Showing papers in "Journal of Cryptology in 2018"

The impact of marketing innovation on the competitiveness of enterprises in the context of industry 4.0

Abstract: Marketing innovation is identified as a search for creative and new solutions to problems and needs. For businesses to become more competitive and improving their performance, they must constantly develop new products as well as strategies. This paper is based on the research of areas of marketing in the context of Industry 4.0 and its impacts. The implications of digitization are the content of the research presented here. On the basis of the research, a pilot research was carried out among 50 enterprises that present themselves using Industry 4.0. A list of 15 basic tools of marketing innovation was compiled through an evaluation using the content analysis method. Eleven main impacts of marketing innovation which the respondents consider to be important were then generated. These impacts were described and subsequently evaluated using descriptive statistics methods, on the basis of which their importance was empirically verified. The impacts that businesses classed as being most important were: increasing the competitiveness of the company, increasing work productivity and changing the corporate culture. The results of the research showed that there are differences in how impacts are seen by SMEs and by large enterprises. The impacts are rated as most important by enterprises from the automotive industry with a European corporate culture. The research has empirically confirmed that businesses consider the greatest impact of innovative marketing in the context of Industry 4.0 to be the increase in enterprise competitiveness, which was the highest rated impact of the research. The paper has shed fresh light on our current understanding of innovation as a factor in competitiveness.

Stream Ciphers: A Practical Solution for Efficient Homomorphic-Ciphertext Compression

Abstract: In typical applications of homomorphic encryption, the first step consists for Alice of en-crypting some plaintext m under Bob's public key pk and of sending the ciphertext c = HE pk (m) to some third-party evaluator Charlie. This paper specifically considers that first step, i.e. the problem of transmitting c as efficiently as possible from Alice to Charlie. As others suggested before, a form of compression is achieved using hybrid encryption. Given a symmetric encryption scheme E, Alice picks a random key k and sends a much smaller ciphertext c = (HE pk (k), E k (m)) that Charlie decompresses homomorphically into the original c using a decryption circuit C E −1. In this paper, we revisit that paradigm in light of its concrete implementation constraints; in particular E is chosen to be an additive IV-based stream cipher. We investigate the performances offered in this context by Trivium, which belongs to the eSTREAM portfolio, and we also propose a variant with 128-bit security: Kreyvium. We show that Trivium, whose security has been firmly established for over a decade, and the new variant Kreyvium have excellent performance. We also describe a second construction, based on exponentiation in binary fields, which is impractical but sets the lowest depth record to 8 for 128-bit security.

Review and comparison of conceptual frameworks on digital business transformation

Abstract: This paper applies an academic approach in assessing various conceptual and theoretical frameworks considered relevant to the subject of digital business transformation and that contribute to increasing the general understanding of the subject. A review and comparison of several conceptual and theoretical frameworks that were identified to be relevant to the subject of digital business transformation was conducted with the aim of assessing their suitability and robustness in addressing the subject, which is gaining prominence as a pathway for achieving and maintaining competitiveness for businesses as digital technologies continue to shape and transform the business landscape. The background information required for the comparison of the frameworks was obtained after a comprehensive review of each of the frameworks, and based on the insights obtained following the review, their relevance and applicability to the subject of digital business transformation was determined. A qualitative approach was adopted in conducting desk research using reputable business and scientific data sources. The output of the literature search was narrowed down by applying elimination parameters that ensured only relevant articles and journals were included in the final comparison of literatures that contained relevant conceptual and theoretical frameworks. The research established that there is a lack of alignment between industrybased research and academic-based research on the subject of digital business transformation. The research findings and agenda of the study have important implications for organisational transformation as it relates to digital technologies and their transformative effects on industry segments and organisational structures through digitalisation.

