Fast algorithms for computing isogenies between ordinary elliptic curves in small characteristic

The problem of computing an explicit isogeny between two given elliptic curves over F_q, originally motivated by point counting, has recently awaken new interest in the cryptology community thanks to the works of Teske and Rostovstev & Stolbunov. While the large characteristic case is well understood, only suboptimal algorithms are known in small characteristic; they are due to Couveignes, Lercier, Lercier & Joux and Lercier & Sirvent. In this paper we discuss the differences between them and run some comparative experiments. We also present the first complete implementation of Couveignes' second algorithm and present improvements that make it the algorithm having the best asymptotic complexity in the degree of the isogeny.Comment: 21 pages, 6 figures, 1 table. Submitted to J. Number Theor

Strength in Numbers: Threshold ECDSA to Protect Keys in the Cloud

Side-channel attacks utilize information leakage in the implementation of an otherwise secure cryptographic algorithm to extract secret information. For example, adversaries can extract the secret key used in a cryptographic algorithm by observing cache-timing data. Threshold cryptography enables the division of private keys into shares, distributed among several nodes; the knowledge of a subset of shares does not leak information about the private key, thereby defending against memory disclosure and side-channel attacks. This work shows that applying threshold cryptography to ECDSA—the elliptic curve variant of DSA—yields a fully distributive signature protocol that does not feature a single point of failure. Our security analysis shows that Threshold ECDSA protects against a wide range of side-channel attacks, including cache attacks, and counteracts memory disclosure attacks. We further provide the first performance analysis of Threshold ECDSA, and provide a proof of concept of the protocol in practice

Customisable arithmetic hardware designs

Imperial Users onl

Algorithms for l-sections on genus two curves over finite fields and applications

We study \ell-section algorithms for Jacobian of genus two over finite fields. We provide trisection (division by \ell=3) algorithms for Jacobians of genus 2 curves over finite fields \F_q of odd and even characteristic. In odd characteristic we obtain a symbolic trisection polynomial whose roots correspond (bijectively) to the set of trisections of the given divisor. We also construct a polynomial whose roots allow us to calculate the 3-torsion divisors. We show the relation between the rank of the 3-torsion subgroup and the factorization of this 3-torsion polynomial, and describe the factorization of the trisection polynomials in terms of the galois structure of the 3- torsion subgroup. We generalize these ideas and we determine the field of definition of an \ell-section with \ell \in {3, 5, 7}. In characteristic two for non-supersingular hyperelliptic curves we characterize the 3-torsion divisors and provide a polynomial whose roots correspond to the set of trisections of the given divisor. We also present a generalization of the known algorithms for the computation of the 2-Sylow subgroup to the case of the \ell-Sylow subgroup in general and we present explicit algorithms for the computation of the 3-Sylow subgroup. Finally we show some examples where we can obtain the central coefficients of the characteristic polynomial of the Frobenius endomorphism reduced modulo 3 using the generators obtained with the 3-Sylow algorithm.En esta tesis se estudian algoritmos de \ell-división para Jacobianas de curvas de género 2. Se presentan algoritmos de trisección (división por \ell=3) para Jacobianas de curvas de género 2 definidas sobre cuerpos finitos \F_q de característica par o impar indistintamente. En característica impar se obtiene explícitamente un polinomio de trisección, cuyas raíces se corresponden biyectivamente con el conjunto de trisecciones de un divisor cualquiera de la Jacobiana. Asimismo se proporciona otro polinomio a partir de cuyas raíces se calcula el conjunto de los divisores de orden 3. Se muestra la relación entre el rango del subgrupo de 3-torsión y la factorización del polinomio de la 3- torsión, y se describe la factorización del polinomio de trisección en términos de las órbitas galoisianas de la 3- torsión. Se generalizan estas ideas para otros valores de \ell y se determina el cuerpo de definición de una \ell-sección para \ell=3,5,7. Para curvas no-supersingulares en característica par también se da una caracterización de la 3-torsión y se proporciona un polinomio de trisección para un divisor cualquiera. Se da una generalización, para \ell arbitraria, de los algoritmos conocidos para el cómputo explícito del subgrupo de 2-Sylow, y se detalla explícitamente el algoritmo para el cómputo del subgrupo de 3-Sylow. Finalmente, se dan ejemplos de cómo obtener los valores de la reducción módulo 3 de los coeficientes centrales del polinomio característico del endomorfismo de Frobenius mediante los generadores proporcionados por el algoritmo de cálculo del 3-Sylow.En aquesta tesi s'estudien algoritmes de \ell-divisió per a grups de punts de Jacobianes de corbes de gènere 2. Es presenten algoritmes de trisecció (divisió per \ell=3) per a Jacobianes de corbes de gènere 2 definides sobre cossos finits \F_q de característica parell o senar indistintament. En característica parell s'obté explícitament un polinomi de trisecció, les arrels del qual estan en bijecció amb el conjunt de triseccions d'un divisor de la Jacobiana qualsevol. De manera semblant, es proporciona un altre polinomi amb les arrels del qual es calcula el conjunt dels divisors d'ordre 3. Es mostra la relació entre el rang del subgrup de 3-torsió i la factorització del polinomi de la 3-torsió, i es descriu la factorització del polinomi de trisecció en termes de les òrbites galoisianes de la 3-torsió. Es generalitzen aquestes idees a altres valors de \ell i es determina el cos de definició d'una \ell-secció per a \ell=3,5,7. Per a corbes nosupersingulars en característica 2 també es proporciona una caracterització de la 3-torsió i un polinomi de trisecció per a un divisor qualsevol. Es dóna una generalització, per a \ell arbitrària, dels algoritmes coneguts per al càlcul explícit del subgrup de 2-Sylow, i es detalla explícitament en el cas del 3-Sylow. Finalment es mostren exemples de com obtenir els valors de la reducció mòdul 3 dels coeficients centrals del polinomi característic de l'endomorfisme de Frobenius fent servir els generadors proporcionats per l'algoritme de càlcul del 3-Sylow

