295 research outputs found
Electromagnetic wave refraction at an interface of a double wire medium
Plane-wave reflection and refraction at an interface with a double wire
medium is considered. The problem of additional boundary conditions (ABC) in
application to wire media is discussed and an ABC-free approach, known in the
solid state physics, is used. Expressions for the fields and Poynting vectors
of the refracted waves are derived. Directions and values of the power density
flow of the refracted waves are found and the conservation of the power flow
through the interface is checked. The difference between the results, given by
the conventional model of wire media and the model, properly taking into
account spatial dispersion, is discussed.Comment: 17 pages, 11 figure
MV3: A new word based stream cipher using rapid mixing and revolving buffers
MV3 is a new word based stream cipher for encrypting long streams of data. A
direct adaptation of a byte based cipher such as RC4 into a 32- or 64-bit word
version will obviously need vast amounts of memory. This scaling issue
necessitates a look for new components and principles, as well as mathematical
analysis to justify their use. Our approach, like RC4's, is based on rapidly
mixing random walks on directed graphs (that is, walks which reach a random
state quickly, from any starting point). We begin with some well understood
walks, and then introduce nonlinearity in their steps in order to improve
security and show long term statistical correlations are negligible. To
minimize the short term correlations, as well as to deter attacks using
equations involving successive outputs, we provide a method for sequencing the
outputs derived from the walk using three revolving buffers. The cipher is fast
-- it runs at a speed of less than 5 cycles per byte on a Pentium IV processor.
A word based cipher needs to output more bits per step, which exposes more
correlations for attacks. Moreover we seek simplicity of construction and
transparent analysis. To meet these requirements, we use a larger state and
claim security corresponding to only a fraction of it. Our design is for an
adequately secure word-based cipher; our very preliminary estimate puts the
security close to exhaustive search for keys of size < 256 bits.Comment: 27 pages, shortened version will appear in "Topics in Cryptology -
CT-RSA 2007
Poynting's theorem and energy conservation in the propagation of light in bounded media
Starting from the Maxwell-Lorentz equations, Poynting's theorem is
reconsidered. The energy flux vector is introduced as S_e=(E x B)/mu_0 instead
of E x H, because only by this choice the energy dissipation can be related to
the balance of the kinetic energy of the matter subsystem. Conservation of the
total energy as the sum of kinetic and electromagnetic energy follows. In our
discussion, media and their microscopic nature are represented exactly by their
susceptibility functions, which do not necessarily have to be known. On this
footing, it can be shown that energy conservation in the propagation of light
through bounded media is ensured by Maxwell's boundary conditions alone, even
for some frequently used approximations. This is demonstrated for approaches
using additional boundary conditions and the dielectric approximation in
detail, the latter of which suspected to violate energy conservation for
decades.Comment: 5 pages, RevTeX4, changes: complete rewrit
Reexamination of Quantum Bit Commitment: the Possible and the Impossible
Bit commitment protocols whose security is based on the laws of quantum
mechanics alone are generally held to be impossible. In this paper we give a
strengthened and explicit proof of this result. We extend its scope to a much
larger variety of protocols, which may have an arbitrary number of rounds, in
which both classical and quantum information is exchanged, and which may
include aborts and resets. Moreover, we do not consider the receiver to be
bound to a fixed "honest" strategy, so that "anonymous state protocols", which
were recently suggested as a possible way to beat the known no-go results are
also covered. We show that any concealing protocol allows the sender to find a
cheating strategy, which is universal in the sense that it works against any
strategy of the receiver. Moreover, if the concealing property holds only
approximately, the cheat goes undetected with a high probability, which we
explicitly estimate. The proof uses an explicit formalization of general two
party protocols, which is applicable to more general situations, and a new
estimate about the continuity of the Stinespring dilation of a general quantum
channel. The result also provides a natural characterization of protocols that
fall outside the standard setting of unlimited available technology, and thus
may allow secure bit commitment. We present a new such protocol whose security,
perhaps surprisingly, relies on decoherence in the receiver's lab.Comment: v1: 26 pages, 4 eps figures. v2: 31 pages, 5 eps figures; replaced
with published version; title changed to comply with puzzling Phys. Rev.
regulations; impossibility proof extended to protocols with infinitely many
rounds or a continuous communication tree; security proof of decoherence
monster protocol expanded; presentation clarifie
A roadmap to fully homomorphic elections: Stronger security, better verifiability
After the trials of remote internet voting for local elections in 2011 and parliamentary elections in 2013, a number of local referendums has renewed interest in internet voting in Norway.
The voting scheme used in Norway is not quantum-safe and it has limited voter verifiability. In this case study, we consider how we can use fully homomorphic encryption to construct a quantum-safe voting scheme with better voter verifiability.
While fully homomorphic cryptosystems are not efficient enough for the the system we sketch to be implemented and run today, we expect future improvements in fully homomorphic encryption which may eventually make these techniques practical
Surface Screening in the Casimir Force
We calculate the corrections to the Casimir force between two metals due to
the spatial dispersion of their response functions. We employ model-independent
expressions for the force in terms of the optical coefficients. We express the
non-local corrections to the Fresnel coefficients employing the surface
parameter, which accounts for the distribution of the surface
screening charge. Within a self-consistent jellium calculation, spatial
dispersion increases the Casimir force significatively for small separations.
