Topics in Cryptology - CT-RSA 2016
The Cryptographers' Track at the RSA Conference 2016, San Francisco, CA, USA, February 29 - March 4, 2016, Proceedings
Published on 2. February 2016
XI, 465 pages
978-3-319-29485-8 (ISBN)
Description
This
book constitutes the refereed proceedings of the Cryptographer's Track at the
RSA Conference 2016, CT-RSA 2016, held in San Francisco, CA, USA, in February/March
2016.
The 26 papers presented in this volume were carefully reviewed and selected from 76 submissions. The focus of the track is on following subjects: secure key exchange schemes, authenticated encryption, searchable symmetric encryption, digital signatures with new functionality, secure multi party computation, how to verify procedures, side-channel attacks on elliptic curve cryptography, hardware attacks and security, structure-preserving signatures, lattice cryptography, cryptanalysis of symmetric key encryption, message authentication code and PRF-security, and security of public key encryption.
More details
Series
Edition
1st ed. 2016
Language
English
Place of publication
Cham
Switzerland
Publishing group
Springer International Publishing
Product notice
Reflowable
Illustrations
XI, 465 p. 68 illus. in color.
File size
14,71 MB
ISBN-13
978-3-319-29485-8 (9783319294858)
DOI
10.1007/978-3-319-29485-8
Schweitzer Classification
Other editions
Additional editions
Kazue Sako
Topics in Cryptology - CT-RSA 2016
The Cryptographers' Track at the RSA Conference 2016, San Francisco, CA, USA, February 29 - March 4, 2016, Proceedings
Book
02/2016
Springer
€53.49
Shipment within 10-15 days
Content
- Intro
- Preface
- Organization
- Contents
- Secure Key Exchange Schemes
- Mitigating Server Breaches in Password-Based Authentication: Secure and Efficient Solutions
- 1 Introduction
- 2 Preliminaries
- 3 Security Model
- 4 Our Simple Protocol
- 4.1 Building Blocks
- 4.2 Login Procedure
- 5 Our Efficient Protocol
- 5.1 Building Blocks
- 5.2 Login Procedure
- 6 Conclusion
- References
- Strongly Leakage-Resilient Authenticated Key Exchange
- 1 Introduction
- 1.1 Motivations of This Work
- 1.2 Related Work
- 1.3 Our Results and Techniques
- 2 Preliminaries
- 2.1 Notation
- 2.2 Randomness Extractor
- 2.3 Pseudo-Random Function
- 2.4 Smooth Projective Hash Function
- 3 A New Strong Leakage-Resilient AKE Security Model
- 3.1 Challenge-Dependent Leakage-Resilient eCK Model
- 4 One-Round CLR-eCK-Secure AKE
- 4.1 General Framework
- 4.2 Security Analysis
- 5 An Instantiation from DDH Assumption
- References
- Authenticated Encryption
- INT-RUP Analysis of Block-cipher Based Authenticated Encryption Schemes
- 1 Introduction
- 1.1 Our Contributions
- 1.2 Significance of Our Results
- 2 Preliminaries
- 2.1 Rate of a Block-cipher Based AE Schemes
- 2.2 Block Matrices and Its Properties
- 3 Generalized ``rate-1'' Affine Mode AE Schemes
- 3.1 Affine Query and Mode
- 3.2 Affine Mode Authenticated Encryption Scheme
- 3.3 INT-RUP Insecurity of ``rate-1'' Block-Cipher Based Affine Mode AE Schemes
- 4 INT-RUP Analysis of CPFB, a Rate 34 Block-cipher Based AE Scheme
- 4.1 Revisting CPFB
- 4.2 INT-RUP Attack on CPFB
- 4.3 mCPFB: Modified CPFB with INT-RUP Security
- 4.4 INT-RUP Security for mCPFB
- 5 Conclusion and Future Work
- References
- From Stateless to Stateful: Generic Authentication and Authenticated Encryption Constructions with Application to TLS
- 1 Introduction
- 1.1 Our Contributions
- 1.2 Additional Related Work
- 2 Authentication Hierarchy
- 2.1 Definitions
- 2.2 Relations Among Authentication Notions
- 2.3 Constructing Higher Level Authentication Schemes
- 3 Authenticated Encryption Hierarchy
- 3.1 Definitions
- 3.2 Constructing Higher Level AEAD Schemes
