Algorithms and cryptographic protocols using elliptic curves

En els darrers anys, la criptografia amb corbes el.líptiques ha adquirit una importància creixent, fins a arribar a formar part en la actualitat de diferents estàndards industrials. Tot i que s'han dissenyat variants amb corbes el.líptiques de criptosistemes clàssics, com el RSA, el seu màxim interès rau en la seva aplicació en criptosistemes basats en el Problema del Logaritme Discret, com els de tipus ElGamal. En aquest cas, els criptosistemes el.líptics garanteixen la mateixa seguretat que els construïts sobre el grup multiplicatiu d'un cos finit primer, però amb longituds de clau molt menor. Mostrarem, doncs, les bones propietats d'aquests criptosistemes, així com els requeriments bàsics per a que una corba sigui criptogràficament útil, estretament relacionat amb la seva cardinalitat. Revisarem alguns mètodes que permetin descartar corbes no criptogràficament útils, així com altres que permetin obtenir corbes bones a partir d'una de donada. Finalment, descriurem algunes aplicacions, com són el seu ús en Targes Intel.ligents i sistemes RFID, per concloure amb alguns avenços recents en aquest camp.The relevance of elliptic curve cryptography has grown in recent years, and today represents a cornerstone in many industrial standards. Although elliptic curve variants of classical cryptosystems such as RSA exist, the full potential of elliptic curve cryptography is displayed in cryptosystems based on the Discrete Logarithm Problem, such as ElGamal. For these, elliptic curve cryptosystems guarantee the same security levels as their finite field analogues, with the additional advantage of using significantly smaller key sizes. In this report we show the positive properties of elliptic curve cryptosystems, and the requirements a curve must meet to be useful in this context, closely related to the number of points. We survey methods to discard cryptographically uninteresting curves as well as methods to obtain other useful curves from a given one. We then describe some real world applications such as Smart Cards and RFID systems and conclude with a snapshot of recent developments in the field

Montgomery曲線を用いたKMOV暗号について

東京都立大

Chinese remaindering based cryptosystems in the presence of faults

We present some observations on public key cryptosystems that use the Chinese remaindering algorithm. Our results imply that careless implementations of such systems could be vulnerable. Only one faulty signature, in some explained context, is enough to recover the secret ke

Побудова атаки з використанням структури простих чисел на RSA подiбнi криптосистеми зi складеним модулем

Квалiфiкацiйна робота мiстить: 56 стор., 63 джерела. Метою роботи є дослiдження стiйкостi RSA-подiбних криптосистем зi складеним модулем до атаки з використанням часткового знання щодо простих чисел модуля. Об’єктом дослiдження є iнформацiйнi процеси в системах криптографiчного захисту. Предметом дослiдження є стiйкiсть RSA-подiбних криптосистем зi складеним модулем до атаки з використанням структури простих чисел та наймолодших значущих бiтiв. У ходi дослiдження зроблено огляд криптосистеми RSA та її модифiкацiй. Розглянуто наявнi атаки на криптосистему RSA та на RSA-подiбнi криптосистеми. Результатами роботи є покращення наявної атаки на криптосистему RSA. Дослiджено криптосистеми PP − RSA та GPP − RSA, якi є модифiкацiями криптосистеми RSA. Побудована атака з використанням структури простих чисел на криптосистему PP − RSA та обчислена оцiнка її складностi. Побудована атака з використанням структури простих чисел на криптосистему GPP − RSA та обчислена оцiнка її складностi. Обчислена оцiнка кiлькостi простих чисел спецiального вигляду, якi використовуються у запропонованих атаках.The thesis contains: 56 pages, 63 sources. The purpose of work is analyzing the security of the RSA-type cryptosystems with a composed module to attack using partial knowledge of module’s prime factors. The object is information processes in cryptographic protection systems. The subject is the resistance of RSA-type cryptosystems with a composed module to attack using special-structured primes and the least significant bits. The thesis reviews the cryptosystem RSA and its modifications. Existing attacks on the RSA cryptosystem and on RSA-type cryptosystems are considered. The result of work is to improve the existing attack on the RSA cryptosystem. Investigated PP − RSA and GPP − RSA cryptosystems, which are a modification of the RSA cryptosystem. Constructed attack using the special-structured primes on the PP − RSA cryptosystems and calculated estimate of the complexity of the proposed attack. Constructed attack using the special-structured primes on the GPP − RSA cryptosystems and calculated estimate of the complexity of the proposed attack. Estimate of the special-structured primes, which are used in the proposed attacks, is calculated

Efficient cryptosystem for universally verifiable mixnets

Projecte final de carrera realitzat en col.laboració amb Scytl Secure Electronic Votin

Instantiability of Classical Random-Oracle-Model Encryption Transforms

Extending work leveraging program obfuscation to instantiate random-oracle-based transforms (e.g., Hohenberger et al., EUROCRYPT 2014, Kalai et al., CRYPTO 2017), we show that, using obfuscation and other assumptions, there exist standard-model hash functions that suffice to instantiate the classical RO-model encryption transforms OAEP (Bellare and Rogaway, EUROCRYPT 1994) and Fujisaki-Okamoto (CRYPTO 1999, J. Cryptology 2013) for specific public-key encryption (PKE) schemes to achieve IND-CCA security. Our result for Fujisaki-Okamoto employs a simple modification to the scheme. Our instantiations do not require much stronger assumptions on the base schemes compared to their corresponding RO-model proofs. For example, to instantiate low-exponent RSA-OAEP, the assumption we need on RSA is sub-exponential partial one-wayness, matching the assumption (partial one-wayness) on RSA needed by Fujisaki et al. (J. Cryptology 2004) in the RO model up to sub-exponentiality. For the part of Fujisaki-Okamoto that upgrades public-key encryption satisfying indistinguishability against plaintext checking attack to IND-CCA, we again do not require much stronger assumptions up to sub-exponentiality. We obtain our hash functions in a unified way, extending a technique of Brzuska and Mittelbach (ASIACRYPT 2014). We incorporate into their technique: (1) extremely lossy functions (ELFs), a notion by Zhandry (CRYPTO 2016), and (2) multi-bit auxiliary-input point function obfuscation (MB-AIPO). While MB-AIPO is impossible in general (Brzuska and Mittelbach, ASIACRYPT 2014), we give plausible constructions for the special cases we need, which may be of independent interest

Aggregating privatized medical data for secure querying applications

 This thesis analyses and examines the challenges of aggregation of sensitive data and data querying on aggregated data at cloud server. This thesis also delineates applications of aggregation of sensitive medical data in several application scenarios, and tests privatization techniques to assist in improving the strength of privacy and utility