On Group-Characterizability of Homomorphic Secret Sharing Schemes

A group-characterizable (GC) random variable is induced by a finite group, called main group, and a collection of its subgroups [Chan and Yeung 2002]. The notion extends directly to secret sharing schemes (SSS). It is known that multi-linear SSSs can be equivalently described in terms of GC ones. The proof extends to abelian SSSs, a more powerful generalization of multi-linear schemes, in a straightforward way. Both proofs are fairly easy considering the notion of dual for vector spaces and Pontryagin dual for abelian groups. However, group-characterizability of homomorphic SSSs (HSSSs), which are generalizations of abelian schemes, is non-trivial, and thus the main focus of this paper. We present a necessary and sufficient condition for a SSS to be equivalent to a GC one. Then, we use this result to show that HSSSs satisfy the sufficient condition, and consequently they are GC. Then, we strengthen this result by showing that a group-characterization can be found in which the subgroups are all normal in the main group. On the other hand, GC SSSs whose subgroups are normal in the main group can easily be shown to be homomorphic. Therefore, we essentially provide an equivalent characterization of HSSSs in terms of GC schemes. We also present two applications of our equivalent definition for HSSSs. One concerns lower bounding the information ratio of access structures for the class of HSSSs, and the other is about the coincidence between statistical, almost-perfect and perfect security notions for the same class

On Abelian and Homomorphic Secret Sharing Schemes

Abelian secret sharing schemes (SSS) are generalization of multi-linear SSS and similar to them, abelian schemes are homomorphic. There are numerous results on linear and multi-linear SSSs in the literature and a few ones on homomorphic SSSs too. Nevertheless, the abelian schemes have not taken that much attention. We present three main results on abelian and homomorphic SSSs in this paper: (1) abelian schemes are more powerful than multi-linear schemes (we achieve a constant factor improvement), (2) the information ratio of dual access structures are the same for the class of abelian schemes, and (3) every ideal homomorphic scheme can be transformed into an ideal multi-linear scheme with the same access structure. Our results on abelian and homomorphic SSSs have been motivated by the following concerns and questions. All known linear rank inequities have been derived using the so-called common information property of random variables [Dougherty, Freiling and Zeger, 2009], and it is an open problem that if common information is complete for deriving all such inequalities (Q1). The common information property has also been used in linear programming to find lower bounds for the information ratio of access structures [Farràs, Kaced, Molleví and Padró, 2018] and it is an open problem that if the method is complete for finding the optimal information ratio for the class of multi-linear schemes (Q2). Also, it was realized by the latter authors that the obtained lower bound does not have a good behavior with respect to duality and it is an open problem that if this behavior is inherent to their method (Q3). Our first result provides a negative answer to Q2. Even though, we are not able to completely answer Q1 and Q3, we have some observations about them

Society-oriented cryptographic techniques for information protection

Groups play an important role in our modern world. They are more reliable and more trustworthy than individuals. This is the reason why, in an organisation, crucial decisions are left to a group of people rather than to an individual. Cryptography supports group activity by offering a wide range of cryptographic operations which can only be successfully executed if a well-defined group of people agrees to co-operate. This thesis looks at two fundamental cryptographic tools that are useful for the management of secret information. The first part looks in detail at secret sharing schemes. The second part focuses on society-oriented cryptographic systems, which are the application of secret sharing schemes in cryptography. The outline of thesis is as follows

Biometric Cryptosystems : Authentication, Encryption and Signature for Biometric Identities

