Showing papers on "Cryptography published in 2011"

Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization

Abstract: We present a new methodology for realizing Ciphertext-Policy Attribute Encryption (CP-ABE) under concrete and noninteractive cryptographic assumptions in the standard model Our solutions allow any encryptor to specify access control in terms of any access formula over the attributes in the system In our most efficient system, ciphertext size, encryption, and decryption time scales linearly with the complexity of the access formula The only previous work to achieve these parameters was limited to a proof in the generic group model We present three constructions within our framework Our first system is proven selectively secure under a assumption that we call the decisional Parallel Bilinear Diffie-Hellman Exponent (PBDHE) assumption which can be viewed as a generalization of the BDHE assumption Our next two constructions provide performance tradeoffs to achieve provable security respectively under the (weaker) decisional Bilinear-Diffie-Hellman Exponent and decisional Bilinear Diffie-Hellman assumptions

Fully homomorphic encryption from ring-LWE and security for key dependent messages

Abstract: We present a somewhat homomorphic encryption scheme that is both very simple to describe and analyze, and whose security (quantumly) reduces to the worst-case hardness of problems on ideal lattices. We then transform it into a fully homomorphic encryption scheme using standard "squashing" and "bootstrapping" techniques introduced by Gentry (STOC 2009). One of the obstacles in going from "somewhat" to full homomorphism is the requirement that the somewhat homomorphic scheme be circular secure, namely, the scheme can be used to securely encrypt its own secret key. For all known somewhat homomorphic encryption schemes, this requirement was not known to be achievable under any cryptographic assumption, and had to be explicitly assumed. We take a step forward towards removing this additional assumption by proving that our scheme is in fact secure when encrypting polynomial functions of the secret key. Our scheme is based on the ring learning with errors (RLWE) assumption that was recently introduced by Lyubashevsky, Peikert and Regev (Eurocrypt 2010). The RLWE assumption is reducible to worstcase problems on ideal lattices, and allows us to completely abstract out the lattice interpretation, resulting in an extremely simple scheme. For example, our secret key is s, and our public key is (a, b = as+2e), where s, a, e are all degree (n - 1) integer polynomials whose coefficients are independently drawn from easy to sample distributions.

Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems

Abstract: Some of the most challenging issues in data outsourcing scenario are the enforcement of authorization policies and the support of policy updates. Ciphertext-policy attribute-based encryption is a promising cryptographic solution to these issues for enforcing access control policies defined by a data owner on outsourced data. However, the problem of applying the attribute-based encryption in an outsourced architecture introduces several challenges with regard to the attribute and user revocation. In this paper, we propose an access control mechanism using ciphertext-policy attribute-based encryption to enforce access control policies with efficient attribute and user revocation capability. The fine-grained access control can be achieved by dual encryption mechanism which takes advantage of the attribute-based encryption and selective group key distribution in each attribute group. We demonstrate how to apply the proposed mechanism to securely manage the outsourced data. The analysis results indicate that the proposed scheme is efficient and secure in the data outsourcing systems.

Secret-sharing schemes: a survey

Abstract: A secret-sharing scheme is a method by which a dealer distributes shares to parties such that only authorized subsets of parties can reconstruct the secret. Secret-sharing schemes are an important tool in cryptography and they are used as a building box in many secure protocols, e.g., general protocol for multiparty computation, Byzantine agreement, threshold cryptography, access control, attribute-based encryption, and generalized oblivious transfer. In this survey, we describe the most important constructions of secret-sharing schemes; in particular, we explain the connections between secret-sharing schemes and monotone formulae and monotone span programs. We then discuss the main problem with known secret-sharing schemes - the large share size, which is exponential in the number of parties. We conjecture that this is unavoidable. We present the known lower bounds on the share size. These lower bounds are fairly weak and there is a big gap between the lower and upper bounds. For linear secret-sharing schemes, which is a class of schemes based on linear algebra that contains most known schemes, super-polynomial lower bounds on the share size are known. We describe the proofs of these lower bounds. We also present two results connecting secret-sharing schemes for a Hamiltonian access structure to the NP vs. coNP problem and to a major open problem in cryptography - constructing oblivious-transfer protocols from one-way functions.

