scispace - formally typeset
Search or ask a question
Conference

International Conference on Cryptology in Africa 

About: International Conference on Cryptology in Africa is an academic conference. The conference publishes majorly in the area(s): Block cipher & Encryption. Over the lifetime, 228 publications have been published by the conference receiving 4844 citations.


Papers
More filters
Book ChapterDOI
03 May 2010
TL;DR: Wang et al. as mentioned in this paper proposed an efficient unidirectional proxy re-encryption scheme without resorting to pairings and showed that it is vulnerable to chosen-ciphertext attack (CCA).
Abstract: Proxy re-encryption (PRE) allows a semi-trusted proxy to convert a ciphertext originally intended for Alice into one encrypting the same plaintext for Bob. The proxy only needs a re-encryption key given by Alice, and cannot learn anything about the plaintext encrypted. This adds flexibility in various applications, such as confidential email, digital right management and distributed storage. In this paper, we study unidirectional PRE, which the re-encryption key only enables delegation in one direction but not the opposite. In PKC 2009, Shao and Cao proposed a unidirectional PRE assuming the random oracle. However, we show that it is vulnerable to chosen-ciphertext attack (CCA). We then propose an efficient unidirectional PRE scheme (without resorting to pairings). We gain high efficiency and CCA-security using the “token-controlled encryption” technique, under the computational Diffie-Hellman assumption, in the random oracle model and a relaxed but reasonable definition.

299 citations

Book ChapterDOI
19 Jun 2009
TL;DR: The result suggests that decoding attack against the variant has little chance to be better than the general one against the classical McEliece cryptosystem, and a new NP-complete decision problem called quasi-cyclic syndrome decoding is introduced.
Abstract: The McEliece cryptosystem is one of the oldest public-key cryptosystems ever designed. It is also the first public-key cryptosystem based on linear error-correcting codes. Its main advantage is to have very fast encryption and decryption functions. However it suffers from a major drawback. It requires a very large public key which makes it very difficult to use in many practical situations. A possible solution is to advantageously use quasi-cyclic codes because of their compact representation. On the other hand, for a fixed level of security, the use of optimal codes like Maximum Distance Separable ones allows to use smaller codes. The almost only known family of MDS codes with an efficient decoding algorithm is the class of Generalized Reed-Solomon (GRS) codes. However, it is well-known that GRS codes and quasi-cyclic codes do not represent secure solutions. In this paper we propose a new general method to reduce the public key size by constructing quasi-cyclic Alternant codes over a relatively small field like ${\mathbb{F}}_{2^8}$. We introduce a new method of hiding the structure of a quasi-cyclic GRS code. The idea is to start from a Reed-Solomon code in quasi-cyclic form defined over a large field. We then apply three transformations that preserve the quasi-cyclic feature. First, we randomly block shorten the RS code. Next, we transform it to get a Generalised Reed Solomon, and lastly we take the subfield subcode over a smaller field. We show that all existing structural attacks are infeasible. We also introduce a new NP-complete decision problem called quasi-cyclic syndrome decoding. This result suggests that decoding attack against our variant has little chance to be better than the general one against the classical McEliece cryptosystem. We propose a system with several sizes of parameters from 6,800 to 20,000 bits with a security ranging from 280 to 2120.

235 citations

Book ChapterDOI
19 Jun 2009
TL;DR: In this paper, the authors proposed threshold attribute-based signatures (t-ABS), which enables a signature holder to prove possession of signatures by revealing only the relevant attributes of the signer, hence providing signer-attribute privacy for the signature holder.
Abstract: In this paper we propose threshold attribute-based signatures (t-ABS). A t-ABS scheme enables a signature holder to prove possession of signatures by revealing only the relevant attributes of the signer, hence providing signer-attribute privacy for the signature holder. We define t-ABS schemes, formalize their security and propose two t-ABS schemes: a basic scheme secure against selective forgery and a second one secure against existential forgery, both provable in the standard model, assuming hardness of the CDH problem. We show that our basic t-ABS scheme can be augmented with two extra protocols that are used for efficiently issuing and verifying t-ABS signatures on committed values. We call the augmented scheme a threshold attribute based c-signature scheme (t-ABCS). We show how a t-ABCS scheme can be used to realize a secure threshold attribute-based anonymous credential system (t-ABACS) providing issuer-attribute privacy. We propose a security model for t-ABACS, give a concrete scheme using t-ABCS scheme, and prove that the credential system is secure if the t-ABCS scheme is secure.

222 citations

Book ChapterDOI
07 May 2018
TL;DR: Saber as mentioned in this paper is a package of cryptographic primitives whose security relies on the hardness of the Module Learning With Rounding problem (Mod-LWR) and is based on the Diffie-Hellman type key exchange protocol, which is then transformed into IND-CPA encryption scheme and finally into an IND-CCA secure key encapsulation mechanism using a postquantum version of the Fujisaki-Okamoto transform.
Abstract: In this paper, we introduce Saber, a package of cryptographic primitives whose security relies on the hardness of the Module Learning With Rounding problem (Mod-LWR). We first describe a secure Diffie-Hellman type key exchange protocol, which is then transformed into an IND-CPA encryption scheme and finally into an IND-CCA secure key encapsulation mechanism using a post-quantum version of the Fujisaki-Okamoto transform. The design goals of this package were simplicity, efficiency and flexibility resulting in the following choices: all integer moduli are powers of 2 avoiding modular reduction and rejection sampling entirely; the use of LWR halves the amount of randomness required compared to LWE-based schemes and reduces bandwidth; the module structure provides flexibility by reusing one core component for multiple security levels. A constant-time AVX2 optimized software implementation of the KEM with parameters providing more than 128 bits of post-quantum security, requires only 101K, 125K and 129K cycles for key generation, encapsulation and decapsulation respectively on a Dell laptop with an Intel i7-Haswell processor.

167 citations

Book ChapterDOI
19 Jun 2009
TL;DR: Simulations show that inducing a single random byte fault at the input of the eighth round of the AES algorithm the block cipher key can be deduced without any brute-force search.
Abstract: In the present paper a new fault based attack has been proposed against AES-Rijndael. The paper shows that inducing a single random byte fault at the input of the eighth round of the AES algorithm the block cipher key can be deduced. Simulations show that when two faulty ciphertext pairs are generated, the key can be exactly deduced without any brute-force search. Further results show that with one single faulty ciphertext pair, the AES key can be ascertained with a brute-force search of 232.

166 citations

Performance
Metrics
No. of papers from the Conference in previous years
YearPapers
20236
202214
202021
201922
201819
201713