Weil Pairing∗ Dan Boneh† Ben Lynn Hovav Shacham [email protected] [email protected] [email protected] Abstract We introduce a short signature scheme based on the Computational Diffie-Hellman assump- tion on certain elliptic and hyper-elliptic curves. For standard security parameters, the signature length is about half that of a DSA signature with a similar level of security. Our short signature scheme is designed for systems where signatures are typed in by a human or are sent over a low-bandwidth channel. We survey a number of properties of our signature scheme such as signature aggregation and batch verification. 1 Introduction Short digital signatures are needed in environments with strong bandwidth constraints. For ex- ample, product registration systems often ask users to key in a signature provided on a CD label. When a human is asked to type in a digital signature, the shortest possible signature is needed. Similarly, due to space constraints, short signatures are needed when one prints a bar-coded digital signature on a postage stamp [50, 45]. As a third example, consider legacy protocols that allocate a fixed short field for non-repudiation [1, 32]. One would like to use the most secure signature that fits in the allotted field length. The two most frequently used signatures schemes, RSA and DSA, produce relatively long sig- natures compared to the security they provide. For example, when one uses a 1024-bit modulus, RSA signatures are 1024 bits long. Similarly, when one uses a 1024-bit modulus, standard DSA signatures are 320 bits long.
    [Show full text]