2,938 research outputs found
Formal security proofs with minimal fuss: Implicit computational complexity at work
International audienceWe show how implicit computational complexity can be used in order to increase confidence in game-based security proofs in cryptography. For this purpose we extend CSLR, a probabilistic lambda-calculus with a type system that guarantees the existence of a probabilistic polynomial-time bound on computations. This allows us to define cryptographic constructions, feasible adversaries, security notions, computational assumptions, game transformations, and game-based security proofs in a unified framework. We also show that the standard practice of cryptographers, ignoring that polynomial-time Turing machines cannot generate all uniform distributions, is actually sound. We illustrate our calculus on cryptographic constructions for public-key encryption and pseudorandom bit generation
On the Saddle-point Solution and the Large-Coalition Asymptotics of Fingerprinting Games
We study a fingerprinting game in which the number of colluders and the
collusion channel are unknown. The encoder embeds fingerprints into a host
sequence and provides the decoder with the capability to trace back pirated
copies to the colluders.
Fingerprinting capacity has recently been derived as the limit value of a
sequence of maximin games with mutual information as their payoff functions.
However, these games generally do not admit saddle-point solutions and are very
hard to solve numerically. Here under the so-called Boneh-Shaw marking
assumption, we reformulate the capacity as the value of a single two-person
zero-sum game, and show that it is achieved by a saddle-point solution.
If the maximal coalition size is k and the fingerprinting alphabet is binary,
we show that capacity decays quadratically with k. Furthermore, we prove
rigorously that the asymptotic capacity is 1/(k^2 2ln2) and we confirm our
earlier conjecture that Tardos' choice of the arcsine distribution
asymptotically maximizes the mutual information payoff function while the
interleaving attack minimizes it. Along with the asymptotic behavior, numerical
solutions to the game for small k are also presented.Comment: submitted to IEEE Trans. on Information Forensics and Securit
The problem with the SURF scheme
There is a serious problem with one of the assumptions made in the security
proof of the SURF scheme. This problem turns out to be easy in the regime of
parameters needed for the SURF scheme to work.
We give afterwards the old version of the paper for the reader's convenience.Comment: Warning : we found a serious problem in the security proof of the
SURF scheme. We explain this problem here and give the old version of the
paper afterward
- …