On the Efficiency and Security of Cryptographic Pairings

Pairing-based cryptography has been employed to obtain several advantageous cryptographic protocols. In particular, there exist several identity-based variants of common cryptographic schemes. The computation of a single pairing is a comparatively expensive operation, since it often requires many operations in the underlying elliptic curve. In this thesis, we explore the efficient computation of pairings. Computation of the Tate pairing is done in two steps. First, a Miller function is computed, followed by the final exponentiation. We discuss the state-of-the-art optimizations for Miller function computation under various conditions. We are able to shave off a fixed number of operations in the final exponentiation. We consider methods to effectively parallelize the computation of pairings in a multi-core setting and discover that the Weil pairing may provide some advantage under certain conditions. This work is extended to the 192-bit security level and some unlikely candidate curves for such a setting are discovered. Electronic Toll Pricing (ETP) aims to improve road tolling by collecting toll fares electronically and without the need to slow down vehicles. In most ETP schemes, drivers are charged periodically based on the locations, times, distances or durations travelled. Many ETP schemes are currently deployed and although these systems are efficient, they require a great deal of knowledge regarding driving habits in order to operate correctly. We present an ETP scheme where pairing-based BLS signatures play an important role. Finally, we discuss the security of pairings in the presence of an efficient algorithm to invert the pairing. We generalize previous results to the setting of asymmetric pairings as well as give a simplified proof in the symmetric setting

On Small Degree Extension Fields in Cryptology

This thesis studies the implications of using public key cryptographic primitives that are based in, or map to, the multiplicative group of finite fields with small extension degree. A central observation is that the multiplicative group of extension fields essentially decomposes as a product of algebraic tori, whose properties allow for improved communication efficiency. Part I of this thesis is concerned with the constructive implications of this idea. Firstly, algorithms are developed for the efficient implementation of torus-based cryptosystems and their performance compared with previous work. It is then shown how to apply these methods to operations required in low characteristic pairing-based cryptography. Finally, practical schemes for high-dimensional tori are discussed. Highly optimised implementations and benchmark timings are provided for each of these systems. Part II addresses the security of the schemes presented in Part I, i.e., the hardness of the discrete logarithm problem. Firstly, an heuristic analysis of the effectiveness of the Function Field Sieve in small characteristic is given. Next presented is an implementation of this algorithm for characteristic three fields used in pairing-based cryptography. Finally, a new index calculus algorithm for solving the discrete logarithm problem on algebraic tori is described and analysed

An architecture for secure data management in medical research and aided diagnosis