Business environment quality index in the SME segment

Abstract: The aim of this paper was to define and quantify significant factors that shape the quality of the business environment in the SME segment and to create the business environment quality index. A part of this aim was a comparison of defined factors in the Czech Republic (CR) and the Slovak Republic (SR). In regards to the aim defined, a survey-based research was conducted with enterprises operating in the SME segment. 312 enterprises in CR and 329 enterprises in SR were approached during this research. To verify the defined scientific hypotheses, a custom Business Environment Quality Index was created that was quantified separately for CR and SR. The research results brought interesting findings. The aggregated Business Environment Quality Index in the Slovak Republic reached the value of 0.460, which was higher than that of the Czech Republic (0.418). Slovak entrepreneurs gave the economic factors a higher rating than Czech entrepreneurs. Similarly, Slovak entrepreneurs rated the importance of the Central Bank in establishing a stable business environment and the role of commercial banks in financing business needs more positively. The evaluation of political factors is relatively negative in both countries. Slovak entrepreneurs evaluated more positively the judicial system in the area of commercial law, the state’s influence on the business environment, and the administrative burden on enterprises. Czech entrepreneurs had a minor issue with the state bureaucracy’s impact on the business environment. The evaluation of technological factors is relatively negative in both countries, as the value of this index is slightly below 0.250. Slovak entrepreneurs better assessed the situation on the job market and the cooperation of the public sector with the business environment. On the contrary, Czech entrepreneurs gave the infrastructure level in the area of research and development a better rating. The evaluation of social factors is relatively positive in both countries. Entrepreneurs in the Slovak Republic perceive a more positive attitude of the society towards entrepreneurs and a more intense influence of the family on entrepreneurship, and positively evaluate media’s activities in regards to the business environment. The evaluation of the competitive environment is more positive in Slovakia. When evaluating the narrower competitive environment, it was discovered that Slovak entrepreneurs think that customers, suppliers, and employees play a positive role in their business.

The impact of innovation performance on the competitiveness of the visegrad 4 countries

Abstract: The economic development of world economies accompanied by their growing openness and stronger integration processes put pressure on mutual confrontation of their economic power based on its determinant sources. International comparison requires determining a complex of factors that affect the success of developed economies; factors that, given their multiplier effects, influence the social productivity of labor in a country and create a competitive advantage in an international comparison. A key factor of the states’ increasing competitiveness is assumed to be the innovation performance of enterprises, which is projected through innovative business processes into the innovation performance of the economy as a whole. This paper determines the impact of their innovation performance on their international competitiveness position observed by the Global Economic Forum based on the Global Competitiveness Index (GCI). To assess the impact, the following economic-statistical methods were used: comparative and correlation analyses and logical deduction. Data from the World Economic Forum (WEF), European Innovation Scoreboard (EIS), and Eurostat database were used to process the assessment. The results of the research have led to the conclusion that the Visegrad 4 (V4) countries as transition economies in terms of their economic development are quite similar, but in the ranking of global competitiveness, their position varies depending on the innovative performance. The Czech economy is the best performing of the four, while the worst indicators are attributed to the economies of Slovakia and Hungary. The economy of Poland has a relatively balanced development. The results of these analyses have led to the creation of a discussion platform focused on the evaluation of the innovation potential status and its determinants in Slovakia, with the aim of pointing out critical areas in the country’s competitiveness growth on an international scale.

Asymptotically Efficient Lattice-Based Digital Signatures

Abstract: We present a general framework that converts certain types of linear collision-resistant hash functions into one-time signatures. Our generic construction can be instantiated based on both general and ideal (e.g., cyclic) lattices, and the resulting signature schemes are provably secure based on the worst-case hardness of approximating the shortest vector (and other standard lattice problems) in the corresponding class of lattices to within a polynomial factor. When instantiated with ideal lattices, the time complexity of the signing and verification algorithms, as well as key and signature size, is almost linear (up to poly-logarithmic factors) in the dimension n of the underlying lattice. Since no sub-exponential (in n) time algorithm is known to solve lattice problems in the worst case, even when restricted to ideal lattices, our construction gives a digital signature scheme with an essentially optimal performance/security trade-off.

