Provable Security
9th International Conference, ProvSec 2015, Kanazawa, Japan, November 24-26, 2015, Proceedings
Published on 27. November 2015
XIX, 504 pages
978-3-319-26059-4 (ISBN)
Description
This book constitutes the refereed proceedings of the 9th International Conference on Provable Security, ProvSec 2015, held in Kanazawa, Japan, in November 2015.
The 19 full papers and 7 short papers presented together with 3 invited talks were carefully reviewed and selected from 60 submissions. The papers are grouped in topical sections on fundamental, protocol, authenticated encryption and key exchange, encryption and identification, privacy and cloud, leakage-resilient cryptography and lattice cryptography, signature and broadcast encryption.
More details
Series
Edition
1st ed. 2015
Language
English
Place of publication
Cham
Switzerland
Publishing group
Springer International Publishing
Product notice
Reflowable
Illustrations
XIX, 504 p. 65 illus. in color.
File size
14,79 MB
ISBN-13
978-3-319-26059-4 (9783319260594)
DOI
10.1007/978-3-319-26059-4
Schweitzer Classification
Other editions
Additional editions
Man-Ho Au | Atsuko Miyaji
Provable Security
9th International Conference, ProvSec 2015, Kanazawa, Japan, November 24-26, 2015, Proceedings
Book
11/2015
Springer
€53.49
Shipment within 10-15 days
Content
- Intro
- Preface
- Provsec 2015 The 9th International Conference on Provable Security
- Invited Talks
- Advances in Authenticated Encryption
- New Advances in Secure RAM Computation
- On Privacy for RFID
- Contents
- Invited Paper
- On Privacy for RFID
- 1 Introduction
- 2 The V07 Model and the OV12 Extension
- 3 The HPVP11 Model
- 4 Strong Privacy in Distance Bounding
- 5 Conclusion
- References
- Fundamental
- From Stateful Hardware to Resettable Hardware Using Symmetric Assumptions
- 1 Introduction
- 1.1 Our Contribution
- 1.2 Efficiency
- 1.3 Further Related Work
- 2 Preliminaries
- 2.1 The UC-Framework
- 2.2 Signature Schemes
- 2.3 Commitment Schemes
- 2.4 Resettably-Sound Zero-Knowledge Arguments of Knowledge
- 2.5 Sig-Com Schemes
- 3 Ideal Functionalities
- 4 Compiler
- 4.1 Protocol Using Resettably-Sound Zero-Knowledge
- 4.2 Protocol Using UC-Secure Seed-OTs
- 5 Optimizations
- 6 Implications
- References
- Constrained Verifiable Random Functions from Indistinguishability Obfuscation
- 1 Introduction
- 2 Preliminaries
- 2.1 Indistinguishability Obfuscation
- 2.2 Puncturable PRFs
- 2.3 Commitment Schemes 19
- 3 Constrained Verifiable Random Functions
- 4 Generic Construction of Constrained VRFs
- 5 Conclusion
- References
- An Improved Attack for Recovering Noisy RSA Secret Keys and Its Countermeasure
- 1 Introduction
- 1.1 Background
- 1.2 Our Contributions
- 2 Preliminaries
- 2.1 Notation
- 2.2 HS Algorithm -- Recovering RSA Secret Keys by Using Binary Trees--
- 2.3 HMM Algorithm and KSI Algorithm
- 2.4 Reviews for Probability Theory and Information Theory
- 3 Improving the KSI Bound by Chernoff--Hoeffding Bound
- 3.1 The KSI Algorithm
- 3.2 Improved Bounds for Erasure and Error Case
- 4 Practical Countermeasure Against Secret-Key Extraction Attack
- 4.1 Attack Model
- 4.2 Simple (but Ineffective) Countermeasures
- 4.3 Our Countermeasure
- 4.4 Analyses Against Two Types of Adversaries
- 4.5 Information-Theoretic View of our Countermeasure
- 5 Provable Bound for Asymmetric Errors
- A Hamming Distance Between Two Sequences with Erasures
- B Relation Between the Hoeffding Bound and the Chernoff--Hoeffding Bound
- C Another Parameter Choices
- C.1 How to Choose Analytically
- C.2 More Extension
- References
- Protocol
- Augmented Secure Channels and the Goal of the TLS 1.3 Record Layer
- 1 Introduction
- 2 Preliminaries
- 3 Revisiting the Functionality and Modeling of Communication Channels
- 3.1 Existing Formalizations
- 3.2 What Service Should a Secure Channel Provide?
