Secure Function Evaluation
|
|
- Jasmine Hawkins
- 5 years ago
- Views:
Transcription
1 Secure Function Evaluation 1) Use cryptography to securely compute a function/program. 2) Secure means a) Participant s inputs stay secret even though they are used in the computation. b) No participant can undetectably cause the program to output the wrong result. Why do we use cryptography to secure a program? It gives software independence because private inputs remains private and independent of what software does. If the software messes up then it s gonna break security property. There are two security models namely, a) Honest but curious: It considers Participant s inputs stay secret even though they are used in the computation. b) Malicious model: It includes both, 1. Participant s inputs stay secret even though they are used in the computation. 2. No participant can undetectably cause the program to output the wrong result. It s slow and it works only for basic function like voting system etc. Software should avoid attacks like buffer overflow, return oriented programming and code injection. Honest but curious can be converted into fully malicious generally by throwing lot of crypto at it. Garbled circuits: 1) Idea shows how to compute(security) a logic gate such as NAND. 2) Because NAND is an universal gate, build any circuit out of secure executions of NAND s. 3) Compute any program for e.g y=nand(a,b); where a is Alice s input and b is Bob s input. In order to implement this protocol we use encryption function(same key for both encryption and decryption), shuffled function and oblivious transfer to compute the program. 4) It s honest but curious model and there are ways to make it fully malicious In the NAND gate, Y=NAND(a,b); Alice knows bit a and Bob knows bit b. At the end of the computation, neither of them will know each others bit. We can t guarantee that after seeing y we can guess the inputs. If the output of the function doesn t reveals what your input is, then security is good else something need to be done.
2 Oblivious transfer(sketch): - Say there are two messages m 0 and m 1 (Bob knows these messages but Alice doesn t). - Alice can choose which one she wants(first or second) and Bob will not be able to learn what Alice chooses. Eg. Alice is willing to buy a song track either song 1 or song 2 for 99 cents, Bob has no problem if she picks any one of these song for 99 cents and he doesn t need to know what she picks but it bothers Bob if Alice gets both the songs for 99cents. - Bob can be ensured, Alice learns only one and nothing about the other. Nand Gate Logic: A B Y Steps: 1. Bob generates a key for every input to F. Here we use same key for encryption and decryption. Let [m] k be encryption of m under key k. Input Key a=0 K a0 a=1 K a1 b=0 K b0 b=1 K b1 Key: For an encryption scheme(eg. AES) 2. Bob encrypts the outputs with the appropriate key Output(Y) Cipher text 1 [[1] Ka0 ] Kb0 1 [[1] Ka0 ] Kb1 1 [[1] Ka1 ] Kb0 0 [[0] Ka1 ] Kb1
3 3. Bob shuffles the list and send this to Alice. Output(Y) Cipher text After Shuffle 1 [[1] Ka0 ] Kb0 [[1] Ka1 ] Kb0 1 [[1] Ka0 ] Kb1 [[0] Ka1 ] Kb1 1 [[1] Ka1 ] Kb0 [[1] Ka0 ] Kb1 0 [[0] Ka1 ] Kb1 [[1] Ka0 ] Kb0 4. Assume Alice has a=1, Bob has b=0; Now Bob sends K b0 to Alice(Knowing key doesn t leak any input of Bob). When Alice decrypts it, Output(Y) Cipher text After Shuffle Decrypt 1 [[1] Ka0 ] Kb0 [[1] Ka1 ] Kb0 [1] Ka1 1 [[1] Ka0 ] Kb1 [[0] Ka1 ] Kb1-1 [[1] Ka1 ] Kb0 [[1] Ka0 ] Kb1-0 [[0] Ka1 ] Kb1 [[1] Ka0 ] Kb0 [1] Ka0 Assumption: If we decrypt with wrong key, It gives an error. At this point Alice doesn t know if Bob picked 0 or 1. Here permutation matters and Alice getting key from Bob is important. 5. Using oblivious transfer Alice gets K a1 from Bob w/o Bob learning which value. Output(Y) Cipher text After Shuffle Decrypt 2 nd Decryption 1 [[1] Ka0 ] Kb0 [[1] Ka1 ] Kb0 [1] Ka1 1 1 [[1] Ka0 ] Kb1 [[0] Ka1 ] Kb [[1] Ka1 ] Kb0 [[1] Ka0 ] Kb [[0] Ka1 ] Kb1 [[1] Ka0 ] Kb0 [1] Ka0 - Why is this Honest but curious model? If Alice/Bob tries to cheat then they get wrong output. We can make Bob do encryption 100 times. If it s consistent Alice can believe Bob encrypted correctly. Using NAND gates: let Bob generate key for c as follows:
4 C Key 0 K c0 1 K c1 Cipher text After Shuffle Decrypt 2 nd Decryption [[K c1 ] Ka0 ] Kb0 [[K c1 ] Ka1 ] Kb0 [K c1 ] Ka1 K c1 [[K c1 ] Ka0 ] Kb1 [[K c0 ] Ka1 ] Kb1 - - [[K c1 ] Ka1 ] Kb0 [[K c1 ] Ka0 ] Kb1 - - [[K c0 ] Ka1 ] Kb1 [[K c1 ] Ka0 ] Kb0 [K c1 ] Ka0 - Fully Homomorphic Encryption: We are trying to compute a function with a bunch of private inputs y=f(a,b,c,d). In fully malicious model, all the participants will upload encryption of their data and cloud will compute function f on encrypted inputs. Result will also be encryption of output. There is no secret involved as all the inputs involved are cipher texts implies all the inputs are encrypted. It s also called as computing on encrypted data.
