Anamorphic Encryption, Revisited

Anamorphic Encryption, recently introduced by Persiano, Phan, and Yung (EUROCRYPT 2022) is a new cryptographic paradigm challenging the conventional notion of an adversary. In particular they consider the receiver-anamorphic setting, where a dictator is able to obtain the receiver\u27s secret key of a well-established public-key encryption (PKE) scheme, and they ask the question whether the sender can still embed covert messages in a way which the dictator is completely oblivious to, if sender and receiver share an anamorphic key. In this work, we identify two definitional limitations of Persiano et al.\u27s original model. First, they require anamorphic keys and key-pairs to be generated together, so a first modification we propose is to decouple the two processes. We allow for the extension of a regular PKE scheme to an anamorphic one to be possible on the fly, even after the public key of the regular scheme is already in use. Second, in their model the receiver cannot distinguish whether or not a ciphertext contains a covert message, so we propose a natural robustness notion which states that when anamorphically decrypting a regularly encrypted message, the receiver explicitly sees that no covert message is contained. This also eliminates certain attacks possible for the original definition. Regarding new constructions, we first propose a generic anamorphic extension that achieves robustness for any PKE scheme, but requires synchronization of sender and receiver. We then define a natural property of a PKE scheme, selective randomness recoverability, which allows for a robust anamorphic extension even for unsynchronized parties. We show that the well-established schemes of ElGamal and Cramer-Shoup satisfy this condition. Finally, we propose a generic transformation of any non-robust anamorphic extension into a robust one, and apply it to a synchronized anamorphic extension for RSA-OAEP

E-commerce and its derived applications: smart card certificate system and recoverable and untraceable electronic cash.