- 4 Constructing an Augmented Secure Channel via Authenticated Encryption
- 4.1 Assumed Resources
- 4.2 Protocol
- 4.3 The Construction Notion
- 4.4 Proof of the Construction
- 5 The Goal of the TLS 1.3 Record Layer
- 5.1 Formalizing the Goal of TLS Record Payload Protection
- 5.2 Achieving the Goal
- 5.3 Using the Protocol in TLS 1.3
- References
- Sound Proof of Proximity of Knowledge
- 1 Introduction
- 2 Model and Definitions
- 2.1 Computational, Communication, and Adversarial Models
- 2.2 PoPoK: Proofs of Proximity of Knowledge
- 3 ProProx: A PoPoK Scheme
- 3.1 Building Blocks
- 3.2 The ProProx Protocol
- 3.3 Analysis
- 3.4 Simplification in the Noiseless Communications Case
- 3.5 Concrete Parameters
- 4 Conclusion
- References
- Multi-party Computation with Small Shuffle Complexity Using Regular Polygon Cards
- 1 Introduction
- 1.1 Background
- 1.2 Our Contribution
- 1.3 Related Works
- 2 Our New Cards and Model of Protocols
- 2.1 Regular Polygon Cards
- 2.2 Operations
- 2.3 Model
- 3 Efficient Protocols Using Regular Polygon Cards
- 3.1 Addition, Subtraction, and Copy Protocols
- 3.2 Protocol for Multiplication by a Constant
- 4 Efficient Protocols Using Oblivious Conversion
- 5 Efficient Voting Protocol for Multiple Candidates
- References
- Authenticated Encryption and Key Exchange
- Forward-Secure Authenticated Symmetric Key Exchange Protocol: New Security Model and Secure Construction
- 1 Introduction
- 1.1 Our Contributions
- 2 Preliminaries
- 2.1 Notations
- 2.2 Some Standard Definitions
- 2.3 Complexity Assumption
- 3 Our Security Model
- 3.1 Session
- 3.2 Adversary
- 3.3 Few Important Definitions
- 4 Symmetric Key Exchange Protocol Resilient to Fully Active (FA) Adversaries
- 4.1 Intuition Behind our Construction
- 4.2 Protocol : A Three-Pass Protocol Secure Against FA Adversaries
- 4.3 Need for Disallowing LTK_Reveal Query in the Test Session for the Current Epoch
- 4.4 Security Proof of
- 5 Conclusion and Future Work
- References
- Full PRF-Secure Message Authentication Code Based on Tweakable Block Cipher
- 1 Introduction
- 2 Notations and Security Definitions
- 3 Simple Construction: 3-Key MAC from Tweakable Block Cipher
- 3.1 Specification of PMAC_TBC3k
- 3.2 PRF-Security
- 3.3 Proof of Theorem 1
- 3.4 Remark
- 4 Full PRF-Secure, Single-Key MAC from Tweakable Block Cipher
- 4.1 Specification of PMAC_TBC1k
- 4.2 PRF-Security
- 4.3 Proof of Theorem 2
- A Analysis of the XOR of Two Random Permutations P"0365Ptw1 and P"0365Ptw2
- References
- Efficient Key Authentication Service for Secure End-to-End Communications
- 1 Introduction
- 1.1 Related Work
- 1.2 Model
- 1.3 Overview
- 2 Key Authentication Service
- 2.1 Preliminaries
- 2.2 Key Authentication Service Scheme
- 2.3 Security Definitions of the Key Authentication Service
- 3 Construction
- 3.1 Description of the Operations
- 4 Analysis
- 4.1 KAS Security Proof
- 4.2 Asymptotic Comparison to Previous Work
- 4.3 Performance Analysis
- References
- PPAE: Practical Parazoa Authenticated Encryption Family
- 1 Introduction
- 2 Preliminaries
- 2.1 Notations
- 2.2 Authenticated Encryption - AE
- 2.3 Security Notion for AE
- 3 Parazoa Family