5 There is a special encryption scheme. Encryption scheme supports two functions: 3. [m 1 ] * [m 2 ] = [m 1 +m 2 mod 2] 4. [m 1 ] * [m 2 ] = [m 1.m 2 mod 2] Note: * can be any operation. If we have these two computations we can compute NAND gate It s Public key encryption scheme. All the participants can encrypt on same key but only one person can decrypt. So who gets to decrypt? Use threshold decryption where each share a part of decryption key. Symmetric key encryption is faster where as public key encryption is slower. Properties of encryption scheme: Scheme invented recently by gentry doesn t support unlimited multiplications. Unlimited multiplication means a. Multi add noise b. Somewhat called homomorphic Boot Strapping It works when decryption function itself has less than the max number of multiplications. We can t run c through as it creates further noise so we wrap it into another layer of encryption and decrypt. We repeat the process.
6 Squashing: Problem decryption didn t fit under the max number of multiplication Dec(C, K) = M [1] Defined Dec2(C, K, AUX)=M [2] Where AUX is secret. Equations [1], [2] are identical but the second equation has an auxiliary input.
Introduction to Cryptography CS 355
Introduction to Cryptography CS 355 Lecture 25 Mental Poker And Semantic Security CS 355 Fall 2005 / Lecture 25 1 Lecture Outline Review of number theory The Mental Poker Protocol Semantic security Semantic
More informationCryptography CS 555. Topic 20: Other Public Key Encryption Schemes. CS555 Topic 20 1
Cryptography CS 555 Topic 20: Other Public Key Encryption Schemes Topic 20 1 Outline and Readings Outline Quadratic Residue Rabin encryption Goldwasser-Micali Commutative encryption Homomorphic encryption
More informationSolution: Alice tosses a coin and conveys the result to Bob. Problem: Alice can choose any result.
Example - Coin Toss Coin Toss: Alice and Bob want to toss a coin. Easy to do when they are in the same room. How can they toss a coin over the phone? Mutual Commitments Solution: Alice tosses a coin and
More informationSecure Distributed Computation on Private Inputs
Secure Distributed Computation on Private Inputs David Pointcheval ENS - CNRS - INRIA Foundations & Practice of Security Clermont-Ferrand, France - October 27th, 2015 The Cloud David Pointcheval Introduction
More informationDistributed Settlers of Catan
Distributed Settlers of Catan Hassan Alsibyani, Tim Mickel, Willy Vasquez, Xiaoyue Zhang Massachusetts Institute of Technology May 15, 2014 Abstract Settlers of Catan is a popular multiplayer board game
More informationExample Enemy agents are trying to invent a new type of cipher. They decide on the following encryption scheme: Plaintext converts to Ciphertext
Cryptography Codes Lecture 3: The Times Cipher, Factors, Zero Divisors, and Multiplicative Inverses Spring 2015 Morgan Schreffler Office: POT 902 http://www.ms.uky.edu/~mschreffler New Cipher Times Enemy
More informationClassical Cryptography
Classical Cryptography CS 6750 Lecture 1 September 10, 2009 Riccardo Pucella Goals of Classical Cryptography Alice wants to send message X to Bob Oscar is on the wire, listening to all communications Alice
More informationLecture 32. Handout or Document Camera or Class Exercise. Which of the following is equal to [53] [5] 1 in Z 7? (Do not use a calculator.
