Dates are inconsistent

Dates are inconsistent

41 results sorted by ID

2025/140 (PDF) Last updated: 2025-01-29
HELP: Everlasting Privacy through Server-Aided Randomness
Yevgeniy Dodis, Jiaxin Guan, Peter Hall, Alison Lin
Foundations

Everlasting (EL) privacy offers an attractive solution to the Store-Now-Decrypt-Later (SNDL) problem, where future increases in the attacker's capability could break systems which are believed to be secure today. Instead of requiring full information-theoretic security, everlasting privacy allows computationally-secure transmissions of ephemeral secrets, which are only "effective" for a limited periods of time, after which their compromise is provably useless for the SNDL attacker. In...

2024/1662 (PDF) Last updated: 2024-11-30
Composability in Watermarking Schemes
Jiahui Liu, Mark Zhandry
Foundations

Software watermarking allows for embedding a mark into a piece of code, such that any attempt to remove the mark will render the code useless. Provably secure watermarking schemes currently seems limited to programs computing various cryptographic operations, such as evaluating pseudorandom functions (PRFs), signing messages, or decrypting ciphertexts (the latter often going by the name ``traitor tracing''). Moreover, each of these watermarking schemes has an ad-hoc construction of its...

2024/1200 (PDF) Last updated: 2024-07-25
Depth-Aware Arithmetization of Common Primitives in Prime Fields
Jelle Vos, Mauro Conti, Zekeriya Erkin
Foundations

A common misconception is that the computational abilities of circuits composed of additions and multiplications are restricted to simple formulas only. Such arithmetic circuits over finite fields are actually capable of computing any function, including equality checks, comparisons, and other highly non-linear operations. While all those functions are computable, the challenge lies in computing them efficiently. We refer to this search problem as arithmetization. Arithmetization is a key...

2024/926 (PDF) Last updated: 2024-06-10
Verifiable and Private Vote-by-Mail
Henri Devillez, Olivier Pereira, Thomas Peters
Cryptographic protocols

Vote-by-mail is increasingly used in Europe and worldwide for government elections. Nevertheless, very few attempts have been made towards the design of verifiable vote-by-mail, and none of them come with a rigorous security analysis. Furthermore, the ballot privacy of the currently deployed (non-verifiable) vote-by-mail systems relies on procedural means that a single malicious operator can bypass. We propose a verifiable vote-by-mail system that can accommodate the constraints of many...

2023/1490 (PDF) Last updated: 2024-11-06
Formulations and Constructions of Remote State Preparation with Verifiability, with Applications
Jiayu Zhang
Cryptographic protocols

Remote state preparation with verifiability (RSPV) is an important quantum cryptographic primitive [GV19,Zha22]. In this primitive, a client would like to prepare a quantum state (sampled or chosen from a state family) on the server side, such that ideally the client knows its full description, while the server holds and only holds the state itself. In this work we make several contributions on its formulations, constructions and applications. In more detail: - We first work on the...

2023/1342 (PDF) Last updated: 2024-04-18
Modular Sumcheck Proofs with Applications to Machine Learning and Image Processing
David Balbás, Dario Fiore, Maria Isabel González Vasco, Damien Robissout, Claudio Soriente
Cryptographic protocols

Cryptographic proof systems provide integrity, fairness, and privacy in applications that outsource data processing tasks. However, general-purpose proof systems do not scale well to large inputs. At the same time, ad-hoc solutions for concrete applications - e.g., machine learning or image processing - are more efficient but lack modularity, hence they are hard to extend or to compose with other tools of a data-processing pipeline. In this paper, we combine the performance of tailored...

2023/439 (PDF) Last updated: 2023-03-26
Standard Model Time-Lock Puzzles: Defining Security and Constructing via Composition
Karim Eldefrawy, Sashidhar Jakkamsetti, Ben Terner, Moti Yung
Foundations

The introduction of time-lock puzzles initiated the study of publicly “sending information into the future.” For time-lock puzzles, the underlying security-enabling mechanism is the computational complexity of the operations needed to solve the puzzle, which must be tunable to reveal the solution after a predetermined time, and not before that time. Time-lock puzzles are typically constructed via a commitment to a secret, paired with a reveal algorithm that sequentially iterates a basic...

