Your search keyword '"CRYPTOGRAPHY research"' showing total 7 results

1. Frontmatter.

Subjects

*CRYPTOGRAPHY research, *CARTESIAN coordinates, *LINEAR algebra

Abstract

The article presents the front cover of the periodical "Journal of Mathematical Cryptology", along with the names of the editorial board, publishing details such as disclaimers, and table of contents which includes Cartesian codes, linear algebra and geometry.

Published

2018

2. Another look at normal approximations in cryptanalysis.

Author

Samajder, Subhabrata and Sarkar, Palash

Subjects

*CIPHERS, *CRYPTOGRAPHY research, *GAUSSIAN distribution, *MATHEMATICS theorems, *ORDER statistics

Abstract

Statistical analysis of attacks on symmetric ciphers often requires assuming the normal behaviour of a test statistic. Typically such an assumption is made in an asymptotic sense. In this work, we consider concrete versions of some important normal approximations that have been made in the literature. To do this, we use the Berry-Esséen theorem to derive explicit bounds on the approximation errors. A basic mathematical requirement is that such approximation errors should be within reasonable bounds, a point which appears to have been overlooked in many of the earlier works on statistical aspects of cryptanalysis. Interpreting the error bounds in the cryptanalytic context yields several surprising results. One important implication is that this puts in doubt the applicability of the order statistics based approach for analysing key recovery attacks on block ciphers. This approach has been earlier used to obtain several results on the data complexities of (multiple) linear and differential cryptanalysis. The non-applicability of the order statistics based approach puts a question mark on the data complexities obtained using this approach. Fortunately, we are able to recover all of these results by utilising the hypothesis testing framework. This, however, necessitates using normal approximations for the χ² and the LLR test statistics considered in earlier works. These approximations themselves have issues which seem to be difficult to resolve satisfactorily. More generally, the message of our work is that all cryptanalytic attacks should properly derive and interpret the error bounds for any (normal) approximation that is made. [ABSTRACT FROM AUTHOR]

Published

2016

3. Indifferentiability security of the fast wide pipe hash: Breaking the birthday barrier.

Author

Moody, Dustin, Paul, Souradyuti, and Smith-Tone, Daniel

Subjects

*CRYPTOGRAPHY research, *HASHING, *MESSAGE authentication codes, *DATA encryption, *COMPUTER security research

Abstract

A hash function secure in the indifferentiability framework (TCC 2004) is able to resist all meaningful generic attacks. Such hash functions also play a crucial role in establishing the security of protocols that use them as random functions. To eliminate multi-collision type attacks on the Merkle-Damgård mode (Crypto 1989), Lucks proposed widening the size of the internal state of hash functions (Asiacrypt 2005). The fast wide pipe (FWP) hash mode was introduced by Nandi and Paul at Indocrypt 2010, as a faster variant of Lucks' wide pipe mode. Despite the higher speed, the proven indifferentiability bound of the FWP mode has so far been only up to the birthday barrier of n/2 bits. The main result of this paper is the improvement of the FWP bound to 2n/3 bits (up to an additive constant). We also provide evidence that the bound may be extended beyond 2n/3 bits. [ABSTRACT FROM AUTHOR]

Published

2016

4. Optimal constructions for ID-based one-way-function key predistribution schemes realizing specified communication graphs.

Author

Paterson, Maura B. and Stinson, Douglas R.

Subjects

*CRYPTOGRAPHY research, *HASHING, *GRAPH theory, *DATA warehousing, *POLYNOMIAL time algorithms

Abstract

We study a method for key predistribution in a network of n users where pairwise keys are computed by hashing users' IDs along with secret information that has been (pre)distributed to the network users by a trusted entity. A communication graph G can be specified to indicate which pairs of users should be able to compute keys. We determine necessary and sufficient conditions for schemes of this type to be secure. We also consider the problem of minimizing the storage requirements of such a scheme; we are interested in the total storage as well as the maximum storage required by any user. Minimizing the total storage is NP-hard, whereas minimizing the maximum storage required by a user can be computed in polynomial time. [ABSTRACT FROM AUTHOR]