by Liu Kai Sui.Thesis (M.Phil.)--Chinese University of Hong Kong, 2001.Includes bibliographical references (leaves 67-71).Abstracts in English and Chinese.Chapter 1. --- Introduction --- p.1Chapter 1.1 --- Security and E-commerce --- p.3Chapter 1.2 --- E-commerce: More than Commercial Activities --- p.4Chapter 1.3 --- What This Thesis Contains --- p.5Chapter 2. --- Introduction to Cryptographic Theories --- p.7Chapter 2.1 --- Six Cryptographic Primitives --- p.7Chapter 2.1.1 --- Symmetric Encryption --- p.8Chapter 2.1.2 --- Asymmetric Encryption --- p.8Chapter 2.1.3 --- Digital Signature --- p.9Chapter 2.1.4 --- Message Digest --- p.9Chapter 2.1.5 --- Digital Certificate and Certificate Authority --- p.10Chapter 2.1.6 --- Zero-Knowledge Proof --- p.11Chapter 2.2 --- The RSA Public Key Cryptosystem --- p.12Chapter 2.3 --- The ElGamal Public Key Encryption Scheme --- p.13Chapter 2.4 --- Elliptic Curve Cryptosystem --- p.14Chapter 2.4.1 --- The Algorithm of Elliptic Curve Cryptosystem --- p.15Chapter 2.5 --- Different kinds of Digital Signature --- p.16Chapter 2.5.1 --- RSA Digital Signature --- p.16Chapter 2.5.2 --- Elliptic Curve Nyberg-Rueppel Digital Signature --- p.16Chapter 2.6 --- Blind Signature --- p.17Chapter 2.7 --- Cut-and-choose protocol --- p.18Chapter 2.8 --- Diffie-Hellman Key Exchange --- p.19Chapter 3. --- "Introduction to E-commerce, M-commerce and Rich Media M-commerce" --- p.20Chapter 3.1 --- 1st Generation of E-commerce --- p.21Chapter 3.2 --- 2nd Generation of E-commerce ´ؤ M-commerce --- p.21Chapter 3.3 --- 3rd Generation of E-commerce - Rich Media M-commerce --- p.23Chapter 3.4 --- Payment Systems used in E-commerce --- p.23Chapter 3.4.1 --- Electronic Cash --- p.23Chapter 3.4.2 --- Credit Card --- p.24Chapter 3.4.3 --- Combined Payment System --- p.24Chapter 4. --- Introduction to Smart Card --- p.25Chapter 4.1 --- What is Smart Card? --- p.25Chapter 4.2 --- Advantages of Smart Cards --- p.26Chapter 4.2.1 --- Protable Device --- p.26Chapter 4.2.2 --- Multi-applications --- p.26Chapter 4.2.3 --- Computation Power --- p.26Chapter 4.2.4 --- Security Features --- p.27Chapter 4.3 --- What can Smart Cards Do? --- p.27Chapter 4.4 --- Java Card --- p.28Chapter 5. --- A New Smart Card Certificate System --- p.30Chapter 5.1 --- Introduction --- p.31Chapter 5.2 --- Comparison between RSA and ECC --- p.32Chapter 5.3 --- System Architecture --- p.33Chapter 5.3.1 --- System Setup --- p.33Chapter 5.3.2 --- Apply for a certificate --- p.34Chapter 5.3.3 --- Verification of Alice --- p.35Chapter 5.3.4 --- "Other Certificates ´ؤ the ""Hyper-Link"" concept" --- p.36Chapter 5.3.4.1 --- "Generation of the ""hyper-link""" --- p.37Chapter 5.3.4.2 --- "Verification ofAlice using the ""hyper-link""" --- p.37Chapter 5.3.5 --- Multiple Applications --- p.38Chapter 5.4 --- Security Analysis --- p.39Chapter 5.4.1 --- No Crypto-processor is needed --- p.40Chapter 5.4.2 --- PIN Protect --- p.40Chapter 5.4.3 --- Digital Certificate Protect --- p.40Chapter 5.4.4 --- Private Key is never left the smart card --- p.41Chapter 5.5 --- Extensions --- p.41Chapter 5.5.1 --- Biometrics Security --- p.41Chapter 5.5.2 --- E-Voting --- p.41Chapter 5.6 --- Conclusion --- p.42Chapter 6. --- Introduction to Electronic Cash --- p.44Chapter 6.1 --- Introduction --- p.44Chapter 6.2 --- The Basic Requirements --- p.45Chapter 6.3 --- Advantages of Electronic Cash over other kinds of payment systems --- p.46Chapter 6.3.1 --- Privacy --- p.46Chapter 6.3.2 --- Off-line payment --- p.47Chapter 6.3.3 --- Suitable for Small Amount Payment --- p.47Chapter 6.4 --- Basic Model of Electronic Cash --- p.48Chapter 6.5 --- Examples of Electronic Cash --- p.49Chapter 6.5.1 --- eCash --- p.49Chapter 6.5.2 --- Mondex --- p.49Chapter 6.5.3 --- Octopus Card --- p.50Chapter 7. --- A New Recoverable and Untraceable Electronic Cash --- p.51Chapter 7.1 --- Introduction --- p.52Chapter 7.2 --- The Basic Idea --- p.52Chapter 7.3 --- S. Brand's Single Term E-cash Protocol --- p.54Chapter 7.3.1 --- The Setup of the System --- p.54Chapter 7.3.2 --- The Withdrawal Protocol --- p.54Chapter 7.3.3 --- The Payment Protocol --- p.55Chapter 7.3.4 --- The Deposit Protocol --- p.56Chapter 7.4 --- The Proposed Protocol --- p.57Chapter 7.4.1 --- The Withdrawal Protocol --- p.57Chapter 7.4.2 --- The Payment Protocol --- p.58Chapter 7.4.3 --- The Deposit Protocol --- p.58Chapter 7.4.4. --- The Recovery Protocol --- p.59Chapter 7.5 --- Security Analysis --- p.60Chapter 7.5.1 --- Conditional Untraceability --- p.60Chapter 7.5.2 --- Cheating --- p.60Chapter 7.6 --- Extension --- p.60Chapter 7.7 --- Conclusion --- p.62Chapter 8. --- Conclusion --- p.63Appendix: Paper derived from this thesis --- p.66Bibliography --- p.6

A Survey on Modality Characteristics, Performance Evaluation Metrics, and Security for Traditional and Wearable Biometric Systems

