Showing papers on "Hybrid cryptosystem published in 2008"

A New Randomness Extraction Paradigm for Hybrid Encryption.

Abstract: We present a new approach to the design of IND-CCA2 secure hybrid encryption schemes in the standard model. Our approach provides an ecient generic transformation from 1-universal to 2universal hash proof systems. The transformation involves a randomness extractor based on a 4-wise independent hash function as the key derivation function. Our methodology can be instantiated with ecient schemes based on standard intractability assumptions such as Decisional Die-Hellman, Quadratic Residuosity, and Paillier’s Decisional Composite Residuosity. Interestingly, our framework also allows to prove IND-CCA2 security of a hybrid version of 1991’s Damg ard’s ElGamal public-key encryption scheme under the DDH assumption.

A New Analysis of the McEliece Cryptosystem Based on QC-LDPC Codes

Abstract: We improve our proposal of a new variant of the McEliece cryptosystem based on QC-LDPC codes. The original McEliece cryptosystem, based on Goppa codes, is still unbroken up to now, but has two major drawbacks: long key and low transmission rate. Our variant is based on QC-LDPC codes and is able to overcome such drawbacks, while avoiding the known attacks. Recently, however, a new attack has been discovered that can recover the private key with limited complexity. We show that such attack can be avoided by changing the form of some constituent matrices, without altering the remaining system parameters. We also propose another variant that exhibits an overall increased security level. We analyze the complexity of the encryption and decryption stages by adopting efficient algorithms for processing large circulant matrices. The Toom-Cook algorithm and the short Winograd convolution are considered, that give a significant speed-up in the cryptosystem operations.

Attacks and counter-attacks on the GPT public key cryptosystem

Abstract: The public key cryptosystem based on rank error correcting codes (the GPT cryptosystem) was proposed in 1991. Several attacks against this system were published, including Gibson's attacks and recent Overbeck's attacks. In this paper, we improve the GPT system by more careful choice of parameters to withstand these attacks.

High-performance multimedia encryption system based on chaos

Abstract: Current chaotic encryption systems in the literature do not fulfill security and performance demands for real-time multimedia communications. To satisfy these demands, we propose a generalized symmetric cryptosystem based on N independently iterated chaotic maps (N-map array) periodically perturbed with a three-level perturbation scheme and a double feedback (global and local) to increase the system’s robustness to attacks. The first- and second-level perturbations make cryptosystem extremely sensitive to changes in the plaintext data since the system’s output itself (ciphertext global feedback) is used in the perturbation process. Third-level perturbation is a system reset, in which the system-key and chaotic maps are replaced for totally new values. An analysis of the proposed scheme regarding its vulnerability to attacks, statistical properties, and implementation performance is presented. To the best of our knowledge we provide a secure cryptosystem with one of the highest levels of performance for re...

An Implementation of the Blowfish Cryptosystem

Abstract: The Blowfish cryptosystem is a very fast and useful scheme, even though it was introduced over a decade ago. This cryptosystem consists of two parts, a subkey and S-box generation phase, and an encrypiton phase. A short introduction to both algorithms are given, along with a few notes about the Ciphertext Block Chaining (CBC) mode. Some general information about attacks are explained, along with information about some of the people who have worked to analyze and attempt to break Blowfish. An implementation of a Windows tool for encrypting files which uses Blowfish is also examined in this paper. The results of the encryption tool clearly demonstrate how fast the encryption is compared to the subkey and S-box generation. The secrecy of the cryptosystem is explained by using several test files of different types, as well as a study of the security with respect to the number of rounds. Finally, some possible extensions to the software tool to improve its usefulness based on the strength of Blowfish are given.

Practical-Sized Instances of Multivariate PKCs: Rainbow, TTS, and l IC-Derivatives

Abstract: We present instances of MPKCs (multivariate public key cryptosystems) with design, given the best attacks we know, and implement them on commodity PC hardware. We also show that they can hold their own compared to traditional alternatives. In fact, they can be up to an order of magnitude faster.

A matricial public key cryptosystem with digital signature

Abstract: We describe a new public key cryptosystem using block upper triangular matrices with elements in Zp, based on a generalization of the discrete logarithm problem over a finite group. The proposed cryptosystem is very efficient, requiring very few operations and also allows an ElGamal based digital signature scheme. The main benefit is that the security level is higher than other algorithms for the same key size.

