Your search keyword '"Security parameter"' showing total 13 results

1. Lattice-Based Cryptoprocessor for CCA-Secure Identity-Based Encryption

Author

C. P. Renteria-Mejia and Jaime Velasco-Medina

Subjects

Computer science, business.industry, 020208 electrical & electronic engineering, Hash function, Systolic array, 02 engineering and technology, Encryption, Secure cryptoprocessor, Hardware and Architecture, Lattice (order), 0202 electrical engineering, electronic engineering, information engineering, Electrical and Electronic Engineering, Arithmetic, Elliptic curve cryptography, business, Field-programmable gate array, Security parameter

Abstract

In this paper, we propose a lattice-based encryption scheme for Identity-Based Encryption (IBE) which is secure against Chosen-Ciphertext Attacks (CCA), and it is deduced from a previous Chosen-Plaintext Attack (CPA) secure IBE scheme by applying Fujisaki-Okamoto transform. Also, we present the design of a lattice-based cryptoprocessor that performs the encryption or decryption of the proposed CCA IBE scheme for the security parameters $n=512$ and $n=1024$ . In this case, the cryptoprocessor is mainly composed of one Random Number Generator (RNG), two hash function cores based on the Secure Hash Algorithm-3 (SHA-3) standard, and one Number Theoretical Transform (NTT) core for performing the polynomial ring operations. NTT core is designed using a systolic array and radix-2 multiple-path delay commutator architecture. The cryptoprocessor was synthesized on FPGA EP4SGX230KF40C2 using Quartus Prime 17.1, and verified in hardware using DE4 board and SignalTap tool. According to the obtained synthesis results, for the security parameter $n =1024$ , the IBE cryptoprocessor performs the encryption in $21.10~\mu $ s, and the decryption in $24.87~\mu $ s.

Published

2020

2. A Location and Optimal Coverage Based Filtering Scheme in Wireless Sensor Networks

Author

Hui Ye, Fangmin Li, and Zhixiong Liu

Subjects

optimal coverage, Correctness, General Computer Science, Computer science, Real-time computing, General Engineering, Process (computing), compromise robustness, Variable (computer science), Pure Data, Robustness (computer science), injected false reports, General Materials Science, Message authentication code, lcsh:Electrical engineering. Electronics. Nuclear engineering, lcsh:TK1-9971, Security parameter, computer, Wireless sensor network, location, computer.programming_language

Abstract

Injected false reports by attackers bring fateful consequences in wireless sensor networks, i.e., wasting the limited batteries of nodes and misleading the decision making of users. Existing security designs mainly attach some extra fields by a group of sensing nodes after the pure data, and check the correctness of attached MACs (Message Authentication Codes) in the process of report forwarding, each of which represents the agreement of sensors on the report, thus to drop the ones which failed on MAC checking. They cannot recognize the reports forged by t arbitrary compromised sensors collaboratively; the variable t is a security parameter. Furthermore, failures of reporting usually occur in sparse regions for lacking of enough detecting sensors, which is incurred by the complicated deploying region and the adopted random deploying strategy. This paper proposes a Location and Optimal Coverage based Filtering scheme (LOCF). It first derived the optimal coverage degree Δ by considering both the network size and covering efficiency, and then employed covering algorithm to deploy sensors accordingly. Each deployed sensor has to dispense its location to downstream sensors, through which sensors are bounded with locations. A report for the observed event must attach t endorsements along with locations of detecting sensors. In the forwarding process, intermediate sensors evaluate the correctness and rationality of both MACs and locations. Simulation results demonstrate that LOCF outperforms existing works in terms of covering effectiveness, filtering efficiency and compromise robustness.

