2,573 research outputs found
Solving the Shortest Vector Problem in Lattices Faster Using Quantum Search
By applying Grover's quantum search algorithm to the lattice algorithms of
Micciancio and Voulgaris, Nguyen and Vidick, Wang et al., and Pujol and
Stehl\'{e}, we obtain improved asymptotic quantum results for solving the
shortest vector problem. With quantum computers we can provably find a shortest
vector in time , improving upon the classical time
complexity of of Pujol and Stehl\'{e} and the of Micciancio and Voulgaris, while heuristically we expect to find a
shortest vector in time , improving upon the classical time
complexity of of Wang et al. These quantum complexities
will be an important guide for the selection of parameters for post-quantum
cryptosystems based on the hardness of the shortest vector problem.Comment: 19 page
Postprocessing for quantum random number generators: entropy evaluation and randomness extraction
Quantum random-number generators (QRNGs) can offer a means to generate
information-theoretically provable random numbers, in principle. In practice,
unfortunately, the quantum randomness is inevitably mixed with classical
randomness due to classical noises. To distill this quantum randomness, one
needs to quantify the randomness of the source and apply a randomness
extractor. Here, we propose a generic framework for evaluating quantum
randomness of real-life QRNGs by min-entropy, and apply it to two different
existing quantum random-number systems in the literature. Moreover, we provide
a guideline of QRNG data postprocessing for which we implement two
information-theoretically provable randomness extractors: Toeplitz-hashing
extractor and Trevisan's extractor.Comment: 13 pages, 2 figure
Dynamic Traitor Tracing Schemes, Revisited
We revisit recent results from the area of collusion-resistant traitor
tracing, and show how they can be combined and improved to obtain more
efficient dynamic traitor tracing schemes. In particular, we show how the
dynamic Tardos scheme of Laarhoven et al. can be combined with the optimized
score functions of Oosterwijk et al. to trace coalitions much faster. If the
attack strategy is known, in many cases the order of the code length goes down
from quadratic to linear in the number of colluders, while if the attack is not
known, we show how the interleaving defense may be used to catch all colluders
about twice as fast as in the dynamic Tardos scheme. Some of these results also
apply to the static traitor tracing setting where the attack strategy is known
in advance, and to group testing.Comment: 7 pages, 1 figure (6 subfigures), 1 tabl
On formal verification of arithmetic-based cryptographic primitives
Cryptographic primitives are fundamental for information security: they are
used as basic components for cryptographic protocols or public-key
cryptosystems. In many cases, their security proofs consist in showing that
they are reducible to computationally hard problems. Those reductions can be
subtle and tedious, and thus not easily checkable. On top of the proof
assistant Coq, we had implemented in previous work a toolbox for writing and
checking game-based security proofs of cryptographic primitives. In this paper
we describe its extension with number-theoretic capabilities so that it is now
possible to write and check arithmetic-based cryptographic primitives in our
toolbox. We illustrate our work by machine checking the game-based proofs of
unpredictability of the pseudo-random bit generator of Blum, Blum and Shub, and
semantic security of the public-key cryptographic scheme of Goldwasser and
Micali.Comment: 13 page
URDP: General Framework for Direct CCA2 Security from any Lattice-Based PKE Scheme
Design efficient lattice-based cryptosystem secure against adaptive chosen
ciphertext attack (IND-CCA2) is a challenge problem. To the date, full
CCA2-security of all proposed lattice-based PKE schemes achieved by using a
generic transformations such as either strongly unforgeable one-time signature
schemes (SU-OT-SS), or a message authentication code (MAC) and weak form of
commitment. The drawback of these schemes is that encryption requires "separate
encryption". Therefore, the resulting encryption scheme is not sufficiently
efficient to be used in practice and it is inappropriate for many applications
such as small ubiquitous computing devices with limited resources such as smart
cards, active RFID tags, wireless sensor networks and other embedded devices.
In this work, for the first time, we introduce an efficient universal random
data padding (URDP) scheme, and show how it can be used to construct a "direct"
CCA2-secure encryption scheme from "any" worst-case hardness problems in
(ideal) lattice in the standard model, resolving a problem that has remained
open till date. This novel approach is a "black-box" construction and leads to
the elimination of separate encryption, as it avoids using general
transformation from CPA-secure scheme to a CCA2-secure one. IND-CCA2 security
of this scheme can be tightly reduced in the standard model to the assumption
that the underlying primitive is an one-way trapdoor function.Comment: arXiv admin note: text overlap with arXiv:1302.0347, arXiv:1211.6984;
and with arXiv:1205.5224 by other author
- …