50 research outputs found
An efficient identification scheme in standard model based on the diophantine equation hard problem
Recently the Diophantine Equation Hard Problem (DEHP) was proposed. It is utilized to design a standard identification scheme model. Since the computation involves only simple addition and multiplication steps, the efficiency and the time cost are greatly improved as compared to the existing identification schemes. In this paper, we propose a zero knowledge identification scheme based upon the DEHP. With the assumption such that DEHP is intractable, we provide the security analysis on the impersonation against non-adaptive passive attack (imp-pa) and show that our new proposed scheme is more desirable due to high efficiency in terms of time computation
Lattice-Based Group Signatures: Achieving Full Dynamicity (and Deniability) with Ease
In this work, we provide the first lattice-based group signature that offers
full dynamicity (i.e., users have the flexibility in joining and leaving the
group), and thus, resolve a prominent open problem posed by previous works.
Moreover, we achieve this non-trivial feat in a relatively simple manner.
Starting with Libert et al.'s fully static construction (Eurocrypt 2016) -
which is arguably the most efficient lattice-based group signature to date, we
introduce simple-but-insightful tweaks that allow to upgrade it directly into
the fully dynamic setting. More startlingly, our scheme even produces slightly
shorter signatures than the former, thanks to an adaptation of a technique
proposed by Ling et al. (PKC 2013), allowing to prove inequalities in
zero-knowledge. Our design approach consists of upgrading Libert et al.'s
static construction (EUROCRYPT 2016) - which is arguably the most efficient
lattice-based group signature to date - into the fully dynamic setting.
Somewhat surprisingly, our scheme produces slightly shorter signatures than the
former, thanks to a new technique for proving inequality in zero-knowledge
without relying on any inequality check. The scheme satisfies the strong
security requirements of Bootle et al.'s model (ACNS 2016), under the Short
Integer Solution (SIS) and the Learning With Errors (LWE) assumptions.
Furthermore, we demonstrate how to equip the obtained group signature scheme
with the deniability functionality in a simple way. This attractive
functionality, put forward by Ishida et al. (CANS 2016), enables the tracing
authority to provide an evidence that a given user is not the owner of a
signature in question. In the process, we design a zero-knowledge protocol for
proving that a given LWE ciphertext does not decrypt to a particular message
Zero-Knowledge Password Policy Check from Lattices
Passwords are ubiquitous and most commonly used to authenticate users when
logging into online services. Using high entropy passwords is critical to
prevent unauthorized access and password policies emerged to enforce this
requirement on passwords. However, with current methods of password storage,
poor practices and server breaches have leaked many passwords to the public. To
protect one's sensitive information in case of such events, passwords should be
hidden from servers. Verifier-based password authenticated key exchange,
proposed by Bellovin and Merrit (IEEE S\&P, 1992), allows authenticated secure
channels to be established with a hash of a password (verifier). Unfortunately,
this restricts password policies as passwords cannot be checked from their
verifier. To address this issue, Kiefer and Manulis (ESORICS 2014) proposed
zero-knowledge password policy check (ZKPPC). A ZKPPC protocol allows users to
prove in zero knowledge that a hash of the user's password satisfies the
password policy required by the server. Unfortunately, their proposal is not
quantum resistant with the use of discrete logarithm-based cryptographic tools
and there are currently no other viable alternatives. In this work, we
construct the first post-quantum ZKPPC using lattice-based tools. To this end,
we introduce a new randomised password hashing scheme for ASCII-based passwords
and design an accompanying zero-knowledge protocol for policy compliance.
Interestingly, our proposal does not follow the framework established by Kiefer
and Manulis and offers an alternate construction without homomorphic
commitments. Although our protocol is not ready to be used in practice, we
think it is an important first step towards a quantum-resistant
privacy-preserving password-based authentication and key exchange system
Lattice-based Group Signature Scheme with Verifier-local Revocation
International audienceSupport of membership revocation is a desirable functionality for any group signature scheme. Among the known revocation approaches, verifier-local revocation (VLR) seems to be the most flexible one, because it only requires the verifiers to possess some up-to-date revocation information, but not the signers. All of the contemporary VLR group signatures operate in the bilinear map setting, and all of them will be insecure once quantum computers become a reality. In this work, we introduce the first lattice-based VLR group signature, and thus, the first such scheme that is believed to be quantum-resistant. In comparison with existing lattice-based group signatures, our scheme has several noticeable advantages: support of membership revocation, logarithmic-size signatures, and weaker security assumption. In the random oracle model, our scheme is proved to be secure based on the hardness of the SIVP_{SoftO(n^{1.5})}$ problem in general lattices - an assumption that is as weak as those of state-of-the-art lattice-based standard signatures. Moreover, our construction works without relying on encryption schemes, which is an intriguing feature for group signatures
Cryptographic Tools for Privacy Preservation
Data permeates every aspect of our daily life and it is the backbone of our digitalized society. Smartphones, smartwatches and many more smart devices measure, collect, modify and share data in what is known as the Internet of Things.Often, these devices don’t have enough computation power/storage space thus out-sourcing some aspects of the data management to the Cloud. Outsourcing computation/storage to a third party poses natural questions regarding the security and privacy of the shared sensitive data.Intuitively, Cryptography is a toolset of primitives/protocols of which security prop- erties are formally proven while Privacy typically captures additional social/legislative requirements that relate more to the concept of “trust” between people, “how” data is used and/or “who” has access to data. This thesis separates the concepts by introducing an abstract model that classifies data leaks into different types of breaches. Each class represents a specific requirement/goal related to cryptography, e.g. confidentiality or integrity, or related to privacy, e.g. liability, sensitive data management and more.The thesis contains cryptographic tools designed to provide privacy guarantees for different application scenarios. In more details, the thesis:(a) defines new encryption schemes that provide formal privacy guarantees such as theoretical privacy definitions like Differential Privacy (DP), or concrete privacy-oriented applications covered by existing regulations such as the European General Data Protection Regulation (GDPR);(b) proposes new tools and procedures for providing verifiable computation’s guarantees in concrete scenarios for post-quantum cryptography or generalisation of signature schemes;(c) proposes a methodology for utilising Machine Learning (ML) for analysing the effective security and privacy of a crypto-tool and, dually, proposes a secure primitive that allows computing specific ML algorithm in a privacy-preserving way;(d) provides an alternative protocol for secure communication between two parties, based on the idea of communicating in a periodically timed fashion
Provably Secure Group Signature Schemes from Code-Based Assumptions
We solve an open question in code-based cryptography by introducing two
provably secure group signature schemes from code-based assumptions. Our basic
scheme satisfies the CPA-anonymity and traceability requirements in the random
oracle model, assuming the hardness of the McEliece problem, the Learning
Parity with Noise problem, and a variant of the Syndrome Decoding problem. The
construction produces smaller key and signature sizes than the previous group
signature schemes from lattices, as long as the cardinality of the underlying
group does not exceed , which is roughly comparable to the current
population of the Netherlands. We develop the basic scheme further to achieve
the strongest anonymity notion, i.e., CCA-anonymity, with a small overhead in
terms of efficiency. The feasibility of two proposed schemes is supported by
implementation results. Our two schemes are the first in their respective
classes of provably secure groups signature schemes. Additionally, the
techniques introduced in this work might be of independent interest. These are
a new verifiable encryption protocol for the randomized McEliece encryption and
a novel approach to design formal security reductions from the Syndrome
Decoding problem.Comment: Full extension of an earlier work published in the proceedings of
ASIACRYPT 201