Biometrics have been used for secure identification and authentication for more than two decades since biometric data is unique, non-transferable, unforgettable, and always with us. Recently, biometrics has pervaded other aspects of security applications that can be listed under the topic of ``Biometric Cryptosystems''. Although the security of some of these systems is questionable when they are utilized alone, integration with other technologies such as digital signatures or Identity Based Encryption (IBE) schemes results in cryptographically secure applications of biometrics. It is exactly this field of biometric cryptosystems that we focused in this thesis. In particular, our goal is to design cryptographic protocols for biometrics in the framework of a realistic security model with a security reduction. Our protocols are designed for biometric based encryption, signature and remote authentication. We first analyze the recently introduced biometric remote authentication schemes designed according to the security model of Bringer et al.. In this model, we show that one can improve the database storage cost significantly by designing a new architecture, which is a two-factor authentication protocol. This construction is also secure against the new attacks we present, which disprove the claimed security of remote authentication schemes, in particular the ones requiring a secure sketch. Thus, we introduce a new notion called ``Weak-identity Privacy'' and propose a new construction by combining cancelable biometrics and distributed remote authentication in order to obtain a highly secure biometric authentication system. We continue our research on biometric remote authentication by analyzing the security issues of multi-factor biometric authentication (MFBA). We formally describe the security model for MFBA that captures simultaneous attacks against these systems and define the notion of user privacy, where the goal of the adversary is to impersonate a client to the server. We design a new protocol by combining bipartite biotokens, homomorphic encryption and zero-knowledge proofs and provide a security reduction to achieve user privacy. The main difference of this MFBA protocol is that the server-side computations are performed in the encrypted domain but without requiring a decryption key for the authentication decision of the server. Thus, leakage of the secret key of any system component does not affect the security of the scheme as opposed to the current biometric systems involving cryptographic techniques. We also show that there is a tradeoff between the security level the scheme achieves and the requirement for making the authentication decision without using any secret key. In the second part of the thesis, we delve into biometric-based signature and encryption schemes. We start by designing a new biometric IBS system that is based on the currently most efficient pairing based signature scheme in the literature. We prove the security of our new scheme in the framework of a stronger model compared to existing adversarial models for fuzzy IBS, which basically simulates the leakage of partial secret key components of the challenge identity. In accordance with the novel features of this scheme, we describe a new biometric IBE system called as BIO-IBE. BIO-IBE differs from the current fuzzy systems with its key generation method that not only allows for a larger set of encryption systems to function for biometric identities, but also provides a better accuracy/identification of the users in the system. In this context, BIO-IBE is the first scheme that allows for the use of multi-modal biometrics to avoid collision attacks. Finally, BIO-IBE outperforms the current schemes and for small-universe of attributes, it is secure in the standard model with a better efficiency compared to its counterpart. Another contribution of this thesis is the design of biometric IBE systems without using pairings. In fact, current fuzzy IBE schemes are secure under (stronger) bilinear assumptions and the decryption of each message requires pairing computations almost equal to the number of attributes defining the user. Thus, fuzzy IBE makes error-tolerant encryption possible at the expense of efficiency and security. Hence, we design a completely new construction for biometric IBE based on error-correcting codes, generic conversion schemes and weakly secure anonymous IBE schemes that encrypt a message bit by bit. The resulting scheme is anonymous, highly secure and more efficient compared to pairing-based biometric IBE, especially for the decryption phase. The security of our generic construction is reduced to the security of the anonymous IBE scheme, which is based on the Quadratic Residuosity assumption. The binding of biometric features to the user's identity is achieved similar to BIO-IBE, thus, preserving the advantages of its key generation procedure

Recent Advances in Industrial and Applied Mathematics

This open access book contains review papers authored by thirteen plenary invited speakers to the 9th International Congress on Industrial and Applied Mathematics (Valencia, July 15-19, 2019). Written by top-level scientists recognized worldwide, the scientific contributions cover a wide range of cutting-edge topics of industrial and applied mathematics: mathematical modeling, industrial and environmental mathematics, mathematical biology and medicine, reduced-order modeling and cryptography. The book also includes an introductory chapter summarizing the main features of the congress. This is the first volume of a thematic series dedicated to research results presented at ICIAM 2019-Valencia Congress

