4,648 research outputs found
Pairing-based identification schemes
We propose four different identification schemes that make use of bilinear
pairings, and prove their security under certain computational assumptions.
Each of the schemes is more efficient and/or more secure than any known
pairing-based identification scheme
Still Wrong Use of Pairings in Cryptography
Several pairing-based cryptographic protocols are recently proposed with a
wide variety of new novel applications including the ones in emerging
technologies like cloud computing, internet of things (IoT), e-health systems
and wearable technologies. There have been however a wide range of incorrect
use of these primitives. The paper of Galbraith, Paterson, and Smart (2006)
pointed out most of the issues related to the incorrect use of pairing-based
cryptography. However, we noticed that some recently proposed applications
still do not use these primitives correctly. This leads to unrealizable,
insecure or too inefficient designs of pairing-based protocols. We observed
that one reason is not being aware of the recent advancements on solving the
discrete logarithm problems in some groups. The main purpose of this article is
to give an understandable, informative, and the most up-to-date criteria for
the correct use of pairing-based cryptography. We thereby deliberately avoid
most of the technical details and rather give special emphasis on the
importance of the correct use of bilinear maps by realizing secure
cryptographic protocols. We list a collection of some recent papers having
wrong security assumptions or realizability/efficiency issues. Finally, we give
a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page
A New PVSS Scheme with a Simple Encryption Function
A Publicly Verifiable Secret Sharing (PVSS) scheme allows anyone to verify
the validity of the shares computed and distributed by a dealer. The idea of
PVSS was introduced by Stadler in [18] where he presented a PVSS scheme based
on Discrete Logarithm. Later, several PVSS schemes were proposed. In [2],
Behnad and Eghlidos present an interesting PVSS scheme with explicit membership
and disputation processes. In this paper, we present a new PVSS having the
advantage of being simpler while offering the same features.Comment: In Proceedings SCSS 2012, arXiv:1307.8029. This PVSS scheme was
proposed to be used to provide a distributed Timestamping schem
Fast generators for the Diffie-Hellman key agreement protocol and malicious standards
The Diffie-Hellman key agreement protocol is based on taking large powers of
a generator of a prime-order cyclic group. Some generators allow faster
exponentiation. We show that to a large extent, using the fast generators is as
secure as using a randomly chosen generator. On the other hand, we show that if
there is some case in which fast generators are less secure, then this could be
used by a malicious authority to generate a standard for the Diffie-Hellman key
agreement protocol which has a hidden trapdoor.Comment: Small update
- …