381 research outputs found
Ubic: Bridging the gap between digital cryptography and the physical world
Advances in computing technology increasingly blur the boundary between the
digital domain and the physical world. Although the research community has
developed a large number of cryptographic primitives and has demonstrated their
usability in all-digital communication, many of them have not yet made their
way into the real world due to usability aspects. We aim to make another step
towards a tighter integration of digital cryptography into real world
interactions. We describe Ubic, a framework that allows users to bridge the gap
between digital cryptography and the physical world. Ubic relies on
head-mounted displays, like Google Glass, resource-friendly computer vision
techniques as well as mathematically sound cryptographic primitives to provide
users with better security and privacy guarantees. The framework covers key
cryptographic primitives, such as secure identification, document verification
using a novel secure physical document format, as well as content hiding. To
make a contribution of practical value, we focused on making Ubic as simple,
easily deployable, and user friendly as possible.Comment: In ESORICS 2014, volume 8712 of Lecture Notes in Computer Science,
pp. 56-75, Wroclaw, Poland, September 7-11, 2014. Springer, Berlin, German
Conscript Your Friends into Larger Anonymity Sets with JavaScript
We present the design and prototype implementation of ConScript, a framework
for using JavaScript to allow casual Web users to participate in an anonymous
communication system. When a Web user visits a cooperative Web site, the site
serves a JavaScript application that instructs the browser to create and submit
"dummy" messages into the anonymity system. Users who want to send non-dummy
messages through the anonymity system use a browser plug-in to replace these
dummy messages with real messages. Creating such conscripted anonymity sets can
increase the anonymity set size available to users of remailer, e-voting, and
verifiable shuffle-style anonymity systems. We outline ConScript's
architecture, we address a number of potential attacks against ConScript, and
we discuss the ethical issues related to deploying such a system. Our
implementation results demonstrate the practicality of ConScript: a workstation
running our ConScript prototype JavaScript client generates a dummy message for
a mix-net in 81 milliseconds and it generates a dummy message for a
DoS-resistant DC-net in 156 milliseconds.Comment: An abbreviated version of this paper will appear at the WPES 2013
worksho
A Distinguisher-Based Attack of a Homomorphic Encryption Scheme Relying on Reed-Solomon Codes
Bogdanov and Lee suggested a homomorphic public-key encryption scheme based
on error correcting codes. The underlying public code is a modified
Reed-Solomon code obtained from inserting a zero submatrix in the Vandermonde
generating matrix defining it. The columns that define this submatrix are kept
secret and form a set . We give here a distinguisher that detects if one or
several columns belong to or not. This distinguisher is obtained by
considering the code generated by component-wise products of codewords of the
public code (the so called "square code"). This operation is applied to
punctured versions of this square code obtained by picking a subset
of the whole set of columns. It turns out that the dimension of the
punctured square code is directly related to the cardinality of the
intersection of with . This allows an attack which recovers the full set
and which can then decrypt any ciphertext.Comment: 11 page
Pairing-based cryptosystems and key agreement protocols.
For a long time, pairings on elliptic curves have been considered to be destructive in elliptic curve cryptography. Only recently after some pioneering works, particularly the well-known Boneh-Franklin identity-based encryption (IBE), pairings have quickly become an important
tool to construct novel cryptographic schemes.
In this thesis, several new cryptographic schemes with pairings are proposed, which are both efficient and secure with respect to a properly defined security model, and some
relevant previous schemes are revisited.
IBE provides a public key encryption mechanism where a public key can be an arbitrary string such as an entity identifier and unwieldy certificates are unnecessary. Based on the Sakai-Kasahara key construction, an IBE scheme which is secure in the Boneh-Franklin IBE model is constructed, and two identity-based key encapsulation mechanisms are proposed. These schemes achieve the best efficiency among the existing schemes to date. Recently Al-Riyami and Paterson introduced the certificateless public key encryption (CL-PKE) paradigm, which eliminates the need of certificates and at the same time retains the desirable properties of IBE without the key escrow problem. The security formulation of CL-PKE is revisited and a strong security model for this type of mechanism is defined.
Following a heuristic approach, three efficient CL-PKE schemes which are secure in the defined strong security model are proposed. Identity-based two-party key agreement protocols from pairings are also investigated.
The Bellare-Rogaway key agreement model is enhanced and within the model several previously unproven protocols in the literature are formally analysed. In considering that the user identity may be sensitive information in many environments, an identity-based key agreement protocol with unilateral identity privacy is proposed
- …