Efficient Lattice-based Authenticated Encryption: A Practice-Oriented Provable Security Approach

Lattice-based cryptography has been received significant attention in the past decade. It has attractive properties such as being a major post-quantum cryptography candidate, enjoying worst-case to average-case security reductions, and being supported by efficient implementations.In recent years, lattice-based schemes have achieved enough maturity to become interesting also for the industry. Additionally, authenticated encryption (AE) is another important topic in the community of cryptography. In this paper, considering two above-mentioned subjects, we propose three lattice-based AEs with an acceptable practical efficiency. These schemes are provably secure assuming the hardness of elementary lattice problems. That is in contrast to the other practical provably-secure AEs, which are based on the hardness assumption of another cryptographic primitive, such as AES. Moreover, we analyze the exact security of these schemes in the paradigm of practice-oriented provable security, while the security proofs of almost all previous lattice-based schemes are asymptotic. The implementation results show that one of the proposed schemes becomes even faster than an AES-256-GCM implementation to encrypt messages of length 64 bytes or longer. Particularly, for a 1500-byte message, this scheme is 34% faster than AES-256-GCM

Seeking Anonymity in an Internet Panopticon

Obtaining and maintaining anonymity on the Internet is challenging. The state of the art in deployed tools, such as Tor, uses onion routing (OR) to relay encrypted connections on a detour passing through randomly chosen relays scattered around the Internet. Unfortunately, OR is known to be vulnerable at least in principle to several classes of attacks for which no solution is known or believed to be forthcoming soon. Current approaches to anonymity also appear unable to offer accurate, principled measurement of the level or quality of anonymity a user might obtain. Toward this end, we offer a high-level view of the Dissent project, the first systematic effort to build a practical anonymity system based purely on foundations that offer measurable and formally provable anonymity properties. Dissent builds on two key pre-existing primitives - verifiable shuffles and dining cryptographers - but for the first time shows how to scale such techniques to offer measurable anonymity guarantees to thousands of participants. Further, Dissent represents the first anonymity system designed from the ground up to incorporate some systematic countermeasure for each of the major classes of known vulnerabilities in existing approaches, including global traffic analysis, active attacks, and intersection attacks. Finally, because no anonymity protocol alone can address risks such as software exploits or accidental self-identification, we introduce WiNon, an experimental operating system architecture to harden the uses of anonymity tools such as Tor and Dissent against such attacks.Comment: 8 pages, 10 figure