- 4 Authenticated Encryption in TLS
- 4.1 TLS Sequence Numbers and Authentication Level
- 4.2 From TLS Level-1 AEAD to Level-4 AEAD
- References
- Searchable Symmetric Encryption
- Dynamic Symmetric Searchable Encryption from Constrained Functional Encryption
- 1 Introduction
- 2 Preliminaries
- 2.1 Bilinear Groups
- 2.2 Dual Spaces
- 2.3 Subset Membership Problem
- 2.4 Cryptographic Building Blocks
- 3 Constrained Functional Encryption over the Message Plaintext
- 3.1 Syntax
- 3.2 Security
- 3.3 Construction
- 4 Dynamic Searchable Symmetric Encryption
- 4.1 Syntax
- 4.2 Security
- 4.3 A Note on the Blue-Print
- 4.4 High-Level Idea
- 4.5 Description of the Construction
- 4.6 Security Analysis
- References
- Private Large-Scale Databases with Distributed Searchable Symmetric Encryption
- 1 Introduction
- 1.1 Related Work
- 1.2 Our Contributions
- 1.3 Roadmap
- 2 Background and Model
- 3 Overview of Our Construction
- 4 Formal Description
- 4.1 Technical Overview
- 4.2 Privacy Preserving Data Structures (PPDS)
- 4.3 General MPC
- 4.4 Weak Distributed Oblivious Permutation SPIR
- 4.5 Shared-Input Shared-Output SPIR
- 4.6 Linear Implementation
- 5 Full SSE and Range Queries
- 5.1 Weak Distributed Oblivious Permutation Range SPIR
- 5.2 FindEndpoints
- 5.3 Putting it All Together
- 6 Conclusion
- A Implementation and Benchmarking
- References
- Digital Signatures with New Functionality
- Short Randomizable Signatures
- 1 Introduction
- 1.1 Related Works
- 1.2 Our Contribution
- 1.3 Organization
- 2 Preliminaries
- 2.1 Bilinear Groups
- 2.2 Digital Signature Scheme
- 2.3 Sequential Aggregate Signature
- 3 Assumption
- 4 Our Randomizable Digital Signature Scheme
- 4.1 A Single-Message Signature Scheme
- 4.2 A Multi-message Signature Scheme
- 5 A Sequential Aggregate Signature
- 6 Useful Features
- 6.1 Signing Committed Messages
- 6.2 Proving Knowledge of a Signature
- 7 Efficiency
- 8 Conclusion
- References
- Non-Interactive Plaintext (In-)Equality Proofs and Group Signatures with Verifiable Controllable Linkability
- 1 Introduction
- 1.1 Background and Motivation
- 1.2 Related Work
- 1.3 Contribution
- 2 Preliminaries
- 2.1 Groth-Sahai (GS) Non-interactive Zero-Knowledge Proofs
- 2.2 Smooth Projective Hash Functions
- 2.3 Sign-and-Encrypt-and-Prove Paradigm
- 2.4 All-or-Nothing Public Key Encryption with Equality Tests
- 3 Non-interactive Plaintext (In-)Equality Proofs
- 3.1 A Generic Construction
- 3.2 Instantiation with PKEQ from ElGamal Encryption
- 4 GSSs with Verifiable Controllable Linkability
- 4.1 Model for GSSs with Verifiable Controllable Linkability
- 4.2 Verifiable Controllable Linkability
- References
- Secure Multi Party Computation
- Hybrid Publicly Verifiable Computation
- 1 Introduction
- 2 Background and Related Work
- 3 Hybrid Publicly Verifiable Computation
- 3.1 Security Models
- 4 Instantiating HPVC
- 4.1 Supporting Different Modes
- 4.2 Revocable Dual-Policy Attribute-Based Encryption
- 4.3 Construction
- 5 Conclusion
- References
- Efficient Concurrent Covert Computation of String Equality and Set Intersection
- 1 Introduction
- 1.1 Technical Overview
- 2 Preliminaries
- 2.1 The Ideal Cipher Model
- 2.2 Concurrent Covert Computation
- 2.3 Indexed Functionalities
- 2.4 Relaxed Covertness Notion for ISI Protocols
- 3 Compiling Single-Input TPCs to Multi-input TPCs
- 4 Instantiation of wC-covert String Equality Protocol
- References
- How to Verify Procedures
- Secure Audit Logs with Verifiable Excerpts
- 1 Introduction
- 2 Preliminaries, Notation and Conventions
- 3 Secure Logging with Verifiable Excerpts
- 3.1 Categorized Logging Schemes
- 3.2 Security Model
- 4 Our Scheme
- 4.1 Formal Description
