151,035 research outputs found
Entropy Loss is Maximal for Uniform Inputs
A secure sketch (defined by Dodis et al.) is an algorithm that on an input w produces an output s such that w can be reconstructed given its noisy version w' and s. Security is defined in terms of two parameters m and m˜ : if w comes from a distribution of entropy m, then a secure sketch guarantees that the distribution of w conditioned on s has entropy m˜ , where λ = m−m˜ is called the entropy loss. In this note we show that the entropy loss of any secure sketch (or, more generally, any randomized algorithm) on any distribution is no more than it is on the uniform distribution.National Science Foundation (CCR-0311485, CCF-0515100, CNS-0546614, CNS-0202067
A proposal for founding mistrustful quantum cryptography on coin tossing
A significant branch of classical cryptography deals with the problems which
arise when mistrustful parties need to generate, process or exchange
information. As Kilian showed a while ago, mistrustful classical cryptography
can be founded on a single protocol, oblivious transfer, from which general
secure multi-party computations can be built.
The scope of mistrustful quantum cryptography is limited by no-go theorems,
which rule out, inter alia, unconditionally secure quantum protocols for
oblivious transfer or general secure two-party computations. These theorems
apply even to protocols which take relativistic signalling constraints into
account. The best that can be hoped for, in general, are quantum protocols
computationally secure against quantum attack. I describe here a method for
building a classically certified bit commitment, and hence every other
mistrustful cryptographic task, from a secure coin tossing protocol. No
security proof is attempted, but I sketch reasons why these protocols might
resist quantum computational attack.Comment: Title altered in deference to Physical Review's fear of question
marks. Published version; references update
Binary Biometric Representation through Pairwise Adaptive Phase Quantization
Extracting binary strings from real-valued biometric templates is a fundamental step in template compression and protection systems, such as fuzzy commitment, fuzzy extractor, secure sketch, and helper data systems. Quantization and coding is the straightforward way to extract binary representations from arbitrary real-valued biometric modalities. In this paper, we propose a pairwise adaptive phase quantization (APQ) method, together with a long-short (LS) pairing strategy, which aims to maximize the overall detection rate. Experimental results on the FVC2000 fingerprint and the FRGC face database show reasonably good verification performances.\ud
\u
Foundations for Designing Secure Architectures
AbstractDeveloping security-critical systems is difficult and there are many well-known examples of security weaknesses exploited in practice. In particular, so far little research has been performed on the soundly based design of secure architectures, which would be urgently needed to develop secure systems reliably and efficiently. In this abstract, we sketch some research on a sound methodology supporting secure architecture design. We give an overview over an extension of UML, called UMLsec, that allows expressing security-relevant information within the diagrams in an architectural design specification. We define foundations for secure architectural design patterns. We present tool-support which has been developed for the UMLsec secure architecture approach
Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data
We provide formal definitions and efficient secure techniques for
- turning noisy information into keys usable for any cryptographic
application, and, in particular,
- reliably and securely authenticating biometric data.
Our techniques apply not just to biometric information, but to any keying
material that, unlike traditional cryptographic keys, is (1) not reproducible
precisely and (2) not distributed uniformly. We propose two primitives: a
"fuzzy extractor" reliably extracts nearly uniform randomness R from its input;
the extraction is error-tolerant in the sense that R will be the same even if
the input changes, as long as it remains reasonably close to the original.
Thus, R can be used as a key in a cryptographic application. A "secure sketch"
produces public information about its input w that does not reveal w, and yet
allows exact recovery of w given another value that is close to w. Thus, it can
be used to reliably reproduce error-prone biometric inputs without incurring
the security risk inherent in storing them.
We define the primitives to be both formally secure and versatile,
generalizing much prior work. In addition, we provide nearly optimal
constructions of both primitives for various measures of ``closeness'' of input
data, such as Hamming distance, edit distance, and set difference.Comment: 47 pp., 3 figures. Prelim. version in Eurocrypt 2004, Springer LNCS
3027, pp. 523-540. Differences from version 3: minor edits for grammar,
clarity, and typo
- …