Efficient Implementation of the Pairing on Mobilephones Using BREW

Abstract: Pairing based cryptosystems can accomplish novel security applications such as ID-based cryptosystems, which have not been constructed efficiently without the pairing. The processing speed of the pairing based cryptosystems is relatively slow compared with the other conventional public key cryptosystems. However, several efficient algorithms for computing the pairing have been proposed, namely Duursma-Lee algorithm and its variant ηT pairing. In this paper, we present an efficient implementation of the pairing over some mobilephones. Moreover, we compare the processing speed of the pairing with that of the other standard public key cryptosystems, i.e. RSA cryptosystem and elliptic curve cryptosystem. Indeed the processing speed of our implementation in ARM9 processors on BREW achieves under 100 milliseconds using the supersingular curve over 397. In addition, the pairing is more efficient than the other public key cryptosystems, and the pairing can be achieved enough also on BREW mobilephones. It has become efficient enough to implement security applications, such as short signature, ID-based cryptosystems or broadcast encryption, using the pairing on BREW mobilephones.

A More Compact Representation of XTR Cryptosystem

Abstract: XTR is one of the most efficient public-key cryptosystems that allow us to compress the communication bandwidth of their ciphertext. The compact representation can be achieved by deploying a subgroup Fq2 of extension field Fq6, so that the compression ratio of XTR cryptosystem is 1/3. On the other hand, Dijk et al. proposed an efficient public-key cryptosystem using a torus over Fq30 whose compression ratio is 4/15. It is an open problem to construct an efficient public-key cryptosystem whose compression ratio is smaller than 4/15. In this paper we propose a new variant of XTR cryptosystem over finite fields with characteristic three whose compression ratio is 1/6. The key observation is that there exists a trace map from Fq6 to Fq in the case of characteristic three. Moreover, the cost of compression and decompression algorithm requires only about 1% overhead compared with the original XTR cryptosystem. Therefore, the proposed variant of XTR cryptosystem is one of the fastest public-key cryptosystems with the smallest compression ratio.

A Cryptosystem Based on the Symmetric Group Sn

Abstract: Summary This paper proposes a public key cryptosystem based on the symmetric group Sn, and validates its theoretical foundation. The proposed system benefits from the algebraic properties of Sn such as non commutative, high computational speed and high flexibility in selecting keys which make the Discrete Logarithm Problem (DLP) resistant to attacks by algorithms such as PohligHellman. Against these properties, the only disadvantage of the scheme is its relative large memory and bandwidth requirements. Due to the similarities in the algebraic structures, many other cryptosystems can be translated to their symmetric group analogs, and the proposed cryptosystem is in fact the Generalized ElGamal cryptosystem which is based on Sn instead of GF(p).

Gröbner bases for public key cryptography

Abstract: Up to now, any attempt to use Grobner bases in the design of public key cryptosystems has failed, as anticipated by a classical paper of B. Barkee et al.; we show why, and show that the only residual hope is to use binomial ideals, i.e. lattices. We propose two lattice-based cryptosystems that will show the usefulness of multivariate polynomial algebra and Grobner bases in the construction of public key cryptosystems. The first one tries to revive two cryptosystems Polly Cracker and GGH, that have been considered broken, through a hybrid; the second one improves a cryptosystem (NTRU) that only has heuristic and challenged evidence of security, providing evidence that the extension cannot be broken with some of the standard lattice tools that can be used to break some reduced form of NTRU. Because of the bounds on length, we only sketch the construction of these two cryptosystems, and leave many details of the construction of private and public keys, of the proofs and of the security considerations to forthcoming technical papers.

Constructing Strong KEM from Weak KEM (or How to Revive the KEM/DEM Framework)

Abstract: We propose a generic method that transforms a weakly secure KEM, i.e. a KEM which is secure against constrained chosen ciphertext attack (CCCA), to a strongly secure KEM, i.e. a KEM which is secure against full chosen ciphertext attack (CCA). The proposed method does not depend on the random oracle nor any other non- standard assumptions. Using this method, we obtain new efficient hybrid encryption schemes based on Kurosawa&Desmedt and Hofheinz&Kiltz weakly secure KEMs. These are the first hybrid encryption schemes which are as efficient as Kurosawa&Desmedt and Hofheinz&Kiltz encryption schemes, but whose security can be explained in the original KEM/DEM framework.

Public-Key Cryptosystems from the Worst-Case Shortest Vector Problem.

