Efficient non-malleable commitment schemes

We present efficient non-malleable commitment schemes based on standard assumptions such as RSA and Discrete-Log, and under the condition that the network provides publicly available RSA or Discrete-Log parameters generated by a trusted party. Our protocols require only three rounds and a few modular exponentiations. We also discuss the difference between the notion of non-malleable commitment schemes used by Dolev, Dwork and Naor [DDN00] and the one given by Di Crescenzo, Ishai and Ostrovsky [DIO98]

Tensor-based trapdoors for CVP and their application to public key cryptography

We propose two trapdoors for the Closest-Vector-Problem in lattices (CVP) related to the lattice tensor product. Using these trapdoors we set up a lattice-based cryptosystem which resembles to the McEliece scheme

Analysis of random oracle instantiation scenarios for OAEP and other practical schemes

www.fischlin.d

Random Oracles in a Quantum World

The interest in post-quantum cryptography - classical systems that remain secure in the presence of a quantum adversary - has generated elegant proposals for new cryptosystems. Some of these systems are set in the random oracle model and are proven secure relative to adversaries that have classical access to the random oracle. We argue that to prove post-quantum security one needs to prove security in the quantum-accessible random oracle model where the adversary can query the random oracle with quantum states. We begin by separating the classical and quantum-accessible random oracle models by presenting a scheme that is secure when the adversary is given classical access to the random oracle, but is insecure when the adversary can make quantum oracle queries. We then set out to develop generic conditions under which a classical random oracle proof implies security in the quantum-accessible random oracle model. We introduce the concept of a history-free reduction which is a category of classical random oracle reductions that basically determine oracle answers independently of the history of previous queries, and we prove that such reductions imply security in the quantum model. We then show that certain post-quantum proposals, including ones based on lattices, can be proven secure using history-free reductions and are therefore post-quantum secure. We conclude with a rich set of open problems in this area.Comment: 38 pages, v2: many substantial changes and extensions, merged with a related paper by Boneh and Zhandr

Non-malleable codes for space-bounded tampering

Non-malleable codes—introduced by Dziembowski, Pietrzak and Wichs at ICS 2010—are key-less coding schemes in which mauling attempts to an encoding of a given message, w.r.t. some class of tampering adversaries, result in a decoded value that is either identical or unrelated to the original message. Such codes are very useful for protecting arbitrary cryptographic primitives against tampering attacks against the memory. Clearly, non-malleability is hopeless if the class of tampering adversaries includes the decoding and encoding algorithm. To circumvent this obstacle, the majority of past research focused on designing non-malleable codes for various tampering classes, albeit assuming that the adversary is unable to decode. Nonetheless, in many concrete settings, this assumption is not realistic

Trapdoor commitment schemes and their applications

Informally, commitment schemes can be described by lockable steely boxes. In the commitment phase, the sender puts a message into the box, locks the box and hands it over to the receiver. On one hand, the receiver does not learn anything about the message. On the other hand, the sender cannot change the message in the box anymore. In the decommitment phase the sender gives the receiver the key, and the receiver then opens the box and retrieves the message. One application of such schemes are digital auctions where each participant places his secret bid into a box and submits it to the auctioneer. In this thesis we investigate trapdoor commitment schemes. Following the abstract viewpoint of lockable boxes, a trapdoor commitment is a box with a tiny secret door. If someone knows the secret door, then this person is still able to change the committed message in the box, even after the commitment phase. Such trapdoors turn out to be very useful for the design of secure cryptographic protocols involving commitment schemes. In the first part of the thesis, we formally introduce trapdoor commitments and extend the notion to identity-based trapdoors, where trapdoors can only be used in connection with certain identities. We then recall the most popular constructions of ordinary trapdoor protocols and present new solutions for identity-based trapdoors. In the second part of the thesis, we show the usefulness of trapdoors in commitment schemes. Deploying trapdoors we construct efficient non-malleable commitment schemes which basically guarantee indepency of commitments. Furthermore, applying (identity-based) trapdoor commitments we secure well-known identification protocols against a new kind of attack. And finally, by means of trapdoors, we show how to construct composable commitment schemes that can be securely executed as subprotocols within complex protocols

Response to multi-generational selection under elevated [CO₂] in two temperature regimes suggests enhanced carbon assimilation and increased reproductive output in <em>Brassica napus</em> L.

Functional plant traits are likely to adapt under the sustained pressure imposed by environmental changes through natural selection. Employing Brassica napus as a model, a multi-generational study was performed to investigate the potential trajectories of selection at elevated [CO(2)] in two different temperature regimes. To reveal phenotypic divergence at the manipulated [CO(2)] and temperature conditions, a full-factorial natural selection regime was established in a phytotron environment over the range of four generations. It is demonstrated that a directional response to selection at elevated [CO(2)] led to higher quantities of reproductive output over the range of investigated generations independent of the applied temperature regime. The increase in seed yield caused an increase in aboveground biomass. This suggests quantitative changes in the functions of carbon sequestration of plants subjected to increased levels of CO(2) over the generational range investigated. The results of this study suggest that phenotypic divergence of plants selected under elevated atmospheric CO(2) concentration may drive the future functions of plant productivity to be different from projections that do not incorporate selection responses of plants. This study accentuates the importance of phenotypic responses across multiple generations in relation to our understanding of biogeochemical dynamics of future ecosystems. Furthermore, the positive selection response of reproductive output under increased [CO(2)] may ameliorate depressions in plant reproductive fitness caused by higher temperatures in situations where both factors co-occur

Impacts on terrestrial biodiversity of moving from a 2ᵒC to a 1.5ᵒC target

We applied a recently developed tool to examine the reduction in climate risk to biodiversity in moving from a 2°C to a 1.5°C target. We then reviewed the recent literature examining the impact of (a) land-based mitigation options and (b) land-based greenhouse gas removal options on biodiversity. We show that holding warming to 1.5°C versus 2°C can significantly reduce the number of species facing a potential loss of 50% of their climatic range. Further, there would be an increase of 5.5–14% of the globe that could potentially act as climatic refugia for plants and animals, an area equivalent to the current global protected area network. Efforts to meet the 1.5°C target through mitigation could largely be consistent with biodiversity protection/enhancement. For impacts of land-based greenhouse gas removal technologies on biodiversity, some (e.g. soil carbon sequestration) could be neutral or positive, others (e.g. bioenergy with carbon capture and storage) are likely to lead to conflicts, while still others (e.g. afforestation/reforestation) are context-specific, when applied at scales necessary for meaningful greenhouse gas removal. Additional effort to meet the 1.5°C target presents some risks, particularly if inappropriately managed, but it also presents opportunities. This article is part of the theme issue ‘The Paris Agreement: understanding the physical and social challenges for a warming world of 1.5°C above pre-industrial levels'