997 research outputs found
On the Design of LIL Tests for (Pseudo) Random Generators and Some Experimental Results
NIST SP800-22 (2010) proposes the state of art testing suite for (pseudo)
random generators to detect deviations of a binary sequence from randomness. On
the one hand, as a counter example to NIST SP800-22 test suite, it is easy to
construct functions that are considered as GOOD pseudorandom generators by NIST
SP800-22 test suite though the output of these functions are easily
distinguishable from the uniform distribution. Thus these functions are not
pseudorandom generators by definition. On the other hand, NIST SP800-22 does
not cover some of the important laws for randomness. Two fundamental limit
theorems about random binary strings are the central limit theorem and the law
of the iterated logarithm (LIL). Several frequency related tests in NIST
SP800-22 cover the central limit theorem while no NIST SP800-22 test covers
LIL.
This paper proposes techniques to address the above challenges that NIST
SP800-22 testing suite faces. Firstly, we propose statistical distance based
testing techniques for (pseudo) random generators to reduce the above mentioned
Type II errors in NIST SP800-22 test suite. Secondly, we propose LIL based
statistical testing techniques, calculate the probabilities, and carry out
experimental tests on widely used pseudorandom generators by generating around
30TB of pseudorandom sequences. The experimental results show that for a sample
size of 1000 sequences (2TB), the statistical distance between the generated
sequences and the uniform distribution is around 0.07 (with for
statistically indistinguishable and for completely distinguishable) and the
root-mean-square deviation is around 0.005
Best Effort and Practice Activation Codes
Activation Codes are used in many different digital services and known by
many different names including voucher, e-coupon and discount code. In this
paper we focus on a specific class of ACs that are short, human-readable,
fixed-length and represent value. Even though this class of codes is
extensively used there are no general guidelines for the design of Activation
Code schemes. We discuss different methods that are used in practice and
propose BEPAC, a new Activation Code scheme that provides both authenticity and
confidentiality. The small message space of activation codes introduces some
problems that are illustrated by an adaptive chosen-plaintext attack (CPA-2) on
a general 3-round Feis- tel network of size 2^(2n) . This attack recovers the
complete permutation from at most 2^(n+2) plaintext-ciphertext pairs. For this
reason, BEPAC is designed in such a way that authenticity and confidentiality
are in- dependent properties, i.e. loss of confidentiality does not imply loss
of authenticity.Comment: 15 pages, 3 figures, TrustBus 201
Almost Optimal Pseudorandom Generators for Spherical Caps
Halfspaces or linear threshold functions are widely studied in complexity
theory, learning theory and algorithm design. In this work we study the natural
problem of constructing pseudorandom generators (PRGs) for halfspaces over the
sphere, aka spherical caps, which besides being interesting and basic geometric
objects, also arise frequently in the analysis of various randomized algorithms
(e.g., randomized rounding). We give an explicit PRG which fools spherical caps
within error and has an almost optimal seed-length of . For an inverse-polynomially
growing error , our generator has a seed-length optimal up to a
factor of . The most efficient PRG previously known (due
to Kane, 2012) requires a seed-length of in this
setting. We also obtain similar constructions to fool halfspaces with respect
to the Gaussian distribution.
Our construction and analysis are significantly different from previous works
on PRGs for halfspaces and build on the iterative dimension reduction ideas of
Kane et. al. (2011) and Celis et. al. (2013), the \emph{classical moment
problem} from probability theory and explicit constructions of \emph{orthogonal
designs} based on the seminal work of Bourgain and Gamburd (2011) on expansion
in Lie groups.Comment: 28 Pages (including the title page
Covers and Logarithmic Signatures of Finite Groups in Cryptography
After the first time Diffie and Hellmann [1] introduced the idea of separate keys, asymmetric cryptography has became increasingly developing. Many public key cryptosystems have been proposed, but only few of such systems remain unbroken. The most of them used nowadays are based on the perceived intractability of certain mathematical problems in very large, finite cyclic groups. In the late 1970's S. Magliveras started to investigate the use of special factorizations, called logarithmic signatures, of finite non-abelian groups in cryptography [2,3,4,5]. Later, Magliveras, Stinson and Tran van Trung [6] have done some preliminary work in creating two public key cryptosystems, MST1, based on logarithmic signatures, and MST2, based on another type of group coverings called [s,r]-meshes. Until now however, no practical realizations are known for MST1 or MST2.
