PROPYLA: Privacy Preserving Long-Term Secure Storage

An increasing amount of sensitive information today is stored electronically and a substantial part of this information (e.g., health records, tax data, legal documents) must be retained over long time periods (e.g., several decades or even centuries). When sensitive data is stored, then integrity and confidentiality must be protected to ensure reliability and privacy. Commonly used cryptographic schemes, however, are not designed for protecting data over such long time periods. Recently, the first storage architecture combining long-term integrity with long-term confidentiality protection was proposed (AsiaCCS'17). However, the architecture only deals with a simplified storage scenario where parts of the stored data cannot be accessed and verified individually. If this is allowed, however, not only the data content itself, but also the access pattern to the data (i.e., the information which data items are accessed at which times) may be sensitive information. Here we present the first long-term secure storage architecture that provides long-term access pattern hiding security in addition to long-term integrity and long-term confidentiality protection. To achieve this, we combine information-theoretic secret sharing, renewable timestamps, and renewable commitments with an information-theoretic oblivious random access machine. Our performance analysis of the proposed architecture shows that achieving long-term integrity, confidentiality, and access pattern hiding security is feasible.Comment: Few changes have been made compared to proceedings versio

Post-Quantum Secure Time-Stamping

Krüptograafilisi ajatempliprotokolle kasutatakse tõestusena, et üks dokument eksisteeris enne teist. Postkvantkrüptograafiliselt turvalised ajatempliprotokollid uurivad, kas neid tõestusi on võimalik võltsida kasutades kvantarvuteid. Tegu on suuresti uurimata alaga, kuna võtmeta ajatempliprotokollides kasutatavates primitiivides pole seni leitud kvantarvutite kontekstis tõsiseid nõrkusi. Selles töös me defineerime, mis on post-kvant turvalised ajatempliprotokollid ning uurime kuidas klassikalised tulemused muutuvad uues raamistikus. Suur erinevus kvantvastaste puhul on see, et meil ei ole võimalik saada suvalise kvantalgoritmi mitut erinevat käivitust. Tänapäeval teadaolevad tagasipööramise võtted võimaldavad kvantalgoritmi tagasi pöörata ainult väga kindlatel tingimustel. Me uurime nende võtete kombineerimise võimalikkust ühe teoreemi tõestamiseks. Sellele teoreemile ei ole hetkel post-kvant standardmudelis ühtegi tõestust. Me pakume tõestuseta ühe tagasipööramise konstruktsiooni, mille abil võib osutuda teoreemi tõestamine võimalikuks. Me lisaks pakume välja ka minimaalse lahendamata probleemi, mis on esimene samm teoreemi formaalse tõestamiseni.Cryptographic timestamps are used as proof that a certain document existed before another. Post-quantum secure time-stamping examines whether these proofs can be forged using a quantum computer. The field is very unexplored as the primitives used in keyless time-stamping have not shown any serious weakness towards quantum computers. Until now no effort had been made towards formally defining post-quantum secure time-stamping. In this work, we define the notion of post-quantum time-stamping and examine how contemporary classical results change in this new framework. A key difference in the post-quantum setting is that we cannot retrieve multiple separate executions of an arbitrary quantum adversary. Currently known rewinding techniques allow an adversary to be ran again only under very specific conditions. We examine the possibility of combining existing rewinding techniques to prove a theorem for which there is currently no proof in the standard post-quantum model. We conjecture a rewinding construction which could possibly prove the theorem and establish a minimal open problem for formally proving the theorem

Sharing Data with Secure Advancing ABE method using Timestamp

Numerous applications require expanded insurance of private information including access control strategies that are cryptographically authorized. A promising utilization of ABE is adaptable get to control of scrambled information put away in the cloud, utilizing access polices and credited traits related with private keys and ciphertexts. Productivity disadvantages of the current ABE plans is that unscrambling includes costly matching operations and the quantity of such operations develops with the intricacy of the get to approach. The public key generation relying upon the properties of the predetermined content to be encrypted, that will create numerous keys to be utilized to scramble or unscramble the information. Extra private key to be included is the server time stamping with the encryption key to guarantee that the data should not be recovered after particular timeframe. The accompanying paper is depicting a strategies showing how to apply those technique safely and effectively to manage secret data circulated over capacity organize. Security and execution examination demonstrates the proposed plans are provably secure and exceptionally effective

