Security and Cryptography for Networks
14th International Conference, SCN 2024, Amalfi, Italy, September 11-13, 2024, Proceedings, Part II
Published on 9. September 2024
XX, 362 pages
978-3-031-71073-5 (ISBN)
Description
The two-volume set LNCS 14973 and 14974 constitutes the proceedings of the 14th International Conference on Security and Cryptography for Networks, SCN 2024, which took place in Amalfai, Italy, during September 11-13, 2024.
The 33 full papers included in the proceedings were carefully reviewed and selected from 90 submissions. They were organized in topical sections as follows:
Part I: Zero Knowledge; foundations; protocols; voting systems;
Part II: Homomorphic encryption; symmetric key encryption; cryptanalysis; key management; blockchains.
More details
Series
Language
English
Place of publication
Cham
Switzerland
Publishing group
Springer International Publishing
Target group
Professional and scholarly
Product notice
Reflowable
Illustrations
XX, 362 p. 73 illus., 28 illus. in color.
File size
12,04 MB
ISBN-13
978-3-031-71073-5 (9783031710735)
DOI
10.1007/978-3-031-71073-5
Schweitzer Classification
Other editions
Additional editions
Clemente Galdi | Duong Hieu Phan
Security and Cryptography for Networks
14th International Conference, SCN 2024, Amalfi, Italy, September 11-13, 2024, Proceedings, Part II
Book
09/2024
Springer
€80.24
Shipment within 15-20 days
Content
- Intro
- Preface
- Organization
- Invited Speakers
- Random Number Generation and Extraction
- Lattice-Based Cryptography, the Picture Way
- Contents - Part II
- Contents - Part I
- Homomorphic Encryption
- Faster Private Decision Tree Evaluation for Batched Input from Homomorphic Encryption
- 1 Introduction
- 1.1 Related Work
- 2 Preliminaries
- 2.1 Notation
- 2.2 Decision Trees
- 2.3 Levelled Homomorphic Encryption
- 2.4 PDTE and Tree Traversal
- 2.5 Oblivious Binary Codes Comparison
- 3 Batched Ciphertext-Plaintext Comparisons
- 3.1 Batched Ciphertext-Plaintext RCC Comparator
- 3.2 Batched Ciphertext-Plaintext Constant-Weight Piece-Wise Comparator
- 3.3 Benchmarking Batched Ciphertext-Plaintext Comparisons
- 4 Tree Traversal Methods
- 4.1 Our Adapted `3´9`42`"?613A``45`47`"603ASumPath Method
- 5 Batched Private Decision Tree Evaluation
- 5.1 Security Model
- 5.2 Protocol
- 5.3 Implementation and Performance
- 6 Conclusion
- A Tree Truncation
- B Performance Comparison Between Different Batch Sizes
- References
- An Improved Threshold Homomorphic Cryptosystem Based on Class Groups
- 1 Introduction
- 1.1 Technical Overview
- 2 Preliminaries
- 3 Secret Sharing and Commitments over the Integers
- 3.1 Weak Feldman VSS
- 3.2 Pedersen Commitments for the CL Framework
- 3.3 Pedersen VSS
- 4 Zero-Knowledge for Unknown Order Groups
- 4.1 Using the Rough-Order Assumption
- 4.2 Batched Zero-Knowledge Arguments
- 5 The Linearly Homomorphic Encryption Scheme
- 6 Protocol with Static Security
- 7 Protocol with Adaptive Security
- 8 Evaluation
- References
- Attribute-Based Keyed Fully Homomorphic Encryption
- 1 Introduction
- 2 Generic Construction of KFHE
- 2.1 Definition of KFHE
- 2.2 Construction
- 2.3 Security
- 3 Attribute-Based Keyed Fully Homomorphic Encryption
- 4 Generic Construction of ABKFHE
- 4.1 Delegatable ABE
- 4.2 Construction
- 4.3 Security
- 5 Conclusion
- References
- Symmetric Key Encryption