Recently, a new type of public key cryptosystem, called MST3 [7], has been developed on the basis of logarithmic signatures and random covers of finite non-abelian groups (i.e. factorization sequences in which blocks are constructed by sampling uniformly at random on the underlying group). For a possible realization of the generic version of this system, the Suzuki 2-groups have been suggested. %Due to their simple structure, these groups make it possible for studying the security of the scheme.
The primary objective of this thesis is to show that cryptosystem MST3 can be realized with Suzuki 2-groups. To this question we can give an affirmative answer. There are several challenges in designing the practical realization of the scheme. The first problem is to efficiently generate covers for large groups and with good cryptographic properties. Showing the connection of this problem with the classical occupancy problem, we determine a bound for the probability that randomly chosen collection of group
elements compose a cover. As a consequence, we solve the problem of generating random covers for arbitrary large groups. We also present several experimental computer results about covers and uniform covers for some alternating groups.Due to their simple structure, the Suzuki 2-groups enable us to study the security of the system and also provide an efficient implementation. In the first realization, a special class of canonical logarithmic signatures for elementary abelian 2-groups has been proposed as a basis for the key generation. These are easily constructed and allow highly efficient factorization. We provide an attack, showing that canonical signatures cannot be used to build secure realization of MST3 with Suzuki 2-groups. Motivated by the attack on the first realization, we propose a new variant with significant improvement, strengthening the system's security. For that purpose we re-design the set-up of the scheme and introduce a new class of fused transversal logarithmic signatures. These allow efficient factorization if we keep track of the transformations used to generate them. We present a thorough study of the security of the scheme by using heuristic and algebraic methods. We first determine the complexity for the lower bounds of conceivable direct attacks to recover the private key in terms of the size of the groups. These bounds give a hint of the strength of the system. We further develop a powerful method for a chosen plaintext attack showing non-fused transversal logarithmic signatures cannot be used. Moreover, proposed class of fused transversal logarithmic signatures withstand this attack when used in MST3 with Suzuki 2-groups and thus to our knowledge could be used to build secure realization of the scheme. We describe and discuss the implementation issues of the system in detail and include data of its performance obtained from an experimental result.
Apart from the main research objective, we introduce a new approach to designing pseudorandom number generators based on random covers of finite groups. PRNGs based on random covers, called MSTg, turn out to be highly efficient for a certain class of group and produces high-quality random bit sequences. A very extensive sequence of tests for randomness using the NIST Statistical Test Suite and Diehard Battery of Tests provided here show extremely strong properties for the new methodology. More importantly, we show evidence that this class of generators is suitable for cryptographic applications. Finally, we include performance data of the generators and propose a method of using them in practice.
[1] W. Diffie and M. E. Hellman, New Directions in Cryptography, IEEE Trans. on Inform. Theory, IT-22(6) (1976), 644â654.
[2] S. S. Magliveras, B. A. Oberg and A. J. Surkan, A New Random Number Generator from Permutation Groups, In Rend. del Sem. Matemat. e Fis. di Milano, LIV (1984), 203â223.
[3] S. S. Magliveras, A cryptosystem from logarithmic signatures of finite groups, in Proceedings of the 29âth Midwest Symposium on Circuits and Systems, Elsevier Publ. Co. (1986), 972â975.
[4] S. S. Magliveras and N.D. Memon, Properties of Cryptosystem PGM, Advances in Cryptology, Lecture Notes in Comp. Sc., Springer-Verlag, 435 (1989), 447â460.
[5] S. S. Magliveras and N.D. Memon, Random Permutations from Logarithmic Signatures, Computing in the 90âs, First Great Lakes Comp. Sc. Conf., Lecture Notes in Computer Science, Springer-Verlag, 507 (1989), 91â97.
[6] S. S. Magliveras, Tran van Trung and D.R. Stinson, New approaches to designing public key cryptosystems using one-way functions and trap-doors in finite groups, J. of Cryptology, 15 (2002), 285â297.