- 4.2 Security Analysis
- 4.3 Performance Analysis
- 5 Conclusion
- References
- Efficient Culpably Sound NIZK Shuffle Argument Without Random Oracles
- 1 Introduction
- 2 Preliminaries
- 3 Unit Vector Argument
- 4 New Same-Message Argument
- 5 New Assumption: PSP
- 6 New Shuffle Argument
- References
- Side-Channel Attacks on Elliptic Curve Cryptography
- ECDH Key-Extraction via Low-Bandwidth Electromagnetic Attacks on PCs
- 1 Introduction
- 1.1 Our Contribution
- 1.2 Attack Overview
- 1.3 Targeted Software and Hardware
- 1.4 Related Work
- 2 Cryptanalysis
- 2.1 GnuPG's Elliptic Curve Encryption Implementation
- 2.2 ECDH Attack Algorithm
- 2.3 Attacking the Always-Add Algorithm
- 3 Signal Analysis and Experimental Results
- 3.1 Experimental Setup
- 3.2 Signal Analysis
- 3.3 Measuring the EM Leakage Through a Wall
- 4 Conclusion
- References
- Side-Channel Analysis of Weierstrass and Koblitz Curve ECDSA on Android Smartphones
- 1 Introduction
- 2 Background on Elliptic Curve Cryptography
- 3 Signal Processing
- 3.1 Synchronizing the Acquisitions
- 3.2 Energy Variations - Leakage Frequencies
- 4 Lattice Attack on ECDSA
- 4.1 ECDSA over Prime Fields
- 4.2 New Attack on Koblitz ECDSA
- 5 Use Case: Bitcoin Wallet
- References
- Hardware Attacks and Security
- Enhancing Side-Channel Analysis of Binary-Field Multiplication with Bit Reliability
- 1 Introduction
- 2 Fresh Re-Keying and Template Attacks
- 2.1 Fresh Re-Keying
- 2.2 Template Attacks and Leakage Model
- 3 LPN and Solving Algorithms
- 3.1 Learning Parity with Noise
- 3.2 Algorithms for Decoding Random Linear Codes
- 4 Attack Outline and Setup
- 4.1 Outline
- 4.2 Fresh Re-Keying and 8-Bit Leakage
- 4.3 128-Bit Leakage
- 5 Using Reliability to Increase Attack Performance
- 5.1 LPVN: A New LPN Variant
- 5.2 Filtering
- 5.3 Using Reliability in Stern's Attack
- 6 Simulation and Practical Experiments
- 6.1 Fresh Re-Keying on an 8-Bit Platform
- 6.2 128-Bit Leakage
- 6.3 Comparison of Algorithms
- 7 Conclusion and Future Work
- References
- Towards a Unified Security Model for Physically Unclonable Functions
- 1 Introduction
- 2 Notations
- 3 Security Model: Properties and Their Relationships
- 3.1 Output Distribution
- 3.2 One-Wayness
- 3.3 Unforgeability
- 3.4 Unclonability
- 3.5 Indistinguishability
- 3.6 Pseudorandomness
- 3.7 Tamper-Resilience
- 3.8 Relationships Between the Security Properties
- 4 Comparison to Existing Security Models
- 5 Conclusion
- References
- Structure-Preserving Signatures
- Cryptanalysis of the Structure-Preserving Signature Scheme on Equivalence Classes from Asiacrypt 2014
- 1 Introduction
- 2 Preliminaries
- 2.1 Bilinear Map
- 2.2 Structure-Preserving Signature Scheme on Equivalence Classes
- 2.3 Security of Digital Signature Scheme
- 3 The Hanser-Slamanig SPS-EQ Scheme
- 3.1 Description of the Hanser-Slamanig SPS-EQ Scheme
- 3.2 Fuchsbauer's Attack to Break the EUF-CMA of the Scheme
- 4 Our Attacks
- 4.1 Key Observation of Our Attacks
- 4.2 Procedure to Find Nontrivial Element in ker()
- 4.3 Breaking the EUF-Non-Adaptive-CMA of the Scheme
- 4.4 The Universal Forgery Attack Against the Scheme
- 4.5 Interesting Observations
- 5 Conclusion
- References
- Short Structure-Preserving Signatures
- 1 Introduction
- 2 Preliminaries
- 2.1 Bilinear Groups
- 2.2 Complexity Assumptions
- 2.3 Digital Signatures
- 2.4 Randomizable Weakly Blind Signatures
- 2.5 Groth-Sahai Proofs
- 3 Our Structure-Preserving Signature Scheme
- 3.1 Efficiency Comparison
- 4 Applications of Our Scheme
- 4.1 Direct Anonymous Attestation
- 4.2 Group Signatures and Similar Primitives
- References
- Lattice Cryptography
- Which Ring Based Somewhat Homomorphic Encryption Scheme is Best?
