07381 Abstracts Collection -- Cryptography

From 16.09.2007 to 21.09.2007 the Dagstuhl Seminar 07381 ``Cryptography\u27\u27 was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available

Cryptanalysis and improvement of an efficient certificateless signature scheme

In traditional digital signature schemes, certificates signed by a trusted party are required to ensure the authenticity of the public key. In Asiacrypt 2003, the concept of certificateless signature scheme was introduced. The advantage of certificate-less public key cryptography successfully eliminates the necessity of certificates in the traditional public key cryptography and simultaneously solves the inherent key escrow problem suffered in identity-based cryptography. Recently, Yap et al. proposed an efficient certificateless signature scheme and claimed that their scheme is existentially unforgeable in the random oracle model. In this paper, we show that the certificateless signature scheme proposed by Yap et al. is insecure against public key replacement attacks. Furthermore, we propose an improved certificateless signature scheme, which is existentially unforgeable against adaptive chosen message attacks under the computational Diffie-Hellman assumption in the random oracle model and provide the security proof of the proposed scheme

Random Oracles in a Quantum World

The interest in post-quantum cryptography - classical systems that remain secure in the presence of a quantum adversary - has generated elegant proposals for new cryptosystems. Some of these systems are set in the random oracle model and are proven secure relative to adversaries that have classical access to the random oracle. We argue that to prove post-quantum security one needs to prove security in the quantum-accessible random oracle model where the adversary can query the random oracle with quantum states. We begin by separating the classical and quantum-accessible random oracle models by presenting a scheme that is secure when the adversary is given classical access to the random oracle, but is insecure when the adversary can make quantum oracle queries. We then set out to develop generic conditions under which a classical random oracle proof implies security in the quantum-accessible random oracle model. We introduce the concept of a history-free reduction which is a category of classical random oracle reductions that basically determine oracle answers independently of the history of previous queries, and we prove that such reductions imply security in the quantum model. We then show that certain post-quantum proposals, including ones based on lattices, can be proven secure using history-free reductions and are therefore post-quantum secure. We conclude with a rich set of open problems in this area.Comment: 38 pages, v2: many substantial changes and extensions, merged with a related paper by Boneh and Zhandr

PFCBAS: pairing free and provable certificate-based aggregate signature scheme for the e-healthcare monitoring system

Recently, one of the most popular technologies of the modern era, the Internet of Things, allows the deployment and usage of various real-time test beds in various smart applications. One such application is the e-healthcare, in which patients' healthcare related data are transmitted to the nearest base station and then to a local or remote server as per the requirements. The data related to patients' health are sensitive and need special protection, therefore, the integrity and authentication of the sources of data generation are paramount concerns. However, several authentication or signature schemes that have been introduced in the past for this purpose are ID-based or having certificate-less settings. In these settings, a central authority, known as a trusted authority (TA), creates and distributes the secret key of every user. Thus, knowing the secrete key by the TA is called key escrow problem. But, these proposed schemes suffer from key distribution problems, which limit their applications in various applications. To mitigate these issues, this paper presents a certificate-based pairing free aggregate signature scheme (CBPFAS). The proposed scheme uses the merits of public key cryptography (PKC) and identity-based PKC (IDBPKC). The scheme is proven to be unforgeable, assuming the hardness of elliptic curve discrete log problem (ECDLP). The performance analysis shows that the proposed CBPFAS scheme executes in 0.78(n+1) ms in comparison to 9.63+1.17n ms in [1], 9.63+0.78n ms in [2], 9.63+3.39n ms in [3], and 9.63+1.17n ms in [4]. From these results, it is concluded that the proposed pairing free certificate-based aggregate signature scheme performs better than its counterparts

Quantum Cryptography Beyond Quantum Key Distribution

Quantum cryptography is the art and science of exploiting quantum mechanical effects in order to perform cryptographic tasks. While the most well-known example of this discipline is quantum key distribution (QKD), there exist many other applications such as quantum money, randomness generation, secure two- and multi-party computation and delegated quantum computation. Quantum cryptography also studies the limitations and challenges resulting from quantum adversaries---including the impossibility of quantum bit commitment, the difficulty of quantum rewinding and the definition of quantum security models for classical primitives. In this review article, aimed primarily at cryptographers unfamiliar with the quantum world, we survey the area of theoretical quantum cryptography, with an emphasis on the constructions and limitations beyond the realm of QKD.Comment: 45 pages, over 245 reference

Critical Perspectives on Provable Security: Fifteen Years of Another Look Papers

We give an overview of our critiques of “proofs” of security and a guide to our papers on the subject that have appeared over the past decade and a half. We also provide numerous additional examples and a few updates and errata

Quantum Lightning Never Strikes the Same State Twice

Public key quantum money can be seen as a version of the quantum no-cloning theorem that holds even when the quantum states can be verified by the adversary. In this work, investigate quantum lightning, a formalization of "collision-free quantum money" defined by Lutomirski et al. [ICS'10], where no-cloning holds even when the adversary herself generates the quantum state to be cloned. We then study quantum money and quantum lightning, showing the following results: - We demonstrate the usefulness of quantum lightning by showing several potential applications, such as generating random strings with a proof of entropy, to completely decentralized cryptocurrency without a block-chain, where transactions is instant and local. - We give win-win results for quantum money/lightning, showing that either signatures/hash functions/commitment schemes meet very strong recently proposed notions of security, or they yield quantum money or lightning. - We construct quantum lightning under the assumed multi-collision resistance of random degree-2 systems of polynomials. - We show that instantiating the quantum money scheme of Aaronson and Christiano [STOC'12] with indistinguishability obfuscation that is secure against quantum computers yields a secure quantum money schem

An Efficient identity based Multi-receiver Signcryption Scheme using ECC

ABSTRACT Signcryption is a technique of performing signature and encryption in a single logical step. It is a secure and efficient technique of providing security between the sender and the receiver so that the data send by the sender should be made secure from various types of attacks such as desynchronization attacks, identity disclosure attack and spoofing attacks. Although there are many technique implemented for the generation of signature and encryption. Here a new and efficient technique of signcryption has been implemented in a multireceiver environment on the basis of identity of the receiver. The proposed work given here is the implementation of signcryption scheme using elliptic curve cryptography where the authentication between sender and the receiver is based on the identity of the receiver