Search

Your search keyword '"Merkle trees"' showing total 44 results
Start Over Descriptor "Merkle trees"
44 results on '"Merkle trees"'

1. Merkle Trees

Author

Galdi, Clemente, Jajodia, Sushil, editor, Samarati, Pierangela, editor, and Yung, Moti, editor

Published
2025
Full Text
View/download PDF

2. Evaluating the Security of Merkle Trees: An Analysis of Data Falsification Probabilities.

Author

Kuznetsov, Oleksandr, Rusnak, Alex, Yezhov, Anton, Kuznetsova, Kateryna, Kanonik, Dzianis, and Domin, Oleksandr

Subjects
*DATA integrity, *DATA security, *INTERNET of things, *EVIDENCE gaps, *NUMERICAL analysis
Abstract

Addressing the critical challenge of ensuring data integrity in decentralized systems, this paper delves into the underexplored area of data falsification probabilities within Merkle Trees, which are pivotal in blockchain and Internet of Things (IoT) technologies. Despite their widespread use, a comprehensive understanding of the probabilistic aspects of data security in these structures remains a gap in current research. Our study aims to bridge this gap by developing a theoretical framework to calculate the probability of data falsification, taking into account various scenarios based on the length of the Merkle path and hash length. The research progresses from the derivation of an exact formula for falsification probability to an approximation suitable for cases with significantly large hash lengths. Empirical experiments validate the theoretical models, exploring simulations with diverse hash lengths and Merkle path lengths. The findings reveal a decrease in falsification probability with increasing hash length and an inverse relationship with longer Merkle paths. A numerical analysis quantifies the discrepancy between exact and approximate probabilities, underscoring the conditions for the effective application of the approximation. This work offers crucial insights into optimizing Merkle Tree structures for bolstering security in blockchain and IoT systems, achieving a balance between computational efficiency and data integrity. [ABSTRACT FROM AUTHOR]

Published
2024
Full Text
View/download PDF

3. Efficient and Universal Merkle Tree Inclusion Proofs via OR Aggregation.

Author

Kuznetsov, Oleksandr, Rusnak, Alex, Yezhov, Anton, Kanonik, Dzianis, Kuznetsova, Kateryna, and Domin, Oleksandr

Subjects
*DATA transmission systems, *BLOCKCHAINS, *SCALABILITY, *LOGIC, *COMPARATIVE studies
Abstract

Zero-knowledge proofs have emerged as a powerful tool for enhancing privacy and security in blockchain applications. However, the efficiency and scalability of proof systems remain a significant challenge, particularly in the context of Merkle tree inclusion proofs. Traditional proof aggregation techniques based on AND logic suffer from a high verification complexity and data communication overhead, limiting their practicality for large-scale applications. In this paper, we propose a novel proof aggregation approach based on OR logic, which enables the generation of compact and universally verifiable proofs for Merkle tree inclusion. By adapting and extending the concept of OR composition from Sigma protocols, we achieve a proof size that is independent of the number of leaves in the tree, and verification can be performed using any single valid leaf hash. This represents a significant improvement over AND aggregation, which requires the verifier to process all leaf hashes. We formally define the OR aggregation logic; describe the process of generating universal proofs; and provide a comparative analysis that demonstrates the advantages of our approach in terms of proof size, verification data, and universality. Furthermore, we discuss the potential of combining OR and AND aggregation logics to create complex acceptance functions, enabling the development of expressive and efficient proof systems for various blockchain applications. The proposed techniques have the potential to significantly enhance the scalability, efficiency, and flexibility of zero-knowledge proof systems, paving the way for more practical and adaptive solutions in large-scale blockchain ecosystems. [ABSTRACT FROM AUTHOR]

Published
2024
Full Text
View/download PDF

4. Validating δ-Currency Using Model Checking

Author

Prabhu, Shreekanth M., Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Namasudra, Suyel, editor, Trivedi, Munesh Chandra, editor, Crespo, Ruben Gonzalez, editor, and Lorenz, Pascal, editor

Published
2024
Full Text
View/download PDF

5. Enhanced Security and Efficiency in Blockchain With Aggregated Zero-Knowledge Proof Mechanisms

Author

Oleksandr Kuznetsov, Alex Rusnak, Anton Yezhov, Dzianis Kanonik, Kateryna Kuznetsova, and Stanislav Karashchuk

Subjects
Blockchain technology, data verification, zero-knowledge proofs, Merkle Trees, Ethereum, computational efficiency, Electrical engineering. Electronics. Nuclear engineering, TK1-9971
Abstract

Blockchain technology has emerged as a revolutionary tool in ensuring data integrity and security in digital transactions. However, the current approaches to data verification in blockchain systems, particularly in Ethereum, face challenges in terms of efficiency and computational overhead. The traditional use of Merkle Trees and cryptographic hash functions, while effective, leads to significant resource consumption, especially for large datasets. This highlights a gap in existing research: the need for more efficient methods of data verification in blockchain networks. Our study addresses this gap by proposing an innovative aggregation scheme for Zero-Knowledge Proofs within the structure of Merkle Trees. We develop a system that significantly reduces the size of the proof and the computational resources needed for its generation and verification. Our approach represents a paradigm shift in blockchain data verification, balancing security with efficiency. We conducted extensive experimental evaluations using real Ethereum block data to validate the effectiveness of our proposed scheme. The results demonstrate a drastic reduction in proof size and computational requirements compared to traditional methods, making the verification process more efficient and economically viable. Our contribution fills a critical research void, offering a scalable and secure solution for blockchain data verification. The implications of our work are far-reaching, enhancing the overall performance and adaptability of blockchain technology in various applications, from financial transactions to supply chain management.

Published
2024
Full Text
View/download PDF

6. Quotable Signatures for Authenticating Shared Quotes

Author

Boyar, Joan, Erfurth, Simon, Larsen, Kim S., Niederhagen, Ruben, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Aly, Abdelrahaman, editor, and Tibouchi, Mehdi, editor

Published
2023
Full Text
View/download PDF

7. Broken Proofs of Solvency in Blockchain Custodial Wallets and Exchanges

Author

Chalkias, Konstantinos, Chatzigiannis, Panagiotis, Ji, Yan, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Matsuo, Shin'ichiro, editor, Gudgeon, Lewis, editor, Klages-Mundt, Ariah, editor, Perez Hernandez, Daniel, editor, Werner, Sam, editor, Haines, Thomas, editor, Essex, Aleksander, editor, Bracciali, Andrea, editor, and Sala, Massimiliano, editor

Published
2023
Full Text
View/download PDF

9. Blockchains with Five Merkle Trees to Support Financial Transactions

Author

Tsai, Wei-Tek, Yang, Dong, Zhang, Feng, Yu, Le, Zhang, Hongyang, Zhang, Yaowei, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Qiu, Meikang, editor, Lu, Zhihui, editor, and Zhang, Cheng, editor

Published
2023
Full Text
View/download PDF

10. A Fast Heterogeneous Approach to Enhanced Blockchain Attack Resilience and Mitigation

Author

Pungila, Ciprian, Negru, Viorel, Kacprzyk, Janusz, Series Editor, Pal, Nikhil R., Advisory Editor, Bello Perez, Rafael, Advisory Editor, Corchado, Emilio S., Advisory Editor, Hagras, Hani, Advisory Editor, Kóczy, László T., Advisory Editor, Kreinovich, Vladik, Advisory Editor, Lin, Chin-Teng, Advisory Editor, Lu, Jie, Advisory Editor, Melin, Patricia, Advisory Editor, Nedjah, Nadia, Advisory Editor, Nguyen, Ngoc Thanh, Advisory Editor, Wang, Jun, Advisory Editor, Gude Prego, Juan José, editor, de la Puerta, José Gaviria, editor, García Bringas, Pablo, editor, Quintián, Héctor, editor, and Corchado, Emilio, editor

