69,420 research outputs found
A Digital Signature Scheme for Long-Term Security
In this paper we propose a signature scheme based on two intractable
problems, namely the integer factorization problem and the discrete logarithm
problem for elliptic curves. It is suitable for applications requiring
long-term security and provides a more efficient solution than the existing
ones
Realization of Quantum Digital Signatures without the Requirement of Quantum Memory
Digital signatures are widely used to provide security for electronic
communications, for example in financial transactions and electronic mail.
Currently used classical digital signature schemes, however, only offer
security relying on unproven computational assumptions. In contrast, quantum
digital signatures (QDS) offer information-theoretic security based on laws of
quantum mechanics (e.g. Gottesman and Chuang 2001). Here, security against
forging relies on the impossibility of perfectly distinguishing between
non-orthogonal quantum states. A serious drawback of previous QDS schemes is
however that they require long-term quantum memory, making them unfeasible in
practice. We present the first realisation of a scheme (Dunjko et al 2013) that
does not need quantum memory, and which also uses only standard linear optical
components and photodetectors. To achieve this, the recipients measure the
distributed quantum signature states using a new type of quantum measurement,
quantum state elimination (e.g. Barnett 2009, Bandyopadhyay et al 2013). This
significantly advances QDS as a quantum technology with potential for real
applications.Comment: 18 pages, 4 figures. Vesrion accepted in PRL. In v3 small change of
title and substancial rewriting of parts of the paper following suggestion of
referee. Part of the security analysis included in the appendix
(supplementary material) for completeness, is similar to the one in our
earlier paper arXiv:1309.1375, since it uses similar methods applied to a
different settin
Cryptanalysis of an Efficient Signcryption Scheme with Forward Secrecy Based on Elliptic Curve
The signcryption is a relatively new cryptographic technique that is supposed
to fulfill the functionalities of encryption and digital signature in a single
logical step. Several signcryption schemes are proposed throughout the years,
each of them having its own problems and limitations. In this paper, the
security of a recent signcryption scheme, i.e. Hwang et al.'s scheme is
analyzed, and it is proved that it involves several security flaws and
shortcomings. Several devastating attacks are also introduced to the mentioned
scheme whereby it fails all the desired and essential security attributes of a
signcryption scheme.Comment: 5 Pages, 2 Figure
Concrete NTRU Security and Advances in Practical Lattice-Based Electronic Voting
In recent years there has been much focus on the development of core cryptographic primitives based on lattice assumptions. This has been driven by the NIST call for post-quantum key encapsulation and digital signature specifications. However, there has been much less work on efficient privacy-preserving protocols with post-quantum security.
In this work we present an efficient electronic voting scheme from lattice assumptions, ensuring the long-term security of encrypted ballots and voters\u27 privacy. The scheme relies on the NTRU and RLWE assumptions. We begin by conducting an extensive analysis of the concrete hardness of the NTRU problem. Extending the ternary-NTRU analysis of Ducas and van Woerden (ASIACRYPT 2021), we determine the concrete fatigue point of NTRU to be (above which parameters become overstretched) for modulus , ring dimension , and secrets drawn from a Gaussian of parameter . Moreover, we demonstrate that the nature of this relation enables a more fine-grained choice of secret key sizes, leading to more efficient parameters in practice.
Using the above analysis, our second and main contribution is to significantly improve the efficiency of the state-of-the-art lattice-based voting scheme by Aranha et al. (ACM CCS 2023). Replacing the BGV encryption scheme with NTRU we obtain a factor reduction in ciphertext size and more efficient system overall, making the scheme suitable for use in real-world elections.
As an additional contribution, we analyse the (partially) blind signature scheme by del Pino and Katsumata (CRYPTO 2022). We note that the NTRU security is much lower than claimed and propose new parameters. This results in only a minor efficiency loss, enabled by our NTRU analysis where previous parameter selection techniques would have been much more detrimental
MoPS: A Modular Protection Scheme for Long-Term Storage
Current trends in technology, such as cloud computing, allow outsourcing the
storage, backup, and archiving of data. This provides efficiency and
flexibility, but also poses new risks for data security. It in particular
became crucial to develop protection schemes that ensure security even in the
long-term, i.e. beyond the lifetime of keys, certificates, and cryptographic
primitives. However, all current solutions fail to provide optimal performance
for different application scenarios. Thus, in this work, we present MoPS, a
modular protection scheme to ensure authenticity and integrity for data stored
over long periods of time. MoPS does not come with any requirements regarding
the storage architecture and can therefore be used together with existing
archiving or storage systems. It supports a set of techniques which can be
plugged together, combined, and migrated in order to create customized
solutions that fulfill the requirements of different application scenarios in
the best possible way. As a proof of concept we implemented MoPS and provide
performance measurements. Furthermore, our implementation provides additional
features, such as guidance for non-expert users and export functionalities for
external verifiers.Comment: Original Publication (in the same form): ASIACCS 201
An Elliptic Curve-based Signcryption Scheme with Forward Secrecy
An elliptic curve-based signcryption scheme is introduced in this paper that
effectively combines the functionalities of digital signature and encryption,
and decreases the computational costs and communication overheads in comparison
with the traditional signature-then-encryption schemes. It simultaneously
provides the attributes of message confidentiality, authentication, integrity,
unforgeability, non-repudiation, public verifiability, and forward secrecy of
message confidentiality. Since it is based on elliptic curves and can use any
fast and secure symmetric algorithm for encrypting messages, it has great
advantages to be used for security establishments in store-and-forward
applications and when dealing with resource-constrained devices.Comment: 13 Pages, 5 Figures, 2 Table
PROPYLA: Privacy Preserving Long-Term Secure Storage
An increasing amount of sensitive information today is stored electronically
and a substantial part of this information (e.g., health records, tax data,
legal documents) must be retained over long time periods (e.g., several decades
or even centuries). When sensitive data is stored, then integrity and
confidentiality must be protected to ensure reliability and privacy. Commonly
used cryptographic schemes, however, are not designed for protecting data over
such long time periods. Recently, the first storage architecture combining
long-term integrity with long-term confidentiality protection was proposed
(AsiaCCS'17). However, the architecture only deals with a simplified storage
scenario where parts of the stored data cannot be accessed and verified
individually. If this is allowed, however, not only the data content itself,
but also the access pattern to the data (i.e., the information which data items
are accessed at which times) may be sensitive information. Here we present the
first long-term secure storage architecture that provides long-term access
pattern hiding security in addition to long-term integrity and long-term
confidentiality protection. To achieve this, we combine information-theoretic
secret sharing, renewable timestamps, and renewable commitments with an
information-theoretic oblivious random access machine. Our performance analysis
of the proposed architecture shows that achieving long-term integrity,
confidentiality, and access pattern hiding security is feasible.Comment: Few changes have been made compared to proceedings versio
- …