82 research outputs found
An Uninstantiable Random-Oracle-Model Scheme for a Hybrid Encryption Problem
We present a simple, natural random-oracle (RO) model
scheme, for a practical goal, that is uninstantiable,
meaning is proven in the RO model to meet its goal yet admits
NO standard-model instantiation that meets this goal. The
goal in question is IND-CCA-preserving asymmetric
encryption which formally captures security of the most common
practical usage of asymmetric encryption, namely to transport a
symmetric key in such a way that symmetric encryption under the
latter remains secure. The scheme is an ElGamal variant, called
Hash ElGamal, that resembles numerous existing RO-model schemes,
and on the surface shows no evidence of its anomalous properties.
More generally, we show that a certain goal, that we call
key-verifiable, ciphertext-verifiable IND-CCA-preserving
asymmetric encryption, is achievable in the RO model (by Hash
ElGamal in particular) but unachievable in the standard model.
This helps us better understand the source of the anomalies in
Hash ElGamal and also lifts our uninstantiability result from
being about a specific scheme to being about a primitive or goal.
These results extend our understanding of the gap between the
standard and RO models, and bring concerns raised by previous work
closer to practice by indicating that the problem of RO-model
schemes admitting no secure instantiation can arise in domains
where RO schemes are commonly designed
Analysis of random oracle instantiation scenarios for OAEP and other practical schemes
www.fischlin.d
A Unified Approach to Idealized Model Separations via Indistinguishability Obfuscation
It is well known that the random oracle model is not sound in the sense that there exist cryptographic systems that are secure in the random oracle model but when instantiated by any family of hash functions become insecure. However, all known separation results require the attacker to send an appropriately crafted message to the challenger in order to break security. Thus, this leaves open the possibility that some cryptographic schemes, such as bit-encryption, are still sound in the random oracle model.
In this work we refute this possibility, assuming the existence of indistinguishability obfuscation. We do so in the following way. First, we present a random oracle separation for bit-encryption; namely, we show that there exists a bit-encryption protocol secure in the random oracle model but \emph{completely insecure} when the random oracle is instantiated by any concrete function. Second, we show how to adapt this separation to work for most natural simulation-based and game-based definitions. Our techniques can easily be adapted to other idealized models, and thus we present a \emph{unified approach} to showing separations for most protocols of interest in most idealized models
A method for making password-based key exchange resilient to server compromise
Abstract. This paper considers the problem of password-authenticated key exchange (PAKE) in a client-server setting, where the server authenticates using a stored password file, and it is desirable to maintain some degree of security even if the server is compromised. A PAKE scheme is said to be resilient to server compromise if an adversary who compromises the server must at least perform an offline dictionary attack to gain any advantage in impersonating a client. (Of course, offline dictionary attacks should be infeasible in the absence of server compromise.) One can see that this is the best security possible, since by definition the password file has enough information to allow one to play the role of the server, and thus to verify passwords in an offline dictionary attack. While some previous PAKE schemes have been proven resilient to server compromise, there was no known general technique to take an arbitrary PAKE scheme and make it provably resilient to server compromise. This paper presents a practical technique for doing so which requires essentially one extra round of communication and one signature computation/verification. We prove security in the universal composability framework by (1) defining a new functionality for PAKE with resilience to server compromise, (2) specifying a protocol combining this technique with a (basic) PAKE functionality, and (3) proving (in the random oracle model) that this protocol securely realizes the new functionality.
Efficient Certificateless Public Key Encryption
In [3] Al-Riyami and Paterson introduced the notion of Certificateless Public Key Cryptography and presented an instantiation. In this paper, we revisit the formulation of certificateless public key encryption and construct a more efficient scheme and then extend it to an authenticated
encryption
A non-interactive deniable authentication scheme in the standard model
Deniable authentication protocols enable a sender to authenticate a message to a receiver such that the receiver is unable to prove the identity of the sender to a third party. In contrast to interactive schemes, non-interactive deniable authentication schemes improve communication efficiency. Currently, several non-interactive deniable authentication schemes have been proposed with provable security in the random oracle model. In this paper, we study the problem of constructing non-interactive deniable authentication scheme secure in the standard model without bilinear groups. An efficient non-interactive deniable authentication scheme is presented by combining the Diffie-Hellman key exchange protocol with authenticated encryption schemes. We prove the security of our scheme by sequences of games and show that the computational cost of our construction can be dramatically reduced by applying pre-computation technique
New-Age Cryptography
We introduce new and general complexity theoretic hardness assumptions. These assumptions abstract out concrete properties of a random oracle and are significantly stronger than traditional cryptographic hardness assumptions; however, assuming their validity we can resolve a number of longstandingopen problems in cryptography
Efficient CCA-Secure PKE from Identity-Based Techniques
Office of Research, Singapore Management Universit
Recommended from our members
Exploring Trusted Platform Module Capabilities: A Theoretical and Experimental Study
Trusted platform modules (TPMs) are hardware modules that are bound to a computer's motherboard, that are being included in many desktops and laptops. Augmenting computers with these hardware modules adds powerful functionality in distributed settings, allowing us to reason about the security of these systems in new ways. In this dissertation, I study the functionality of TPMs from a theoretical as well as an experimental perspective. On the theoretical front, I leverage various features of TPMs to construct applications like random oracles that are impossible to implement in a standard model of computation. Apart from random oracles, I construct a new cryptographic primitive which is basically a non-interactive form of the standard cryptographic primitive of oblivious transfer. I apply this new primitive to secure mobile agent computations, where interaction between various entities is typically required to ensure security. I prove these constructions are secure using standard cryptographic techniques and assumptions. To test the practicability of these constructions and their applications, I performed an experimental study, both on an actual TPM and a software TPM simulator which has been enhanced to make it reflect timings from a real TPM. This allowed me to benchmark the performance of the applications and test the feasibility of the proposed extensions to standard TPMs. My tests also show that these constructions are practical
- …