Some Applications of Coding Theory in Cryptography

viii+80hlm.;24c

Quantum cryptography: key distribution and beyond

Uniquely among the sciences, quantum cryptography has driven both foundational research as well as practical real-life applications. We review the progress of quantum cryptography in the last decade, covering quantum key distribution and other applications.Comment: It's a review on quantum cryptography and it is not restricted to QK

Quantum Cryptography: Key Distribution and Beyond

Uniquely among the sciences, quantum cryptography has driven both foundational research as well as practical real-life applications. We review the progress of quantum cryptography in the last decade, covering quantum key distribution and other applications.Quanta 2017; 6: 1–47

Security performance and protocol consideration in optical communication system with optical layer security enabled by optical coding techniques

With the fast development of communication systems, network security issues have more and more impact on daily life. It is essential to construct a high degree of optical layer security to resolve the security problem once and for all. Three different techniques which can provide optical layer security are introduced and compared. Optical chaos can be used for fast random number generation. Quantum cryptography is the most promising technique for key distribution. And the optical coding techniques can be deployed to encrypt the modulated signal in the optical layer. A mathematical equation has been derived from information theory to evaluate the information-theoretic security level of the wiretap channel in optical coding schemes. And the merits and limitation of two coherent optical coding schemes, temporal phase coding and spectral phase coding, have been analysed. The security scheme based on a reconfigurable optical coding device has been introduced, and the corresponding security protocol has been developed. By moving the encryption operation from the electronic layer to the optical layer, the modulated signals become opaque to the unauthorised users. Optical code distribution and authentication is the one of the major challenges for our proposed scheme. In our proposed protocol, both of the operations are covered and defined in detail. As a preliminary draft of the optical code security protocol, it could be a useful guidance for further research

Rank AGS Identification Scheme and Signature Scheme

The identification protocol is a type of zero-knowledge proof. One party (the prover) needs to prove his identity to another party (the verifier) without revealing the secret key to the verifier. One can apply the Fiat–Shamir transformation to convert an identification scheme into a signature scheme which can be used for achieving security purposes and cryptographic purposes, especially for authentication. In this paper, we recall an identification protocol, namely the RankID scheme, and show that the scheme is incorrect and insecure. Then, we proposed a more natural approach to construct the rank version of the AGS identification protocol and show that our construction overcomes the security flaws in the RankID scheme. Our proposal achieves better results when comparing the public key size, secret key size, and signature size with the existing identification schemes, such as Rank RVDC and Rank CVE schemes. Our proposal also achieves 90%, 50%, and 96% reduction for the signature size, secret key size, and public key size when compared to the Rank CVE signature scheme.</jats:p

Tamper Resilient Circuits: The Adversary at the Gates

We initiate the investigation of {\em gate}-tampering attacks against cryptographic circuits. Our model is motivated by the plausibility of tampering directly with circuit gates and by the increasing use of {\em tamper resilient gates} among the known constructions that are shown to be resilient against {\em wire-tampering} adversaries. We prove that gate-tampering is {\em strictly} stronger than wire-tampering. On the one hand, we show that there is a gate-tampering strategy that perfectly simulates any given wire-tampering strategy. On the other, we construct families of circuits over which it is impossible for any wire-tampering attacker to simulate a certain gate-tampering attack (that we explicitly construct). We also provide a tamper resilience impossibility result that applies to both gate and wire tampering adversaries and relates the amount of tampering to the depth of the circuit. Finally, we show that defending against gate-tampering attacks is feasible by appropriately abstracting and analyzing the circuit compiler of Ishai et al. \cite{Ishai:2006a} in a manner which may be of independent interest. Specifically, we first introduce a class of compilers that, assuming certain well defined tamper resilience characteristics against a specific class of attackers, can be shown to produce tamper resilient circuits against that same class of attackers. Then, we describe a compiler in this class for which we prove that it possesses the necessary tamper-resilience characteristics against gate-tampering attackers