Published
2022
Full Text
View/download PDF

11. GMMT: A Revocable Group Merkle Multi-tree Signature Scheme

Author

Yehia, Mahmoud, AlTawy, Riham, Gulliver, T. Aaron, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Conti, Mauro, editor, Stevens, Marc, editor, and Krenn, Stephan, editor

Published
2021
Full Text
View/download PDF

14. User-Generated Pseudonyms Through Merkle Trees

Author

Kermezis, Georgios, Limniotis, Konstantinos, Kolokotronis, Nicholas, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Gruschka, Nils, editor, Antunes, Luís Filipe Coelho, editor, Rannenberg, Kai, editor, and Drogkaris, Prokopios, editor

Published
2021
Full Text
View/download PDF

15. Secure ambient intelligence prototype for airports.

Author

Rodríguez-Pérez, Nayra, Toledo-Castro, Josué, Caballero-Gil, Pino, Santos-González, Iván, and Hernández-Goya, Candelaria

Abstract

Nowadays, many technological advances applied to the Internet of Things (IoT) make the introduction of innovative sensors aimed to deploy efficient wireless sensor networks possible. In order to improve the environment and people's lives, real time analysis of certain environmental variables may favour the reduction of health risks related to the deterioration of air quality. To this respect, the proposed system implements a particular prototype of IoT device characterized by the assembly of ambient sensors capable of measuring pollutant gases, temperature and humidity. For this purpose, Raspberry Pi and Arduino platforms are used. Several security methods are introduced to ensure the integrity of air quality data by implementing Merkle Trees on each IoT node and on the Cloud server. Besides, the authenticity of IoT devices and the confidentiality of communications are guaranteed by implementing HTTPS requests. Finally, authentication tokens are used to identify system users, and different security rules are applied to manage database operations. [ABSTRACT FROM AUTHOR]

Published
2022
Full Text
View/download PDF

16. Improving Blockchain Security Validation and Transaction Processing Through Heterogeneous Computing

Author

Pungila, Ciprian, Negru, Viorel, Kacprzyk, Janusz, Series Editor, Pal, Nikhil R., Advisory Editor, Bello Perez, Rafael, Advisory Editor, Corchado, Emilio S., Advisory Editor, Hagras, Hani, Advisory Editor, Kóczy, László T., Advisory Editor, Kreinovich, Vladik, Advisory Editor, Lin, Chin-Teng, Advisory Editor, Lu, Jie, Advisory Editor, Melin, Patricia, Advisory Editor, Nedjah, Nadia, Advisory Editor, Nguyen, Ngoc Thanh, Advisory Editor, Wang, Jun, Advisory Editor, Martínez Álvarez, Francisco, editor, Troncoso Lora, Alicia, editor, Sáez Muñoz, José António, editor, Quintián, Héctor, editor, and Corchado, Emilio, editor

Published
2020
Full Text
View/download PDF

17. Tunneling Trust Into the Blockchain: A Merkle Based Proof System for Structured Documents

Author

Francesco Bruschi, Vincenzo Rana, Alessio Pagani, and Donatella Sciuto

Subjects
Blockchain, smart contracts, oracles, Merkle trees, Ethereum, Electrical engineering. Electronics. Nuclear engineering, TK1-9971
Abstract

The idea of Smart contracts foresees the possibility of automating contractual clauses using hardware and software tools and devices. One of the main perspectives of their implementation is the automation of interactions such as bets, collaterals, prediction markets, insurances. As blockchain platforms, such as Ethereum, offer very strong guarantees of untampered, deterministic execution, that can be exploited as smart contracts substrate, the problem of how to provide reliable information from the “outside world” into the contracts becomes central. In this article, we propose a system based on a Merkle tree representation of structured documents (such as all XML), with which it is possible to generate compact proofs on the content of web documents. The proofs can then be efficiently checked on-chain by a smart contract, to trigger contract action. We provide an end-to-end proof of concept, applying it to real use case scenarios, which allows us to give an estimate of the costs.

Published
2021
Full Text
View/download PDF

18. A Supplementary Tool for Web-archiving Using Blockchain Technology

Author

John E. de Villiers and André P. Calitz

Subjects
web-archiving, blockchain, trusted timestamping, non-repudiation, cryptographic hash functions, merkle trees, dapps, smart contracts, Technology, Information technology, T58.5-58.64
Abstract

The usefulness of a uniform resource locator (URL) on the World Wide Web is reliant on the resource being hosted at the same URL in perpetuity. When URLs are altered or removed, this results in the resource, such as an image or document, being inaccessible. While web-archiving projects seek to prevent such a loss of online resources, providing complete backups of the web remains a formidable challenge. This article outlines the initial development and testing of a decentralised application (DApp), provisionally named Repudiation Chain, as a potential tool to help address these challenges presented by shifting URLs and uncertain web-archiving. Repudiation Chain seeks to make use of a blockchain smart contract mechanism in order to allow individual users to contribute to web-archiving. Repudiation Chain aims to offer unalterable assurance that a specific file and its URL existed at a given point in time—by generating a compact, non-reversible representation of the file at the time of its non-repudiation. If widely adopted, such a tool could contribute to decentralisation and democratisation of web-archiving.

Published
2020
Full Text
View/download PDF

19. ON THE UNIVERSAL TREE MODE OF HASH CODE GENERATION

Author

Dmitriy S. Bogdanov, Farkhad A. Dali, and Vladimir O. Mironkin

Subjects
Hash function, hash code, parallelization of calculations, hash tree, Merkle trees, mode, algorithm, formatting, Electronic computers. Computer science, QA75.5-76.95
Abstract

Classical approaches to the construction of hash function modes, based on the using of iterative procedures, do not allow efficient processing of large amounts of data and can’t be adapted to parallel computing architectures. It applies to both the Russian cryptographic standard GOST R 34.11-2012, which determines the algorithm and procedure for calculating the hash function, as well as many other foreign standards (for example, SHA-3). The absence of standards for parallelized modes for the hash functions of GOST R 34.11-2012 creates an urgent need for the development of the domestic standard of the parallelized mode of hash code. This article is devoted to the research and development of new modes of hash code generation that allow efficient parallelization of the computation process and provide cryptographic resistance satisfying modern requirements. This work continues the research carried out by the authors, and offers a fundamentally new tree mode of hash code generation ("FT-mode"), based on l-ary hash trees and allowed to use any compression mapping for a mechanism of forming tree nodes. The resistance of the mode is completely determined by the resistance of the corresponding compressive mapping. In particular, the FT-mode allows using block ciphers and substitution transformations to form nodes of a hash tree along with compression functions and hash functions. In addition, the FT-mode excludes the main functional disadvantages of the known tree modes of hash code generation that affect their operational, technical and cryptographic quality. Within the framework of the present research a number of characteristics of FT-mode are calculated, and a comparative analysis of the time and computational complexity of implementations of FT-mode and some foreign tree hash modes is carried out. The corresponding results showed that the developed mode is not inferior to any of the considered modes.

