The BGN public-key cryptosystem and its application to authentication, oblivious transfers, and proof-of-visit. / CUHK electronic theses & dissertations collection

January 2006

In The Second Theory of Cryptography Conference (TCC 2005), Boneh, Goh, and Nissim proposed a new structure of bilinear groups that have a composite order and a new cryptosystem which is intractable on a decisional problem over the subgroup in such structure [BGN05]. Their proposal, which referred to as the BGN cryptosystem by researchers, receive much attention and is quickly followed by two publications in CRYPTO'05 [BI05, OI05]. / In this thesis, the author performs in-depth study of the BGN public-key cryptosystem and existing literatures on its applications. The author observes two properties of BGN, namely the indistinguishability of the BGN ciphertexts of sum and product of two messages, and the verifiability of elements from composite prime subgroups in BGN settings. The author further proposes three new applications of BGN, namely the protocols for authentication, oblivious transfer, and proof-of-visit respectively. / The BGN cryptosystem is a dual homomorphic public-key cryptosystem that enables the evaluation of 2-DNF (disjunctive normal form) formulas on ciphertexts. In their work, Boneh et. al. also presented three applications, namely private information retrieval with reduced computational complexity, an e-voting system without non-interactive zero knowledge proofs, and a protocol for universally verifiable computation. Few number of works also produced from the BGN public-key system, include non-interactive zero-knowledge proof (NIZK), obfuscated ciphertext mixing, and signature. / Chan Yuen Yan. / "June 2006." / Adviser: Victor K. Wei. / Source: Dissertation Abstracts International, Volume: 67-11, Section: B, page: 6498. / Thesis (Ph.D.)--Chinese University of Hong Kong, 2006. / Includes bibliographical references (p. 85-100). / Electronic reproduction. Hong Kong : Chinese University of Hong Kong, [2012] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Electronic reproduction. [Ann Arbor, MI] : ProQuest Information and Learning, [200-] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Abstracts in English and Chinese. / School code: 1307.

Data encryption (Computer science)

Public key cryptography

Radix-4 ASIC design of a scalable Montgomery modular multiplier using encoding techniques

Tawalbeh, Lo'ai

23 October 2002

Modular arithmetic operations (i.e., inversion, multiplication and exponentiation) are used in several cryptography applications, such as decipherment operation of RSA algorithm, Diffie-Hellman key exchange algorithm, elliptic curve cryptography, and the Digital Signature Standard including the Elliptic Curve Digital Signature Algorithm. The most important of these arithmetic operations is the modular multiplication operation since it is the core operation in many cryptographic functions. Given the increasing demands on secure communications, cryptographic algorithms will be embedded in almost every application involving exchange of information. Some of theses applications such as smart cards and hand-helds require hardware restricted in area and power resources. Cryptographic applications use a large number of bits in order to be considered secure. While some of these applications use 256-bit precision operands, others use precision values up to 2048 or 4096 such as in some exponentiation-based cryptographic applications. Based on this characteristics, a scalable multiplier that operates on any bit-size of the input values (variable precision) was recently proposed. It is replicated in order to generate long-precision results independently of the data path precision for which it was originally designed. The multiplier presented in this work is based on the Montgomery multiplication algorithm. This thesis work contributes by presenting a modified radix-4 Montgomery multiplication algorithm with new encoding technique for the multiples of the modulus. This work also describes the scalable hardware design and analyzes the synthesis results for a 0.5 ��m CMOS technology. The results are compared with two other proposed scalable Montgomery multiplier designs, namely, the radix-2 design, and the radix-8 design. The comparison is done in terms of area, total computational time and complexity. Since modular exponentiation can be generated by successive multiplication, we include in this thesis an analysis of the boundaries for inputs and outputs. Conditions are identified to allow the use of one multiplication output as the input of another one without adjustments (or reduction). High-radix multipliers exhibit higher complexity of the design. This thesis shows that radix-4 hardware architectures does not add significant complexity to radix-2 design and has a significant performance gain. / Graduation date: 2003

Multipliers (Mathematical analysis)

Data encryption (Computer science)

Fast bit-level, word-level and parallel arithmetic in finite fields for elliptic curve cryptosystems