Making the Impossible Possible

Abstract: This paper introduces new techniques and correct complexity analyses for impossible differential cryptanalysis, a powerful block cipher attack. We show how the key schedule of a cipher impacts an impossible differential attack, and we provide a new formula for the time complexity analysis that takes this parameter into account. Further, we show, for the first time, that the technique of multiple differentials can be applied to impossible differential attacks. Then, we demonstrate how this technique can be combined in practice with multiple impossible differentials or with the so-called state-test technique. To support our proposal, we implemented the above techniques on small-scale ciphers and verified their efficiency and accuracy in practice. We apply our techniques to the cryptanalysis of ciphers including AES-128, CRYPTON-128, ARIA-128, CLEFIA-128, Camellia-256 and LBlock. All of our attacks significantly improve previous impossible differential attacks and generally achieve the best memory complexity among all previous attacks against these ciphers.

Function-Private Functional Encryption in the Private-Key Setting

Abstract: Functional encryption supports restricted decryption keys that allow users to learn specific functions of the encrypted messages. Although the vast majority of research on functional encryption has so far focused on the privacy of the encrypted messages, in many realistic scenarios it is crucial to offer privacy also for the functions for which decryption keys are provided. Whereas function privacy is inherently limited in the public-key setting, in the private-key setting it has a tremendous potential. Specifically, one can hope to construct schemes where encryptions of messages $$\mathsf{m}_1, \ldots , \mathsf{m}_T$$ together with decryption keys corresponding to functions $$f_1, \ldots , f_T$$ , reveal essentially no information other than the values $$\{ f_i(\mathsf{m}_j)\}_{i,j\in [T]}$$ . Despite its great potential, the known function-private private-key schemes either support rather limited families of functions (such as inner products) or offer somewhat weak notions of function privacy. We present a generic transformation that yields a function-private functional encryption scheme, starting with any non-function-private scheme for a sufficiently rich function class. Our transformation preserves the message privacy of the underlying scheme and can be instantiated using a variety of existing schemes. Plugging in known constructions of functional encryption schemes, we obtain function-private schemes based either on the learning with errors assumption, on obfuscation assumptions, on simple multilinear-maps assumptions, and even on the existence of any one-way function (offering various trade-offs between security and efficiency).

The Dependence of Perceived Business Risks on the Size of SMEs

Abstract: The issues of risk management in small and medium-sized enterprises (SMEs) have been analysed and discussed for a long time. Nevertheless, it is still necessary to concentrate on this field, especially in the Slovak Republic. SMEs are very sensitive to changes in the business environment which are always reflected in the quantitative characteristics of this sector in a certain time interval. According to various global surveys and studies, risk management represents a significant contribution to the increasing competitiveness of enterprises in changes of the business environment. The aim of this paper is to statistically assess the dependence of perceived key business risks of SMEs on their size in Slovakia based on own empirical research carried out in 2017. The contribution also includes an assessment of key risk sources and an evaluation of the survey results compared to the results of surveys taken last year. Based on the results, market, financial, economic and personnel risks comprise the four most important risks that negatively affect the business environment of SMEs. Dependence perceived by the SME entrepreneurs was found among market factors, personnel risks, and business size. No dependence was found among the financial, economic and business risks. The overall results of the empirical research point to the need and importance of addressing the assessment of key risks and their resources in SMEs in Slovakia. The goal of the paper is to highlight through a relevant study the need to apply risk management in the SMEs and to bring the results of the research in Slovakia closer to world trends.

