On the Duality of Probing and Fault Attacks

In this work we investigate the problem of simultaneous privacy and integrity protection in cryptographic circuits. We consider a white-box scenario with a powerful, yet limited attacker. A concise metric for the level of probing and fault security is introduced, which is directly related to the capabilities of a realistic attacker. In order to investigate the interrelation of probing and fault security we introduce a common mathematical framework based on the formalism of information and coding theory. The framework unifies the known linear masking schemes. We proof a central theorem about the properties of linear codes which leads to optimal secret sharing schemes. These schemes provide the lower bound for the number of masks needed to counteract an attacker with a given strength. The new formalism reveals an intriguing duality principle between the problems of probing and fault security, and provides a unified view on privacy and integrity protection using error detecting codes. Finally, we introduce a new class of linear tamper-resistant codes. These are eligible to preserve security against an attacker mounting simultaneous probing and fault attacks

Four-photon orbital angular momentum entanglement

Quantum entanglement shared between more than two particles is essential to foundational questions in quantum mechanics, and upcoming quantum information technologies. So far, up to 14 two-dimensional qubits have been entangled, and an open question remains if one can also demonstrate entanglement of higher-dimensional discrete properties of more than two particles. A promising route is the use of the photon orbital angular momentum (OAM), which enables implementation of novel quantum information protocols, and the study of fundamentally new quantum states. To date, only two of such multidimensional particles have been entangled albeit with ever increasing dimensionality. Here we use pulsed spontaneous parametric downconversion (SPDC) to produce photon quadruplets that are entangled in their OAM, or transverse-mode degrees of freedom; and witness genuine multipartite Dicke-type entanglement. Apart from addressing foundational questions, this could find applications in quantum metrology, imaging, and secret sharing.Comment: 5 pages, 4 figure

Finding lower bounds on the complexity of secret sharing schemes by linear programming

Optimizing the maximum, or average, length of the shares in relation to the length of the secret for every given access structure is a difficult and long-standing open problem in cryptology. Most of the known lower bounds on these parameters have been obtained by implicitly or explicitly using that every secret sharing scheme defines a polymatroid related to the access structure. The best bounds that can be obtained by this combinatorial method can be determined by using linear programming, and this can be effectively done for access structures on a small number of participants. By applying this linear programming approach, we improve some of the known lower bounds for the access structures on five participants and the graph access structures on six participants for which these parameters were still undetermined. Nevertheless, the lower bounds that are obtained by this combinatorial method are not tight in general. For some access structures, they can be improved by adding to the linear program non-Shannon information inequalities as new constraints. We obtain in this way new separation results for some graph access structures on eight participants and for some ports of non-representable matroids. Finally, we prove that, for two access structures on five participants, the combinatorial lower bound cannot be attained by any linear secret sharing schemePeer ReviewedPostprint (author's final draft