REALIZING INFORMATION ESCROWS AND EFFICIENT KEY-MANAGEMENT USING THRESHOLD CRYPTOGRAPHY

Easwar V Mangipudi (13169733)

29 July 2022

<p>In this thesis, we address two applications of threshold cryptography — designing information escrows and key-distribution in cryptocurrency systems. We design escrow mechanisms in two-party and multi-party scenarios such that any unauthorized revelation of<br> data results in the loss of cryptocurrency by the dishonest party. Later, we discuss user mental models in adopting cryptocurrency wallets and propose a protocol to efficiently provide cryptographic keys to the users in large-user systems. An information escrow refers to users storing their data at a custodian such that it can be revealed later. In the case of unauthorized leakage of this data by the custodian (receiver of data), taking legal actions is expensive, time consuming and also difficult owing to difficulty in establishing the responsibility. We address this by automatically penalizing the custodian through the loss of cryptocurrency in case of leakage. Initially, we consider a two party scenario where a sender forwards multimedia data to a receiver; we propose the Pepal protocol<br> where any total or partial leakage of data penalizes the receiver. To avoid single point of failure at the receiver in a two-party system, we extend the protocol to a multi-party system where a group of agents offer the escrow as a service. However, this introduces a collusion scenario among the rational agents leading to premature and undetectable unlocking of the data. Addressing this, we propose a collusion-deterrent escrow (CDE) protocol where any collusion among the agents is penalized. We show that the provably secure protocol deters collusion in game-theoretic terms by dis-incentivising it among the rational agents. In the second part of this work, we investigate the mental models of cryptocurrency wallet users in choosing single-device or multi-device wallets along with their preferences. We investigate the user-preferred default (threshold) settings for the key distribution in the wallets. We then propose the D-KODE protocol, an efficient key-generation mechanism for<br> cryptocurrency systems where either the payee or payer may not have the cryptographic setup but wish to transact. The protocol utilizes a practical black-box secret sharing scheme along with a distributed almost key-homomorphic PRF to achieve the threshold key distribution.</p>

Cryptography

Key Distribution

game theory mechanism

cryptography applications

privacy protection.

Techniques in Lattice Basis Reduction

Unknown Date

The mathematical theory of nding a basis of shortest possible vectors in a given lattice L is known as reduction theory and goes back to the work of Lagrange, Gauss, Hermite, Korkin, Zolotarev, and Minkowski. Modern reduction theory is voluminous and includes the work of A. Lenstra, H. Lenstra and L. Lovasz who created the well known LLL algorithm, and many other researchers such as L. Babai and C. P. Schnorr who created signi cant new variants of basis reduction algorithms. The shortest vector (SVP) and closest vector (CVP) problems, presently considered intractable, are algorithmic tasks that lie at the core of many number theoretic problems, integer programming, nding irreducible factors of polynomials, minimal polynomials of algebraic numbers, and simultaneous diophantine approximation. Lattice basis reduction also has deep and extensive connections with modern cryptography, and cryptanalysis particularly in the post-quantum era. In this dissertation we study and compare current systems LLL and BKZ, and point out their strengths and drawbacks. In addition, we propose and investigate the e cacy of new optimization techniques, to be used along with LLL, such as hill climbing, random walks in groups, our lattice di usion-sub lattice fusion, and multistage hybrid LDSF-HC technique. The rst two methods rely on the sensitivity of LLL to permutations of the input basis B, and optimization ideas over the symmetric group Sm viewed as a metric space. The third technique relies on partitioning the lattice into sublattices, performing basis reduction in the partition sublattice blocks, fusing the sublattices, and repeating. We also point out places where parallel computation can reduce runtimes achieving almost linear speedup. The multistage hybrid technique relies on the lattice di usion and sublattice fusion and hill climbing algorithms. Unlike traditional methods, our approach brings in better results in terms of basis reduction towards nding shortest vectors and minimal weight bases. Using these techniques we have published the competitive lattice vectors of ideal lattice challenge on the lattice hall of fame. Toward the end of the dissertation we also discuss applications to the multidimensional knapsack problem that resulted in the discovery of new large sets of geometric designs still considered very rare. The research introduces innovative techniques in lattice basis reduction theory and provides some space for future researchers to contemplate lattices from a new viewpoint. / Includes bibliography. / Dissertation (Ph.D.)--Florida Atlantic University, 2016. / FAU Electronic Theses and Dissertations Collection

Cryptography.

Combinatorial analysis.

Group theory.

