48 research outputs found
On the Design of Cryptographic Primitives
The main objective of this work is twofold. On the one hand, it gives a brief
overview of the area of two-party cryptographic protocols. On the other hand,
it proposes new schemes and guidelines for improving the practice of robust
protocol design. In order to achieve such a double goal, a tour through the
descriptions of the two main cryptographic primitives is carried out. Within
this survey, some of the most representative algorithms based on the Theory of
Finite Fields are provided and new general schemes and specific algorithms
based on Graph Theory are proposed
A Private Interactive Test of a Boolean Predicate and Minimum-Knowledge Public-Key Cryptosystems
We introduce a new two-party protocol with the following properties: 1. The protocol gives a proof of the value, 0 or 1, of a particular Boolean predicate which is (assumed to be) hard to compute. This extends the 'interactive proof systems' of (7), which are only used to prove that a certain predicate has value 1. 2. The protocol is provably minimum-knowledge ill the sense that it communicates no additional knowledge (besides the value of the predicate) that might be used, for example, to compromise the private key of a user of a public-key cryptosystem. 3. The protocol is result-indistinguishable: an eavesdropper, overhearing an execution of the protocol, does not know the value of the predicate that was proved. This bit is cryptographically secure. The protocol achieves this without the use of encryption functions, all messages being sent in the clear. These properties enable us to define a minimum-knowledge cryptosystem, in which each user receives exactly the knowledge he is supposed to receive and nothing more. In particular, the system is provably secure against both chosen-message and chosen-ciphertext attack. Moreover, extending the Diffie-Hellman model, it allows a user to encode messages to other users with his own public key. This enables a symmetric use of public-key encryption
A Survey on Homomorphic Encryption Schemes: Theory and Implementation
Legacy encryption systems depend on sharing a key (public or private) among
the peers involved in exchanging an encrypted message. However, this approach
poses privacy concerns. Especially with popular cloud services, the control
over the privacy of the sensitive data is lost. Even when the keys are not
shared, the encrypted material is shared with a third party that does not
necessarily need to access the content. Moreover, untrusted servers, providers,
and cloud operators can keep identifying elements of users long after users end
the relationship with the services. Indeed, Homomorphic Encryption (HE), a
special kind of encryption scheme, can address these concerns as it allows any
third party to operate on the encrypted data without decrypting it in advance.
Although this extremely useful feature of the HE scheme has been known for over
30 years, the first plausible and achievable Fully Homomorphic Encryption (FHE)
scheme, which allows any computable function to perform on the encrypted data,
was introduced by Craig Gentry in 2009. Even though this was a major
achievement, different implementations so far demonstrated that FHE still needs
to be improved significantly to be practical on every platform. First, we
present the basics of HE and the details of the well-known Partially
Homomorphic Encryption (PHE) and Somewhat Homomorphic Encryption (SWHE), which
are important pillars of achieving FHE. Then, the main FHE families, which have
become the base for the other follow-up FHE schemes are presented. Furthermore,
the implementations and recent improvements in Gentry-type FHE schemes are also
surveyed. Finally, further research directions are discussed. This survey is
intended to give a clear knowledge and foundation to researchers and
practitioners interested in knowing, applying, as well as extending the state
of the art HE, PHE, SWHE, and FHE systems.Comment: - Updated. (October 6, 2017) - This paper is an early draft of the
survey that is being submitted to ACM CSUR and has been uploaded to arXiv for
feedback from stakeholder
Security Analysis of ElGamal Implementations
International audienceThe ElGamal encryption scheme is not only the most extensively used alternative to RSA, but is also almost exclusively used in voting systems as an effective homomorphic encryption scheme. Being easily adaptable to a wide range of cryptographic groups, the ElGamal encryption scheme enjoys homomorphic properties while remaining semantically secure. This is subject to the upholding of the Decisional Diffie-Hellman (DDH) assumption on the chosen group. We analyze 26 libraries that implement the ElGamal encryption scheme and discover that 20 of them are semantically insecure as they do not respect the Decisional Diffie-Hellman (DDH) assumption. From the five libraries that do satisfy the DDH assumption, we identify and compare four different message encoding and decoding techniques
PRIVACY-PRESERVING QUERY PROCESSING ON OUTSOURCED DATABASES IN CLOUD COMPUTING
Database-as-a-Service (DBaaS) is a category of cloud computing services that enables IT providers to deliver database functionality as a service. In this model, a third party service provider known as a cloud server hosts a database and provides the associated software and hardware supports. Database outsourcing reduces the workload of the data owner in answering queries by delegating the tasks to powerful third-party servers with large computational and network resources. Despite the economic and technical benefits, privacy is the primary challenge posed by this category of services. By using these services, the data owners will lose the control of their databases. Moreover, the privacy of clients may be compromised since a curious cloud operator can follow the queries of a client and infer what the client is after. The challenge is to fulfill the main privacy goals of both the data owner and the clients without undermining the ability of the cloud server to return the correct query results.