2022/087 (PDF) Last updated: 2023-12-18
The Internet Computer for Geeks
The DFINITY Team
Cryptographic protocols

Smart contracts are a new form of software that will revolutionize how software is written, IT systems are maintained, and applications and whole businesses are built. Smart contracts are composable and autonomous pieces of software that run on decentralized blockchains, which makes them tamperproof and unstoppable. In this paper, we describe the Internet Computer (IC), which is a radical new design of blockchain that unleashes the full potential of smart contracts, overcoming the...

2021/1683 (PDF) Last updated: 2021-12-22
PUBA: Privacy-Preserving User-Data Bookkeeping and Analytics
Valerie Fetzer, Marcel Keller, Sven Maier, Markus Raiber, Andy Rupp, Rebecca Schwerdt
Cryptographic protocols

In this paper we propose Privacy-preserving User-data Bookkeeping & Analytics (PUBA), a building block destined to enable the implementation of business models (e.g., targeted advertising) and regulations (e.g., fraud detection) requiring user-data analysis in a privacy-preserving way. In PUBA, users keep an unlinkable but authenticated cryptographic logbook containing their historic data on their device. This logbook can only be updated by the operator while its content is not...

2021/1263 (PDF) Last updated: 2021-09-22
Transparency Dictionaries with Succinct Proofs of Correct Operation
Ioanna Tzialla, Abhiram Kothapalli, Bryan Parno, Srinath Setty
Cryptographic protocols

This paper introduces Verdict, a transparency dictionary, where an untrusted service maintains a label-value map that clients can query and update (foundational infrastructure for end-to-end encryption and other applications). To prevent unauthorized modifications to the dictionary, for example, by a malicious or a compromised service provider, Verdict produces publicly-verifiable cryptographic proofs that it correctly executes both reads and authorized updates. A key advance over prior work...

2020/1079 (PDF) Last updated: 2020-09-09
Subvert KEM to Break DEM: Practical Algorithm-Substitution Attacks on Public-Key Encryption
Rongmao Chen, Xinyi Huang, Moti Yung
Public-key cryptography

Motivated by the currently widespread concern about mass surveillance of encrypted communications, Bellare \emph{et al.} introduced at CRYPTO 2014 the notion of Algorithm-Substitution Attack (ASA) where the legitimate encryption algorithm is replaced by a subverted one that aims to undetectably exfiltrate the secret key via ciphertexts. Practically implementable ASAs on various cryptographic primitives (Bellare \emph{et al.}, CRYPTO'14 \& ACM CCS'15; Ateniese \emph{et al.}, ACM CCS'15;...

2020/525 (PDF) Last updated: 2020-05-05
Account Management in Proof of Stake Ledgers
Dimitris Karakostas, Aggelos Kiayias, Mario Larangeira
Cryptographic protocols

Blockchain protocols based on Proof-of-Stake (PoS) depend — by nature — on the active participation of stakeholders. If users are offline and abstain from the PoS consensus mechanism, the system’s security is at risk, so it is imperative to explore ways to both maximize the level of participation and minimize the effects of non-participation. One such option is stake representation, such that users can delegate their participation rights and, in the process, form "stake pools". The core idea...

2020/513 (PDF) Last updated: 2022-12-01
E-cclesia: Universally Composable Self-Tallying Elections
Myrto Arapinis, Nikolaos Lamprou, Lenka Mareková, Thomas Zacharias, Léo Ackermann, Pavlos Georgiou
Cryptographic protocols

The technological advancements of the digital era paved the way for the facilitation of electronic voting (e-voting) in the promise of efficiency and enhanced security. In standard e-voting designs, the tally process is assigned to a committee of designated entities called talliers. Naturally, the security analysis of any e-voting system with tallier designation hinges on the assumption that a subset of the talliers follows the execution guidelines and does not attempt to breach...