Abstract: We construct public-key cryptosystems that are secure assuming the *worst-case* hardness of approximating the shortest vector problem on lattices. Prior cryptosystems with worst-case connections (e.g., the Ajtai-Dwork system) were based either on a *special case* of the shortest vector problem, or on the conjectured hardness of lattice problems for *quantum* algorithms. Our main technical innovation is a reduction from certain variants of the shortest vector problem to corresponding versions of the "learning with errors" (LWE) problem; previously, only a quantum reduction of this kind was known. In addition, we construct new cryptosystems based on LWE, including a very natural chosen ciphertext-secure system that has a much simpler description and tighter underlying worst-case approximation factor than prior constructions. (Duration: 30 minutes, on or before Wednesday.)

Nonlinear Piece In Hand Perturbation Vector Method for Enhancing Security of Multivariate Public Key Cryptosystems

Abstract: The piece in hand (PH) is a general scheme which is applicable to any reasonable type of multivariate public key cryptosystems for the purpose of enhancing their security. In this paper, we propose a new class PH method called NLPHPV (NonLinear Piece in Hand Perturbation Vector) method. Although our NLPHPV uses similar perturbation vectors as are used for the previously known internal perturbation method, this new method can avoid redundant repetitions in decryption process. With properly chosen parameter sizes, NLPHPV achieves an observable gain in security from the original multivariate public key cryptosystem. We demonstrate these by both theoretical analyses and computer simulations against major known attacks and provides the concrete sizes of security parameters, with which we even expect the grater security against potential quantum attacks.

On-Chip-Network cryptosystem: A high throughput and high security architecture

Abstract: The nanoscale technology makes the design concept of the sea of processors possible in the coming billion transistor era for high performance implementations. In order to solve the scalability, complexity and timing problem of the communication between these processors in a large scale SoC (System on a Chip) implementation, the NoC (Network on a Chip) or OCN (On-Chip Network) paradigm, a replacement for traditional global buses or wires. Since security-related processing can consume as much as 95 percent of a serverpsilas processing capacity, in order to enhance the processing speed of cryptosystem, OCNC (on-chip-network cryptosystem), a novel cryptographic architecture based on a group of pipeline-scheduled crypto-processors which encrypts the plaintext or decrypts the ciphertext through a packet switching interconnection, is introduced in this paper. OCNC is capable of integrating heterogeneous crypto-processors configured with different algorithms, block size, and key size to work in an efficient way.

Chosen-Ciphertext Secure Fuzzy Identity-Based Key Encapsulation without ROM.

Abstract: (1, 2, 3, 4, 5. College of Information Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing 210016, P.R.China) * corresponding author 1. E-mail: fangliming@nuaa.edu.cn 2. E-mail: aics@nuaa.edu.cn 3. E-mail: renyj100@126.com 4. E-mail: xiajinyue@yahoo.com.cn 5. E-mail: bianshizhu@hotmail.com Abstract. We use hybrid encryption with Fuzzy Identity-Based Encryption (Fuzzy-IBE) schemes, and present the first and efficient fuzzy identity-based key encapsulation mechanism (Fuzzy-IB-KEM) schemes which are chosen-ciphertext secure (CCA) without random oracle in the selective-ID model. To achieve these goals, we consider Fuzzy-IBE schemes as consisting of separate key and data encapsulation mechanisms (KEM-DEM), and then give the definition of Fuzzy-IB-KEM. Our main idea is to enhance Sahai and Waters' "large universe" construction, chosen-plaintext secure (CPA) Fuzzy-IBE, by adding some redundant information to the ciphertext to make it CCA-secure.

Combined Public Key Cryptosystem Based on Conic Curves over the Ring Zn

Abstract: In this paper, we propose a Combined Public Key Cryptosystem based on Conic Curves (CPK-CCC) over the residue class ring without trusted third parties, assume the existence of trusted Key Management Center (KMC). The security of this scheme relies on the problem of factorizing large integer and computing discrete logarithm on conic over the residue class ring. The implementation principles of CPK-CCC scheme and its designing structure are described in details. We employs seeded secret technique combine technique for generation of userpsilas Private/Secret Key (SK) and Public Key (PK) pairs for requested users. Moreover a precise definition of the CPK-CCC cryptosystem is given. Property analysis of the new scheme is also made in comparison with that of the other cryptosystems, which leads to the conclusion that CPK-CCC cryptosystem may be applied as an optimized approach towards efficient and effective network authentication.

