Algorithms and silicon architectures for public-key cryptography

McIvor, C.

January 2005

No description available.

652.8

Integrated-key cryptographic hash functions

Al-Kuwari, Saif

January 2011

Cryptographic hash functions have always played a major role in most cryptographic applications. Traditionally, hash functions were designed in the keyless setting, where a hash function accepts a variable-length message and returns a fixed-length fingerprint. Unfortunately, over the years, significant weaknesses were reported on instances of some popular ``keyless" hash functions. This has motivated the research community to start considering the dedicated-key setting, where a hash function is publicly keyed. In this approach, families of hash functions are constructed such that the individual members are indexed by different publicly-known keys. This has, evidently, also allowed for more rigorous security arguments. However, it turns out that converting an existing keyless hash function into a dedicated-key one is usually non-trivial since the underlying keyless compression function of the keyless hash function does not normally accommodate the extra key input. In this thesis we define and formalise a flexible approach to solve this problem. Hash functions adopting our approach are said to be constructed in the integrated-key setting, where keyless hash functions are seamlessly and transparently transformed into keyed variants by introducing an extra component accompanying the (still keyless) compression function to handle the key input separately outside the compression function. We also propose several integrated-key constructions and prove that they are collision resistant, pre-image resistant, 2nd pre-image resistant, indifferentiable from Random Oracle (RO), indistinguishable from Pseudorandom Functions (PRFs) and Unforgeable when instantiated as Message Authentication Codes (MACs) in the private key setting. We further prove that hash functions constructed in the integrated-key setting are indistinguishable from their variants in the conventional dedicated-key setting, which implies that proofs from the dedicated-key setting can be naturally reduced to the integrated-key setting.

652.8

Attribute based authentication schemes

Khader, Dalia

January 2009

This thesis' major contribution is to propose an attribute based authentication scheme (AAS). An A AS scheme is a new cryptosystem that extends the field of public key cryptography and more precisely digital signatures. An AAS scheme allows a verifier lo decide on the set ol' attributes (b)he would like the signer to possess. The verifier sends the request to a group of possible signers as a monotone boolean expression. Any member with sufficient attributes can sign.

652.8

Combinatorial aspects of key predistribution for resource-constrained networks

Kendall, Michelle Louise

January 2013

To secure a network of small devices using symmetric key cryptography is a non-trivial task. Nevertheless, it is important because public key cryptography is computationally expensive and therefore infeasible 1.0 implement on some small, battery-powered devices with limited memory. We study methods for allocating symmetric keys to devices before deployment, known as key predistribution schemes. Using combinatorial techniques, we analyse and design a variety of key predistribution schemes. We provide a correction to the previously stated formula for calculating the resilience of certain random key predistribution schemes, presenting instead a rigorously proved and widely applicable formula. We also present a simplified formula for calculating the connectivity. Next, we examine the role of expander graphs ill key predistribution schemes. We demonstrate that good expansion is desirable for robust schemes, and discuss how this can be achieved. In particular, we examine the expansion of key prcdistribution schemes built from expander graph constructions, which provide perfect resilience.

652.8

Visual cryptography and its applications

Weir, J. P.

January 2012

" In this thesis, a number of new schemes are presented which address current problems and shortcomings within the area of visual cryptography. Visual cryptography provides a very powerful means by which a secret, in the form of a digital image, can be distributed (encoded) into two or more pieces known as shares. When these shares are xeroxed onto transparencies and superimposed exactly together, the original secret can be recovered (decoded) without the necessity for computation. Traditionally, visual cryptography allows effective and efficient sharing of a single secret between a number of trusted parties. One aspect of the research within this thesis specifically addresses the issues of embedding more than two secrets within a set of two shares. Alignment poses a further problem. The placement of the shares must be specific. In order to ease ali~ent, the techniques developed within this thesis for sharing multiple secrets relaxes this restriction. The result is a scheme in which the shares can be superimposed upon one another in a multitude of positions and alignment styles which enables multiple secret recovery. Applications of visual cryptography are also examined and presented. This is an area within visual cryptography that has had very little attention in terms of research. The primary focus of the work presented within this thesis concentrates on applications of visual cryptography in real world scenarios. For such a simple and effective method of sharing secrets, practical applications are as yet, limited. A number of novel uses for visual cryptography are presented that use theoretical techniques in a practical way.

