A new cryptosystem analogous to LUCELG and Cramer-Shoup

A special group based on a linear recurrence equation plays an important role in modern cryptography. Its relation appeared differently in various cryptosystem. Some cryptosystems that use this linear recurrence property are LUC, LUCDIF, and LUCELG but the first practical Lucas function in a cryptosystem is LUC, presented by Peter Smith and Michael Lennon in 1993. Cramer-Shoup is a practical public key cryptosystem provably secure against adaptive chosen ciphertext attack that requires a universal one-way hash function. Based on LUCELG and Cramer-Shoup cryptosystems, a new public key cryptosystem is developed by generating the key generation, encryption and decryption algorithm. There are two types of security for the new cryptosystem that we are concerned which are the security of Lucas function and its security against an adaptive chosen ciphertext attack. Since the encryption and decryption algorithm of a new cryptosystem is based on the defined Lucas function, it is believed that the security of Lucas function is polynomial-time equivalent to the generalized discrete logarithm problems. Moreover, the new cryptosystem is secure against adaptive chosen ciphertext attack by assuming that the hash function is chosen from a universal one-way family and the Diffie-Hellm an decision problem is hard in the finite field

Public Key Encryption Supporting Plaintext Equality Test and User-Specified Authorization

In this paper we investigate a category of public key encryption schemes which supports plaintext equality test and user-specified authorization. With this new primitive, two users, who possess their own public/private key pairs, can issue token(s) to a proxy to authorize it to perform plaintext equality test from their ciphertexts. We provide a formal formulation for this primitive, and present a construction with provable security in our security model. To mitigate the risks against the semi-trusted proxies, we enhance the proposed cryptosystem by integrating the concept of computational client puzzles. As a showcase, we construct a secure personal health record application based on this primitive

Group theory in cryptography

This paper is a guide for the pure mathematician who would like to know more about cryptography based on group theory. The paper gives a brief overview of the subject, and provides pointers to good textbooks, key research papers and recent survey papers in the area.Comment: 25 pages References updated, and a few extra references added. Minor typographical changes. To appear in Proceedings of Groups St Andrews 2009 in Bath, U

On the Gold Standard for Security of Universal Steganography

While symmetric-key steganography is quite well understood both in the information-theoretic and in the computational setting, many fundamental questions about its public-key counterpart resist persistent attempts to solve them. The computational model for public-key steganography was proposed by von Ahn and Hopper in EUROCRYPT 2004. At TCC 2005, Backes and Cachin gave the first universal public-key stegosystem - i.e. one that works on all channels - achieving security against replayable chosen-covertext attacks (SS-RCCA) and asked whether security against non-replayable chosen-covertext attacks (SS-CCA) is achievable. Later, Hopper (ICALP 2005) provided such a stegosystem for every efficiently sampleable channel, but did not achieve universality. He posed the question whether universality and SS-CCA-security can be achieved simultaneously. No progress on this question has been achieved since more than a decade. In our work we solve Hopper's problem in a somehow complete manner: As our main positive result we design an SS-CCA-secure stegosystem that works for every memoryless channel. On the other hand, we prove that this result is the best possible in the context of universal steganography. We provide a family of 0-memoryless channels - where the already sent documents have only marginal influence on the current distribution - and prove that no SS-CCA-secure steganography for this family exists in the standard non-look-ahead model.Comment: EUROCRYPT 2018, llncs styl