DOCSLIB.ORG

The Quantum World

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
The Quantum World The Quantum World Tania Martin Smals Research June 2017 www.smalsresearch.be Hypothetical scenario How is your company responding to the announcement of the new commercially available quantum computer that can “break” RSA and ECC? What the hell??? I don’t have any plan for that !!! I have no comment on that… 2 Hypothetical scenario What the hell!!! I hope for you (my dear Research team) that you have anticipated this HUGE problem that can threaten much of our business (eID, communication protocols, etc.)!!! Euh, sorry but no, we decided that it was not urgent… 3 Hypothetical scenario What the hell!!! I hope for you (my dear Research team) that you have anticipated this HUGE problem that can threatens many of our business (eID, communication protocols, etc.)!!! Euh, sorry but no, we decided that it was not urgent… 4 It’s too important to be set aside!!! House Homeland Security Committee Chairman Michael McCall is calling on Congress to increase spending on quantum computing research to ensure that the U.S. is the first nation to employ quantum computing as a tool to decrypt data. — September 2016 http://www.bankinfosecurity.com/rep-mccaul-us-must-gain-decryption-edge-a-9422 5 It’s too important to be set aside!!! 6 A certain future 1994 2018 2030 2050 QC = Quantum Computer 7 A certain future 1994 2018 2030 2050 QC = Quantum Computer 8 Quantum computer technology [Know the enemy] Quantum cryptography [Enhance cryptography] Quantum attacks [Break actual cryptography] Post quantum cryptography AGENDA [Counter quantum attacks] Quantum computer technology I can safely say that no one understands quantum mechanics Richard Feynman (1918-1988) Father of the new way to conceive quantum mechanics 11 What is a quantum computer? A digital computer uses transistors to perform computation of data A quantum computer uses quantum properties of the matter to perform computation of data 12 Examples of used *matter* • not excited An atom can be • excited • both • horizontal The polarization of • vertical a photon can be • both Formally, any matter used in quantum mechanics can be in a superposition of 2 states 13 Understand the superposition http://www.QuantumMadeSimple.com 14 Recap 1 bit 0 1 or 1 qubit 훼|0 + 훽|1 |0 and |1 are pronunced "ket 0" and "ket 1" 15 What does mean? 1 Reference to Schrödinger’s cat 16 What does mean? 1 Reference to Schrödinger’s cat 2 3 2 states: Equal probability • Cat alive that cat is alive or • Cat dead dead: 훼 = 훽 = 1 2 17 Quantum theory Not supposed Not fully Fully to represent represent represent reality reality reality Position Modified Influence of Quantum Multiple Positivism as added quantum laws consciousness decoherence universes variable R. Omnès S. Hawking L. de Broglie R. Penrose E. Wigner M. Gell-Mann H. Everett N. Bohr D. Bohm J. Hartle J. Von G. Ghirardi Neumann H.-D. Zeh A. Rimini J. Bell F. London W. Zurek W. E. Weber E. Bauer 18 vs. 1 bit 1 qubit 0 1 훼|0 + 훽|1 or Either 0 or 1 Both 0 and 1 푁 bits 푁 qubits 훼 |00 … 0 + 훼 |00 … 1 + … + 훼 푁 |11 … 1 0 1 0 0 1 0 1 1 2 2 ……… …………… 1 out of 2푁 possible states All out of 2푁 possible states - 19 Consequences of - Mathematical operation on 푁 - Parallel computation on ퟐ푵 data Computation power of a x2 each time a - is added 20 -- in real life 1994 2007 2017 2023 2030 2050 QC = Quantum Computer 21 Quantum cryptography Goal Exploit the mechanical properties to perform crypto tasks Quantum Random Quantum Key Number Generator Distribution Quantum Commitment Secure Multi-Party Oblivious Transfer Computation 23 Quantum Random Number Generator Generate better high-quality random numbers Based on: • Radioactive decay • Noise • Quantum optics 24 Quantum Random Number Generator Single-photon splitting 0 1 1 0 1 … "1" Detector 1 Detector Detector LASER Photon 0 Semi-transparent mirror "0" The beam splitter The photon’s choice Example based on deviates the photon at beam splitting is quantum optics to a 0/1 detector totally random 25 Quantum