Fast Garbling of Circuits Under Standard Assumptions

Abstract: Protocols for secure computation enable mutually distrustful parties to jointly compute on their private inputs without revealing anything, but the result. Over recent years, secure computation has become practical and considerable effort has been made to make it more and more efficient. A highly important tool in the design of two-party protocols is Yao’s garbled circuit construction (Yao 1986), and multiple optimizations on this primitive have led to performance improvements in orders of magnitude over the last years. However, many of these improvements come at the price of making very strong assumptions on the underlying cryptographic primitives being used (e.g., that AES is secure for related keys, that it is circular-secure, and even that it behaves like a random permutation when keyed with a public fixed key). The justification behind making these strong assumptions has been that otherwise it is not possible to achieve fast garbling and thus fast secure computation. In this paper, we take a step back and examine whether it is really the case that such strong assumptions are needed. We provide new methods for garbling that are secure solely under the assumption that the primitive used (e.g., AES) is a pseudorandom function. Our results show that in many cases, the penalty incurred is not significant, and so a more conservative approach to the assumptions being used can be adopted.

Multi-input Functional Encryption in the Private-Key Setting: Stronger Security from Weaker Assumptions

Abstract: We construct a general-purpose multi-input functional encryption scheme in the private-key setting. Namely, we construct a scheme where a functional key corresponding to a function f enables a user holding encryptions of $$x_1, \ldots , x_t$$ to compute $$f(x_1, \ldots , x_t)$$ but nothing else. This is achieved starting from any general-purpose private-key single-input scheme (without any additional assumptions) and is proven to be adaptively secure for any constant number of inputs t. Moreover, it can be extended to a super-constant number of inputs assuming that the underlying single-input scheme is sub-exponentially secure. Instantiating our construction with existing single-input schemes, we obtain multi-input schemes that are based on a variety of assumptions (such as indistinguishability obfuscation, multilinear maps, learning with errors, and even one-way functions), offering various trade-offs between security assumptions and functionality. Previous and concurrent constructions of multi-input functional encryption schemes either rely on stronger assumptions and provided weaker security guarantees (Goldwasser et al. in Advances in cryptology—EUROCRYPT, 2014; Ananth and Jain in Advances in cryptology—CRYPTO, 2015), or relied on multilinear maps and could be proven secure only in an idealized generic model (Boneh et al. in Advances in cryptology—EUROCRYPT, 2015). In comparison, we present a general transformation that simultaneously relies on weaker assumptions and guarantees stronger security.

Improved Security Proofs in Lattice-Based Cryptography: Using the Rényi Divergence Rather than the Statistical Distance

Abstract: The Renyi divergence is a measure of closeness of two probability distributions. We show that it can often be used as an alternative to the statistical distance in security proofs for lattice-based cryptography. Using the Renyi divergence is particularly suited for security proofs of primitives in which the attacker is required to solve a search problem (e.g., forging a signature). We show that it may also be used in the case of distinguishing problems (e.g., semantic security of encryption schemes), when they enjoy a public sampleability property. The techniques lead to security proofs for schemes with smaller parameters, and sometimes to simpler security proofs than the existing ones.

The Effects of Economic Policy Uncertainty on Outbound Travel Expenditures

Abstract: Tourism has been one of the fastest growing industries and it makes important contributions on economies. Based on this, the literature aims to determine the factors affecting tourism demand behavior. In this paper, we analyze the effect of economic policy uncertainty (EPU) on both total and personal outbound travel expenditures in the panel data of 17 developed and developing countries. This is the first paper to examine the impact of EPU on travel expenditures within a tourism demand framework. By using the fixed-effects and the Least Square Dummy Variable (LSDV) estimation techniques, we find that an increase in the level of uncertainty decreases travel expenditures. Our findings imply that when people experience an increase in uncertaintyrelated economic policies, they tend to decrease their expenditures abroad. On average, a one standard deviation rise in EPU leads to a 3% and a 6% decrease in the total and personal travel expenditures. We also find that the effect of EPU on travel expenditures is higher in developing economies compared to developed countries. The empirical results in this paper suggest that governments should realize the suppressing effect of uncertainties about their economic policies on tourism demand.

