Applied Cryptography and Network Security
18th International Conference, ACNS 2020, Rome, Italy, October 19-22, 2020, Proceedings, Part I
Published on 26. August 2020
XIX, 504 pages
978-3-030-57808-4 (ISBN)
Description
This two-volume set of LNCS 12146 and 12147 constitutes the refereed proceedings of the 18th International Conference on Applied Cryptography and Network Security, ACNS 2020, held in Rome, Italy, in October 2020. The conference was held virtually due to the COVID-19 pandemic.
The 46 revised full papers presented were carefully reviewed and selected from 214 submissions. The papers were organized in topical sections named: cryptographic protocols cryptographic primitives, attacks on cryptographic primitives, encryption and signature, blockchain and cryptocurrency, secure multi-party computation, post-quantum cryptography.
More details
Series
Edition
1st ed. 2020
Language
English
Place of publication
Cham
Switzerland
Publishing group
Springer International Publishing
Product notice
Reflowable
Illustrations
XIX, 504 p. 267 illus., 16 illus. in color.
File size
12,56 MB
ISBN-13
978-3-030-57808-4 (9783030578084)
DOI
10.1007/978-3-030-57808-4
Schweitzer Classification
Other editions
Additional editions
Mauro Conti | Jianying Zhou | Emiliano Casalicchio
Applied Cryptography and Network Security
18th International Conference, ACNS 2020, Rome, Italy, October 19-22, 2020, Proceedings, Part I
Book
08/2020
Springer
€85.59
Shipment within 7-9 days
Content
- Intro
- Preface
- Organization
- Contents - Part I
- Contents - Part II
- I Cryptographic Protocols
- Communication-Efficient Proactive Secret Sharing for Dynamic Groups with Dishonest Majorities
- 1 Introduction
- 2 Preliminaries
- 2.1 Mixed Adversaries
- 2.2 Security Properties
- 2.3 Definitions for Verifiable, Proactive, and Dynamic PSS
- 2.4 Homomorphic Commitments and VSS
- 2.5 Bivariate Polynomials
- 3 Batched PSS for a Static Group with a Dishonest Majority
- 3.1 The Issue with the Number of Shared Secrets
- 3.2 Batched Gradual Secret Sharing Against Mixed Adversaries
- 4 Efficient Batched PSS Using Bivariate Polynomials
- 4.1 The Share Protocol
- 4.2 The Recover Protocol
- 4.3 The Reconstruct Protocol
- 4.4 The Refresh Protocol
- References
- Random Walks and Concurrent Zero-Knowledge
- 1 Introduction
- 1.1 Our Contribution
- 1.2 Related Work
- 2 Preliminaries
- 2.1 Optimistic Concurrent Zero-Knowledge
- 2.2 Random Walks in One Dimension
- 2.3 Azuma's Inequality
- 2.4 Canonical Protocol and Slots
- 3 Modeling the Network
- 3.1 Optimal Termination and the 1-Slot Model
- 4 Random Walks with Reflection at the Origin
- 4.1 Concentration Bounds for Positive Movements
- 5 Analysis of Rosen-Shelat Protocol
- 5.1 Bounding Optimal Sessions
- 5.2 Markov Chain Approach
- 6 Our Protocol and Simulator
- 6.1 Bounding Optimal Sessions for Our Protocol
- 7 Experimental Simulations
- References
- Secure and Efficient Delegation of Elliptic-Curve Pairing
- 1 Introduction
- 2 Notations and Definitions
- 2.1 Pairings
- 2.2 Delegation Protocols: Definitions
- 3 Delegating Pairings with One Offline Input
- 3.1 Protocol Scenario: (A Public Online, B Public Offline)
- 3.2 Protocol Scenario: (A Private Online, B Public Offline)
- 3.3 Protocol Scenario: (A Private Online, B Private Offline)
- 4 Delegating Pairings with Online Inputs
- 5 Conclusions
- References
- I Cryptographic Primitives
- Tweaking Key-Alternating Feistel Block Ciphers
- 1 Introduction
