A Public Key Cryptosystem Based on Singular Cubic Curve

An efficient and semantically secure public key cryptosystem based on singular cubic curve is proposed in this paper. It is about two times faster than the cryptosystem of David at the same security label and more efficient than the Koyama scheme at high security level. Further, the partially known plaintext attack and the linearly related plaintext attacks are analyzed and concluded that those are not possible in the proposed scheme

A New Attack on Three Variants of the RSA Cryptosystem

International audienceIn 1995, Kuwakado, Koyama and Tsuruoka presented a new RSA-type scheme based on singular cubic curves y^2 ≡ x^3 + bx^2 (mod N) where N = pq is an RSA modulus. Then, in 2002, Elkamchouchi, Elshenawy and Shaban introduced an extension of the RSA scheme to the field of Gaussian integers using a modulus N = P Q where P and Q are Gaussian primes such that p = |P | and q = |Q| are ordinary primes. Later, in 2007, Castagnos's proposed a scheme over quadratic fields quotients with an RSA modulus N = pq. In the three schemes, the public exponent e is an integer satisfying the key equation ed − k^(p^2 − 1) (q^2 − 1) = 1. In this paper, we apply the continued fraction method to launch an attack on the three schemes when the private exponent d is sufficiently small. Our attack can be considered as an extension of the famous Wiener attack on RSA

The zheng-seberry public key cryptosystem and signcryption

In 1993 Zheng-Seberry presented a public key cryptosystem that was considered efficient and secure in the sense of indistinguishability of encryptions (IND) against an adaptively chosen ciphertext adversary (CCA2). This thesis shows the Zheng-Seberry scheme is not secure as a CCA2 adversary can break the scheme in the sense of IND. In 1998 Cramer-Shoup presented a scheme that was secure against an IND-CCA2 adversary and whose proof relied only on standard assumptions. This thesis modifies this proof and applies it to a modified version of the El-Gamal scheme. This resulted in a provably secure scheme relying on the Random Oracle (RO) model, which is more efficient than the original Cramer-Shoup scheme. Although the RO model assumption is needed for security of this new El-Gamal variant, it only relies on it in a minimal way

Society-oriented cryptographic techniques for information protection

Groups play an important role in our modern world. They are more reliable and more trustworthy than individuals. This is the reason why, in an organisation, crucial decisions are left to a group of people rather than to an individual. Cryptography supports group activity by offering a wide range of cryptographic operations which can only be successfully executed if a well-defined group of people agrees to co-operate. This thesis looks at two fundamental cryptographic tools that are useful for the management of secret information. The first part looks in detail at secret sharing schemes. The second part focuses on society-oriented cryptographic systems, which are the application of secret sharing schemes in cryptography. The outline of thesis is as follows

On the Use of Key Assignment Schemes in Authentication Protocols

Key Assignment Schemes (KASs) have been extensively studied in the context of cryptographically-enforced access control, where derived keys are used to decrypt protected resources. In this paper, we explore the use of KASs in entity authentication protocols, where we use derived keys to encrypt challenges. This novel use of KASs permits the efficient authentication of an entity in accordance with an authentication policy by associating entities with security labels representing specific services. Cryptographic keys are associated with each security label and demonstrating knowledge of an appropriate key is used as the basis for authentication. Thus, by controlling the distribution of such keys, restrictions may be efficiently placed upon the circumstances under which an entity may be authenticated and the services to which they may gain access. In this work, we explore how both standardized protocols and novel constructions may be developed to authenticate entities as members of a group associated to a particular security label, whilst protecting the long-term secrets in the system. We also see that such constructions may allow for authentication whilst preserving anonymity, and that by including a trusted third party we can achieve the authentication of individual identities and authentication based on timestamps without the need for synchronized clocks

