Browse ORBi

- What it is and what it isn't
- Green Road / Gold Road?
- Ready to Publish. Now What?
- How can I support the OA movement?
- Where can I learn more?

ORBi

Authenticated Key Distribution: When the Coupon Collector is Your Enemy ; El Orche, Fatima Ezzahra ; et al in Innovative Security Solutions for Information Technology and Communications (2019, November 14) We introduce new authenticated key exchange protocols which on the one hand do not resort to standard public key setups with corresponding assumptions of computationally hard problems, but on the other ... [more ▼] We introduce new authenticated key exchange protocols which on the one hand do not resort to standard public key setups with corresponding assumptions of computationally hard problems, but on the other hand, are more efficient than distributing symmetric keys among the participants. To this end, we rely on a trusted central authority distributing key material whose size is independent of the total number of users, and which allows the users to obtain shared secret keys. We analyze the security of our construction, taking into account various attack models. Importantly, only symmetric primitives are needed in the protocol making it an alternative to quantum-safe key exchange protocols which rely on hardness assumptions. [less ▲] Detailed reference viewed: 125 (8 UL)Robust Encryption, Extended ; ; Rosie, Razvan in Matsui, Mitsuru (Ed.) The Cryptographers' Track at the RSA Conference 2019, San Francisco, CA, USA, March 4–8, 2019, Proceedings (2019, March 01) Robustness is a notion often tacitly assumed while working with encrypted data. Roughly speaking, it states that a ciphertext cannot be decrypted under different keys. Initially formalized in a public-key ... [more ▼] Robustness is a notion often tacitly assumed while working with encrypted data. Roughly speaking, it states that a ciphertext cannot be decrypted under different keys. Initially formalized in a public-key context, it has been further extended to key-encapsulation mechanisms, and more recently to pseudorandom functions, message authentication codes and authenticated encryption. In this work, we motivate the importance of establishing similar guarantees for functional encryption schemes, even under adversarially generated keys. Our main security notion is intended to capture the scenario where a ciphertext obtained under a master key (corresponding to Authority 1) is decrypted by functional keys issued under a different master key (Authority 2). Furthermore, we show there exist simple functional encryption schemes where robustness under adversarial key-generation is not achieved. As a secondary and independent result, we formalize robustness for digital signatures – a signature should not verify under multiple keys – and point out that certain signature schemes are not robust when the keys are adversarially generated. We present simple, generic transforms that turn a scheme into a robust one, while maintaining the original scheme’s security. For the case of public-key functional encryption, we look into ciphertext anonymity and provide a transform achieving it. [less ▲] Detailed reference viewed: 61 (5 UL)The New Codebreakers - Essays Dedicated to David Kahn on the Occasion of His 85th Birthday Ryan, Peter ; ; Book published by Springer (2016) Detailed reference viewed: 72 (0 UL)Public Key Compression and Modulus Switching for Fully Homomorphic Encryption over the Integers Coron, Jean-Sébastien ; ; Tibouchi, Mehdi in EUROCRYPT (2012) Detailed reference viewed: 125 (0 UL)Fully Homomorphic Encryption over the Integers with Shorter Public Keys Coron, Jean-Sébastien ; Mandal, Avradip ; et al in CRYPTO (2011) Detailed reference viewed: 130 (0 UL)Practical Cryptanalysis of ISO/IEC 9796-2 and EMV Signatures Coron, Jean-Sébastien ; ; Tibouchi, Mehdi et al in Proceedings of CRYPTO 2009 (2009) In 1999, Coron, Naccache and Stern discovered an existential signature forgery for two popular RSA signature standards, ISO/IEC 9796-1 and 2. Following this attack ISO/IEC 9796-1 was withdrawn. ISO/IEC ... [more ▼] In 1999, Coron, Naccache and Stern discovered an existential signature forgery for two popular RSA signature standards, ISO/IEC 9796-1 and 2. Following this attack ISO/IEC 9796-1 was withdrawn. ISO/IEC 9796-2 was amended by increasing the message digest to at least 160 bits. Attacking this amended version required at least 2^{61} operations. In this paper, we exhibit algorithmic refinements allowing to attack the amended (currently valid) version of ISO/IEC 9796-2 for all modulus sizes. A practical forgery was computed in only two days using 19 servers on the Amazon EC2 grid for a total cost of $\simeq$ US$800. The forgery was implemented for e?= 2 but attacking odd exponents will not take longer. The forgery was computed for the RSA-2048 challenge modulus, whose factorization is still unknown. The new attack blends several theoretical tools. These do not change the asymptotic complexity of Coron et al.’s technique but significantly accelerate it for parameter values previously considered beyond reach. While less efficient (US$45,000), the acceleration also extends to EMV signatures. EMV is an ISO/IEC 9796-2-compliant format with extra redundancy. Luckily, this attack does not threaten any of the 730 million EMV payment cards in circulation for operational reasons. Costs are per modulus: after a first forgery for a given modulus, obtaining more forgeries is virtually immediate. [less ▲] Detailed reference viewed: 121 (9 UL)Fault Attacks on RSA Signatures with Partially Unknown Messages Coron, Jean-Sébastien ; ; Kizhvatov, Ilya et al in Proceedings of CHES 2009 (2009) Fault attacks exploit hardware malfunctions to recover secrets from embedded electronic devices. In the late 90’s, Boneh, DeMillo and Lipton introduced fault-based attacks on CRt-RSA. These attacks factor ... [more ▼] Fault attacks exploit hardware malfunctions to recover secrets from embedded electronic devices. In the late 90’s, Boneh, DeMillo and Lipton introduced fault-based attacks on CRt-RSA. These attacks factor the signer’s modulus when the message padding function is deterministic. However, the attack does not apply when the message is partially unknown, for example when messages contain some randomness which is recovered only when verifying a correct signature. In this paper we successfully extends rsa fault attacks to a large class of partially known message configurations. The new attacks rely on Coppersmith’s algorithm for finding small roots of multivariate polynomial equations. We illustrate the approach by successfully attacking several randomized versions of the ISO/IEC 9796-2 encoding standard. Practical experiments show that a 2048-bit modulus can be factored in less than a minute given one faulty signature containing 160 random bits and an unknown 160-bit message digest. [less ▲] Detailed reference viewed: 116 (0 UL)Cryptanalysis of ISO/IEC 9796-1 ; Coron, Jean-Sébastien ; et al in Journal of Cryptology (2008), 21(1), 2751 Detailed reference viewed: 56 (0 UL)New Constructions of Verifiable Delay Functions Barthel, Jim Jean-Pierre ; ; Rosie, Razvan E-print/Working paper (n.d.) A Verifiable Delay Function (VDF) is a cryptographic protocol thought to provide a proof of elapsed time. At the core of such a protocol lies a sequential task whose evaluation cannot be accelerated, even ... [more ▼] A Verifiable Delay Function (VDF) is a cryptographic protocol thought to provide a proof of elapsed time. At the core of such a protocol lies a sequential task whose evaluation cannot be accelerated, even in the presence of massive parallel computational resources. We introduce a novel sequentiality assumption, put forth a scheme that achieves this sequentiality constraint by requiring its users to evaluate a function over (levelled) fully homomorphic ciphertexts and provide a heuristic security analysis. [less ▲] Detailed reference viewed: 83 (5 UL) |
||