- 3.1 Compression Function f
- 3.2 Extraction Function g
- 3.3 Finalization Function fin
- 3.4 Padding Function pad
- 3.5 Indifferentiability of Parazoa Functions
- 4 Practical Parazoa Hash - PPH
- 4.1 Compression Function fp
- 4.2 Extraction Function gp
- 4.3 Indifferentiability Bound of PPH
- 5 Practical Parazoa Authenticated Encryption Family (PPAE)
- 5.1 Description
- 6 PPAE Security
- 6.1 PPAE: Privacy
- 6.2 PPAE: Authenticity
- 7 Examples
- 7.1 Keyak
- 8 Conclusion
- References
- Encryption and Identification
- Lightweight Anonymous Authentication for Ad Hoc Group: A Ring Signature Approach
- 1 Introduction
- 1.1 Our Contributions
- 2 Definitions
- 2.1 Complexity Assumption
- 2.2 Security Model
- 3 The Proposed Scheme
- 3.1 Construction
- 3.2 Security Analysis
- 4 Efficiency Analysis
- 4.1 Comparison of Existing Ring Signatures
- 4.2 Running Time
- 5 Conclusion
- References
- Reset-Secure Identity-Based Identification Schemes Without Pairings
- 1 Introduction
- 1.1 Motivations
- 1.2 Related Work
- 1.3 Contributions
- 2 Preliminaries
- 2.1 Discrete Logarithm Assumption
- 2.2 One-More Discrete Logarithm Assumption
- 2.3 (Reset-Secure) Identity-Based Identification Schemes
- 2.4 The Pedersen Trapdoor Commitment Scheme
- 2.5 Pseudorandom Functions
- 2.6 Collision-Resistant Hash Function
- 3 Construction of the Schnorr-RS-IBI Scheme
- 4 Security Analysis for Schnorr-RS-IBI
- 5 Construction of the Twin-Schnorr-RS-IBI Scheme
- 6 Security Analysis for Twin-Schnorr-RS-IBI
- 7 Efficiency Analysis
- 8 Extension to Concurrent-Reset-2 Security
- A Choices of H2 (and H3)
- A.1 Collision-Resistant Hash H2 (and H3)
- A.2 Pseudorandom Functions (PRFs)
- References
- Attribute-Based Encryption for Finite Automata from LWE
- 1 Introduction
- 1.1 Our Results
- 1.2 Related Work
- 2 Preliminaries
- 2.1 An Overview of Deterministic Finite Automata
- 2.2 Definitions of ABE System for DFAs
- 3 Lattices
- 3.1 Integer Lattices
- 3.2 Trapdoors of Lattices and Discrete Gaussians
- 3.3 The LWE Hardness Assumption
- 4 Attribute-Based Encryption for DFAs
- 4.1 Construction
- 4.2 Proof of Security
- 5 Efficiency and Further Discussion
- 5.1 Efficiency
- 5.2 Discussion
- 6 Conclusion
- A Parameters and Correctness of Construction
- References
- Functional Signcryption: Notion, Construction, and Applications
- 1 Introduction
- 2 Preliminaries
- 2.1 Indistinguishability Obfuscation
- 2.2 Statistically Simulation-Sound Non-interactive Zero-Knowledge Proof of Knowledge
- 3 The Notion of Functional Signcryption
- 4 Our FSC Scheme
- 4.1 Construction
- 4.2 Security Analysis
- 5 Attribute-Based Signcryption (ABSC) for General Circuits from FSC
- 5.1 The Notion of ABSC for General Circuits
- 5.2 Our Key-Policy ABSC Scheme
- 6 Other Cryptographic Primitives from FSC
- 7 Conclusion
- References
- Privacy and Cloud
- BetterTimes
- 1 Introduction
- 1.1 Exploits for Proximity Protocols
- 2 Background
- 3 Arithmetic Formulas Through Assured Multiplication
- 3.1 Privacy-Assured Outsourced Multiplication
- 3.2 Privacy-Assured Arithmetic Formulas
- 4 Security Guarantees
- 5 Evaluation
- 6 Related Work
- 7 Conclusions
- A A Concrete Instantiation to Secure Hallgren et al.
