Certificate Transparency with Enhancements and Short Proofs

Browsers can detect malicious websites that are provisioned with forged or fake TLS/SSL certificates. However, they are not so good at detecting malicious websites if they are provisioned with mistakenly issued certificates or certificates that have been issued by a compromised certificate authority. Google proposed certificate transparency which is an open framework to monitor and audit certificates in real time. Thereafter, a few other certificate transparency schemes have been proposed which can even handle revocation. All currently known constructions use Merkle hash trees and have proof size logarithmic in the number of certificates/domain owners. We present a new certificate transparency scheme with short (constant size) proofs. Our construction makes use of dynamic bilinear-map accumulators. The scheme has many desirable properties like efficient revocation, low verification cost and update costs comparable to the existing schemes. We provide proofs of security and evaluate the performance of our scheme.Comment: A preliminary version of the paper was published in ACISP 201

Combatting electoral traces: the Dutch tempest discussion and beyond

In the Dutch e-voting debate, the crucial issue leading to the abandonment of all electronic voting machines was compromising radiation, or tempest. Other countries, however, do not seem to be bothered by this risk. In this paper, we use actor-network theory to analyse the socio-technical origins of the Dutch tempest issue in e-voting, and its consequences for e-voting beyond the Netherlands. We introduce the term electoral traces to denote any physical, digital or social evidence of a voter's choices in an election. From this perspective, we provide guidelines for risk analysis as well as an overview of countermeasures

Key Compression and Its Application to Digital Fingerprinting‟,

Abstract. Digital fingerprinting technologies are becoming an increasingly important tool to protect valuable content and other intellectual property. This paper describes an efficient method whereby any watermarking technology can be utilized to construct digital fingerprints that can distinguish individual instantiations of protected data without requiring replication of the data. This technology enables large amounts of data to be selectively distributed to large numbers of people over a limited medium such as a broadcast channel or CD-ROM. An application of this technology -protection of motion pictures for in-flight entertainment systems -will be specifically discussed. Note: This is a reprint of an article that was originally submitted for publication in April 2001

Secret Sharing Based on a Hard-on-Average Problem

The main goal of this work is to propose the design of secret sharing schemes based on hard-on-average problems. It includes the description of a new multiparty protocol whose main application is key management in networks. Its unconditionally perfect security relies on a discrete mathematics problem classiffied as DistNP-Complete under the average-case analysis, the so-called Distributional Matrix Representability Problem. Thanks to the use of the search version of the mentioned decision problem, the security of the proposed scheme is guaranteed. Although several secret sharing schemes connected with combinatorial structures may be found in the bibliography, the main contribution of this work is the proposal of a new secret sharing scheme based on a hard-on-average problem, which allows to enlarge the set of tools for designing more secure cryptographic applications

Quantum secret sharing with qudit graph states

We present a unified formalism for threshold quantum secret sharing using graph states of systems with prime dimension. We construct protocols for three varieties of secret sharing: with classical and quantum secrets shared between parties over both classical and quantum channels.Comment: 13 pages, 12 figures. v2: Corrected to reflect imperfections of (n,n) QQ protocol. Also changed notation from $(n,m)$ to $(k,n)$, corrected typos, updated references, shortened introduction. v3: Updated acknowledgement

Quantum protocols for anonymous voting and surveying

We describe quantum protocols for voting and surveying. A key feature of our schemes is the use of entangled states to ensure that the votes are anonymous and to allow the votes to be tallied. The entanglement is distributed over separated sites; the physical inaccessibility of any one site is sufficient to guarantee the anonymity of the votes. The security of these protocols with respect to various kinds of attack is discussed. We also discuss classical schemes and show that our quantum voting protocol represents a N-fold reduction in computational complexity, where N is the number of voters.Comment: 8 pages. V2 includes the modifications made for the published versio

Matroids and Quantum Secret Sharing Schemes

A secret sharing scheme is a cryptographic protocol to distribute a secret state in an encoded form among a group of players such that only authorized subsets of the players can reconstruct the secret. Classically, efficient secret sharing schemes have been shown to be induced by matroids. Furthermore, access structures of such schemes can be characterized by an excluded minor relation. No such relations are known for quantum secret sharing schemes. In this paper we take the first steps toward a matroidal characterization of quantum secret sharing schemes. In addition to providing a new perspective on quantum secret sharing schemes, this characterization has important benefits. While previous work has shown how to construct quantum secret sharing schemes for general access structures, these schemes are not claimed to be efficient. In this context the present results prove to be useful; they enable us to construct efficient quantum secret sharing schemes for many general access structures. More precisely, we show that an identically self-dual matroid that is representable over a finite field induces a pure state quantum secret sharing scheme with information rate one

DEMOS-2:scalable E2E verifiable elections without random oracles

Recently, Kiayias, Zacharias and Zhang-proposed a new E2E verifiable e-voting system called 'DEMOS' that for the first time provides E2E verifiability without relying on external sources of randomness or the random oracle model; the main advantage of such system is in the fact that election auditors need only the election transcript and the feedback from the voters to pronounce the election process unequivocally valid. Unfortunately, DEMOS comes with a huge performance and storage penalty for the election authority (EA) compared to other e-voting systems such as Helios. The main reason is that due to the way the EA forms the proof of the tally result, it is required to {\em precompute} a number of ciphertexts for each voter and each possible choice of the voter. This approach clearly does not scale to elections that have a complex ballot and voters have an exponential number of ways to vote in the number of candidates. The performance penalty on the EA appears to be intrinsic to the approach: voters cannot compute an enciphered ballot themselves because there seems to be no way for them to prove that it is a valid ciphertext. In contrast to the above, in this work, we construct a new e-voting system that retains the strong E2E characteristics of DEMOS (but against computational adversaries) while completely eliminating the performance and storage penalty of the EA. We achieve this via a new cryptographic construction that has the EA produce and prove, using voters' coins, the security of a common reference string (CRS) that voters subsequently can use to affix non-interactive zero-knowledge (NIZK) proofs to their ciphertexts. The EA itself uses the CRS to prove via a NIZK the tally correctness at the end. Our construction has similar performance to Helios and is practical. The privacy of our construction relies on the SXDH assumption over bilinear groups via complexity leveraging