Some recent developments in employing Reed-Solomon codes in cryptography are surveyed, including the design of symmetric ciphers and what provable properties one can argue based on suitable hardness assumptions (for p...
详细信息
Some recent developments in employing Reed-Solomon codes in cryptography are surveyed, including the design of symmetric ciphers and what provable properties one can argue based on suitable hardness assumptions (for parameters where decoding is hard)
Secret sharing schemes are cryptographic primitives that can be employed in any situation where it is desirable to distribute information relating to secret data amongst a number of entities. Following a secure initia...
详细信息
Secret sharing schemes are cryptographic primitives that can be employed in any situation where it is desirable to distribute information relating to secret data amongst a number of entities. Following a secure initialization process, a secret sharing scheme normally has a fixed access policy (specified by an access structure). However in dynamic environments it is likely that access policies will be subject to change: for example entities may wish to join the scheme, entitles may be expelled from the scheme or security thresholds may change. Rather than undergo a costly re-initialization process, there have been several different proposals for designing secret sharing schemes that permit dynamic access policies. We reviewed various existing models and proposals, and identify several open problems
This paper shows that three cryptographic channels, secure channels (SC), anonymous channels (AC) and direction-indeterminable channels (DIC), are reduced to each other in the UC (universally composable) framework. We...
详细信息
This paper shows that three cryptographic channels, secure channels (SC), anonymous channels (AC) and direction-indeterminable channels (DIC), are reduced to each other in the UC (universally composable) framework. We first define ideal functionalities for these channels, F SC , F AC and F DIC . We then prove that a SC protocol UC-realizes F SC in the F DIC -hybrid model, that a DIC protocol UC-realizes F DIC in the F AC -hybrid model, and that a AC protocol UC-realizes F AC -hybrid model in the F SC -hybrid model
It is known that a message can be transmitted safely against any wiretap per via a noisy channel without a secret key if the coding rate is less than the so-called secrecy capacity Cs, which is usually smaller than th...
详细信息
It is known that a message can be transmitted safely against any wiretap per via a noisy channel without a secret key if the coding rate is less than the so-called secrecy capacity Cs, which is usually smaller than the channel capacity C. In order to remove the loss C - Cs, we propose a multiplex coding scheme with plural independent messages. In this paper, it is shown that the proposed multiplex coding scheme can attain the channel capacity as the total rate of the plural messages and the perfect secrecy for each message. The coding theorem is proved by extending Hayashi's proof, in which the coding of the channel resolvability is applied to the wiretap channel
Fast correlation attacks have been considerably improved recently, based on efficient decoding algorithms dedicated to very large linear codes in the case of a highly noisy channel. However, a better adaptation of the...
详细信息
Fast correlation attacks have been considerably improved recently, based on efficient decoding algorithms dedicated to very large linear codes in the case of a highly noisy channel. However, a better adaptation of these techniques to the concrete involved stream ciphers is still an open issue
Most successful attacks that occur today against computer networks are targeted against the computers connected to the network, but not against the routers. At the BlackHat 2005 conference it was shown that potential ...
详细信息
Most successful attacks that occur today against computer networks are targeted against the computers connected to the network, but not against the routers. At the BlackHat 2005 conference it was shown that potential attacks against routers are far from hypothetical. Current TCP/IP protocols (even including IPSEC) do not have the resilience to deal with routers taken over by the adversary. We survey the research done in the area of how to communicate reliably and/or privately. In the presence of different types of adversary, for example a malicious (Byzantine) one. Evidently, if the adversary can control all nodes (routers) in the network, no solution exists. The nodes that can be attacked by the adversary can be described using a threshold, or by what is called an adversary structure. The type of networks studied are point-to-point or broadcast/multicast
Quantum cryptography is the only approach to privacy ever proposed that allows two parties (who do not share a long secret key ahead of time) to communicate with provably perfect secrecy under the nose of an eavesdrop...
详细信息
Quantum cryptography is the only approach to privacy ever proposed that allows two parties (who do not share a long secret key ahead of time) to communicate with provably perfect secrecy under the nose of an eavesdropper endowed with unlimited computational power and whose technology is limited by nothing but the fundamental laws of nature. This essay provides a personal historical perspective on the field. For the sake of liveliness, the style is purposely that of a spontaneous after-dinner speech. It will be seen that the IEEE played a ubiquitous role in this tale
We initiate the study of two-party cryptographic primitives with unconditional security, assuming that the adversary's quantum memory is of bounded size. We show that oblivious transfer and bit commitment can be i...
详细信息
We initiate the study of two-party cryptographic primitives with unconditional security, assuming that the adversary's quantum memory is of bounded size. We show that oblivious transfer and bit commitment can be implemented in this model using protocols where honest parties need no quantum memory, whereas an adversarial player needs quantum memory of size at least n/2 in order to break the protocol, where n is the number of qubits transmitted. This is in sharp contrast to the classical bounded-memory model, where we can only tolerate adversaries with memory of size quadratic in honest players' memory size. Our protocols are efficient, non-interactive and can be implemented using today's technology. On the technical side, a new uncertainty relation is established
This paper is concerned with basic properties of the (t, m)-threshold scheme, where m denotes the number of shares and t a threshold. We are interested in the case where a secret information is generated from a source...
详细信息
This paper is concerned with basic properties of the (t, m)-threshold scheme, where m denotes the number of shares and t a threshold. We are interested in the case where a secret information is generated from a source with no assumption on its probabilistic structure. We first give conditions that the (t, m)-threshold scheme must satisfy. Then, we give a theorem which is related to lower bounds on the sizes of shares and the length of random bits needed to a dealer. In addition, we show that the (t, m)-threshold scheme is realized under a certain mild assumption on the source
暂无评论