Introduction to differential power analysis

Abstract: The power consumed by a circuit varies according to the activity of its individual transistors and other components As a result, measurements of the power used by actual computers or microchips contain information about the operations being performed and the data being processed Cryptographic designs have traditionally assumed that secrets are manipulated in environments that expose no information beyond the specified inputs and outputs This paper examines how information leaked through power consumption and other side channels can be analyzed to extract secret keys from a wide range of devices The attacks are practical, non-invasive, and highly effective—even against complex and noisy systems where cryptographic computations account for only a small fraction of the overall power consumption We also introduce approaches for preventing DPA attacks and for building cryptosystems that remain secure even when implemented in hardware that leaks

jPBC: Java pairing based cryptography

Abstract: It has been recently discovered that some cyclic groups that could be used in Cryptography admit a special bilinear pairing map that introduces extra structure to the group. Bilinear pairing maps were first used to break cryptosystems (see, for example, [1], [2], [3]) and later it was realized that the extra structure could be exploited to build cryptosystems with extra properties. Boneh and Franklins identity-based encryption scheme [4] is the most famous early example of what could be achieved using bilinear maps. After that, a plethora of cryptosystems have been designed using bilinear maps. No full and freely available implementation of pairing based cryptography was available until this work. Recent proposals [13], [14], [15] fall short of this goal as either their source code is not available or because they support a limited range of elliptic curve. Moreover, neither one of [13], [14], [15] implements preprocessing that is crucial to reduce the computation time. In this work, we present jPBC a Java port of the PBC library written in C [24], [25]. jPBC provides a full ecosystem of interfaces and classes to simplify the use of the bilinear maps even for a non-cryptographer. jPBC supports different types of elliptic curves, preprocessing which can speedup the computation significantly and it is ready for the mobile world. Moreover a benchmark comparison between jPBC and PBC has been performed to measure the gap between the two libraries. Furthermore jPBC has been benchmarked on different Android mobile platforms.

A new chaos-based fast image encryption algorithm

Abstract: In recent years, various image encryption algorithms based on the permutation-diffusion architecture have been proposed where, however, permutation and diffusion are considered as two separate stages, both requiring image-scanning to obtain pixel values. If these two stages are combined, the duplicated scanning effort can be reduced and the encryption can be accelerated. In this paper, a fast image encryption algorithm with combined permutation and diffusion is proposed. First, the image is partitioned into blocks of pixels. Then, spatiotemporal chaos is employed to shuffle the blocks and, at the same time, to change the pixel values. Meanwhile, an efficient method for generating pseudorandom numbers from spatiotemporal chaos is suggested, which further increases the encryption speed. Theoretical analyses and computer simulations both confirm that the new algorithm has high security and is very fast for practical image encryption.

Cache Games -- Bringing Access-Based Cache Attacks on AES to Practice

Abstract: Side channel attacks on cryptographic systems exploit information gained from physical implementations rather than theoretical weaknesses of a scheme. In recent years, major achievements were made for the class of so called access-driven cache attacks. Such attacks exploit the leakage of the memory locations accessed by a victim process. In this paper we consider the AES block cipher and present an attack which is capable of recovering the full secret key in almost real time for AES-128, requiring only a very limited number of observed encryptions. Unlike previous attacks, we do not require any information about the plaintext (such as its distribution, etc.). Moreover, for the first time, we also show how the plaintext can be recovered without having access to the cipher text at all. It is the first working attack on AES implementations using compressed tables. There, no efficient techniques to identify the beginning of AES rounds is known, which is the fundamental assumption underlying previous attacks. We have a fully working implementation of our attack which is able to recover AES keys after observing as little as 100 encryptions. It works against the OpenS SL 0.9.8n implementation of AES on Linux systems. Our spy process does not require any special privileges beyond those of a standard Linux user. A contribution of probably independent interest is a denial of service attack on the task scheduler of current Linux systems (CFS), which allows one to observe (on average) every single memory access of a victim process.

