Book•

# Cryptography and Coding: 8th IMA International Conference Cirencester, UK, December 17-19, 2001 Proceedings

10 Jan 2002-

TL;DR: A Statistical Decoding Algorithm for General Linear Block Codes based on the Undetected Error Probability for Shortened Hamming Codes on Channels with Memory.

Abstract: A Statistical Decoding Algorithm for General Linear Block Codes.- On the Undetected Error Probability for Shortened Hamming Codes on Channels with Memory.- The Complete Weight Enumerator for Codes over M nxs(F q).- Further Improvement of Kumar-Rajagopalan-Sahai Coding Constructions for Blacklisting Problem.- A Simple Soft-Input/Soft-Output Decoder for Hamming Codes.- A Technique with an Information-Theoretic Basis for Protecting Secret Data from Differential Power Attacks.- Key Recovery Attacks on MACs Based on Properties of Cryptographic APIs.- The Exact Security of ECIES in the Generic Group Model.- A New Ultrafast Stream Cipher Design: COS Ciphers.- On Rabin-Type Signatures.- Strong Adaptive Chosen-Ciphertext Attacks with Memory Dump (or: The Importance of the Order of Decryption and Validation).- Majority-Logic-Decodable Cyclic Arithmetic-Modular AN-Codes in 1, 2, and L Steps.- Almost-Certainly Runlength-Limiting Codes.- Weight vs. Magnetization Enumerator for Gallager Codes.- Graph Configurations and Decoding Performance.- A Line Code Construction for the Adder Channel with Rates Higher than Time-Sharing.- The Synthesis of TD-Sequences and Their Application to Multi-functional Communication Systems.- Improvement of the Delsarte Bound for ?-Designs in Finite Polynomial Metric Spaces.- Statistical Properties of Digital Piecewise Linear Chaotic Maps and Their Roles in Cryptography and Pseudo-Random Coding.- The Wide Trail Design Strategy.- Undetachable Threshold Signatures.- Improving Divide and Conquer Attacks against Cryptosystems by Better Error Detection / Correction Strategies.- Key Recovery Scheme Interoperability - A Protocol for Mechanism Negotiation.- Unconditionally Secure Key Agreement Protocol.- An Efficient Stream Cipher Alpha1 for Mobile and Wireless Devices.- Investigation of Linear Codes Possessing Some Extra Properties.- Statistical Physics of Low Density Parity Check Error Correcting Codes.- Generating Large Instances of the Gong-Harn Cryptosystem.- Lattice Attacks on RSA-Encrypted IP and TCP.- Spectrally Bounded Sequences, Codes, and States: Graph Constructions and Entanglement.- Attacking the Affine Parts of SFLASH.- An Identity Based Encryption Scheme Based on Quadratic Residues.- Another Way of Doing RSA Cryptography in Hardware.- Distinguishing TEA from a Random Permutation: Reduced Round Versions of TEA Do Not Have the SAC or Do Not Generate Random Numbers.- A New Search Pattern in Multiple Residue Method (MRM) and Its Importance in the Cryptanalysis of the RSA.- A New Undeniable Signature Scheme Using Smart Cards.- Non-binary Block Inseparable Errors Control Codes.- Cryptanalysis of Nonlinear Filter Generators with (0, 1)-Metric Viterbi Decoding.

##### Citations

More filters

••

29 Apr 2009TL;DR: This paper presents a variant of the concrete instantiation of “BasicIBE” of BGH where the private key consists of a single element of ℤ/Nℤ instead of l elements, and shows that the encryptor can find a random solution to an equation of the above type using only one inversion in ℬ/N ™.

Abstract: In 2001, Cocks presented an elegent Identity Based Encryption (IBE) system based on standard quadratic residuocity problem modulo an RSA composite N. This is the first IBE system that does not use pairings on elliptic curves. Cocks’ IBE, however, requires 2l elements of ℤ/Nℤ and 2l additional bits for an l-bit plaintext. At FOCS’07, Boneh-Gentry-Hamburg (BGH) presented a space-efficient IBE system without pairings thus solving a long standing open problem. The ciphertext length was reduced to just a single element of ℤ/Nℤ plus l + 1 additional bits. However, the encryption time of the concrete instantiation of their IBE is not ideal. The encryptor must solve l + 1 equations of the form $RX^2+SY^2=1\bmod N$ given R,S ∈ ℤ/Nℤ; while the decryptor needs a solution of l of these equations. Solving such equations seems to be the main bottleneck. In this paper we first show that the encryptor can find a random solution to an equation of the above type using only one inversion in ℤ/Nℤ. We then present a variant of the concrete instantiation of “BasicIBE” of BGH where (1) the private key consists of a single element of ℤ/Nℤ instead of l elements; (2) the encryptor needs to solve only $2\lceil \sqrt{\ell}\rceil$ equations of the form $Rx^2+Sy^2=1\bmod N$; (3) the decryptor can decrypt without solving any such equations and (4) the ciphertext size increases from a single element of ℤ/Nℤ to $2\lceil \sqrt{\ell}\rceil$ elements of ℤ/Nℤ.

24 citations

••

TL;DR: This paper presents a number of illustrative experiments performed against small ciphers against linear cryptanalysis and discusses the distance between the so-called practical security approach and the actual theoretical security provided by a given cipher.

Abstract: In this paper, we are concerned with the security of block ciphers against linear cryptanalysis and discuss the distance between the so-called practical security approach and the actual theoretical security provided by a given cipher For this purpose, we present a number of illustrative experiments performed against small (ie computationally tractable) ciphers We compare the linear probability of the best linear characteristic and the actual best linear probability (averaged over all keys) We also test the key equivalence hypothesis Our experiments illustrate both that provable security against linear cryptanalysis is not achieved by present design strategies and the relevance of the practical security approach Finally, we discuss the (im)possibility to derive actual design criteria from the intuitions underlined in these experiments

6 citations

01 Jan 2015

TL;DR: This thesis explores different solutions to improve the efficiency of masking implementations for the AES, and investigates the use of amortization technique to reduce the cost of polynomial masking and proposes a new way to combine Boolean secure multiplications to reduceThe cost ofMasking.

Abstract: Since the late 90's side-channel attacks have been a threat for cryptographic implementations. They use observations of physical features of a device while it computes cryptographic algorithms. These leakages can give information about the key. A common countermeasure against such attacks is masking. The main idea of masking is to randomize the internal state. In consequence an adversary must combine of several leakages to mount the attack. Masking schemes have an impact on the efficiency of the implementations. In this thesis, we explore different solutions to improve the efficiency of masking implementations. Firstly, we explore solutions for masking implementations for the AES. We investigate the use of amortization technique to reduce the cost of polynomial masking. We also propose a new way to combine Boolean secure multiplications to reduce the cost of masking. Next, we focus on the assumptions used for proofs of masking. We show that the use of low entropy masking schemes can ... Document type : Thèse (Dissertation) Référence bibliographique Grosso, Vincent. Towards side-channel secure block ciphers. Prom. : Standaert, François-Xavier Ecole polytechnique de Louvain ICTEAM Institute UCL Crypto Group Towards Side-Channel Secure Block Ciphers

5 citations