Published

2015

5. Families of genus 2 curves with small embedding degree.

Author

Hitt, Laura

Subjects

*CRYPTOGRAPHY research, *DIGITAL signatures, *ELLIPTIC curves, *JACOBIAN matrices, *LOGARITHMS, *FROBENIUS groups, *FACTORIZATION, *PROBABILITY theory, *PRIME numbers

Abstract

In cryptographic applications, hyperelliptic curves of small genus have the advantage of providing a group of comparable size to that of elliptic curves, while working over a field of smaller size. Pairing-friendly hyperelliptic curves are those for which the order of the Jacobian is divisible by a large prime, whose embedding degree is small enough for pairing computations to be feasible, and whose minimal embedding field is large enough for the discrete logarithm problem in it to be difficult. We give a sequence of  q-isogeny classes for a family of Jacobians of genus 2 curves over  q, for q == 2 m, and the corresponding small embedding degrees. We give examples of the parameters for such curves with embedding degree k < (log q)2, such as k == 8, 13, 16, 23, 26. For secure and efficient implementation of pairing-based cryptography on genus g curves over  q, it is desirable that the ratio be approximately 1, where N is the order of the subgroup with embedding degree k. We show that for our family of curves, ρρ is between 1 and 2. We also give a sequence of  q-isogeny classes for a family of Jacobians of genus 2 curves over  q for which the minimal embedding field is much smaller than the finite field indicated by the embedding degree k. That is, the extension degrees in this example differ by a factor of m, where q == 2 m, demonstrating that the embedding degree can be a far from accurate measure of security. As a result, we use an indicator to examine the cryptographic security of our family of curves. [ABSTRACT FROM AUTHOR]

Published

2009

6. Hash function requirements for Schnorr signatures.

Author

Neven, Gregory, Smart, Nigel P., and Warinschi, Bogdan

Subjects

*DIGITAL signatures, *CRYPTOGRAPHY research, *COMPUTER network security, *ELLIPTIC curves, *LOGARITHMS, *GROUP theory, *PROBABILITY theory, *FORGERY, *COMPUTATIONAL mathematics

Abstract

We provide two necessary conditions on hash functions for the Schnorr signature scheme to be secure, assuming compact group representations such as those which occur in elliptic curve groups. We also show, via an argument in the generic group model, that these conditions are sufficient. Our hash function security requirements are variants of the standard notions of preimage and second preimage resistance. One of them is in fact equivalent to the Nostradamus attack by Kelsey and Kohno (Eurocrypt, Lecture Notes in Computer Science 4004: 183--200, 2006), and, when considering keyed compression functions, both are closely related to the ePre and eSec notions by Rogaway and Shrimpton (FSE, Lecture Notes in Computer Science 3017: 371--388, 2004). Our results have a number of interesting implications in practice. First, since security does not rely on the hash function being collision resistant, Schnorr signatures can still be securely instantiated with SHA-1/SHA-256, unlike DSA signatures. Second, we conjecture that our properties require O(2 n) work to solve for a hash function with n-bit output, thereby allowing the use of shorter hashes and saving twenty-five percent in signature size. And third, our analysis does not reveal any significant difference in hardness between forging signatures and computing discrete logarithms, which plays down the importance of the loose reductions in existing random-oracle proofs, and seems to support the use of ''normal-size'' groups. [ABSTRACT FROM AUTHOR]

Published

2009

7. Distortion maps for supersingular genus two curves.

Author

Galbraith, Steven D., Pujolààs, Jordi, Ritzenthaler, Christophe, and Smith, Benjamin

Subjects

*MAPS, *CRYPTOGRAPHY research, *ENDOMORPHISMS, *AUTOMORPHISMS, *ELLIPTIC curves, *ABELIAN varieties, *FROBENIUS groups, *RINGS of integers, *JACOBIAN matrices

Abstract

Distortion maps are a useful tool for pairing based cryptography. Compared with elliptic curves, the case of hyperelliptic curves of genus g > 1 is more complicated, since the full torsion subgroup has rank 2 g. In this paper, we prove that distortion maps always exist for supersingular curves of genus g > 1. We also give several examples of curves of genus 2 with explicit distortion maps for embedding degrees 4, 5, 6, and 12. [ABSTRACT FROM AUTHOR]

Published

2009