Key Distribution Transfer securely From , produce a from Alice to Bob random shared secret key - throught the channel throught the classical channel qkdsimulator.com 26 Quantum Key Distribution Polarization of a photon LASER LASER LASER LASER 27 Quantum Key Distribution Polarization of a photon Unpolarized photon Polarization filter Beam splitter 0 1 0 1 4 polarized photons 100% 50% 0% 50% Not readable during transfer otherwise qubits are disturb 28 Quantum Key Distribution The BB84 protocol 29 Quantum Key Distribution The BB84 protocol 1 0 1 1 0 0 1 1 0 0 1 1 1 0 30 Quantum Key Distribution The BB84 protocol 1 0 1 1 0 0 1 1 0 0 1 1 1 0 1 0 0 1 0 0 1 1 0 0 0 1 1 0 50% 50% 50% 50% 50% 31 Quantum Key Distribution The BB84 protocol 1 0 1 1 0 0 1 1 0 0 1 1 1 0 1 0 0 1 0 0 1 1 0 0 0 1 1 0 √ √ √ √ √ √ √ √ √ 1 - - 1 0 0 - 1 0 0 - 1 - 0 Shared key 32 Quantum Key Distribution Eavesdropping the BB84 protocol 4 3 1 2 1 3 Lecture of the qubit state Qubit modification in the channel 2 4 splitter disturbance Detection (error rate) & abortion 33 Quantum Key Distribution In practice Currently The highest bit rate for QKD with optical fiber is held by Toshiba with 1 Mbit/s over 50 km [up to our knowledge] Limitation on the distance of key exchange 34 Quantum attacks Goal Exploit the mechanical properties to crack/solve hard problems Shor’s algorithm Grover’s algorithm HHL’s algorithm Quantum simulator Etc… 36 Shor’s algorithm Created by Solve Peter Shor (1994) prime factorization in polynomial time 1092 2 546 Prime factors: 2, 2, 3, 7, 13 2 273 1092 = 22 ∗ 3 ∗ 7 ∗ 13 3 91 7 13 This is a very simple example 37 Shor’s algorithm Breaking public-key cryptography E.g. an RSA number: 푁 = 푝 ∗ 푞 , where 푝, 푞 are prime numbers Easy to compute 푁 from (푝, 푞) RSA-1024 = 135066410865995223349603216278805969 938881475605667027524485143851526510 604859533833940287150571909441798207 282164471551373680419703964191743046 496589274256239341020864383202110372 Hard to recover (푝, 푞) from 푁 958725762358509643110564073501508187 510676594629205563685529475213500852 879416377328533906109750544334999811 with standard methods 150056977236890927563 38 Shor’s algorithm Breaking public-key cryptography E.g. an RSA number: 푁 = 푝 ∗ 푞 , where 푝, 푞 are prime numbers Easy to compute 푁 from (푝, 푞) RSA-1024 = 135066410865995223349603216278805969 938881475605667027524485143851526510 604859533833940287150571909441798207 282164471551373680419703964191743046 496589274256239341020864383202110372 Easy to recover (푝, 푞) from 푁 958725762358509643110564073501508187 510676594629205563685529475213500852 879416377328533906109750544334999811 with Shor’s algorithm 150056977236890927563 39 Grover’s algorithm Created by Solve Lov Grover (1996) invertion of function in sub-linear time Function 푓 Input 푥 Output 푦 = 푓(푥) 40 Grover’s algorithm Searching an unstructured DB / an unsorted list E.g. searching a phonebook where: • 푥 is a name • 푦 = 푓(푥) is a phone number 푦 (푓, 푥) Easy to find from Phonebook of 10,000 entries Hard to find 푥 from (푓, 푦) with standard methods Need 5,000 guesses 41 Grover’s algorithm Searching an unstructured DB / an unsorted list E.g. searching a phonebook where: • 푥 is a name • 푦 = 푓(푥) is a phone number 푦 (푓, 푥) Easy to find from Phonebook of 10,000 entries Easy to find 푥 from (푓, 푦) with Grover’s algorithm Need 100 guesses 42 Grover’s algorithm Searching an unstructured DB / an unsorted list E.g. searching a phonebook where: • 푥 is a name • 푦 = 푓(푥) is a phone number 푦 (푓, 푥) Easy to find from Phonebook of 25 million entries Easy to find 푥 from (푓, 푦) with Grover’s algorithm Need 5,000 guesses 43 Grover’s algorithm Breaking symmetric-key cryptography Brute-forcing a 128-bit key Brute-forcing ퟔퟒ in ≈ ퟐ iterations a 256-bit key in ≈ ퟐퟏퟐퟖ iterations Simple solution Use loooooooooooonger keys! 44 Post-quantum cryptography Goal Cryptographic schemes/algorithms resistant to attacks Hash-based crypto Code-based crypto Lattice-based crypto Multivariate crypto Etc… 46 Hash-based crypto Created by Alternative to Ralph Merkle (1970) signature schemes