- Mystrium: Wide Block Encryption Efficient on Entry-Level Processors
- 1 Introduction
- 2 Notations and Preliminaries
- 3 The Public Permutation G512[r]
- 4 Avalanche Tests of G512[r]
- 5 Multimix
- 5.1 Injective Input Encoding
- 5.2 Mask Derivation
- 5.3 Specification of Multimix
- 6 The Deck Function Xymmer
- 6.1 Informal Description and Design Rationale for Xymmer
- 6.2 Specification of Xymmer
- 6.3 Security Claim
- 7 Security Analysis of Xymmer
- 7.1 Guessing q(0), Achieving Collision at q(0) for Independent Masks
- 7.2 Exploiting Dependency in Mask Derivation
- 7.3 Recovering Internal State q(i) from Output Blocks
- 7.4 Cryptanalytic Attacks Involving Input and Output to Xymmer
- 8 The Tweakable Wide Block Cipher Mystrium
- 8.1 Security Claim
- 9 Implementation and Benchmarks
- 10 Conclusion
- A Algorithms
- B Explanation of the Patterns in Fig.2
- C Recovering State q(i) from a Single Output Block
- D Propagation of Modular Difference Through G512[6]
- E Double Decker Construction
- References
- Instantiating the Hash-Then-Evaluate Paradigm: Strengthening PRFs, PCFs, and OPRFs
- 1 Introduction
- 1.1 Contributions
- 2 Instantiating Hash-Then-Evaluate PRFs
- 2.1 Pseudorandom-Input PRF (PI-PRF)
- 2.2 From PI-PRF to sPRF
- 3 Instantiating Hash-Then-Evaluate in the Distributed Setting: OPRFs and PCFs
- 3.1 Oblivious PRFs (OPRFs)
- 3.2 Pseudorandom Correlation Functions (PCFs)
- 4 Candidate PI-PRFs and PI-PCFs
- 4.1 Pseudorandom-Input PRF Candidates
- 4.2 Implications for Existing PCFs
- References
- OAE-RUP: A Strong Online AEAD Security Notion and Its Application to SAEF
- 1 Introduction
- 2 Preliminaries
- 2.1 Syntax of AEAD Under RUP Setting
- 2.2 Security Definitions Under RUP Setting
- 2.3 Forkcipher
- 2.4 Coefficients H Technique
- 3 SAEF and Its OAE-RUP Security
- 4 Proof of Theorem 1
- 4.1 Integrity Analysis
- 4.2 Confidentiality Analysis
- 5 Conclusion
- A Table1: Full Details
- A.1 Results in Table1
- References
- Indifferentiability of 3-Round Confusion-Diffusion Networks
- 1 Introduction
- 1.1 Our Contribution
- 2 Preliminaries
- 2.1 Security Notions
- 2.2 H-Coefficient Technique
- 3 Main Result
- 3.1 The Simulator
- 4 Proof Sketch
- 5 Conclusion
- References
- Cryptanalysis
- Cryptanalysis of EagleSign
- 1 Introduction
- 2 Preliminaries
- 2.1 Notation
- 2.2 The EagleSign-V1 Signature Scheme
- 2.3 The EagleSign-V2 Signature Scheme
- 3 A Known-Message Attack on EagleSign-V1
- 4 Private Key Recovery with Fewer Signatures
- 5 A Known-Message Attack on EagleSign-V2
- 6 Conclusion
- References
- A New Algorithm for Computing Branch Number of Non-Singular Matrices Over Finite Fields
- 1 Introduction
- 2 Preliminaries
- 3 The New Algorithm for Computation of Branch Number
- 3.1 Description of the Proposed Algorithm
- 4 Complexity Analysis
- 4.1 A Special Type of Non-Singular Matrices
- 5 Conclusion
- References
- Impossible Differential Cryptanalysis of the Raindrop Block Cipher
- 1 Introduction
- 2 Preliminaries
- 2.1 Notation
- 2.2 The Raindrop Block Cipher
- 3 An Equivalent of Raindrop with Two Rounds Less
- 4 Impossible Differential Attacks on 19-Round Raindrop128-128 and 21-Round Raindrop128-256
- 4.1 12-Round Impossible Differentials of Raindrop128
- 4.2 Attacking 19-Round Raindrop128-128
- 4.3 Attacking 21-Round Raindrop128-256
