Spelling suggestions: "subject:"cublic key cryptography"" "subject:"bublic key cryptography""
1 |
Subgroup membership problems and public key cryptosystemsGjøsteen, Kristian January 2004 (has links)
<p>Public key encryption was first proposed by Diffie and Hellman [16], and widely popularised with the RSA cryptosystem [37]. Over the years, the security goals of public key encryption have been studied [17, 22], as have adversary models [30, 36], and many public key cryptosystems have been proposed and analysed.</p><p>It turns out that the security of many of those cryptosystems [16, 18, 22, 29, 34, 35] are based on a common class of mathematical problems, called subgroup membership problems. Cramer and Shoup [10] designed a chosen-ciphertextsecure cryptosystem based on a general subgroup membership problem (generalising their previous work [9]), and provided two new instances. Yamamura and Saito [41] defined a general subgroup membership problem, catalogued several known subgroup membership problems, and designed a private information retrieval system based on a subgroup membership problem. Nieto, Boyd and Dawson [31] designed a cryptosystem based on essentially a symmetric subgroup membership problem (see Section 4.4 and Section 6.1).</p><p>Chapter 2 and 3 contain certain preliminary discussions necessary for the later work. In Chapter 4, we discuss subgroup membership problems, both abstractly and concrete families. For all of the concrete examples, there is a related problem called the splitting problem. We discuss various elementary reductions, both abstract and for concrete families. In cryptographic applications, a third related problem, called the subgroup discrete logarithm problem, is also interesting, and we discuss this in some detail. We also discuss a variant of the subgroup membership problem where there are two subgroups that are simultaneously hard to distinguish. We prove a useful reduction (Theorem 4.11) for this case. The technique used in the proof is reused throughout the thesis.</p><p>In Chapter 5, we discuss two homomorphic cryptosystems, based on trapdoor splitting problems. This gives us a uniform description of a number of homomorphic cryptosystems, and allows us to apply the theory and results of Chapter 4 to the security of those cryptosystems.</p><p>Using the technique of Theorem 4.11, we develop a homomorphic cryptosystem that is not based on a trapdoor problem. This gives us a fairly efficient cryptosystem, with potentially useful properties.</p><p>We also discuss the security of a homomorphic cryptosystem under a nonstandard assumption. While these results are very weak, they are stronger than results obtained in the generic model.</p><p>In Chapter 6, we develop two key encapsulation methods. The first can be proven secure against passive attacks, using the same technique as in the proof of Theorem 4.11. The second method can be proven secure against active attacks in the random oracle model, but to do this, we need a certain non-standard assumption.</p><p>Finally, in Chapter 7 we discuss a small extension to the framework developed by Cramer and Shoup [10], again by essentially reusing the technique used to prove Theorem 4.11. This gives us a cryptosystem that is secure against chosen ciphertext attacks, without recourse to the random oracle model or nonstandard assumptions. The cryptosystem is quite practical, and performs quite well compared to other variants of the Cramer-Shoup cryptosystem.</p>
|
2 |
Subgroup membership problems and public key cryptosystemsGjøsteen, Kristian January 2004 (has links)
Public key encryption was first proposed by Diffie and Hellman [16], and widely popularised with the RSA cryptosystem [37]. Over the years, the security goals of public key encryption have been studied [17, 22], as have adversary models [30, 36], and many public key cryptosystems have been proposed and analysed. It turns out that the security of many of those cryptosystems [16, 18, 22, 29, 34, 35] are based on a common class of mathematical problems, called subgroup membership problems. Cramer and Shoup [10] designed a chosen-ciphertextsecure cryptosystem based on a general subgroup membership problem (generalising their previous work [9]), and provided two new instances. Yamamura and Saito [41] defined a general subgroup membership problem, catalogued several known subgroup membership problems, and designed a private information retrieval system based on a subgroup membership problem. Nieto, Boyd and Dawson [31] designed a cryptosystem based on essentially a symmetric subgroup membership problem (see Section 4.4 and Section 6.1). Chapter 2 and 3 contain certain preliminary discussions necessary for the later work. In Chapter 4, we discuss subgroup membership problems, both abstractly and concrete families. For all of the concrete examples, there is a related problem called the splitting problem. We discuss various elementary reductions, both abstract and for concrete families. In cryptographic applications, a third related problem, called the subgroup discrete logarithm problem, is also interesting, and we discuss this in some detail. We also discuss a variant of the subgroup membership problem where there are two subgroups that are simultaneously hard to distinguish. We prove a useful reduction (Theorem 4.11) for this case. The technique used in the proof is reused throughout the thesis. In Chapter 5, we discuss two homomorphic cryptosystems, based on trapdoor splitting problems. This gives us a uniform description of a number of homomorphic cryptosystems, and allows us to apply the theory and results of Chapter 4 to the security of those cryptosystems. Using the technique of Theorem 4.11, we develop a homomorphic cryptosystem that is not based on a trapdoor problem. This gives us a fairly efficient cryptosystem, with potentially useful properties. We also discuss the security of a homomorphic cryptosystem under a nonstandard assumption. While these results are very weak, they are stronger than results obtained in the generic model. In Chapter 6, we develop two key encapsulation methods. The first can be proven secure against passive attacks, using the same technique as in the proof of Theorem 4.11. The second method can be proven secure against active attacks in the random oracle model, but to do this, we need a certain non-standard assumption. Finally, in Chapter 7 we discuss a small extension to the framework developed by Cramer and Shoup [10], again by essentially reusing the technique used to prove Theorem 4.11. This gives us a cryptosystem that is secure against chosen ciphertext attacks, without recourse to the random oracle model or nonstandard assumptions. The cryptosystem is quite practical, and performs quite well compared to other variants of the Cramer-Shoup cryptosystem.
