585 research outputs found
Security Analysis of the Unrestricted Identity-Based Aggregate Signature Scheme
Aggregate signatures allow anyone to combine different signatures signed by
different signers on different messages into a single short signature. An ideal
aggregate signature scheme is an identity-based aggregate signature (IBAS)
scheme that supports full aggregation since it can reduce the total transmitted
data by using an identity string as a public key and anyone can freely
aggregate different signatures. Constructing a secure IBAS scheme that supports
full aggregation in bilinear maps is an important open problem. Recently, Yuan
{\it et al.} proposed an IBAS scheme with full aggregation in bilinear maps and
claimed its security in the random oracle model under the computational
Diffie-Hellman assumption. In this paper, we show that there exists an
efficient forgery attacker on their IBAS scheme and their security proof has a
serious flaw.Comment: 9 page
Bloom Filters in Adversarial Environments
Many efficient data structures use randomness, allowing them to improve upon
deterministic ones. Usually, their efficiency and correctness are analyzed
using probabilistic tools under the assumption that the inputs and queries are
independent of the internal randomness of the data structure. In this work, we
consider data structures in a more robust model, which we call the adversarial
model. Roughly speaking, this model allows an adversary to choose inputs and
queries adaptively according to previous responses. Specifically, we consider a
data structure known as "Bloom filter" and prove a tight connection between
Bloom filters in this model and cryptography.
A Bloom filter represents a set of elements approximately, by using fewer
bits than a precise representation. The price for succinctness is allowing some
errors: for any it should always answer `Yes', and for any it should answer `Yes' only with small probability.
In the adversarial model, we consider both efficient adversaries (that run in
polynomial time) and computationally unbounded adversaries that are only
bounded in the number of queries they can make. For computationally bounded
adversaries, we show that non-trivial (memory-wise) Bloom filters exist if and
only if one-way functions exist. For unbounded adversaries we show that there
exists a Bloom filter for sets of size and error , that is
secure against queries and uses only
bits of memory. In comparison, is the best
possible under a non-adaptive adversary
Asymptotic Analysis of Plausible Tree Hash Modes for SHA-3
Discussions about the choice of a tree hash mode of operation for a
standardization have recently been undertaken. It appears that a single tree
mode cannot address adequately all possible uses and specifications of a
system. In this paper, we review the tree modes which have been proposed, we
discuss their problems and propose remedies. We make the reasonable assumption
that communicating systems have different specifications and that software
applications are of different types (securing stored content or live-streamed
content). Finally, we propose new modes of operation that address the resource
usage problem for the three most representative categories of devices and we
analyse their asymptotic behavior
Parallel Omega Network Hash Construction
Cryptography hash function is important to ensure data integrity when the data is transmitting in the insecure connections. Merkle-DamgÄrd construction is the well-known architecture for most hash function algorithm. This construction will take arbitrary length of input and generate a fixed length of output which best known as hash value. The process of producing the hash value is executing sequentially. The implication of this is the computation time will increase linearly when the size of input increase. Therefore, an alternative architecture that can reduce the computation time when input size is increase is needed especially in the today world where multi-core processors and multithreading programming are common. Hence, in this research an alternative Parallel Omega Network Hash Construction that can execute in multi-core machine is propose
Cryptography with anonymity in mind
