Hard Instances of the Constrained Discrete Logarithm Problem

The discrete logarithm problem (DLP) generalizes to the constrained DLP, where the secret exponent $x$ belongs to a set known to the attacker. The complexity of generic algorithms for solving the constrained DLP depends on the choice of the set. Motivated by cryptographic applications, we study sets with succinct representation for which the constrained DLP is hard. We draw on earlier results due to Erd\"os et al. and Schnorr, develop geometric tools such as generalized Menelaus' theorem for proving lower bounds on the complexity of the constrained DLP, and construct sets with succinct representation with provable non-trivial lower bounds

HAL/S-360 compiler test activity report

The levels of testing employed in verifying the HAL/S-360 compiler were as follows: (1) typical applications program case testing; (2) functional testing of the compiler system and its generated code; and (3) machine oriented testing of compiler implementation on operational computers. Details of the initial test plan and subsequent adaptation are reported, along with complete test results for each phase which examined the production of object codes for every possible source statement

Feasibility study of a microprocessor based oculometer system

The elimination of redundancy in data to maximize processing speed and minimize storage requirements were objectives in a feasibility study of a microprocessor based oculometer system that would be portable in size and flexible in use. The appropriate architectural design of the signal processor, improved optics, and the reduction of size, weight, and power to the system were investigated. A flow chart is presented showing the strategy of the design. The simulation for developing microroutines for the high speed algorithmic processor subsystem is discussed as well as the Karhunen-Loeve transform technique for data compression

Computing Low-Weight Discrete Logarithms

We propose some new baby-step giant-step algorithms for computing low-weight discrete logarithms; that is, for computing discrete logarithms in which the radix-b representation of the exponent is known to have only a small number of nonzero digits. Prior to this work, such algorithms had been proposed for the case where the exponent is known to have low Hamming weight (i.e., the radix-2 case). Our new algorithms (i) improve the best-known deterministic complexity for the radix-2 case, and then (ii) generalize from radix-2 to arbitrary radixes b>1. We also discuss how our new algorithms can be used to attack several recent Verifier-based Password Authenticated Key Exchange (VPAKE) protocols from the cryptographic literature with the conclusion that the new algorithms render those constructions completely insecure in practice

Pairings in Cryptology: efficiency, security and applications

Abstract The study of pairings can be considered in so many di�erent ways that it may not be useless to state in a few words the plan which has been adopted, and the chief objects at which it has aimed. This is not an attempt to write the whole history of the pairings in cryptology, or to detail every discovery, but rather a general presentation motivated by the two main requirements in cryptology; e�ciency and security. Starting from the basic underlying mathematics, pairing maps are con- structed and a major security issue related to the question of the minimal embedding �eld [12]1 is resolved. This is followed by an exposition on how to compute e�ciently the �nal exponentiation occurring in the calculation of a pairing [124]2 and a thorough survey on the security of the discrete log- arithm problem from both theoretical and implementational perspectives. These two crucial cryptologic requirements being ful�lled an identity based encryption scheme taking advantage of pairings [24]3 is introduced. Then, perceiving the need to hash identities to points on a pairing-friendly elliptic curve in the more general context of identity based cryptography, a new technique to efficiently solve this practical issue is exhibited. Unveiling pairings in cryptology involves a good understanding of both mathematical and cryptologic principles. Therefore, although �rst pre- sented from an abstract mathematical viewpoint, pairings are then studied from a more practical perspective, slowly drifting away toward cryptologic applications

Cryptographic Pairings: Efficiency and DLP security

This thesis studies two important aspects of the use of pairings in cryptography, efficient algorithms and security. Pairings are very useful tools in cryptography, originally used for the cryptanalysis of elliptic curve cryptography, they are now used in key exchange protocols, signature schemes and Identity-based cryptography. This thesis comprises of two parts: Security and Efficient Algorithms. In Part I: Security, the security of pairing-based protocols is considered, with a thorough examination of the Discrete Logarithm Problem (DLP) as it occurs in PBC. Results on the relationship between the two instances of the DLP will be presented along with a discussion about the appropriate selection of parameters to ensure particular security level. In Part II: Efficient Algorithms, some of the computational issues which arise when using pairings in cryptography are addressed. Pairings can be computationally expensive, so the Pairing-Based Cryptography (PBC) research community is constantly striving to find computational improvements for all aspects of protocols using pairings. The improvements given in this section contribute towards more efficient methods for the computation of pairings, and increase the efficiency of operations necessary in some pairing-based protocol

Secure location-aware communications in energy-constrained wireless networks

Wireless ad hoc network has enabled a variety of exciting civilian, industrial and military applications over the past few years. Among the many types of wireless ad hoc networks, Wireless Sensor Networks (WSNs) has gained popularity because of the technology development for manufacturing low-cost, low-power, multi-functional motes. Compared with traditional wireless network, location-aware communication is a very common communication pattern and is required by many applications in WSNs. For instance, in the geographical routing protocol, a sensor needs to know its own and its neighbors\u27 locations to forward a packet properly to the next hop. The application-aware communications are vulnerable to many malicious attacks, ranging from passive eavesdropping to active spoofing, jamming, replaying, etc. Although research efforts have been devoted to secure communications in general, the properties of energy-constrained networks pose new technical challenges: First, the communicating nodes in the network are always unattended for long periods without physical maintenance, which makes their energy a premier resource. Second, the wireless devices usually have very limited hardware resources such as memory, computation capacity and communication range. Third, the number of nodes can be potentially of very high magnitude. Therefore, it is infeasible to utilize existing secure algorithms designed for conventional wireless networks, and innovative mechanisms should be designed in a way that can conserve power consumption, use inexpensive hardware and lightweight protocols, and accommodate with the scalability of the network. In this research, we aim at constructing a secure location-aware communication system for energy-constrained wireless network, and we take wireless sensor network as a concrete research scenario. Particularly, we identify three important problems as our research targets: (1) providing correct location estimations for sensors in presence of wormhole attacks and pollution attacks, (2) detecting location anomalies according to the application-specific requirements of the verification accuracy, and (3) preventing information leakage to eavesdroppers when using network coding for multicasting location information. Our contributions of the research are as follows: First, we propose two schemes to improve the availability and accuracy of location information of nodes. Then, we study monitoring and detection techniques and propose three lightweight schemes to detect location anomalies. Finally, we propose two network coding schemes which can effectively prevent information leakage to eavesdroppers. Simulation results demonstrate the effectiveness of our schemes in enhancing security of the system. Compared to previous works, our schemes are more lightweight in terms of hardware cost, computation overhead and communication consumptions, and thus are suitable for energy-constrained wireless networks