Programa Oficial de Doutoramento en Tecnoloxías da Información e as Comunicacións. 5032V01[Resumo] O Regulamento Xeral de Proteccion de Datos (GDPR) implantouse o 25 de maio de 2018 e considerase o desenvolvemento mais importante na regulacion da privacidade de datos dos ultimos 20 anos. As multas fortes definense por violar esas regras e non e algo que os centros sanitarios poidan permitirse ignorar. O obxectivo principal desta tese e estudar e proponer unha capa segura/integracion para os curadores de datos sanitarios, onde: a conectividade entre sistemas illados (localizacions), a unificacion de rexistros nunha vision centrada no paciente e a comparticion de datos coa aprobacion do consentimento sexan as pedras angulares de a arquitectura controlar a sua identidade, os perfis de privacidade e as subvencions de acceso. Ten como obxectivo minimizar o medo a responsabilidade legal ao compartir os rexistros medicos mediante o uso da anonimizacion e facendo que os pacientes sexan responsables de protexer os seus propios rexistros medicos, pero preservando a calidade do tratamento do paciente. A nosa hipotese principal e: os conceptos Distributed Ledger e Self-Sovereign Identity son unha simbiose natural para resolver os retos do GDPR no contexto da saude? Requirense solucions para que os medicos e investigadores poidan manter os seus fluxos de traballo de colaboracion sen comprometer as regulacions. A arquitectura proposta logra eses obxectivos nun ambiente descentralizado adoptando perfis de privacidade de datos illados.[Resumen] El Reglamento General de Proteccion de Datos (GDPR) se implemento el 25 de mayo de 2018 y se considera el desarrollo mas importante en la regulacion de privacidad de datos en los ultimos 20 anos. Las fuertes multas estan definidas por violar esas reglas y no es algo que los centros de salud puedan darse el lujo de ignorar. El objetivo principal de esta tesis es estudiar y proponer una capa segura/de integración para curadores de datos de atencion medica, donde: la conectividad entre sistemas aislados (ubicaciones), la unificacion de registros en una vista centrada en el paciente y el intercambio de datos con la aprobacion del consentimiento son los pilares de la arquitectura propuesta. Esta propuesta otorga al titular de los datos un rol central, que le permite controlar su identidad, perfiles de privacidad y permisos de acceso. Su objetivo es minimizar el temor a la responsabilidad legal al compartir registros medicos utilizando el anonimato y haciendo que los pacientes sean responsables de proteger sus propios registros medicos, preservando al mismo tiempo la calidad del tratamiento del paciente. Nuestra hipotesis principal es: .son los conceptos de libro mayor distribuido e identidad autosuficiente una simbiosis natural para resolver los desafios del RGPD en el contexto de la atencion medica? Se requieren soluciones para que los medicos y los investigadores puedan mantener sus flujos de trabajo de colaboracion sin comprometer las regulaciones. La arquitectura propuesta logra esos objetivos en un entorno descentralizado mediante la adopcion de perfiles de privacidad de datos aislados.[Abstract] The General Data Protection Regulation (GDPR) was implemented on 25 May 2018 and is considered the most important development in data privacy regulation in the last 20 years. Heavy fines are defined for violating those rules and is not something that healthcare centers can afford to ignore. The main goal of this thesis is to study and propose a secure/integration layer for healthcare data curators, where: connectivity between isolated systems (locations), unification of records in a patientcentric view and data sharing with consent approval are the cornerstones of the proposed architecture. This proposal empowers the data subject with a central role, which allows to control their identity, privacy profiles and access grants. It aims to minimize the fear of legal liability when sharing medical records by using anonymisation and making patients responsible for securing their own medical records, yet preserving the patient’s quality of treatment. Our main hypothesis is: are the Distributed Ledger and Self-Sovereign Identity concepts a natural symbiosis to solve the GDPR challenges in the context of healthcare? Solutions are required so that clinicians and researchers can maintain their collaboration workflows without compromising regulations. The proposed architecture accomplishes those objectives in a decentralized environment by adopting isolated data privacy profiles

Recent Application in Biometrics

In the recent years, a number of recognition and authentication systems based on biometric measurements have been proposed. Algorithms and sensors have been developed to acquire and process many different biometric traits. Moreover, the biometric technology is being used in novel ways, with potential commercial and practical implications to our daily activities. The key objective of the book is to provide a collection of comprehensive references on some recent theoretical development as well as novel applications in biometrics. The topics covered in this book reflect well both aspects of development. They include biometric sample quality, privacy preserving and cancellable biometrics, contactless biometrics, novel and unconventional biometrics, and the technical challenges in implementing the technology in portable devices. The book consists of 15 chapters. It is divided into four sections, namely, biometric applications on mobile platforms, cancelable biometrics, biometric encryption, and other applications. The book was reviewed by editors Dr. Jucheng Yang and Dr. Norman Poh. We deeply appreciate the efforts of our guest editors: Dr. Girija Chetty, Dr. Loris Nanni, Dr. Jianjiang Feng, Dr. Dongsun Park and Dr. Sook Yoon, as well as a number of anonymous reviewers

Modular polynomials on Hilbert surfaces

International audienceWe describe an evaluation/interpolation approach to compute modular polynomials on a Hilbert surface, which parametrizes abelian surfaces with maximal real multiplication. Under some heuristics we obtain a quasi-linear algorithm. The corresponding modular polynomials are much smaller than the ones on the Siegel threefold. We explain how to compute even smaller polynomials by using pullbacks of theta functions to the Hilbert surface

Recent Advances in Industrial and Applied Mathematics

This open access book contains review papers authored by thirteen plenary invited speakers to the 9th International Congress on Industrial and Applied Mathematics (Valencia, July 15-19, 2019). Written by top-level scientists recognized worldwide, the scientific contributions cover a wide range of cutting-edge topics of industrial and applied mathematics: mathematical modeling, industrial and environmental mathematics, mathematical biology and medicine, reduced-order modeling and cryptography. The book also includes an introductory chapter summarizing the main features of the congress. This is the first volume of a thematic series dedicated to research results presented at ICIAM 2019-Valencia Congress