Published
2018
Full Text
View/download PDF

20. Blockchain-based verification framework for data integrity in edge-cloud storage.

Author

Yue, Dongdong, Li, Ruixuan, Zhang, Yan, Tian, Wenlong, and Huang, Yongfeng

Subjects
*DATA integrity, *CLOUD storage, *DATA warehousing, *INTERNET of things, *RANDOM numbers, *BLOCKCHAINS, *STORAGE
Abstract

With the popularity of the Internet of Things (IoT), data integrity verification in the edge cloud storage attracts attentions from many researchers. Due to the over dependence of the Third Party Auditor (TPA) and the dynamical nature of the IoT data, the traditional data integrity verification framework for cloud storage can hardly work. To satisfy the characteristics of the IoT and avoid the over dependence of the TPA, we propose a blockchain-based framework without TPA for data integrity verification in a decentralized edge-cloud storage (ECS) scenario in this paper. In our framework, we employ the Merkle tree with random challenging numbers for data integrity verification and analyze different Merkle tree structures to optimize the system performance. To solve the problem of limited resources and high real-time requirements, we further propose sampling verification and develop rational sampling strategies to make sampling verification more effective. The overhead and precision of the verification in ECS are studied by an optimal sample size strategy. Finally, a prototype system is implemented based on our framework. We conduct a series of experiments to evaluate the effectiveness of the proposed schemes. The experimental results show that our schemes can effectively improve the performance of data integrity verification. • A general blockchain based data integrity verification framework for edge-cloud storage scenario. • A sampling strategy to save the energy and improve the response time in the edge-cloud storage scenario. • Implementation of data integrity verification framework including the detailed design of the smart contracts and the major functions. • The employment of blockchain in edge-cloud storage making data integrity verification more flexibility, transparent and auditable. [ABSTRACT FROM AUTHOR]

Published
2020
Full Text
View/download PDF

21. A precise non-asymptotic complexity analysis of parallel hash functions without tree topology constraints.

Author

Atighehchi, Kevin

Subjects
*HASHING, *TREE height, *TOPOLOGY, *TIME management, *TREES
Abstract

A recent work shows how we can optimize a tree based mode of operation for a hash function where the sizes of input message blocks and digest are the same, subject to the constraint that the involved tree structure has all its leaves at the same depth. In this work, we show that we can further optimize the running time of such a mode by using a tree having leaves at all its levels. We make the assumption that the input message block has a size a multiple of that of the digest and denote by d the ratio block size over digest size. The running time is evaluated in terms of number of operations performed by the hash function, i.e. the number of calls to its underlying function. It turns out that a digest can be computed in ⌈ log d + 1 (l ∕ 2) ⌉ + 2 evaluations of the underlying function using ⌈ l ∕ 2 ⌉ processors, where l is the number of blocks of the message. Other results of interest are discussed, such as the optimization of the parallel running time for a tree of restricted height. • Estimation of the optimal parallel time obtained using hash trees of smallest height. • In particular, both the running time and the number of involved processors are optimized. • Estimation of the optimal parallel time for hash trees of unrestricted height. • Optimization of the number of involved processors without changing this running time. • Complexity results about the optimal parallel time for a restricted number of processors. • All the proposed tree-based modes support live-streaming for a restricted number of processors. [ABSTRACT FROM AUTHOR]

Published
2020
Full Text
View/download PDF

22. Hash-Based TPM Signatures for the Quantum World

Author

Ando, Megumi, Guttman, Joshua D., Papaleo, Alberto R., Scire, John, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Josef, Kittler, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Manulis, Mark, editor, Sadeghi, Ahmad-Reza, editor, and Schneider, Steve, editor

Published
2016
Full Text
View/download PDF

23. Asymptotic Analysis of Plausible Tree Hash Modes for SHA-3

Author

Kevin Atighehchi and Alexis Bonnecaze

Subjects
SHA-3, Hash functions, Sakura, Keccak, SHAKE, Parallel algorithms, Merkle trees, Live streaming, Computer engineering. Computer hardware, TK7885-7895
Abstract

Discussions about the choice of a tree hash mode of operation for a standardization have recently been undertaken. It appears that a single tree mode cannot address adequately all possible uses and specifications of a system. In this paper, we review the tree modes which have been proposed, we discuss their problems and propose solutions. We make the reasonable assumption that communicating systems have different specifications and that software applications are of different types (securing stored content or live-streamed content). Finally, we propose new modes of operation that address the resource usage problem for three representative categories of devices and we analyse their asymptotic behavior.

Published
2017
Full Text
View/download PDF

24. Online Mergers and Applications to Registration-Based Encryption and Accumulators

Author

Mohammad Mahmoody and Wei Qi, Mahmoody, Mohammad, Qi, Wei, Mohammad Mahmoody and Wei Qi, Mahmoody, Mohammad, and Qi, Wei

Abstract

In this work we study a new information theoretic problem, called online merging, that has direct applications for constructing public-state accumulators and registration-based encryption schemes. An {online merger} receives the sequence of sets {1}, {2}, … in an online way, and right after receiving {i}, it can re-partition the elements 1,…,i into T₁,…,T_{m_i} by merging some of these sets. The goal of the merger is to balance the trade-off between the maximum number of sets wid = max_{i ∈ [n]} m_i that co-exist at any moment, called the width of the scheme, with its depth dep = max_{i ∈ [n]} d_i, where d_i is the number of times that the sets that contain i get merged. An online merger can be used to maintain a set of Merkle trees that occasionally get merged. An online merger can be directly used to obtain public-state accumulators (using collision-resistant hashing) and registration-based encryptions (relying on more assumptions). Doing so, the width of an online merger translates into the size of the public-parameter of the constructed scheme, and the depth of the online algorithm corresponds to the number of times that parties need to update their "witness" (for accumulators) or their decryption key (for RBE). In this work, we construct online mergers with poly(log n) width and O(log n / log log n) depth, which can be shown to be optimal for all schemes with poly(log n) width. More generally, we show how to achieve optimal depth for a given fixed width and to achieve a 2-approximate optimal width for a given depth d that can possibly grow as a function of n (e.g., d = 2 or d = log n / log log n). As applications, we obtain accumulators with O(log n / log log n) number of updates for parties' witnesses (which can be shown to be optimal for accumulator digests of length poly(log n)) as well as registration based encryptions that again have an optimal O(log n / log log n) number of decryption updates, resolving the open question of Mahmoody, Rahimi, Qi [TCC'22] w

Published
2023
Full Text
View/download PDF

25. Bivariate Polynomials Modulo Composites and Their Applications

Author

Boneh, Dan, Corrigan-Gibbs, Henry, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Kobsa, Alfred, Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Sarkar, Palash, editor, and Iwata, Tetsu, editor

Published
2014
Full Text
View/download PDF

26. Merkle Trees

Author

Carminati, Barbara, Ferrari, Elena, Section editor, Liu, Ling, editor, and Özsu, M. Tamer, editor

Published
2018
Full Text
View/download PDF

27. Online Mergers and Applications to Registration-Based Encryption and Accumulators

Author

Mahmoody, Mohammad and Qi, Wei

Subjects
Registration-based encryption, Merkle Trees, Accumulators, Theory of computation → Computational complexity and cryptography
Abstract