2020/476 (PDF) Last updated: 2022-05-18
Generalized Channels from Limited Blockchain Scripts and Adaptor Signatures
Lukas Aumayr, Oguzhan Ersoy, Andreas Erwig, Sebastian Faust, Kristina Hostakova, Matteo Maffei, Pedro Moreno-Sanchez, Siavash Riahi
Cryptographic protocols

Decentralized and permissionless ledgers offer an inherently low transaction rate, as a result of their consensus protocol demanding the storage of each transaction on-chain. A prominent proposal to tackle this scalability issue is to utilize off-chain protocols, where parties only need to post a limited number of transactions on-chain. Existing solutions can roughly be categorized into: (i) application-specific channels (e.g., payment channels), offering strictly weaker functionality than...

2019/924 (PDF) Last updated: 2019-08-18
Your Money or Your Life---Modeling and Analyzing the Security of Electronic Payment in the UC Framework
Dirk Achenbach, Roland Gröll, Timon Hackenjos, Alexander Koch, Bernhard Löwe, Jeremias Mechler, Jörn Müller-Quade, Jochen Rill
Cryptographic protocols

EMV, also known as Chip and PIN, is the world-wide standard for card-based electronic payment. Its security wavers: over the past years, researchers have demonstrated various practical attacks, ranging from using stolen cards by disabling PIN verification to cloning cards by pre-computing transaction data. Most of these attacks rely on violating certain unjustified and not explicitly stated core assumptions upon which EMV is built, namely that the input device (e.g. the ATM) is trusted and...

2019/726 (PDF) Last updated: 2019-06-20
A Framework for Universally Composable Oblivious Transfer from One-Round Key-Exchange
Pedro Branco, Jintai Ding, Manuel Goulão, Paulo Mateus
Cryptographic protocols

Oblivious transfer is one of the main pillars of modern cryptography and plays a major role as a building block for other more complex cryptographic primitives. In this work, we present an efficient and versatile framework for oblivious transfer (OT) using one-round key-exchange (ORKE), a special class of key exchange (KE) where only one message is sent from each party to the other. Our contributions can be summarized as follows: i) We carefully analyze ORKE schemes and introduce new...

2019/615 (PDF) Last updated: 2019-12-03
My Gadget Just Cares For Me - How NINA Can Prove Security Against Combined Attacks
Siemen Dhooghe, Svetla Nikova
Secret-key cryptography

Differential Power Analysis and Differential Fault Analysis threaten the security of even the most trustworthy cryptographic primitives. It is important we protect their implementation such that no sensitive information is leaked using side channels and it withstands injected faults or combined physical attacks. In this work, we propose security notions tailored against advanced physical attacks consisting of both faults and probes on circuit wires. We then transform the security notions to...

2019/582 (PDF) Last updated: 2019-05-30
EasyUC: Using EasyCrypt to Mechanize Proofs of Universally Composable Security
Ran Canetti, Alley Stoughton, Mayank Varia
Cryptographic protocols

We present a methodology for using the EasyCrypt proof assistant (originally designed for mechanizing the generation of proofs of game-based security of cryptographic schemes and protocols) to mechanize proofs of security of cryptographic protocols within the universally composable (UC) security framework. This allows, for the first time, the mechanization and formal verification of the entire sequence of steps needed for proving simulation-based security in a modular way: * Specifying a...

2019/462 (PDF) Last updated: 2019-06-26
How to wrap it up - A formally verified proposal for the use of authenticated wrapping in PKCS\#11
Alexander Dax, Robert Künnemann, Sven Tangermann, Michael Backes
Cryptographic protocols

Being the most widely used and comprehensive standard for hardware security modules, cryptographic tokens and smart cards, PKCS#11 has been the subject of academic study for years. PKCS#11 provides a key store that is separate from the application, so that, ideally, an application never sees a key in the clear. Again and again, researchers have pointed out the need for an import/export mechanism that ensures the integrity of the permissions associated to a key. With version 2.40, for the...