like RSA/DSA/ECDSA 1 Hash 2 function ℎ 3 4 1 2 3 4 Create private key - Distribute Sign data with Verify signature with and public key - 47 Hash-based crypto The Lamport signature scheme and must be used only once 0 1 0 1 0 1 0 1 random random random random random random random random ℎ ℎ ℎ ℎ ℎ ℎ ℎ ℎ hash hash hash hash hash hash hash hash 1 Create private key - and public key - 48 Hash-based crypto The Lamport signature scheme 0 1 0 1 0 1 0 1 random random random random random random random random ℎ ℎ ℎ ℎ ℎ ℎ ℎ ℎ hash hash hash hash hash hash hash hash 1 2 Create private key - Distribute and public key - 49 Hash-based crypto The Lamport signature scheme = 1 1 0 1 = random random random random 0 1 0 1 0 1 0 1 random random random random random random random random ℎ ℎ ℎ ℎ ℎ ℎ ℎ ℎ hash hash hash hash hash hash hash hash 1 2 3 Create private key - Distribute Sign data with and public key - 50 Hash-based crypto The Lamport signature scheme = 1 1 0 1 = random random random random 0 1 0 1 0 1 0 1 random random random random ℎ ℎ ℎ ℎ =? =? =? =? hash hash hash hash hash hash hash hash 1 2 3 4 Create private key - Distribute Sign data with Verify signature with and public key - 51 Hash-based crypto The Lamport signature scheme To be quantum-resistant The lengths of random , hash and random - must be > x2 larger than the security parameter EX A 128-bit security requires lengths > 256 bits 52 Hash-based crypto The Merkle signature scheme h[3,0] A B : B = ℎ(A) h[2,0] h[2,1] h[1,0] h[1,1] h[1,2] h[1,3] h[0,0] h[0,1] h[0,2] h[0,3] h[0,4] h[0,5] h[0,6]
Load more

Recommended publications
  • Etsi Gr Qsc 001 V1.1.1 (2016-07)
    ETSI GR QSC 001 V1.1.1 (2016-07) GROUP REPORT Quantum-Safe Cryptography (QSC); Quantum-safe algorithmic framework 2 ETSI GR QSC 001 V1.1.1 (2016-07) Reference DGR/QSC-001 Keywords algorithm, authentication, confidentiality, security ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N° 348 623 562 00017 - NAF 742 C Association à but non lucratif enregistrée à la Sous-Préfecture de Grasse (06) N° 7803/88 Important notice The present document can be downloaded from: http://www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https://portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI.
    [Show full text]
  • On the Efficiency of the Lamport Signature Scheme
    Technical Sciences 275 ON THE EFFICIENCY OF THE LAMPORT SIGNATURE SCHEME Daniel ZENTAI Óbuda University, Budapest, Hungary [email protected] ABSTRACT Post-quantum (or quantum-resistant) cryptography refers to a set of cryptographic algorithms that are thought to remain secure even in the world of quantum computers. These algorithms are usually considered to be inefficient because of their big keys, or their running time. However, if quantum computers became a reality, security professionals will not have any other choice, but to use these algorithms. Lamport signature is a hash based one-time digital signature algorithm that is thought to be quantum-resistant. In this paper we will describe some simulation results related to the efficiency of the Lamport signature. KEYWORDS: digital signature, post-quantum cryptography, hash functions 1. Introduction This paper is organized as follows. Although reasonable sized quantum After this introduction, in chapter 2 we computers do not exist yet, post quantum describe some basic concepts and definition cryptography (Bernstein, 2009) became an related to the security of hash functions. important research field recently. Indeed, Also, we describe the Lamport one-time we have to discover the properties of these signature algorithm. In chapter 3 we algorithms before quantum computers expound our simulation results related to become a reality, namely suppose that we the efficiency of the Lamport signature. use the current cryptographic algorithms for The last chapter summarizes our work. x more years, we need y years to change the most widely used algorithms and update 2. Preliminaries our standards, and we need z years to build In this chapter the basic concepts and a quantum-computer.