The nonlocal correction has the opposite sign than previously predicted
employing hydrodynamic models and assuming abruptly terminated surfaces.Comment: 5 pages, 2 figure
Analysis of property-preservation capabilities of the ROX and ESh hash domain extenders
Two of the most recent and powerful multi-property preserving (MPP) hash domain extension transforms are the Ramdom-Oracle-XOR (ROX) transform and the Enveloped Shoup (ESh) transform. The former was proposed by Andreeva et al. at ASIACRYPT 2007 and the latter was proposed by Bellare and Ristenpart at ICALP 2007. In the existing literature, ten notions of security for hash functions have been considered in analysis of MPP capabilities of domain extension transforms, namely CR, Sec, aSec, eSec (TCR), Pre, aPre, ePre, MAC, PRF, PRO. Andreeva et al. showed that ROX is able to preserve seven properties; namely collision resistance (CR), three flavors of second preimage resistance (Sec, aSec, eSec) and three variants of preimage resistance (Pre, aPre, ePre). Bellare and Ristenpart showed that ESh is capable of preserving five important security notions; namely CR, message authentication code (MAC), pseudorandom function (PRF), pseudorandom oracle (PRO), and target collision resistance (TCR). Nonetheless, there is no further study on these two MPP hash domain extension transforms with regard to the other properties. The aim of this paper is to fill this gap. Firstly, we show that ROX does not preserve two other widely-used and important security notions, namely MAC and PRO. We also show a positive result about ROX, namely that it also preserves PRF. Secondly, we show that ESh does not preserve other four properties, namely Sec, aSec, Pre, and aPre. On the positive side we show that ESh can preserve ePre property. Our results in this paper provide a full picture of the MPP capabilities of both ROX and ESh transforms by completing the property-preservation analysis of these transforms in regard to all ten security notions of interest, namely CR, Sec, aSec, eSec (TCR), Pre, aPre, ePre, MAC, PRF, PRO
Secure Multiparty Computation from SGX
International audienceIsolated Execution Environments (IEE) offered by novel commodity hardware such as Intel's SGX deployed in Skylake processors permit executing software in a protected environment that shields it from a malicious operating system; it also permits a remote user to obtain strong interactive attestation guarantees on both the code running in an IEE and its input/output behaviour. In this paper we show how IEEs provide a new path to constructing general secure multiparty computation (MPC) protocols. Our protocol is intuitive and elegant: it uses code within an IEE to play the role of a trusted third party (TTP), and the attestation guarantees of SGX to bootstrap secure communications between participants and the TTP. In our protocol the load of communications and computations on participants only depends on the size of each party's inputs and outputs and is thus small and independent from the intricacy of the functionality to be computed. The remaining computational load-essentially that of computing the functionality-is moved to an untrusted party running an IEE-enabled machine, an appealing feature for Cloud-based scenarios. However, as often the case even with the simplest cryptographic protocols, we found that there is a large gap between this intuitively appealing solution and a protocol with rigorous security guarantees. We bridge this gap through a comprehensive set of results that include: i. a detailed construction of a protocol for secure computation for arbitrary functionalities; ii. formal security definitions for the security of the overall protocol and that of its components; and iii. a modular security analysis of our protocol that relies on a novel notion of labeled attested computation. We implemented and extensively evaluated our solution on SGX-enabled hardware, providing detailed measurements of our protocol as well as comparisons with software-only MPC solutions. Furthermore, we show the cost induced by using constant-time, i.e., timing side channel resilient, code in our implementation
Efficient public-key cryptography with bounded leakage and tamper resilience
We revisit the question of constructing public-key encryption and signature schemes with security in the presence of bounded leakage and tampering memory attacks. For signatures we obtain the first construction in the standard model; for public-key encryption we obtain the first construction free of pairing (avoiding non-interactive zero-knowledge proofs). Our constructions are based on generic building blocks, and, as we show, also admit efficient instantiations under fairly standard number-theoretic assumptions.
The model of bounded tamper resistance was recently put forward by Damgård et al. (Asiacrypt 2013) as an attractive path to achieve security against arbitrary memory tampering attacks without making hardware assumptions (such as the existence of a protected self-destruct or key-update mechanism), the only restriction being on the number of allowed tampering attempts (which is a parameter of the scheme). This allows to circumvent known impossibility results for unrestricted tampering (Gennaro et al., TCC 2010), while still being able to capture realistic tampering attack
Circuit-Private Multi-Key FHE
Multi-key fully homomorphic encryption (MFHE) schemes allow polynomially many users without trusted setup assumptions to send their data (encrypted under different FHE keys chosen by users independently of each other) to an honest-but-curious server that can compute the output of an arbitrary polynomial-time computable function on this joint data and issue it back to all participating users for decryption. One of the main open problems left in MFHE was dealing with malicious users without trusted setup assumptions. We show how this can be done, generalizing previous results of circuit-private FHE. Just like standard circuit-private FHE, our security model shows that even if both ciphertexts and public keys of individual users are not well-formed, no information is revealed regarding the server computation--- other than that gained from the output on some well-formed inputs of all users. MFHE schemes have direct applications to server-assisted multiparty computation (MPC), called on-the-fly MPC, introduced by López-Alt et al. (STOC \u2712), where the number of users is not known in advance. In this setting, a poly-time server wants to evaluate a circuit on data uploaded by multiple clients and encrypted under different keys. Circuit privacy requires that users\u27 work is independent of held by the server, while each client learns nothing about other than its output. We present a framework for transforming MFHE schemes with no circuit privacy into maliciously circuit-private schemes. We then construct 3-round on-the-fly MPC with circuit privacy against malicious clients in the plain model
- …