2019/108 (PDF) Last updated: 2019-02-05
Minicrypt Primitives with Algebraic Structure and Applications
Navid Alamati, Hart Montgomery, Sikhar Patranabis, Arnab Roy
Foundations

Algebraic structure lies at the heart of much of Cryptomania as we know it. An interesting question is the following: instead of building (Cryptomania) primitives from concrete assumptions, can we build them from simple Minicrypt primitives endowed with additional algebraic structure? In this work, we affirmatively answer this question by adding algebraic structure to the following Minicrypt primitives: • One-Way Function (OWF) • Weak Unpredictable Function (wUF) • Weak Pseudorandom...

2018/1241 (PDF) Last updated: 2019-12-06
Universally Composable Accumulators
Foteini Baldimtsi, Ran Canetti, Sophia Yakoubov
Foundations

Accumulators, first introduced by Benaloh and de Mare (Eurocrypt 1993), are compact representations of arbitrarily large sets and can be used to prove claims of membership or non-membership about the underlying set. They are almost exclusively used as building blocks in real-world complex systems, including anonymous credentials, group signatures and, more recently, anonymous cryptocurrencies. Having rigorous security analysis for such systems is crucial for their adoption and safe use in...

2018/378 (PDF) Last updated: 2019-02-22
Ouroboros Genesis: Composable Proof-of-Stake Blockchains with Dynamic Availability
Christian Badertscher, Peter Gazi, Aggelos Kiayias, Alexander Russell, Vassilis Zikas
Applications

Proof-of-stake-based (in short, PoS-based) blockchains aim to overcome scalability, effi- ciency, and composability limitations of the proof-of-work paradigm, which underlies the security of several mainstream cryptocurrencies including Bitcoin. Our work puts forth the first (global universally) composable (GUC) treatment of PoS-based blockchains in a setting that captures—for the first time in GUC—arbitrary numbers of parties that may not be fully operational, e.g., due to network problems,...

2018/286 (PDF) Last updated: 2019-09-22
AuCPace: Efficient verifier-based PAKE protocol tailored for the IIoT
Björn Haase, Benoît Labrique

Increasingly connectivity becomes integrated in products and devices that previously operated in a stand-alone setting. This observation holds for many consumer ap- plications in the so-called "Internet of Things" (IoT) as well as for corresponding industry applications (IIoT), such as industrial process sensors. Often the only practicable means for authentication of human users is a password. The security of password-based authentication schemes frequently forms the weakest point of...

2017/1038 (PDF) Last updated: 2017-10-28
Embedded Proofs for Verifiable Neural Networks
Hervé Chabanne, Julien Keuffer, Refik Molva

The increasing use of machine learning algorithms to deal with large amount of data and the expertise required by these algorithms lead users to outsource machine learning services. This raises a trust issue about their result when executed in an untrusted environment. Verifiable computing (VC) tackles this issue and provides computational integrity for an outsourced computation, although the bottleneck of state of the art VC protocols is the prover time. In this paper, we design a VC...

2017/993 (PDF) Last updated: 2017-12-21
A Framework for Efficient Adaptively Secure Composable Oblivious Transfer in the ROM
Paulo S. L. M. Barreto, Bernardo David, Rafael Dowsley, Kirill Morozov, Anderson C. A. Nascimento
Cryptographic protocols

Oblivious Transfer (OT) is a fundamental cryptographic protocol that finds a number of applications, in particular, as an essential building block for two-party and multi-party computation. We construct a universally composable (UC) protocol for oblivious transfer secure against active adaptive adversaries from any OW-CPA secure public-key encryption scheme with certain properties in the random oracle model (ROM). In terms of computation, our protocol only requires the generation of a...

2016/849 (PDF) Last updated: 2017-01-17
Asymptotically Tight Bounds for Composing ORAM with PIR
Ittai Abraham, Christopher W. Fletcher, Kartik Nayak, Benny Pinkas, Ling Ren

Oblivious RAM (ORAM) is a cryptographic primitive that allows a trusted client to outsource storage to an untrusted server while hiding the client's memory access patterns to the server. The last three decades of research on ORAMs have reduced the bandwidth blowup of ORAM schemes from $O(\sqrt{N})$ to $O(1)$. However, all schemes that achieve a bandwidth blowup smaller than $O(\log N)$ use expensive computations such as homomorphic encryptions. In this paper, we achieve a sub-logarithmic...