|
3 |
Versatile Montgomery multiplier architecturesGaubatz, Gunnar. Unknown Date (has links)
Thesis (M.S.)--Worcester Polytechnic Institute. / Keywords: computer arithmetic; modular multiplication; public key cryptography; Montgomery; vlsi; high radix. Includes bibliographical references (p. 87-90).
|
4 |
Leakage resilient cryptographic scheme and GPU-based pairing operationXiong, Hao, 熊昊 January 2013 (has links)
Cryptographic schemes are designed to protect the privacy of the users. Numerous schemes have been proposed for different purposes. One important type of schemes is called the secret sharing scheme. In a secret sharing scheme, a secret value can be shard among authorized parties. Another important type of schemes is identity based encryption and its variant: certificateless encryption. Traditionally, both of them assume the absolute privacy of secret shares or secret keys. However, this assumption may not hold in the real world. Side-channel attack, such as time analysis and memory attack will enable the attackers to get partial information about them. Therefore, we propose the leakage resilient cryptographic schemes to guarantee the privacy under various key-exposure attack. Generally speaking, there are three leakage models: the bounded leakage model, continual leakage model and auxiliary input model. We will focus on the first two models in this thesis.
This thesis addresses two leakage resilient cryptographic schemes. The first one is called Continual Leakage-Resilient Dynamic Secret Sharing. In this scheme, the attacker can continuously leak on the private value owned by the user with the constrain that the length of the leaked information should be less than ℓ bits between updates. The dealer is able to dynamically choose a set of n users and a threshold of t users (which is called authorized set) to reconstruct secret with the same broadcast message. The user can also dynamic join and leave the scheme. The privacy of the secret value can be guaranteed even up to t-1 users are corrupted and the information of all other users are leaked.
The second one is called Leakage-Resilient Certificateless Public-Key Encryption.
Certificateless encryption is proposed to solve the key escrow problem in PKG. Instead of relying on the PKG to generate the full secret key in the traditional model, we generate partial secret key on PKG. We then combine it with our selected secret value to generate the final secret key. This will solve the key escrow problem since the PKG has no knowledge about the secret value chosen. Our scheme is the first leakage-resilient version of certificateless encryption. In our security model, both the master key held by the PKG and the secret key (including the secret value) held by the user can be leaked by the attacker. We first construct the scheme in bounded leakage model and then extend it to continual leakage model.
Finally, all of these schemes require lots of composite order bilinear pairing operations. We will describe how to improve the efficient of it on graphics hardware in chapter 4. We run the parings in parallel on GPU to accelerate them. The implement scheme and efficient are presented in this thesis. / published_or_final_version / Computer Science / Doctoral / Doctor of Philosophy
|
5 |
Two mathematical security aspects of the RSA cryptosystem : signature padding schemes and key generation with a backdoorArboit, Geneviève January 2008 (has links)
No description available.
|
6 |
Encryption security against key-dependent-message attacks: applications, realizations and separationsHajiabadi, Mohammad 17 August 2016 (has links)
In this thesis we study the notion of circular security for bit-encryption schemes.
Informally speaking, a bit-encryption scheme is circular secure if it remains secure
even if the key of the system is used to encrypt its own individual bits. This notion
(or slight extensions thereof) has foundational applications, most notably in
the context of fully-homomorphic encryption and amplification techniques for key dependent-
message security.
We explore the notion of circular security from three different perspectives, stemming
from (1) assumptions sufficient to realize this notion, (2) minimal black-box
assumptions on which this notion can be based and (c) applications of this notion
when combined with other properties. Our main results are as follows:
We give a construction of circular-secure public-key bit encryption based on any
public-key encryption scheme that satisfies two special properties. We show
that our constructed scheme besides circular security also offers two forms of
key-leakage resilience. Our construction unifies two existing specific constructions
of circular-secure schemes in the literature and also gives rise to the first
construction based on homomorphic hash proof systems.
We show that seed-circular-secure public-key bit-encryption schemes cannot be
based on semantically-secure public-key encryption schemes in a fully-blackbox
way. A scheme is seed-circular-secure if it allows for the bits of the seed
(used to generate the public/secret keys) to be securely encrypted under the
corresponding public key. We then extend this result to rule out a large and
non-trivial class of constructions for circular security that we call key-isolating
constructions.
