31 research outputs found
Generic design of Chinese remaindering schemes
We propose a generic design for Chinese remainder algorithms. A Chinese
remainder computation consists in reconstructing an integer value from its
residues modulo non coprime integers. We also propose an efficient linear data
structure, a radix ladder, for the intermediate storage and computations. Our
design is structured into three main modules: a black box residue computation
in charge of computing each residue; a Chinese remaindering controller in
charge of launching the computation and of the termination decision; an integer
builder in charge of the reconstruction computation. We then show that this
design enables many different forms of Chinese remaindering (e.g.
deterministic, early terminated, distributed, etc.), easy comparisons between
these forms and e.g. user-transparent parallelism at different parallel grains
Group Signatures: Provable Security, Efficient Constructions and Anonymity from Trapdoor-Holders
To date, a group signature construction which is efficient,
scalable, allows dynamic adversarial joins, and proven secure in a
formal model has not been suggested. In this work we give the first
such construction in the random oracle model.
The demonstration of an efficient construction proven secure in
a formal model that captures all intuitive security properties of a certain
primitive is a basic goal in cryptographic design.
To this end we adapt a formal model for group signatures
capturing all the basic requirements that have been identified as desirable
in the area and we construct an efficient scheme and prove its security.
Our construction is based on the Strong-RSA assumption
(as in the work of Ateniese et al.). In our system, due to
the requirements of provable security in a formal model, we
give novel constructions as well as innovative extensions of
the underlying mathematical requirements and properties.
Our task, in fact, requires the investigation of
some basic number-theoretic techniques for arguing
security over the group of quadratic residues modulo a composite
when its factorization is known. Along the way we
discover that in the basic construction, anonymity
does not depend on factoring-based assumptions, which, in turn, allows
the natural separation of user join management and anonymity
revocation authorities. Anonymity can, in turn, be shown even against
an adversary controlling the join manager
A Generalisation, a Simplification and some Applications of Paillier’s Probabilistic Public-Key System
We propose a generalisation of Paillier's probabilistic publickey system, in which the expansion factor is reduced and which allows to adjust the block length of the scheme even after the public key has been fixed, without losing the homomorphic property. We show thatthe generalisation is as secure as Paillier's original system.We construct a threshold variant of the generalised scheme as well as zero-knowledge protocols to show that a given ciphertext encrypts one of a set of given plaintexts, and protocols to verify multiplicative relations on plaintexts. We then show how these building blocks can be used for applying thescheme to efficient electronic voting. This reduces dramatically the work needed to compute the final result of an election, compared to the previously best known schemes. We show how the basic scheme for a yes/no vote can be easily adapted to casting a vote for up to t out of L candidates. The same basic building blocks can also be adapted to provide receipt-free elections, under appropriate physical assumptions. The scheme for 1 out of L elections can be optimised such that for a certainrange of parameter values, a ballot has size only O(log L) bits
On-Line/Off-Line DCR-based Homomorphic Encryption and Applications
On-line/off-line encryption schemes enable the fast encryption of a message from a pre-computed coupon. The paradigm was put forward in the case of digital signatures.
This work introduces a compact public-key additively homomorphic encryption scheme. The scheme is semantically secure under the decisional composite residuosity (DCR) assumption. Compared to Paillier cryptosystem, it merely requires one or two integer additions in the on-line phase and no increase in the ciphertext size. This work also introduces a compact on-line/off-line trapdoor commitment scheme featuring the same fast on-line phase. Finally, applications to chameleon signatures are presented