    [Show full text]
  • Outline One-Time Signatures One-Time Signatures Lamport's
    Advanced Security Outline § One-Time Signatures Constructions • Lamport’s signature and Key Management • Improved signature constructions • Merkle-Winternitz Signature § Efficient Authenticators (amortize signature) Class 16 • One-way chains (self-authenticating values) • Chained hashes • Merkle Hash Trees § Applications • Efficient short-lived certificates, S/Key • Untrusted external storage • Stream signatures (Gennaro, Rohatgi) § Zhou & Haas’s key distribution One-Time Signatures One-Time Signatures § Use one -way functions without trapdoor § Challenge: digital signatures expensive § Efficient for signature generation and for generation and verification verification § Caveat: can only use one time § Goal: amortize digital signature § Example: 1-bit one-time signature • P0, P1 are public values (public key) • S0, S1 are private values (private key) S0 P0 S0 S0’ P S1 P1 S1 S1’ Lamport’s One-Time Signature Improved Construction I § Uses 1-bit signature construction to sign multiple bits § Uses 1-bit signature construction to sign multiple bits Sign 0 S0 S0’ S0’’ S0* Private values S0 S0’ S0’’ S0* c0 c0’ c0* P0 P0’ P0’’ P0* … … … Public values P0 P0’ P0’’ P0* p0 p0’ p0* P1 P1’ P1’’ P1* Bit 0 Bit 1 Bit 2 Bit n Bit 0 Bit 1 Bit log(n) Sign 1 S1 S1’ S1’’ S1* Private values Sign message Checksum bits: encode Bit 0 Bit 1 Bit 2 Bit n # of signature bits = 0 1 Improved Construction II Merkle-Winternitz Construction § Intuition: encode sum of checksum chain § Lamport signature has high overhead Signature S0 S1 S2 S3 § Goal: reduce size of public
    [Show full text]
  • A Survey on Post-Quantum Cryptography for Constrained Devices
    International Journal of Applied Engineering Research ISSN 0973-4562 Volume 14, Number 11 (2019) pp. 2608-2615 © Research India Publications. http://www.ripublication.com A Survey on Post-Quantum Cryptography for Constrained Devices Kumar Sekhar Roy and Hemanta Kumar Kalita Abstract Quantum Computer” [1]. Shor’s algorithm can solve integer The rise of Quantum computers in the recent years have given factorization problem as well as discrete logarithm problem a major setback to classical and widely used cryptography used by RSA as well as ECC respectively in polynomial time schemes such as RSA(Rivest-Shamir-Adleman) Algorithm using a sufficiently large Quantum Computer. Thus making the and ECC (Elliptic Curve Cryptography). RSA and ECC use of cryptosystems based on integer factorization problem as depends on integer factorization problem and discrete well as discrete logarithm problem obsolete. This current logarithm problem respectively, which can be easily solved by advances has raised a genuine need for development of Quantum Computers of sufficiently large size running the cryptosystems which could serve as viable replacement for infamous Shor’s Algorithm. Therefore cryptography schemes traditionally used cryptosystems which are vulnerable to which are difficult to solve in both traditional as well as quantum computer based attacks. Since the arrival of IoT, the Quantum Computers need to be evaluated. In our paper we Cyber security scenario has entirely shifted towards security provide a rigorous survey on Post-Quantum Cryptography schemes which are lightweight in terms of computational schemes and emphasize on their applicability to provide complexity, power consumption, memory consumption etc. security in constrained devices. We provide a detailed insight This schemes also need to be secure against all known attacks.