Lecture 32 Instructor s Comments: This is a make up lecture. You can choose to cover many extra problems if you wish or head towards cryptography. I will probably include the square and multiply algorithm
More informationPublic Key Cryptography Great Ideas in Theoretical Computer Science Saarland University, Summer 2014
7 Public Key Cryptography Great Ideas in Theoretical Computer Science Saarland University, Summer 2014 Cryptography studies techniques for secure communication in the presence of third parties. A typical
More informationMerkle s Puzzles. c Eli Biham - May 3, Merkle s Puzzles (8)
Merkle s Puzzles See: Merkle, Secrecy, Authentication, and Public Key Systems, UMI Research press, 1982 Merkle, Secure Communications Over Insecure Channels, CACM, Vol. 21, No. 4, pp. 294-299, April 1978
More informationLecture 39: GMW Protocol GMW
Lecture 39: Protocol Recall Last lecture we saw that we can securely compute any function using oblivious transfer (which can be constructed from the RSA assumption) However, the protocol is efficient
More informationEfficient Constant-Round Multiparty Computation
Efficient Constant-Round Multiparty Computation Yehuda Lindell Bar-Ilan University Based on joint works with Aner Ben-Efraim, Eran Omri, Benny Pinkas, Nigel Smart, Eduardo Soria-Vasquez and Avishai Yanay
More informationBlock Ciphers Security of block ciphers. Symmetric Ciphers
Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 26 Assume encryption and decryption use the same key. Will discuss how to distribute key to all parties later Symmetric ciphers unusable
More informationMAT 302: ALGEBRAIC CRYPTOGRAPHY. Department of Mathematical and Computational Sciences University of Toronto, Mississauga.
MAT 302: ALGEBRAIC CRYPTOGRAPHY Department of Mathematical and Computational Sciences University of Toronto, Mississauga February 27, 2013 Mid-term Exam INSTRUCTIONS: The duration of the exam is 100 minutes.
More informationDiffie-Hellman key-exchange protocol
Diffie-Hellman key-exchange protocol This protocol allows two users to choose a common secret key, for DES or AES, say, while communicating over an insecure channel (with eavesdroppers). The two users
More informationCryptography. Module in Autumn Term 2016 University of Birmingham. Lecturers: Mark D. Ryan and David Galindo
Lecturers: Mark D. Ryan and David Galindo. Cryptography 2017. Slide: 1 Cryptography Module in Autumn Term 2016 University of Birmingham Lecturers: Mark D. Ryan and David Galindo Slides originally written
More informationo Broken by using frequency analysis o XOR is a polyalphabetic cipher in binary
We spoke about defense challenges Crypto introduction o Secret, public algorithms o Symmetric, asymmetric crypto, one-way hashes Attacks on cryptography o Cyphertext-only, known, chosen, MITM, brute-force
More informationThe number theory behind cryptography
The University of Vermont May 16, 2017 What is cryptography? Cryptography is the practice and study of techniques for secure communication in the presence of adverse third parties. What is cryptography?