Published

2020

3. A Privacy-Preserving Signature Scheme for Network Coding

Author

Jie Huang, Guowen Zong, Xiang Liu, and Yuanxi Wu

Subjects

General Computer Science, Computer science, Network packet, 020208 electrical & electronic engineering, General Engineering, 020206 networking & telecommunications, Eavesdropping, Cyclic group, 02 engineering and technology, Adversary, homomorphic signature, eavesdropping attacks, Signature (logic), Network coding, Discrete logarithm, Linear network coding, 0202 electrical engineering, electronic engineering, information engineering, Overhead (computing), General Materials Science, lcsh:Electrical engineering. Electronics. Nuclear engineering, lcsh:TK1-9971, Security parameter, Algorithm, pollution attacks, Computer Science::Cryptography and Security

Abstract

In this paper, a novel privacy-preserving signature scheme for network coding is proposed, which can mitigate both intra-generation and inter-generation pollution attacks efficiently, and leverage the inherent security property of random network coding to prevent eavesdropping attacks at the same time. Our scheme is constructed on a bi-linear map between two multiplicative cyclic groups with the same order, and its security relies on the hardness of the discrete logarithm problem. We proved that the construction of our scheme is correct, and also showed that our scheme is resistant against both pollution attacks and eavesdropping attacks by demonstrating that the probabilities of an adversary recovering the native messages and forging a valid signature for a bogus packet are both negligible functions of the security parameter. We evaluated the performance of our scheme in terms of communication overhead and computational complexity, and carried out extensive experiments to compare the running time of different procedures between our scheme and several previous schemes. The experimental results showed that our scheme is more efficient than the previous schemes simulated.

Published

2019

4. Cryptanalysis of key exchange protocol based on tensor ergodic problem

Author

Chunsheng Gu, Youyu Gu, Peizhong Shi, Zhenjun Jing, and Chunpeng Ge

Subjects

Discrete mathematics, Computer Networks and Communications, Computer science, business.industry, Plaintext, Encryption, Finite field, Ciphertext, Key (cryptography), Electrical and Electronic Engineering, business, Security parameter, Time complexity, Key exchange, Computer Science::Cryptography and Security

Abstract

Recently, Mao, Zhang, Wu et al. constructed two key exchange (KE) protocols based on tensor ergodic problem (TEP). Although they conjectured that these constructions can potentially resist quantum computing attack, they did not provide a rigorous security proof for their KE protocols. In this paper, applying the properties of ergodic matrix, we first present a polynomial time algorithm to solve the TEP problem using O(n6) arithmetic operations in the finite field, where n is the security parameter. Then, applying this polynomial time algorithm, we generate a common shared key for two TEP-based KE constructions, respectively. In addition, we also provide a polynomial time algorithm with O(n6) arithmetic operations that directly recovers the plaintext from a ciphertext for the KE-based encryption scheme. Thus, the TEP-based KE protocols and their corresponding encryption schemes are insecure.

Published

2018

5. On Linear Complementary Pairs of Codes

Author

Buket Özkaya, Ferruh Özbudak, Claude Carlet, Patrick Solé, Cem Güneri, and School of Physical and Mathematical Sciences

Subjects

Linear programming, Binary number, Data_CODINGANDINFORMATIONTHEORY, 0102 computer and information sciences, 02 engineering and technology, Library and Information Sciences, Characterization (mathematics), 01 natural sciences, 0202 electrical engineering, electronic engineering, information engineering, Code (cryptography), Algebraic number, Computer Science::Data Structures and Algorithms, Circulant matrix, Discrete mathematics, QA075 Electronic computers. Computer science, Quasi-cyclic Code, 020206 networking & telecommunications, Special class, Quantitative Biology::Genomics, Computer Science Applications, 010201 computation theory & mathematics, QA150-272.5 Algebra, Electrical and electronic engineering [Engineering], Constacyclic Code, Security parameter, Information Systems

