Asynchronous distributed private-key generators for identity-based cryptography

An identity-based encryption (IBE) scheme can greatly reduce the complexity of sending encrypted messages over the Internet. However, an IBE scheme necessarily requires a private-key generator (PKG), which can create private keys for clients, and so can passively eavesdrop on all encrypted communications. Although a distributed PKG has been suggested as a way to mitigate this problem for Boneh and Franklin’s IBE scheme, the security of this distributed protocol has not been proven and the proposed solution does not work over the asynchronous Internet. Further, a distributed PKG has not been considered for any other IBE scheme. In this paper, we design distributed PKG setup and private key extraction protocols in an asynchronous communication model for three important IBE schemes; namely, Boneh and Franklin’s IBE, Sakai and Kasahara’s IBE, and Boneh and Boyen’s BB1-IBE. We give special attention to the applicability of our protocols to all possible types of bilinear pairings and prove their IND-ID-CCA security in the random oracle model. Finally, we also perform a comparative analysis of these protocols and present recommendations for their use.

New Tools for Multi-Party Computation

In this work we extend the electronic voting scheme introduced by R. Cramer, R. Gennaro and B. Schoenmakers in [CGS97]. In the original paper the privacy of votes is based on the decisional Diffie-Hellman or respectively the higher residuosity assumption. Since both problems can be solved efficiently in the event of quantum computers, a desirable goal is to implement the voting scheme with privacy based on different assumptions. We present the framework and a concrete instantiation for an efficient solution with privacy based on learning with errors over rings. Additionally we show how to achieve privacy assuming hardness of worst-case lattice problems, which are well analyzed and conjectured to be secure against quantum computers

On the Complexity of the Equivalence Problem for Probabilistic Automata

Checking two probabilistic automata for equivalence has been shown to be a key problem for efficiently establishing various behavioural and anonymity properties of probabilistic systems. In recent experiments a randomised equivalence test based on polynomial identity testing outperformed deterministic algorithms. In this paper we show that polynomial identity testing yields efficient algorithms for various generalisations of the equivalence problem. First, we provide a randomized NC procedure that also outputs a counterexample trace in case of inequivalence. Second, we show how to check for equivalence two probabilistic automata with (cumulative) rewards. Our algorithm runs in deterministic polynomial time, if the number of reward counters is fixed. Finally we show that the equivalence problem for probabilistic visibly pushdown automata is logspace equivalent to the Arithmetic Circuit Identity Testing problem, which is to decide whether a polynomial represented by an arithmetic circuit is identically zero.Comment: technical report for a FoSSaCS'12 pape