- 2 Preliminaries
- 2.1 Notation and General Definitions
- 2.2 Security Definitions
- 2.3 H-Coefficient Technique
- 3 Approach Overview
- 4 Birthday-Bound Security for Four Rounds
- 5 Beyond-Birthday-Bound Security for Ten Rounds
- 6 Conclusion and Open Discussions
- References
- Lesamnta-LW Revisited: Improved Security Analysis of Primitive and New PRF Mode
- 1 Introduction
- 2 Searching for Truncated Differentials with MILP
- 3 Security Analysis of Lesamnta-LW-BC
- 3.1 Improved Bounds of the Number of Active S-boxes
- 3.2 Security Analysis of Shuffle Operation
- 4 New PRF Mode Based on Lesamnta-LW-BC
- 4.1 Description of Mode
- 4.2 Security in the Standard Model
- 4.3 Security in the Ideal Model
- 5 Discussion and Conclusion
- 5.1 Related-Key Security of Lesamnta-LW-BC
- 5.2 Insecurity of Similar Constructions as Our Mode
- 5.3 Concluding Remarks
- References
- Efficient AGCD-Based Homomorphic Encryption for Matrix and Vector Arithmetic
- 1 Introduction
- 1.1 Approximate-GCD Problem and Variants
- 1.2 Our Scheme
- 1.3 Optimizations, Implementation and Applications
- 2 Preliminaries
- 2.1 Related Work
- 2.2 Approximate GCD and Related Distributions
- 3 Our Scheme
- 3.1 Making BBL17 Practical
- 3.2 The Procedures
- 3.3 Correctness of Decryption
- 3.4 Homomorphic Properties
- 3.5 Analysis of the Accumulated Error
- 4 Security Analysis
- 4.1 Hardness of Approximate GCD Implies Semantic Security
- 4.2 Distribution of the Noise Term of Randomized AGCD
- 4.3 Practical Security Estimate
- 5 Choosing the Parameters
- 6 Implementation, Performance, and Applications
- 6.1 General Performance
- 6.2 Nondeterministic Finite-State Automaton Evaluation
- 6.3 Naïve Bayes Classification
- 7 Conclusion
- References
- Trapdoor Delegation and HIBE from Middle-Product LWE in Standard Model
- 1 Introduction
- 2 Preliminaries
- 2.1 IBE and HIBE: Syntax and Security
- 2.2 Lattices and Gaussian Distributions
- 2.3 Degree-Parametrized Middle-Product Learning with Errors
- 2.4 Lattice Trapdoor Generation for DMPLWE
- 3 Trapdoor Delegation for Polynomials
- 3.1 Description
- 3.2 Elementary Trapdoor Delegation
- 3.3 SampleTrap
- 4 DMPLWE-based HIBE in Standard Model
- 4.1 Construction
- 4.2 Correctness and Parameters
- 4.3 Security Analysis
- 5 Conclusions
- References
- I Attacks on Cryptographic Primitives
- Rotational Cryptanalysis on MAC Algorithm Chaskey
- 1 Introduction
- 2 Preliminaries and Related Work
- 2.1 Even-Mansour Ciphers
- 2.2 Markov Ciphers and Differential Cryptanalysis
- 2.3 Attack Settings
- 3 Rotational Cryptanalysis and Generalized Markov Ciphers
- 3.1 Markov Theory and Rotational Cryptanalysis
- 3.2 Rotational Attack
- 4 The MAC Algorithm Chaskey
- 4.1 Chaskey
- 4.2 Markov Theory and Chaskey
- 4.3 Previous Attacks on Chaskey
- 5 Application to Chaskey
- 5.1 Calculating the Rotational Probability
- 5.2 Attack Scenarios
- 6 Conclusions and Future Work
- References
- How Not to Create an Isogeny-Based PAKE
- 1 Introduction
- 2 Preliminaries
- 2.1 Isogeny-Based Cryptography
- 2.2 SIDH
- 2.3 CSIDH
- 3 Attacks on (C)SIDH-EKE
- 3.1 (C)SIDH-EKE
- 3.2 Offline Dictionary Attacks on SIDH-EKE
- 3.3 Offline Dictionary Attacks on CSIDH-EKE
- 3.4 Man-in-the-middle Attack on Modified CSIDH-EKE
- 3.5 On EKE Security
- 4 Other DH Variants
- 4.1 DH-SPEKE and Dragonfly
- 4.2 DH-PAK and DH-JPAKE
- 5 Auxiliary Point Obfuscation for SIDH
- 6 Conclusion
- References
- ACE in Chains: How Risky Is CBC Encryption of Binary Executable Files?