Order-preserving encryption revisited: improved security analysis and alternative solutions

Abstract: We further the study of order-preserving symmetric encryption (OPE), a primitive for allowing efficient range queries on encrypted data, recently initiated (from a cryptographic perspective) by Boldyreva et al. (Eurocrypt'09). First, we address the open problem of characterizing what encryption via a random order-preserving function (ROPF) leaks about underlying data (ROPF being the "ideal object" in the security definition, POPF, satisfied by their scheme.) In particular, we show that, for a database of randomly distributed plaintexts and appropriate choice of parameters, ROPF encryption leaks neither the precise value of any plaintext nor the precise distance between any two of them. The analysis here is quite technically non-trivial and introduces useful new techniques. On the other hand, we also show that ROPF encryption does leak both the value of any plaintext as well as the distance between any two plaintexts to within a range of possibilities roughly the square root of the domain size. We then study schemes that are not order-preserving, but which nevertheless allow efficient range queries and achieve security notions stronger than POPF. In a setting where the entire database is known in advance of key-generation (considered in several prior works), we show that recent constructions of "monotone minimal perfect hash functions" allow to efficiently achieve (an adaptation of) the notion of IND-O(rdered) CPA also considered by Boldyreva et al., which asks that only the order relations among the plaintexts is leaked. Finally, we introduce modular order-preserving encryption (MOPE), in which the scheme of Boldyreva et al. is prepended with a shift cipher. MOPE improves the security of OPE in a sense, as it does not leak any information about plaintext location. We clarify that our work should not be interpreted as saying the original scheme of Boldyreva et al., or the variants that we introduce, are "secure" or "insecure." Rather, the goal of this line of research is to help practitioners decide whether the options provide a suitable security-functionality tradeoff for a given application.

Privacy-preserving multi-keyword ranked search over encrypted cloud data

Abstract: With the advent of cloud computing, data owners are motivated to outsource their complex data management systems from local sites to the commercial public cloud for great flexibility and economic savings. But for protecting data privacy, sensitive data has to be encrypted before outsourcing, which obsoletes traditional data utilization based on plaintext keyword search. Thus, enabling an encrypted cloud data search service is of paramount importance. Considering the large number of data users and documents in the cloud, it is necessary to allow multiple keywords in the search request and return documents in the order of their relevance to these keywords. Related works on searchable encryption focus on single keyword search or Boolean keyword search, and rarely sort the search results. In this paper, for the first time, we define and solve the challenging problem of privacy-preserving multi-keyword ranked search over encrypted cloud data (MRSE).We establish a set of strict privacy requirements for such a secure cloud data utilization system. Among various multi-keyword semantics, we choose the efficient similarity measure of “coordinate matching”, i.e., as many matches as possible, to capture the relevance of data documents to the search query. We further use “inner product similarity” to quantitatively evaluate such similarity measure. We first propose a basic idea for the MRSE based on secure inner product computation, and then give two significantly improved MRSE schemes to achieve various stringent privacy requirements in two different threat models. Thorough analysis investigating privacy and efficiency guarantees of proposed schemes is given. Experiments on the real-world dataset further show proposed schemes indeed introduce low overhead on computation and communication.

Authorized Private Keyword Search over Encrypted Data in Cloud Computing

Abstract: In cloud computing, clients usually outsource their data to the cloud storage servers to reduce the management costs. While those data may contain sensitive personal information, the cloud servers cannot be fully trusted in protecting them. Encryption is a promising way to protect the confidentiality of the outsourced data, but it also introduces much difficulty to performing effective searches over encrypted information. Most existing works do not support efficient searches with complex query conditions, and care needs to be taken when using them because of the potential privacy leakages about the data owners to the data users or the cloud server. In this paper, using on line Personal Health Record (PHR) as a case study, we first show the necessity of search capability authorization that reduces the privacy exposure resulting from the search results, and establish a scalable framework for Authorized Private Keyword Search (APKS) over encrypted cloud data. We then propose two novel solutions for APKS based on a recent cryptographic primitive, Hierarchical Predicate Encryption (HPE). Our solutions enable efficient multi-dimensional keyword searches with range query, allow delegation and revocation of search capabilities. Moreover, we enhance the query privacy which hides users' query keywords against the server. We implement our scheme on a modern workstation, and experimental results demonstrate its suitability for practical usage.

