Public Key Authenticated Encryption with Keyword Search from LWE

Public key encryption with keyword search (PEKS) inherently suffers from the inside keyword guessing attack. To resist against this attack, Huang et al. proposed the public key authenticated encryption with keyword search (PAEKS), where the sender not only encrypts a keyword, but also authenticates it. To further resist against quantum attacks, Liu et al. proposed a generic construction of PAEKS and the first quantum-resistant PAEKS instantiation based on lattices. Later, Emura pointed out some issues in Liu et al.\u27s construction and proposed a new generic construction of PAEKS. The basic construction methodology of Liu et al. and Emura is the same, i.e., each keyword is converted into an extended keyword using the shared key calculated by a word-independent smooth projective hash functions (SPHF), and PEKS is used for the extended keyword. In this paper, we first analyze the schemes of Liu et al. and Emura, and point out some issues regarding their construction and security model. In short, in their lattice-based instantiations, the sender and receiver use a lattice-based word independent SPHF to compute the same shared key to authenticate keywords, leading to a super-polynomial modulus $q$; their generic constructions need a trusted setup assumption or the designated-receiver setting; Liu et al. failed to provide convincing evidence that their scheme satisfies their claimed security. Then, we propose two new lattice-based PAEKS schemes with totally different construction methodology from Liu et al. and Emura. Specifically, in our PAEKS schemes, instead of using the shared key calculated by SPHF, the sender and receiver achieve keyword authentication by using their own secret key to sample a set of short vectors related to the keyword. In this way, the modulus $q$ in our schemes could be of polynomial size, which results in much smaller size of the public key, ciphertext and trapdoor. In addition, our schemes need neither a trusted setup assumption nor the designated-receiver setting. Finally, our schemes can be proven secure in stronger security model, and thus provide stronger security guarantee for both ciphertext privacy and trapdoor privacy

Lattice-Based Signature from Key Consensus

Given the current research status in lattice-based cryptography, it is commonly suggested that lattice-based signature could be subtler and harder to achieve. Among them, Dilithium is one of the most promising signature candidates for the post-quantum era, for its simplicity, efficiency, small public key size, and resistance against side channel attacks. The design of Dilithium is based on a list of pioneering works (e.g.,[VL09,VL12,BG14]), and has very remarkable performance by very careful and comprehensive optimizations in implementation and parameter selection. Whether better trade-offs on the already remarkable performance of Dilithium can be made is left in \cite{CRYSTALS} as an interesting open question. In this work, we provide new insights in interpreting the design of Dilithium, in terms of key consensus previously proposed in the literature for key encapsulation mechanisms (KEM) and key exchange (KEX). Based on the deterministic version of the optimal key consensus with noise (OKCN) mechanism, originally developed in [JZ16] for KEM/KEX, we present \emph{signature from key consensus with noise} (SKCN), which could be viewed as generalization and optimization of Dilithium. The construction of SKCN is generic, modular and flexible, which in particular allows a much broader range of parameters for searching better tradeoffs among security, computational efficiency, and bandwidth. For example, on the recommended parameters, compared with Dilithium our SKCN scheme is more efficient both in computation and in bandwidth, while preserving the same level of post-quantum security. In addition, using the same routine of OKCN for both KEM/KEX and digital signature eases (hardware) implementation and deployment in practice, and is useful to simplify the system complexity of lattice-based cryptography in general

Compact lossy and all-but-one trapdoor functions from lattice

Lossy trapdoor functions (LTDF) and all-but-one trapdoor functions (ABO-TDF) are fundamental cryptographic primitives. And given the recent advances in quantum computing, it would be much desirable to develop new and improved lattice-based LTDF and ABO-TDF. In this work, we provide more compact constructions of LTDF and ABO-TDF based on the learning with errors (LWE) problem. In addition, our LWE-based ABO-TDF can allow smaller system parameters to support super-polynomially many injective branches in the construction of CCA secure public key encryption. As a core building tool, we provide a more compact homomorphic symmetric encryption schemes based on LWE, which might be of independent interest. To further optimize the ABO-TDF construction, we employ the full rank difference encoding technique. As a consequence, the results presented in this work can substantially improve the performance of all the previous LWE-based cryptographic constructions based upon LTDF and ABO-TDF

AKC-Based Revocable ABE Schemes from LWE Assumption

The emergence of quantum computing threatens many classical cryptographic schemes, leading to the innovations in public-key cryptography for postquantum cryptography primitives and protocols that resist to quantum attacks. Lattice-based cryptography is considered to be one of the promising mathematical approaches to achieving security resistant to quantum attacks, which could be built on the learning with errors (LWE) problem and its variants. The fundamental building blocks of protocols for public-key encryption (PKE) and key encapsulation mechanism (KEM) submitted to the National Institute of Standards and Technology (NIST) based on LWE and its variants are called key consensus (KC) and asymmetric key consensus (AKC) by Jin et al. They are powerful tools for constructing PKE schemes. In this work, we further demonstrate the power of KC/AKC by proposing two special types of PKE schemes, namely, revocable attribute-based encryption (RABE). To be specific, on the basis of AKC and PKE/KEM protocols submitted to the NIST based on LWE and its variants, combined with full-rank difference, trapdoor on lattices, sampling algorithms, leftover hash lemma, and binary tree structure, we propose two directly revocable ciphertext-policy attribute-based encryption (DR-ABE) schemes from LWE, which support flexible threshold access policies on multivalued attributes, achieving user-level and attribute-level user revocation, respectively. Specifically, the construction of the ciphertext is derived from AKC, and the revocation list is defined and embedded into the ciphertext by the message sender to revoke a user in the user-level revocable scheme or revoke some attributes of a certain user in the attribute-level revocable scheme. We also discuss how to outsource decryption and reduce the workload for the end user. Our schemes proved to be secure in the standard model, assuming the hardness of the LWE problem. The two schemes imply the versatility of KC/AKC

Bioinspired universal monolayer coatings by combining concepts from blood protein adsorption and mussel adhesion

Despite the increasing need for universal polymer coating strategies, only a few approaches have been successfully developed, and most of them are suffering from color, high thickness, or high roughness. In this paper, we present for the first time a universal monolayer coating that is only a few nanometers thick and independent of the composition, size, shape, and structure of the substrate. The coating is based on a bioinspired synthetic amphiphilic block copolymer that combines two concepts from blood protein adsorption and mussel adhesion. This polymer can be rapidly tethered on various substrates including both planar surfaces and nanosystems with high grafting density. The resulting monolayer coatings are, on the one hand, inert to the adsorption of multiple polymer layers and prevent biofouling. On the other hand, they are chemically active for secondary functionalization and provide a new platform for selective material surface modification

High-Antifouling Polymer Brush Coatings on Nonpolar Surfaces via Adsorption-Cross-Linking Strategy

A new “adsorption-cross-linking” technology is presented to generate a highly dense polymer brush coating on various nonpolar substrates, including the most inert and low-energy surfaces of poly­(dimethylsiloxane) and poly­(tetrafluoroethylene). This prospective surface modification strategy is based on a tailored bifunctional amphiphilic block copolymer with benzophenone units as the hydrophobic anchor/chemical cross-linker and terminal azide groups for in situ postmodification. The resulting polymer brushes exhibited long-term and ultralow protein adsorption and cell adhesion benefiting from the high density and high hydration ability of polyglycerol blocks. The presented antifouling brushes provided a highly stable and robust bioinert background for biospecific adsorption of desired proteins and bacteria after secondary modification with bioactive ligands, e.g., mannose for selective ConA and Escherichia coli binding