680 research outputs found
Practical Preimages for Maraca
We show a practical preimage attack on the cryptographic hash function Maraca, which was submitted as a candidate to the NIST SHA-3 competition. Our attack has been verified experimentially
On Distributed Oblivious Transfer
The paper has been presented at the International Conference Pioneers of Bulgarian Mathematics, Dedicated to Nikola Obreshkoff and Lubomir Tschakaloff , Sofia, July, 2006. The material in this paper was presented in part at INDOCRYPT 2002This paper is about unconditionally secure distributed protocols
for oblivious transfer, as proposed by Naor and Pinkas and generalized by
Blundo et al. In this setting a Sender has ζ secrets and a Receiver is
interested in one of them. The Sender distributes the information about
the secrets to n servers, and a Receiver must contact a threshold of the
servers in order to compute the secret. We present a non-existence result
and a lower bound for the existence of one-round, threshold, distributed
oblivious transfer protocols, generalizing the results of Blundo et al. A
threshold based construction implementing 1-out-of-ζ distributed oblivious
transfer achieving this lower bound is described. A condition for existence
of distributed oblivious transfer schemes based on general access structures
is proven. We also present a general access structure protocol implementing
1-out-of-ζ distributed oblivious transfer
On Proactive Verifiable Secret Sharing Schemes
The paper has been presented at the International Conference Pioneers of Bulgarian
Mathematics, Dedicated to Nikola Obreshkoff and Lubomir Tschakaloff , Sofia, July, 2006.
The material in this paper was presented in part at the 11th Workshop on Selected Areas in Cryptography (SAC) 2004This paper investigates the security of Proactive Secret Sharing
Schemes. We first consider the approach of using commitment to 0 in the
renewal phase in order to refresh the player's shares and we present two types
of attacks in the information theoretic case. Then we prove the conditions
for the security of such a proactive scheme. Proactivity can be added also
using re-sharing instead of commitment to 0. We investigate this alternative
approach too and describe two protocols. We also show that both techniques
are not secure against a mobile adversary.
To summarize we generalize the existing threshold protocols to protocols
for general access structure. Besides this, we propose attacks against the
existing proactive verifiable secret sharing schemes, and give modifications
of the schemes that resist these attacks
09031 Abstracts Collection -- Symmetric Cryptography
From 11.01.09 to 16.01.09, the Seminar 09031 in
``Symmetric Cryptography \u27\u27 was held
in Schloss Dagstuhl~--~Leibniz Center for Informatics.
During the seminar, several participants presented their current
research, and ongoing work and open problems were discussed. Abstracts of
the presentations given during the seminar as well as abstracts of
seminar results and ideas are put together in this paper. The first section
describes the seminar topics and goals in general.
Links to extended abstracts or full papers are provided, if available
Extended Analysis of DES S-boxes
For more than three decades, the Data Encryption Standard (DES) was one the most widely used cryptographic algorithms. It is still the dominating block cipher for banking applications. The DES was designed by IBM, verified by NSA and published by the National Bureau of Standards as a US Federal Information Processing Standard (FIPS) in 1977. The algorithm itself was fully public but the complete design criteria were only revealed by Coppersmith in 1994. He states that the IBM team was aware of differential cryptanalysis; the DES S-boxes are chosen to satisfy eight design criteria in order to resist this powerful attack. In their 1982 book, Meyer and Matyas state that the DES S-boxes were chosen so that they can be implemented with a minimum number of logic\ud
circuits. They mention that for an early design, in which not all of the design criteria are satisfied, the number of minterms varies between 40 and 48. However, for the final design the number of minterms is either 52 or 53, which is the smallest possible number that satisfies all the design criteria. Our research attempts to validate the IBM claims by generating a large number of candidate DES S-boxes satisfying specific criteria and by evaluating their number of minterms
New Techniques for Electronic Voting
This paper presents a novel unifying framework for electronic voting in the universal composability model that includes a property which is new to universal composability but well-known to voting systems: universal verifiability. Additionally, we propose three new techniques for secure electronic voting and prove their security and universal verifiability in the universal composability framework.
1. A tally-hiding voting system, in which the tally that is released consists of only the winner without the vote count. Our proposal builds on a novel solution to the millionaire problem which is of independent interest.
2. A self-tallying vote, in which the tally can be calculated by any observer as soon as the last vote has been cast --- but before this happens, no information about the tally is leaked.
3. Authentication of voting credentials, which is a new approach for electronic voting systems based on anonymous credentials. In this approach, the vote authenticates the credential so that it cannot afterwards be used for any other purpose but to cast that vote. We propose a practical voting system that instantiates this high-level concept
Location privacy in wireless personal area networks
Location privacy is one of the major security problems in a Wireless Personal Area Network (WPAN). By eavesdropping on the transmitted packets, an attacker can keep track of the place and time of the communication between the mobile devices. The hardware address of the device can often be linked to the identity of the user operating the mobile device; this represents a violation of the user's privacy. Fortunately, this problem can be solved quite efficiently in a WPAN. We consider four communication scenarios and present several techniques to solve the location privacy problem in each of these scenarios. As mobile devices in a WPAN are typically operated by a user and energy constrained, we focused on user-friendliness and energy consumption during the design of our solutions. Copyright 2006 ACM.status: publishe
- …