In this work we study a new information theoretic problem, called online merging, that has direct applications for constructing public-state accumulators and registration-based encryption schemes. An {online merger} receives the sequence of sets {1}, {2}, … in an online way, and right after receiving {i}, it can re-partition the elements 1,…,i into T₁,…,T_{m_i} by merging some of these sets. The goal of the merger is to balance the trade-off between the maximum number of sets wid = max_{i ∈ [n]} m_i that co-exist at any moment, called the width of the scheme, with its depth dep = max_{i ∈ [n]} d_i, where d_i is the number of times that the sets that contain i get merged. An online merger can be used to maintain a set of Merkle trees that occasionally get merged. An online merger can be directly used to obtain public-state accumulators (using collision-resistant hashing) and registration-based encryptions (relying on more assumptions). Doing so, the width of an online merger translates into the size of the public-parameter of the constructed scheme, and the depth of the online algorithm corresponds to the number of times that parties need to update their "witness" (for accumulators) or their decryption key (for RBE). In this work, we construct online mergers with poly(log n) width and O(log n / log log n) depth, which can be shown to be optimal for all schemes with poly(log n) width. More generally, we show how to achieve optimal depth for a given fixed width and to achieve a 2-approximate optimal width for a given depth d that can possibly grow as a function of n (e.g., d = 2 or d = log n / log log n). As applications, we obtain accumulators with O(log n / log log n) number of updates for parties' witnesses (which can be shown to be optimal for accumulator digests of length poly(log n)) as well as registration based encryptions that again have an optimal O(log n / log log n) number of decryption updates, resolving the open question of Mahmoody, Rahimi, Qi [TCC'22] who proved that Ω(log n / log log n) number of decryption updates are necessary for any RBE (with public parameter of length poly(log n)). More generally, for any given number of decryption updates d = d(n) (under believable computational assumptions) our online merger implies RBE schemes with public parameters of length that is optimal, up to a constant factor that depends on the security parameter. For example, for any constant number of updates d, we get RBE schemes with public parameters of length O(n^{1/(d+1)})., LIPIcs, Vol. 267, 4th Conference on Information-Theoretic Cryptography (ITC 2023), pages 15:1-15:23

Published
2023
Full Text
View/download PDF

29. TEC-Tree: A Low-Cost, Parallelizable Tree for Efficient Defense Against Memory Replay Attacks

Author

Elbaz, Reouven, Champagne, David, Lee, Ruby B., Torres, Lionel, Sassatelli, Gilles, Guillemin, Pierre, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Paillier, Pascal, editor, and Verbauwhede, Ingrid, editor

Published
2007
Full Text
View/download PDF

31. Tunneling Trust Into the Blockchain: A Merkle Based Proof System for Structured Documents

Author

Donatella Sciuto, Vincenzo Rana, Francesco Bruschi, and Alessio Pagani

Subjects
General Computer Science, Smart contract, business.industry, Computer science, computer.internet_protocol, General Engineering, Mathematical proof, Merkle tree, Computer security, computer.software_genre, smart contracts, Automation, TK1-9971, Ethereum, Software, Blockchain, Proof of concept, General Materials Science, Use case, Merkle trees, Electrical engineering. Electronics. Nuclear engineering, business, computer, XML, oracles
Abstract

The idea of Smart contracts foresees the possibility of automating contractual clauses using hardware and software tools and devices. One of the main perspectives of their implementation is the automation of interactions such as bets, collaterals, prediction markets, insurances. As blockchain platforms, such as Ethereum, offer very strong guarantees of untampered, deterministic execution, that can be exploited as smart contracts substrate, the problem of how to provide reliable information from the “outside world” into the contracts becomes central. In this article, we propose a system based on a Merkle tree representation of structured documents (such as all XML), with which it is possible to generate compact proofs on the content of web documents. The proofs can then be efficiently checked on-chain by a smart contract, to trigger contract action. We provide an end-to-end proof of concept, applying it to real use case scenarios, which allows us to give an estimate of the costs.

Published
2021

32. T₅: Hashing Five Inputs with Three Compression Calls

Author

Yevgeniy Dodis and Dmitry Khovratovich and Nicky Mouha and Mridul Nandi, Dodis, Yevgeniy, Khovratovich, Dmitry, Mouha, Nicky, Nandi, Mridul, Yevgeniy Dodis and Dmitry Khovratovich and Nicky Mouha and Mridul Nandi, Dodis, Yevgeniy, Khovratovich, Dmitry, Mouha, Nicky, and Nandi, Mridul

Abstract

Given 2n-to-n compression functions h₁,h₂,h₃, we build a new 5n-to-n compression function T₅, using only 3 compression calls: T₅(m₁, m₂, m₃, m₄, m₅) : = h₃(h₁(m₁, m₂)⊕ m₅ , h₂(m₃, m₄)⊕ m₅) ⊕ m₅ We prove that this construction matches Stam’s bound, by providing Õ(q²/2ⁿ) collision security and O(q³/2^{2n}+ nq/2ⁿ) preimage security (the latter term dominates in the region of interest, when q < 2^{n/2}). In particular, it provides birthday security for hashing 5 inputs using three 2n-to-n compression calls, instead of only 4 inputs in prior constructions. Thus, we get a sequential variant of the Merkle-Damgård (MD) hashing, where t message blocks are hashed using only 3t/4 calls to the 2n-to-n compression functions; a 25% saving over traditional hash function constructions. This time reduces to t/4 (resp. t/2) sequential calls using 3 (resp. 2) parallel execution units; saving a factor of 4 (resp. 2) over the traditional MD-hashing, where parallelism does not help to process one message. We also get a novel variant of a Merkle tree, where t message blocks can be processed using 0.75(t-1) compression function calls and depth 0.86 log₂ t, thereby saving 25% in the number of calls and 14% in the update time over Merkle trees. We provide two modes for a local opening of a particular message block: conservative and aggressive. The former retains the birthday security, but provides longer proofs and local verification time than the traditional Merkle tree. For the aggressive variant, we reduce the proof length to a 29% overhead compared to Merkle trees (1.29log₂ t vs log₂ t), but the verification time is now 14% faster (0.86log₂ t vs log₂ t). However, birthday security is only shown under a plausible conjecture related to the 3-XOR problem, and only for the (common, but not universal) setting where the root of the Merkle tree is known to correspond to a valid t-block message.