- B Visualization of Privacy-Preserving Arithmetic Formula
- References
- Provably Secure Identity Based Provable Data Possession
- 1 Introduction
- 2 Models and Assumptions
- 2.1 System Model for ID-PDP
- 2.2 Security Model
- 3 A Generic Construction of ID-PDP
- 3.1 A Generic Construction
- 3.2 Soundness Proof
- 4 An Instantiation and Performance
- 4.1 Scheme Description
- 4.2 Correctness and Soundness
- 4.3 Probabilistic Checking
- 4.4 Evaluation
- 5 Conclusion
- References
- Efficient Private Set Intersection Cardinality in the Presence of Malicious Adversaries
- 1 Introduction
- 2 Preliminaries
- 2.1 Security Model
- 2.2 Homomorphic Encryption [5]
- 2.3 Bloom Filter [3]
- 2.4 Zero-Knowledge Proof of Knowledge [2]
- 3 Protocol
- 4 Security
- 5 Conclusion
- References
- A Formal Dynamic Verification of Choreographed Web Services Conversations
- 1 Introduction
- 2 Scenario and Motivation
- 3 Choreography Specification Language
- 3.1 Syntax of EPC
- 3.2 Semantics of EPC
- 4 Security Policy Specification Language
- 4.1 Syntax of L
- 4.2 Semantics of L
- 4.3 Satisfaction Notion
- 5 Secured End-Point Calculus
- 5.1 Syntax
- 5.2 Semantics
- 6 Related Work
- 7 Conclusion and Future Work
- References
- Efficient Unconditionally Secure Comparison and Privacy Preserving Machine Learning Classification Protocols
- 1 Introduction
- 1.1 Related Works
- 1.2 Our Contributions
- 2 Commodity Based Cryptography
- 3 Secure Distributed Comparison Protocol
- 4 Argmin and Argmax
- 5 Applications
- 5.1 Auctions
- 5.2 Private Machine Learning
- 6 Conclusion
- References
- Leakage-Resilient Cryptography and Lattice Cryptography
- Attribute-Based Encryption Resilient to Auxiliary Input
- 1 Introduction
- 2 Background
- 2.1 Hardness Assumptions
- 2.2 Access Structure and Linear Secret Sharing Scheme
- 3 Attribute Based Encryption with Auxiliary Inputs
- 3.1 Security Model of AI-CP-ABE
- 4 Construction of CP-ABE Resilient to Auxiliary Input Model
- 4.1 Preparation
- 4.2 Construction
- 4.3 Performance Comparison
- 5 Security Proof
- 6 KP-ABE Resilient to Auxiliary Input
- 7 Conclusions
- A Proofs of Three Modified Assumptions
- B Proofs of Lemma 1--4
- References
- On Provable Security of wPRF-Based Leakage-Resilient Stream Ciphers
- 1 Introduction
- 1.1 Leakage-Resilient Cryptography
- 1.2 Leakage-Resilient Stream Ciphers
- 1.3 Reductions Quality Issues
- 1.4 Problem and Results, Informally
- 1.5 Results and Techniques in Details
- 2 Preliminaries
- 2.1 Leakage Resilient Cryptography
- 2.2 Time-Success Ratio
- 3 Leakage-Resilient Stream Ciphers Design
- 3.1 The Very First Idea (FOCS'08)
- 3.2 A Construction Based on a wPRF (EUROCRYPT'09)
- 3.3 Saving Key Randomness (CSS'10, CHES'12)