Advances in information technologies gave a rise to powerful ubiquitous com- puting devices, and digital networks have enabled new ways of fast communication, which immediately found tons of applications and resulted in large amounts of data being transmitted. For decades, cryptographic schemes and privacy-preserving protocols have been studied and researched in order to offer end users privacy of their data and implement useful functionalities at the same time, often trading security properties for cryptographic assumptions and efficiency. In this plethora of cryptographic constructions, anonymity properties play a special role, as they are important in many real-life scenarios. However, many useful cryptographic primitives lack anonymity properties or imply prohibitive costs to achieve them. In this thesis, we expand the territory of cryptographic primitives with anonymity in mind. First, we define Anonymous RAM, a generalization of a single- user Oblivious RAM to multiple mistrusted users, and present two constructions thereof with different trade-offs between assumptions and efficiency. Second, we define an encryption scheme that allows to establish chains of ciphertexts anony- mously and verify their integrity. Furthermore, the aggregatable version of the scheme allows to build a Parallel Anonymous RAM, which enhances Anonymous RAM by supporting concurrent users. Third, we show our technique for construct- ing efficient non-interactive zero-knowledge proofs for statements that consist of both algebraic and arithmetic statements. Finally, we show our framework for constructing efficient single secret leader election protocols, which have been recently identified as an important component in proof-of-stake cryptocurrencies.Fortschritte in der Informationstechnik haben leistungsstarke allgegenwĂ€rtige Rechner hervorgerufen, wĂ€hrend uns digitale Netzwerke neue Wege fĂŒr die schnelle Kommunikation ermöglicht haben. Durch die Vielzahl von Anwendungen fĂŒhrte dies zur Ăbertragung von riesigen Datenvolumen. Seit Jahrzehnten wurden bereits verschiedene kryptographische Verfahren und Technologien zum Datenschutz erforscht und analysiert. Das Ziel ist die PrivatsphĂ€re der Benutzer zu schĂŒtzen und gleichzeitig nĂŒtzliche FunktionalitĂ€t anzubieten, was oft mit einem Kompromiss zwischen Sicherheitseigenschaften, kryptographischen Annahmen und Effizienz verbunden ist. In einer FĂŒlle von kryptographischen Konstruktionen spielen AnonymitĂ€tseigenschaften eine besondere Rolle, da sie in vielen realistischen Szenarien sehr wichtig sind. Allerdings fehlen vielen kryptographischen Primitive AnonymitĂ€tseigenschaften oder sie stehen im Zusammenhang mit erheblichen Kosten. In dieser Dissertation erweitern wir den Bereich von kryptographischen Prim- itiven mit einem Fokus auf AnonymitĂ€t. Erstens definieren wir Anonymous RAM, eine Verallgemeinerung von Einzelbenutzer-Oblivious RAM fĂŒr mehrere misstraute Benutzer, und stellen dazu zwei Konstruktionen mit verschiedenen Kompromissen zwischen Annahmen und Effizienz vor. Zweitens definieren wir ein VerschlĂŒsselungsverfahren, das es erlaubt anonym eine Verbindung zwischen Geheimtexten herzustellen und deren IntegritĂ€t zu ĂŒberprĂŒfen. DarĂŒber hinaus bietet die aggregierbare Variante von diesem Verfahren an, Parallel Anonymous RAM zu bauen. Dieses verbessert Anonymous RAM, indem es mehrere Benutzer in einer parallelen AusfĂŒhrung unterstĂŒtzen kann. Drittens zeigen wir eine Meth- ode fĂŒr das Konstruieren effizienter Zero-Knowledge-Protokolle, die gleichzeitig aus algebraischen und arithmetischen Teilen bestehen. Zuletzt zeigen wir ein Framework fĂŒr das Konstruieren effizienter Single-Leader-Election-Protokolle, was kĂŒrzlich als ein wichtiger Bestandteil in den Proof-of-Stake KryptowĂ€hrungen erkannt worden ist
A Secure and Verifiable Computation for k-Nearest Neighbor Queries in Cloud
The popularity of cloud computing has increased significantly in the last few years due to scalability, cost efficiency, resiliency, and quality of service. Organizations are more interested in outsourcing the database and DBMS functionalities to the cloud owing to the tremendous growth of big data and on-demand access requirements. As the data is outsourced to untrusted parties, security has become a key consideration to achieve the confidentiality and integrity of data. Therefore, data owners must transform and encrypt the data before outsourcing. In this paper, we focus on a Secure and Verifiable Computation for k-Nearest Neighbor (SVC-kNN) problem. The existing verifiable computation approaches for the kNN problem delegate the verification task solely to a single semi-trusted party. We show that these approaches are unreliable in terms of security, as the verification server could be either dishonest or compromised. To address these issues, we propose a novel solution to the SVC-kNN problem that utilizes the random-splitting approach in conjunction with the homomorphic properties under a two-cloud model. Specifically, the clouds generate and send verification proofs to end-users, allowing them to verify the computation results efficiently. Our solution is highly efficient from the data owner and query issuersâ perspective as it significantly reduces the encryption cost and pre-processing time. Furthermore, we demonstrated the correctness of our solution using Proof by Induction methodology to prove the Euclidean Distance Verification
- âŠ