Abstract

We study linear complementary pairs (LCP) of codes $(C, D)$ , where both codes belong to the same algebraic code family. We especially investigate constacyclic and quasi-cyclic LCP of codes. We obtain characterizations for LCP of constacyclic codes and LCP of quasi-cyclic codes. Our result for the constacyclic complementary pairs extends the characterization of linear complementary dual (LCD) cyclic codes given by Yang and Massey. We observe that when $C$ and $D$ are complementary and constacyclic, the codes $C$ and $D^\bot $ are equivalent to each other. Hence, the security parameter $\min (d(C),d(D^\bot))$ for LCP of codes is simply determined by one of the codes in this case. The same holds for a special class of quasi-cyclic codes, namely 2D cyclic codes, but not in general for all quasi-cyclic codes, since we have examples of LCP of double circulant codes not satisfying this conclusion for the security parameter. We present examples of binary LCP of quasi-cyclic codes and obtain several codes with better parameters than known binary LCD codes. Finally, a linear programming bound is obtained for binary LCP of codes and a table of values from this bound is presented in the case $d(C)=d(D^\bot)$ . This extends the linear programming bound for LCD codes.

Published

2018

6. On Linear Complementary Pair of <tex-math notation='LaTeX'>$n$ </tex-math> D Cyclic Codes

Author

Cem Güneri, Selcen Sayici, and Buket Özkaya

Subjects

Trace (linear algebra), Generalization, Zero (complex analysis), 020206 networking & telecommunications, 0102 computer and information sciences, 02 engineering and technology, 01 natural sciences, Complementary pair, Computer Science Applications, Combinatorics, Mathematics::K-Theory and Homology, 010201 computation theory & mathematics, Modeling and Simulation, 0202 electrical engineering, electronic engineering, information engineering, Electrical and Electronic Engineering, Algebra over a field, Representation (mathematics), Security parameter, Mathematics

Abstract

The security parameter for a linear complementary pair $(C,D)$ of codes is defined to be the minimum of the minimum distances $d(C)$ and $d(D^\bot)$ . Recently, Carlet et al. showed that if $C$ and $D$ are both cyclic or both 2-D cyclic linear complementary pair of codes, and then, $C$ and $D^\bot$ are equivalent codes. Hence, the security parameter for cyclic and 2-D cyclic linear complementary pair of codes is simply $d(C)$ . We extend this result to $n\text{D}$ cyclic linear complementary pair of codes. The proof of Carlet et al. for the 2-D cyclic case is based on the trace representation of the codes, which is technical and nontrivial to generalize. Our proof for the generalization is based on the zero sets of the ideals corresponding to $n\text{D}$ cyclic codes.

Published

2018

7. Trapdoor computational fuzzy extractors and stateless cryptographically-secure physical unclonable functions

Author

Charles Herder, Marten van Dijk, Srinivas Devadas, Meng-Day (Mandel) Yu, and Ling Ren

Subjects

Stateless protocol, Theoretical computer science, Biometrics, Computer science, Physical unclonable function, 02 engineering and technology, Fuzzy logic, 020202 computer hardware & architecture, Random oracle, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Fuzzy extractor, Electrical and Electronic Engineering, Error detection and correction, Security parameter

Abstract

We present a fuzzy extractor whose security can be reduced to the hardness of Learning Parity with Noise (LPN) and can efficiently correct a constant fraction of errors in a biometric source with a “noise-avoiding trapdoor.” Using this computational fuzzy extractor, we present a stateless construction of a cryptographically-secure Physical Unclonable Function. Our construct requires no non-volatile (permanent) storage, secure or otherwise, and its computational security can be reduced to the hardness of an LPN variant under the random oracle model. The construction is “stateless,” because there is no information stored between subsequent queries, which mitigates attacks against the PUF via tampering. Moreover, our stateless construction corresponds to a PUF whose outputs are free of noise because of internal error-correcting capability, which enables a host of applications beyond authentication. We describe the construction, provide a proof of computational security, analysis of the security parameter for system parameter choices, and present experimental evidence that the construction is practical and reliable under a wide environmental range.

