26,777 research outputs found
Key Substitution in the Symbolic Analysis of Cryptographic Protocols (extended version)
Key substitution vulnerable signature schemes are signature schemes that
permit an intruder, given a public verification key and a signed message, to
compute a pair of signature and verification keys such that the message appears
to be signed with the new signature key. A digital signature scheme is said to
be vulnerable to destructive exclusive ownership property (DEO) If it is
computationaly feasible for an intruder, given a public verification key and a
pair of message and its valid signature relatively to the given public key, to
compute a pair of signature and verification keys and a new message such that
the given signature appears to be valid for the new message relatively to the
new verification key. In this paper, we prove decidability of the insecurity
problem of cryptographic protocols where the signature schemes employed in the
concrete realisation have this two properties
Multiplexing scheme for simplified entanglement-based large-alphabet quantum key distribution
We propose a practical quantum cryptographic scheme which combines high
information capacity, such as provided by high-dimensional quantum
entanglement, with the simplicity of a two-dimensional
Clauser-Horne-Shimony-Holt (CHSH) Bell test for security verification. By
applying a state combining entanglement in a two-dimensional degree of freedom,
such as photon polarization, with high-dimensional correlations in another
degree of freedom, such as photon orbital angular momentum (OAM) or path, the
scheme provides a considerably simplified route towards security verification
in quantum key distribution (QKD) aimed at exploiting high-dimensional quantum
systems for increased secure key rates. It also benefits from security against
collective attacks and is feasible using currently available technologies.Comment: 7 pages, 3 figure
Extending and Applying a Framework for the Cryptographic Verification of Java Programs
Abstract. In our previous work, we have proposed a framework which allows tools that can check standard noninterference properties but a priori cannot deal with cryptography to establish cryptographic indistinguishability properties, such as privacy properties, for Java programs. We refer to this framework as the CVJ framework (Cryptographic Verification of Java Programs) in this paper. While so far the CVJ framework directly supports public-key encryption (without corruption and without a public-key infrastructure) only, in this work we further instantiate the framework to support, among others, public-key encryption and digital signatures, both with corruption and a public-key infrastructure, as well as (private) symmetric encryption. Since these cryptographic primitives are very common in security-critical applications, our extensions make the framework much more widely applicable. To illustrate the usefulness and applicability of the extensions proposed in this paper, we apply the framework along with the tool Joana, which allows for the fully automatic verification of noninterference properties of Java programs, to establish cryptographic privacy properties of a (non-trivial) cloud storage application, where clients can store private information on a remote server.
High-level Cryptographic Abstractions
The interfaces exposed by commonly used cryptographic libraries are clumsy,
complicated, and assume an understanding of cryptographic algorithms. The
challenge is to design high-level abstractions that require minimum knowledge
and effort to use while also allowing maximum control when needed.
This paper proposes such high-level abstractions consisting of simple
cryptographic primitives and full declarative configuration. These abstractions
can be implemented on top of any cryptographic library in any language. We have
implemented these abstractions in Python, and used them to write a wide variety
of well-known security protocols, including Signal, Kerberos, and TLS.
We show that programs using our abstractions are much smaller and easier to
write than using low-level libraries, where size of security protocols
implemented is reduced by about a third on average. We show our implementation
incurs a small overhead, less than 5 microseconds for shared key operations and
less than 341 microseconds (< 1%) for public key operations. We also show our
abstractions are safe against main types of cryptographic misuse reported in
the literature
Low dimensional bound entanglement with one-way distillable cryptographic key
We provide a class of bound entangled states that have positive distillable
secure key rate. The smallest state of this kind is , which shows
that peculiar security contained in bound entangled states does not need high
dimensional systems. We show, that for these states a positive key rate can be
obtained by {\it one-way} Devetak-Winter protocol. Subsequently the volume of
bound entangled key-distillable states in arbitrary dimension is shown to be
nonzero. We provide a scheme of verification of cryptographic quality of
experimentally prepared state in terms of local observables. Proposed set of 7
collective settings is proven to be optimal in number of settings.Comment: 5 pages, ReVTex
- …