126 research outputs found
Improved and Formal Proposal for Device Independent Quantum Private Query
In this paper, we propose a novel Quantum Private Query (QPQ) scheme with
full Device-Independent certification. To the best of our knowledge, this is
the first time we provide such a full DI-QPQ scheme using EPR-pairs. Our
proposed scheme exploits self-testing of shared EPR-pairs along with the
self-testing of projective measurement operators in a setting where the client
and the server do not trust each other. To certify full device independence, we
exploit a strategy to self-test a particular class of POVM elements that are
used in the protocol. Further, we provide formal security analysis and obtain
an upper bound on the maximum cheating probabilities for both the dishonest
client as well as the dishonest server.Comment: 33 pages, 2 figure
On Deterministic Polynomial-time Equivalence of Computing the CRT-RSA Secret Keys and Factoring
Let N = pq be the product of two large primes. Consider Chinese remainder theorem-Rivest, Shamir, Adleman (CRT-RSA) with the public encryption exponent e and private decryption exponents dp, dq. It is well known that given any one of dp or dq (or both) one can factorise N in probabilistic poly(log N) time with success probability almost equal to 1. Though this serves all the practical purposes, from theoretical point of view, this is not a deterministic polynomial time algorithm. In this paper, we present a lattice-based deterministic poly(log N) time algorithm that uses both dp, dq (in addition to the public information e, N) to factorise N for certain ranges of dp, dq. We like to stress that proving the equivalence for all the values of dp, dq may be a nontrivial task.Defence Science Journal, 2012, 62(2), pp.122-126, DOI:http://dx.doi.org/10.14429/dsj.62.171
Rotation symmetric Boolean functions---count and cryptographic properties
The article of record as published may be located at http://dx.doi.org/10.1.1.137.6388Rotation symmetric (RotS) Boolean functions have been used as components of different cryptosystems. This class of Boolean functions are invariant under circular translation of indices. Using Burnsideï¾’s lemma it can be seen that the number of n-variable rotation symmetric Boolean functions is 2gn, where gn = 1 nPt|n (t) 2n t , and (.) is the Euler phi-function. In this paper, we find the number of short and long cycles of elements in Fn2 having fixed weight, under the RotS action. As a consequence we obtain the number of homogeneous RotS functions having algebraic degree w. Our results make the search space of RotS functions much reduced and we successfully analyzed important cryptographic properties of such functions by executing computer programs. We study RotS bent functions up to 10 variables and observe (experimentally) that there is no homogeneous rotation symmetric bent function having degree > 2. Further, we studied the RotS functions on 5, 6, 7 variables by computer search for correlation immunity and propagation characteristics and found some functions with very good cryptographic properties which were not known earlier
Chosen IV Cryptanalysis on Reduced Round ChaCha and Salsa
Recently, ChaCha20 (the stream cipher ChaCha with 20 rounds) is in the process of being a standard and thus it attracts serious interest in cryptanalysis. The most significant effort to analyse Salsa and ChaCha had been explained by Aumasson et al long back (FSE 2008) and further, only minor improvements could be achieved. In this paper, first we revisit the work of Aumasson et al to provide a clearer insight of the existing attack (2^{248} complexity for ChaCha7, i.e., 7 rounds) and showing certain improvements (complexity around 2^{243}) by exploiting additional Probabilistic Neutral Bits. More importantly, we describe a novel idea that explores proper choice of IVs corresponding to the keys, for which the complexity can be improved further (2^{239}). The choice of IVs corresponding to the keys is the prime observation of this work. We systematically show how a single difference propagates after one round and how the differences can be reduced with proper choices of IVs. For Salsa too (Salsa20/8, i.e., 8 rounds), we get improvement in complexity, reducing it to 2^{245.5} from 2^{247.2} reported by Aumasson et al
The Index j in RC4 is not Pseudo-random due to Non-existence of Finney Cycle
In this very short note we prove that the pseudo-random index j of RC4 is indeed not pseudo-random. This is a simple result that missed our attention for quite a long time. We show that in long term Pr(j = i+1) = 1/N - 1/N^2, instead of the random association 1/N and this happens for the non-existence of the condition S[i] = 1 and j = i+1 that is mandatory for the non-existence of the Finney cycle
- …