Published

2017

8. An Efficient Homomorphic MAC with Small Key Size for Authentication in Network Coding

Author

Tao Jiang and Chi Cheng

Subjects

Authentication, Length extension attack, business.industry, Computer science, Homomorphic encryption, Adversary, Hash-based message authentication code, Theoretical Computer Science, Public-key cryptography, Computational Theory and Mathematics, Hardware and Architecture, Linear network coding, Message authentication code, business, Security parameter, Software, Data Authentication Algorithm, Computer network, Key size

Abstract

Recently, homomorphic message authentication code (MAC) schemes have been proposed to resist against pollution attacks in network coding. However, existing methods face a common challenge: the generated MAC t belongs to a small finite field Fq, which means that an adversary could attack by randomly guessing the value of t, and succeed with probability 1/q. Since q is a predetermined system parameter which is typically set as 28, the resulted security 1/256 could be unsatisfactory in practice. In this paper, we propose an efficient homomorphic MAC for authentication in network coding. The proposed method achieves a reliable security parameter 1/ql using only one key, where l could be chosen according to different security requirements. Compared with previous approaches that using multiple tags, the proposed homomorphic MAC has both low computation and communication overheads.

Published

2013

9. A Computationally Sound Mechanized Prover for Security Protocols

Author

Bruno Blanchet

Subjects

Theoretical computer science, Cryptographic primitive, Computer science, business.industry, Hash function, Data security, Cryptography, Adversary, Cryptographic protocol, Gas meter prover, Encryption, Public-key cryptography, Secrecy, Message authentication code, Dolev–Yao model, Electrical and Electronic Engineering, business, Security parameter, Computer Science::Cryptography and Security

Abstract

We present a new mechanized prover for secrecy properties of cryptographic protocols. In contrast to most previous provers, our tool does not rely on the Dolev-Yao model, but on the computational model. It produces proofs presented as sequences of games; these games are formalized in a probabilistic polynomial-time process calculus. Our tool provides a generic method for specifying security properties of the cryptographic primitives, which can handle shared-and public-key encryption, signatures, message authentication codes, and hash functions. Our tool produces proofs valid for a number of sessions polynomial in the security parameter, in the presence of an active adversary. We have implemented our tool and tested it on a number of examples of protocols from the literature.

Published

2008

10. Cryptographic Hardness Based on the Decoding of Reed–Solomon Codes

Author

Aggelos Kiayias and Moti Yung

Subjects

Provable security, Pseudorandom number generator, Cryptographic primitive, Theoretical computer science, Random number generation, Plaintext, Data_CODINGANDINFORMATIONTHEORY, Library and Information Sciences, Computer Science Applications, Reed–Solomon error correction, Semantic security, Algorithm, Security parameter, Computer Science::Cryptography and Security, Information Systems, Mathematics

Abstract

In this paper, we investigate the decoding problem of Reed-Solomon (RS) codes, also known as the polynomial reconstruction problem (PR), from a cryptographic hardness perspective. Namely, we deal with samplable PR instances over parameter choices for which decoding is not known to be feasibly solvable and where part of the solution polynomial is the hidden input. We put forth a natural decisional intractability assumption that relates to this decoding problem: distinguishing between a single randomly chosen error location and a single randomly chosen nonerror location for a given corrupted RS codeword with random noise. We prove that under this assumption, PR instances are entirely pseudorandom, i.e., they are indistinguishable from random vectors over the underlying finite field. Moreover, under the same assumption, we show that it is hard to extract any partial information related to the hidden input encoded by the corrupted PR instance, i.e., PR instances hide their message polynomial solution in the semantic security sense. The above results lay a framework for the exploitation of PR as an intractability assumption for provable security of cryptographic primitives. Based on this framework, we present provably secure cryptographic constructions for (1) a pseudorandom number generator, (2) a semantically secure version of the oblivious polynomial evaluation (OPE) protocol, and (3) a stateful cipher with a set of interesting properties that include: semantic security, forward secrecy, error-correcting decryption and an array of random self-reducibility properties with respect to the plaintext choice, key choice, and partial domain choice.