Optimal Security Proofs for Full Domain Hash, Revisited

Abstract: RSA Full Domain Hash (RSA-FDH) is a digital signature scheme, secure against chosen message attacks in the random oracle model. The best known security reduction from the RSA assumption is non-tight, i.e., it loses a factor of $$q_s$$ , where $$q_s$$ is the number of signature queries made by the adversary. It was furthermore proven by Coron (Advances in cryptology—EUROCRYPT 2002, Lecture notes in computer science, vol 2332. Springer, Berlin, pp 272–287, 2002) that a security loss of $$q_s$$ is optimal and cannot possibly be improved. In this work, we uncover a subtle flaw in Coron’s impossibility result. Concretely, we show that it only holds if the underlying trapdoor permutation is certified. Since it is well known that the RSA trapdoor permutation is (for all practical parameters) not certified, this renders Coron’s impossibility result moot for RSA-FDH. Motivated by this, we revisit the question whether there is a tight security proof for RSA-FDH. Concretely, we give a new tight security reduction from a stronger assumption, the Phi-Hiding assumption introduced by Cachin et al. (Advances in Cryptology—EUROCRYPT’99. Lecture notes in computer science, vol 1592. Springer, Berlin, pp 402–414, 1999). This justifies the choice of smaller parameters in RSA-FDH, as it is commonly used in practice. All of our results (positive and negative) extend to the probabilistic signature scheme PSS (with message recovery).

Trade Credit and Bank Finance – Evidence from the Visegrad Group

Abstract: Internal Grant Agency of FaME TBU: Financial Constraints on Economic Activities [IGA/FaME/2017/010]

The Impact of R&D Expenditure on the Development of Global Competitiveness within the CEE EU Countries

Abstract: This paper examines the relations between the R&D expenditure and the global competitiveness development in the case of Slovakia as well as in member states of the European Union from Central and Eastern Europe (CEE EU (11)). To assess the competitiveness of CEE EU (11) member states, we used the Global Competitiveness Index (GCI) processed by the World Economic Forum (WEF). By using the correlation analysis, we focused on the detection of interrelations between the R&D expenditure height (per capita) (using five variables of GERD) and values of the overall GCI score as well as its three main subindexes in the case of CEE EU (11) countries over the period of 2007 – 2016. In doing so, we determined that an increase in R&D expenditures can significantly contribute to an increase in the CEE EU (11) countries’ competitiveness level. All performed analyses confirmed that it is important to focus on increasing R&D expenditures, especially in the higher education sector, as it has a significant influence on improving the global competitiveness development of the CEE EU (11) countries in the case of the 1st and 3rd GCI subindexes. In the end, it will be also reflected in the overall competitiveness assessment of this group of countries.

Efficient Slide Attacks

Abstract: The slide attack, presented by Biryukov and Wagner, has already become a classical tool in cryptanalysis of block ciphers. While it was used to mount practical attacks on a few cryptosystems, its practical applicability is limited, as typically, its time complexity is lower bounded by $$2^n$$ (where n is the block size). There are only a few known scenarios in which the slide attack performs better than the $$2^n$$ bound. In this paper, we concentrate on efficient slide attacks, whose time complexity is less than $$2^n$$ . We present a number of new attacks that apply in scenarios in which previously known slide attacks are either inapplicable, or require at least $$2^n$$ operations. In particular, we present the first known slide attack on a Feistel construction with a 3-round self-similarity, and an attack with practical time complexity of $$2^{40}$$ on a 128-bit key variant of the GOST block cipher with unknown S-boxes. The best previously known attack on the same variant, with known S-boxes (by Courtois), has time complexity of $$2^{91}$$ .