Chaos-based Cryptography: Theory, Algorithms and Applications

Abstract: Chaos-based cryptography, attracting many researchers in the past decade, is a research field across two fields, i.e., chaos (nonlinear dynamic system) and cryptography (computer and data security). It Chaos' properties, such as randomness and ergodicity, have been proved to be suitable for designing the means for data protection.The book gives a thorough description of chaos-based cryptography, which consists of chaos basic theory, chaos properties suitable for cryptography, chaos-based cryptographic techniques, and various secure applications based on chaos. Additionally, it covers both the latest research results and some open issues or hot topics. The book creates a collection of high-quality chapters contributed by leading experts in the related fields. It embraces a wide variety of aspects of the related subject areas and provide a scientifically and scholarly sound treatment of state-of-the-art techniques to students, researchers, academics, personnel of law enforcement and IT practitioners who are interested or involved in the study, research, use, design and development of techniques related to chaos-based cryptography.

A Secured Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography

Abstract: User authentication is a crucial service in wireless sensor networks (WSNs) that is becoming increasingly common in WSNs because wireless sensor nodes are typically deployed in an unattended environment, leaving them open to possible hostile network attack. Because wireless sensor nodes are limited in computing power, data storage and communication capabilities, any user authentication protocol must be designed to operate efficiently in a resource constrained environment. In this paper, we review several proposed WSN user authentication protocols, with a detailed review of the M.L Das protocol and a cryptanalysis of Das’ protocol that shows several security weaknesses. Furthermore, this paper proposes an ECC-based user authentication protocol that resolves these weaknesses. According to our analysis of security of the ECC-based protocol, it is suitable for applications with higher security requirements. Finally, we present a comparison of security, computation, and communication costs and performances for the proposed protocols. The ECC-based protocol is shown to be suitable for higher security WSNs.

Secure Hardware Implementation of Nonlinear Functions in the Presence of Glitches

Abstract: Hardware implementations of cryptographic algorithms are vulnerable to side-channel attacks. Side-channel attacks that are based on multiple measurements of the same operation can be countered by employing masking techniques. Many protection measures depart from an idealized hardware model that is very expensive to meet with real hardware. In particular, the presence of glitches causes many masking techniques to leak information during the computation of nonlinear functions. We discuss a recently introduced masking method which is based on secret sharing and multi-party computation methods. The approach results in implementations that are provably resistant against a wide range of attacks, while making only minimal assumptions on the hardware. We show how to use this method to derive secure implementations of some nonlinear building blocks for cryptographic algorithms. Finally, we provide a provable secure implementation of the block cipher Noekeon and verify the results by means of low-level simulations.

Unidirectional Chosen-Ciphertext Secure Proxy Re-Encryption

Abstract: In 1998, Blaze, Bleumer and Strauss introduced a cryptographic primitive called proxy re-encryption in which a proxy can transform-without seeing the plaintext-a ciphertext encrypted under one key into an encryption of the same plaintext under another key. The concept has recently drawn renewed interest. Notably, Canetti and Hohenberger showed how to properly define (and realize) chosen-ciphertext security for the primitive. Their system is bidirectional as the translation key allows converting ciphertexts in both directions. This paper presents the first unidirectional proxy re-encryption schemes with chosen-ciphertext security in the standard model (i.e., without the random oracle idealization). The first system provably fits a unidirectional extension of the Canetti-Hohenberger security model. As a second contribution, the paper considers a more realistic adversarial model where attackers may choose dishonest users' keys on their own. It is shown how to modify the first scheme to achieve security in the latter scenario. At a moderate expense, the resulting system provides additional useful properties such as non-interactive temporary delegations. Both constructions are efficient and rely on mild complexity assumptions in bilinear groups. Like the Canetti-Hohenberger scheme, they meet a relaxed flavor of chosen-ciphertext security introduced by Canetti, Krawczyk and Nielsen.

