Browse ORBi

- What it is and what it isn't
- Green Road / Gold Road?
- Ready to Publish. Now What?
- How can I support the OA movement?
- Where can I learn more?

ORBi

On the (M)iNTRU assumption in the integer case Barthel, Jim Jean-Pierre ; Müller, Volker ; Rosie, Razvan in Provable and Practical Security, 15th International Conference, ProvSec 2021, Guangzhou, November 5 – November 8, 2021, Proceedings (in press) In AsiaCrypt 2019, Genise, Gentry, Halevi, Li and Micciancio put forth two novel and intriguing computational hardness hypotheses: The inhomogeneous NTRU (iNTRU) assumption and its matrix version MiNTRU ... [more ▼] In AsiaCrypt 2019, Genise, Gentry, Halevi, Li and Micciancio put forth two novel and intriguing computational hardness hypotheses: The inhomogeneous NTRU (iNTRU) assumption and its matrix version MiNTRU. In this work, we break the integer case of the iNTRU assumption through elementary lattice reduction, and we describe how the attack might be generalized to polynomial rings and to the low dimensional MiNTRU assumption with small noise. [less ▲] Detailed reference viewed: 105 (10 UL)Partitioned Searchable Encryption Barthel, Jim Jean-Pierre ; ; et al in Qiong, Huang; Yu, Yu (Eds.) Provable and Practical Security, 15th International Conference, ProvSec 2021, Guangzhou, November 5 – November 8, 2021, Proceedings (in press) Symmetric searchable encryption (SSE) allows to outsource encrypted data to an untrusted server and retain searching capabilities. This is done without impacting the privacy of both the data and the ... [more ▼] Symmetric searchable encryption (SSE) allows to outsource encrypted data to an untrusted server and retain searching capabilities. This is done without impacting the privacy of both the data and the search/update queries. In this work we put forth a new flavour of symmetric searchable encryption (SSE): Partitioned SSE is meant to capture the cases where the search rights must be partitioned among multiple individuals. We motivate through compelling examples the practical need for such a notion and discuss instantiations based on functional encryption and trapdoor permutations. First we leverage the power of functional encryption (FE). Our construction follows the general technique of encrypting the set of keywords and the presumably larger datafiles separately, a keyword acting as a ``pointer'' to datafiles it belongs to. To improve on the constraint factors (large ciphertext, slow encryption/decryption procedures) that are inherent in FE schemes, the keyword check is done with the help of a Bloom filter -- one per datafile: the crux idea is to split the filter into buckets, and encrypt each bucket separately under an FE scheme. Functional keys are given for binary \masks checking if relevant positions are set to 1 inside the underlying bit-vector of the Bloom filter. The second construction we present achieves forward security and stems from the scheme by Bost in CCS'16. We show that a simple tweak of the original construction gives rise to a scheme supporting updates in the partitioned setting. Moreover, the constructions take into account the possibility that some specific users are malicious while declaring their search results. [less ▲] Detailed reference viewed: 124 (1 UL)NIKE from Affine Determinant Programs Barthel, Jim Jean-Pierre ; Rosie, Razvan in Qiong, Huang; Yu, Yu (Eds.) Provable and Practical Security, 15th International Conference, ProvSec 2021, Guangzhou, November 5 – November 8, 2021, Proceedings (in press) A multi-party non-interactive key-exchange (NIKE) scheme enables N users to securely exchange a secret key K in a non-interactive manner. It is well-known that NIKE schemes can be obtained assuming the ... [more ▼] A multi-party non-interactive key-exchange (NIKE) scheme enables N users to securely exchange a secret key K in a non-interactive manner. It is well-known that NIKE schemes can be obtained assuming the existence of indistinguishability obfuscation (iO). In this work, we revisit the original, iO-based, provably-secure NIKE construction by Boneh and Zhandry, aiming to simplify it. The core idea behind our protocol is to replace the functionality of the obfuscator with the one of an affine determinant