Safer parameters for the Chor–Rivest cryptosystem

AbstractVaudenay’s cryptanalysis against Chor–Rivest cryptosystem is applicable when the parameters, p and h, originally proposed by the authors are used. Nevertheless, if p and h are both prime integers, then Vaudenay’s attack is not applicable. In this work, a choice of these parameters resistant to the existing cryptanalytic attacks, is presented. The parameters are determined in a suitable range guaranteeing its security and the computational feasibility of implementation. Regrettably, the obtained parameters are scarce in practice

Towards a Theory of Symmetric Encryption

Motivée par le commerce et l'industrie, la recherche publique dans le domaine du chiffrement symétrique s'est considérablement développée depuis vingt cinq ans si bien qu'il est maintenant possible d'en faire le bilan. La recherche a tout d'abord progressé de manière empirique. De nombreux algorithmes de chiffrement fondés sur la notion de réseau de substitutions et de permutations ont été proposés, suivis d'attaques dédiées contre eux. Cela a permis de définir des stratégies générales: les méthodes d'attaques différentielles, linéaires et statistiques, et les méthodes génériques fondées sur la notion de boîte noire. En modélisant ces attaques on a trouvé en retour des règles utiles dans la conception d'algorithmes sûrs: la notion combinatoire de multipermutation pour les fonctions élémentaires, le contrôle de la diffusion par des critères géométriques de réseau de calcul, l'étude algébrique de la non-linéarité, ... Enfin, on montre que la sécurité face à un grand nombre de classes d'attaques classiques est assurée grâce à la notion de décorrélation par une preuve formelle. Ces principes sont à l'origine de deux algorithmes particuliers: la fonction CS-Cipher qui permet un chiffrement à haut débit et une sécurité heuristique, et le candidat DFC au processus de standardisation AES, prototype d'algorithme fondé sur la notion de décorrélation

Preimage Selective Trapdoor Function: How to Repair an Easy Problem

Public key cryptosystems are constructed by embedding a trapdoor into a one-way function. So, the one-wayness and the trapdoorness are vital to public key cryptography. In this paper, we propose a novel public key cryptographic primitive called preimage selective trapdoor function. This scenario allows to use exponentially many preimage to hide a plaintext even if the underlying function is not one-way. The compact knapsack problem is used to construct a probabilistic public key cryptosystem, the underlying encryption function of which is proven to be preimage selective trapdoor one-way functions under some linearization attack models. The constructive method can guarantee the noninjectivity of the underlying encryption function and the unique decipherability for ciphertexts simultaneously. It is heuristically argued that the security of the proposal cannot be compromised by a polynomial-time adversary even if the compact knapsack is easy to solve. We failed to provide any provable security results about the proposal; however, heuristic illustrations show that the proposal is secure against some known attacks including brute force attacks, linearization attacks, and key-recovery attacks. The proposal turns out to have acceptable key sizes and performs efficiently and hence is practical

Cryptographic error correction

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2006.Includes bibliographical references (leaves 67-71).It has been said that "cryptography is about concealing information, and coding theory is about revealing it." Despite these apparently conflicting goals, the two fields have common origins and many interesting relationships. In this thesis, we establish new connections between cryptography and coding theory in two ways: first, by applying cryptographic tools to solve classical problems from the theory of error correction; and second, by studying special kinds of codes that are motivated by cryptographic applications. In the first part of this thesis, we consider a model of error correction in which the source of errors is adversarial, but limited to feasible computation. In this model, we construct appealingly simple, general, and efficient cryptographic coding schemes which can recover from much larger error rates than schemes for classical models of adversarial noise. In the second part, we study collusion-secure fingerprinting codes, which are of fundamental importance in cryptographic applications like data watermarking and traitor tracing. We demonstrate tight lower bounds on the lengths of such codes by devising and analyzing a general collusive attack that works for any code.by Christopher Jason Peikert.Ph.D