More informationExample Enemy agents are trying to invent a new type of cipher. They decide on the following encryption scheme: Plaintext converts to Ciphertext
Cryptography Codes Lecture 4: The Times Cipher, Factors, Zero Divisors, and Multiplicative Inverses Spring 2014 Morgan Schreffler Office: POT 902 http://www.ms.uky.edu/~mschreffler New Cipher Times Enemy
More informationCPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 5b September 11, 2013 CPSC 467, Lecture 5b 1/11 Stream ciphers CPSC 467, Lecture 5b 2/11 Manual stream ciphers Classical stream ciphers
More informationTowards a Cryptanalysis of Scrambled Spectral-Phase Encoded OCDMA
Towards a Cryptanalysis of Scrambled Spectral-Phase Encoded OCDMA Sharon Goldberg* Ron Menendez **, Paul R. Prucnal* *, **Telcordia Technologies OFC 27, Anaheim, CA, March 29, 27 Secret key Security for
More informationCRYPTANALYSIS OF THE PERMUTATION CIPHER OVER COMPOSITION MAPPINGS OF BLOCK CIPHER
CRYPTANALYSIS OF THE PERMUTATION CIPHER OVER COMPOSITION MAPPINGS OF BLOCK CIPHER P.Sundarayya 1, M.M.Sandeep Kumar 2, M.G.Vara Prasad 3 1,2 Department of Mathematics, GITAM, University, (India) 3 Department
More information#27: Number Theory, Part II: Modular Arithmetic and Cryptography May 1, 2009
#27: Number Theory, Part II: Modular Arithmetic and Cryptography May 1, 2009 This week you will study modular arithmetic arithmetic where we make the natural numbers wrap around by only considering their
More informationCryptography, Number Theory, and RSA
Cryptography, Number Theory, and RSA Joan Boyar, IMADA, University of Southern Denmark November 2015 Outline Symmetric key cryptography Public key cryptography Introduction to number theory RSA Modular
More informationChapter 4 The Data Encryption Standard
Chapter 4 The Data Encryption Standard History of DES Most widely used encryption scheme is based on DES adopted by National Bureau of Standards (now National Institute of Standards and Technology) in
More informationNetwork Security: Secret Key Cryptography
1 Network Security: Secret Key Cryptography Henning Schulzrinne Columbia University, New York schulzrinne@cs.columbia.edu Columbia University, Fall 2000 cfl1999-2000, Henning Schulzrinne Last modified
More informationPublic Key Encryption
Math 210 Jerry L. Kazdan Public Key Encryption The essence of this procedure is that as far as we currently know, it is difficult to factor a number that is the product of two primes each having many,
More informationRelated Ideas: DHM Key Mechanics
Related Ideas: DHM Key Mechanics Example (DHM Key Mechanics) Two parties, Alice and Bob, calculate a key that a third person Carl will never know, even if Carl intercepts all communication between Alice
More informationOverview. The Big Picture... CSC 580 Cryptography and Computer Security. January 25, Math Basics for Cryptography
CSC 580 Cryptography and Computer Security Math Basics for Cryptography January 25, 2018 Overview Today: Math basics (Sections 2.1-2.3) To do before Tuesday: Complete HW1 problems Read Sections 3.1, 3.2
More informationTMA4155 Cryptography, Intro
Trondheim, December 12, 2006. TMA4155 Cryptography, Intro 2006-12-02 Problem 1 a. We need to find an inverse of 403 modulo (19 1)(31 1) = 540: 540 = 1 403 + 137 = 17 403 50 540 + 50 403 = 67 403 50 540
More informationThe Chinese Remainder Theorem
The Chinese Remainder Theorem Theorem. Let m and n be two relatively prime positive integers. Let a and b be any two integers. Then the two congruences x a (mod m) x b (mod n) have common solutions. Any
More informationDrill Time: Remainders from Long Division
Drill Time: Remainders from Long Division Example (Drill Time: Remainders from Long Division) Get some practice finding remainders. Use your calculator (if you want) then check your answers with a neighbor.
More informationThe Chinese Remainder Theorem
The Chinese Remainder Theorem Theorem. Let n 1,..., n r be r positive integers relatively prime in pairs. (That is, gcd(n i, n j ) = 1 whenever 1 i < j r.) Let a 1,..., a r be any r integers. Then the
More informationDiscrete Mathematics & Mathematical Reasoning Multiplicative Inverses and Some Cryptography
Discrete Mathematics & Mathematical Reasoning Multiplicative Inverses and Some Cryptography Colin Stirling Informatics Some slides based on ones by Myrto Arapinis Colin Stirling (Informatics) Discrete
More informationMathematics Explorers Club Fall 2012 Number Theory and Cryptography
Mathematics Explorers Club Fall 2012 Number Theory and Cryptography Chapter 0: Introduction Number Theory enjoys a very long history in short, number theory is a study of integers. Mathematicians over
More informationChapter 4 MASK Encryption: Results with Image Analysis