Biometric research is directed increasingly towards Wearable Biometric Systems (WBS) for user authentication and identification. However, prior to engaging in WBS research, how their operational dynamics and design considerations differ from those of Traditional Biometric Systems (TBS) must be understood. While the current literature is cognizant of those differences, there is no effective work that summarizes the factors where TBS and WBS differ, namely, their modality characteristics, performance, security and privacy. To bridge the gap, this paper accordingly reviews and compares the key characteristics of modalities, contrasts the metrics used to evaluate system performance, and highlights the divergence in critical vulnerabilities, attacks and defenses for TBS and WBS. It further discusses how these factors affect the design considerations for WBS, the open challenges and future directions of research in these areas. In doing so, the paper provides a big-picture overview of the important avenues of challenges and potential solutions that researchers entering the field should be aware of. Hence, this survey aims to be a starting point for researchers in comprehending the fundamental differences between TBS and WBS before understanding the core challenges associated with WBS and its design

Hierarchical Integrated Signature and Encryption

In this work, we introduce the notion of hierarchical integrated signature and encryption (HISE), wherein a single public key is used for both signature and encryption, and one can derive a secret key used only for decryption from the signing key, which enables secure delegation of decryption capability. HISE enjoys the benefit of key reuse, and admits individual key escrow. We present two generic constructions of HISE. One is from (constrained) identity-based encryption. The other is from uniform one-way function, public-key encryption, and general-purpose public-coin zero-knowledge proof of knowledge. To further attain global key escrow, we take a little detour to revisit global escrow PKE, an object both of independent interest and with many applications. We formalize the syntax and security model of global escrow PKE, and provide two generic constructions. The first embodies a generic approach to compile any PKE into one with global escrow property. The second establishes a connection between three-party non-interactive key exchange and global escrow PKE. Combining the results developed above, we obtain HISE schemes that support both individual and global key escrow. We instantiate our generic constructions of (global escrow) HISE and implement all the resulting concrete schemes for 128-bit security. Our schemes have performance that is comparable to the best Cartesian product combined public-key scheme, and exhibit advantages in terms of richer functionality and public key reuse. As a byproduct, we obtain a new global escrow PKE scheme that is $12-30 \times$ faster than the best prior work, which might be of independent interest

SecurePL: a compiler and toolbox for practical and easy secure multiparty computation

Secure multiparty computation is basically about techniques that allow multiple parties to jointly carry out computations that are based on data from each of the players while the data held by each player remains private to that player. Since the beginning of the notion of secure multiparty computation, many algorithms and methods were introduced on how to achieve this goal. This thesis first introduces different methods to do secure multiparty computation and later focusing on Secret sharing based multiparty computation it explains how efficient and secure multiparty operations can be done. Also while introducing secret sharing based secure multiparty computation we introduce a novel technique which allows to do secure multiparty computation using the Asmuth Bloom secret sharing scheme, which is not possible in the original scheme. The aim of this thesis is the design and implementation of a programming language and libraries for secure multiparty computation, SecurePL. We show that our tool’s ease of use and security allows even a person who has absolutely no knowledge about security or cryptography to write applications that can do secure multiparty computation

Verifiable Encryption from MPC-in-the-Head

Verifiable encryption (VE) is a protocol where one can provide assurance that an encrypted plaintext satisfies certain properties. It is an important buiding block in cryptography with many useful applications, such as key escrow, group signatures, optimistic fair exchange, etc. However, a majority of previous VE schemes are restricted to instantiation with specific public-key encryption schemes or relations. In this work, we propose a novel framework that realizes VE protocols using the MPC-in-the-head zero-knowledge proof systems (Ishai et al. STOC 2007). Our generic compiler can turn a large class of MPC-in-the-head ZK proofs into secure VE protocols for any CPA secure public-key encryption (PKE) schemes with the undeniability property, a notion that essentially guarantees binding of encryption when used as a commitment scheme. Our framework is versatile: because the circuit proven by the MPC-in-the-head prover is decoupled from a complex encryption function, the prover’s work can be focused on proving properties (i.e. relation) about the encrypted data, not the proof of plaintext knowledge. Hence, our approach allows for instantiation with various combinations of properties about encrypted data and encryption functions. As concrete applications we describe new approaches to verifiably encrypting discrete logarithms in any prime order group and AES private keys