360 research outputs found
The Elgamal Cryptosystem is better than Th RSA Cryptosystem for Mental Poker
Cryptosystems are one of the most important parts of secure online poker card games. However, there is no research comparing the RSA Cryptosystem (RC) and Elgamal Cryptosystem (EC) for mental poker card games. This paper compares the RSA Cryptosystem and Elgamal Cryptosystem implementations of mental poker card games using distributed key generation schemes. Each implementation is based on a joint encryption/decryption of individual cards. Both implementations use shared private key encryption/decryption schemes and neither uses a trusted third party (TTP). The comparison criteria will be concentrated on the security and computational complexity of the game, collusions among the players and the debate between the discrete logarithm problem (DLP) and the factoring problem (FP) for the encryption/decryption schemes. Under these criteria, the comparison results demonstrate that the Elgamal Cryptosystem has better efficiency and effectiveness than RSA for mental poker card games
Private Multi-party Matrix Multiplication and Trust Computations
This paper deals with distributed matrix multiplication. Each player owns
only one row of both matrices and wishes to learn about one distinct row of the
product matrix, without revealing its input to the other players. We first
improve on a weighted average protocol, in order to securely compute a
dot-product with a quadratic volume of communications and linear number of
rounds. We also propose a protocol with five communication rounds, using a
Paillier-like underlying homomorphic public key cryptosystem, which is secure
in the semi-honest model or secure with high probability in the malicious
adversary model. Using ProVerif, a cryptographic protocol verification tool, we
are able to check the security of the protocol and provide a countermeasure for
each attack found by the tool. We also give a randomization method to avoid
collusion attacks. As an application, we show that this protocol enables a
distributed and secure evaluation of trust relationships in a network, for a
large class of trust evaluation schemes.Comment: Pierangela Samarati. SECRYPT 2016 : 13th International Conference on
Security and Cryptography, Lisbonne, Portugal, 26--28 Juillet 2016. 201
A distributed public key creation system for ad-hoc groups
Ad-hoc networks are on the forefront of technological advances as more embedded devices allow for wireless communications without necessarily requiring a network infrastructure to connect to. One of the larger problems associated with such ad-hoc networks is the lack of being able to access a PKI to create individual secure sessions for these groups being created. For this project, an implementation generating the public and private keys for an RSA public-key protocol has been created on top of the M2MI middleware developed at RIT. In this implementation, as originally described by Dan Boneh, all parties help contribute to the generation of the RSA public modulus, N, without explicitly knowing the factorization of it. It has been shown that this implementation requires, on average, 32689 rounds of the protocol to create a 1024-bit RSA modulus for the group, and has an approximate growth of log2(N) 25 rounds per bit
A New Cryptosystem Based On Hidden Order Groups
Let be a cyclic multiplicative group of order . It is known that the
Diffie-Hellman problem is random self-reducible in with respect to a
fixed generator if is known. That is, given and
having oracle access to a `Diffie-Hellman Problem' solver with fixed generator
, it is possible to compute in polynomial time (see
theorem 3.2). On the other hand, it is not known if such a reduction exists
when is unknown (see conjuncture 3.1). We exploit this ``gap'' to
construct a cryptosystem based on hidden order groups and present a practical
implementation of a novel cryptographic primitive called an \emph{Oracle Strong
Associative One-Way Function} (O-SAOWF). O-SAOWFs have applications in
multiparty protocols. We demonstrate this by presenting a key agreement
protocol for dynamic ad-hoc groups.Comment: removed examples for multiparty key agreement and join protocols,
since they are redundan
Hard isogeny problems over RSA moduli and groups with infeasible inversion
We initiate the study of computational problems on elliptic curve isogeny
graphs defined over RSA moduli. We conjecture that several variants of the
neighbor-search problem over these graphs are hard, and provide a comprehensive
list of cryptanalytic attempts on these problems. Moreover, based on the
hardness of these problems, we provide a construction of groups with infeasible
inversion, where the underlying groups are the ideal class groups of imaginary
quadratic orders.