Lossy Trapdoor Functions and Their Applications

Abstract: We propose a general cryptographic primitive called lossy trapdoor functions (lossy TDFs), and we use it to develop new approaches for constructing several important cryptographic tools, including (injective) trapdoor functions, collision-resistant hash functions, oblivious transfer, and chosen ciphertext-secure cryptosystems (in the standard model). All of these constructions are simple, efficient, and black-box. We realize lossy TDFs based on a variety of cryptographic assumptions, including the hardness of the decisional Diffie-Hellman (DDH) problem and the hardness of the “learning with errors” problem (which is implied by the worst-case hardness of various lattice problems). Taken together, our results resolve some long-standing open problems in cryptography. They give the first injective TDFs based on problems not directly related to integer factorization and provide the first chosen ciphertext-secure cryptosystem based solely on worst-case complexity assumptions.

Computer-aided security proofs for the working cryptographer

Abstract: We present EasyCrypt, an automated tool for elaborating security proofs of cryptographic systems from proof sketches-compact, formal representations of the essence of a proof as a sequence of games and hints. Proof sketches are checked automatically using off-the-shelf SMT solvers and automated theorem provers, and then compiled into verifiable proofs in the CertiCrypt framework. The tool supports most common reasoning patterns and is significantly easier to use than its predecessors. We argue that EasyCrypt is a plausible candidate for adoption by working cryptographers and illustrate its application to security proofs of the Cramer-Shoup and Hashed ElGamal cryptosystems.

Semi-homomorphic encryption and multiparty computation

Abstract: An additively-homomorphic encryption scheme enables us to compute linear functions of an encrypted input by manipulating only the ciphertexts. We define the relaxed notion of a semi-homomorphic encryption scheme, where the plaintext can be recovered as long as the computed function does not increase the size of the input "too much". We show that a number of existing cryptosystems are captured by our relaxed notion. In particular, we give examples of semi-homomorphic encryption schemes based on lattices, subset sum and factoring. We then demonstrate how semi-homomorphic encryption schemes allow us to construct an efficient multiparty computation protocol for arithmetic circuits, UC-secure against a dishonest majority. The protocol consists of a preprocessing phase and an online phase. Neither the inputs nor the function to be computed have to be known during preprocessing. Moreover, the online phase is extremely efficient as it requires no cryptographic operations: the parties only need to exchange additive shares and verify information theoretic MACs. Our contribution is therefore twofold: from a theoretical point of view, we can base multiparty computation on a variety of different assumptions, while on the practical side we offer a protocol with better efficiency than any previous solution.

Remote timing attacks are still practical

Abstract: For over two decades, timing attacks have been an active area of research within applied cryptography. These attacks exploit cryptosystem or protocol implementations that do not run in constant time. When implementing an elliptic curve cryptosystem with a goal to provide side-channel resistance, the scalar multiplication routine is a critical component. In such instances, one attractive method often suggested in the literature is Montgomery's ladder that performs a fixed sequence of curve and field operations. This paper describes a timing attack vulnerability in OpenSSL's ladder implementation for curves over binary fields. We use this vulnerability to steal the private key of a TLS server where the server authenticates with ECDSA signatures. Using the timing of the exchanged messages, the messages themselves, and the signatures, we mount a lattice attack that recovers the private key. Finally, we describe and implement an effective countermeasure.

Shared and searchable encrypted data for untrusted servers

Abstract: Current security mechanisms are not suitable for organisations that outsource their data management to untrusted servers. Encrypting and decrypting sensitive data at the client side is the normal approach in this situation but has high communication and computation overheads if only a subset of the data is required, for example, selecting records in a database table based on a keyword search. New cryptographic schemes have been proposed that support encrypted queries over encrypted data. But they all depend on a single set of secret keys, which implies single user access or sharing keys among multiple users, with key revocation requiring costly data re-encryption. In this paper, we propose an encryption scheme where each authorised user in the system has his own keys to encrypt and decrypt data. The scheme supports keyword search which enables the server to return only the encrypted data that satisfies an encrypted query without decrypting it. We provide a concrete construction of the scheme and give formal proofs of its security. We also report on the results of our implementation.