Published
2021
Full Text
View/download PDF

34. T₅: Hashing Five Inputs with Three Compression Calls

Author

Dodis, Yevgeniy, Khovratovich, Dmitry, Mouha, Nicky, and Nandi, Mridul

Subjects
Security and privacy → Cryptography, hash functions, collision resistance, Merkle trees, Merkle-Damgård
Abstract

Given 2n-to-n compression functions h₁,h₂,h₃, we build a new 5n-to-n compression function T₅, using only 3 compression calls: T₅(m₁, m₂, m₃, m₄, m₅) : = h₃(h₁(m₁, m₂)⊕ m₅ , h₂(m₃, m₄)⊕ m₅) ⊕ m₅ We prove that this construction matches Stam’s bound, by providing Õ(q²/2ⁿ) collision security and O(q³/2^{2n}+ nq/2ⁿ) preimage security (the latter term dominates in the region of interest, when q < 2^{n/2}). In particular, it provides birthday security for hashing 5 inputs using three 2n-to-n compression calls, instead of only 4 inputs in prior constructions. Thus, we get a sequential variant of the Merkle-Damgård (MD) hashing, where t message blocks are hashed using only 3t/4 calls to the 2n-to-n compression functions; a 25% saving over traditional hash function constructions. This time reduces to t/4 (resp. t/2) sequential calls using 3 (resp. 2) parallel execution units; saving a factor of 4 (resp. 2) over the traditional MD-hashing, where parallelism does not help to process one message. We also get a novel variant of a Merkle tree, where t message blocks can be processed using 0.75(t-1) compression function calls and depth 0.86 log₂ t, thereby saving 25% in the number of calls and 14% in the update time over Merkle trees. We provide two modes for a local opening of a particular message block: conservative and aggressive. The former retains the birthday security, but provides longer proofs and local verification time than the traditional Merkle tree. For the aggressive variant, we reduce the proof length to a 29% overhead compared to Merkle trees (1.29log₂ t vs log₂ t), but the verification time is now 14% faster (0.86log₂ t vs log₂ t). However, birthday security is only shown under a plausible conjecture related to the 3-XOR problem, and only for the (common, but not universal) setting where the root of the Merkle tree is known to correspond to a valid t-block message., LIPIcs, Vol. 199, 2nd Conference on Information-Theoretic Cryptography (ITC 2021), pages 24:1-24:23

Published
2021
Full Text
View/download PDF

35. The Kupyna hash function application to SPHINCS+ signatures

Author

D. Televnyi

Subjects
Computer science, SPHINCS, Hash function, схема подписи, Merkle Trees, дерева Меркла, General Medicine, хеш-фукція, Postquantum Cryptography, схема підпису, Hash Function, Signature Scheme, постквантова криптографія, Kupyna, хэш-функция, Купина, Меркле деревья, Algorithm, постквантовая криптография
Abstract

In recent years, there has been a substantial amount of research on quantum computers – machines that exploit quantum mechanical phenomena to solve mathematical problems that are difficult or intractable for conventional computers. The possibility of quantum attacks formed a new chapter in cryptology field – postquantum cryptology, where DSA schemes became one of the main research vectors. The most representative samples are schemes based on hash transformations. Hash-based signature schemes were developed as one-time signature schemes in the late 1970s by Lamport and extended to more signatures by Merkle. In further more complicated schemes were introduced. NIST declared about the competition of new postquantum standards both for encryption (key generation) and signatures As for the 2nd round there are 9 Digital signature candidates. SPHINCS+ (former SPHINCS) is in the list. The algorithm can be briefly described as a stateless hash-based signature scheme. It uses many components from XMSS but works with larger keys and signature to eliminate state. The scheme can be used with different hash functions. The main goal of this paper is to analyze the application of the national standard hash function the scheme of the NIST submission candidate SPHINCS+. The research showed the national standard hash could be applied to the seed randomness generation and hashing the input message. Since Kupyna function returns fixed-size output, its application looks similar to SHA-256 hashes., В последние годы проведено значительное количество исследований по квантовым компьютерам, использующим квантово-механические явления для решения математических задач, которые являются сложными или неразрешимыми для обычных компьютеров. Возможность квантовых атак сформировала новую главу в области криптологии – постквантовую криптологию, где схемы ЭЦП стали одним из основных векторов исследований. Наиболее представительными выборками являются схемы, основанные на хэш-преобразованиях. Схемы подписи на основе хэша разработаны Лемпортом в качестве схемы одноразовой подписи в конце 1970-х годов и расширены для большего числа подписей Мерклом. В дальнейшем были введены более сложные схемы. NIST объявил о конкурсе новых стандартов постквантовой криптографии как для шифрования (генерации ключей), так и для подписей. На 2-й тур претендуют 9 кандидатов цифровой подписи. SPHINCS + (бывший SPHINCS) находится в списке. Алгоритм может быть кратко описан как схема подписи на основе хэша без сохранения состояния. Он использует много компонентов из XMSS, но работает с большими ключами и сигнатурой для устранения состояния. Схема может быть использована с различными хеш-функциями. Цель статьи – проанализировать применение хэш-функции национального стандарта в схеме кандидата NIST-кандидата SPHINCS +. Исследование показало, что хэш национального стандарта может быть применен к генерации случайных чисел и хешированию входного сообщения. Поскольку функция Kupyna возвращает выходные данные фиксированного размера, ее применение выглядит подобно хэш-функции SHA-256., В останні роки проведено значну кількість досліджень квантових комп'ютерів – машин, які використовують квантові механічні явища для вирішення математичних задач, важких або нерозв'язних для звичайних комп'ютерів. Можливість квантових атак сформувала нову главу в галузі криптології – постквантову криптологію, де схеми DSA стали одним з основних векторів досліджень. Найбільш репрезентативними вибірками є схеми, засновані на хеш-перетвореннях. Схеми підписів Лемпорта на основі хешу були розроблені як одноразові схеми підпису в кінці 1970-х і розширені Меркле на багаторазові підписи. Надалі були запроваджені складніші схеми. NIST заявив про конкуренцію нових стандартів potquantum як для шифрування (генерації ключів), так і для підписів. У ІІ турі є 9 кандидатів у цифровий підпис. SPHINCS + (колишній SPHINCS) є у списку. Алгоритм можна коротко охарактеризувати як схему підписів без збереження стану. Він використовує багато компонентів з XMSS, але працює з більшими ключами та підписом для усунення стану. Схему можна використовувати з різними хеш-функціями. Мета роботи – проаналізувати застосування національної стандартної хеш-функції схеми кандидата, що подає NIST SPHINCS +. Дослідження показало, що національний стандарт хеш може бути застосований до генерації випадкових випадків насіння та хешування вхідного повідомлення. Оскільки Fuction fuction повертає вихід фіксованого розміру, його застосування виглядає аналогічно хешам SHA-256.

Published
2019

36. Merkle Search Trees: Efficient State-Based CRDTs in Open Networks

Author

Alex Auvolat, François Taïani, Département d'informatique - ENS Paris (DI-ENS), École normale supérieure - Paris (ENS-PSL), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS), the World Is Distributed Exploring the tension between scale and coordination (WIDE), Inria Rennes – Bretagne Atlantique, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-SYSTÈMES LARGE ÉCHELLE (IRISA-D1), Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-IMT Atlantique (IMT Atlantique), Institut Mines-Télécom [Paris] (IMT)-Institut Mines-Télécom [Paris] (IMT)-Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut Mines-Télécom [Paris] (IMT)-Institut Mines-Télécom [Paris] (IMT)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-IMT Atlantique (IMT Atlantique), Institut Mines-Télécom [Paris] (IMT)-Institut Mines-Télécom [Paris] (IMT), École normale supérieure - Paris (ENS Paris), Université de Bretagne Sud (UBS)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Rennes (ENS Rennes)-Centre National de la Recherche Scientifique (CNRS)-Université de Rennes 1 (UR1), Université de Rennes (UNIV-RENNES)-CentraleSupélec-IMT Atlantique Bretagne-Pays de la Loire (IMT Atlantique), Institut Mines-Télécom [Paris] (IMT)-Institut Mines-Télécom [Paris] (IMT)-Université de Bretagne Sud (UBS)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-École normale supérieure - Rennes (ENS Rennes)-Centre National de la Recherche Scientifique (CNRS)-Université de Rennes 1 (UR1), and Département d'informatique de l'École normale supérieure (DI-ENS)