    [Show full text]
  • Applications of SKREM-Like Symmetric Key Ciphers
    Applications of SKREM-like symmetric key ciphers Mircea-Adrian Digulescu1;2 February 2021 1Individual Researcher, Worldwide 2Formerly: Department of Computer Science, Faculty of Mathematics and Computer Science, University of Bucharest, Romania [email protected], [email protected], [email protected] Abstract In a prior paper we introduced a new symmetric key encryption scheme called Short Key Random Encryption Machine (SKREM), for which we claimed excellent security guarantees. In this paper we present and briey discuss some of its applications outside conventional data encryption. These are Secure Coin Flipping, Cryptographic Hashing, Zero-Leaked-Knowledge Authentication and Autho- rization and a Digital Signature scheme which can be employed on a block-chain. We also briey recap SKREM-like ciphers and the assumptions on which their security are based. The above appli- cations are novel because they do not involve public key cryptography. Furthermore, the security of SKREM-like ciphers is not based on hardness of some algebraic operations, thus not opening them up to specic quantum computing attacks. Keywords: Symmetric Key Encryption, Provable Security, One Time Pad, Zero Knowledge, Cryptographic Commit Protocol, Secure Coin Flipping, Authentication, Authorization, Cryptographic Hash, Digital Signature, Chaos Machine 1 Introduction So far, most encryption schemes able to serve Secure Coin Flipping, Zero-Knowledge Authentication and Digital Signatures, have relied on public key cryptography, which in turn relies on the hardness of prime factorization or some algebraic operation in general. Prime Factorization, in turn, has been shown to be vulnerable to attacks by a quantum computer (see [1]). In [2] we introduced a novel symmetric key encryption scheme, which does not rely on hardness of algebraic operations for its security guarantees.
    [Show full text]
  • Speeding-Up Verification of Digital Signatures Abdul Rahman Taleb, Damien Vergnaud
    Speeding-Up Verification of Digital Signatures Abdul Rahman Taleb, Damien Vergnaud To cite this version: Abdul Rahman Taleb, Damien Vergnaud. Speeding-Up Verification of Digital Signatures. Journal of Computer and System Sciences, Elsevier, 2021, 116, pp.22-39. 10.1016/j.jcss.2020.08.005. hal- 02934136 HAL Id: hal-02934136 https://hal.archives-ouvertes.fr/hal-02934136 Submitted on 27 Sep 2020 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Speeding-Up Verification of Digital Signatures Abdul Rahman Taleb1, Damien Vergnaud2, Abstract In 2003, Fischlin introduced the concept of progressive verification in cryptog- raphy to relate the error probability of a cryptographic verification procedure to its running time. It ensures that the verifier confidence in the validity of a verification procedure grows with the work it invests in the computation. Le, Kelkar and Kate recently revisited this approach for digital signatures and pro- posed a similar framework under the name of flexible signatures. We propose efficient probabilistic verification procedures for popular signature schemes in which the error probability of a verifier decreases exponentially with the ver- ifier running time. We propose theoretical schemes for the RSA and ECDSA signatures based on some elegant idea proposed by Bernstein in 2000 and some additional tricks.
    [Show full text]
  • Handling the State of Hash-Based Signatures
    Let Live and Let Die — Handling the State of Hash-based Signatures Stefan-Lukas Gazdag1, Denis Butin2, and Johannes Buchmann2 1 genua mbh, Germany [email protected] 2 TU Darmstadt, Germany {dbutin,buchmann}@cdc.informatik.tu-darmstadt.de Abstract. Real-world use of digital signatures currently relies on algo­ rithms that will be broken once quantum computers become available. Quantum-safe alternatives exist; in particular, hash-based schemes offer adequate performance and security and are seen as a fitting solution for post-quantum signatures. Unfortunately, they are not used at large because practical hurdles have not yet been overcome. In particular, their reliance on one-time signing keys makes it necessary to carefully keep track of a key index. We present strategies for handling the state of hash- based signatures for different use cases, ranging from infrequent software update authentication to high-frequency TLS connection initialization. Keywords: Digital signatures, Hash-based, Integration 1 Motivation Digital signatures are massively used online, notably for authentication, integrity checking and non-repudiation. The digital signature algorithms most commonly used in practice — RSA, DSA and ECDSA — rely on hardness assumptions about number theoretic problems, namely composite integer factorisation and the computation of discrete logarithms. In light of Shor’s [19] algorithm, these arithmetical problems would be broken in the presence of quantum computing. While quantum computers are not yet available, their development is occurring at a swift pace [18]. However, post-quantum cryptography [3] provides a variety of quantum-resistant alternatives to classical digital signature schemes. Hash- based (or Merkle) signatures are one of the most promising of these alternatives and have received a lot of attention lately.