This thesis considers the design of protocols that protect the privacy of the clients and the data owners in the DBaaS model. Such protocols must protect the privacy of the clients so that the data owner and the cloud server cannot infer the constants contained in the query predicate as well as the query result. Moreover, the data owner privacy should be preserved by ensuring that the sensitive information in the database is not leaked to the cloud server and nothing beyond the query result is revealed to the clients. The results of the complexity and performance analysis indicates that the proposed protocols incur reasonable communication and computation overhead on the client and the data owner, considering the added advantage of being able to perform the symmetrically-private database search
Π Π½Π΅ΡΡΠΎΠΉΠΊΠΎΡΡΠΈ Π΄Π²ΡΡ ΡΠΈΠΌΠΌΠ΅ΡΡΠΈΡΠ½ΡΡ Π³ΠΎΠΌΠΎΠΌΠΎΡΡΠ½ΡΡ ΠΊΡΠΈΠΏΡΠΎΡΠΈΡΡΠ΅ΠΌ, ΠΎΡΠ½ΠΎΠ²Π°Π½Π½ΡΡ Π½Π° ΡΠΈΡΡΠ΅ΠΌΠ΅ ΠΎΡΡΠ°ΡΠΎΡΠ½ΡΡ ΠΊΠ»Π°ΡΡΠΎΠ²
ΠΠ΄Π½ΠΎΠΉ ΠΈΠ· Π½Π°ΠΈΠ±ΠΎΠ»Π΅Π΅ Π°ΠΊΡΡΠ°Π»ΡΠ½ΡΡ
Π·Π°Π΄Π°Ρ, ΡΠ²ΡΠ·Π°Π½Π½ΡΡ
Ρ Π·Π°ΡΠΈΡΠΎΠΉ ΠΎΠ±Π»Π°ΡΠ½ΡΡ
Π²ΡΡΠΈΡΠ»Π΅Π½ΠΈΠΉ, ΡΠ²Π»ΡΠ΅ΡΡΡ Π°Π½Π°Π»ΠΈΠ· ΠΊΡΠΈΠΏΡΠΎΡΡΠΎΠΉΠΊΠΎΡΡΠΈ Π³ΠΎΠΌΠΎΠΌΠΎΡΡΠ½ΡΡ