652.8

A study of polynomial residue number systems over binary Galois fields GF(2m) for cryptography

Chu, Junfeng

January 2012

This thesis is concerned with GF(2m) Polynomial Residue Number Systems (PRNS) and their application in cryptography to provide resistance against side-channel- analysis and protection against fault attacks. PRNS operations over GF(2m) required in a number of cryptography primitives are investigated. A partial-conversion method is introduced to simplify the costly conversion operation and this is then combined with a partial modular reduction technique and applied to design and implement a PRNS based GF(2m) multiplier with improved performance. The Advanced Encryption Standard (AES) is used as vehicle to analyse and quantify the PRNS overhead where different AES architectures are proposed and implemented. The PRNS based AES is shown to achieve excellent multiple error coverage with a reasonable overhead. It is also argued in the thesis, that PRNS AES designs provide an intrinsic resistance against probing attacks and, due to the introduction of redundant information and the residue representation replacing the original representation, exhibit increased confusion and hence enhanced design security.

652.8

Theoretical and practical efficiency aspects in cryptography

Bentahar, Kamel

January 2008

No description available.

652.8

Anonymity and time in public-key encryption

Quaglia, Elizabeth

January 2012

In a world that is increasingly relying on digital technologies, the ability to securely communicate and distribute information is of crucial importance. Cryptography plays a key role in this context and the research presented in this thesis focuses on developing cryptographic primitives whose properties address more closely the needs of users. We start by considering the notion of robustness in public-key encryption, a property which models the idea that a ciphertext should not decrypt to a valid mes- sage under two different keys. In contexts where anonymity is relevant, robustness is likely to be needed as well, since a user cannot tell from the ciphertext if it is intended for him or not. We develop and study new notions of robustness, relating them to one another and showing how to achieve them. We then consider the important issue of protecting users' privacy in broadcast encryption. Broadcast encryption (BE) is a cryptographic primitive designed to efficiently broadcast an encrypted message to a target set of users that can decrypt it. Its extensive real-life application to radio, television and web-casting renders BE an extremely interesting area. However, all the work so far has striven for efficiency, focusing in particular on solutions which achieve short ciphertexts, while very little attention has been given to anonymity. To address this issue, we formally define anonymous broadcast encryption, which guarantees recipient-anonymity, and we provide generic constructions to achieve it from public-key, identity-based and attribute-based encryption. Furthermore, we present techniques to improve the efficiency of our constructions. Finally, we develop a new primitive, called time-specific encryption (TSE), which allows us to include the important element of time in the encryption and decryption processes. In TSE, the sender is able to specify during what time interval a ciphertext can be decrypted by a receiver. This is a relevant property since information may become useless after a certain point, sensitive data may not be released before a particular time, or we may wish to enable access to information for only a limited period. We define security models for various flavours of TSE and provide efficient instantiations for all of them. These results represent our efforts in developing public-key encryption schemes with enhanced properties, whilst maintaining the delicate balance between security and efficiency.

652.8

Fingerprinting codes and separating hash families

Rochanakul, Penying

January 2013

The thesis examines two related combinatorial objects, namely fingerprinting codes and separating hash families. Fingerprinting codes are combinatorial objects that have been studied for more than 15 years due to their applications in digital data copyright protection and their combinatorial interest. Four well-known types of fingerprinting codes are studied in this thesis; traceability, identifiable parent property, secure frameproof and frameproof. Each type of code is named after the security properties it guarantees. However, the power of these four types of fingerprinting codes is limited by a certain condition. The first known attempt to go beyond that came out in the concept of two-level traceability codes, introduced by Anthapadmanabhan and Barg (2009). This thesis extends their work to the other three types of fingerprinting codes, so in this thesis four types of two-level fingerprinting codes are defined. In addition, the relationships between the different types of codes are studied. We propose some first explicit non-trivial con- structions for two-level fingerprinting codes and provide some bounds on the size of these codes. Separating hash families were introduced by Stinson, van Trung, and Wei as a tool for creating an explicit construction for frameproof codes in 1998. In this thesis, we state a new definition of separating hash families, and mainly focus on improving previously known bounds for separating hash families in some special cases that related to fingerprinting codes. We improve upper bounds on the size of frameproof and secure frameproof codes under the language of separating hash families.

