579 research outputs found
A Framework for Efficient Adaptively Secure Composable Oblivious Transfer in the ROM
Oblivious Transfer (OT) is a fundamental cryptographic protocol that finds a
number of applications, in particular, as an essential building block for
two-party and multi-party computation. We construct a round-optimal (2 rounds)
universally composable (UC) protocol for oblivious transfer secure against
active adaptive adversaries from any OW-CPA secure public-key encryption scheme
with certain properties in the random oracle model (ROM). In terms of
computation, our protocol only requires the generation of a public/secret-key
pair, two encryption operations and one decryption operation, apart from a few
calls to the random oracle. In~terms of communication, our protocol only
requires the transfer of one public-key, two ciphertexts, and three binary
strings of roughly the same size as the message. Next, we show how to
instantiate our construction under the low noise LPN, McEliece, QC-MDPC, LWE,
and CDH assumptions. Our instantiations based on the low noise LPN, McEliece,
and QC-MDPC assumptions are the first UC-secure OT protocols based on coding
assumptions to achieve: 1) adaptive security, 2) optimal round complexity, 3)
low communication and computational complexities. Previous results in this
setting only achieved static security and used costly cut-and-choose
techniques.Our instantiation based on CDH achieves adaptive security at the
small cost of communicating only two more group elements as compared to the
gap-DH based Simplest OT protocol of Chou and Orlandi (Latincrypt 15), which
only achieves static security in the ROM
Weakened Random Oracle Models with Target Prefix
Weakened random oracle models (WROMs) are variants of the random oracle model
(ROM). The WROMs have the random oracle and the additional oracle which breaks
some property of a hash function. Analyzing the security of cryptographic
schemes in WROMs, we can specify the property of a hash function on which the
security of cryptographic schemes depends. Liskov (SAC 2006) proposed WROMs and
later Numayama et al. (PKC 2008) formalized them as CT-ROM, SPT-ROM, and
FPT-ROM. In each model, there is the additional oracle to break collision
resistance, second preimage resistance, preimage resistance respectively. Tan
and Wong (ACISP 2012) proposed the generalized FPT-ROM (GFPT-ROM) which
intended to capture the chosen prefix collision attack suggested by Stevens et
al. (EUROCRYPT 2007). In this paper, in order to analyze the security of
cryptographic schemes more precisely, we formalize GFPT-ROM and propose
additional three WROMs which capture the chosen prefix collision attack and its
variants. In particular, we focus on signature schemes such as RSA-FDH, its
variants, and DSA, in order to understand essential roles of WROMs in their
security proofs
On the joint security of signature and encryption schemes under randomness reuse: efficiency and security amplification
Lecture Notes in Computer Science, 7341We extend the work of Bellare, Boldyreva and Staddon on the systematic analysis of randomness reuse to construct multi-recipient encryption schemes to the case where randomness is reused across different cryptographic primitives. We find that through the additional binding introduced through randomness reuse, one can actually obtain a security amplification with respect to the standard black-box compositions, and achieve a stronger level of security. We introduce stronger notions of security for encryption and signatures, where challenge messages can depend in a restricted way on the random coins used in encryption, and show that two variants of the KEM/DEM paradigm give rise to encryption schemes that meet this enhanced notion of security. We obtain the most efficient signcryption scheme to date that is secure against insider attackers without random oracles.(undefined
Obfuscation for Cryptographic Purposes
An obfuscation of a function F should satisfy two requirements: firstly, using it should be possible to evaluate F; secondly, should not reveal anything about F that cannot be learnt from oracle access to F. Several definitions for obfuscation exist. However, most of them are either too weak for or incompatible with cryptographic applications, or have been shown impossible to achieve, or both.
We give a new definition of obfuscation and argue for its reasonability and usefulness. In particular, we show that it is strong enough for cryptographic applications, yet we show that it has the potential for interesting positive results. We illustrat
Shared and searchable encrypted data for untrusted servers
Current security mechanisms are not suitable for organisations that outsource their data management to untrusted servers. Encrypting and decrypting sensitive data at the client side is the normal approach in this situation but has high communication and computation overheads if only a subset of the data is required, for example, selecting records in a database table based on a keyword search. New cryptographic schemes have been proposed that support encrypted queries over encrypted data. But they all depend on a single set of secret keys, which implies single user access or sharing keys among multiple users, with key revocation requiring costly data re-encryption. In this paper, we propose an encryption scheme where each authorised user in the system has his own keys to encrypt and decrypt data. The scheme supports keyword search which enables the server to return only the encrypted data that satisfies an encrypted query without decrypting it. We provide a concrete construction of the scheme and give formal proofs of its security. We also report on the results of our implementation
Quantum Cryptography Beyond Quantum Key Distribution
Quantum cryptography is the art and science of exploiting quantum mechanical
effects in order to perform cryptographic tasks. While the most well-known
example of this discipline is quantum key distribution (QKD), there exist many
other applications such as quantum money, randomness generation, secure two-
and multi-party computation and delegated quantum computation. Quantum
cryptography also studies the limitations and challenges resulting from quantum
adversaries---including the impossibility of quantum bit commitment, the
difficulty of quantum rewinding and the definition of quantum security models
for classical primitives. In this review article, aimed primarily at
cryptographers unfamiliar with the quantum world, we survey the area of
theoretical quantum cryptography, with an emphasis on the constructions and
limitations beyond the realm of QKD.Comment: 45 pages, over 245 reference
Deniable Ring Signatures
Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2007.Includes bibliographical references (p. 55-57).Ring Signatures were developed by Rivest, Shamir and Tauman, in a paper titled How to Leak a Secret, as a cryptographically secure way to authenticate messages with respect to ad-hoc groups while still maintaining the signer's anonymity. While their initial scheme assumed the existence of random oracles, in 2005 a scheme was developed that does not use random oracles and meets the strongest security definitions known in the literature. We argue that this scheme is not deniable, meaning if someone signs a message with respect to a ring of possible signers, and at a later time the secret keys of all of the possible signers are confiscated (including the author), then the author's anonymity is no longer guaranteed. We propose a modification to the scheme that guarantees anonymity even in this situation, using a scheme that depends on ring signature users generating keys that do not distinguish them from other users who did not intend to participate in ring signature schemes, so that our scheme can truly be called a deniable ring signature scheme.by Eitan Reich.M.Eng
- …