ΡΠΈΡΡΠΎΠ². ΠΠ°Π½Π½Π°Ρ ΡΡΠ°ΡΡΡ ΠΏΠΎΡΠ²ΡΡΠ΅Π½Π° ΠΈΠ·ΡΡΠ΅Π½ΠΈΡ Π²ΠΎΠΏΡΠΎΡΠ° ΠΎ Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ Π΄Π²ΡΡ
Π½Π΅Π΄Π°Π²Π½ΠΎ ΠΏΡΠ΅Π΄Π»ΠΎΠΆΠ΅Π½Π½ΡΡ
Π³ΠΎΠΌΠΎΠΌΠΎΡΡΠ½ΡΡ
ΠΊΡΠΈΠΏΡΠΎΡΠΈΡΡΠ΅ΠΌ, ΠΊΠΎΡΠΎΡΡΠ΅, Π² ΡΠ²ΡΠ·ΠΈ Ρ ΠΈΡ
Π²ΡΡΠΎΠΊΠΎΠΉ Π²ΡΡΠΈΡΠ»ΠΈΡΠ΅Π»ΡΠ½ΠΎΠΉ ΡΡΡΠ΅ΠΊΡΠΈΠ²Π½ΠΎΡΡΡΡ, ΠΌΠΎΠ³ΡΡ Π±ΡΡΡ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½Ρ Π΄Π»Ρ ΡΠΈΡΡΠΎΠ²Π°Π½ΠΈΡ Π΄Π°Π½Π½ΡΡ
Π½Π° ΠΎΠ±Π»Π°ΡΠ½ΡΡ
ΡΠ΅ΡΠ²Π΅ΡΠ°Ρ
. ΠΠ±Π΅ ΠΊΡΠΈΠΏΡΠΎΡΠΈΡΡΠ΅ΠΌΡ ΠΎΡΠ½ΠΎΠ²Π°Π½Ρ Π½Π° ΡΠΈΡΡΠ΅ΠΌΠ°Ρ
ΠΎΡΡΠ°ΡΠΎΡΠ½ΡΡ
ΠΊΠ»Π°ΡΡΠΎΠ², ΡΡΠΎ ΠΏΠΎΠ·Π²ΠΎΠ»ΡΠ΅Ρ ΡΠ°ΡΡΠΌΠΎΡΡΠ΅ΡΡ ΠΈΡ
Ρ Π΅Π΄ΠΈΠ½ΡΡ
ΠΏΠΎΠ·ΠΈΡΠΈΠΉ. ΠΠΌΠ΅Π½Π½ΠΎ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΠ΅ ΡΠΈΡΡΠ΅ΠΌ ΠΎΡΡΠ°ΡΠΎΡΠ½ΡΡ
ΠΊΠ»Π°ΡΡΠΎΠ² Π΄Π΅Π»Π°Π΅Ρ ΠΏΡΠΈΠΌΠ΅Π½Π΅Π½ΠΈΠ΅ ΡΡΠΈΡ
ΠΊΡΠΈΠΏΡΠΎΡΠΈΡΡΠ΅ΠΌ Π² ΡΠ΅Π°Π»ΡΠ½ΡΡ
ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΡΡ
Π·Π°ΠΌΠ°Π½ΡΠΈΠ²ΡΠΌ Ρ ΡΠΎΡΠΊΠΈ Π·ΡΠ΅Π½ΠΈΡ ΡΡΡΠ΅ΠΊΡΠΈΠ²Π½ΠΎΡΡΠΈ ΠΏΠΎ ΡΡΠ°Π²Π½Π΅Π½ΠΈΡ Ρ Π΄ΡΡΠ³ΠΈΠΌΠΈ Π³ΠΎΠΌΠΎΠΌΠΎΡΡΠ½ΡΠΌΠΈ ΡΠΈΡΡΠ°ΠΌΠΈ, ΡΠ°ΠΊ ΠΊΠ°ΠΊ ΠΏΠΎΡΠ²Π»ΡΠ΅ΡΡΡ Π²ΠΎΠ·ΠΌΠΎΠΆΠ½ΠΎΡΡΡ Π»Π΅Π³ΠΊΠΎ ΡΠ°ΡΠΏΠ°ΡΠ°Π»Π»Π΅Π»ΠΈΡΡ Π²ΡΡΠΈΡΠ»Π΅Π½ΠΈΡ. ΠΠ΄Π½Π°ΠΊΠΎ ΠΈΡ