[7] W. Lempken, S. S. Magliveras, Tran van Trung and W. Wei, A public key cryptosystem based on non-abelian finite groups, J. of Cryptology, 22 (2009), 62â74.Nachdem Diffie und Hellman [1] die Idee von getrennten SchlĂŒsseln fĂŒr VerschlĂŒsselungsverfahren prĂ€sentierten, wurde die asymmetrische Kryptographie zunehmend weiter entwickelt. Viele Public Key Kryptosysteme wurden vorgeschlagen, aber nur wenige wurden letztlich nicht gebrochen. Die meisten von ihnen, die noch heute verwendet werden, basieren auf den bekannten Schwierigkeiten von bestimmten mathematischen Problemen in sehr groĂen endlichen zyklischen Gruppen. In den spĂ€ten 1970ern begann S. Magliveras den Nutzen spezieller Faktorisierungen auf endlichen nicht-abelschen Gruppen, bekannt als logarithmische Signaturen, in der Kryptographie zu erforschen [2,3,4,5]. SpĂ€ter folgten weitere wegweisende Arbeiten von Magliveras, Stinson und Tran van Trung [6] die sowohl das Kryptosystem MST1, welches auf logarithmischen Signaturen basiert, als auch MST2, das auf einer anderen Art von Gruppen-Ăberdeckungen â den sogenannten [s,r]-Gittern â arbeitet, bekannt machten. Bisher sind allerdings noch keine praktische Realisierungen von MST1 oder MST2 bekannt. KĂŒrzlich wurde ein neues Public Key Kryptosystem namens MST3 [7] entwickelt, das auf der Grundlage von logarithmischen Signaturen und zufĂ€lligen Ăberdeckungen von endlichen nicht-abelschen Gruppen arbeitet. FĂŒr eine mögliche Realisierung der generischen Version dieses Systems wurden die Suzuki-2-Gruppen vorgeschlagen.
Das Hauptziel dieser Arbeit liegt darin zu zeigen, dass MST3 auf Suzuki-2-Gruppen realisiert werden kann. Diese Frage können wir im positiven Sinne beantworten. Es gab einige Ănderungen in der Umsetzung der Realisierung des Systems. Das erste Problem besteht darin, effizient zufĂ€llige Ăberdeckungen fĂŒr groĂe Gruppen mit guten kryptographischen Eigenschaften zu erzeugen. In dem wir den Bezug zum klassischen Belegungsproblem (âthe occupancy problemâ) herstellen, können wir eine Schranke fĂŒr die Wahrscheinlichkeit, dass eine zufĂ€llige Ansammlung von Gruppenelementen eine Ăberdeckung bilden, bestimmen. Eine Konsequenz daraus ist, dass wir das Problem, zufĂ€llige Ăberdeckungen fĂŒr beliebige groĂe Gruppen zu erzeugen, lösen können. Weiterhin stellen wir einige Resultate spezieller Computerexperimente bezĂŒglich Ăberdeckungen und gleichmĂ€Ăigen Ăberdeckungen zu verschiedenen Gruppen vor. Dank ihrer einfachen Struktur erlauben uns die Suzuki-2-Gruppen die Sicherheit des Systems genau zu studieren und es effizient zu implementieren. In der ersten Realisierung wird eine spezielle Klasse von kanonisch logarithmischen Signaturen zu elementar-abelschen 2-Gruppen als Basis fĂŒr die SchlĂŒsselgenerierung verwendet. Diese sind leicht zu konstruieren und erlauben eine sehr effiziente Faktorisierung. Wir betrachten einen Angriff, der zeigt, dass kanonische Signaturen nicht benutzt werden können um eine sichere Umsetzung von MST3 mit Suzuki-2-Gruppen zu realisieren. Motiviert durch die Attacke auf die erste Realisierung konnten wir eine neue Variante mit signifikanten Verbesserungen vorstellen, welche die Sicherheit des Systems deutlich stĂ€rken. Zu diesem Zweck verwendeten wir fĂŒr das Setup des Systems eine Funktion zur Maskierung des privaten SchlĂŒssels. Ferner fĂŒhrten wir eine Klasse von fusionierten transversalen logarithmischen Signaturen fĂŒr die Realisierung des Verfahrens ein. Diese erlauben eine effiziente Faktorisierung mit Hilfe einer âTrapdoorâ Information. Wir stellen eine genaue Studie der Sicherheit des Systems vor, in dem wir heuristische und algebraische Methoden verwenden. ZunĂ€chst bestimmen wir die untere Schranke der KomplexitĂ€t bezĂŒglich der GruppengröĂe von möglich vorstellbaren direkten Attacken, um den privaten SchlĂŒssel zu erhalten. Diese Schranken geben einen Hinweis auf die StĂ€rke des Systems. Weiterhin entwickeln wir eine mĂ€chtige Methode fĂŒr eine Chosen-Plaintext-Attacke, und zeigen, dass nicht-fusionierte transversale logarithmische Signaturen nicht verwendet werden können. Zudem zeigen wir, dass die vorgeschlagene Klassen von fusionierten transversalen Signaturen dieser Attacke widerstehen, und nach unserem Wissen, sie damit eine sichere Realisierung des Systems ermöglichen. Wir beschreiben und diskutieren die Implementierung des Systems im Detail und ziehen dabei Daten ĂŒber die Effizienz, die wir als Resultate von einem Experiment erhielten, mit ein.