    [Show full text]
  • Secure Signatures and Chosen Ciphertext Security in a Quantum Computing World∗
    Secure Signatures and Chosen Ciphertext Security in a Quantum Computing World∗ Dan Boneh Mark Zhandry Stanford University fdabo,[email protected] Abstract We initiate the study of quantum-secure digital signatures and quantum chosen ciphertext security. In the case of signatures, we enhance the standard chosen message query model by allowing the adversary to issue quantum chosen message queries: given a superposition of messages, the adversary receives a superposition of signatures on those messages. Similarly, for encryption, we allow the adversary to issue quantum chosen ciphertext queries: given a superposition of ciphertexts, the adversary receives a superposition of their decryptions. These adversaries model a natural ubiquitous quantum computing environment where end-users sign messages and decrypt ciphertexts on a personal quantum computer. We construct classical systems that remain secure when exposed to such quantum queries. For signatures, we construct two compilers that convert classically secure signatures into signatures secure in the quantum setting and apply these compilers to existing post-quantum signatures. We also show that standard constructions such as Lamport one-time signatures and Merkle signatures remain secure under quantum chosen message attacks, thus giving signatures whose quantum security is based on generic assumptions. For encryption, we define security under quantum chosen ciphertext attacks and present both public-key and symmetric-key constructions. Keywords: Quantum computing, signatures, encryption, quantum security 1 Introduction Recent progress in building quantum computers [IBM12] gives hope for their eventual feasibility. Consequently, there is a growing need for quantum-secure cryptosystems, namely classical systems that remain secure against quantum computers. Post-quantum cryptography generally studies the settings where the adversary is armed with a quantum computer, but users only have classical machines.
    [Show full text]
  • 2 XII December 2014
    2 XII December 2014 www.ijraset.com Volume 2 Issue XII, December 2014 ISSN: 2321-9653 International Journal for Research in Applied Science & Engineering Technology (IJRASET) Privacy in Data Storage and MultiOwner Authentication with Load Balancing in Cloud Computing Thulasibai.U1, Arul prem.G2, Deepika.J3 Sri Venkateshwara College of Engineering and Technology, India Abstract: Using Cloud Storage, users can remotely store their data and enjoy the on-demand high quality applications and services from a shared pool of configurable computing resources, without the encumbrance of local data storage and maintenance. the data integrity protection in Cloud Computing a formidable task, especially for users with constrained computing resources. Moreover, users should be able to just use the cloud storage as if it is local, without worrying about the need to verify its integrity. Thus, enabling public audit ability for cloud storage is of critical prominence so that users can resort to a Third Party Auditor (TPA) to check the integrity of outsourced data and be worry-free. To securely introduce an effective TPA, the auditing process should bring in no new vulnerabilities towards user data privacy, and introduce no additional online burden to user. In this project, we propose a secure cloud storage system supporting privacy-preserving public auditing. We further extend our result to enable the TPA to perform audits for multiple users simultaneously and efficiently. Extensive security and performance analysis show the proposed schemes are provably secure and highly efficient. Keyword: Cloud Storage Security, batch auditing, Tpa, load balancing, Rdpc I. INTRODUCTION Cloud computing is recognized as an alternative to traditional information technology due to its intrinsic resource-sharing and low-maintenance characteristics.