How Many Queries are Needed to Distinguish a Truncated Random Permutation from a Random Function

Abstract: An oracle chooses a function f from the set of n bits strings to itself, which is either a randomly chosen permutation or a randomly chosen function. When queried by an n-bit string w, the oracle computes f(w), truncates the m last bits, and returns only the first \(n-m\) bits of f(w). How many queries does a querying adversary need to submit in order to distinguish the truncated permutation from the (truncated) function? In Hall et al. (Building PRFs from PRPs, Springer, Berlin, 1998) showed an algorithm for determining (with high probability) whether or not f is a permutation, using \(O(2^{\frac{m+n}{2}})\) queries. They also showed that if \(m n/7\), their method gives a weaker bound. In this note, we first show how a modification of the approximation method used by Hall et al. can solve the problem completely. It extends the result to practically any m, showing that \(\varOmega (2^{\frac{m+n}{2}})\) queries are needed to get a non-negligible distinguishing advantage. However, more surprisingly, a better bound for the distinguishing advantage, which we can write, in a simplified form, as \(O\left( \min \left\{ \frac{q^2}{2^n},\,\frac{q}{2^{\frac{n+m}{2}}},\,1\right\} \right) ,\) can be obtained from a result of Stam published, in a different context, already in 1978. We also show that, at least in some cases, this bound is tight.

Customer Loyalty and Integrated Marketing Communications among Subscribers of Telecommunication Firms in Lagos Metropolis, Nigeria

Abstract: Strategies for improving customer loyalty are a sine qua non for attracting new customers and retaining old ones in order to improve firms’ sustainable competitiveness. However, choice of marketing communication mix would differ between firms and across industries. This study examines the influence of integrated marketing communications (IMC) dimensions on customer loyalty to mobile telecommunication service among competing firms in telecommunication service industry. Using cross-sectional survey research design, multistage sampling procedure (stratified, quota and simple random) sampling techniques, data was collected from 150 respondents out of which n = 134 copies of the retrieved questionnaires. The data was analysed using descriptive and inferential statistics (correlation and regression), while hypotheses were tested using the analysis of variance (ANOVA). The results show a significant relationship between customer loyalty and direct marketing (r = .375**); publicity (r = .514**); sales promotion (r = .470**) and advertising r = .562**) respectively. The multiple regression result indicates R2 value of .483, meaning that integrated marketing communication dimensions accounted for 48.3% variance in customer loyalty. The study therefore recommends IMC as a strategic tool for targeting subscribers to patronize and retain them with a mobile telecom service provider for a long time. It further suggests that managers in the industry should prioritize their strategies on the basis of IMC dimension that makes the greatest contribution to the criterion of interest, with beta and high coefficient in their budgetary allocation for the optimal promotional mix to achieve the organisational goal both in short and long-run.

Practical Homomorphic Message Authenticators for Arithmetic Circuits

Abstract: Homomorphic message authenticators allow the holder of a (public) evaluation key to perform computations over previously authenticated data, in such a way that the produced tag $$\sigma $$ź can be used to certify the authenticity of the computation. More precisely, a user, knowing the secret key $$\mathsf{sk}$$sk used to authenticate the original data, can verify that $$\sigma $$ź authenticates the correct output of the computation. This primitive has been recently formalized by Gennaro and Wichs, who also showed how to realize it from fully homomorphic encryption. In this paper, we show new constructions of this primitive that, while supporting a smaller set of functionalities (i.e., polynomially bounded arithmetic circuits as opposite to boolean ones), are much more efficient and easy to implement. Moreover, our schemes can tolerate any number of (malicious) verification queries. Our first construction relies on the sole assumption that one-way functions exist, allows for arbitrary composition (i.e., outputs of previously authenticated computations can be used as inputs for new ones) but has the drawback that the size of the produced tags grows with the degree of the circuit. Our second solution, relying on the D-Diffie-Hellman Inversion assumption, offers somewhat orthogonal features as it allows for very short tags (one single group element!) but poses some restrictions on the composition side.