ΠΊΡΠΈΠΏΡΠΎΡΡΠΎΠΉΠΊΠΎΡΡΡ Π½Π΅ Π±ΡΠ»Π° Π² Π΄ΠΎΡΡΠ°ΡΠΎΡΠ½ΠΎΠΉ ΠΌΠ΅ΡΠ΅ ΠΈΠ·ΡΡΠ΅Π½Π° Π² Π»ΠΈΡΠ΅ΡΠ°ΡΡΡΠ΅ ΠΈ Π½ΡΠΆΠ΄Π°Π΅ΡΡΡ Π² Π°Π½Π°Π»ΠΈΠ·Π΅.
ΠΡΠΌΠ΅ΡΠΈΠΌ, ΡΡΠΎ ΡΠ°Π½Π΅Π΅ ΠΏΡΠ΅Π΄ΡΠ΅ΡΡΠ²Π΅Π½Π½ΠΈΠΊΠ°ΠΌΠΈ Π±ΡΠ»Π° ΡΠ°ΡΡΠΌΠΎΡΡΠ΅Π½Π° ΠΊΡΠΈΠΏΡΠΎΡΠΈΡΡΠ΅ΠΌΠ° ΠΏΠΎΡ
ΠΎΠΆΠ°Ρ Π½Π° ΠΎΠ΄ΠΈΠ½ ΠΈΠ· ΡΠΈΡΡΠΎΠ², ΠΊΡΠΈΠΏΡΠΎΡΡΠΎΠΉΠΊΠΎΡΡΡ ΠΊΠΎΡΠΎΡΠΎΠ³ΠΎ ΠΈΡΡΠ»Π΅Π΄ΡΠ΅ΡΡΡ. ΠΡΠ»Π° ΠΏΡΠ΅Π΄Π»ΠΎΠΆΠ΅Π½Π° ΠΈΠ΄Π΅Ρ Π°Π΄Π°ΠΏΡΠΈΠ²Π½ΠΎΠΉ Π°ΡΠ°ΠΊΠΈ ΠΏΠΎ Π²ΡΠ±ΡΠ°Π½Π½ΡΠΌ ΠΎΡΠΊΡΡΡΡΠΌ ΡΠ΅ΠΊΡΡΠ°ΠΌ Π½Π° ΡΡΡ ΠΊΠΎΠ½ΡΡΡΡΠΊΡΠΈΡ ΠΈ Π΄Π°Π½Π° ΠΎΡΠ΅Π½ΠΊΠ° Π½Π΅ΠΎΠ±Ρ
ΠΎΠ΄ΠΈΠΌΠΎΠ³ΠΎ Π΄Π»Ρ ΡΠ°ΡΠΊΡΡΡΠΈΡ ΠΊΠ»ΡΡΠ° ΠΊΠΎΠ»ΠΈΡΠ΅ΡΡΠ²Π° ΠΏΠ°Ρ >. ΠΠ΄Π΅ΡΡ ΠΏΡΠΎΠ²ΠΎΠ΄ΠΈΡΡΡ Π°Π½Π°Π»ΠΈΠ· ΡΡΠΎΠΉ Π°ΡΠ°ΠΊΠΈ ΠΈ ΠΏΠΎΠΊΠ°Π·ΡΠ²Π°Π΅ΠΌ, ΡΡΠΎ ΠΈΠ½ΠΎΠ³Π΄Π° ΠΎΠ½Π° ΠΌΠΎΠΆΠ΅Ρ ΡΠ°Π±ΠΎΡΠ°ΡΡ Π½Π΅ΠΊΠΎΡΡΠ΅ΠΊΡΠ½ΠΎ. Π’Π°ΠΊΠΆΠ΅ ΠΎΠΏΠΈΡΡΠ²Π°Π΅ΡΡΡ Π±ΠΎΠ»Π΅Π΅ ΠΎΠ±ΡΠΈΠΉ Π°Π»Π³ΠΎΡΠΈΡΠΌ Π°ΡΠ°ΠΊΠΈ Ρ ΠΈΠ·Π²Π΅ΡΡΠ½ΡΠΌΠΈ ΠΎΡΠΊΡΡΡΡΠΌΠΈ ΡΠ΅ΠΊΡΡΠ°ΠΌΠΈ. ΠΡΠΈΠ²ΠΎΠ΄ΡΡΡΡ ΡΠ΅ΠΎΡΠ΅ΡΠΈΡΠ΅ΡΠΊΠΈΠ΅ ΠΎΡΠ΅Π½ΠΊΠΈ Π²Π΅ΡΠΎΡΡΠ½ΠΎΡΡΠΈ ΡΡΠΏΠ΅ΡΠ½ΠΎΠ³ΠΎ ΡΠ°ΡΠΊΡΡΡΠΈΡ ΡΠ΅ΠΊΡΠ΅ΡΠ½ΠΎΠ³ΠΎ ΠΊΠ»ΡΡΠ° Ρ Π΅Π³ΠΎ ΠΏΠΎΠΌΠΎΡΡΡ ΠΈ ΠΏΡΠ°ΠΊΡΠΈΡΠ΅ΡΠΊΠΈΠ΅ ΠΎΡΠ΅Π½ΠΊΠΈ ΡΡΠΎΠΉ Π²Π΅ΡΠΎΡΡΠ½ΠΎΡΡΠΈ, ΠΏΠΎΠ»ΡΡΠ΅Π½Π½ΡΠ΅ Π² Ρ
ΠΎΠ΄Π΅ Π²ΡΡΠΈΡΠ»ΠΈΡΠ΅Π»ΡΠ½ΠΎΠ³ΠΎ ΡΠΊΡΠΏΠ΅ΡΠΈΠΌΠ΅Π½ΡΠ°.