Hard isogeny problems over RSA moduli and groups with infeasible inversion

We initiate the study of computational problems on elliptic curve isogeny graphs defined over RSA moduli. We conjecture that several variants of the neighbor-search problem over these graphs are hard, and provide a comprehensive list of cryptanalytic attempts on these problems. Moreover, based on the hardness of these problems, we provide a construction of groups with infeasible inversion, where the underlying groups are the ideal class groups of imaginary quadratic orders. Recall that in a group with infeasible inversion, computing the inverse of a group element is required to be hard, while performing the group operation is easy. Motivated by the potential cryptographic application of building a directed transitive signature scheme, the search for a group with infeasible inversion was initiated in the theses of Hohenberger and Molnar (2003). Later it was also shown to provide a broadcast encryption scheme by Irrer et al. (2004). However, to date the only case of a group with infeasible inversion is implied by the much stronger primitive of self-bilinear map constructed by Yamakawa et al. (2014) based on the hardness of factoring and indistinguishability obfuscation (iO). Our construction gives a candidate without using iO.Comment: Significant revision of the article previously titled "A Candidate Group with Infeasible Inversion" (arXiv:1810.00022v1). Cleared up the constructions by giving toy examples, added "The Parallelogram Attack" (Sec 5.3.2). 54 pages, 8 figure

User-differentiated hierarchical key management for the bring-your-own-device environments

To ensure confidentiality, the sensitive electronic data held within a corporation is always carefully encrypted and stored in a manner so that it is inaccessible to those parties who are not involved. During this process, the specific manners of how to keep, distribute, use, and update keys which are used to encrypt the sensitive data become an important thing to be considered. Through use of hierarchical key management, a technique that provides access controls in multi-user systems where a portion of sensitive resources shall only be made available to authorized users or security ordinances, required information is distributed on a need-to-know basis. As a result of this hierarchical key management, time-bound hierarchical key management further adds time controls to the information access process. There is no existing hierarchical key management scheme or time-bound hierarchical key management scheme which is able to differentiate users with the same authority. When changes are required for any user, all other users who have the same access authorities will be similarly affected, and this deficiency then further deteriorates due to a recent trend which has been called Bring-Your-Own-Device. This thesis proposes the construction of a new time-bound hierarchical key management scheme called the User-Differentiated Two-Layer Encryption-Based Scheme (UDTLEBC), one which is designed to differentiate between users. With this differentiation, whenever any changes are required for one user during the processes of key management, no additional users will be affected during these changes and these changes can be done without interactions with the users. This new scheme is both proven to be secure as a time-bound hierarchical key management scheme and efficient for use in a BYOD environment

The design of a secure data communication system

The recent results of using a new type of chosen-plaintext attack, which is called differential cryptanalysis, makes most published conventional secret-key block cipher systems vulnerable. The need for a new conventional cipher which resists all known attacks was the main inspiration of this work. The design of a secret-key block cipher algorithm called DCU-Cipher, that resists all known cryptanalysis methods is proposed in this dissertation. The proposed method is workable for either 64-bit plaintext/64-bit ciphertext blocks, or 128-bit plaintext/128-bit ciphertext blocks. The secret key in both styles is 128-bit long. This method has only four rounds and the main transformation function in this cipher algorithm is based on four mixed operations. The proposed method is suitable for both hardware and software implementation. It is also suitable for cryptographic hash function implementations. Two techniques for file and/or data communication encryption are also proposed here. These modes are modified versions of the Cipher-Block Chaining mode, by which the threat of the known-plaintext differential cyptanalytical attack is averted. An intensive investigation of the best known Identity-based key exchange schemes is also presented. The idea behind using such protocols, is providing an authenticated secret-key by using the users identification tockens. These kind of protocols appeared recently and are not standardized as yet. None of these protocols have been compared with previous proposals. Therefore one can not realize the efficiency and the advantages of a new proposed protocol without comparing it with other existing schemes of the same type. The aim of this investigation is to clarify the advantages and the disadvantages of each of the best known schemes and compare these schemes from the complixity and the speed viewpoint