Long-term competitiveness based on value added measures as part of highly professionalized corporate governance management of german dax 30 corporations

Abstract: This paper shows how long-term value added driven competitiveness is widely adopted by German DAX 30 corporations and how it can be measured. It explains and shows how different measures such as shareholder value, economic value added (EVA), return on capital employed (ROCE), return on equity (ROE) and others are calculated and how they correlate to show longterm value added and, therefore, competitive differentiation. As part of the highly professionalized corporate governance approach, the German Corporate Governance Codex (Regierungskommision Deutscher Corporate Governance Kodex, 2015) asks for “sustainable creation of value”. The analyses of 2015 and 2016 annual reports of all 30 corporations state that 80% of the firms show financially relevant value added data and as such measurable competitive advantage on the long run. The paper focuses on which measures are used to quantify the competitive value addition and then shows how EVA or company specific EVA-like measures in addition to ROCE are the most used ones. Furthermore, the paper shows that ROCE with a factor of 0.97 in 2015 and 0.74 in 2016 correlates best with EVA and, in absence of an EVA calculation, is the best measure to represent value creation as a competitive differentiator. The results can be useful to strengthen competitiveness for policymakers both in non-profit and for-profit social economy entities.

Minimizing the Two-Round Even-Mansour Cipher

Abstract: The r-round (iterated) Even-Mansour cipher (also known as key-alternating cipher) defines a block cipher from r fixed public n-bit permutations P1,…,P r as follows: given a sequence of n-bit round keys k0,…,k r , an n-bit plaintext x is encrypted by xoring round key k0, applying permutation P1, xoring round key k1, etc. The (strong) pseudorandomness of this construction in the random permutation model (i.e., when the permutations P1,…,P r are public random permutation oracles that the adversary can query in a black-box way) was studied in a number of recent papers, culminating with the work of Chen and Steinberger (EUROCRYPT 2014), who proved that the r-round Even-Mansour cipher is indistinguishable from a truly random permutation up to \( \mathcal{O} (2^{\frac{rn}{r+1}})\) queries of any adaptive adversary (which is an optimal security bound since it matches a simple distinguishing attack). All results in this entire line of work share the common restriction that they only hold under the assumption that the round keys k0,…,k r and the permutations P1,…,P r are independent. In particular, for two rounds, the current state of knowledge is that the block cipher E(x) = k2 ⊕ P2(k1 ⊕ P1(k0 ⊕ x)) is provably secure up to \( \mathcal{O} (2^{2n/3})\) queries of the adversary, when k0, k1, and k2 are three independent n-bit keys, and P1 and P2 are two independent random n-bit permutations. In this paper, we ask whether one can obtain a similar bound for the two-round Even-Mansour cipher from just one n-bit key and one n-bit permutation. Our answer is positive: when the three n-bit round keys k0, k1, and k2 are adequately derived from an n-bit master key k, and the same permutation P is used in place of P1 and P2, we prove a qualitatively similar \( \widetilde{ \mathcal{O} } (2^{2n/3})\) security bound (in the random permutation model). To the best of our knowledge, this is the first “beyond the birthday bound” security result for AES-like ciphers that does not assume independent round keys.

The Impact of Ecological Regulations and Management on National Competitiveness in the Balkan States

Abstract: The object of this research is to describe the impact that ecological regulations and management have on the national competitiveness in the Balkan states. The thesis of the present article is that increasing regulation along with the development of ecological sustainability will lead to higher competitiveness in the Balkan states of Albania, Bulgaria, Greece, Romania, Croatia and Serbia. The effect of basic ecological regulations and management will be shown and analysed both in the region as a whole as well as on a state-by-state basis in terms of national competitiveness, with the correlation between the ecological regulation and competitiveness measured. The time frame reflected is from 2013 to 2017, and a Pearson linear correlation will be applied. In a summary and conclusion, we shall show that regulation plays a prominent role both in reaching ecological sustainability, as well as in the positive development of the Balkan states’ competitiveness.

