Decryption failure is more likely after success

The user of an imperfectly correct lattice-based public-key encryption scheme leaks information about their secret key with each decryption query that they answer---even if they answer all queries successfully. Through a refinement of the D\u27Anvers--Guo--Johansson--Nilsson--Vercauteren--Verbauwhede failure boosting attack, we show that an adversary can use this information to improve his odds of finding a decryption failure. We also propose a new definition of $\delta$-correctness, and we re-assess the correctness of several submissions to NIST\u27s post-quantum standardization effort

Analysis of common attacks in LDPCC-based public-key cryptosystems

We analyze the security and reliability of a recently proposed class of public-key cryptosystems against attacks by unauthorized parties who have acquired partial knowledge of one or more of the private key components and/or of the plaintext. Phase diagrams are presented, showing critical partial knowledge levels required for unauthorized decryptionComment: 14 pages, 6 figure

Pendekatan konstruktif dalam inovasi pengajaran dan pembelajaran Bahasa Melayu di Kolej Vokasional

Pendekatan konstruktif adalah pendekatan pengajaran dan pembelajaran yang berpusatkan pelajar manakala inovasi pengajaran pula dikaitkan dengan kaedah pengajaran yang terbaru demi mengukuhkan pemahaman pelajar. Pembelajaran berasaskan pendekatan konstruktif merupakan elemen yang penting dan perlu difahami oleh guru-guru bagi memantapkan proses pengajaran dan pembelajaran sesuai dengan peredaran masa dan menjayakan proses tranformasi pendidikan negara. Objektif kajian ini dijalankan untuk mengenal pasti pemahaman guru-guru bahasa Melayu berkaitan inovasi, mengenal pasti perbezaan yang wujud antara guru lelaki dan guru perempuan dalam mengamalkan inovasi, pengkaji juga melihat adakah wujud perbezaan antara guru baru dan guru yang sudah berpengalaman dalam aspek mengaplikasikan inovasi serta mengenal pasti kekangan-kekangan yang dialami oleh para guru untuk mengaplikasikan inovasi di sekolah. Seramai 63 orang guru bahasa Melayu dari lapan buah kolej vokasional telah dipilih sebagai responden dalam kajian ini. Data dianalisis menggunakan perisian Winsteps 3.69.1.11 dengan pendekatan Model Pengukuran Rasch. Hasil analisis menunjukkan bahawa guru�guru bahasa Melayu memahami kepentingan inovasi dalam pengajaran dan pembelajaran. Hasil kajian juga menunjukkan guru-guru perempuan lebih banyak menerapkan unsur inovasi dalam pengajaran berbanding guru lelaki. Walaupun begitu, aspek pengalaman tidak menunjukkan perbezaan dari segi pengamalan inovasi sama ada guru baru ataupun guru yang sudah berpengalaman. Pengkaji juga mengenal pasti beberapa kekangan yang dialami oleh guru-guru untuk mengamalkan inovasi ini. Sebagai langkah untuk menangani masalah berkenaan, beberapa cadangan telah dikemukakan oleh pengkaji bagi memastikan guru-guru dapat merealisasikan proses pengajaran berkesan dengan penerapan inovasi mengikut model pendekatan konstruktif. Pengkaji berharap, kajian ini dapat dijadikan sebagai satu panduan kepada pelaksana kurikulum bagi memastikan budaya inovasi sentiasa menjadi amalan dalam kalangan guru demi mengangkat profesionalisme guru di Malaysia

Analysis of reaction and timing attacks against cryptosystems based on sparse parity-check codes

In this paper we study reaction and timing attacks against cryptosystems based on sparse parity-check codes, which encompass low-density parity-check (LDPC) codes and moderate-density parity-check (MDPC) codes. We show that the feasibility of these attacks is not strictly associated to the quasi-cyclic (QC) structure of the code but is related to the intrinsically probabilistic decoding of any sparse parity-check code. So, these attacks not only work against QC codes, but can be generalized to broader classes of codes. We provide a novel algorithm that, in the case of a QC code, allows recovering a larger amount of information than that retrievable through existing attacks and we use this algorithm to characterize new side-channel information leakages. We devise a theoretical model for the decoder that describes and justifies our results. Numerical simulations are provided that confirm the effectiveness of our approach

General Impossibility of Group Homomorphic Encryption in the Quantum World

Group homomorphic encryption represents one of the most important building blocks in modern cryptography. It forms the basis of widely-used, more sophisticated primitives, such as CCA2-secure encryption or secure multiparty computation. Unfortunately, recent advances in quantum computation show that many of the existing schemes completely break down once quantum computers reach maturity (mainly due to Shor's algorithm). This leads to the challenge of constructing quantum-resistant group homomorphic cryptosystems. In this work, we prove the general impossibility of (abelian) group homomorphic encryption in the presence of quantum adversaries, when assuming the IND-CPA security notion as the minimal security requirement. To this end, we prove a new result on the probability of sampling generating sets of finite (sub-)groups if sampling is done with respect to an arbitrary, unknown distribution. Finally, we provide a sufficient condition on homomorphic encryption schemes for our quantum attack to work and discuss its satisfiability in non-group homomorphic cases. The impact of our results on recent fully homomorphic encryption schemes poses itself as an open question.Comment: 20 pages, 2 figures, conferenc

The Random Oracle Methodology, Revisited

We take a critical look at the relationship between the security of cryptographic schemes in the Random Oracle Model, and the security of the schemes that result from implementing the random oracle by so called "cryptographic hash functions". The main result of this paper is a negative one: There exist signature and encryption schemes that are secure in the Random Oracle Model, but for which any implementation of the random oracle results in insecure schemes. In the process of devising the above schemes, we consider possible definitions for the notion of a "good implementation" of a random oracle, pointing out limitations and challenges.Comment: 31 page

A New Cryptosystem Based On Hidden Order Groups

Let $G_1$ be a cyclic multiplicative group of order $n$. It is known that the Diffie-Hellman problem is random self-reducible in $G_1$ with respect to a fixed generator $g$ if $\phi(n)$ is known. That is, given $g, g^x\in G_1$ and having oracle access to a `Diffie-Hellman Problem' solver with fixed generator $g$, it is possible to compute $g^{1/x} \in G_1$ in polynomial time (see theorem 3.2). On the other hand, it is not known if such a reduction exists when $\phi(n)$ is unknown (see conjuncture 3.1). We exploit this ``gap'' to construct a cryptosystem based on hidden order groups and present a practical implementation of a novel cryptographic primitive called an \emph{Oracle Strong Associative One-Way Function} (O-SAOWF). O-SAOWFs have applications in multiparty protocols. We demonstrate this by presenting a key agreement protocol for dynamic ad-hoc groups.Comment: removed examples for multiparty key agreement and join protocols, since they are redundan

Security architectures in mobile integrated pay-TV

This paper presents the design and describes the advantage of the state-of-the-art Mobile Integrated Conditional Access System (MICAS) concerning interoperability, personalisation, security and operational costs in Pay-TV systems. The Message Handling Subsystem is proposed and outlined together with ‘Follow-Me’ service, which proposed herewith to extend mobility and personalisation concepts on Pay-TV service