Tamper resilient circuits

Η εύρεση αποτελεσματικών αλγορίθμων προστασίας λογικών κυκλωμάτων, τα οποία υλοποιούν κρυπτογραφικά συστήματα εκτεθειμένα σε φυσικές επιθέσεις, αποτελεί ένα από τα ανοιχτά προβλήματα της σύγχρονης κρυπτογραφίας. Συγκεκριμένα, θεωρούμε ότι το κύκλωμα αναπαριστάται από ένα κατευθυνόμενο ακυκλικό γράφημα G(V, E), κάθε κόμβος του οποίου αντιστοιχεί σε μια λογική πύλη ή είναι κόμβος εισόδου ή κόμβος εξόδου, και κάθε ακμή αντιστοιχεί σε ένα καλώδιο του κυκλώματος. Επιπλέον, το γράφημα αποτελείται από ένα σύνολο κόμβων V&apos;, οι οποίοι αναπαριστούν το μυστικό κλειδί του κρυπτογραφικού αλγορίθμου. Ως υπολογισμό ορίζουμε την κατά πλάτος διάσχυση του γραφήματος. Το μοντέλο ασφάλειας θεωρεί αντιπάλους οι οποίοι δύνανται να αλλοιώσουν τον υπολογισμό αλληλεπιδρώντας με στοιχεία απο το σύνολο $E \cup V$, με απώτερο σκοπό την εξαγωγή του μυστικού κλειδιού. Στόχος, λοιπόν, είναι η εύρεση αποδοτικών αλγορίθμων προστασίας του υπολογισμού, μέσω του μετασχηματισμού του γραφήματος G σε ένα γράφημα G&apos; το οποίο θα πληροί τις ακόλουθες ιδιότητες: (i) o υπολογισμός που αναπαριστάται από το γράφημα G ταυτίζεται με εκείνον του G&apos;, (ii) με μεγάλη πιθανότητα η επίθεση ενός αντιπάλου θα γίνει αντιληπτή από τον υπολογισμό και θα οδηγήσει σε διαγραφή του κρυπτογραφικού κλειδιού. Σκοπός, λοιπόν, της παρούσας διπλωματικής εργασίας είναι η θεωρητική μελέτη και κατασκευή, αποδοτικών μετασχηματισμών προστασίας κυκλωμάτων εναντίον επιθέσεων στην υλοποίηση.This dissertation studies the effect of gate-tampering attacks against cryptographic circuits. The proposed adversarial model is motivated by the plausibility of tampering directly with circuit gates and by the increasing use of tamper resilient gates among the known constructions that are shown to be resilient against wire-tampering adversaries. We prove that gate-tampering is strictly stronger than wire-tampering. On the one hand, we show that there is a gate-tampering strategy that perfectly simulates any given wire-tampering strategy. On the other, we construct families of circuits over which it is impossible for any wire-tampering attacker to simulate a certain gate-tampering attack (that we explicitly construct). We also provide a tamper resilience impossibility result that applies to both gate and wire tampering adversaries and relates the amount of tampering to the depth of the circuit. Finally, we show that defending against gate-tampering attacks is feasible by appropriately abstracting and analyzing the circuit compiler of Ishai et al. in a manner which may be of independent interest. Specifically, we first introduce a class of compilers that, assuming certain well defined tamper resilience characteristics against a specific class of attackers, can be shown to produce tamper resilient circuits against that same class of attackers. Then, we describe a compiler in this class for which we prove that it possesses the necessary tamper-resilience characteristics against gate-tampering attackers

Algorithms for Matrix Code and Alternating Trilinear Form Equivalences via New Isomorphism Invariants

We devise algorithms for finding equivalences of trilinear forms over finite fields modulo linear group actions. Our focus is on two problems under this umbrella, Matrix Code Equivalence (MCE) and Alternating Trilinear Form Equivalence (ATFE), since their hardness is the foundation of the NIST round-$1$ signature candidates MEDS and ALTEQ respectively. We present new algorithms for MCE and ATFE, which are further developments of the algorithms for polynomial isomorphism and alternating trilinear form equivalence, in particular by Bouillaguet, Fouque, and Véber (Eurocrypt 2013), and Beullens (Crypto 2023). Key ingredients in these algorithms are new easy-to-compute distinguishing invariants under the respective group actions. For MCE, we associate new isomorphism invariants to corank-$1$ points of matrix codes, which lead to a birthday-type algorithm. We present empirical justifications that these isomorphism invariants are easy-to-compute and distinguishing, and provide an implementation of this algorithm. This algorithm has some implications to the security of MEDS. The invariant function for ATFE is similar, except it is associated with lower rank points. Modulo certain assumptions on turning the invariant function into canonical forms, our algorithm for ATFE improves on the runtime of the previously best known algorithm of Beullens (Crypto 2023). Finally, we present quantum variants of our classical algorithms with cubic runtime improvements

Concurrent Error Detection in Finite Field Arithmetic Operations

With significant advances in wired and wireless technologies and also increased shrinking in the size of VLSI circuits, many devices have become very large because they need to contain several large units. This large number of gates and in turn large number of transistors causes the devices to be more prone to faults. These faults specially in sensitive and critical applications may cause serious failures and hence should be avoided. On the other hand, some critical applications such as cryptosystems may also be prone to deliberately injected faults by malicious attackers. Some of these faults can produce erroneous results that can reveal some important secret information of the cryptosystems. Furthermore, yield factor improvement is always an important issue in VLSI design and fabrication processes. Digital systems such as cryptosystems and digital signal processors usually contain finite field operations. Therefore, error detection and correction of such operations have become an important issue recently. In most of the work reported so far, error detection and correction are applied using redundancies in space (hardware), time, and/or information (coding theory). In this work, schemes based on these redundancies are presented to detect errors in important finite field arithmetic operations resulting from hardware faults. Finite fields are used in a number of practical cryptosystems and channel encoders/decoders. The schemes presented here can detect errors in arithmetic operations of finite fields represented in different bases, including polynomial, dual and/or normal basis, and implemented in various architectures, including bit-serial, bit-parallel and/or systolic arrays