239 research outputs found
Cryptography from tensor problems
We describe a new proposal for a trap-door one-way function. The new proposal belongs to the "multivariate quadratic" family but the trap-door is different from existing methods, and is simpler
Some Facets of Complexity Theory and Cryptography: A Five-Lectures Tutorial
In this tutorial, selected topics of cryptology and of computational
complexity theory are presented. We give a brief overview of the history and
the foundations of classical cryptography, and then move on to modern
public-key cryptography. Particular attention is paid to cryptographic
protocols and the problem of constructing the key components of such protocols
such as one-way functions. A function is one-way if it is easy to compute, but
hard to invert. We discuss the notion of one-way functions both in a
cryptographic and in a complexity-theoretic setting. We also consider
interactive proof systems and present some interesting zero-knowledge
protocols. In a zero-knowledge protocol one party can convince the other party
of knowing some secret information without disclosing any bit of this
information. Motivated by these protocols, we survey some complexity-theoretic
results on interactive proof systems and related complexity classes.Comment: 57 pages, 17 figures, Lecture Notes for the 11th Jyvaskyla Summer
Schoo
Discrete logarithms in curves over finite fields
A survey on algorithms for computing discrete logarithms in Jacobians of
curves over finite fields
Diffuse source separation in CMB observations
We review issues and methods for diffuse component separation in the context of Cosmic Microwave Background observation
A New Cryptosystem Based On Hidden Order Groups
Let be a cyclic multiplicative group of order . It is known that the
Diffie-Hellman problem is random self-reducible in with respect to a
fixed generator if is known. That is, given and
having oracle access to a `Diffie-Hellman Problem' solver with fixed generator
, it is possible to compute in polynomial time (see
theorem 3.2). On the other hand, it is not known if such a reduction exists
when is unknown (see conjuncture 3.1). We exploit this ``gap'' to
construct a cryptosystem based on hidden order groups and present a practical
implementation of a novel cryptographic primitive called an \emph{Oracle Strong
Associative One-Way Function} (O-SAOWF). O-SAOWFs have applications in
multiparty protocols. We demonstrate this by presenting a key agreement
protocol for dynamic ad-hoc groups.Comment: removed examples for multiparty key agreement and join protocols,
since they are redundan
RSA Cryptanalysis with Increased Bounds on the Secret Exponent using Less Lattice Dimension
We consider RSA with , , public encryption exponent and private decryption exponent . Boneh and Durfee (Eurocrypt 1999, IEEE-IT 2000) used Coppersmith\u27s method (Journal of Cryptology, 1997) to factorize using when , the {\sf theoretical bound}. Related works have also been presented by Blömer and May (CaLC 2001). However, the {\sf experimental bound} for that has been reached so far is only for 1000 bits (the upper bound on less for higher number of bits). The basic idea relied on LLL algorithm, but the experimental bounds were constrained by large lattice dimensions. In this paper we present
{\sf theoretical results} as well as {\sf experimental evidences} to
{\sf extend the bound of} for which RSA is weak. This requires the
knowledge of a few most significant bits of (alternatively these bits need to be searched exhaustively). We provide experimental results to highlight that the problem can be solved with low lattice dimensions in practice. Our strategy outperforms the existing experimental results by increasing the bounds of . We provide clear evidence that RSA, with of the order of for 1000 bit , can be cryptanalysed in practice from the knowledge of
Public keys quality
Dissertação de mestrado em Matemática e ComputaçãoThe RSA cryptosystem, invented by Ron Rivest, Adi Shamir and Len Adleman ([Rivest et al.,
1978]) is the most commonly used cryptosystem for providing privacy and ensuring authenticity
of digital data. RSA is usually used in contexts where security of digital data is priority. RSA
is used worldwide by web servers and browsers to secure web traffic, to ensure privacy and
authenticity of e-mail, to secure remote login sessions and to provide secure electronic creditcard
payment systems.
