Side Channel Attack Resistant Implementation of Multi-Power RSA using Hensel Lifting

Multi-Power RSA [1] is a fast variant of RSA [2] with a small decryption time, making it attractive for implementation on lightweight cryptographic devices such as smart cards. Hensel Lifting is a key component in the implementation of fast Multi-Power RSA Decryption. However, it is found that a naive implementation of this algorithm is vulnerable to a host of side channel attacks, some of them powerful enough to entirely break the cryptosystem by providing a factorisation of the public modulus $N$. We propose here a secure (under reasonable assumptions) implementation of the Hensel Lifting algorithm. We then use this algorithm to obtain a secure implementation of Multi-Power RSA Decryption

Certificateless Proxy Re-Encryption Without Pairing: Revisited

Proxy Re-Encryption was introduced by Blaze, Bleumer and Strauss to efficiently solve the problem of delegation of decryption rights. In proxy re-encryption, a semi-honest proxy transforms a ciphertext intended for Alice to a ciphertext of the same message for Bob without learning anything about the underlying message. From its introduction, several proxy re-encryption schemes in the Public Key Infrastructure (PKI) and Identity (ID) based setting have been proposed. In practice, systems in the public key infrastructure suffer from the \textit{certificate management problem} and those in identity based setting suffer from the \textit{key escrow problem}. Certificateless Proxy Re-encryption schemes enjoy the advantages provided by ID-based constructions without suffering from the key escrow problem. In this work, we construct the \textit{first} unidirectional, single-hop CCA-secure certificateless proxy re-encryption scheme \textit{without} \textit{pairing} by extending the PKI based construction of Chow et al. proposed in 2010. We prove its security in the random oracle model under the Computational Diffie-Hellman (CDH) assumption. Prior to this work, the only secure certificateless proxy re-encryption scheme is due to Guo et al. proposed in 2013 using bilinear pairing. They proved their construction is RCCA-secure under $q$-weak Decisional Bilinear Diffie-Hellman assumption. The construction proposed in this work is more efficient than that system and its security relies on more standard assumptions. We also show that the recently proposed construction of Yang et al. is insecure with respect to the security model considered in this work

A CCA2 secure Code based encryption scheme in the Standard Model

This paper proposes an encryption scheme secureagainst chosen cipher text attack, built on the Niederreiterencryption scheme. The security of the scheme is based on thehardness of the Syndrome Decoding problem and the Goppa CodeDistinguishability problem. The scheme uses the techniques providedby Peikert and Waters using the lossy trapdoor functions.Compared to the existing IND-CCA2 secure variants in standardmodel due to Dowsley et.al. and Freeman et. al. (using the repetition paradigm initiated by Rosen and Segev), this schemeis more efficient as it avoids repetitions

Unconditionally Secure Multiparty Set Intersection Re-Visited

In this paper, we re-visit the problem of unconditionally secure multiparty set intersection in information theoretic model. Li et.al \cite{LiSetMPCACNS07} have proposed a protocol for $n$-party set intersection problem, which provides unconditional security when $t < \frac{n}{3}$ players are corrupted by an active adversary having {\it unbounded computing power}. Moreover, they have claimed that their protocol takes six rounds of communication and incurs a communication complexity of ${\cal O}(n^4m^2)$, where each player has a set of size $m$. However, we show that the round complexity and communication complexity of the protocol in \cite{LiSetMPCACNS07} is much more than what is claimed in \cite{LiSetMPCACNS07}. We then propose a {\it novel} unconditionally secure protocol for multiparty set intersection problem with $n > 3t$ players, which significantly improves the actual round and communication complexity (as shown in this paper) of the protocol given in \cite{LiSetMPCACNS07}. To design our protocol, we use several tools which are of independent interest

Signcryption with Proxy Re-encryption

Confidentiality and authenticity are two of the most fundamental problems in cryptography. Many applications require both confidentiality and authenticity, and hence an efficient way to get both together was very desirable. In 1997, Zheng proposed the notion of ``signcryption\u27\u27, a single primitive which provides both confidentiality and authenticity in a way that\u27s more efficient than signing and encrypting separately. Proxy re-encryption is a primitive that allows a semi-trusted entity called the ``proxy\u27\u27 to convert ciphertexts addressed to a ``delegator\u27\u27 to those that can be decrypted by a ``delegatee\u27\u27, by using some special information given by the delegator, called the ``rekey\u27\u27. In this work, we propose the notion of signcryption with proxy re-encryption (SCPRE), and motivate the same. We define security models for SCPRE, and also propose a concrete unidirectional, non-interactive identity-based SCPRE construction. We also provide complete proofs of security for the scheme in the security models defined. We finally provide directions for further research in this area

Round Efficient Unconditionally Secure Multiparty Computation Protocol

In this paper, we propose a round efficient {\it unconditionally secure multiparty computation} (UMPC) protocol in {\it information theoretic} model with $n > 2t$ players, in the absence of any physical broadcast channel, which communicates ${\cal O}(n^4)$ field elements per multiplication and requires ${\cal O}(n \log(n) + {\cal D})$ rounds, even if up to $t$ players are under the control of an active adversary having {\it unbounded computing power}. In the absence of a physical broadcast channel and with $n > 2t$ players, the best known UMPC protocol with minimum number of rounds, requires ${\cal O}(n^2{\cal D})$ rounds and communicates ${\cal O}(n^6)$ field elements per multiplication, where ${\cal D}$ denotes the multiplicative depth of the circuit representing the function to be computed securely. On the other hand, the best known UMPC protocol with minimum communication complexity requires communication overhead of ${\cal O}(n^2)$ field elements per multiplication, but has a round complexity of ${\cal O}(n^3 +{\cal D})$ rounds. Hence our UMPC protocol is the most round efficient protocol so far and ranks second according to communication complexity. To design our protocol, we use certain new techniques which are of independent interest