We give generic constructions of several fundamental cryptographic primitives
based on a public-key bit-encryption scheme that combines circular security
with a structural property called reproducibility. The main primitives that
we build include families of trapdoor functions with strong security properties
(i.e., one-wayness under correlated inputs), adaptive-chosen-ciphertext (CCA2)
secure encryption schemes and deterministic encryption schemes. / Graduate / 0984
|
7 |
On the complexity of homomorphic encryption. / 同態加密的複雜度 / CUHK electronic theses & dissertations collection / Tong tai jia mi de fu za duJanuary 2013 (has links)
Lee, Chin Ho. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2013. / Includes bibliographical references (leaves 77-82). / Electronic reproduction. Hong Kong : Chinese University of Hong Kong, [2012] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Abstracts also in Chinese.
|
8 |
The BGN public-key cryptosystem and its application to authentication, oblivious transfers, and proof-of-visit. / CUHK electronic theses & dissertations collectionJanuary 2006 (has links)
In The Second Theory of Cryptography Conference (TCC 2005), Boneh, Goh, and Nissim proposed a new structure of bilinear groups that have a composite order and a new cryptosystem which is intractable on a decisional problem over the subgroup in such structure [BGN05]. Their proposal, which referred to as the BGN cryptosystem by researchers, receive much attention and is quickly followed by two publications in CRYPTO'05 [BI05, OI05]. / In this thesis, the author performs in-depth study of the BGN public-key cryptosystem and existing literatures on its applications. The author observes two properties of BGN, namely the indistinguishability of the BGN ciphertexts of sum and product of two messages, and the verifiability of elements from composite prime subgroups in BGN settings. The author further proposes three new applications of BGN, namely the protocols for authentication, oblivious transfer, and proof-of-visit respectively. / The BGN cryptosystem is a dual homomorphic public-key cryptosystem that enables the evaluation of 2-DNF (disjunctive normal form) formulas on ciphertexts. In their work, Boneh et. al. also presented three applications, namely private information retrieval with reduced computational complexity, an e-voting system without non-interactive zero knowledge proofs, and a protocol for universally verifiable computation. Few number of works also produced from the BGN public-key system, include non-interactive zero-knowledge proof (NIZK), obfuscated ciphertext mixing, and signature. / Chan Yuen Yan. / "June 2006." / Adviser: Victor K. Wei. / Source: Dissertation Abstracts International, Volume: 67-11, Section: B, page: 6498. / Thesis (Ph.D.)--Chinese University of Hong Kong, 2006. / Includes bibliographical references (p. 85-100). / Electronic reproduction. Hong Kong : Chinese University of Hong Kong, [2012] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Electronic reproduction. [Ann Arbor, MI] : ProQuest Information and Learning, [200-] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Abstracts in English and Chinese. / School code: 1307.
|
9 |
Implementation aspects of elliptic curve cryptographySava��, Erkay 20 June 2000 (has links)
As the information-processing and telecommunications revolutions now underway
will continue to change our life styles in the rest of the 21st century, our
personal and economic lives rely more and more on our ability to transact over
the electronic medium in a secure way. The privacy, authenticity, and integrity of
the information transmitted or stored on networked computers must be maintained
at every point of the transaction. Fortunately, cryptography provides algotrithms
and techniques for keeping information secret, for determining that the contents
of a transaction have not been tampered with, for determining who has really authorized
the transaction, and for binding the involved parties with the contents of
the transaction. Since we need security on every piece of digital equipment that
helps conduct transactions over the internet in the near future, space and time performances
of cryptographic algorithms will always remain to be among the most
critical aspects of implementing cryptographic functions.
A major class of cryptographic algorithms comprises public-key schemes which
enable to realize the message integrity and authenticity check, key distribution,
digital signature functions etc. An important category of public-key algorithms is
that of elliptic curve cryptosystems (ECC). One of the major advantages of elliptic
curve cryptosystems is that they utilize much shorter key lengths in comparison to
other well known algorithms such as RSA cryptosystems. However, as do the other
public-key cryptosystems ECC also requires computationally intensive operations.
Although the speed remains to be always the primary concern, other design constraints
such as memory might be of significant importance for certain constrained
platforms.
In this thesis, we are interested in developing space- and time-efficient hardware
and software implementations of the elliptic curve cryptosystems. The main focus
of this work is to improve and devise algorithms and hardware architectures for
arithmetic operations of finite fields used in elliptic curve cryptosystems. / Graduation date: 2001
|
10 |
Design and development of a web-based DOD PKI common access card (CAC) instructional tool /Athanasopoulos, Vasileios D. January 2004 (has links) (PDF)
Thesis (M.S. in Computer Science)--Naval Postgraduate School, March 2004. / Thesis advisor(s): Cynthia E. Irvine, J.D. Fulp, Glenn R. Cook. Includes bibliographical references (p. 79-80). Also available online.
|
Page generated in 0.088 seconds