95 Chapter 4 MASK Encryption: Results with Image Analysis This chapter discusses the tests conducted and analysis made on MASK encryption, with gray scale and colour images. Statistical analysis including
More informationSimple And Efficient Shuffling With Provable Correctness and ZK Privacy
Simple And Efficient Shuffling With Provable Correctness and ZK Privacy Kun Peng, Colin Boyd and Ed Dawson Information Security Institute Queensland University of Technology {k.peng, c.boyd, e.dawson}@qut.edu.au
More informationEfficient Privacy-Preserving Biometric Identification
Efficient Privacy-Preserving Biometric Identification Yan Huang Lior Malka David Evans Jonathan Katz http://www.mightbeevil.org/secure-biometrics/ Feb 9, 2011 Motivating Scenario: Private No-Fly Checking
More informationPractice Midterm 2 Solutions
Practice Midterm 2 Solutions May 30, 2013 (1) We want to show that for any odd integer a coprime to 7, a 3 is congruent to 1 or 1 mod 7. In fact, we don t need the assumption that a is odd. By Fermat s
More informationAlgorithmic Number Theory and Cryptography (CS 303)
Algorithmic Number Theory and Cryptography (CS 303) Modular Arithmetic and the RSA Public Key Cryptosystem Jeremy R. Johnson 1 Introduction Objective: To understand what a public key cryptosystem is and
More informationEE 418: Network Security and Cryptography
EE 418: Network Security and Cryptography Homework 3 Solutions Assigned: Wednesday, November 2, 2016, Due: Thursday, November 10, 2016 Instructor: Tamara Bonaci Department of Electrical Engineering University
More informationRobust Key Establishment in Sensor Networks
Robust Key Establishment in Sensor Networks Yongge Wang Abstract Secure communication guaranteeing reliability, authenticity, and privacy in sensor networks with active adversaries is a challenging research
More informationAn enciphering scheme based on a card shuffle
An enciphering scheme based on a card shuffle Ben Morris Mathematics, UC Davis Joint work with Viet Tung Hoang (Computer Science, UC Davis) and Phil Rogaway (Computer Science, UC Davis). Setting Blockcipher
More informationDUBLIN CITY UNIVERSITY
DUBLIN CITY UNIVERSITY SEMESTER ONE EXAMINATIONS 2013 MODULE: (Title & Code) CA642 Cryptography and Number Theory COURSE: M.Sc. in Security and Forensic Computing YEAR: 1 EXAMINERS: (Including Telephone
More informationSolutions for the Practice Final
Solutions for the Practice Final 1. Ian and Nai play the game of todo, where at each stage one of them flips a coin and then rolls a die. The person who played gets as many points as the number rolled
More informationLecture 1: Introduction
Lecture 1: Introduction Instructor: Omkant Pandey Spring 2018 (CSE390) Instructor: Omkant Pandey Lecture 1: Introduction Spring 2018 (CSE390) 1 / 13 Cryptography Most of us rely on cryptography everyday
More informationAES Encryption and Decryption in Microsoft.NET
AES Encryption and Decryption in Microsoft.NET William J. Buchanan Centre for Distributed Computing and Security, Edinburgh Napier University {w.buchanan}@napier.ac.uk http://cdcs.napier.ac.uk Abstract.
More informationCryptography. 2. decoding is extremely difficult (for protection against eavesdroppers);
18.310 lecture notes September 2, 2013 Cryptography Lecturer: Michel Goemans 1 Public Key Cryptosystems In these notes, we will be concerned with constructing secret codes. A sender would like to encrypt
More informationClassification of Ciphers
Classification of Ciphers A Thesis Submitted in Partial Fulfillment of the Requirements for the Degree of Master of Technology by Pooja Maheshwari to the Department of Computer Science & Engineering Indian
More informationMA 111, Topic 2: Cryptography
MA 111, Topic 2: Cryptography Our next topic is something called Cryptography, the mathematics of making and breaking Codes! In the most general sense, Cryptography is the mathematical ideas behind changing
More informationSymmetric-key encryption scheme based on the strong generating sets of permutation groups
Symmetric-key encryption scheme based on the strong generating sets of permutation groups Ara Alexanyan Faculty of Informatics and Applied Mathematics Yerevan State University Yerevan, Armenia Hakob Aslanyan
More informationNumber Theory and Public Key Cryptography Kathryn Sommers
Page!1 Math 409H Fall 2016 Texas A&M University Professor: David Larson Introduction Number Theory and Public Key Cryptography Kathryn Sommers Number theory is a very broad and encompassing subject. At
More informationCOS433/Math 473: Cryptography. Mark Zhandry Princeton University Spring 2017
COS433/Math 473: Cryptography Mark Zhandry Princeton University Spring 2017 Previously Pseudorandom Functions and Permutaitons Modes of Operation Pseudorandom Functions Functions that look like random
More informationIs Your Mobile Device Radiating Keys?