- 1 Introduction
- 1.1 Our Contributions
- 1.2 Responsible Disclosure
- 2 Background
- 2.1 CBC Mode and Malleability
- 2.2 Executable File Basis
- 3 Our Attack
- 3.1 Attack Conditions
- 3.2 Linux
- 3.3 Windows
- 4 Proof of Concept
- 4.1 Linux
- 4.2 Windows
- 5 Practicality
- 5.1 OpenSSL
- 5.2 File Encryption Software
- 5.3 Storage Encryption
- 6 Mitigation
- 7 Discussion and Future Work
- References
- Classical Misuse Attacks on NIST Round 2 PQC
- 1 Introduction
- 2 Notation
- 3 Plaintext-Checking Attack
- 4 LAC
- 4.1 LAC-CPA
- 4.2 KR-PCA
- 4.3 Remarks and Results
- 5 CRYSTALS-Kyber
- 5.1 Kyber-CPA
- 5.2 KR-PCA
- 5.3 Efficiency and Implementation
- 6 SABER
- 6.1 SABER-CPA
- 6.2 KR-PCA
- 6.3 Efficiency and Implementation
- 7 RQC
- 7.1 Rank-Based Cryptography
- 7.2 RQC Scheme
- 7.3 KR-PCA
- 7.4 Hardness of Learning in the Rank Metric
- 8 Conclusion
- References
- I Encryption and Signature
- Offline Witness Encryption with Semi-adaptive Security
- 1 Introduction
- 1.1 Our Contributions
- 1.2 Our Approach
- 1.3 Application of Semi-adaptive Offline Witness Encryption
- 1.4 Open Problems
- 1.5 Related Work
- 2 Preliminaries
- 2.1 Notations and Conventions
- 2.2 Offline Witness Encryption
- 2.3 Obfuscation
- 2.4 Puncturable Tag-Based Encryption
- 3 Offline Witness Encryption Construction
- 4 Realising Our Scheme
- 4.1 Kiltz' Tag Based Encryption Scheme
- 5 Extractable Offline Witness Encryption
- 5.1 Construction
- 6 Conclusions
- References
- Efficient Anonymous Multi-group Broadcast Encryption
- 1 Introduction
- 1.1 Issues Regarding Previous Schemes
- 1.2 Our Contributions
- 2 Related Work
- 3 Preliminaries
- 3.1 Bilinear Map
- 3.2 P-Decisional Bilinear Diffie-Hellman (P-DBDH) ch13Ducas10,ch13KHPP16
- 3.3 External Diffie-Hellman (XDH) ch13PL11,ch13Water09
- 4 Syntax and Security Definitions for Anonymous Multi-group Broadcast Encryption
- 5 Proposed Anonymous Multi-group Broadcast Encryption
- 5.1 Anonymous Multi-group Broadcast Encryption Scheme
- 5.2 Proof of Security
- 6 Performance Analysis and Comparison
- 6.1 Performance Analysis
- 6.2 Comparison
- 7 Conclusion
- References
- Improving the Efficiency of Re-randomizable and Replayable CCA Secure Public Key Encryption
- 1 Introduction
- 2 Preliminaries
- 3 Re-randomizable and Replayable CCA Secure Public Key Encryption
- 4 Our Rand-RCCA PKE Scheme
- 4.1 Proof of Theorem1 (RCCA Security)
- 5 PP04 Encryption Scheme Is Not Rand-RCCA
- References
- New Methods and Abstractions for RSA-Based Forward Secure Signatures
- 1 Introduction
- 1.1 Further Related Work Discussion
- 2 Definitions
- 3 Number Theoretic Assumptions
- 4 RSA Sequencers
- 5 Our Sequencer Construction
- 5.1 The SeqProgram Algorithm
- 6 An Efficient Scheme in the Random Oracle Model
- 6.1 Construction
- 7 Streamlined Signatures in the Standard Model
- 7.1 Construction
- 8 Performance Evaluation
- 8.1 Some Comparisons and Conclusions
- References
- I Blockchain and Cryptocurrency
- Minting Mechanism for Proof of Stake Blockchains
- 1 Introduction
- 1.1 Our Contributions
- 1.2 Technical Overview
- 1.3 Related Work
- 2 Preliminaries
- 2.1 Rational Security
- 2.2 A Primer on Auction Theory
- 2.3 Waiting-Time Auction
- 3 Minting Mechanisms and Analysis
- 4 Our Minting Protocol
- 4.1 Minting Protocol Description and Analysis
- 4.2 Discussion on Different Adversarial Behaviours
- 5 Implementation
- 5.1 Benchmarking
- References
- Timed Signatures and Zero-Knowledge Proofs-Timestamping in the Blockchain Era-
- 1 Introduction
- 2 The Model
- 3 Weak Block Unpredictability (WBU)
- 4 The (Weak) Beacon Functionality and Construction
- 5 Timed Signatures (TSign)
- References
- I Secure Multi-party Computation
- An Efficient Secure Division Protocol Using Approximate Multi-bit Product and New Constant-Round Building Blocks
- 1 Introduction
- 1.1 Our Contribution
