On an almost-universal hash function family with applications to authentication and secrecy codes

Universal hashing, discovered by Carter and Wegman in 1979, has many important applications in computer science. MMH$^*$, which was shown to be $\Delta$-universal by Halevi and Krawczyk in 1997, is a well-known universal hash function family. We introduce a variant of MMH$^*$, that we call GRDH, where we use an arbitrary integer $n>1$ instead of prime $p$ and let the keys $\mathbf{x}=\langle x_1, \ldots, x_k \rangle \in \mathbb{Z}_n^k$ satisfy the conditions $\gcd(x_i,n)=t_i$ ($1\leq i\leq k$), where $t_1,\ldots,t_k$ are given positive divisors of $n$. Then via connecting the universal hashing problem to the number of solutions of restricted linear congruences, we prove that the family GRDH is an $\varepsilon$-almost-$\Delta$-universal family of hash functions for some $\varepsilon<1$ if and only if $n$ is odd and $\gcd(x_i,n)=t_i=1$ $(1\leq i\leq k)$. Furthermore, if these conditions are satisfied then GRDH is $\frac{1}{p-1}$-almost-$\Delta$-universal, where $p$ is the smallest prime divisor of $n$. Finally, as an application of our results, we propose an authentication code with secrecy scheme which strongly generalizes the scheme studied by Alomair et al. [{\it J. Math. Cryptol.} {\bf 4} (2010), 121--148], and [{\it J.UCS} {\bf 15} (2009), 2937--2956].Comment: International Journal of Foundations of Computer Science, to appea

Information-theoretic Physical Layer Security for Satellite Channels

Shannon introduced the classic model of a cryptosystem in 1949, where Eve has access to an identical copy of the cyphertext that Alice sends to Bob. Shannon defined perfect secrecy to be the case when the mutual information between the plaintext and the cyphertext is zero. Perfect secrecy is motivated by error-free transmission and requires that Bob and Alice share a secret key. Wyner in 1975 and later I.~Csisz\'ar and J.~K\"orner in 1978 modified the Shannon model assuming that the channels are noisy and proved that secrecy can be achieved without sharing a secret key. This model is called wiretap channel model and secrecy capacity is known when Eve's channel is noisier than Bob's channel. In this paper we review the concept of wiretap coding from the satellite channel viewpoint. We also review subsequently introduced stronger secrecy levels which can be numerically quantified and are keyless unconditionally secure under certain assumptions. We introduce the general construction of wiretap coding and analyse its applicability for a typical satellite channel. From our analysis we discuss the potential of keyless information theoretic physical layer security for satellite channels based on wiretap coding. We also identify system design implications for enabling simultaneous operation with additional information theoretic security protocols

Restricted linear congruences

In this paper, using properties of Ramanujan sums and of the discrete Fourier transform of arithmetic functions, we give an explicit formula for the number of solutions of the linear congruence $a_1x_1+\cdots +a_kx_k\equiv b \pmod{n}$, with $\gcd(x_i,n)=t_i$ ($1\leq i\leq k$), where $a_1,t_1,\ldots,a_k,t_k, b,n$ ($n\geq 1$) are arbitrary integers. As a consequence, we derive necessary and sufficient conditions under which the above restricted linear congruence has no solutions. The number of solutions of this kind of congruence was first considered by Rademacher in 1925 and Brauer in 1926, in the special case of $a_i=t_i=1$ $(1\leq i \leq k)$. Since then, this problem has been studied, in several other special cases, in many papers; in particular, Jacobson and Williams [{\it Duke Math. J.} {\bf 39} (1972), 521--527] gave a nice explicit formula for the number of such solutions when $(a_1,\ldots,a_k)=t_i=1$ $(1\leq i \leq k)$. The problem is very well-motivated and has found intriguing applications in several areas of mathematics, computer science, and physics, and there is promise for more applications/implications in these or other directions.Comment: Journal of Number Theory, to appea

The universality of iterated hashing over variable-length strings

Iterated hash functions process strings recursively, one character at a time. At each iteration, they compute a new hash value from the preceding hash value and the next character. We prove that iterated hashing can be pairwise independent, but never 3-wise independent. We show that it can be almost universal over strings much longer than the number of hash values; we bound the maximal string length given the collision probability

Transparent code authentication at the processor level

The authors present a lightweight authentication mechanism that verifies the authenticity of code and thereby addresses the virus and malicious code problems at the hardware level eliminating the need for trusted extensions in the operating system. The technique proposed tightly integrates the authentication mechanism into the processor core. The authentication latency is hidden behind the memory access latency, thereby allowing seamless on-the-fly authentication of instructions. In addition, the proposed authentication method supports seamless encryption of code (and static data). Consequently, while providing the software users with assurance for authenticity of programs executing on their hardware, the proposed technique also protects the software manufacturers’ intellectual property through encryption. The performance analysis shows that, under mild assumptions, the presented technique introduces negligible overhead for even moderate cache sizes

Unconditionally secure authentication for quantum key distribution

This work describes the using of Universal and Strongly Universal classes of hash functions for unconditionally secure message authentication in quantum cryptogra- phy. Different classes are compared and constructions of flexible ε-Almost Strongly Universal classes are described. A new upper bound on the lifetime of a single hash function in one-time padded tags is introduced and optimisation on the final QKD key rate is shown for the QuAKE experiment, a B92 based QKD system. The public channel communication protocol of QuAKE is described, with special stress on the security issue