LiDIA : a library for computational number theory

In this paper we describe LiDIA, a new library for computational number theory. Why do we work on a new library for computational number theory when such powerful tools as Pari [1], Kant [11], Simath [10] already exist? In fact, those systems are very useful for solving problems for which there exist efficient system routines. For example, using Pari or Kant it is possible to compute invariants of algebraic number fields and Simath can be used to find the rank of an elliptic curve over Q. However, building complicated and efficient software on top of existing systems has in our experience turned out to be very difficult. Therefore, the software of our research group is developed independently of other computer algebra systems

Succinct Spooky Free Compilers Are Not Black Box Sound

It is tempting to think that if we encrypt a sequence of messages $\{x_i\}$ using a semantically secure encryption scheme, such that each $x_i$ is encrypted with its own independently generated public key $pk_i$, then even if the scheme is malleable (or homomorphic) then malleability is limited to acting on each $x_i$ independently. However, it is known that this is not the case, and in fact even non-local malleability might be possible. This phenomenon is known as spooky interactions. We formally define the notion of spooky free compilers that has been implicit in the delegation of computation literature. A spooky free compiler allows to encode a sequence of queries to a multi-prover interactive proof system (MIP) in a way that allows to apply the MIP prover algorithm on the encoded values on one hand, and prevents spooky interactions on the other. In our definition, the compiler is allowed to be tailored to a specific MIP. We show that (under a plausible complexity assumption) spooky free compilers that are sufficiently succinct to imply delegation schemes for NP with communication $n^{\alpha}$ (for any constant $\alpha<1$) cannot be proven secure via black-box reduction to a falsifiable assumption. On the other hand, we show that it is possible to construct non-succinct spooky free fully homomorphic encryption, the strongest conceivable flavor of spooky free compiler, in a straightforward way from any fully homomorphic encryption scheme. Our impossibility result relies on adapting the techniques of Gentry and Wichs (2011) which rule out succinct adaptively sound delegation protocols. We note that spooky free compilers are only known to imply non-adaptive delegation, so the aforementioned result cannot be applied directly. Interestingly, we are still unable to show that spooky free compilers imply adaptive delegation, nor can we apply our techniques directly to rule out arbitrary non-adaptive NP-delegation

Set It and Forget It! Turnkey ECC for Instant Integration

Historically, Elliptic Curve Cryptography (ECC) is an active field of applied cryptography where recent focus is on high speed, constant time, and formally verified implementations. While there are a handful of outliers where all these concepts join and land in real-world deployments, these are generally on a case-by-case basis: e.g.\ a library may feature such X25519 or P-256 code, but not for all curves. In this work, we propose and implement a methodology that fully automates the implementation, testing, and integration of ECC stacks with the above properties. We demonstrate the flexibility and applicability of our methodology by seamlessly integrating into three real-world projects: OpenSSL, Mozilla's NSS, and the GOST OpenSSL Engine, achieving roughly 9.5x, 4.5x, 13.3x, and 3.7x speedup on any given curve for key generation, key agreement, signing, and verifying, respectively. Furthermore, we showcase the efficacy of our testing methodology by uncovering flaws and vulnerabilities in OpenSSL, and a specification-level vulnerability in a Russian standard. Our work bridges the gap between significant applied cryptography research results and deployed software, fully automating the process

Eine Grundlegung der Average-Case Komlexitätstheorie

Lag nicht vor.Lag nicht vor

Eine Grundlegung der Average-Case Komlexitätstheorie

Lag nicht vor.Lag nicht vor

Definition and Existence of Super Complexity Cores (Extended Abstract)

In this paper we define and study super complexity cores of languages L with respect to classes C with L 62 C. A super complexity core S of L can be considered as an infinite set of strings for which the decision problem for L is very hard to solve with respect to the available &quot;resources&quot; fixed by C even for algorithms which have to compute the correct result only for all inputs x 2 S. For example let C = P and S be a super complexity core of L. Then S is infinite and all deterministic Turing machines M , which output 1 on input x 2 S &quot; L and 0 on input x 2 S &quot; L, need more than polynomially many steps on all but finitely many inputs x 2 S. We prove that for all non-empty, countable classes of languages C which are closed under finite variation, finite union, and under complement and for all languages L 62 C it follows that such a super complexity core of L wi..