Published

2008

11. Comments on 'An Efficient Homomorphic MAC with Small Key Size for Authentication in Network Coding'

Author

Young-Sik Kim

Subjects

Authentication, Length extension attack, business.industry, Computer science, Homomorphic encryption, Theoretical Computer Science, Computational Theory and Mathematics, Hardware and Architecture, Linear network coding, Reflection attack, Challenge–response authentication, business, Security parameter, Software, Key size, Computer network

Abstract

Recently, an efficient homomorphic MAC scheme for authentication in network coding is proposed and it is claimed that it achieves a security parameter $1/q^l$ where $l$ is selected according to different security requirements. However, in this paper, we show that there is an attack to make the security parameter $1/q$ instead of $1/q^l$ . And we propose a way to avoid the presented attack.

Published

2015

12. Everlasting security in the bounded storage model

Author

Michael O. Rabin, Yonatan Aumann, and Yan Zong Ding

Subjects

Theoretical computer science, business.industry, Computer science, Computation, Cryptography, Library and Information Sciences, Adversary, Computer security model, Cryptographic protocol, Encryption, Computational hardness assumption, Computer Science Applications, Security association, Bounded function, Concrete security, business, Security parameter, Information Systems, Key size

Abstract

We address the problem of the-security of cryptographic protocols in face of future advances in computing technology and algorithmic research. The problem stems from the fact may be deemed that computations which at a given point in time may be deemed infeasible, can, in the course of years or decades, be made possible with improved hardware and/or breakthroughs in code-breaking algorithms. In such cases, the security of historical , but nonetheless highly confidential data may be in jeopardy. We present a scheme for efficient secure two-party communication with provable everlasting security. The security is guaranteed in face of any future technological advances, given the current state of of the art. Furthermore, the security of the messages is also guaranteed even if the secret encryption/decryption key is revealed in the future, The scheme is based on the bounded storage model and provides information-theoretic security in this model. The bounded storage model postulates an adversary who is computationally unbounded, and is only bounded in the amount of storage (not computation space) available to store the output of his computation. The bound on the storage can be arbitrarily large (e.g., 100 Tbytes), as long as it is fixed. Given this storage bound, our protocols guarantee that even a computationally all powerful adversary gains no information about a message (except with a probability that is exponentially small in the security parameter k). The bound on storage space need only hold at the time of the message transmission. Thereafter, no additional storage space or, computational power can help the adversary in deciphering the message. We present two protocols. The first protocol, which elaborates on the autoregressive (AR) protocol of Aumann and Rabin (see Advances in Cryptology-Crypto '99, p. 65-79, 1999), employs a short secret key whose size is independent of the length of the message, but uses many public random bits. The second protocol uses an optimal number of public random bits, but employs a longer secret key. Our proof of security utilizes a novel linear algebraic technique.

Published

2002

13. A Novel Homomorphic MAC Scheme for Authentication in Network Coding

Author

Tao Jiang and Chi Cheng

Subjects

Authentication, business.industry, Computer science, Homomorphic encryption, Computer Science Applications, Finite field, Modeling and Simulation, Linear network coding, Message authentication code, Electrical and Electronic Engineering, business, Security parameter, Computer network, Integer (computer science)

Abstract

Recently, homomorphic message authentication code (MAC) schemes have been proposed to thwart pollution attacks in network coding. However, existing schemes adopt the inner product operation to construct the MAC, which could be broken with probability Pr=1/q, where the predetermined system parameter q is typically set as 28. Usually, the homomorphic MAC with a security parameter Pr=1/28 may not be sufficient in practice. In this letter, we propose a novel scheme and its key idea is to employ the trace function over a finite field to construct the homomorphic MAC. The proposed method could achieve a reliable security Pr=1/ql without increasing the field size or employing multiple keys, where l is a positive integer greater than or equal to 1.

Published

2011