Is Your Mobile Device Radiating Keys? Benjamin Jun Gary Kenworthy Session ID: MBS-401 Session Classification: Intermediate Radiated Leakage You have probably heard of this before App Example of receiving
More informationNote Computations with a deck of cards
Theoretical Computer Science 259 (2001) 671 678 www.elsevier.com/locate/tcs Note Computations with a deck of cards Anton Stiglic Zero-Knowledge Systems Inc, 888 de Maisonneuve East, 6th Floor, Montreal,
More informationFinding the key in the haystack
A practical guide to Differential Power hunz Zn000h AT gmail.com December 30, 2009 Introduction Setup Procedure Tunable parameters What s DPA? side channel attack introduced by Paul Kocher et al. 1998
More informationA Secure Image Encryption Algorithm Based on Hill Cipher System
Buletin Teknik Elektro dan Informatika (Bulletin of Electrical Engineering and Informatics) Vol.1, No.1, March 212, pp. 51~6 ISSN: 289-3191 51 A Secure Image Encryption Algorithm Based on Hill Cipher System
More informationKnights, Spies, Games and Social Networks
Knights, Spies, Games and Social Networks Mark Wildon 16 February 2010 The Knights and Spies Problem In a room there are 100 people. Each person is either a knight or a spy. Knights always tell the truth,
More informationRSA hybrid encryption schemes
RSA hybrid encryption schemes Louis Granboulan École Normale Supérieure Louis.Granboulan@ens.fr Abstract. This document compares the two published RSA-based hybrid encryption schemes having linear reduction
More informationAndrei Sabelfeld. Joint work with Per Hallgren and Martin Ochoa
Andrei Sabelfeld Joint work with Per Hallgren and Martin Ochoa Privacy for location based services Explosion of interest to location based services (LBS) locating people, vehicles, vessels, cargo, devices
More informationApplication: Public Key Cryptography. Public Key Cryptography
Application: Public Key Cryptography Suppose I wanted people to send me secret messages by snail mail Method 0. I send a padlock, that only I have the key to, to everyone who might want to send me a message.
More informationPower Analysis Attacks on SASEBO January 6, 2010
Power Analysis Attacks on SASEBO January 6, 2010 Research Center for Information Security, National Institute of Advanced Industrial Science and Technology Table of Contents Page 1. OVERVIEW... 1 2. POWER
More information1. The decimal number 62 is represented in hexadecimal (base 16) and binary (base 2) respectively as
BioE 1310 - Review 5 - Digital 1/16/2017 Instructions: On the Answer Sheet, enter your 2-digit ID number (with a leading 0 if needed) in the boxes of the ID section. Fill in the corresponding numbered
More informationFaster Malicious 2-party Secure Computation with Online/Offline Dual Execution. Peter Rindal Mike Rosulek
Faster Malicious 2-part Secure Computation with Online/Oline Dual Eecution Peter Rindal Mike Rosulek 2 Part Computation Real Protocol (, ) Ideal Functionalit (, ) 2 Part Computation Real Protocol (, )
More informationCryptanalysis on short messages encrypted with M-138 cipher machine
Cryptanalysis on short messages encrypted with M-138 cipher machine Tsonka Baicheva Miroslav Dimitrov Institute of Mathematics and Informatics Bulgarian Academy of Sciences 10-14 July, 2017 Sofia Introduction
More informationE2.11/ISE2.22 Digital Electronics II
E2.11/ISE2.22 Digital Electronics II roblem Sheet 6 (uestion ratings: A=Easy,, E=Hard. All students should do questions rated A, B or C as a minimum) 1B+ A full-adder is a symmetric function of its inputs
More informationIND-CCA Secure Hybrid Encryption from QC-MDPC Niederreiter
IND-CCA Secure Hybrid Encryption from QC-MDPC Niederreiter 7 th International Conference on Post-Quantum Cryptography 2016 Ingo von Maurich 1, Lukas Heberle 1, Tim Güneysu 2 1 Horst Görtz Institute for
More informationPublic Key Cryptography
Public Key Cryptography How mathematics allows us to send our most secret messages quite openly without revealing their contents - except only to those who are supposed to read them The mathematical ideas
More informationB. Substitution Ciphers, continued. 3. Polyalphabetic: Use multiple maps from the plaintext alphabet to the ciphertext alphabet.
