65 research outputs found
Proposal of a Signature Scheme based on STS Trapdoor
A New digital signature scheme based on Stepwise Triangular Scheme (STS) is proposed. The proposed trapdoor has resolved the vulnerability of STS and secure against both Gröbner Bases and Rank Attacks. In addition, as a basic trapdoor, it
is more efficient than the existing systems. With the efficient implementation, the Multivariate Public Key Cryptosystems (MPKC) signature public key has the signature
longer than the message by less than 25 %, for example
Enhanced STS using Check Equation --Extended Version of the Signature scheme proposed in the PQCrypt2010--
We propose solutions to the problems which has been left in the Enhanced STS, which was proposed in the PQCrypto 2010.
Enhanced STS signature scheme is dened as the public key with the Complementary STS structure, in which two STS public keys are symmetrically joined together. Or, the complementary STS is the public key where simply two STS public keys are joined together, without the protection with Check Equation.
We discuss the following issues left in the Enhanced STS, which was prosented in the PQCrypt2010:
(i) We implied that there may exist a way to cryptanalyze the Complementary STS structure. Although it has been proposed that the system be protected by Check Equations [35][37], in order to cope with an unknown attack, we did not show the concrete procedure. We show the actual procedure to cryptanalyze it and forge a signature.
(ii) We assumed that the Check Equation should be changed every time a document is signed. This practice is not always allowed. We improved this matter. The Check Equation which was proposed in the PQCrypto 2010 dened the valid life as a function of the number of times the documents are signed, because the secret key of Check Equation is analyzed by collecting valid signatures.
Now we propose a new method of integrating the Check Equation into the secret key and eliminate the risk of the hidden information drawn from the existing signature
Hidden Pair of Bijection Signature Scheme
A new signature system of multivariate public key cryptosys-
tem is proposed. The new system, Hidden Pair of Bijection (HPB), is the
advanced version of the Complementary STS system. This system real-
ized both high security and quick signing. Experiments showed that the
cryptanalysis of HPB by Gröbner bases has no less complexity than the
random polynomial systems. It is secure against other way of cryptanalysis
effective for Complementary STS.
On the other hand, since it is based on bijections, signatures exist for
any message, unlike other cryptosystems based on non-bijections such as
HFE or Unbalanced Oil and Vinegar
Proposal of PPS Multivariate Public Key Cryptosystems
In this paper we propose a new MPKC, called PPS, based on (i) the 2-layer nonlinear piece in hand method, (ii) PMI, and (iii) STS. The PPS is a specific MPKC obtained by applying the 2-layer nonlinear piece in hand method to STS, in the manner that the rank and randomness of the lower rank steps in the original secret polynomial
vector of STS are enhanced by adding a perturbation polynomial vector and moreover PMI is used in the auxiliary part. The PPS overcomes the drawbacks of the three schemes by the advantage of the three schemes themself. Thus, PPS can be thought to be immune simultaneously from the algebraic attacks, such as the Groebner bases
attacks, from the rank attacks, and from the differential attacks
Extension Field Cancellation: a New Central Trapdoor for Multivariate Quadratic Systems
This paper introduces a new central trapdoor for multivariate quadratic (MQ) public-key cryptosystems that allows for encryption, in contrast to time-tested MQ primitives such as Unbalanced Oil and Vinegar or Hidden Field Equations which only allow for signatures. Our construction is a mixed-field scheme that exploits the commutativity of the extension field to dramatically reduce the complexity of the extension field polynomial implicitly present in the public key. However, this reduction can only be performed by the user who knows concise descriptions of two simple polynomials, which constitute the private key. After applying this transformation, the plaintext can be recovered by solving a linear system. We use the minus and projection modifiers to inoculate our scheme against known attacks. A straightforward C++ implementation confirms the efficient operation of the public key algorithms
Application of Quasigroups in Cryptography and Data Communications
In the past decade, quasigroup theory has proven to be a fruitfull field for production of new cryptographic primitives and error-corecting codes. Examples include several finalists in the flagship competitions for new symmetric ciphers, as well as several assimetric proposals and cryptcodes. Since the importance of cryptography and coding theory for secure and reliable data communication can only grow within our modern society, investigating further the power of quasigroups in these fields is highly promising research direction.
Our team of researchers has defined several research objectives, which can be devided into four main groups:
1. Design of new cryptosystems or their building blocks based on quasigroups - we plan to make a classification of small quasigroups based on new criteria, as well as to identify new optimal 8–bit S-boxes produced by small quasigroups. The results will be used to design new stream and block ciphers.