Rapid hardware implementations of classical modular multiplication

Johnson, Scott Andrew

08 March 1995

Modular multiplication is a mathematical operation fundamental to the RSA cryptosystern, a public-key cryptosystem with many applications in privacy, security, and authenticity. However, cryptosecurity requires that the numbers involved be extremely large, typically ranging from 512-1024 bits in length. Calculations on numbers of this magnitude are cumbersome and lengthy; this limits the speed of RSA. This thesis examines the problem of speeding up modular multiplication of large numbers in hardware, using the classical (add-and-shift) multiplication algorithm. The problem is broken down, and it is shown that the primary computational bottleneck occurs in the modular reduction step performed on each cycle. This reduction consists of an integer division step, a broadcast step, and a multiplication step. Various methods of speeding up these steps are examined, both for the special case of radix-2 multipliers (those shifting a single bit at a time) and the general case of radix-2r multipliers (those shifting r bits on every cycle.) The impacts of these techniques, both on cycle time and on chip area, are discussed. The scalability of these systems is examined, and several implementations of modular multiplication found in the literature are analyzed. Most significantly, the technique of pipelining of modular multipliers is examined. It is shown that it is possible to pipeline the modular reduction sequence, effectively eliminating the cycle time's dependence on either the size of the modulus, or on the size of the radius. Furthermore, a technique for constructing such multipliers is given. It is demonstrated that this technique is scalable with respect to time, and that pipelining eliminates many of the disadvantages inherent in previous high-radix implementations. It is also demonstrated that such multipliers have an area requirement which is linear with respect to both radix and modulus size. / Graduation date: 1995

Computer algorithms

Cryptography

Modular functions

Quantum Cryptography: From Theory to Practice

Ma, Xiongfeng

26 February 2009

Quantum cryptography or quantum key distribution (QKD) applies fundamental laws of quantum physics to guarantee secure communication. The security of quantum cryptography was proven in the last decade. Many security analyses are based on the assumption that QKD system components are idealized. In practice, inevitable device imperfections may compromise security unless these imperfections are well investigated. A highly attenuated laser pulse which gives a weak coherent state is widely used in QKD experiments. A weak coherent state has multi-photon components, which opens up a security loophole to the sophisticated eavesdropper. With a small adjustment of the hardware, we will prove that the decoy state method can close this loophole and substantially improve the QKD performance. We also propose a few practical decoy state protocols, study statistical fluctuations and perform experimental demonstrations. Moreover, we will apply the methods from entanglement distillation protocols based on two-way classical communication to improve the decoy state QKD performance. Furthermore, we study the decoy state methods for other single photon sources, such as triggering parametric down-conversion (PDC) source. Note that our work, decoy state protocol, has attracted a lot of scientific and media interest. The decoy state QKD becomes a standard technique for prepare-and-measure QKD schemes. Aside from single-photon-based QKD schemes, there is another type of scheme based on entangled photon sources. A PDC source is commonly used as an entangled photon source. We propose a model and post-processing scheme for the entanglement-based QKD with a PDC source. Although the model is proposed to study the entanglement-based QKD, we emphasize that our generic model may also be useful for other non-QKD experiments involving a PDC source. By simulating a real PDC experiment, we show that the entanglement-based QKD can achieve longer maximal secure distance than the single-photon-based QKD schemes. We propose a time-shift attack that exploits the efficiency mismatch of two single photon detectors in a QKD system. This eavesdropping strategy can be realized by current technology. We will also discuss counter measures against the attack and study the security of a QKD system with efficiency mismatch detectors.

Quantum

Cryptography

QKD

Decoy

0605

Quantum Cryptography: From Theory to Practice

Ma, Xiongfeng

26 February 2009

Quantum cryptography or quantum key distribution (QKD) applies fundamental laws of quantum physics to guarantee secure communication. The security of quantum cryptography was proven in the last decade. Many security analyses are based on the assumption that QKD system components are idealized. In practice, inevitable device imperfections may compromise security unless these imperfections are well investigated. A highly attenuated laser pulse which gives a weak coherent state is widely used in QKD experiments. A weak coherent state has multi-photon components, which opens up a security loophole to the sophisticated eavesdropper. With a small adjustment of the hardware, we will prove that the decoy state method can close this loophole and substantially improve the QKD performance. We also propose a few practical decoy state protocols, study statistical fluctuations and perform experimental demonstrations. Moreover, we will apply the methods from entanglement distillation protocols based on two-way classical communication to improve the decoy state QKD performance. Furthermore, we study the decoy state methods for other single photon sources, such as triggering parametric down-conversion (PDC) source. Note that our work, decoy state protocol, has attracted a lot of scientific and media interest. The decoy state QKD becomes a standard technique for prepare-and-measure QKD schemes. Aside from single-photon-based QKD schemes, there is another type of scheme based on entangled photon sources. A PDC source is commonly used as an entangled photon source. We propose a model and post-processing scheme for the entanglement-based QKD with a PDC source. Although the model is proposed to study the entanglement-based QKD, we emphasize that our generic model may also be useful for other non-QKD experiments involving a PDC source. By simulating a real PDC experiment, we show that the entanglement-based QKD can achieve longer maximal secure distance than the single-photon-based QKD schemes. We propose a time-shift attack that exploits the efficiency mismatch of two single photon detectors in a QKD system. This eavesdropping strategy can be realized by current technology. We will also discuss counter measures against the attack and study the security of a QKD system with efficiency mismatch detectors.