Cryptography with anonymity in mind

Advances in information technologies gave a rise to powerful ubiquitous com- puting devices, and digital networks have enabled new ways of fast communication, which immediately found tons of applications and resulted in large amounts of data being transmitted. For decades, cryptographic schemes and privacy-preserving protocols have been studied and researched in order to offer end users privacy of their data and implement useful functionalities at the same time, often trading security properties for cryptographic assumptions and efficiency. In this plethora of cryptographic constructions, anonymity properties play a special role, as they are important in many real-life scenarios. However, many useful cryptographic primitives lack anonymity properties or imply prohibitive costs to achieve them. In this thesis, we expand the territory of cryptographic primitives with anonymity in mind. First, we define Anonymous RAM, a generalization of a single- user Oblivious RAM to multiple mistrusted users, and present two constructions thereof with different trade-offs between assumptions and efficiency. Second, we define an encryption scheme that allows to establish chains of ciphertexts anony- mously and verify their integrity. Furthermore, the aggregatable version of the scheme allows to build a Parallel Anonymous RAM, which enhances Anonymous RAM by supporting concurrent users. Third, we show our technique for construct- ing efficient non-interactive zero-knowledge proofs for statements that consist of both algebraic and arithmetic statements. Finally, we show our framework for constructing efficient single secret leader election protocols, which have been recently identified as an important component in proof-of-stake cryptocurrencies.Fortschritte in der Informationstechnik haben leistungsstarke allgegenwärtige Rechner hervorgerufen, während uns digitale Netzwerke neue Wege für die schnelle Kommunikation ermöglicht haben. Durch die Vielzahl von Anwendungen führte dies zur Übertragung von riesigen Datenvolumen. Seit Jahrzehnten wurden bereits verschiedene kryptographische Verfahren und Technologien zum Datenschutz erforscht und analysiert. Das Ziel ist die Privatsphäre der Benutzer zu schützen und gleichzeitig nützliche Funktionalität anzubieten, was oft mit einem Kompromiss zwischen Sicherheitseigenschaften, kryptographischen Annahmen und Effizienz verbunden ist. In einer Fülle von kryptographischen Konstruktionen spielen Anonymitätseigenschaften eine besondere Rolle, da sie in vielen realistischen Szenarien sehr wichtig sind. Allerdings fehlen vielen kryptographischen Primitive Anonymitätseigenschaften oder sie stehen im Zusammenhang mit erheblichen Kosten. In dieser Dissertation erweitern wir den Bereich von kryptographischen Prim- itiven mit einem Fokus auf Anonymität. Erstens definieren wir Anonymous RAM, eine Verallgemeinerung von Einzelbenutzer-Oblivious RAM für mehrere misstraute Benutzer, und stellen dazu zwei Konstruktionen mit verschiedenen Kompromissen zwischen Annahmen und Effizienz vor. Zweitens definieren wir ein Verschlüsselungsverfahren, das es erlaubt anonym eine Verbindung zwischen Geheimtexten herzustellen und deren Integrität zu überprüfen. Darüber hinaus bietet die aggregierbare Variante von diesem Verfahren an, Parallel Anonymous RAM zu bauen. Dieses verbessert Anonymous RAM, indem es mehrere Benutzer in einer parallelen Ausführung unterstützen kann. Drittens zeigen wir eine Meth- ode für das Konstruieren effizienter Zero-Knowledge-Protokolle, die gleichzeitig aus algebraischen und arithmetischen Teilen bestehen. Zuletzt zeigen wir ein Framework für das Konstruieren effizienter Single-Leader-Election-Protokolle, was kürzlich als ein wichtiger Bestandteil in den Proof-of-Stake Kryptowährungen erkannt worden ist

Recent Advances in Industrial and Applied Mathematics

This open access book contains review papers authored by thirteen plenary invited speakers to the 9th International Congress on Industrial and Applied Mathematics (Valencia, July 15-19, 2019). Written by top-level scientists recognized worldwide, the scientific contributions cover a wide range of cutting-edge topics of industrial and applied mathematics: mathematical modeling, industrial and environmental mathematics, mathematical biology and medicine, reduced-order modeling and cryptography. The book also includes an introductory chapter summarizing the main features of the congress. This is the first volume of a thematic series dedicated to research results presented at ICIAM 2019-Valencia Congress

Multilinear Maps in Cryptography

Multilineare Abbildungen spielen in der modernen Kryptographie eine immer bedeutendere Rolle. In dieser Arbeit wird auf die Konstruktion, Anwendung und Verbesserung von multilinearen Abbildungen eingegangen

Private Re-Randomization for Module LWE and Applications to Quasi-Optimal ZK-SNARKs

We introduce the first candidate lattice-based Designated Verifier (DV) ZK-SNARK protocol with \emph{quasi-optimal proof length} (quasi-linear in the security/privacy parameter), avoiding the use of the exponential smudging technique. Our ZK-SNARK also achieves significant improvements in proof length in practice, with proofs length below $6$ KB for 128-bit security/privacy level. Our main technical result is a new regularity theorem for `private\u27 re-randomization of Module LWE (MLWE) samples using discrete Gaussian randomization vectors, also known as a lattice-based leftover hash lemma with leakage, which applies with a discrete Gaussian re-randomization parameter that is polynomial in the statistical privacy parameter. To obtain this result, we obtain bounds on the smoothing parameter of an intersection of a random $q$-ary SIS module lattice, Gadget SIS module lattice, and Gaussian orthogonal module lattice over standard power of 2 cyclotomic rings, and a bound on the minimum of module gadget lattices. We then introduce a new candidate \emph{linear-only} homomorphic encryption scheme called Module Half-GSW (HGSW), which is a variant of the GSW somewhat homomorphic encryption scheme over modules, and apply our regularity theorem to provide smudging-free circuit-private homomorphic linear operations for Module HGSW

Secure data storage and retrieval in cloud computing

Nowadays cloud computing has been widely recognised as one of the most inuential information technologies because of its unprecedented advantages. In spite of its widely recognised social and economic benefits, in cloud computing customers lose the direct control of their data and completely rely on the cloud to manage their data and computation, which raises significant security and privacy concerns and is one of the major barriers to the adoption of public cloud by many organisations and individuals. Therefore, it is desirable to apply practical security approaches to address the security risks for the wide adoption of cloud computing