5,894 research outputs found
Still Wrong Use of Pairings in Cryptography
Several pairing-based cryptographic protocols are recently proposed with a
wide variety of new novel applications including the ones in emerging
technologies like cloud computing, internet of things (IoT), e-health systems
and wearable technologies. There have been however a wide range of incorrect
use of these primitives. The paper of Galbraith, Paterson, and Smart (2006)
pointed out most of the issues related to the incorrect use of pairing-based
cryptography. However, we noticed that some recently proposed applications
still do not use these primitives correctly. This leads to unrealizable,
insecure or too inefficient designs of pairing-based protocols. We observed
that one reason is not being aware of the recent advancements on solving the
discrete logarithm problems in some groups. The main purpose of this article is
to give an understandable, informative, and the most up-to-date criteria for
the correct use of pairing-based cryptography. We thereby deliberately avoid
most of the technical details and rather give special emphasis on the
importance of the correct use of bilinear maps by realizing secure
cryptographic protocols. We list a collection of some recent papers having
wrong security assumptions or realizability/efficiency issues. Finally, we give
a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page
Tables of subspace codes
One of the main problems of subspace coding asks for the maximum possible
cardinality of a subspace code with minimum distance at least over
, where the dimensions of the codewords, which are vector
spaces, are contained in . In the special case of
one speaks of constant dimension codes. Since this (still) emerging
field is very prosperous on the one hand side and there are a lot of
connections to classical objects from Galois geometry it is a bit difficult to
keep or to obtain an overview about the current state of knowledge. To this end
we have implemented an on-line database of the (at least to us) known results
at \url{subspacecodes.uni-bayreuth.de}. The aim of this recurrently updated
technical report is to provide a user guide how this technical tool can be used
in research projects and to describe the so far implemented theoretic and
algorithmic knowledge.Comment: 44 pages, 6 tables, 7 screenshot
Problems on q-Analogs in Coding Theory
The interest in -analogs of codes and designs has been increased in the
last few years as a consequence of their new application in error-correction
for random network coding. There are many interesting theoretical, algebraic,
and combinatorial coding problems concerning these q-analogs which remained
unsolved. The first goal of this paper is to make a short summary of the large
amount of research which was done in the area mainly in the last few years and
to provide most of the relevant references. The second goal of this paper is to
present one hundred open questions and problems for future research, whose
solution will advance the knowledge in this area. The third goal of this paper
is to present and start some directions in solving some of these problems.Comment: arXiv admin note: text overlap with arXiv:0805.3528 by other author
Johnson type bounds for mixed dimension subspace codes
Subspace codes, i.e., sets of subspaces of , are applied in
random linear network coding. Here we give improved upper bounds for their
cardinalities based on the Johnson bound for constant dimension codes.Comment: 16 pages, typos correcte
A Distinguisher-Based Attack on a Variant of McEliece's Cryptosystem Based on Reed-Solomon Codes
Baldi et \textit{al.} proposed a variant of McEliece's cryptosystem. The main
idea is to replace its permutation matrix by adding to it a rank 1 matrix. The
motivation for this change is twofold: it would allow the use of codes that
were shown to be insecure in the original McEliece's cryptosystem, and it would
reduce the key size while keeping the same security against generic decoding
attacks. The authors suggest to use generalized Reed-Solomon codes instead of
Goppa codes. The public code built with this method is not anymore a
generalized Reed-Solomon code. On the other hand, it contains a very large
secret generalized Reed-Solomon code. In this paper we present an attack that
is built upon a distinguisher which is able to identify elements of this secret
code. The distinguisher is constructed by considering the code generated by
component-wise products of codewords of the public code (the so-called "square
code"). By using square-code dimension considerations, the initial generalized
Reed-Solomon code can be recovered which permits to decode any ciphertext. A
similar technique has already been successful for mounting an attack against a
homomorphic encryption scheme suggested by Bogdanoc et \textit{al.}. This work
can be viewed as another illustration of how a distinguisher of Reed-Solomon
codes can be used to devise an attack on cryptosystems based on them.Comment: arXiv admin note: substantial text overlap with arXiv:1203.668
- …