B. Substitution Ciphers, continued 3. Polyalphabetic: Use multiple maps from the plaintext alphabet to the ciphertext alphabet. Non-periodic case: Running key substitution ciphers use a known text (in
More informationYale University Department of Computer Science
LUX ETVERITAS Yale University Department of Computer Science Secret Bit Transmission Using a Random Deal of Cards Michael J. Fischer Michael S. Paterson Charles Rackoff YALEU/DCS/TR-792 May 1990 This work
More informationSecure Location Verification with Hidden and Mobile Base Stations
Secure Location Verification with Hidden and Mobile Base Stations S. Capkun, K.B. Rasmussen - Department of Computer Science, ETH Zurich M. Cagalj FESB, University of Split M. Srivastava EE Department,
More informationSelf-Scrambling Anonymizer. Overview
Financial Cryptography 2000 21-25 february 2000 - Anguilla Self-Scrambling Anonymizers Département d Informatique ENS - CNRS David.Pointcheval@ens.fr http://www.di.ens.fr/~pointche Overview Introduction
More informationV.Sorge/E.Ritter, Handout 2
06-20008 Cryptography The University of Birmingham Autumn Semester 2015 School of Computer Science V.Sorge/E.Ritter, 2015 Handout 2 Summary of this handout: Symmetric Ciphers Overview Block Ciphers Feistel
More informationData security (Cryptography) exercise book
University of Debrecen Faculty of Informatics Data security (Cryptography) exercise book 1 Contents 1 RSA 4 1.1 RSA in general.................................. 4 1.2 RSA background.................................
More informationRSA hybrid encryption schemes
RSA hybrid encryption schemes Louis Granboulan École Normale Supérieure Louis.Granboulan@ens.fr Abstract. This document compares the two published RSA-based hybrid encryption schemes having linear reduction
More informationPurple. Used by Japanese government. Not used for tactical military info. Used to send infamous 14-part message
Purple Purple 1 Purple Used by Japanese government o Diplomatic communications o Named for color of binder cryptanalysts used o Other Japanese ciphers: Red, Coral, Jade, etc. Not used for tactical military
More informationVersion 2.0 CRAIGSLIST POSTING SECRET
CRAIGSLIST POSTING SECRET Disclaimer and Terms of Service: As always, the advice of a competent legal, tax, accounting or other professional should be sought. The author and publisher do not warrant the
More informationDevice Pairing at the Touch of an Electrode
Device Pairing at the Touch of an Electrode Marc Roeschlin, Ivan Martinovic, Kasper B. Rasmussen NDSS, 19 February 2018 NDSS 2018 (slide 1) Device Pairing (I) Bootstrap secure communication Two un-associated
More informationHum, Michael, Michelle and Jeff, you can guess? I ll just guess anything, five I guess. One through infinity.
Researcher: Robert B. Page: 1 of 7 s s is like [inaudible] I want to talk to the people, I want everyone to be quiet for a second and I want to talk just to the people who are sure, absolutely sure they
More informationProvably weak instances of Ring-LWE revisited
Provably weak instances of Ring-LWE revisited Wouter Castryck 1,2, Ilia Iliashenko 1, Frederik Vercauteren 1,3 1 COSIC, KU Leuven 2 Ghent University 3 Open Security Research EUROCRYPT, May 9, 2016 Provably
More informationHalftone based Secret Sharing Visual Cryptographic Scheme for Color Image using Bit Analysis
Pavan Kumar Gupta et al,int.j.comp.tech.appl,vol 3 (1), 17-22 Halftone based Secret Sharing Visual Cryptographic Scheme for Color using Bit Analysis Pavan Kumar Gupta Assistant Professor, YIT, Jaipur.
More informationCS70: Lecture 8. Outline.
CS70: Lecture 8. Outline. 1. Finish Up Extended Euclid. 2. Cryptography 3. Public Key Cryptography 4. RSA system 4.1 Efficiency: Repeated Squaring. 4.2 Correctness: Fermat s Theorem. 4.3 Construction.