Recall that in a group with infeasible inversion, computing the inverse of a
group element is required to be hard, while performing the group operation is
easy. Motivated by the potential cryptographic application of building a
directed transitive signature scheme, the search for a group with infeasible
inversion was initiated in the theses of Hohenberger and Molnar (2003). Later
it was also shown to provide a broadcast encryption scheme by Irrer et al.
(2004). However, to date the only case of a group with infeasible inversion is
implied by the much stronger primitive of self-bilinear map constructed by
Yamakawa et al. (2014) based on the hardness of factoring and
indistinguishability obfuscation (iO). Our construction gives a candidate
without using iO.Comment: Significant revision of the article previously titled "A Candidate
Group with Infeasible Inversion" (arXiv:1810.00022v1). Cleared up the
constructions by giving toy examples, added "The Parallelogram Attack" (Sec
5.3.2). 54 pages, 8 figure
A Novel Method of Encryption using Modified RSA Algorithm and Chinese Remainder Theorem
Security can only be as strong as the weakest link. In this world of cryptography, it is now well established, that the weakest link lies in the implementation of cryptographic algorithms. This project deals with RSA algorithm implementation with and without Chinese Remainder Theorem and also using Variable Radix number System. In practice, RSA public exponents are chosen to be small which makes encryption and signature verification reasonably fast. Private exponents however should never be small for obvious security reasons. This makes decryption slow. One way to speed things up is to split things up, calculate modulo p and modulo q using Chinese Remainder Theorem. For smart cards which usually have limited computing power, this is a very important and useful technique. This project aims at implementing RSA algorithm using Chinese Remainder Theorem as well as to devise a modification using which it would be still harder to decrypt a given encrypted message by employing a Variable radix system in order to encrypt the given message at the first place
A Practical Approach to the Secure Computation of the Moore-Penrose Pseudoinverse over the Rationals
Solving linear systems of equations is a universal problem. In the context of secure multiparty computation (MPC), a method to solve such systems, especially for the case in which the rank of the system is unknown and should remain private, is an important building block.
We devise an efficient and data-oblivious algorithm (meaning that the algorithm\u27s execution time and branching behavior are independent of all secrets) for solving a bounded integral linear system of unknown rank over the rational numbers via the Moore-Penrose pseudoinverse, using finite-field arithmetic. I.e., we compute the Moore-Penrose inverse over a finite field of sufficiently large order, so that we can recover the rational solution from the solution over the finite field.
While we have designed the algorithm with an MPC context in mind, it could be valuable also in other contexts where data-obliviousness is required, like secure enclaves in CPUs.
Previous work by Cramer, Kiltz and Padró (CRYPTO 2007) proposes a constant-rounds protocol for computing the Moore-Penrose pseudoinverse over a finite field. The asymptotic complexity (counted as the number of secure multiplications) of their solution is , where and , , are the dimensions of the linear system. To reduce the number of secure multiplications, we sacrifice the constant-rounds property and propose a protocol for computing the Moore-Penrose pseudoinverse over the rational numbers in a linear number of rounds, requiring only secure multiplications.
To obtain the common denominator of the pseudoinverse, required for constructing an integer-representation of the pseudoinverse, we generalize a result by Ben-Israel for computing the squared volume of a matrix. Also, we show how to precondition a symmetric matrix to achieve generic rank profile while preserving symmetry and being able to remove the preconditioner after it has served its purpose. These results may be of independent interest
Threshold cryptography based on Asmuth–Bloom secret sharing
Cataloged from PDF version of article.In this paper, we investigate how threshold cryptography can be conducted with the Asmuth-Bloom secret sharing scheme and present three novel function sharing schemes for RSA, ElGamal and Paillier cryptosysterns. To the best of our knowledge, these are the first provably secure threshold cryptosystems realized using the Asmuth-Bloom secret sharing. Proposed schemes are comparable in performance to earlier proposals in threshold cryptography. (c) 2007 Elsevier Inc. All rights reserved
- …