135,314 research outputs found
Spectral approach to the communication complexity of multi-party key agreement
In multi-party key agreement protocols it is assumed that the parties are
given correlated input data and should agree on a common secret key so that the
eavesdropper cannot obtain any information on this key by listening to the
communications between the parties. We consider the one-shot setting, when
there is no ergodicity assumption on the input data.
It is known that the optimal size of the secret key can be characterized in
terms of the mutual information between different combinations of the input
data sets, and the optimal key can be produced with the help of the omniscience
protocol. However, the optimal communication complexity of this problem remains
unknown.
We show that the communication complexity of the omniscience protocol is
optimal, at least for some complexity profiles of the input data, in the
setting with restricted interaction between parties (the simultaneous messages
model). We also provide some upper and lower bounds for communication
complexity for other communication problems. Our proof technique combines
information-theoretic inequalities and the spectral method.Comment: 18 pages, 5 figure
Breaking the quadratic barrier: Quantum cryptanalysis of Milenage, telecommunications’ cryptographic backbone
The potential advent of large-scale quantum computers in the near future poses a threat to contemporary cryptography.
One ubiquitous usage of cryptography is currently present in the vibrant field of cellular networks.
The cryptography of cellular networks is centered around seven secret-key algorithms , aggregated into an authentication and key agreement algorithm set.
Still, to the best of our knowledge, these secret key algorithms have not yet been subject to quantum cryptanalysis. Instead, many quantum security considerations for telecommunication networks argue that the threat posed by quantum computers is restricted to public-key cryptography. However, various recent works have presented quantum attacks on secret key cryptography that exploit quantum period finding to achieve more than a quadratic speedup compared to the best known classical attacks. Motivated by this quantum threat to symmetric cryptography, this paper presents a quantum cryptanalysis for the Milenage algorithm set, the prevalent instantiation of the seven secret-key algorithms that underpin cellular security.
Building upon recent quantum cryptanalytic results, we show attacks that go beyond a quadratic speedup.
Concretely, we provide quantum attack scenarios for all Milenage algorithms, including exponential speedups when the attacker is allowed to issue superposition queries. Our results do not constitute a quantum break of the Milenage algorithms, but they do show that Milenage suffers from structural weaknesses making it susceptible to quantum attacks
Attacks to a proxy-mediated key agreement protocol based on symmetric encryption
In this paper, we describe several attacks to the protocol by Nguyen et al. presented at ESORICS 2016, an authenticated key agreement protocol mediated by a proxy entity, restricted to only symmetric encryption primitives and intended for IoT environments. This protocol uses long-term weak secrets as intermediate values during encryption and decryption procedures, which implies that these can be used to encrypt and decrypt messages without knowing the corresponding secret keys. In our work, we show how access to weak secrets can break forward security and lead to key compromise impersonation attacks. Moreover, we demonstrate that this problem cannot be solved even if the affected user revokes his previous secret key and updates it to a new one. In addition, we explain how the choice of a keyed hash as part of the protocol makes it potentially vulnerable to length-extension attacks, depending on the choice of hash function. We illustrate this latter problem experimentally. Finally, we show how a combination of these exploits can be used to set up elaborate attack scenarios
Fundamental limits on key rates in device-independent quantum key distribution
In this paper, we introduce intrinsic non-locality as a quantifier for Bell
non-locality, and we prove that it satisfies certain desirable properties such
as faithfulness, convexity, and monotonicity under local operations and shared
randomness. We then prove that intrinsic non-locality is an upper bound on the
secret-key-agreement capacity of any device-independent protocol conducted
using a device characterized by a correlation . We also prove that intrinsic
steerability is an upper bound on the secret-key-agreement capacity of any
semi-device-independent protocol conducted using a device characterized by an
assemblage . We also establish the faithfulness of intrinsic
steerability and intrinsic non-locality. Finally, we prove that intrinsic