2. Cryptanalysis of some cryptosystems based on quasigroups - we will modify and improve the existing automated tools for differential cryptanalysis, so that they can be used for prove the resistance to differential cryptanalysis of several existing ciphers based on quasigroups. This will increase the confidence in these ciphers.
3. Codes based on quasigroups - we will designs new and improve the existing error correcting codes based on combinatorial structures and quasigroups.
4. Algebraic curves over finite fields with their cryptographic applications - using some known and new tools, we will investigate the rational points on algebraic curves over finite fields, and explore the possibilities of applying the results in cryptography
Public key cryptosystems : theory, application and implementation
The determination of an individual's right to privacy is mainly a nontechnical matter, but the pragmatics of providing it is the central concern of the cryptographer. This thesis has sought answers to some of the outstanding issues in cryptography. In particular, some of the theoretical, application and implementation problems associated with a Public Key Cryptosystem (PKC).The Trapdoor Knapsack (TK) PKC is capable of fast throughput, but suffers from serious disadvantages. In chapter two a more general approach to the TK-PKC is described, showing how the public key size can be significantly reduced. To overcome the security limitations a new trapdoor was described in chapter three. It is based on transformations between the radix and residue number systems.Chapter four considers how cryptography can best be applied to multi-addressed packets of information. We show how security or communication network structure can be used to advantage, then proposing a new broadcast cryptosystem, which is more generally applicable.Copyright is traditionally used to protect the publisher from the pirate. Chapter five shows how to protect information when in easily copyable digital format.Chapter six describes the potential and pitfalls of VLSI, followed in chapter seven by a model for comparing the cost and performance of VLSI architectures. Chapter eight deals with novel architectures for all the basic arithmetic operations. These architectures provide a basic vocabulary of low complexity VLSI arithmetic structures for a wide range of applications.The design of a VLSI device, the Advanced Cipher Processor (ACP), to implement the RSA algorithm is described in chapter nine. It's heart is the modular exponential unit, which is a synthesis of the architectures in chapter eight. The ACP is capable of a throughput of 50 000 bits per second
Efficient Verifiable Partially-Decryptable Commitments from Lattices and Applications
We introduce verifiable partially-decryptable commitments (VPDC), as a building block for constructing efficient privacy-preserving protocols supporting auditability by a trusted party. A VPDC is an extension of a commitment along with an accompanying proof, convincing a verifier that (i) the given commitment is well-formed and (ii) a certain part of the committed message can be decrypted using a (secret) trapdoor known to a trusted party.
We first formalize VPDCs and then introduce a general decryption feasibility result that overcomes the challenges in relaxed proofs arising in the lattice setting. Our general result can be applied to a wide class of Fiat-Shamir based protocols and may be of independent interest.
Next, we show how to extend the commonly used lattice-based `Hashed-Message Commitment\u27 (HMC) scheme into a succinct and efficient VPDC. In particular, we devise a novel `gadget\u27-based Regev-style (partial) decryption method, compatible with efficient relaxed lattice-based zero-knowledge proofs. We prove the soundness of our VPDC in the setting of adversarial proofs, where a prover tries to create a valid VPDC output that fails in decryption.
To demonstrate the effectiveness of our results, we extend a private blockchain payment protocol, MatRiCT, by Esgin et al. (ACM CCS \u2719) into a formally auditable construction, which we call MatRiCT-Au, with very low communication and computation overheads over MatRiCT
Cryptography from tensor problems
We describe a new proposal for a trap-door one-way function. The new proposal belongs to the "multivariate quadratic" family but the trap-door is different from existing methods, and is simpler
SP 800-22 and GM/T 0005-2012 Tests: Clearly Obsolete, Possibly Harmful
When it comes to cryptographic random number generation, poor understanding of the security requirements and ``mythical aura\u27\u27 of black-box statistical testing frequently leads it to be used as a substitute for cryptanalysis. To make things worse, a seemingly standard document, NIST SP 800-22, describes 15 statistical tests and suggests that they can be used to evaluate random and pseudorandom number generators in cryptographic applications. The Chinese standard GM/T 0005-2012 describes similar tests. These documents have not aged well. The weakest pseudorandom number generators will easily pass these tests, promoting false confidence in insecure systems. We strongly suggest that SP 800-22 be withdrawn by NIST; we consider it to be not just irrelevant but actively harmful. We illustrate this by discussing the ``reference generators\u27\u27 contained in the SP 800-22 document itself. None of these generators are suitable for modern cryptography, yet they pass the tests. For future development, we suggest focusing on stochastic modeling of entropy sources instead of model-free statistical tests. Random bit generators should also be reviewed for potential asymmetric backdoors via trapdoor one-way functions, and for security against quantum computing attacks
- …