652.8

Hybrid fully homomorphic framework / Chiffrement complètement homomorphe hybride

Méaux, Pierrick

08 December 2017

Le chiffrement complètement homomorphe est une classe de chiffrement permettant de calculer n’importe quelle fonction sur des données chiffrées et de produire une version chiffrée du résultat. Il permet de déléguer des données à un cloud de façon sécurisée, faire effectuer des calculs, tout en gardant le caractère privé de ces données. Cependant, l’innéficacité actuelle des schémas de chiffrement complètement homomorphes, et leur inadéquation au contexte de délégation de calculs, rend son usage seul insuffisant pour cette application. Ces deux problèmes peuvent être résolus, en utilisant ce chiffrement dans un cadre plus large, en le combinant avec un schéma de chiffrement symétrique. Cette combinaison donne naissance au chiffrement complètement homomorphe hybride, conçu dans le but d’une délégation de calculs efficace, garantissant des notions de sécurité et de vie privée. Dans cette thèse, nous étudions le chiffrement complètement homomorphe hybride et ses composantes, à travers la conception de primitives cryptographiques symétriques rendant efficace cette construction hybride. En examinant les schémas de chiffrement complètement homomorphes, nous developpons des outils pour utiliser efficacement leurs propriétés homomorphiques dans un cadre plus complexe. En analysant différents schémas symétriques, et leurs composantes, nous déterminons de bons candidats pour le contexte hybride. En étudiant la sécurité des constructions optimisant l’évaluation homomorphique, nous contribuons au domaine des fonctions booléennes utilisées en cryptologie. Plus particulièrement, nous introduisons une nouvelle famille de schémas de chiffrement symétriques, avec une nouvelle construction, adaptée au contexte hybride. Ensuite, nous nous intéressons à son comportement homomorphique, et nous étudions la sécurité de cette construction. Finalement, les particularités de cette famille de schémas de chiffrement motivant des cryptanalyses spécifiques, nous développons et analysons de nouveaux critères cryptographiques booléens. / Fully homomorphic encryption, firstly built in 2009, is a very powerful kind of encryption, allowing to compute any function on encrypted data, and to get an encrypted version of the result. Such encryption enables to securely delegate data to a cloud, ask for computations, recover the result, while keeping private the data during the whole process. However, today’s inefficiency of fully homomorphic encryption, and its inadequateness to the outsourcing computation context, makes its use alone insufficient for this application. Both of these issues can be circumvented, using fully homomorphic encryption in a larger framework, by combining it with a symmetric encryption scheme. This combination gives a hybrid fully homomorphic framework, designed towards efficient outsourcing computation, providing both security and privacy. In this thesis, we contribute to the study of hybridfully homomorphic framework, through the analysis, and the design of symmetric primitives making efficient this hybrid construction. Through the examination of fully homomorphic encryption schemes, we develop tools to efficiently use the homomorphic properties in a more complex framework. By investigating various symmetric encryption schemes, and buildingblocks up to the circuit level, we determine good candidates for a hybrid context. Through evaluating the security of constructions optimizing the homomorphic evaluation, we contribute to a wide study within the cryptographic Boolean functions area. More particularly, we introduce a new family of symmetric encryption schemes, with a new design, adapted to the hybrid fully homomorphic framework. We then investigate its behavior relatively to homomorphic evaluation, and we address the security of such design. Finally, particularities of this family of ciphers motivate specific cryptanalyses, therefore we develop and analyze new cryptographic Boolean criteria.

Cryptographie

Chiffrement complètement homomorphe

Fonctions booléennes

Cryptography

Homomorphic encryption

Boolean functions

004

652.8