Halbuto��ullar��, Alper

02 November 1998

Computer and network security has recently become a popular subject due to the explosive growth of the Internet and the migration of commerce practices to the electronic medium. Thus the authenticity and privacy of the information transmitted and the data stored on networked computers is of utmost importance. The deployment of network security procedures requires the implementation of cryptographic functions. More specifically, these include encryption, decryption, authentication, digital signature algorithms and message-digest functions. Performance has always been the most critical characteristic of a cryptographic function, which determines its effectiveness. In this thesis, we concentrate on developing high-speed algorithms and architectures for number theoretic cryptosystems. Our work is mainly focused on implementing elliptic curve cryptosystems efficiently, which requires space- and time-efficient implementations of arithmetic operations over finite fields. We introduce new methods for arithmetic operations over finite fields. Methodologies such as precomputation, residue number system representation, and parallel computation are adopted to obtain efficient algorithms that are applicable on a variety of cryptographic systems and subsystems. Since arithmetic operations in finite fields also have applications in coding theory and computer algebra, the methods proposed in this thesis are applicable to these applications as well. / Graduation date: 1999

Data encryption (Computer science)

Cryptography

Computer arithmetic

Fast software implementations of block ciphers

Sessions, Julian Brently

23 November 1998

Three block ciphers are considered to determine how well they can be implemented on existing superscalar architectures such as the Intel Pentium. An examination of the Pentium architecture suggests that substantial performance increases can be achieved if particular rules are followed. Software libraries are written in high-level C language and low-level assembly language to produce a package of routines which achieve a near optimal performance level on a current processor architecture. The structure of each algorithm is studied to determine if it is possible to alternatively implement the algorithm such that certain steps are reordered or reduced. Using the Intel MMX architectural advances, it is observed that one algorithm benefits dramatically from a new implementation that takes advantage of MMX strengths. / Graduation date: 1999

Data encryption (Computer science)

Cryptography

Computer security

High-speed algorithms & architectures for number-theoretic cryptosystems

Acar, Tolga

04 December 1997

Computer and network security systems rely on the privacy and authenticity of information, which requires implementation of cryptographic functions. Software implementations of these functions are often desired because of their flexibility and cost effectiveness. In this study, we concentrate on developing high-speed and area-efficient modular multiplication and exponentiation algorithms for number-theoretic cryptosystems. The RSA algorithm, the Diffie-Hellman key exchange scheme and Digital Signature Standard require the computation of modular exponentiation, which is broken into a series of modular multiplications. One of the most interesting advances in modular exponentiation has been the introduction of Montgomery multiplication. We are interested in two aspects of modular multiplication algorithms: development of fast and convenient methods on a given hardware platform, and hardware requirements to achieve high-performance algorithms. Arithmetic operations in the Galois field GF(2[superscript]k) have several applications in coding theory, computer algebra, and cryptography. We are especially interested in cryptographic applications where k is large, such as elliptic curve cryptosystems. / Graduation date: 1998

Cryptography

Data encryption (Computer science)

Computer algorithms

High-speed implementation of the RSA cryptosystem

Peng, Yanqun

31 January 1995

A public key cryptosystem allows two or more parties to securely communicate over an insecure channel without establishing a physically secure channel for key exchange. The RSA cryptosystem is the most popular public key cryptosystem ever invented. It is based on the difficulty of factoring large composite numbers. Once the RSA system is setup, i.e., the modulus, the private and public exponents are determined, and the public components have been published, the senders as well as the receivers perform a single operation for signing, encryption, decryption, and verification. This operation is the computation of modular exponentiation. In this thesis, we focus on fast implementations of the modular exponentiation operation. Several methods for modular exponentiation are presented, including the binary method and the m-ary method. We give a general algorithm of implementing the m-ary method, and some examples of the quaternary method and the octal method. The standard multiplication and squaring algorithms are also discussed as methods to implement the modular multiplication and squaring operations. Two methods for performing the modular multiplication operation are given: the multiply and reduce method and the Montgomery method. The Montgomery product algorithm is used in the implementation of the modular exponentiation operation. The algorithms presented in this thesis are implemented in C and 16-bit in-line 80486 assembly code. We have performed extensive testing of the code, and obtained timing results which are given in the last chapter of the thesis. / Graduation date: 1995

Data encryption (Computer science)

Computer security

Digital Signcryption

Smith, Clayton D.