Research on Implementation of Elliptic Curve Cryptosystem in E-Commerce

Abstract: With the fast development of cryptography research and computer technology, the cryptosystems of RSA and Diffe-Hellman are getting more and more unsafe, and elliptic curve cryptosystem is becoming the trend of public cryptography in the future. This paper mainly uses object-oriented technology as tools, and divides elliptic curve cryptosystem into several layers, every of which corresponds a class. The properties and methods of these classes are discussed, and some methods are implemented. In the end, the advantages are analyzed, and the cryptosystem implemented with advanced programming language is easy to transplant.

Heterogenic Distributed System for Cryptanalysis of Elliptic Curve Based Cryptosystems

Abstract: Public-key cryptosystems allow secure connections and data exchange through unsafe communication channel without the need of a previous secure key exchange. The most popular cryptosystem used nowadays is RSA. However recently a serious rival appeared - elliptic curve cryptosystems (ECC).Cryptanalytic attack on ECC system involves solving the elliptic curve discrete logarithm problem (ECDLP). The best known algorithm used to solve ECDLP is Pollardpsilas rho method. So far successful attacks on ECC systems were mostly based on distributed computer networks.In this paper a heterogenic (software & hardware) distributed cryptanalytic system is presented. Proposed solution utilizes the concept of distributing computation in network of general purpose computers and specialized hardware units with FPGA structures. Such hybrid system allows for very efficient cryptanalysis of cryptosystems based on elliptic curves.Estimated computation time of attacks on specific curves from Certicom Challenge list using proposed system is presented.

A New Computation Algorithm for a Cryptosystem Based on Lucas Functions

Abstract: Most of public-key cryptosystems rely on one-way functions. The cryptosystems can be used to encrypt and sign messages. The LUC Cryptosystem is a cryptosystem based on Lucas Functions. The encryption process used a public key which was known publicly and the decryption used a private key which was known only by sender and receiver of the messages. The performance of LUC cryptosystem computation influenced by computation of Ve the public key process and Vd the private key process. Very large scales of computations and timing overhead involved for large values of e and d. We are presenting the so-called Doubling with Remainder compared to the existing technique. It shows better performance in LUC computations by reducing time consumed in its computations. The experimental results of existing and new algorithm are included.

Safer parameters for the Chor-Rivest cryptosystem

Abstract: Vaudenay's cryptanalysis against Chor-Rivest cryptosystem is applicable when the parameters, p and h, originally proposed by the authors are used. Nevertheless, if p and h are both prime integers, then Vaudenay's attack is not applicable. In this work, a choice of these parameters resistant to the existing cryptanalytic attacks, is presented. The parameters are determined in a suitable range guaranteeing its security and the computational feasibility of implementation. Regrettably, the obtained parameters are scarce in practice.

New designing of cryptosystems based on quadratic fields

Abstract: This paper proposes a method to construct new kind of non-maximal imaginary quadratic order (NIQO*) by combining the technique of Diophantine equation and the characters of non-maximal imaginary quadratic order. It is proved that in the class group of this new kind of NIQO*, it is very easy to design provable secure cryptosystems based on quadratic field (QF). With the purpose to prove that this new kind of QF-based cryptosystems are easy to implement, two concrete schemes are presented, i.e., a Schnorr-like signature and an ElGamel-like encryption, by using the proposed NIQO*. In the random oracle model, it is proved that: (1) under the assumption that the discrete logarithm problem over class groups (CL-DLP) of this new kind of NIQO* is intractable, the proposed signature scheme is secure against adaptive chosen-message attacks, i.e., achieving UF-CMA security; (2) under the assumption that the decisional Diffie-Hellman problem over class groups (CL-DDH) of this new kind of NIQO* is intractable, the enhanced encryption in this paper is secure against adaptive chosen-ciphertext attacks, i.e., reaching IND-CCA2 security.

Hybrid Damgård Is CCA1-Secure under the DDH Assumption

Abstract: In 1991, Damgard proposed a simple public-key cryptosystem that he proved CCA1-secure under the Diffie-Hellman Knowledge assumption. Only in 2006, Gjosteen proved its CCA1-security under a more standard but still new and strong assumption. The known CCA2-secure public-key cryptosystems are considerably more complicated. We propose a hybrid variant of Damgard's public-key cryptosystem and show that it is CCA1-secure if the used symmetric cryptosystem is CPA-secure, the used MAC is unforgeable, the used key-derivation function is secure, and the underlying group is a DDH group. The new cryptosystem is the most efficient known CCA1-secure hybrid cryptosystem based on standard assumptions.