ΠΠ°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΡ Π²ΡΠΎΡΠΎΠΉ ΠΊΡΠΈΠΏΡΠΎΡΠΈΡΡΠ΅ΠΌΡ Π½Π΅ Π±ΡΠ»Π° ΠΈΡΡΠ»Π΅Π΄ΠΎΠ²Π°Π½Π° ΡΠ°Π½Π΅Π΅ Π² Π»ΠΈΡΠ΅ΡΠ°ΡΡΡΠ΅. ΠΠ·ΡΡΠ΅Π½Π° Π΅Ρ ΡΡΠΎΠΉΠΊΠΎΡΡΡ ΠΊ Π°ΡΠ°ΠΊΠ΅ Ρ ΠΈΠ·Π²Π΅ΡΡΠ½ΡΠΌΠΈ ΠΎΡΠΊΡΡΡΡΠΌΠΈ ΡΠ΅ΠΊΡΡΠ°ΠΌΠΈ. ΠΡΠΎΠ°Π½Π°Π»ΠΈΠ·ΠΈΡΠΎΠ²Π°Π½Π° Π·Π°Π²ΠΈΡΠΈΠΌΠΎΡΡΡ Π½Π΅ΠΎΠ±Ρ
ΠΎΠ΄ΠΈΠΌΠΎΠ³ΠΎ Π΄Π»Ρ Π²Π·Π»ΠΎΠΌΠ° ΠΊΠΎΠ»ΠΈΡΠ΅ΡΡΠ²Π° ΠΏΠ°Ρ > ΠΎΡ ΠΏΠ°ΡΠ°ΠΌΠ΅ΡΡΠΎΠ² ΠΊΡΠΈΠΏΡΠΎΡΠΈΡΡΠ΅ΠΌΡ ΠΈ Π΄Π°Π½Ρ ΡΠ΅ΠΊΠΎΠΌΠ΅Π½Π΄Π°ΡΠΈΠΈ, ΠΊΠΎΡΠΎΡΡΠ΅ ΠΌΠΎΠ³ΡΡ ΠΏΠΎΠΌΠΎΡΡ ΡΠ»ΡΡΡΠΈΡΡ ΠΊΡΠΈΠΏΡΠΎΡΡΠΎΠΉΠΊΠΎΡΡΡ.
ΠΡΠΎΠ³ ΠΏΡΠΎΠ²Π΅Π΄Π΅Π½Π½ΠΎΠ³ΠΎ Π°Π½Π°Π»ΠΈΠ·Π° Π·Π°ΠΊΠ»ΡΡΠ°Π΅ΡΡΡ Π² ΡΠΎΠΌ, ΡΡΠΎ ΠΎΠ±Π΅ ΠΊΡΠΈΠΏΡΠΎΡΠΈΡΡΠ΅ΠΌΡ ΡΠ²Π»ΡΡΡΡΡ ΡΡΠ·Π²ΠΈΠΌΡΠΌΠΈ ΠΊ Π°ΡΠ°ΠΊΠ΅ Ρ ΠΈΠ·Π²Π΅ΡΡΠ½ΡΠΌΠΈ ΠΎΡΠΊΡΡΡΡΠΌΠΈ ΡΠ΅ΠΊΡΡΠ°ΠΌΠΈ. ΠΠΎΡΡΠΎΠΌΡ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΡ ΠΈΡ
Π΄Π»Ρ ΡΠΈΡΡΠΎΠ²Π°Π½ΠΈΡ ΠΊΠΎΠ½ΡΠΈΠ΄Π΅Π½ΡΠΈΠ°Π»ΡΠ½ΡΡ
Π΄Π°Π½Π½ΡΡ
ΠΌΠΎΠΆΠ΅Ρ Π±ΡΡΡ Π½Π΅Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎ.
ΠΡΠ½ΠΎΠ²Π½ΡΠΌ Π°Π»Π³ΠΎΡΠΈΡΠΌΠΎΠΌ, ΠΈΡΠΏΠΎΠ»ΡΠ·ΡΠ΅ΠΌΡΠΌ Π² ΠΏΡΠ΅Π΄Π»ΠΎΠΆΠ΅Π½Π½ΡΡ
Π°ΡΠ°ΠΊΠ°Ρ
Π½Π° ΠΊΡΠΈΠΏΡΠΎΡΠΈΡΡΠ΅ΠΌΡ, ΡΠ²Π»ΡΠ΅ΡΡΡ Π°Π»Π³ΠΎΡΠΈΡΠΌ ΠΏΠΎΠΈΡΠΊΠ° Π½Π°ΠΈΠ±ΠΎΠ»ΡΡΠ΅Π³ΠΎ ΠΎΠ±ΡΠ΅Π³ΠΎ Π΄Π΅Π»ΠΈΡΠ΅Π»Ρ. ΠΠ°ΠΊ ΡΠ»Π΅Π΄ΡΡΠ²ΠΈΠ΅, Π²ΡΠ΅ΠΌΡ, Π½Π΅ΠΎΠ±Ρ
ΠΎΠ΄ΠΈΠΌΠΎΠ΅ Π΄Π»Ρ ΡΠ΅Π°Π»ΠΈΠ·Π°ΡΠΈΠΈ Π°ΡΠ°ΠΊ, ΡΠ²Π»ΡΠ΅ΡΡΡ ΠΏΠΎΠ»ΠΈΠ½ΠΎΠΌΠΈΠ°Π»ΡΠ½ΡΠΌ ΠΎΡ ΡΠ°Π·ΠΌΠ΅ΡΠ° Π²Ρ
ΠΎΠ΄Π½ΡΡ
Π΄Π°Π½Π½ΡΡ