- 2 Preliminaries and Settings
- 2.1 Notations
- 2.2 Secret Sharing
- 2.3 Adversary Model
- 2.4 Building Blocks
- 3 Construction of Division Protocol
- 3.1 Goldschmidt's Method
- 3.2 Approximate Multi-bit Product - MultBit protocol
- 3.3 Multi-fan-in MultBit protocol
- 3.4 Goldschmidt's Method Using Multi-fan-in MultBit
- 3.5 Error Analysis
- 3.6 Correction of Rounding Errors - ErrorCorrect
- 3.7 Summary of Division protocol
- 3.8 Division for Fixed Point Numbers
- 4 Constant-Round Building Blocks
- 4.1 List of Subprotocols
- 4.2 Pow
- 4.3 Equal_one
- 4.4 assump_Overflow
- 4.5 Overflow
- 4.6 Comparison with Related Works
- 5 Evaluations of Efficiency
- 5.1 Round Complexity
- 5.2 Data Transfer and Execution Time
- 5.3 Comparison with Related Works
- 6 Future Work
- References
- Improved Building Blocks for Secure Multi-party Computation Based on Secret Sharing with Honest Majority
- 1 Introduction
- 2 Related Work
- 3 Preliminaries
- 4 Array Access at a Private Location
- 4.1 General Construction
- 4.2 Custom Three-Party Construction
- 5 Multiplication
- 5.1 Linear-Communication Multiplication
- 5.2 Alternative Multiplication
- 6 Performance Evaluation
- 7 Conclusions
- References
- A Practical Approach to the Secure Computation of the Moore-Penrose Pseudoinverse over the Rationals
- 1 Introduction
- 1.1 Related Work
- 2 Preliminaries
- 3 Block-Recursive Elimination
- 3.1 Correctness Analysis
- 3.2 Complexity Analysis
- 4 Computing the Moore-Penrose Pseudoinverse
- 4.1 Computing the Common Denominator
- 4.2 Bound on the Modulus
- 4.3 Symmetric Preconditioning
- 4.4 Construction
- 4.5 Complexity Analysis
- References
- I Post-Quantum Cryptography
- Saber on ESP32
- 1 Introduction
- 2 Background
- 2.1 Notation
- 2.2 Saber
- 2.3 Polynomial Multiplication
- 2.4 Platform
- 3 Kronecker Substitution
- 3.1 KS1 and KS2
- 3.2 Utilizing the Big Integer Coprocessor
- 4 Implementation
- 4.1 Polynomial Multiplication Using Kronecker Substitution
- 4.2 Random Generation
- 4.3 Using CPU Idle Time
- 4.4 Dual Core Acceleration
- 4.5 Generation of the Matrix A
- 5 Results
- 5.1 Implementation Performance
- 5.2 Comparison with Related Work
- 6 Conclusion
- References
- The Lattice-Based Digital Signature Scheme qTESLA
- 1 Introduction
- 2 Preliminaries
- 2.1 Notation
- 3 The Signature Scheme qTESLA
- 3.1 Parameter Description
- 4 Security and Instantiations of qTESLA
- 4.1 Provable Security in the QROM
- 4.2 qTESLA's Security and the R-LWE Hardness
- 4.3 Hardness Estimation of Our Instances
- 4.4 Parameter Sets
- 5 Implementation and Performance Evaluation
- 5.1 Portable C Implementation
- 5.2 AVX2 Optimizations
- 5.3 Performance on x64
- 5.4 Comparison
- References
- Secure Two-Party Computation in a Quantum World
- 1 Introduction
- 2 Preliminaries
- 2.1 Notation
- 2.2 Encryption
- 2.3 Oblivious Transfer
- 2.4 Description of Yao's Protocol
- 3 Post-Quantum Secure Oblivious Transfer
- 3.1 Post-Quantum Secure OT from AHE
- 3.2 Post-Quantum Secure Oblivious Transfer Extension
- 4 Implementation and Performance Evaluation
- 4.1 Post-Quantum Yao Implementation and Performance
- 4.2 Post-Quantum OT Implementation and Performance
- 5 Post-Quantum Security of Yao's Garbled Circuits
- References
- Further Optimizations of CSIDH: A Systematic Approach to Efficient Strategies, Permutations, and Bound Vectors
- 1 Introduction
- 2 Preliminaries
- 2.1 General Framework for Optimization
- 2.2 Mitigating Leakage Under Arbitrary Strategies
- 2.3 Two-Point Method and Parallelization
- 2.4 Splitting Isogenies into Multiple Batches (SIMBA)
- 2.5 General Algorithm
- 3 Optimization Methods
- 3.1 Optimizing the Strategies
- 3.2 Optimizing the Permutations
- 3.3 Optimizing the Bound Vector
- 3.4 The Complete Optimization Methodology
- 4 Implementation
- 5 Conclusions
- References
- Author Index