Given its importance in the protection of digital data, vulnerabilities of RSA have been
analysed by many researchers. The researches made so far led to a number of fascinating
attacks. Although the attacks helped to improve the security of this cryptosystem, showing that
securely implementing RSA is a nontrivial task, none of them was devastating.
This master thesis discusses the RSA cryptosystem and some of its vulnerabilities as well
as the description of some attacks, both recent and old, together with the description of the
underlying mathematical tools they use. Although many types of attacks exist, in this master
thesis only a few examples were analysed. The ultimate attack, based in the batch-GCD
algorithm, was implemented and tested in the RSA keys produced by a certificated Hardware
Security Modules Luna SA and the results were commented.
The random and pseudorandom numbers are fundamental to many cryptographic applications,
including the RSA cryptosystems. In fact, the produced keys must be generated in a
specific random way. The National Institute of Standards and Technology, responsible entity for
specifying safety standards, provides a package named "A Statistical Test Suit for Random and
Pseudorandom Number Generators for Cryptography Applications" which was used in this work
to test the randomness of the Luna SA generated numbers. All the statistical tests were tested
in different bit sizes number and the results commented.
The main purpose of this thesis is to study the previous subjects and create an applications
capable to test the Luna SA generated numbers randomness, a well as evaluate the security of
the RSA.
This work was developed in partnership with University of Minho and Multicert.O RSA, criado por Ron Rivest, Adi Shamir e Len Adleman ([Rivest et al., 1978]) é o
sistema criptográfico mais utilizado para providenciar segurança e assegurar a autenticação de
dados utilizados no mundo digital. O RSA é usualmente usado em contextos onde a segurança
é a grande prioridade. Hoje em dia, este sistema criptográfico é utilizado mundialmente por
servidores web e por browsers, por forma a assegurar um tráfego seguro através da Internet. É o
sistema criptográfico mais utilizado na autenticação de e-mails, nos inícios de sessões remotos,
na utilização de pagamentos através de cartões multibanco, garantindo segurança na utilização
destes serviços.
Dada a importância que este sistema assume na proteção da informação digital, as suas
vulnerabilidades têm sido alvo de várias investigações. Estas investigações resultaram em vários
ataques ao RSA. Embora nenhum destes ataques seja efetivamente eficaz, todos contribuíram
para um aumento da segurança do RSA, uma vez que as implementações de referência deste
algoritmo passaram a precaver-se contra os ataques descobertos.
Esta tese de mestrado aborda o sistema criptográfico RSA, discutindo algumas das suas
vulnerabilidades, assim como alguns ataques efetuados a este sistema, estudando todos os
métodos matemáticos por estes usados. Embora existam diversos ataques, apenas alguns serão
abordados nesta tese de mestrado. O último ataque, baseado no algoritmo batch-GCD foi
implementado e foram feitos testes em chaves RSA produzidas por um Hardware Security Module
Luna SA certificado e os resultados obtidos foram discutidos.
Os números aleatórios e pseudoaleatórios são fundamentais a todas as aplicações criptográficas,
incluindo, portanto, o sistema criptográfico RSA. De facto, as chaves produzidas deverão
ser geradas com alguma aleatoriedade intrínseca ao sistema. O Instituto Nacional de Standards
e Tecnologia, entidade responsável pela especificação dos standards de segurança, disponibiliza
um pacote de testes estatísticos, denominado por "A Statistical Test Suit for Random and
Pseudorandom Number Generators for Cryptography Applications". Estes testes estatísticos
foram aplicados a números gerados pelo Luna SA e os resultados foram, também, comentados.
O objetivo desta tese de mestrado é desenvolver capacidade de compreensão sobre os assuntos
descritos anteriormente e criar uma aplicação capaz de testar a aleatoriedade dos números
gerados pelo Luna SA, assim como avaliar a segurança do sistema criptográfico RSA.
Este foi um trabalho desenvolvido em parceria com a Universidade do Minho e com a Multicert
- …