On Insecure Uses of BGN for Privacy Preserving Data Aggregation Protocols

The notion of aggregator oblivious (AO) security for privacy preserving data aggregation was formalized with a specific construction of AO-secure blinding technique over a cyclic group by Shi et al. Some of proposals of data aggregation protocols use the blinding technique of Shi et al. for BGN cryptosystem, an additive homomorphic encryption. Previously, there have been some security analysis on some of BGN based data aggregation protocols in the context of integrity or authenticity of data. Even with such security analysis, the BGN cryptosystem has been a popular building block of privacy preserving data aggregation protocol. In this paper, we study the privacy issues in the blinding technique of Shi et al. used for BGN cryptosystem. We show that the blinding techniques for the BGN cryptosystem used in several protocols are not privacy preserving against the recipient, the decryptor. Our analysis is based on the fact that the BGN cryptosystem uses a pairing e:GxG-->G_T and the existence of the pairing makes the DDH problem on G easy to solve. We also suggest how to prevent such privacy leakage in the blinding technique of Shi et al. used for BGN cryptosystem.Comment: 11 page

Unramified coverings of the affine line in small positive characteristic

We obtain various polynomial equations giving unramified covering of the affine line in characteristics two and three, with alternating groups and Mathieu groups as Galois groups. To compute the Galois groups, we prove several irreducibility lemmas for various polynomials using ramification theory and resolution of singularities of plane curves. Also we develop a few techniques to get upper bounds for the Galois groups. Among them is the linearization process. We connect it with the concept of error correcting codes. Along the way, we discuss how we found those equations using computer programming

Some more Mathieu group coverings in characteristic two

Explicit equations are given for unramified coverings of the affine line in characteristic two with Mathieu groups of degrees 23 and 24 as Galois groups

Small Mathieu group coverings in characteristic two

Explicit equations are given for unramified coverings of the affine line in characteristic two whose Galois groups are the Mathieu groups of degrees 11 and 12 and the automorphism group of the Mathieu group of degree 12

Small degree coverings of the affine line in characteristic two

AbstractUnramified coverings of the affine line in characteristic two are constructed having alternating groups of degree six and seven as Galois groups. Some other small degree unramified coverings of the affine line in characteristic two are also considered

Optimization over polynomials: Selected topics

Minimizing a polynomial function over a region defined by polynomial inequalities models broad classes of hard problems from combinatorics, geometry and optimization. New algorithmic approaches have emerged recently for computing the global minimum, by combining tools from real algebra (sums of squares of polynomials) and functional analysis (moments of measures) with semidefinite optimization. Sums of squares are used to certify positive polynomials, combining an old idea of Hilbert with the recent algorithmic insight that they can be checked efficiently with semidefinite optimization. The dual approach revisits the classical moment problem and leads to algorithmic methods for checking optimality of semidefinite relaxations and extracting global minimizers. We review some selected features of this general methodology, illustrate how it applies to some combinatorial graph problems, and discuss links with other relaxation methods