Subjects
IoT, Computer science, Distributed computing, [INFO.INFO-SE]Computer Science [cs]/Software Engineering [cs.SE], 02 engineering and technology, Peer-to-peer, Merkle tree, computer.software_genre, [INFO.INFO-SI]Computer Science [cs]/Social and Information Networks [cs.SI], search trees, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Consistency (database systems), Encoding (memory), 0202 electrical engineering, electronic engineering, information engineering, ComputingMilieux_MISCELLANEOUS, Distributed database, Event (computing), 020206 networking & telecommunications, peer-to-peer, Data structure, Search tree, georeplicated systems, anti-entropy, CRDT, Merkle trees, 020201 artificial intelligence & image processing, [INFO.INFO-DC]Computer Science [cs]/Distributed, Parallel, and Cluster Computing [cs.DC], computer
Abstract

Most recent CRDT techniques rely on a causal broadcast primitive to provide guarantees on the delivery of operation deltas. Such a primitive is unfortunately hard to implement efficiently in large open networks, whose membership is often difficult to track. As an alternative, we argue in this paper that pure state-based CRDTs can be efficiently implemented by encoding states as specialized Merkle trees, and that this approach is well suited to open networks where many nodes may join and leave. At the core of our contribution lies a new kind of Merkle tree, called Merkle Search Tree (MST), that implements a balanced search tree while maintaining key ordering. This latter property makes it particularly efficient in the case of updates on sets of sequential keys, a common occurrence in many applications. We use this new data structure to implement a distributed event store, and show its efficiency in very large systems with low rates of updates. In particular, we show that in some scenarios our approach is able to achieve both a 66% reduction of bandwidth cost over a vector-clock approach, as well as a 34% improvement in consistency level. We finally suggest other uses of our construction for distributed databases in open networks.

Published
2019
Full Text
View/download PDF

37. Transparency Logs via Append-only Authenticated Dictionaries

Author

Tomescu, Alin, Papamanthou, Charalampos, Bhupatiraju, Vivek, Triandopoulos, Nikos, Papadopoulos, Dimitrios, Devadas, Srinivas, Tomescu, Alin, Papamanthou, Charalampos, Bhupatiraju, Vivek, Triandopoulos, Nikos, Papadopoulos, Dimitrios, and Devadas, Srinivas

Abstract

Transparency logs allow users to audit a potentially malicious service, paving the way towards a more accountable Internet. For example, Certificate Transparency (CT) enables domain owners to audit Certificate Authorities (CAs) and detect impersonation attacks. Yet, to achieve their full potential, transparency logs must be bandwidth-efficient when queried by users. Specifically, everyone should be able to efficiently look up log entries by their key and efficiently verify that the log remains append-only. Unfortunately, without additional trust assumptions, current transparency logs cannot provide both small-sized lookup proofs and small-sized append-only proofs. In fact, one of the proofs always requires bandwidth linear in the size of the log, making it expensive for everyone to query the log. In this paper, we address this gap with a new primitive called an append-only authenticated dictionary (AAD). Our construction is the first to achieve (poly)logarithmic size for both proof types and helps reduce bandwidth consumption in transparency logs. This comes at the cost of increased append times and high memory usage, both of which remain to be improved to make practical deployment possible. © 2019 Copyright held by the owner/author(s). Publication rights licensed to ACM.

Published
2019

38. Об универсальном древовидном режиме выработки хэш-кода

Author

Bogdanov, D.S., Dali, F.A., and Mironkin, V.O.

Subjects
дерево хэширования, algorithm, parallelization of calculations, деревья Меркла, mode, форматирование, распараллеливание вычислений, хэш-код, Hash function, hash tree, Хэш-функция, режим, Merkle trees, formatting, алгоритм, hash code
Abstract

Классические подходы к построению режимов работы хэш-функций, основанные на использовании итеративных процедур, не позволяют обеспечить эффективную обработку больших объемов данных и не могут быть адаптированы к параллельным вычислительным архитектурам. Это касается как российского криптографического стандарта ГОСТ Р 34.11-2012, определяющего алгоритм и процедуру вычисления хэш-функции, так и многих других зарубежных стандартов (например, SHA-3). Отсутствие действующих стандартов в части режимов работы хэш-функций ГОСТ Р 34.11-2012 создает острую необходимость разработки отечественного стандарта параллелизуемого режима выработки хэш-кода. Настоящая статья посвящена исследованию и разработке новых режимов выработки хэш-кода, допускающих эффективное распараллеливание процесса вычислений и обеспечивающих криптографическую стойкость, удовлетворяющую современным требованиям. Данная работа продолжает исследования, проводимые авторами, и предлагает принципиально новый универсальный древовидный режим выработки хэш-кода («FT-режим»), построенный на основе l-арных деревьев хэширования и позволяющий применять в качестве механизма формирования узлов дерева любое сжимающее отображение. При этом стойкость режима полностью определяется стойкостью соответствующего сжимающего отображения. Так, в частности, для формирования узлов дерева хэширования, наряду с функциями сжатия и хэш-функциями, FT-режим допускает использование блочных шифров, подстановочных преобразований и т.д. В дополнение к этому FT-режим исключает основные функциональные недостатки известных древовидных режимов выработки хэш-кода, влияющие на их эксплуатационно-технические и криптографические качества. В рамках настоящих исследований вычислен ряд характеристик FT-режима, а также проведен сравнительный анализ временной и вычислительной трудоемкостей реализаций FT-режима и некоторых иностранных режимов древовидного хэширования, по результатам которого разработанный режим не уступает ни одному из рассмотренных., Classical approaches to the construction of hash function modes, based on the using of iterative procedures, do not allow efficient processing of large amounts of data and can’t be adapted to parallel computing architectures. It applies to both the Russian cryptographic standard GOST R 34.11-2012, which determines the algorithm and procedure for calculating the hash function, as well as many other foreign standards (for example, SHA-3). The absence of standards for parallelized modes for the hash functions of GOST R 34.11-2012 creates an urgent need for the development of the domestic standard of the parallelized mode of hash code. This article is devoted to the research and development of new modes of hash code generation that allow efficient parallelization of the computation process and provide cryptographic resistance satisfying modern requirements. This work continues the research carried out by the authors, and offers a fundamentally new tree mode of hash code generation ("FT-mode"), based on l-ary hash trees and allowed to use any compression mapping for a mechanism of forming tree nodes. The resistance of the mode is completely determined by the resistance of the corresponding compressive mapping. In particular, the FT-mode allows using block ciphers and substitution transformations to form nodes of a hash tree along with compression functions and hash functions. In addition, the FT-mode excludes the main functional disadvantages of the known tree modes of hash code generation that affect their operational, technical and cryptographic quality. Within the framework of the present research a number of characteristics of FT-mode are calculated, and a comparative analysis of the time and computational complexity of implementations of FT-mode and some foreign tree hash modes is carried out. The corresponding results showed that the developed mode is not inferior to any of the considered modes., №2 (2018)

Published
2018
Full Text
View/download PDF

39. Constructing and leveraging one-way function with encryption

Author

Satyanarayana, Vusirikala

Subjects
Identity-based encryption, Registration-based encryption, Accumulators, One-way function with encryption, Hinting PRGs, Efficiency, Merkle trees
Abstract

