Alice and Bob

About: Alice and Bob is a research topic. Over the lifetime, 1082 publications have been published within this topic receiving 27624 citations. The topic is also known as: Alice.

Public Key Encryption with Keyword Search

Abstract: We study the problem of searching on data that is encrypted using a public key system. Consider user Bob who sends email to user Alice encrypted under Alice’s public key. An email gateway wants to test whether the email contains the keyword “urgent” so that it could route the email accordingly. Alice, on the other hand does not wish to give the gateway the ability to decrypt all her messages. We define and construct a mechanism that enables Alice to provide a key to the gateway that enables the gateway to test whether the word “urgent” is a keyword in the email without learning anything else about the email. We refer to this mechanism as Public Key Encryption with keyword Search. As another example, consider a mail server that stores various messages publicly encrypted for Alice by others. Using our mechanism Alice can send the mail server a key that will enable the server to identify all messages containing some specific keyword, but learn nothing else. We define the concept of public key encryption with keyword search and give several constructions.

Secret-key reconciliation by public discussion

Abstract: Assuming that Alice and Bob use a secret noisy channel (modelled by a binary symmetric channel) to send a key, reconciliation is the process of correcting errors between Alice's and Bob's version of the key. This is done by public discussion, which leaks some information about the secret key to an eavesdropper. We show how to construct protocols that leak a minimum amount of information. However this construction cannot be implemented efficiently. If Alice and Bob are willing to reveal an arbitrarily small amount of additional information (beyond the minimum) then they can implement polynomial-time protocols. We also present a more efficient protocol, which leaks an amount of information acceptably close to the minimum possible for sufficiently reliable secret channels (those with probability of any symbol being transmitted incorrectly as large as 15%). This work improves on earlier reconciliation approaches [R, BBR, BBBSS].

Distillation of secret key and entanglement from quantum states

Abstract: We study and solve the problem of distilling a secret key from quantum states representing correlation between two parties (Alice and Bob) and an eavesdropper (Eve) via oneway public discussion: we...

Twenty years of attacks on the rsa cryptosystem

Abstract: Introduction The RSA cryptosystem, invented by Ron Rivest, Adi Shamir, and Len Adleman [18], was first publicized in the August 1977 issue of Scientific American. The cryptosystem is most commonly used for providing privacy and ensuring authenticity of digital data. These days RSA is deployed in many commercial systems. It is used by Web servers and browsers to secure Web traffic, it is used to ensure privacy and authenticity of e-mail, it is used to secure remote login sessions, and it is at the heart of electronic credit card payment systems. In short, RSA is frequently used in applications where security of digital data is a concern. Since its initial publication, the RSA system has been analyzed for vulnerability by many researchers. Although twenty years of research have led to a number of fascinating attacks, none of them is devastating. They mostly illustrate the dangers of improper use of RSA. Indeed, securely implementing RSA is a nontrivial task. Our goal is to survey some of these attacks and describe the underlying mathematical tools they use. Throughout the survey we follow standard naming conventions and use “Alice” and “Bob” to denote two generic parties wishing to communicate with each other. We use “Marvin” to denote a malicious attacker wishing to eavesdrop or tamper with the communication between Alice and Bob. We begin by describing a simplified version of RSA encryption. Let N = pq be the product of two large primes of the same size (n/2 bits each). A typical size for N is n = 1024 bits, i.e., 309 decimal digits. Each of the factors is 512 bits. Let e, d be two integers satisfying ed = 1 mod φ(N) where φ(N) = (p − 1)(q − 1) is the order of the multiplicative group ZN. We call N the RSA modulus, e the encryption exponent, and d the decryption exponent. The pair 〈N, e〉 is the public key. As its name suggests, it is public and is used to encrypt messages. The pair 〈N,d〉 is called the secret key or private key and is known only to the recipient of encrypted messages. The secret key enables decryption of ciphertexts. A message is an integer M ∈ ZN. To encrypt M, one computes C =Me mod N . To decrypt the ciphertext, the legitimate receiver computes Cd mod N. Indeed, Cd =Med =M mod N,

Coin flipping by telephone a protocol for solving impossible problems

Abstract: Alice and Bob want to flip a coin by telephone. (They have just divorced, live in different cities, want to decide who gets the car.) Bob would not like to tell Alice HEADS and hear Alice (at the other end of the line) say "Here goes . . . I'm flipping the coin. . . . You lost!"Coin-flipping in the SPECIAL way done here has a serious purpose. Indeed, it should prove an INDISPENSABLE TOOL of the protocol designer. Whenever a protocol requires one of two adversaries, say Alice, to pick a sequence of bits at random, and whenever it serves Alice's interests best NOT to pick her sequence of bits at random, then coin-flipping (Bob flipping coins to Alice) as defined here achieves the desired goal:1. It GUARANTEES to Bob that Alice will pick her sequence of bits at random. Her bit is 1 if Bob flips heads to her, O otherwise.2. It GUARANTEES to Alice that Bob will not know WHAT sequence of bits he flipped to her.Coin-flipping has already proved useful in solving a number of problems once thought impossible: mental poker, certified mail, and exchange of secrets. It will certainly prove a useful tool in solving other problems as well.