Fast and scalable secret key generation exploiting channel phase randomness in wireless networks

Abstract: Recently, there has been great interest in physical layer security techniques that exploit the randomness of wireless channels for securely extracting cryptographic keys. Several interesting approaches have been developed and demonstrated for their feasibility. The state-of-the-art, however, still has much room for improving their practicality. This is because i) the key bit generation rate supported by most existing approaches is very low which significantly limits their practical usage given the intermittent connectivity in mobile environments; ii) existing approaches suffer from the scalability and flexibility issues, i.e., they cannot be directly extended to support efficient group key generation and do not suit for static environments. With these observations in mind, we present a new secret key generation approach that utilizes the uniformly distributed phase information of channel responses to extract shared cryptographic keys under narrowband multipath fading models. The proposed approach enjoys a high key bit generation rate due to its efficient introduction of multiple randomized phase information within a single coherence time interval as the keying sources. The proposed approach also provides scalability and flexibility because it relies only on the transmission of periodical extensions of unmodulated sinusoidal beacons, which allows effective accumulation of channel phases across multiple nodes. The proposed scheme is thoroughly evaluated through both analytical and simulation studies. Compared to existing work that focus on pairwise key generation, our approach is highly scalable and can improve the analytical key bit generation rate by a couple of orders of magnitude.

ABAKA: An Anonymous Batch Authenticated and Key Agreement Scheme for Value-Added Services in Vehicular Ad Hoc Networks

Abstract: In this paper, we introduce an anonymous batch authenticated and key agreement (ABAKA) scheme to authenticate multiple requests sent from different vehicles and establish different session keys for different vehicles at the same time. In vehicular ad hoc networks (VANETs), the speed of a vehicle is changed from 10 to 40 m/s (36-144 km/h); therefore, the need for efficient authentication is inevitable. Compared with the current key agreement scheme, ABAKA can efficiently authenticate multiple requests by one verification operation and negotiate a session key with each vehicle by one broadcast message. Elliptic curve cryptography is adopted to reduce the verification delay and transmission overhead. The security of ABAKA is based on the elliptic curve discrete logarithm problem, which is an unsolved NP-complete problem. To deal with the invalid request problem, which may cause the batch verification fail, a detection algorithm has been proposed. Moreover, we demonstrate the efficiency merits of ABAKA through performance evaluations in terms of verification delay, transmission overhead, and cost for rebatch verifications, respectively. Simulation results show that both the message delay and message loss rate of ABAKA are less than that of the existing elliptic curve digital signature algorithm (ECDSA)-based scheme.

Secure Network Coding on a Wiretap Network

Abstract: In the paradigm of network coding, the nodes in a network are allowed to encode the information received from the input links. With network coding, the full capacity of the network can be utilized. In this paper, we propose a model, call the wiretap network, that incorporates information security with network coding. In this model, a collection of subsets of the channels in the network is given, and a wiretapper is allowed to access any one (but not more than one) of these subsets without being able to obtain any information about the message transmitted. Our model includes secret sharing in classical cryptography as a special case. We present a construction of secure linear network codes that can be used provided a certain graph-theoretic condition is satisfied. We also prove the necessity of this condition for the special case that the wiretapper may choose to access any subset of channels of a fixed size. The optimality of our code construction is established for this special case. Finally, we extend our results to the scenario when the wiretapper is allowed to obtain a controlled amount of information about the message.

Processing private queries over untrusted data cloud through privacy homomorphism

Abstract: Query processing that preserves both the data privacy of the owner and the query privacy of the client is a new research problem. It shows increasing importance as cloud computing drives more businesses to outsource their data and querying services. However, most existing studies, including those on data outsourcing, address the data privacy and query privacy separately and cannot be applied to this problem. In this paper, we propose a holistic and efficient solution that comprises a secure traversal framework and an encryption scheme based on privacy homomorphism. The framework is scalable to large datasets by leveraging an index-based approach. Based on this framework, we devise secure protocols for processing typical queries such as k-nearest-neighbor queries (kNN) on R-tree index. Moreover, several optimization techniques are presented to improve the efficiency of the query processing protocols. Our solution is verified by both theoretical analysis and performance study.

