1,552 research outputs found
Lattice-Based Group Signatures: Achieving Full Dynamicity (and Deniability) with Ease
In this work, we provide the first lattice-based group signature that offers
full dynamicity (i.e., users have the flexibility in joining and leaving the
group), and thus, resolve a prominent open problem posed by previous works.
Moreover, we achieve this non-trivial feat in a relatively simple manner.
Starting with Libert et al.'s fully static construction (Eurocrypt 2016) -
which is arguably the most efficient lattice-based group signature to date, we
introduce simple-but-insightful tweaks that allow to upgrade it directly into
the fully dynamic setting. More startlingly, our scheme even produces slightly
shorter signatures than the former, thanks to an adaptation of a technique
proposed by Ling et al. (PKC 2013), allowing to prove inequalities in
zero-knowledge. Our design approach consists of upgrading Libert et al.'s
static construction (EUROCRYPT 2016) - which is arguably the most efficient
lattice-based group signature to date - into the fully dynamic setting.
Somewhat surprisingly, our scheme produces slightly shorter signatures than the
former, thanks to a new technique for proving inequality in zero-knowledge
without relying on any inequality check. The scheme satisfies the strong
security requirements of Bootle et al.'s model (ACNS 2016), under the Short
Integer Solution (SIS) and the Learning With Errors (LWE) assumptions.
Furthermore, we demonstrate how to equip the obtained group signature scheme
with the deniability functionality in a simple way. This attractive
functionality, put forward by Ishida et al. (CANS 2016), enables the tracing
authority to provide an evidence that a given user is not the owner of a
signature in question. In the process, we design a zero-knowledge protocol for
proving that a given LWE ciphertext does not decrypt to a particular message
Insider-proof encryption with applications for quantum key distribution
It has been pointed out that current protocols for device independent quantum
key distribution can leak key to the adversary when devices are used repeatedly
and that this issue has not been addressed. We introduce the notion of an
insider-proof channel. This allows us to propose a means by which devices with
memories could be reused from one run of a device independent quantum key
distribution protocol to the next while bounding the leakage to Eve, under the
assumption that one run of the protocol could be completed securely using
devices with memories.Comment: 20 pages, version 2: new presentation introducing the insider-proof
channel as a cryptographic elemen
Using Games to Understand and Create Randomness
Massive growth of data and communication encryption has created growing need for non-predictable, random data, needed for encryption keys creation. Need for randomness grows (nearly) linearly with growth of encryption, but randomness is very important ingredient also e.g. in quickly growing industry of game programming. Computers are deterministic devices and cannot create random results, computer procedures can generate only pseudo-random (looking random) data. For true randomness is needed some outside information - time and placement of user's keystrokes, fluctuations of current, interrupt requests in computer processor etc. But even those sources can often not comply with requests from our increasingly randomness-hunger environment of ciphered communications and data. Growing need for randomness has created a market of randomness sources; new sources are proposed constantly. These sources differ in their properties (ease of access, size of required software etc.) and in ease of estimating their quality. However, there is an easily available good source for comparing quality of randomness and also creating new randomness - computer games. The growing affectionateness of users to play digital games makes this activity very attractive for comparing quality of randomness sources and using as a source of new randomness. In the following are analyzed possibilities for investigating and extracting randomness from digital gameplay and demonstrated some experiments with simple stateless games which allow to compare existing sources of (pseudo) randomness and generate new randomness, which can be used e.g. to create cyphering keys in mobile and Internet of Things devices.publishedVersionPeer reviewe
When Can Limited Randomness Be Used in Repeated Games?
The central result of classical game theory states that every finite normal
form game has a Nash equilibrium, provided that players are allowed to use
randomized (mixed) strategies. However, in practice, humans are known to be bad
at generating random-like sequences, and true random bits may be unavailable.
Even if the players have access to enough random bits for a single instance of
the game their randomness might be insufficient if the game is played many
times.
In this work, we ask whether randomness is necessary for equilibria to exist
in finitely repeated games. We show that for a large class of games containing
arbitrary two-player zero-sum games, approximate Nash equilibria of the
-stage repeated version of the game exist if and only if both players have
random bits. In contrast, we show that there exists a class of
games for which no equilibrium exists in pure strategies, yet the -stage
repeated version of the game has an exact Nash equilibrium in which each player
uses only a constant number of random bits.
When the players are assumed to be computationally bounded, if cryptographic
pseudorandom generators (or, equivalently, one-way functions) exist, then the
players can base their strategies on "random-like" sequences derived from only
a small number of truly random bits. We show that, in contrast, in repeated
two-player zero-sum games, if pseudorandom generators \emph{do not} exist, then
random bits remain necessary for equilibria to exist
The Quantum Frontier
The success of the abstract model of computation, in terms of bits, logical
operations, programming language constructs, and the like, makes it easy to
forget that computation is a physical process. Our cherished notions of
computation and information are grounded in classical mechanics, but the
physics underlying our world is quantum. In the early 80s researchers began to
ask how computation would change if we adopted a quantum mechanical, instead of
a classical mechanical, view of computation. Slowly, a new picture of
computation arose, one that gave rise to a variety of faster algorithms, novel
cryptographic mechanisms, and alternative methods of communication. Small
quantum information processing devices have been built, and efforts are
underway to build larger ones. Even apart from the existence of these devices,
the quantum view on information processing has provided significant insight
into the nature of computation and information, and a deeper understanding of
the physics of our universe and its connections with computation.
We start by describing aspects of quantum mechanics that are at the heart of
a quantum view of information processing. We give our own idiosyncratic view of
a number of these topics in the hopes of correcting common misconceptions and
highlighting aspects that are often overlooked. A number of the phenomena
described were initially viewed as oddities of quantum mechanics. It was
quantum information processing, first quantum cryptography and then, more
dramatically, quantum computing, that turned the tables and showed that these
oddities could be put to practical effect. It is these application we describe
next. We conclude with a section describing some of the many questions left for
future work, especially the mysteries surrounding where the power of quantum
information ultimately comes from.Comment: Invited book chapter for Computation for Humanity - Information
Technology to Advance Society to be published by CRC Press. Concepts
clarified and style made more uniform in version 2. Many thanks to the
referees for their suggestions for improvement
Device-independent uncloneable encryption
Uncloneable encryption, first introduced by Broadbent and Lord (TQC 2020) is
a quantum encryption scheme in which a quantum ciphertext cannot be distributed
between two non-communicating parties such that, given access to the decryption
key, both parties cannot learn the underlying plaintext. In this work, we
introduce a variant of uncloneable encryption in which several possible
decryption keys can decrypt a particular encryption, and the security
requirement is that two parties who receive independently generated decryption
keys cannot both learn the underlying ciphertext. We show that this variant of
uncloneable encryption can be achieved device-independently, i.e., without
trusting the quantum states and measurements used in the scheme, and that this
variant works just as well as the original definition in constructing quantum
money. Moreover, we show that a simple modification of our scheme yields a
single-decryptor encryption scheme, which was a related notion introduced by
Georgiou and Zhandry. In particular, the resulting single-decryptor encryption
scheme achieves device-independent security with respect to a standard
definition of security against random plaintexts. Finally, we derive an
"extractor" result for a two-adversary scenario, which in particular yields a
single-decryptor encryption scheme for single bit-messages that achieves
perfect anti-piracy security without needing the quantum random oracle model.Comment: Issue found in application of the extractor technique to uncloneable
encryption; corresponding claims have been removed. Added generalization of
our results to single-decryptor encryption, in which the extractor technique
can indeed be applie
- …