    [Show full text]
  • Question 1.1. What Is the RSA Laboratories' Frequently Asked
    Copyright © 1996, 1998 RSA Data Security, Inc. All rights reserved. RSA BSAFE Crypto-C, RSA BSAFE Crypto-J, PKCS, S/WAN, RC2, RC4, RC5, MD2, MD4, and MD5 are trade- marks or registered trademarks of RSA Data Security, Inc. Other products and names are trademarks or regis- tered trademarks of their respective owners. For permission to reprint or redistribute in part or in whole, send e-mail to [email protected] or contact your RSA representative. RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography, v4.0 2 Table of Contents Table of Contents............................................................................................ 3 Foreword......................................................................................................... 8 Section 1: Introduction .................................................................................... 9 Question 1.1. What is the RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography? ................................................................................................................ 9 Question 1.2. What is cryptography? ............................................................................................10 Question 1.3. What are some of the more popular techniques in cryptography? ................... 11 Question 1.4. How is cryptography applied? ............................................................................... 12 Question 1.5. What are cryptography standards? ......................................................................
    [Show full text]
  • Survey of One Time Signature Schemes on Cloud Computing
    ISSN(Online): 2320-9801 ISSN (Print): 2320-9798 International Journal of Innovative Research in Computer and Communication Engineering (An ISO 3297: 2007 Certified Organization) Vol. 3, Issue 4, April 2015 Survey of One Time Signature Schemes on Cloud Computing Revatthy Krishnamurthy1, K.P. Kaliyamurthie2 1M.Tech Scholar, Department of Computer Science & Engineering, Bharath University, Chennai, India 2Professor, Department of Computer Science & Engineering, Bharath University, Chennai, India. ABSTRACT : Cloud computing is a technology and large - scale computing resources to effectively integrate, and the resources are computed based on cryptographic secure hash functions. The biggest problem of one time signature scheme is the key management. An efficient key management is needed to make one-time signature scheme and the Merkle signature schemes feasible. This paper presents detailed study on one-time signature and Merkle signature schemes. KEYWORDS: Cloud computing, one-time signature scheme, Merkle signature scheme, Key generation. I. INTRODUCTION Cloud is a large group of interconnected computers, which is a major change in how we store information and run application. Cloud computing is used for many bigdata applications and it is cost effective. Data storage and sharing services in the cloud with three entities such as the cloud, the third party Auditor (TPA), and users who participate as a group includes one original user and a number of group users. The original user is an original owner of data, and shares data in the cloud with other users [2]. A single message using a given piece of private or public information. The conventional signature schemes like RSA, the same key pair can be used to authenticate large number of documents.
    [Show full text]
  • Lecture 17 March 28, 2019
    Outline Lamport Signatures Merkle Signatures Passwords CPSC 367: Cryptography and Security Michael J. Fischer Lecture 17 March 28, 2019 CPSC 367, Lecture 17 1/23 Outline Lamport Signatures Merkle Signatures Passwords Lamport One-Time Signatures Merkle Signatures Authentication Using Passwords Authentication problem Passwords authentication schemes CPSC 367, Lecture 17 2/23 Outline Lamport Signatures Merkle Signatures Passwords Lamport One-Time Signatures CPSC 367, Lecture 17 3/23 Outline Lamport Signatures Merkle Signatures Passwords Overview of Lamport signatures Leslie Lamport devised a digital signature scheme based on hash functions rather than on public key cryptography. Its drawback is that each key pair can be used to sign only one message. We describe how Alice uses it to sign a 256-bit message. As wtih other signature schemes, it suffices to sign the hash of the actual message. CPSC 367, Lecture 17 4/23 Outline Lamport Signatures Merkle Signatures Passwords How signing works The private signing key consists of a sequence r = (r 1;:::; r 256) of k k pairs( r0 ; r1 ) of random numbers,1 ≤ k ≤ 256. th Let m be a 256-bit message. Denote by mk the k bit of m. The signature of m is the sequence of numbers s = (s1;:::; s256), where sk = r k : mk k k Thus, one element from the pair( r0 ; r1 ) is used to sign mk , so k k k k s = r0 if mk = 0 and s = r1 if mk = 1. CPSC 367, Lecture 17 5/23 Outline Lamport Signatures Merkle Signatures Passwords How verification works The public verification key consists of the sequence 1 256 k k k k v = (v ;:::; v ) of pairs( v0 ; v1 ), where vj = H(rj ), and H is any one-way function (such as a cryptographically strong hash function).
    [Show full text]