Abgesehen von dem zentralen Forschungsobjekt werden wir noch einen neuen Ansatz fĂŒr die Konstruktion pseudo-zufĂ€lliger Zahlengeneratoren (PRNG) vorstellen, welcher auf zufĂ€lligen Ăberdeckungen von endlichen Gruppen basiert. PRNGs basierend auf zufĂ€lligen Ăberdeckungen, auch MSTg genannt, zeigten sich bisher zu einer bestimmten Klasse von Gruppen als höchst effizient und produzierten qualitativ hochwertige zufĂ€llige Bit-Sequenzen. Eine sehr komplexe Folge von aufwendigen ZufĂ€lligkeits-Tests zeigte durch Nutzung der NIST Statistical Test Suite und Diehard Battery of Test die starken Eigenschaften der neuen Methodik. Noch wichtiger ist allerdings, dass wir Beweise erbringen können, dass diese Klasse von Generatoren adĂ€quat fĂŒr kryptographische Anwendungen sind. SchlieĂlich fĂŒgen wir noch Daten ĂŒber die Effizienz der Generatoren an und schlagen eine Methode zur praktischen Anwendung vor.
[1] W. Diffie and M. E. Hellman, New Directions in Cryptography, IEEE Trans. on Inform. Theory, IT-22(6) (1976), 644â654.
[2] S. S. Magliveras, B. A. Oberg and A. J. Surkan, A New Random Number Generator from Permutation Groups, In Rend. del Sem. Matemat. e Fis. di Milano, LIV (1984), 203â223.
[3] S. S. Magliveras, A cryptosystem from logarithmic signatures of finite groups, in Proceedings of the 29âth Midwest Symposium on Circuits and Systems, Elsevier Publ. Co. (1986), 972â975.
[4] S. S. Magliveras and N.D. Memon, Properties of Cryptosystem PGM, Advances in Cryptology, Lecture Notes in Comp. Sc., Springer-Verlag, 435 (1989), 447â460.
[5] S. S. Magliveras and N.D. Memon, Random Permutations from Logarithmic Signatures, Computing in the 90âs, First Great Lakes Comp. Sc. Conf., Lecture Notes in Computer Science, Springer-Verlag, 507 (1989), 91â97.
[6] S. S. Magliveras, Tran van Trung and D.R. Stinson, New approaches to designing public key cryptosystems using one-way functions and trap-doors in finite groups, J. of Cryptology, 15 (2002), 285â297.
[7] W. Lempken, S. S. Magliveras, Tran van Trung and W. Wei, A public key cryptosystem based on non-abelian finite groups, J. of Cryptology, 22 (2009), 62â74
Correlated Pseudorandomness from the Hardness of Quasi-Abelian Decoding
Secure computation often benefits from the use of correlated randomness to
achieve fast, non-cryptographic online protocols. A recent paradigm put forth
by Boyle (CCS 2018, Crypto 2019) showed how pseudorandom
correlation generators (PCG) can be used to generate large amounts of useful
forms of correlated (pseudo)randomness, using minimal interactions followed
solely by local computations, yielding silent secure two-party computation
protocols (protocols where the preprocessing phase requires almost no
communication). An additional property called programmability allows to extend
this to build N-party protocols. However, known constructions for programmable
PCG's can only produce OLE's over large fields, and use rather new splittable
Ring-LPN assumption.
In this work, we overcome both limitations. To this end, we introduce the
quasi-abelian syndrome decoding problem (QA-SD), a family of assumptions which
generalises the well-established quasi-cyclic syndrome decoding assumption.
Building upon QA-SD, we construct new programmable PCG's for OLE's over any
field with . Our analysis also sheds light on the security
of the ring-LPN assumption used in Boyle (Crypto 2020). Using
our new PCG's, we obtain the first efficient N-party silent secure computation
protocols for computing general arithmetic circuit over for any
.Comment: This is a long version of a paper accepted at CRYPTO'2
- âŠ