Secure and linear cryptosystems using error-correcting codes

A public-key cryptosystem, digital signature and authentication procedures based on a Gallager-type parity-check error-correcting code are presented. The complexity of the encryption and the decryption processes scale linearly with the size of the plaintext Alice sends to Bob. The public-key is pre-corrupted by Bob, whereas a private-noise added by Alice to a given fraction of the ciphertext of each encrypted plaintext serves to increase the secure channel and is the cornerstone for digital signatures and authentication. Various scenarios are discussed including the possible actions of the opponent Oscar as an eavesdropper or as a disruptor

Software Grand Exposure: SGX Cache Attacks Are Practical

Side-channel information leakage is a known limitation of SGX. Researchers have demonstrated that secret-dependent information can be extracted from enclave execution through page-fault access patterns. Consequently, various recent research efforts are actively seeking countermeasures to SGX side-channel attacks. It is widely assumed that SGX may be vulnerable to other side channels, such as cache access pattern monitoring, as well. However, prior to our work, the practicality and the extent of such information leakage was not studied. In this paper we demonstrate that cache-based attacks are indeed a serious threat to the confidentiality of SGX-protected programs. Our goal was to design an attack that is hard to mitigate using known defenses, and therefore we mount our attack without interrupting enclave execution. This approach has major technical challenges, since the existing cache monitoring techniques experience significant noise if the victim process is not interrupted. We designed and implemented novel attack techniques to reduce this noise by leveraging the capabilities of the privileged adversary. Our attacks are able to recover confidential information from SGX enclaves, which we illustrate in two example cases: extraction of an entire RSA-2048 key during RSA decryption, and detection of specific human genome sequences during genomic indexing. We show that our attacks are more effective than previous cache attacks and harder to mitigate than previous SGX side-channel attacks

Quantum Key Distribution

This chapter describes the application of lasers, specifically diode lasers, in the area of quantum key distribution (QKD). First, we motivate the distribution of cryptographic keys based on quantum physical properties of light, give a brief introduction to QKD assuming the reader has no or very little knowledge about cryptography, and briefly present the state-of-the-art of QKD. In the second half of the chapter we describe, as an example of a real-world QKD system, the system deployed between the University of Calgary and SAIT Polytechnic. We conclude the chapter with a brief discussion of quantum networks and future steps.Comment: 20 pages, 12 figure

On the Improvement of Wiener Attack on RSA with Small Private Exponent

RSA system is based on the hardness of the integer factorization problem (IFP). Given an RSA modulus N=pq, it is difficult to determine the prime factors p and q efficiently. One of the most famous short exponent attacks on RSA is the Wiener attack. In 1997, Verheul and van Tilborg use an exhaustive search to extend the boundary of the Wiener attack. Their result shows that the cost of exhaustive search is 2r+8 bits when extending the Weiner's boundary r bits. In this paper, we first reduce the cost of exhaustive search from 2r+8 bits to 2r+2 bits. Then, we propose a method named EPF. With EPF, the cost of exhaustive search is further reduced to 2r-6 bits when we extend Weiner's boundary r bits. It means that our result is 214 times faster than Verheul and van Tilborg's result. Besides, the security boundary is extended 7 bits