Over the last few years, there has been a surge of new cryptographic results, including Laconic oblivious transfer [30], (anonymous/ hierarchical) Identity-based Encryption [38, 42, 21], Trapdoor functions [46, 44, 39], Chosen-ciphertext security transformations [75, 74], Registration-Based Encryption [47, 48, 58], due to a beautiful framework recently introduced in the works of Cho et al. [30], and Döttling and Garg [38]. The primitive one-way function with encryption (OWFE) [46, 44] and its relatives (chameleon encryption, one-time signatures with encryption, hinting PRGs, trapdoor hash encryption, batch encryption) [38, 42, 21, 75, 41] have been a centerpiece in all these results. While there exist multiple realizations of OWFE (and its relatives) from a variety of assumptions such as CDH, Factoring, and LWE, all such constructions fall under the same general "missing block" framework [30, 38]. Although this framework has been instrumental in opening up a new pathway towards various cryptographic functionalities via the abstraction of OWFE (and its relatives), it has been accompanied by undesirable inefficiencies that might inhibit a much wider adoption in many practical scenarios. Motivated by the surging importance of the OWFE abstraction (and its relatives), a natural question to ask is whether the existing approaches can be diversified to obtain more constructions from different assumptions and develop newer frameworks. We believe answering this question will eventually lead to important and previously unexplored performance trade-offs in this novel cryptographic paradigm's overarching applications. In this thesis, we propose a new accumulation-style framework for building a new class of OWFE constructions with a special focus on achieving shorter ciphertext size. Such performance improvements parlay into shorter parameters in their corresponding applications. Our OWFE constructions outperform in terms of ciphertext size and encryption time, but this comes at the cost of larger evaluation and setup times. We also provide concrete performance measurements for our constructions and compare them with existing approaches. We believe highlighting such trade-offs will lead to wider adoption of these abstractions in a practical sense. In the second part of the thesis, we study an application of One-Way Function with Encryption. In Identity-based systems, there is a trusted authority that stores some secret information that gives him the ability to break the system's security if he turns malicious. To solve this problem, [47, 48] proposed the notion of Registration-Based Encryption (RBE) and construct it from One-Way Function with Encryption and Garbling schemes. Here, each user of the system generates a public and secret key on their own and gives only their public information to the trusted authority. The trusted authority simply accumulates the public information collected from all the users in the system and publishes and master public key. The trusted authority does not store any secret information. However, a malicious authority could still harm the system by generating the master public key arbitrarily. We propose the notion of verifiable RBE, where any user of the system can obtain short and easily verifiable proof that the authority is doing its job honestly. We build verifiable RBE from One-Way Function with Encryption and Garbling. Our construction is more efficient than the earlier known constructions.

Published
2021

40. DottedDB: anti-entropy without merkle trees, deletes without tombstones

Author

Gonçalves, Ricardo Jorge Tomé, Almeida, Paulo Sérgio, Baquero, Carlos, Fonte, Victor, and Universidade do Minho

Subjects
Causality, Distributed databases, Science & Technology, Logical clocks, Partial replication, Merkle trees, Anti-entropy
Abstract

To achieve high availability in the face of network partitions, many distributed databases adopt eventual consistency, allow temporary conflicts due to concurrent writes, and use some form of per-key logical clock to detect and resolve such conflicts. Furthermore, nodes synchronize periodically to ensure replica convergence in a process called anti-entropy, normally using Merkle Trees. We present the design of DottedDB, a Dynamo-like key-value store, which uses a novel node-wide logical clock framework, overcoming three fundamental limitations of the state of the art: (1) minimize the metadata per key necessary to track causality, avoiding its growth even in the face of node churn; (2) correctly and durably delete keys, with no need for tombstones; (3) offer a lightweight anti-entropy mechanism to converge replicated data, avoiding the need for Merkle Trees. We evaluate DottedDB against MerkleDB, an otherwise identical database, but using per-key logical clocks and Merkle Trees for anti-entropy, to precisely measure the impact of the novel approach. Results show that: causality metadata per object always converges rapidly to only one id-counter pair; distributed deletes are correctly achieved without global coordination and with constant metadata; divergent nodes are synchronized faster, with less memory-footprint and with less communication overhead than using Merkle Trees., This work is financed by the ERDF – European Regional Development Fund through the Operational Programme for Competitiveness and Internationalisation - COMPETE 2020 Programme within project «POCI-01-0145-FEDER-006961», and by National Funds through the Portuguese funding agency, FCT - Fundação para a Ciência e a Tecnologia as part of project «UID/EEA/50014/2013»., info:eu-repo/semantics/publishedVersion

Published
2017

41. Asymptotic Analysis of Plausible Tree Hash Modes for SHA-3

Author

Atighehchi, Kévin, Bonnecaze, Alexis, Bonnecaze, Alexis, Equipe SAFE - Laboratoire GREYC - UMR6072, Groupe de Recherche en Informatique, Image et Instrumentation de Caen (GREYC), Université de Caen Normandie (UNICAEN), Normandie Université (NU)-Normandie Université (NU)-École Nationale Supérieure d'Ingénieurs de Caen (ENSICAEN), Normandie Université (NU)-Centre National de la Recherche Scientifique (CNRS)-Université de Caen Normandie (UNICAEN), Normandie Université (NU)-Centre National de la Recherche Scientifique (CNRS), Institut de Mathématiques de Marseille (I2M), Aix Marseille Université (AMU)-École Centrale de Marseille (ECM)-Centre National de la Recherche Scientifique (CNRS), Centre National de la Recherche Scientifique (CNRS)-École Nationale Supérieure d'Ingénieurs de Caen (ENSICAEN), Normandie Université (NU)-Normandie Université (NU)-Université de Caen Normandie (UNICAEN), Normandie Université (NU)-Centre National de la Recherche Scientifique (CNRS)-École Nationale Supérieure d'Ingénieurs de Caen (ENSICAEN), and Normandie Université (NU)

Subjects
FOS: Computer and information sciences, lcsh:Computer engineering. Computer hardware, Computer Science - Cryptography and Security, Parallel algorithms, 0211 other engineering and technologies, lcsh:TK7885-7895, 02 engineering and technology, 050601 international relations, SHA-3, Hash functions, Sakura, Keccak, SHAKE, Merkle trees, Live streaming, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], 0202 electrical engineering, electronic engineering, information engineering, ComputingMilieux_MISCELLANEOUS, [INFO.INFO-CR] Computer Science [cs]/Cryptography and Security [cs.CR], 021110 strategic, defence & security studies, Applied Mathematics, 05 social sciences, 020206 networking & telecommunications, 0506 political science, Computer Science Applications, Computational Mathematics, Computer Science - Distributed, Parallel, and Cluster Computing, 020201 artificial intelligence & image processing, Distributed, Parallel, and Cluster Computing (cs.DC), Cryptography and Security (cs.CR), Software
Abstract

Discussions about the choice of a tree hash mode of operation for a standardization have recently been undertaken. It appears that a single tree mode cannot address adequately all possible uses and specifications of a system. In this paper, we review the tree modes which have been proposed, we discuss their problems and propose solutions. We make the reasonable assumption that communicating systems have different specifications and that software applications are of different types (securing stored content or live-streamed content). Finally, we propose new modes of operation that address the resource usage problem for three representative categories of devices and we analyse their asymptotic behavior., IACR Transactions on Symmetric Cryptology, Volume 2017, Issue 4