program (ADP). Although ADPs have been designed with the purpose of attaining indistinguishability obfuscation, such implication is left open for general circuits. The ingredients enabling to prove the security of our scheme stem into a more careful analysis of the branching programs needed to build ADPs. In particular, we show: 1) An intuitive indistinguishability notion defined for ADPs of puncturable pseudorandom functions (PRFs) is sufficient to prove security for NIKE. 2) A set of simple conditions based on ADP's branching program topology that are sufficient for proving indistinguishability of ADPs. We leave open the question of finding ADPs satisfying them. [less ▲] Detailed reference viewed: 48 (4 UL)A Simple Inner-Product Functional Encryption Scheme from the Inverse-DDH Assumption Barthel, Jim Jean-Pierre ; Rosie, Razvan ; Sahu, Rajeev Anand E-print/Working paper (n.d.) Detailed reference viewed: 115 (29 UL)New Constructions of Verifiable Delay Functions Barthel, Jim Jean-Pierre ; Rosie, Razvan E-print/Working paper (n.d.) Detailed reference viewed: 133 (10 UL)On basis vectors of lattices Barthel, Jim Jean-Pierre ; Müller, Volker E-print/Working paper (n.d.) Integer lattices enjoy increasing interest among mathematicians and cryptographers. However, there are still many elementary open questions, like finding specific vectors or particular bases of a given ... [more ▼] Integer lattices enjoy increasing interest among mathematicians and cryptographers. However, there are still many elementary open questions, like finding specific vectors or particular bases of a given lattice. Our study consists in exhibiting which integer vectors may be chosen as basis vectors of a chosen lattice. The compelling part of our development is that this condition is obtained through an unusual application of Dirichlet's Theorem on primes in arithmetic progressions and that it has a surprising consequence for vectors achieving the successive minima. [less ▲] Detailed reference viewed: 31 (2 UL)A conjecture on primes in arithmetic progressions and geometric intervals Barthel, Jim Jean-Pierre ; Müller, Volker E-print/Working paper (n.d.) We conjecture that any interval of the form [q^t ,q^(t+1) ], where q≥ 2 and t≥1 denote positive integers, contains at least one prime from each coprime congruence class. We prove this conjecture first ... [more ▼] We conjecture that any interval of the form [q^t ,q^(t+1) ], where q≥ 2 and t≥1 denote positive integers, contains at least one prime from each coprime congruence class. We prove this conjecture first unconditionally for all 2≤q≤45000 and all t≥1 and second under ERH for almost all q≥2 and all t≥2. Furthermore, we outline heuristic arguments for the validity of the conjecture beyond the proven bounds and we compare it with related long-standing conjectures. Finally, we discuss some of its consequences. [less ▲] Detailed reference viewed: 27 (3 UL)ON THE (NON-)EQUIVALENCE OF INTEGRAL BINARY QUADRATIC FORMS AND THEIR NEGATIVE FORMS Barthel, Jim Jean-Pierre ; Müller, Volker E-print/Working paper (n.d.) Integral binary quadratic forms have been extensively studied in order to compute the class number of real and complex quadratic ﬁelds. Many studies restricted the equivalence class of quadratic forms or ... [more ▼] Integral binary quadratic forms have been extensively studied in order to compute the class number of real and complex quadratic ﬁelds. Many studies restricted the equivalence class of quadratic forms or identiﬁed speciﬁc forms in order to compute the class number through enumeration of equivalence classes. One often used assumption is that a given form and its negative are equivalent or are synthetically identiﬁed. This document presents a concise Lagrangian approach to integral binary quadratic forms, outlines the equivalence classes in its broadest sense and uses it to develop a general condition when a given integral binary quadratic form and its negative are equivalent. Then, the existence of integral binary quadratic forms which are non-equivalent to their negatives is proven and an elementary algorithm to determine the (non-)equivalence of a given form and its negative is outlined. [less ▲] Detailed reference viewed: 85 (6 UL) |
||