Using crowdsourcing to support civic engagement in strategic urban development planning: A case study of Ostrava, Czech Republic

Abstract: Recently, advances in Information and Communication Technologies (ICTs) have provided opportunities for governments to deploy e-participation to actively engage citizens in public policymaking processes. As often noted, the development towards e-participation not only transforms the nature of government interactions with citizens but also affects the efficiency and effectiveness of public services and thus fosters competitiveness. Crowdsourcing is one mechanism of undertaking e-participation. It is a method for harnessing the collective intelligence of online communities to solve specific problems or produce goods, which has proved to be a successful supplemental public participation tool for city governance, as a way to engage citizens in the process of urban planning. This paper highlights how crowdsourcing can overcome the limitations in a traditional urban planning process. Using Ostrava, Czech Republic as a case study, this paper explores how city government engages citizens in creating the strategic urban development plan. The results show how crowdsourcing contributes to better civic engagement, improves citizens’ perceptions of their city, and thus helps to find ways to encourage the competitiveness of the city of Ostrava, which is facing the problem of depopulation.

Key-Recovery Attacks on ASASA

Abstract: The $$\mathsf {ASASA}$$ construction is a new design scheme introduced at Asiacrypt 2014 by Biryukov, Bouillaguet and Khovratovich. Its versatility was illustrated by building two public-key encryption schemes, a secret-key scheme, as well as super S-box subcomponents of a white-box scheme. However, one of the two public-key cryptosystems was recently broken at Crypto 2015 by Gilbert, Plut and Treger. As our main contribution, we propose a new algebraic key-recovery attack able to break at once the secret-key scheme as well as the remaining public-key scheme, in time complexity $$2^{63}$$ and $$2^{39}$$ , respectively (the security parameter is 128 bits in both cases). Furthermore, we present a second attack of independent interest on the same public-key scheme, which heuristically reduces the problem of breaking the scheme to an $$\mathsf {LPN}$$ instance with tractable parameters. This allows key recovery in time complexity $$2^{56}$$ . Finally, as a side result, we outline a very efficient heuristic attack on the white-box scheme, which breaks instances claiming 64 bits of security under one minute on a laptop computer.

On Constructing One-Way Permutations from Indistinguishability Obfuscation

Abstract: We prove that there is no black-box construction of a one-way permutation family from a one-way function and an indistinguishability obfuscator for the class of all oracle-aided circuits, where the construction is “domain invariant” (i.e., where each permutation may have its own domain, but these domains are independent of the underlying building blocks). Following the framework of Asharov and Segev (FOCS ’15), by considering indistinguishability obfuscation for oracle-aided circuits we capture the common techniques that have been used so far in constructions based on indistinguishability obfuscation. These include, in particular, non-black-box techniques such as the punctured programming approach of Sahai and Waters (STOC ’14) and its variants, as well as sub-exponential security assumptions. For example, we fully capture the construction of a trapdoor permutation family from a one-way function and an indistinguishability obfuscator due to Bitansky, Paneth, and Wichs (TCC ’16). Their construction is not domain invariant, and our result shows that this, somewhat undesirable property, is unavoidable using the common techniques. In fact, we observe that constructions which are not domain invariant circumvent all known negative results for constructing one-way permutations based on one-way functions, starting with Rudich’s seminal work (PhD thesis ’88). We revisit this classic and fundamental problem and resolve this somewhat surprising gap by ruling out all such black-box constructions—even those that are not domain invariant.

Everlasting Multi-party Computation

Abstract: A protocol has everlasting security if it is secure against adversaries that are computationally unlimited after the protocol execution. This models the fact that we cannot predict which cryptographic schemes will be broken, say, several decades after the protocol execution. In classical cryptography, everlasting security is difficult to achieve: even using trusted setup like common reference strings or signature cards, many tasks such as secure communication and oblivious transfer cannot be achieved with everlasting security. An analogous result in the quantum setting excludes protocols based on common reference strings, but not protocols using a signature card. We define a variant of the Universal Composability framework, everlasting quantum-UC, and show that in this model, we can implement secure communication and general multi-party computation using signature cards as trusted setup.