Published
2017

42. Data Fingerprinting -- Identifying Files and Tables with Hashing Schemes

Author

Tobiesen, Ole and Davidrajuh, Reggie

Subjects
Mersenne Primes, Damerau-Levenshtein, Merkle Trees, k-nearest neighbor, data fingerprinting, Technology: 500::Information and communication technology: 550::Computer technology: 551 [VDP], hash function, finite fields
Abstract

Master's thesis in Computer science INTRODUCTION: Although hash functions are nothing new, these are not limited to cryptographic purposes. One important field is data fingerprinting. Here, the purpose is to generate a digest which serves as a fingerprint (or a license plate) that uniquely identifies a file. More recently, fuzzy fingerprinting schemes — which will scrap the avalanche effect in favour of detecting local changes — has hit the spotlight. The main purpose of this project is to find ways to classify text tables, and discover where potential changes or inconsitencies have happened. METHODS: Large parts of this report can be considered applied discrete mathematics — and finite fields and combinatorics have played an important part. Rabin’s fingerprinting scheme was tested extensively and compared against existing cryptographic algorithms, CRC and FNV. Moreover, a self-designed fuzzy hashing algorithm with the preliminary name No-Frills Hash has been created and tested against Nilsimsa and Spamsum. NFHash is based on Mersenne primes, and uses a sliding window to create a fuzzy hash. Futhermore, the usefullness of lookup tables (with partial seeds) were also explored. The fuzzy hashing algorithm has also been combined with a k-NN classifier to get an overview over it’s ability to classify files. In addition to NFHash, Bloom filters combined with Merkle Trees have been the most important part of this report. This combination will allow a user to see where a change was made, despite the fact that hash functions are one-way. Large parts of this project has dealt with the study of other open-source libraries and applications, such as Cassandra and SSDeep — as well as how bitcoins work. Optimizations have played a crucial role as well; different approaches to a problem might lead to the same solution, but resource consumption can be very different. RESULTS: The results have shown that the Merkle Tree-based approach can track changes to a table very quickly and efficiently, due to it being conservative when it comes to CPU resources. Moreover, the self-designed algorithm NFHash also does well in terms of file classification when it is coupled with a k-NN classifyer. CONCLUSION: Hash functions refers to a very diverse set of algorithms, and not just algorithms that serve a limited purpose. Fuzzy Fingerprinting Schemes can still be considered to be at their infant stage, but a lot has still happened the last ten years. This project has introduced two new ways to create and compare hashes that can be compared to similar, yet not necessarily identical files — or to detect if (and to what extent) a file was changed. Note that the algorithms presented here should be considered prototypes, and still might need some large scale testing to sort out potential flaws

Published
2016

43. Sparse Merkle Trees: Definitions and Space-Time Trade-Offs with Applications for Balloon

Author

Östersjö, Rasmus

Subjects
Datavetenskap (datalogi), Computer Sciences, Sparse Merkle Trees, Authenticated Data Structures, Merkle Trees, Balloon
Abstract

This dissertation proposes an efficient representation of a sparse Merkle tree (SMT): an authenticated data structure that supports logarithmic insertion, removal, and look-up in a verifiable manner. The proposal is general in the sense that it can be implemented using a variety of underlying non-authenticated data structures, and it allows trading time for space by the use of an abstract model which represents caching strategies. Both theoretical evaluations and performance results from a proof-of-concept implementation are provided, and the proposed SMT is applied to another authenticated data structure referred to as Balloon. The resulting Balloon has preserved efficiency in the expected case, and is improved with respect to worst case scenarios.

Published
2016

44. Protecting the content of externals memories in embedded systems, hardware aspect

Author

Ouaarab, Salaheddine, STAR, ABES, Laboratoire Traitement et Communication de l'Information (LTCI), Télécom ParisTech-Institut Mines-Télécom [Paris] (IMT)-Centre National de la Recherche Scientifique (CNRS), Télécom ParisTech, Renaud Pacalet, and Guillaume Duc

Subjects
Mémoire cache, Embedded systems, Cache memory, Sécurité, Systèmes embarqués, Confidentialité, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], SoCLib, Replays attacks, Security, Merkle trees, Arbres de Merkle, SoC, ZedBoard, Confidentiality, Attaques par rejeu, [INFO.INFO-CR] Computer Science [cs]/Cryptography and Security [cs.CR]
Abstract

During the past few years, computer systems (Cloud Computing, embedded systems...) have become ubiquitous. Most of these systems use unreliable or untrusted storage (flash, RAM...)to store code or data. The confidentiality and integrity of these data can be threaten by hardware (spying on the communication bus between the processing component and the storage component) or software attacks. These attacks can disclose sensitive information to the adversary or disturb the behavior of the system. In this thesis, in the context of embedded systems, we focused on the attacks that threaten the confidentiality and integrity of data that are transmittedover the memory bus or that are stored inside the memory. Several primitives used to protect the confidentiality and integrity of data have been proposed in the literature, including Merkle trees, a data structure that can protect the integrity of data including against replay attacks. However, these trees have a large impact on the performances and the memory footprint of the system. In this thesis, we propose a solution based on variants of Merkle trees (hollow trees) and a modified cache management mechanism to greatly reduce the impact of the verification of the integrity. The performances of this solution have been evaluated both theoretically and in practice using simulations. In addition, a proof a security equivalence with regular Merkle treesis given. Finally, this solution has been implemented in the SecBus architecture which aims at protecting the integrity and confidentiality of the content of external memories in an embedded system. A prototype of this architecture has been developed and the results of its evaluation are given., Ces dernières années, les systèmes informatiques (Cloud Computing, systèmes embarqués, etc.) sont devenus omniprésents. La plupart de ces systèmes utilisent des espaces de stockage (flash,RAM, etc.) non fiables ou non dignes de confiance pour stocker du code ou des données. La confidentialité et l’intégrité de ces données peuvent être menacées par des attaques matérielles (espionnage de bus de communication entre le composant de calcul et le composant de stockage) ou logicielles. Ces attaques peuvent ainsi révéler des informations sensibles à l’adversaire ou perturber le bon fonctionnement du système. Dans cette thèse, nous nous sommes focalisés, dans le contexte des systèmes embarqués, sur les attaques menaçant la confidentialité et l’intégrité des données qui transitent sur le bus de communication avec la mémoire ou qui sont stockées dans celle-ci.Plusieurs primitives de protection de confidentialité et d’intégrité ont déjà été proposées dans la littérature, et notamment les arbres de Merkle, une structure de données protégeant efficacement l’intégrité des données notamment contre les attaques par rejeu. Malheureusement,ces arbres ont un impact important sur les performances et sur l’empreinte mémoire du système.Dans cette thèse, nous proposons une solution basée sur des variantes d’arbres de Merkle (arbres creux) et un mécanisme de gestion adapté du cache afin de réduire grandement l’impact de la vérification d’intégrité d’un espace de stockage non fiable. Les performances de cette solution ont été évaluées théoriquement et à l’aide de simulations. De plus, une preuve est donnée de l’équivalence, du point de vue de la sécurité, avec les arbres de Merkle classiques.Enfin, cette solution a été implémentée dans le projet SecBus, une architecture matérielle et logicielle ayant pour objectif de garantir la confidentialité et l’intégrité du contenu des mémoires externes d’un système à base de microprocesseurs. Un prototype de cette architecture a été réalisé et les résultats de l’évaluation de ce dernier sont donnés.

Published
2016

Catalog

Books, media, physical & digital resources
See catalog results