371 research outputs found
Maximum Gap in (Inverse) Cyclotomic Polynomial
Let denote the maximum of the differences (gaps) between two
consecutive exponents occurring in a polynomial . Let denote the
-th cyclotomic polynomial and let denote the -th inverse
cyclotomic polynomial. In this note, we study and where
is a product of odd primes, say , etc. It is trivial to
determine , and . Hence the
simplest non-trivial cases are and . We
provide an exact expression for We also provide an exact
expression for
under a mild condition. The condition is almost always
satisfied (only finite exceptions for each ). We also provide a lower
bound and an upper bound for
An Authenticated Group Key Agreement Protocol on Braid groups
In this paper, we extend the 2-party key exchange protocol on braid groups to the group key agreement protocol based on the hardness of Ko-Lee problem. We also provide authenticity to the group key agreement protocol
On Ideal Secret-Sharing Schemes for -homogeneous access structures
A -uniform hypergraph is a hypergraph where each -hyperedge has exactly
vertices. A -homogeneous access structure is represented by a
-uniform hypergraph , in which the participants correspond to
the vertices of hypergraph . A set of vertices can reconstruct the
secret value from their shares if they are connected by a -hyperedge, while
a set of non-adjacent vertices does not obtain any information about the
secret. One parameter for measuring the efficiency of a secret sharing scheme
is the information rate, defined as the ratio between the length of the secret
and the maximum length of the shares given to the participants. Secret sharing
schemes with an information rate equal to one are called ideal secret sharing
schemes. An access structure is considered ideal if an ideal secret sharing
scheme can realize it. Characterizing ideal access structures is one of the
important problems in secret sharing schemes. The characterization of ideal
access structures has been studied by many authors~\cite{BD, CT,JZB,
FP1,FP2,DS1,TD}. In this paper, we characterize ideal -homogeneous access
structures using the independent sequence method. In particular, we prove that
the reduced access structure of is an -threshold access
structure when the optimal information rate of is larger than
, where is a -homogeneous access structure
satisfying specific criteria.Comment: 19 page
On Insecure Uses of BGN for Privacy Preserving Data Aggregation Protocols
The notion of aggregator oblivious (AO) security for privacy preserving data
aggregation was formalized with a specific construction of AO-secure blinding
technique over a cyclic group by Shi et al. Some of proposals of data
aggregation protocols use the blinding technique of Shi et al. for BGN
cryptosystem, an additive homomorphic encryption. Previously, there have been
some security analysis on some of BGN based data aggregation protocols in the
context of integrity or authenticity of data. Even with such security analysis,
the BGN cryptosystem has been a popular building block of privacy preserving
data aggregation protocol. In this paper, we study the privacy issues in the
blinding technique of Shi et al. used for BGN cryptosystem. We show that the
blinding techniques for the BGN cryptosystem used in several protocols are not
privacy preserving against the recipient, the decryptor. Our analysis is based
on the fact that the BGN cryptosystem uses a pairing e:GxG-->G_T and the
existence of the pairing makes the DDH problem on G easy to solve. We also
suggest how to prevent such privacy leakage in the blinding technique of Shi et
al. used for BGN cryptosystem.Comment: 11 page
Efficient and Generalized Pairing Computation on Abelian Varieties
In this paper, we propose a new method for constructing a bilinear pairing over (hyper)elliptic curves, which we call the R-ate pairing. This pairing is a generalization of the Ate and Ate_i pairing, and also improves efficiency of the pairing computation. Using the R-ate pairing, the loop length in Miller\u27s algorithm can be as small as for some pairing-friendly elliptic curves which have not reached this lower bound. Therefore we obtain from 29 % to 69 % savings in overall costs
compared to the Ate_i pairing. On supersingular hyperelliptic curves of genus 2, we show that this approach makes the loop length in Miller\u27s algorithm shorter than that of the Ate pairing
Towards Round-Optimal Secure Multiparty Computations: Multikey FHE without a CRS
Multikey fully homomorphic encryption (MFHE) allows homomorphic operations between ciphertexts encrypted under different keys. In applications for secure multiparty computation (MPC)protocols, MFHE can be more advantageous than usual fully homomorphic encryption (FHE) since
users do not need to agree with a common public key before the computation when using MFHE. In EUROCRYPT 2016, Mukherjee and Wichs constructed a secure MPC protocol in only two rounds via MFHE which deals with a common random/reference string (CRS) in key generation. After then, Brakerski et al.. replaced the role of CRS with the distributed setup for CRS calculation to form a four round secure MPC protocol. Thus, recent improvements in round complexity of MPC protocols have
been made using MFHE.
In this paper, we go further to obtain round-efficient and secure MPC protocols. The underlying MFHE schemes in previous works still involve the common value, CRS, it seems to weaken the power of using
MFHE to allow users to independently generate their own keys. Therefore, we resolve the issue by constructing an MFHE scheme without CRS based on LWE assumption, and then we obtain a secure MPC protocol against semi-malicious security in three rounds
- β¦