36,821 research outputs found
Still Wrong Use of Pairings in Cryptography
Several pairing-based cryptographic protocols are recently proposed with a
wide variety of new novel applications including the ones in emerging
technologies like cloud computing, internet of things (IoT), e-health systems
and wearable technologies. There have been however a wide range of incorrect
use of these primitives. The paper of Galbraith, Paterson, and Smart (2006)
pointed out most of the issues related to the incorrect use of pairing-based
cryptography. However, we noticed that some recently proposed applications
still do not use these primitives correctly. This leads to unrealizable,
insecure or too inefficient designs of pairing-based protocols. We observed
that one reason is not being aware of the recent advancements on solving the
discrete logarithm problems in some groups. The main purpose of this article is
to give an understandable, informative, and the most up-to-date criteria for
the correct use of pairing-based cryptography. We thereby deliberately avoid
most of the technical details and rather give special emphasis on the
importance of the correct use of bilinear maps by realizing secure
cryptographic protocols. We list a collection of some recent papers having
wrong security assumptions or realizability/efficiency issues. Finally, we give
a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page
A fundamental threat to quantum cryptography: gravitational attacks
An attack on the ``Bennett-Brassard 84''(BB84) quantum key-exchange protocol
in which Eve exploits the action of gravitation to infer information about the
quantum-mechanical state of the qubit exchanged between Alice and Bob, is
described. It is demonstrated that the known laws of physics do not allow to
describe the attack. Without making assumptions that are not based on broad
consensus, the laws of quantum gravity, unknown up to now, would be needed even
for an approximate treatment. Therefore, it is currently not possible to
predict with any confidence if information gained in this attack will allow to
break BB84. Contrary to previous belief, a proof of the perfect security of
BB84 cannot be based on the assumption that the known laws of physics are
strictly correct, yet.Comment: Eur. Phys. J. D (2006), in prin
The Case for Quantum Key Distribution
Quantum key distribution (QKD) promises secure key agreement by using quantum
mechanical systems. We argue that QKD will be an important part of future
cryptographic infrastructures. It can provide long-term confidentiality for
encrypted information without reliance on computational assumptions. Although
QKD still requires authentication to prevent man-in-the-middle attacks, it can
make use of either information-theoretically secure symmetric key
authentication or computationally secure public key authentication: even when
using public key authentication, we argue that QKD still offers stronger
security than classical key agreement.Comment: 12 pages, 1 figure; to appear in proceedings of QuantumComm 2009
Workshop on Quantum and Classical Information Security; version 2 minor
content revision
Dense-Coding Attack on Three-Party Quantum Key Distribution Protocols
Cryptanalysis is an important branch in the study of cryptography, including
both the classical cryptography and the quantum one. In this paper we analyze
the security of two three-party quantum key distribution protocols (QKDPs)
proposed recently, and point out that they are susceptible to a simple and
effective attack, i.e. the dense-coding attack. It is shown that the
eavesdropper Eve can totally obtain the session key by sending entangled qubits
as the fake signal to Alice and performing collective measurements after
Alice's encoding. The attack process is just like a dense-coding communication
between Eve and Alice, where a special measurement basis is employed.
Furthermore, this attack does not introduce any errors to the transmitted
information and consequently will not be discovered by Alice and Bob. The
attack strategy is described in detail and a proof for its correctness is
given. At last, the root of this insecurity and a possible way to improve these
protocols are discussed.Comment: 6 pages, 3 figure
- …