Attribute Based Encryption with Verifiable Time Stamped Decryption

Numerous applications require expanded insurance of private information including access control strategies that are cryptographically authorized. A promising utilization of ABE is adaptable get to control of scrambled information put away in the cloud, utilizing access polices and credited traits related with private keys and ciphertexts. Productivity disadvantages of the current ABE plans is that unscrambling includes costly matching operations and the quantity of such operations develops with the intricacy of the get to approach. The public key generation relying upon the properties of the predetermined content to be encrypted, that will create numerous keys to be utilized to scramble or unscramble the information. Extra private key to be included is the server time stamping with the encryption key to guarantee that the data should not be recovered after particular timeframe. The accompanying paper is depicting a strategies showing how to apply those technique safely and effectively to manage secret data circulated over capacity organize. Security and execution examination demonstrates the proposed plans are provably secure and exceptionally effective

Can we Construct Unbounded Time-Stamping Schemes from Collision-Free Hash Functions?

Käesolevas töös uurime piiranguteta ajatempliskeemi jaoks turvaliste räsifunktsioonide konstrueerimise võimalusi kollisioonivabadest räsifunktsioonidest. Kasutades Harberi ja Stornetta poolt loodud ajatembeldusskeemi ning Buldase ja Saarepera poolt selle jaoks konstrueeritud turvatingimust uurime nn. musta kasti konstruktsioonide võimatuse tõestuse võimalikkust. Kuna võimatuse tõestuse lihtsaim variant on oraakliga eraldus, keskendumegi just ühe selle eralduse jaoks sobivana tunduva oraakli omaduste ja võimaluste uurimisele. Me eeldame, et oraakel konstrueerib räsipuu, väljastab puu juurväärtuse ning annab seejärel sellest puust lähtuvalt ajatemplisertifikaate. Me tõestame, et kui oraakli argumendiks olev musta kasti meetodil koostatud räsifunktsioon ainult algse räsifunktsiooni kollisioonipaare kontrollib või nn. suurem-kui predikaati kasutab, ei saa seda oraaklit kasutada kollisioonide leidmiseks . Töö tulemused annavad lootust, et nimetatud oraakel on tõepoolest eralduseks sobiv ja lubavad oletada, et sarnaste oraaklite edasine uurimine võib lõpuks probleemi lahenduseni viia.It has been known for quite some time that collision-resistance of hash functions does not seem to give any actual security guarantees for unbounded hash-tree time-stamping, where the size of the hash-tree created by the time-stamping service is not explicitly restricted. We focus on the possibility of showing that there exist no black-box reductions of unbounded time-stamping schemes to collision-free hash functions. We propose an oracle that is probably suitable for such a separation and give strong evidence in support of that. However, the existence of a separation still remains open. We introduce the problem and give a construction of the oracle relative to which there seem to be no secure time-stamping schemes but there still exist collision-free hash function families. Although we rule out many useful collision-finding strategies (relative to the oracle) and the conjecture seems quite probable after that, there still remains a possibility that the oracle can be abused by some very smartly constructed wrappers. We also argue why it is probably very hard to give a correct proof for our conjecture

Better Prefix Authentication

We present new schemes for solving prefix authentication and secure relative timestamping. By casting a new light on antimonotone linking schemes, we improve upon the state of the art in prefix authentication, and in timestamping with rounds of bounded length. Our designs can serve as more efficient alternatives to certificate transparency logs.Comment: 11 pages, 14 figure

A New Approach to Constructing Digital Signature Schemes (Extended Paper)

A new hash-based, server-supported digital signature scheme was proposed recently. We decompose the concept into forward-resistant tags and a generic cryptographic time-stamping service. Based on the decomposition, we propose more tag constructions which allow efficient digital signature schemes with interesting properties to be built. In particular, the new schemes are more suitable for use in personal signing devices, such as smart cards, which are used infrequently. We define the forward-resistant tags formally and prove that (1) the discussed constructs are indeed tags and (2) combining such tags with time-stamping services gives us signature schemes