Advances in cryptology : Eurocrypt 2011 : 30th annual international conference on the theory and applications of cryptographic techniques, Tallinn, Estonia, May 15-19, 2011 : proceedings

Abstract: This book constitutes the refereed proceedings of the 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2011, held in Tallinn, Estonia, in May 2011. The 31 papers, presented together with 2 invited talks, were carefully reviewed and selected from 167 submissions. The papers are organized in topical sections on lattice-base cryptography, implementation and side channels, homomorphic cryptography, signature schemes, information-theoretic cryptography, symmetric key cryptography, attacks and algorithms, secure computation, composability, key dependent message security, and public key encryption.

Grain-128a: a new version of Grain-128 with optional authentication

Abstract: A new version of the stream cipher Grain-128 is proposed. The new version, Grain-128a, is strengthened against all known attacks and observations on the original Grain-128, and has built-in support for optional authentication. The changes are modest, keeping the basic structure of Grain-128. This gives a high confidence in Grain-128a and allows for easy updating of existing implementations.

DES, AES and Blowfish: Symmetric Key Cryptography Algorithms Simulation Based Performance Analysis

Abstract: Security is the most challenging aspects in the internet and network applications. Internet and networks applications are growing very fast, so the importance and the value of the exchanged data over the internet or other media types are increasing. Hence the search for the best solution to offer the necessary protection against the data intruders' attacks along with providing these services in time is one of the most interesting subjects in the security related communities. Cryptography is the one of the main categories of computer security that converts information from its normal form into an unreadable form. The two main characteristics that identify and differentiate one encryption algorithm from another are its ability to secure the protected data against attacks and its speed and efficiency in doing so. This paper provides a fair comparison between three most common symmetric key cryptography algorithms: DES, AES, and Blowfish. Since main concern here is the performance of algorithms under different settings, the presented comparison takes into consideration the behavior and the performance of the algorithm when different data loads are used. The comparison is made on the basis of these parameters: speed, block size, and key size. Simulation program is implemented using Java programming.

Chaos-Based Cryptography

Abstract: 1. Introduction to Chaos.- 2. Chaos-based Cryptography 3. Digitized Chaos for Pseudo-Random Number Generation in Cryptography .- 4. Formation of High-Dimensional Chaotic Maps and Their Uses in Cryptography .- 5. Chaos based hash function .- 6. Chaos-Based Video Encryption Algorithms .- 7. Cryptanalysis of chaotic ciphers .- 8. Lessons learnt from the cryptanalysis of chaos-based ciphers .- 9. Hardware Implementation of chaos based cipher: Design of embedded systems for security applications .- 10. Hardware implementation of chaos-secured optical communication systems .- 11. Performance Evaluation of Chaotic and Conventional Encryption on Portable and Mobile Platforms 4. Formation of High-Dimensional Chaotic Maps and Their Uses in Cryptography .- 5. Chaos based hash function .- 6. Chaos-Based Video Encryption Algorithms .- 7. Cryptanalysis of chaotic ciphers .- 8. Lessons learnt from the cryptanalysis of chaos-based ciphers .- 9. Hardware Implementation of chaos based cipher: Design of embedded systems for security applications .- 10. Hardware implementation of chaos-secured optical communication systems .- 11. Performance Evaluation of Chaotic and Conventional Encryption on Portable and Mobile Platforms 5. Chaos based hash function .- 6. Chaos-Based Video Encryption Algorithms .- 7. Cryptanalysis of chaotic ciphers .- 8. Lessons learnt from the cryptanalysis of chaos-based ciphers .- 9. Hardware Implementation of chaos based cipher: Design of embedded systems for security applications .- 10. Hardware implementation of chaos-secured optical communication systems .- 11. Performance Evaluation of Chaotic and Conventional Encryption on Portable and Mobile Platforms .- 6. Chaos-Based Video Encryption Algorithms .- 7. Cryptanalysis of chaotic ciphers .- 8. Lessons learnt from the cryptanalysis of chaos-based ciphers .- 9. Hardware Implementation of chaos based cipher: Design of embedded systems for security applications .- 10. Hardware implementation of chaos-secured optical communication systems .- 11. Performance Evaluation of Chaotic and Conventional Encryption on Portable and Mobile Platforms 6. Chaos-Based Video Encryption Algorithms .- 7. Cryptanalysis of chaotic ciphers .- 8. Lessons learnt from the cryptanalysis of chaos-based ciphers .- 9. Hardware Implementation of chaos based cipher: Design of embedded systems for security applications .- 10. Hardware implementation of chaos-secured optical communication systems .- 11. Performance Evaluation of Chaotic and Conventional Encryption on Portable and Mobile Platforms 7. Cryptanalysis of chaotic ciphers .- 8. Lessons learnt from the cryptanalysis of chaos-based ciphers .- 9. Hardware Implementation of chaos based cipher: Design of embedded systems for security applications .- 10. Hardware implementation of chaos-secured optical communication systems .- 11. Performance Evaluation of Chaotic and Conventional Encryption on Portable and Mobile Platforms 8. Lessons learnt from the cryptanalysis of chaos-based ciphers .- 9. Hardware Implementation of chaos based cipher: Design of embedded systems for security applications .- 10. Hardware implementation of chaos-secured optical communication systems .- 11. Performance Evaluation of Chaotic and Conventional Encryption on Portable and Mobile Platforms 9. Hardware Implementation of chaos based cipher: Design of embedded systems for security applications .- 10. Hardware implementation of chaos-secured optical communication systems .- 11. Performance Evaluation of Chaotic and Conventional Encryption on Portable and Mobile Platforms .- 11. Performance Evaluation of Chaotic and Conventional Encryption on Portable and Mobile Platforms.