More informationEncryption at the Speed of Light? Towards a cryptanalysis of an optical CDMA encryption scheme
Encryption at the Speed of Light? Towards a cryptanalysis of an optical CDMA encryption scheme Sharon Goldberg * Ron Menendez **, Paul R. Prucnal * *, ** Telcordia Technologies IPAM Workshop on Special
More informationDifferential Cryptanalysis of REDOC III
Differential Cryptanalysis of REDOC III Ken Shirriff Address: Sun Microsystems Labs, 2550 Garcia Ave., MS UMTV29-112, Mountain View, CA 94043. Ken.Shirriff@eng.sun.com Abstract: REDOC III is a recently-developed
More informationProceedings of Meetings on Acoustics
Proceedings of Meetings on Acoustics Volume 19, 213 http://acousticalsociety.org/ ICA 213 Montreal Montreal, Canada 2-7 June 213 Signal Processing in Acoustics Session 2pSP: Acoustic Signal Processing
More informationSCHMITT TRIGGER. Typical ``real world'' signals consist of a superposition of a ``noise'' signal and a
SCHMITT TRIGGER Typical ``real world'' signals consist of a superposition of a ``noise'' signal and a signal or signals of interest. For example, the signal at the bottom of Figure 19 shows a superposition
More informationIntroduction to Cryptography
B504 / I538: Introduction to Cryptography Spring 2017 Lecture 11 * modulo the 1-week extension on problems 3 & 4 Assignment 2 * is due! Assignment 3 is out and is due in two weeks! 1 Secrecy vs. integrity
More informationGeorgia Department of Education Georgia Standards of Excellence Framework GSE Grade 8 Mathematics Unit 4
Secret Codes and Number Rules: Part 1 Encryption is used by spies, secret societies, and other organizations to transfer information without other people reading their messages. Secret codes can be created
More informationLecture 28: Applications of Crypto Protocols
U.C. Berkeley Lecture 28 CS276: Cryptography April 27, 2006 Professor David Wagner Scribe: Scott Monasch Lecture 28: Applications of Crypto Protocols 1 Electronic Payment Protocols For this section we
More informationEE 418 Network Security and Cryptography Lecture #3
EE 418 Network Security and Cryptography Lecture #3 October 6, 2016 Classical cryptosystems. Lecture notes prepared by Professor Radha Poovendran. Tamara Bonaci Department of Electrical Engineering University
More informationOptimizing Semi-Honest Secure Multiparty Computation for the Internet
Optimizing Semi-Honest Secure Multiparty Computation for the Internet Aner Ben-Efraim Dept. of Computer Science Ben-Gurion University, Israel anermosh@post.bgu.ac.il Yehuda Lindell Dept. of Computer Science
More informationRepelling Sybil-type attacks in wireless ad hoc systems
Outline Repelling Sybil-type attacks in wireless ad hoc systems Marek Klonowski Michał Koza Mirosław Kutyłowski Institute of Mathematics and Computer Science, Wrocław University of Technology ACISP 2,
More informationRandom Bit Generation and Stream Ciphers
Random Bit Generation and Stream Ciphers Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: 8-1 Overview 1.
More informationJournal of Discrete Mathematical Sciences & Cryptography Vol. ( ), No., pp. 1 10
Dynamic extended DES Yi-Shiung Yeh 1, I-Te Chen 2, Ting-Yu Huang 1, Chan-Chi Wang 1, 1 Department of Computer Science and Information Engineering National Chiao-Tung University 1001 Ta-Hsueh Road, HsinChu
More informationPublic-key Cryptography: Theory and Practice
Public-key Cryptography Theory and Practice Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Chapter 5: Cryptographic Algorithms Common Encryption Algorithms RSA
More informationMA/CSSE 473 Day 9. The algorithm (modified) N 1
MA/CSSE 473 Day 9 Primality Testing Encryption Intro The algorithm (modified) To test N for primality Pick positive integers a 1, a 2,, a k < N at random For each a i, check for a N 1 i 1 (mod N) Use the
More informationProbability Paradoxes
Probability Paradoxes Washington University Math Circle February 20, 2011 1 Introduction We re all familiar with the idea of probability, even if we haven t studied it. That is what makes probability so
More informationImplementation and Performance Testing of the SQUASH RFID Authentication Protocol
Implementation and Performance Testing of the SQUASH RFID Authentication Protocol Philip Koshy, Justin Valentin and Xiaowen Zhang * Department of Computer Science College of n Island n Island, New York,
More informationTeams. Against. Humanity
Teams Against Humanity An office game that s only more work appropriate than the original if you want it to be INSTRUCTIONS Solo Players (less than 12 players) OVERVIEW At the beginning of each round,
More informationEnhanced Efficient Halftoning Technique used in Embedded Extended Visual Cryptography Strategy for Effective Processing
Enhanced Efficient Halftoning Technique used in Embedded Extended Visual Cryptography Strategy for Effective Processing M.Desiha Department of Computer Science and Engineering, Jansons Institute of Technology
More information