January 2005

Signcryption is a new cryptographic primitive which simultaneously provides both confidentiality and authenticity. Previously, these two goals had been considered separately, with encryption schemes providing confidentiality and signature schemes providing authenticity. In cases where both were required, the encryption and signature operations were simply sequentially composed. In 1997, Zheng demonstrated that by combining both goals into a single primitive, it is possible to achieve significant savings both in computational and communication overhead. Since then, a wide variety of signcryption schemes have been proposed. In this thesis, we present a number of the proposed signcryption schemes in terms of a common framework. For the most part, the material has been previously presented in various research papers, but some previously omitted proofs have been filled in here. We begin by giving a formal definition of the signcryption primitive, complete with a security model. Then we look at some of the various proposed signcryption schemes, and consider their relative advantages and disadvantages. Finally, we look ahead at what future progress might be made in the field.

Mathematics

signcryption

confidentiality

authenticity

encryption

signatures

cryptography

Investigating Security Options for StudentDevelop.com and the Testing of SSL

Nunga, Jude, Okeke, Godwin

January 2012

Security issues have become a key problem with most e-commerce platforms these days and information sent over the internet needs to be protected. When operating an e-commerce platform such as studentdevelop.com financial transactions are involved. Data communication is very vital to e-commerce and needs to be processed securely. This thesis shall investigate Secure Socket Layer (SSL) as a possible solution to provide added security such as data integrity and confidentiality on the StudentDevelop.com web portal. This thesis shall also compare other known security suites available for use which could suit the StudentDevelop.com web platform. A vivid comparison shall be carried out to evaluate SSL and Pretty Good Privacy (PGP) with the aim of testing the preferred choice to provide encryption and data confidentiality on the StudentDevelop.com platform. Protocols like SSL make up the next layers of mechanisms that support applications with electronic payment schemes. Cryptography being an essential security technology involving the encryption algorithm and digital signatures can provide the basic building blocks. SSL shall be tested on the StudentDevelop.com platform by installing a self-signed certificate, including a test of a digital certificate obtained from a certificate authority. In SSL, the web browser is the client and the web-site server is the server. As a result to authenticate consumers on e-commerce platform such as studentdevelop.com, SSL increased the security for web transactions by using public-key encryption and digital certificate to achieve authentication. Encryption algorithm and digital signatures provided the basic building blocks, while SSL protocol made up the next layer of mechanisms that in return support the application layer. In the fourth coming sub chapters, we will look in to the problem description of this thesis and the investigation of security solutions for studentdevelop.com.

SSL

Authentication

Encryption

Communication

Web 2.0

Data

Digital Signcryption

Smith, Clayton D.

January 2005

Signcryption is a new cryptographic primitive which simultaneously provides both confidentiality and authenticity. Previously, these two goals had been considered separately, with encryption schemes providing confidentiality and signature schemes providing authenticity. In cases where both were required, the encryption and signature operations were simply sequentially composed. In 1997, Zheng demonstrated that by combining both goals into a single primitive, it is possible to achieve significant savings both in computational and communication overhead. Since then, a wide variety of signcryption schemes have been proposed. In this thesis, we present a number of the proposed signcryption schemes in terms of a common framework. For the most part, the material has been previously presented in various research papers, but some previously omitted proofs have been filled in here. We begin by giving a formal definition of the signcryption primitive, complete with a security model. Then we look at some of the various proposed signcryption schemes, and consider their relative advantages and disadvantages. Finally, we look ahead at what future progress might be made in the field.

Mathematics

signcryption

confidentiality

authenticity

encryption

signatures

cryptography

Advanced Dynamic Encryption – A Security Enhancement Protocol for IEEE 802.11 and Hybrid Wireless Network

Yu, Peter Huan Pe

2010 December 1900

Data integrity and privacy are the two most important security requirements in wireless communication. Most mechanisms rely on pre-share key data encryption to prevent unauthorized users from accessing confidential information. However, a fixed secret key is vulnerable to cracking by capturing sufficient packets or launching a dictionary attack. In this research, a dynamic re-keying encryption protocol was developed to enhance the security protection for IEEE 802.11 and hybrid wireless network. This protocol automatically updates the secret key during the end-to-end transmission between wireless devices to protect the network and the communication privacy. In addition, security analyses are given to verify the protection of this protocol. Experiment results also validate that the dynamic encryption approach can perform as efficiently as other security architectures while providing an additional layer of data protection.

Security

Privacy

Protocol

Wireless Network

Encryption