- 1 Introduction
- 2 Preliminaries
- 3 Ring Based SHE Schemes
- 3.1 Key Generation
- 3.2 Encryption and Decryption
- 3.3 Scale
- 3.4 Reduce Level
- 3.5 Switch Key
- 3.6 Addition and Multiplication
- 3.7 Security and Parameters
- 4 Results
- References
- NFLlib: NTT-Based Fast Lattice Library
- 1 Introduction
- 1.1 Our Contribution: NFLlib
- 1.2 Related Work
- 1.3 Outline
- 2 Preliminaries
- 3 NFLlib: A Library for Ideal-Lattice Cryptography
- 3.1 Fixed-Size CRT Representation
- 3.2 Optimizing the Modular Multiplication
- 3.3 A Lazy NTT Algorithm
- 4 Performances Evaluation and Comparison with NTL, FLINT and HElib
- 5 Implementing Ideal Lattice Cryptography with NFLlib
- 5.1 High Performance Key Exchange
- 5.2 Using NFLlib for Homomorphic Encryption
- 6 Conclusion
- References
- Cryptanalysis of Symmetric Key Encryption
- Optimization of Rainbow Tables for Practically Cracking GSM A5/1 Based on Validated Success Rate Modeling
- 1 Introduction
- 2 GSM and Related Work
- 3 Analysis of A5/1 TMTO Characteristics
- 3.1 Chain Characteristics
- 3.2 Keystream Space Shrinking
- 3.3 Intermediate Space and Chain Collisions
- 3.4 Success Rate
- 3.5 False Alarms
- 4 System Evaluation
- 4.1 Implementation and Settings
- 4.2 Performance Evaluation of the Project
- 5 Conclusions and Future Work
- A Appendix
- B Appendix
- References
- New Observations on Piccolo Block Cipher
- 1 Introduction
- 2 Description of Piccolo
- 2.1 Encryption Algorithm
- 2.2 Key Schedule Algorithm
- 3 Linear-Reflection Weak Keys of Piccolo
- 3.1 Definition of Weak Key
- 3.2 Searching Weak Keys for Piccolo
- 3.3 Weak Keys of Piccolo
- 4 New Observations on Piccolo-128
- 4.1 Property of Key Schedule of Piccolo-128
- 4.2 Observations on Piccolo-128
- 5 Conclusion
- References
- Message Authentication Code and PRF-Security
- Replacing SHA-2 with SHA-3 Enhances Generic Security of HMAC
- 1 Introduction
- 2 Preliminaries
- 3 Specification of HMAC_Sponge and Security Results
- 3.1 Specification of HMAC_Sponge
- 3.2 Security Results
- 4 Proof of Theorem1
- 5 Proof of Theorem2
- References
- Constrained PRFs for Unbounded Inputs
- 1 Introduction
- 2 Preliminaries
- 2.1 Constrained and Puncturable PRFs
- 2.2 Collision-Resistant Hash Functions
- 2.3 Indistinguishability and Differing-Input Obfuscation
- 2.4 Succinct Non-interactive Arguments of Knowledge
- 3 Constrained PRFs for Unbounded Inputs
- 3.1 A Circuit-Constrained PRF
- 3.2 A TM-Constrained PRF
- References
- Security of Public Key Encryption
- Construction of Fully CCA-Secure Predicate Encryptions from Pair Encoding Schemes
- 1 Introduction
- 2 Background
- 2.1 Predicate Families
- 2.2 Predicate Key-Encapsulation Mechanisms
- 2.3 Composite Order Bilinear Groups
- 2.4 Security Assumptions
- 3 Framework for CCA-Secure P-KEMs
- 3.1 Pair Encoding Schemes
- 3.2 Additional Requirements of CCA-Secure Framework
- 3.3 Fully CCA-Secure Framework
- 4 Main Theorem and Extended Proof Technique
- 5 Comparison with Generic Constructions and Conclusion
- References
- Factoring N=prqs for Large r and s
- 1 Introduction
- 2 Background
- 2.1 LLL and Simultaneous Diophantine Approximation
- 2.2 Coppersmith's Algorithm
- 2.3 The Boneh-Durfee-Howgrave-Graham Algorithm
- 3 Factoring N=prqs for Large r
- 3.1 Proof of Theorem7
- 4 Generalization to N=i=1k piri for Large ri's
- 5 Experiments
- A Coppersmith's Second Theorem for Factoring N=prqs
- B Coppersmith's First Theorem
- C The BDH Method for Factoring N=prq
- D Proof of Theorem6
- References
- Author Index