Fully Homomorphic Encryption without Squashing Using Depth-3 Arithmetic Circuits

Abstract: All previously known fully homomorphic encryption (FHE) schemes use Gentry's blueprint:* SWHE: Construct a somewhat homomorphic encryption (SWHE) scheme -- roughly, an encryption scheme that can homomorphically evaluate polynomials up to some degree.* Squash: ``Squash" the decryption function of the SWHE scheme, so that the scheme can evaluate functions twice as complex (in terms of polynomial degree) than its own decryption function. Do this by adding a ``hint " to the SHWE public key -- namely, a large set of vectors that has a secret sparse subset that sums to the original secret key.* Bootstrap: Given a SWHE scheme that can evaluate functions twice as complex as its decryption function, apply Gentry's transformation to get a ``leveled" FHE scheme. To get ``pure" (non-leveled) FHE, one assumes circular security. Here, we describe a new blueprint for FHE. We show how to eliminate the squashing step, and thereby eliminate the need to assume that the sparse subset sum problem (SSSP) is hard, as all previous leveled FHE schemes have done. Using our new blueprint, we obtain the following results:* A ``simple" leveled FHE scheme where we replace SSSP with Decision Diffie-Hellman!* The first leveled FHE scheme based entirely on worst-case hardness}. Specifically, we give a leveled FHE scheme with security based on the shortest independent vector problem over ideal lattices (ideal-SIVP).* Some efficiency improvements for FHE.} While the new blueprint does not yet improve computational efficiency, it reduces cipher text length. As in the previous blueprint, we obtain pure FHE by assuming circular security. Our main technique is to express the decryption function of SWHE schemes as a depth-3 ($\sum \prod \sum$) arithmetic circuit. When we evaluate this decryption function homomorphically, we temporarily switch to a multiplicatively homomorphic encryption (MHE) scheme, such as Elgamal, to handle the $\prod$ part, after which we translate the result from the MHE scheme back to the SWHE scheme by evaluating the MHE scheme's decryption function within the SWHE scheme. The SWHE scheme only needs to be able to evaluate the MHE scheme's decryption function (plus minor operations), and does not need to have the self-referential property of being able to evaluate its {\em own} decryption function, a property that necessitated squashing in the original blueprint.