- 3.4 Saving Public Randomness (CT-RSA'13)
- 4 Results
- 4.1 The Time-Success Ratio Under Reductions
- 4.2 The Time-Success Ratio Under Algebraic Transformations
- 4.3 Towards Fixing the Flaw in the Recent EUROCRYPT'09 Stream Cipher Analysis (TCC'13)
- 5 Survey of Security Bounds
- A Proof of Theorem 1
- B Proof of Theorem 2
- C Proof of Theorem 4
- D Proof of Theorem 5
- References
- Tighter Security for Efficient Lattice Cryptography via the Rényi Divergence of Optimized Orders
- 1 Introduction
- 2 Preliminaries
- 3 Tighter Analysis for Discrete Gaussian Sampling with Small Precomputed Tables
- 4 Tighter Analysis for LWE to k-LWE Reduction
- 5 Tighter Analysis for SIS to k-SIS Reduction
- A BLISS Signature Scheme
- B Proof of Lemma?? in Sect.??
- References
- Signature and Broadcast Encryption
- Black-Box Separations of Hash-and-Sign Signatures in the Non-Programmable Random Oracle Model
- 1 Introduction
- 1.1 Our Results
- 1.2 Other Related Work
- 2 Preliminaries
- 2.1 Cryptographic Problems
- 2.2 Digital Signature Scheme
- 2.3 Malleable Hash-and-Sign Signature
- 3 Security of Malleable Signature in the NPROM
- 4 Applications
- References
- Rethinking Privacy for Extended Sanitizable Signatures and a Black-Box Construction of Strongly Private Schemes
- 1 Introduction
- 1.1 Background on Sanitizable Signatures
- 1.2 Motivation for this Work
- 1.3 Contribution
- 2 Preliminaries and Notation
- 2.1 (Indistinguishable) Accumulators
- 3 Formalizing Extended Sanitizable Signatures
- 3.1 The Model
- 3.2 Security Properties
- 4 Rethinking Privacy for ESSS
- 4.1 Revisiting Unlinkability
- 4.2 A Strengthened Notion for Privacy
- 5 Black-Box Extension of Sanitizable Signatures
- 5.1 Obtaining Strong Privacy via a Black-Box Construction
- 6 Conclusion
- References
- Unique Signature with Short Output from CDH Assumption
- 1 Introduction
- 1.1 Contribution
- 2 Related Work
- 3 Definition
- 3.1 Unique Signature
- 3.2 Cryptographic Primitive
- 3.3 Hardness Assumption
- 4 Unique Signature Scheme
- 4.1 Construction
- 4.2 Efficiency
- 4.3 Applications
- 5 Security Proof
- 5.1 Strongly Existential Unfogeability
- 5.2 Malicious Signer Resistance
- 6 Conclusion
- References
- Constructions of Unconditionally Secure Broadcast Encryption from Key Predistribution Systems with Trade-Offs Between Communication and Storage
- 1 Introduction
- 2 Broadcast Encryption and Key Predistribution
- 2.1 One-Time Secure Broadcast Encryption Scheme
- 2.2 Key Predistribution System
- 2.3 Known Constructions of (N,)-One-Time Secure BES from KPS
- 3 Generic Construction of (N,
- )-One-Time Secure BES
- 3.1 Simple Construction from KPSs
- 3.2 Optimal Parameters for Minimal Keys
- 4 Concluding Remarks
- References
- Author Index