- 5 Impossible Differential Attack on 20-Round Raindrop256
- 6 Conclusion
- References
- LaPSuS-A Lattice-Based Private Stream Aggregation Scheme Under Scrutiny
- 1 Introduction
- 2 Preliminaries
- 2.1 Notations
- 2.2 Private Stream Aggregation
- 2.3 On Labels, Encrypt-Once and Inherent Leakage
- 3 Attack on the LaPS Scheme
- 3.1 The LaPS Scheme
- 3.2 Flaw: Treating Encryption Queries as Corruption Queries
- 3.3 First Attack: Decrypting Messages
- 3.4 Second Attack: Getting the Secret Key
- 4 Another Flaw in AO Security Proofs: Answer to the Challenge Query
- 5 On Real-or-Random Security Notions for Aggregator Obliviousness
- 6 Conclusion
- References
- Key Management
- Security Model for Authenticated Key Exchange, Reconsidered
- 1 Introduction
- 1.1 Background
- 1.2 Our Contributions
- 2 Preliminaries
- 2.1 Notations
- 2.2 Cryptographic Primitives
- 2.3 Authenticated Key Exchange
- 3 Recap Conventional Security Definitions for AKE
- 3.1 Execution Environment
- 3.2 Security Game
- 3.3 Freshness: Defining Trivial Attacks
- 3.4 Shortcomings of Conventional Security Definitions
- 4 New Security Definition for AKE
- 4.1 New Partnering Based on Round Identifiers
- 4.2 New Freshness Based on Miscommunicator
- 4.3 Our Security Definition
- 5 Relationship Between New and Conventional Definitions
- 5.1 Relationship Between New Partnering and Existing Ones
- 5.2 Relationship Between Old and New Freshness Predicates
- 6 Analysis of Existing AKE Schemes
- 7 Conclusion
- References
- Universally Composable Relaxed Asymmetric Password-Authenticated Key Exchange
- 1 Introduction
- 1.1 Background
- 1.2 Motivations
- 1.3 Our Contributions
- 2 Preliminaries
- 3 Relaxations of UC aPAKE
- 4 Security of SPAKE2+
- 4.1 Attack Scenarios
- 4.2 Proof of Security
- 5 Security of le-AuCPace
- 5.1 Why le-AuCPace Does Not Realize Fle-aPAKE
- 5.2 Proof of Security
- 6 Compiler from le-aPAKE or w-le-aPAKE to r-aPAKE-EA
- References
- DeCAF: Decentralizable CGKA with Fast Healing
- 1 Introduction
- 1.1 (Group) Messaging
- 1.2 CGKA
- 1.3 Our Contribution
- 2 Preliminaries
- 2.1 Secretly Key-Updatable Public-Key Encryption
- 2.2 Blockchain-Aided Continuous Group-Key Agreement
- 2.3 Ratchet Trees
- 3 Protocol Description
- 3.1 Blocks and Epochs
- 3.2 Implementing Dynamic Operations
- 3.3 Updating the States of an Update Path
- 3.4 Protocol Algorithms
- 4 Security
- References
- Blockchains
- MUSEN: Aggregatable Key-Evolving Verifiable Random Functions and Applications
- 1 Introduction
- 1.1 Our Contributions
- 1.2 Related Works
- 2 Preliminaries
- 3 Aggregatable Key-Evolving VRF
- 3.1 Construction A-KE-VRF (Fig.3)
- 4 Applications to Succinct Proof-of-Stake Blockchains
- 4.1 Succinct Block Headers: Concrete Optimizations
- 4.2 Better Proofs of Proof-of-Stake
- 5 Forward Secure Encryption to the Future
- References
- Shared-Custodial Password-Authenticated Deterministic Wallets
- 1 Introduction
- 1.1 Our Contribution
- 1.2 Related Work
- 2 Preliminaries
- 2.1 Notation
- 2.2 Adversary and Communication Model
- 2.3 Digital Signatures and Public Key Encryption
- 3 Password-Authenticated Deterministic Wallets
- 3.1 Model
- 3.2 Construction
- A Additional Preliminaries
- A.1 Unforgeability of Digital Signature Schemes
- A.2 The Schnorr Signature Scheme
- A.3 CCA-Security of Public Key Encryption Schemes
- References
- Author Index
