Showing papers in "arXiv: Cryptography and Security in 2002"

A Polynomial Description of the Rijndael Advanced Encryption Standard

Abstract: The paper gives a polynomial description of the Rijndael Advanced Encryption Standard recently adopted by the National Institute of Standards and Technology. Special attention is given to the structure of the S-Box.

On non-abelian homomorphic public-key cryptosystems

Abstract: An important problem of modern cryptography concerns secret public-key computations in algebraic structures. We construct homomorphic cryptosystems being (secret) epimorphisms f:G --> H, where G, H are (publically known) groups and H is finite. A letter of a message to be encrypted is an element h element of H, while its encryption g element of G is such that f(g)=h. A homomorphic cryptosystem allows one to perform computations (operating in a group G) with encrypted information (without knowing the original message over H). In this paper certain homomorphic cryptosystems are constructed for the first time for non-abelian groups H (earlier, homomorphic cryptosystems were known only in the Abelian case). In fact, we present such a system for any solvable (fixed) group H.

Trust enhancement by multiple random beacons

Abstract: Random beacons-information sources that broadcast a stream of random digits unknown by anyone beforehand-are useful for various cryptographic purposes But such beacons can be easily and undetectably sabotaged, so that their output is known beforehand by a dishonest party, who can use this information to defeat the cryptographic protocols supposedly protected by the beacon We explore a strategy to reduce this hazard by combining the outputs from several noninteracting (eg spacelike-separated) beacons by XORing them together to produce a single digit stream which is more trustworthy than any individual beacon, being random and unpredictable if at least one of the contributing beacons is honest If the contributing beacons are not spacelike separated, so that a dishonest beacon can overhear and adapt to earlier outputs of other beacons, the beacons' trustworthiness can still be enhanced to a lesser extent by a time sharing strategy We point out some disadvantages of alternative trust amplification methods based on one-way hash functions

Mathematical Foundations of Modern Cryptography: Computational Complexity Perspective

Abstract: Theoretical computer science has found fertile ground in many areas of mathematics. The approach has been to consider classical problems through the prism of computational complexity, where the number of basic compu­ tational steps taken to solve a problem is the crucial qualitative parameter. This new approach has led to a sequence of advances, in setting and solving new mathematical challenges as well as in harnessing discrete mathematics to the task of solving real-world problems. In this talk, I will survey the development of modern cryptography — the mathematics behind secret communications and protocols — in this light. I will describe the complexity theoretic foundations underlying the crypto­ graphic tasks of encryption, pseudo-randomness number generators and func­ tions, zero knowledge interactive proofs, and multi-party secure protocols. I will attempt to highlight the paradigms and proof techniques which unify these foundations, and which have made their way into the mainstream of complexity theory.

Public-key cryptography and invariant theory

Abstract: Public-key cryptosystems are suggested based on invariants of groups. We give also an overview of the known cryptosystems which involve groups.

Permutation graphs, fast forward permutations, and sampling the cycle structure of a permutation

Abstract: A permutation P on {1,..,N} is a_fast_forward_permutation_ if for each m the computational complexity of evaluating P^m(x)$ is small independently of m and x. Naor and Reingold constructed fast forward pseudorandom cycluses and involutions. By studying the evolution of permutation graphs, we prove that the number of queries needed to distinguish a random cyclus from a random permutation on {1,..,N} is Theta(N) if one does not use queries of the form P^m(x), but is only Theta(1) if one is allowed to make such queries. We construct fast forward permutations which are indistinguishable from random permutations even when queries of the form P^m(x) are allowed. This is done by introducing an efficient method to sample the cycle structure of a random permutation, which in turn solves an open problem of Naor and Reingold.

Encoding a Taxonomy of Web Attacks with Different-Length Vectors

Abstract: Web attacks, ie attacks exclusively using the HTTP protocol, are rapidly becoming one of the fundamental threats for information systems connected to the Internet When the attacks suffered by web servers through the years are analyzed, it is observed that most of them are very similar, using a reduced number of attacking techniques It is generally agreed that classification can help designers and programmers to better understand attacks and build more secure applications As an effort in this direction, a new taxonomy of web attacks is proposed in this paper, with the objective of obtaining a practically useful reference framework for security applications The use of the taxonomy is illustrated by means of multiplatform real world web attack examples Along with this taxonomy, important features of each attack category are discussed A suitable semantic-dependent web attack encoding scheme is defined that uses different-length vectors Possible applications are described, which might benefit from this taxonomy and encoding scheme, such as intrusion detection systems and application firewalls

MV2-algorithm's clones

Abstract: The clones of MV2 algorithm for any radix are discussed. The three various examples of ones are represented.

A logical reconstruction of SPKI

Abstract: SPKI/SDSI is a proposed public key infrastructure standard that incorporates the SDSI public key infrastructure. SDSI's key innovation was the use of local names. We previously introduced a Logic of Local Name Containment that has a clear semantics and was shown to completely characterize SDSI name resolution. Here we show how our earlier approach can be extended to deal with a number of key features of SPKI, including revocation, expiry dates, and tuple reduction. We show that these extensions add relatively little complexity to the logic. In particular, we do not need a nonmonotonic logic to capture revocation. We then use our semantics to examine SPKI's tuple reduction rules. Our analysis highlights places where SPKI's informal description of tuple reduction is somewhat vague, and shows that extra reduction rules are necessary in order to capture general information about binding and authorization.

Theoretical limit of the compression for the information

Abstract: The pit recording of file, the coefficient of compression are introduced The theoretical limit of the information compression as minimal coefficient of compression for the given length of alphabet are found

Trust Brokerage Systems for the Internet

Abstract: This thesis addresses the problem of providing trusted individuals with confidential information about other individuals, in particular, granting access to databases of personal records using the World-Wide Web. It proposes an access rights management system for distributed databases which aims to create and implement organisation structures based on the wishes of the owners and of demands of the users of the databases. The dissertation describes how current software components could be used to implement this system; it re-examines the theory of collective choice to develop mechanisms for generating hierarchies of authorities; it analyses organisational processes for stability and develops a means of measuring the similarity of their hierarchies.

On the graph coloring check-digit scheme with applications to verifiable secret sharing

Abstract: In the paper we apply graph vertex coloring for verification of secret shares We start from showing how to convert any graph into the number and vice versa Next, theoretical result concerning properties of n-colorable graphs is stated and proven From this result we derive graph coloring check-digit scheme Feasibility of proposed scheme increases with the size of the number, which digits are checked and overall probability of errors The check-digit scheme is used to build shares verification method that does not require cooperation of the third party It allows implementing verification structure different from the access structure It does not depend on particular secret sharing method It can be used as long as the secret shares can be represented by numbers or graphs

Perfectly Secure Message Transmission Revisited

Abstract: Achieving secure communications in networks has been one of the most important problems in information technology. Dolev, Dwork, Waarts, and Yung have studied secure message transmission in one-way or two-way channels. They only consider the case when all channels are two-way or all channels are one-way. Goldreich, Goldwasser, and Linial, Franklin and Yung, Franklin and Wright, and Wang and Desmedt have studied secure communication and secure computation in multi-recipient (multicast) models. In a ``multicast channel'' (such as Ethernet), one processor can send the same message--simultaneously and privately--to a fixed subset of processors. In this paper, we shall study necessary and sufficient conditions for achieving secure communications against active adversaries in mixed one-way and two-way channels. We also discuss multicast channels and neighbor network channels.