Yksityisyyden turvaavia protokollia verkkoliikenteen suojaamiseen

Digital technologies have become an essential part of our lives. In many parts of the world, activities such as socializing, providing health care, leisure and education are entirely or partially relying on the internet. Moreover, the COVID-19 world pandemic has also contributed significantly to our dependency on the on-line world. While the advancement of the internet brings many advantages, there are also disadvantages such as potential loss of privacy and security. While the users enjoy surfing on the web, service providers may collect a variety of information about their users, such as the users’ location, gender, and religion. Moreover, the attackers may try to violate the users’ security, for example, by infecting the users’ devices with malware. In this PhD dissertation, to provide means to protect networking we propose several privacy-preserving protocols. Our protocols empower internet users to get a variety of services, while at the same time ensuring users’ privacy and security in the digital world. In other words, we design our protocols such that the users only share the amount of information with the service providers that is absolutely necessary to gain the service. Moreover, our protocols only add minimal additional time and communication costs, while leveraging cryptographic schemes to ensure users’ privacy and security. The dissertation contains two main themes of protocols: privacy-preserving set operations and privacy-preserving graph queries. These protocols can be applied to a variety of application areas. We delve deeper into three application areas: privacy-preserving technologies for malware protection, protection of remote access, and protecting minors.Digitaaliteknologiasta on tullut oleellinen osa ihmisten elämää. Monissa osissa maailmaa sellaiset toiminnot kuten terveydenhuolto, vapaa-ajan vietto ja opetus ovat osittain tai kokonaan riippuvaisia internetistä. Lisäksi COVID-19 -pandemia on lisännyt ihmisten riippuvuutta tietoverkoista. Vaikkakin internetin kehittyminen on tuonut paljon hyvää, se on tuonut mukanaan myös haasteita yksityisyydelle ja tietoturvalle. Käyttäjien selatessa verkkoa palveluntarjoajat voivat kerätä käyttäjästä monenlaista tietoa, kuten esimerkiksi käyttäjän sijainnin, sukupuolen ja uskonnon. Lisäksi hyökkääjät voivat yrittää murtaa käyttäjän tietoturvan esimerkiksi asentamalla hänen koneelleen haittaohjelmia. Tässä väitöskirjassa esitellään useita turvallisuutta suojaavia protokollia tietoverkossa tapahtuvan toiminnan turvaamiseen. Nämä protokollat mahdollistavat internetin käytön monilla tavoilla samalla kun ne turvaavat käyttäjän yksityisyyden ja tietoturvan digitaalisessa maailmassa. Toisin sanoen nämä protokollat on suunniteltu siten, että käyttäjät jakavat palveluntarjoajille vain sen tiedon, joka on ehdottoman välttämätöntä palvelun tuottamiseksi. Protokollat käyttävät kryptografisia menetelmiä käyttäjän yksityisyyden sekä tietoturvan varmistamiseksi, ja ne hidastavat kommunikaatiota mahdollisimman vähän. Tämän väitöskirjan sisältämät protokollat voidaan jakaa kahteen eri teemaan: protokollat yksityisyyden suojaaville joukko-operaatioille ja protokollat yksityisyyden suojaaville graafihauille. Näitä protokollia voidaan soveltaa useilla aloilla. Näistä aloista väitöskirjassa käsitellään tarkemmin haittaohjelmilta suojautumista, etäyhteyksien suojaamista ja alaikäisten suojelemista

Non-malleable secret sharing against joint tampering attacks

Since thousands of years ago, the goal of cryptography has been to hide messages from prying eyes. In recent times, cryptography two important changes: first, cryptography itself evolved from just being about encryption to a broader class of situations coming from the digital era; second, the way of studying cryptography evolved from creating ``seemingly hard'' cryptographic schemes to constructing schemes which are provably secure. However, once the mathematical abstraction of cryptographic primitives started to be too hard to break, attackers found another way to defeat security. Side channel attacks have been proved to be very effective in this task, breaking the security of otherwise provably secure schemes. Because of this, recent trends in cryptography aim to capture this situation and construct schemes that are secure even against such powerful attacks. In this setting, this thesis specializes in the study of secret sharing, an important cryptographic primitive that allows to balance privacy and integrity of data and also has applications to multi-party protocols. Namely, continuing the trend which aims to protect against side channel attacks, this thesis brings some contributions to the state of the art of the so-called leakage-resilient and non-malleable secret sharing schemes, which have stronger guarantees against attackers that are able to learn information from possibly all the shares and even tamper with the shares and see the effects of the tampering. The main contributions of this thesis are twofold. First, we construct secret sharing schemes that are secure against a very powerful class of attacks which, informally, allows the attacker to jointly leak some information and tamper with the shares in a continuous fashion. Second, we study the capacity of continuously non-malleable secret sharing schemes, that is, the maximum achievable information rate. Roughly speaking, we find some lower bounds to the size that the shares must have in order to achieve some forms of non-malleability

Usability of structured lattices for a post-quantum cryptography: practical computations, and a study of some real Kummer extensions

Lattice-based cryptography is an excellent candidate for post-quantum cryptography, i.e. cryptosystems which are resistant to attacks run on quantum computers. For efficiency reason, most of the constructions explored nowadays are based on structured lattices, such as module lattices or ideal lattices. The security of most constructions can be related to the hardness of retrieving a short element in such lattices, and one does not know yet to what extent these additional structures weaken the cryptosystems. A related problem – which is an extension of a classical problem in computational number theory – called the Short Principal Ideal Problem (or SPIP), consists of finding a short generator of a principal ideal. Its assumed hardness has been used to build some cryptographic schemes. However it has been shown to be solvable in quantum polynomial time over cyclotomic fields, through an attack which uses the Log-unit lattice of the field considered. Later, practical results showed that multiquadratic fields were also weak to this strategy. The main general question that we study in this thesis is To what extent can structured lattices be used to build a post-quantum cryptography

Group Key Agreement for Ad Hoc Networks

Over the last 30 years the study of group key agreement has stimulated much work. And as a result of the increased popularity of ad hoc networks, some approaches for the group key establishment in such networks are proposed. However, they are either only for static group or the memory, computation and communication costs are unacceptable for ad-hoc networks. In this thesis some protocol suites from the literature (2^d-cube, 2^d-octopus, Asokan-Ginzboorg, CLIQUES, STR and TGDH) shall be discussed. We have optimized STR and TGDH by reducing the memory, communication and computation costs. The optimized version are denoted by µSTR and µTGDH respectively. Based on the protocol suites µSTR and µTGDH we present a Tree-based group key agreement Framework for Ad-hoc Networks (TFAN). TFAN is especially suitable for ad-hoc networks with limited bandwidth and devices with limited memory and computation capability. To simulate the protocols, we have implemented TFAN, µSTR and µTGDH with J2ME CDC. The TFAN API will be described in this thesis