Quantum

Cryptography

QKD

Decoy

0605

Classical Authenticated Key Exchange and Quantum Cryptography

Stebila, Douglas

January 2009

Cryptography plays an integral role in secure communication and is usually the strongest link in the chain of security. Yet security problems abound in electronic communication: spyware, phishing, denial of service, and side-channel attacks are still major concerns. The main goal in this thesis is to consider how cryptographic techniques can be extended to offer greater defence against these non-traditional security threats. In the first part of this thesis, we consider problems in classical cryptography. We introduce multi-factor password-authenticated key exchange which allows secure authentication and key agreement based on multiple short secrets, such as a long-term password and a one-time response; it can provide an enhanced level of assurance in higher security scenarios because a multi-factor protocol is designed to remain secure even if all but one of the factors has been compromised due to attacks such as phishing or spyware. Next, we consider the integration of denial of service countermeasures with key exchange protocols: by introducing a formal model for denial of service resilience that complements the extended Canetti-Krawczyk model for secure key agreement, we cover a wide range of existing denial of service attacks and prevent them by carefully using client puzzles. Additionally, we look at how side-channel attacks affect certain types of formulae used in elliptic curve cryptography, and demonstrate that information leaked during field operations such as addition, subtraction, and multiplication can be exploited by an attacker. In the second part of this thesis, we examine cryptography in the quantum setting. We argue that quantum key distribution will have an important role to play in future information security infrastructures and will operate best when integrated with the powerful public key infrastructures that are used today. Finally, we present a new look at quantum money and describe a quantum coin scheme where the coins are not easily counterfeited, are locally verifiable, and can be transferred to another party.

cryptography

quantum information

Combinatorics and Optimization

Classical Authenticated Key Exchange and Quantum Cryptography

Stebila, Douglas

January 2009

Cryptography plays an integral role in secure communication and is usually the strongest link in the chain of security. Yet security problems abound in electronic communication: spyware, phishing, denial of service, and side-channel attacks are still major concerns. The main goal in this thesis is to consider how cryptographic techniques can be extended to offer greater defence against these non-traditional security threats. In the first part of this thesis, we consider problems in classical cryptography. We introduce multi-factor password-authenticated key exchange which allows secure authentication and key agreement based on multiple short secrets, such as a long-term password and a one-time response; it can provide an enhanced level of assurance in higher security scenarios because a multi-factor protocol is designed to remain secure even if all but one of the factors has been compromised due to attacks such as phishing or spyware. Next, we consider the integration of denial of service countermeasures with key exchange protocols: by introducing a formal model for denial of service resilience that complements the extended Canetti-Krawczyk model for secure key agreement, we cover a wide range of existing denial of service attacks and prevent them by carefully using client puzzles. Additionally, we look at how side-channel attacks affect certain types of formulae used in elliptic curve cryptography, and demonstrate that information leaked during field operations such as addition, subtraction, and multiplication can be exploited by an attacker. In the second part of this thesis, we examine cryptography in the quantum setting. We argue that quantum key distribution will have an important role to play in future information security infrastructures and will operate best when integrated with the powerful public key infrastructures that are used today. Finally, we present a new look at quantum money and describe a quantum coin scheme where the coins are not easily counterfeited, are locally verifiable, and can be transferred to another party.

cryptography

quantum information

Combinatorics and Optimization

Generic Attacks on Hash Functions

Upadhyay, Jalaj

January 2010

The subject of this thesis is a security property of hash functions, called chosen-target forced-prefix preimage (CTFP) resistance and the generic attack on this property, called the herding attack. The study of CTFP resistance started when Kelsey-Kohno introduced a new data structure, called a diamond structure, in order to show the strength of a CTFP resistance property of a hash function. In this thesis, we concentrate on the complexity of the diamond structure and its application in the herding attack. We review the analysis done by Kelsey and Kohno and point out a subtle flaw in their analysis. We propose a correction of their analysis and based on our revised analysis, calculate the message complexity and the computational complexity of the generic attacks that are based on the diamond structure. As an application of the diamond structure on generic attacks, we propose a multiple herding attack on a special generalization of iterated hash functions, proposed by Nandi-Stinson.

Hash Functions

Cryptography

Computer Science

On the Security of Leakage Resilient Public Key Cryptography

Brydon, Dale

January 2012

Side channel attacks, where an attacker learns some physical information about the state of a device, are one of the ways in which cryptographic schemes are broken in practice. "Provably secure" schemes are subject to these attacks since the traditional models of security do not account for them. The theoretical community has recently proposed leakage resilient cryptography in an effort to account for side channel attacks in the security model. This thesis provides an in-depth look into what security guarantees public key leakage resilient schemes provide in practice.

Cryptography

Leakage Resilient

Combinatorics and Optimization

Versatile Montgomery multiplier architectures

Gaubatz, Gunnar.

Unknown Date

Thesis (M.S.)--Worcester Polytechnic Institute. / Keywords: computer arithmetic; modular multiplication; public key cryptography; Montgomery; vlsi; high radix. Includes bibliographical references (p. 87-90).