اشترك بالحزمة الذهبية واحصل على وصول غير محدود شمرا أكاديميا
تسجيل مستخدم جديدNew Instantiations of the CRYPTO 2017 Masking Schemes
31
0
0.0
(
0
)
اسأل ChatGPT حول البحث
ﻻ يوجد ملخص باللغة العربية
At CRYPTO 2017, Belaid et al presented two new private multiplication algorithms over finite fields, to be used in secure masking schemes. To date, these algorithms have the lowest known complexity in terms of bilinear multiplication and random masks respectively, both being linear in the number of shares $d+1$. Yet, a practical drawback of both algorithms is that their safe instantiation relies on finding matrices satisfying certain conditions. In their work, Belaid et al only address these up to $d=2$ and 3 for the first and second algorithm respectively, limiting so far the practical usefulness of their schemes. In this paper, we use in turn an algebraic, heuristic, and experimental approach to find many more safe instances of Belaid et als algorithms. This results in explicit such instantiations up to order $d = 6$ over large fields, and up to $d = 4$ over practically relevant fields such as $mathbb{F}_{2^8}$.
قيم البحث
اقرأ أيضاً
In the current architecture of the Internet, there is a strong asymmetry in terms of power between the entities that gather and process personal data (e.g., major Internet companies, telecom operators, cloud providers, ...) and the individuals from w
hich this personal data is issued. In particular, individuals have no choice but to blindly trust that these entities will respect their privacy and protect their personal data. In this position paper, we address this issue by proposing an utopian crypto-democracy model based on existing scientific achievements from the field of cryptography. More precisely, our main objective is to show that cryptographic primitives, including in particular secure multiparty computation, offer a practical solution to protect privacy while minimizing the trust assumptions. In the crypto-democracy envisioned, individuals do not have to trust a single physical entity with their personal data but rather their data is distributed among several institutions. Together these institutions form a virtual entity called the Trustworthy that is responsible for the storage of this data but which can also compute on it (provided first that all the institutions agree on this). Finally, we also propose a realistic proof-of-concept of the Trustworthy, in which the roles of institutions are played by universities. This proof-of-concept would have an important impact in demonstrating the possibilities offered by the crypto-democracy paradigm.
Besides the development of PQC algorithms, the actual migration of IT systems to such new schemes has to be considered, best by utilizing or establishing crypto-agility. Much work in this respect is currently conducted all over the world, making it h
ard to keep track of the many individual challenges and respective solutions that have been identified. In consequence, it is difficult to judge for both individual application scenarios and on a global scale, whether all (known) challenges have been addressed respectively or what their current state is. We provide a literature survey and a snapshot of the discovered challenges and solutions categorized in different areas. We use this as starting point for a community project to keep track of the ongoing efforts and the state of the art in this field. Thereby we offer a single entry-point into the subject reflecting the current state in a timely manner.
This paper presents a spatial encryption technique for secured transmission of data in networks. The algorithm is designed to break the ciphered data packets into multiple data which are to be packaged into a spatial template. A secure and efficient
mechanism is provided to convey the information that is necessary for obtaining the original data at the receiver-end from its parts in the packets. An authentication code (MAC) is also used to ensure authenticity of every packet.
The correct use of cryptography is central to ensuring data security in modern software systems. Hence, several academic and commercial static analysis tools have been developed for detecting and mitigating crypto-API misuse. While developers are opt
imistically adopting these crypto-API misuse detectors (or crypto-detectors) in their software development cycles, this momentum must be accompanied by a rigorous understanding of their effectiveness at finding crypto-API misuse in practice. This paper presents the MASC framework, which enables a systematic and data-driven evaluation of crypto-detectors using mutation testing. We ground MASC in a comprehensive view of the problem space by developing a data-driven taxonomy of existing crypto-API misuse, containing $105$ misuse cases organized among nine semantic clusters. We develop $12$ generalizable usage-based mutation operators and three mutation scopes that can expressively instantiate thousands of compilable variants of the misuse cases for thoroughly evaluating crypto-detectors. Using MASC, we evaluate nine major crypto-detectors and discover $19$ unique, undocumented flaws that severely impact the ability of crypto-detectors to discover misuses in practice. We conclude with a discussion on the diverse perspectives that influence the design of crypto-detectors and future directions towards building security-focused crypto-detectors by design.
Social networking sites supporting federated identities offer a convenient and increasingly popular mechanism for cross-site authentication. Unfortunately, they also exacerbate many privacy and tracking risks. We propose Crypto-Book, an anonymizing l
ayer enabling cross-site authentication while reducing these risks. Crypto-Book relies on a set of independently managed servers that collectively assign each social network identity a public/private keypair. Only an identitys owner learns all the private key shares, and can therefore construct the private key, while all participants can obtain any users public key, even if the corresponding private key has yet to be retrieved. Having obtained an appropriate key set, a user can then leverage anonymous authentication techniques such as linkable ring signatures to log into third-party web sites while preserving privacy. We have implemented a prototype of Crypto-Book and demonstrate its use with three applications: a Wiki system, an anonymous group communication system, and a whistleblower submission system. Our results show that for anonymity sets of size 100, Crypto-Book login takes 0.56s for signature generation by the client, 0.38s for signature verification on the server, and requires 5.6KB of communication bandwidth.
سجل دخول لتتمكن من نشر تعليقات
التعليقات
جاري جلب التعليقات
سجل دخول لتتمكن من متابعة معايير البحث التي قمت باختيارها