non-locality is bounded from above by intrinsic steerability.Comment: 44 pages, 4 figures, final version accepted for publication in New
Journal of Physic
Semi-quantum communication: Protocols for key agreement, controlled secure direct communication and dialogue
Semi-quantum protocols that allow some of the users to remain classical are
proposed for a large class of problems associated with secure communication and
secure multiparty computation. Specifically, first time semi-quantum protocols
are proposed for key agreement, controlled deterministic secure communication
and dialogue, and it is shown that the semi-quantum protocols for controlled
deterministic secure communication and dialogue can be reduced to semi-quantum
protocols for e-commerce and private comparison (socialist millionaire
problem), respectively. Complementing with the earlier proposed semi-quantum
schemes for key distribution, secret sharing and deterministic secure
communication, set of schemes proposed here and subsequent discussions have
established that almost every secure communication and computation tasks that
can be performed using fully quantum protocols can also be performed in
semi-quantum manner. Further, it addresses a fundamental question in context of
a large number problems- how much quantumness is (how many quantum parties are)
required to perform a specific secure communication task? Some of the proposed
schemes are completely orthogonal-state-based, and thus, fundamentally
different from the existing semi-quantum schemes that are
conjugate-coding-based. Security, efficiency and applicability of the proposed
schemes have been discussed with appropriate importance.Comment: 19 pages 1 figur
Cryptanalysis of three matrix-based key establishment protocols
We cryptanalyse a matrix-based key transport protocol due to Baumslag, Camps,
Fine, Rosenberger and Xu from 2006. We also cryptanalyse two recently proposed
matrix-based key agreement protocols, due to Habeeb, Kahrobaei and Shpilrain,
and due to Romanczuk and Ustimenko.Comment: 9 page
Key Distillation and the Secret-Bit Fraction
We consider distillation of secret bits from partially secret noisy
correlations P_ABE, shared between two honest parties and an eavesdropper. The
most studied distillation scenario consists of joint operations on a large
number of copies of the distribution (P_ABE)^N, assisted with public
communication. Here we consider distillation with only one copy of the
distribution, and instead of rates, the 'quality' of the distilled secret bits
is optimized, where the 'quality' is quantified by the secret-bit fraction of
the result. The secret-bit fraction of a binary distribution is the proportion
which constitutes a secret bit between Alice and Bob. With local operations and
public communication the maximal extractable secret-bit fraction from a
distribution P_ABE is found, and is denoted by Lambda[P_ABE]. This quantity is
shown to be nonincreasing under local operations and public communication, and
nondecreasing under eavesdropper's local operations: it is a secrecy monotone.
It is shown that if Lambda[P_ABE]>1/2 then P_ABE is distillable, thus providing
a sufficient condition for distillability. A simple expression for
Lambda[P_ABE] is found when the eavesdropper is decoupled, and when the honest
parties' information is binary and the local operations are reversible.
Intriguingly, for general distributions the (optimal) operation requires local
degradation of the data.Comment: 12 page
Secret Key Agreement from Correlated Data, with No Prior Information
A fundamental question that has been studied in cryptography and in
information theory is whether two parties can communicate confidentially using
exclusively an open channel. We consider the model in which the two parties
hold inputs that are correlated in a certain sense. This model has been studied
extensively in information theory, and communication protocols have been
designed which exploit the correlation to extract from the inputs a shared
secret key. However, all the existing protocols are not universal in the sense
that they require that the two parties also know some attributes of the
correlation. In other words, they require that each party knows something about
the other party's input. We present a protocol that does not require any prior
additional information. It uses space-bounded Kolmogorov complexity to measure
correlation and it allows the two legal parties to obtain a common key that
looks random to an eavesdropper that observes the communication and is
restricted to use a bounded amount of space for the attack. Thus the protocol
achieves complexity-theoretical security, but it does not use any unproven
result from computational complexity. On the negative side, the protocol is not
efficient in the sense that the computation of the two legal parties uses more
space than the space allowed to the adversary.Comment: Several small errors have been fixed and the presentation has been
improved, following the reviewers' observation
- …