1,152 research outputs found
Authentication and Key Management Automation in Decentralized Secure Email and Messaging via Low-Entropy Secrets
We revisit the problem of entity authentication in decentralized end-to-end encrypted email and secure messaging to propose a practical and self-sustaining cryptographic solution based on
password-authenticated key exchange (PAKE). This not only allows users to authenticate each other via shared low-entropy secrets, e.g., memorable words, without a public key infrastructure or a trusted third party, but it also paves the way for automation and a series of cryptographic enhancements; improves security by minimizing the impact of human error and potentially improves usability. First, we study a few vulnerabilities in voice-based out-of-band authentication, in particular a combinatorial attack against lazy users, which we analyze in the context of a secure email solution. Next, we propose solving the problem of secure equality test using PAKE to achieve entity authentication and to establish a shared high-entropy secret key. Our solution lends itself to offline settings, compatible with the inherently asynchronous nature of email and modern messaging systems. The suggested approach enables enhancements in key management such as automated key renewal and future key pair authentications, multi-device synchronization, secure secret storage and retrieval, and the possibility of post-quantum security as well as facilitating forward secrecy and deniability in a primarily symmetric-key setting. We also discuss the use of auditable PAKEs for mitigating a class of online guess and abort attacks in authentication protocols
From Graphs to Keyed Quantum Hash Functions
We present two new constructions of quantum hash functions: the first based
on expander graphs and the second based on extractor functions and estimate the
amount of randomness that is needed to construct them. We also propose a keyed
quantum hash function based on extractor function that can be used in quantum
message authentication codes and assess its security in a limited attacker
model
Secure Data Communication via Lingual Transformation
This paper proposes a new form of data communication that is similar to slang in human language. Using the context of the conversation instead of an encryption key, nodes in a network develop a unique alternative language to disguise the real meaning of the communication between them. Implementation of such a system, and its potential benefits and challenges are discussed
Experimental Quantum Fingerprinting
Quantum communication holds the promise of creating disruptive technologies
that will play an essential role in future communication networks. For example,
the study of quantum communication complexity has shown that quantum
communication allows exponential reductions in the information that must be
transmitted to solve distributed computational tasks. Recently, protocols that
realize this advantage using optical implementations have been proposed. Here
we report a proof of concept experimental demonstration of a quantum
fingerprinting system that is capable of transmitting less information than the
best known classical protocol. Our implementation is based on a modified
version of a commercial quantum key distribution system using off-the-shelf
optical components over telecom wavelengths, and is practical for messages as
large as 100 Mbits, even in the presence of experimental imperfections. Our
results provide a first step in the development of experimental quantum
communication complexity.Comment: 11 pages, 6 Figure
From Low-Distortion Norm Embeddings to Explicit Uncertainty Relations and Efficient Information Locking
The existence of quantum uncertainty relations is the essential reason that
some classically impossible cryptographic primitives become possible when
quantum communication is allowed. One direct operational manifestation of these
uncertainty relations is a purely quantum effect referred to as information
locking. A locking scheme can be viewed as a cryptographic protocol in which a
uniformly random n-bit message is encoded in a quantum system using a classical
key of size much smaller than n. Without the key, no measurement of this
quantum state can extract more than a negligible amount of information about
the message, in which case the message is said to be "locked". Furthermore,
knowing the key, it is possible to recover, that is "unlock", the message. In
this paper, we make the following contributions by exploiting a connection
between uncertainty relations and low-distortion embeddings of L2 into L1. We
introduce the notion of metric uncertainty relations and connect it to
low-distortion embeddings of L2 into L1. A metric uncertainty relation also
implies an entropic uncertainty relation. We prove that random bases satisfy
uncertainty relations with a stronger definition and better parameters than
previously known. Our proof is also considerably simpler than earlier proofs.
We apply this result to show the existence of locking schemes with key size
independent of the message length. We give efficient constructions of metric
uncertainty relations. The bases defining these metric uncertainty relations
are computable by quantum circuits of almost linear size. This leads to the
first explicit construction of a strong information locking scheme. Moreover,
we present a locking scheme that is close to being implementable with current
technology. We apply our metric uncertainty relations to exhibit communication
protocols that perform quantum equality testing.Comment: 60 pages, 5 figures. v4: published versio
On Quantum Fingerprinting and Quantum Cryptographic Hashing
Fingerprinting and cryptographic hashing have quite different usages in computer science, but have similar properties. Interpretation of their properties is determined by the area of their usage: fingerprinting methods are methods for constructing efficient randomized and quantum algorithms for computational problems, whereas hashing methods are one of the central cryptographical primitives. Fingerprinting and hashing methods are being developed from the mid of the previous century, whereas quantum fingerprinting and quantum hashing have a short history. In this chapter, we investigate quantum fingerprinting and quantum hashing. We present computational aspects of quantum fingerprinting and quantum hashing and discuss cryptographical properties of quantum hashing
- …