5,746 research outputs found
Still Wrong Use of Pairings in Cryptography
Several pairing-based cryptographic protocols are recently proposed with a
wide variety of new novel applications including the ones in emerging
technologies like cloud computing, internet of things (IoT), e-health systems
and wearable technologies. There have been however a wide range of incorrect
use of these primitives. The paper of Galbraith, Paterson, and Smart (2006)
pointed out most of the issues related to the incorrect use of pairing-based
cryptography. However, we noticed that some recently proposed applications
still do not use these primitives correctly. This leads to unrealizable,
insecure or too inefficient designs of pairing-based protocols. We observed
that one reason is not being aware of the recent advancements on solving the
discrete logarithm problems in some groups. The main purpose of this article is
to give an understandable, informative, and the most up-to-date criteria for
the correct use of pairing-based cryptography. We thereby deliberately avoid
most of the technical details and rather give special emphasis on the
importance of the correct use of bilinear maps by realizing secure
cryptographic protocols. We list a collection of some recent papers having
wrong security assumptions or realizability/efficiency issues. Finally, we give
a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page
Problems on q-Analogs in Coding Theory
The interest in -analogs of codes and designs has been increased in the
last few years as a consequence of their new application in error-correction
for random network coding. There are many interesting theoretical, algebraic,
and combinatorial coding problems concerning these q-analogs which remained
unsolved. The first goal of this paper is to make a short summary of the large
amount of research which was done in the area mainly in the last few years and
to provide most of the relevant references. The second goal of this paper is to
present one hundred open questions and problems for future research, whose
solution will advance the knowledge in this area. The third goal of this paper
is to present and start some directions in solving some of these problems.Comment: arXiv admin note: text overlap with arXiv:0805.3528 by other author
Tables of subspace codes
One of the main problems of subspace coding asks for the maximum possible
cardinality of a subspace code with minimum distance at least over
, where the dimensions of the codewords, which are vector
spaces, are contained in . In the special case of
one speaks of constant dimension codes. Since this (still) emerging
field is very prosperous on the one hand side and there are a lot of
connections to classical objects from Galois geometry it is a bit difficult to
keep or to obtain an overview about the current state of knowledge. To this end
we have implemented an on-line database of the (at least to us) known results
at \url{subspacecodes.uni-bayreuth.de}. The aim of this recurrently updated
technical report is to provide a user guide how this technical tool can be used
in research projects and to describe the so far implemented theoretic and
algorithmic knowledge.Comment: 44 pages, 6 tables, 7 screenshot
Message Encoding for Spread and Orbit Codes
Spread codes and orbit codes are special families of constant dimension
subspace codes. These codes have been well-studied for their error correction
capability and transmission rate, but the question of how to encode messages
has not been investigated. In this work we show how the message space can be
chosen for a given code and how message en- and decoding can be done.Comment: Submitted to IEEE International Symposium on Information Theory 201
A Smart Approach for GPT Cryptosystem Based on Rank Codes
The concept of Public- key cryptosystem was innovated by McEliece's
cryptosystem. The public key cryptosystem based on rank codes was presented in
1991 by Gabidulin -Paramonov-Trejtakov(GPT). The use of rank codes in
cryptographic applications is advantageous since it is practically impossible
to utilize combinatoric decoding. This has enabled using public keys of a
smaller size. Respective structural attacks against this system were proposed
by Gibson and recently by Overbeck. Overbeck's attacks break many versions of
the GPT cryptosystem and are turned out to be either polynomial or exponential
depending on parameters of the cryptosystem. In this paper, we introduce a new
approach, called the Smart approach, which is based on a proper choice of the
distortion matrix X. The Smart approach allows for withstanding all known
attacks even if the column scrambler matrix P over the base field Fq.Comment: 5 pages. to appear in Proceedings of IEEE ISIT201
Solving Shift Register Problems over Skew Polynomial Rings using Module Minimisation
For many algebraic codes the main part of decoding can be reduced to a shift
register synthesis problem. In this paper we present an approach for solving
generalised shift register problems over skew polynomial rings which occur in
error and erasure decoding of -Interleaved Gabidulin codes. The algorithm
is based on module minimisation and has time complexity where
measures the size of the input problem.Comment: 10 pages, submitted to WCC 201
On the Duality of Probing and Fault Attacks
In this work we investigate the problem of simultaneous privacy and integrity
protection in cryptographic circuits. We consider a white-box scenario with a
powerful, yet limited attacker. A concise metric for the level of probing and
fault security is introduced, which is directly related to the capabilities of
a realistic attacker. In order to investigate the interrelation of probing and
fault security we introduce a common mathematical framework based on the
formalism of information and coding theory. The framework unifies the known
linear masking schemes. We proof a central theorem about the properties of
linear codes which leads to optimal secret sharing schemes. These schemes
provide the lower bound for the number of masks needed to counteract an
attacker with a given strength. The new formalism reveals an intriguing duality
principle between the problems of probing and fault security, and provides a
unified view on privacy and integrity protection using error detecting codes.
Finally, we introduce a new class of linear tamper-resistant codes. These are
eligible to preserve security against an attacker mounting simultaneous probing
and fault attacks
- …