No Arabic abstract
Differential privacy (DP) has arisen as the state-of-the-art metric for quantifying individual privacy when sensitive data are analyzed, and it is starting to see practical deployment in organizations such as the US Census Bureau, Apple, Google, etc. There are two popular models for deploying differential privacy - standard differential privacy (SDP), where a trusted server aggregates all the data and runs the DP mechanisms, and local differential privacy (LDP), where each user perturbs their own data and perturbed data is analyzed. Due to security concerns arising from aggregating raw data at a single server, several real world deployments in industry have embraced the LDP model. However, systems based on the LDP model tend to have poor utility - a gap in the utility achieved as compared to systems based on the SDP model. In this work, we survey and synthesize emerging directions of research at the intersection of differential privacy and cryptography. First, we survey solutions that combine cryptographic primitives like secure computation and anonymous communication with differential privacy to give alternatives to the LDP model that avoid a trusted server as in SDP but close the gap in accuracy. These primitives introduce performance bottlenecks and necessitate efficient alternatives. Second, we synthesize work in an area we call DP-Cryptography - cryptographic primitives that are allowed to leak differentially private outputs. These primitives have orders of magnitude better performance than standard cryptographic primitives. DP-cryptographic primitives are perfectly suited for implementing alternatives to LDP, but are also applicable to scenarios where standard cryptographic primitives do not have practical implementations. Through this unique lens of research taxonomy, we survey ongoing research in these directions while also providing novel directions for future research.
In this work, we study a generalization of hidden subspace states to hidden coset states (first introduced by Aaronson and Christiano [STOC 12]). This notion was considered independently by Vidick and Zhang [Eurocrypt 21], in the context of proofs of quantum knowledge from quantum money schemes. We explore unclonable properties of coset states and several applications: - We show that assuming indistinguishability obfuscation (iO), hidden coset states possess a certain direct product hardness property, which immediately implies a tokenized signature scheme in the plain model. Previously, it was known only relative to an oracle, from a work of Ben-David and Sattath [QCrypt 17]. - Combining a tokenized signature scheme with extractable witness encryption, we give a construction of an unclonable decryption scheme in the plain model. The latter primitive was recently proposed by Georgiou and Zhandry [ePrint 20], who gave a construction relative to a classical oracle. - We conjecture that coset states satisfy a certain natural (information-theoretic) monogamy-of-entanglement property. Assuming this conjecture is true, we remove the requirement for extractable witness encryption in our unclonable decryption construction, by relying instead on compute-and-compare obfuscation for the class of unpredictable distributions. - Finally, we give a construction of a copy-protection scheme for pseudorandom functions (PRFs) in the plain model. Our scheme is secure either assuming iO, OWF, and extractable witness encryption, or assuming iO, OWF, compute-and-compare obfuscation for the class of unpredictable distributions, and the conjectured monogamy property mentioned above. This is the first example of a copy-protection scheme with provable security in the plain model for a class of functions that is not evasive.
We consider the problem where a group of n nodes, connected to the same broadcast channel (e.g., a wireless network), want to generate a common secret bitstream, in the presence of an adversary Eve, who tries to obtain information on the bitstream. We assume that the nodes initially share a (small) piece of information, but do not have access to any out-of-band channel. We ask the question: can this problem be solved without relying on Eves computational limitations, i.e., without using any form of public-key cryptography? We propose a secret-agreement protocol, where the n nodes of the group keep exchanging bits until they have all agreed on a bit sequence that Eve cannot reconstruct with very high probability. In this task, the nodes are assisted by a small number of interferers, whose role is to create channel noise in a way that bounds the amount of information Eve can overhear. Our protocol has polynomial-time complexity and requires no changes to the physical or MAC layer of network devices. First, we formally show that, under standard theoretical assumptions, our protocol is information-theoretically secure, achieves optimal secret-generation rate for n = 2 nodes, and scales well to an arbitrary number of nodes. Second, we adapt our protocol to a small wireless 14-square-meter testbed; we experimentally show that, if Eve uses a standard wireless physical layer and is not too close to any of the nodes, 8 nodes can achieve a secret-generation rate of 38 Kbps. To the best of our knowledge, ours is the first experimental demonstration of information-theoretic secret exchange on a wireless network at a rate beyond a few tens of bits per second.
This article addresses code-based cryptography and is designed to depict the complete outline of a code based public key cryptosystem. This report includes basic mathematics and fundamentals of coding theory which are useful for studying code-based cryptography. Here, we briefly describe the first scheme of code based public key cryptosystems given by R. J. McEliece in 1978 and its improved version given by H. Niederreiter in 1986. We discuss the hard problems of coding theory which are used in code based cryptography and some classic attacks on it like information-set decoding (ISD). Successful implementation of the ISD attack on McEliece cryptosystem for some small parameters set is executed and the code for the same is provided in the Appendix. This report elaborates a key encapsulation mechanism (KEM), namely Classic McEliece, based on algebraic coding theory to establish a symmetric key for two users.
The paper aims to do a survey along with a comparative analysis of the various cryptography libraries that are applicable in the field of Internet of Things (IoT). The first half of the paper briefly introduces the various cryptography libraries available in the field of cryptography along with a list of all the algorithms contained within the libraries. The second half of the paper deals with cryptography libraries specifically aimed for application in the field of Internet of Things. The various libraries and their performance analysis listed down in this paper are consolidated from various sources with the aim of providing a single comprehensive repository for reference to the various cryptography libraries and the comparative analysis of their features in IoT.
In this paper we proposed an authentication technique based on the user cards, to improve the authentication process in systems that allows remote access for the users, and raise the security rate during an exchange of their messages. in this technique the server performs two functions, the first function, register the users, and give him user ID, PIN code, and user private card contains secrecy information, which is used to encrypt user messages by using two kinds of encryption symmetric using RC4-Pr and asymmetric using RSA encryption., the second function, distribute the users public card if the user demand that, in which the user sends the own authentication code with their own user ID and recipient user ID to the authentication check, and then the server sends the user public card to the recipient user, thus the sender user can send the messages to recipient user without back to the server again. We attained confidentiality using RC4-Pr and RSA encryption and message authentication, user signature, and mutual secret key by using RSA encryption. in this paper we also implement the proposal in [1] RC4-pr algorithm which is modified to improve the key weakness of basic RC4.