2016/706 (PDF) Last updated: 2016-08-29
Memory Erasability Amplification
Jan Camenisch, Robert R. Enderlein, Ueli Maurer
Foundations

Erasable memory is an important resource for designing practical cryptographic protocols that are secure against adaptive attacks. Many practical memory devices such as solid state drives, hard disks, or file systems are not perfectly erasable because a deletion operation leaves traces of the deleted data in the system. A number of methods for constructing a large erasable memory from a small one, e.g., using encryption, have been proposed. Despite the importance of erasable memory in...

2015/1134 (PDF) Last updated: 2016-08-17
$\Lambda \circ \lambda$: Functional Lattice Cryptography
Eric Crockett, Chris Peikert
Implementation

This work describes the design, implementation, and evaluation of \lol, a general-purpose software framework for lattice-based cryptography. The \lol framework has several novel properties that distinguish it from prior implementations of lattice cryptosystems, including the following. \emph{Generality, modularity, concision:} \lol defines a collection of general, highly composable interfaces for mathematical operations used across lattice cryptography, allowing for a wide variety of...

2014/595 (PDF) Last updated: 2020-06-18
Scalable Zero Knowledge via Cycles of Elliptic Curves
Eli Ben-Sasson, Alessandro Chiesa, Eran Tromer, Madars Virza
Cryptographic protocols

Non-interactive zero-knowledge proofs of knowledge for general NP statements are a powerful cryptographic primitive, both in theory and in practical applications. Recently, much research has focused on achieving an additional property, succinctness, requiring the proof to be very short and easy to verify. Such proof systems are known as zero-knowledge succinct non-interactive arguments of knowledge (zk-SNARKs), and are desired when communication is expensive, or the verifier is...

2013/559 (PDF) Last updated: 2015-09-08
A Definitional Framework for Functional Encryption
Christian Matt, Ueli Maurer
Public-key cryptography

Functional encryption (FE) is a powerful generalization of various types of encryption. We investigate how FE can be used by a trusted authority to enforce access-control policies to data stored in an untrusted repository. Intuitively, if (functionally) encrypted data items are put in a publicly-readable repository, the effect of the encryption should be that every user has access to exactly (and only) those functions of the data items for which he has previously received the corresponding...

2013/203 (PDF) Last updated: 2013-04-14
From oblivious AES to efficient and secure database join in the multiparty setting
Sven Laur, Riivo Talviste, Jan Willemson
Cryptographic protocols

AES block cipher is an important cryptographic primitive with many applications. In this work, we describe how to efficiently implement the AES-128 block cipher in the multiparty setting where the key and the plaintext are both in a secret-shared form. In particular, we study several approaches for AES S-box substitution based on oblivious table lookup and circuit evaluation. Given this secure AES implementation, we build a universally composable database join operation for secret shared...

2013/152 (PDF) Last updated: 2013-03-15
Policy-based Secure Deletion
Christian Cachin, Kristiyan Haralambiev, Hsu-Chun Hsiao, Alessandro Sorniotti
Applications

Securely deleting data from storage systems has become difficult today. Most storage space is provided as a virtual resource and traverses many layers between the user and the actual physical storage medium. Operations to properly erase data and wipe out all its traces are typically not foreseen. This paper introduces a cryptographic model for policy-based secure deletion of data in storage systems, whose security relies on the proper erasure of cryptographic keys. Deletion operations are...

2012/189 (PDF) Last updated: 2013-04-11
Universally Composable Key-Management
Steve Kremer, Robert Künnemann, Graham Steel

We present the first universally composable key-management functionality, formalized in the GNUC framework by Hofheinz and Shoup. It allows the enforcement of a wide range of security policies and can be extended by diverse key usage operations with no need to repeat the security proof. We illustrate its use by proving an implementation of a security token secure with respect to arbitrary key-usage operations and explore a proof technique that allows the storage of cryptographic keys...

2010/213 (PDF) Last updated: 2011-04-27
Composable Security Analysis of OS Services
Ran Canetti, Suresh Chari, Shai Halevi, Birgit Pfitzmann, Arnab Roy, Michael Steiner, Wietse Venema
Applications

We provide an analytical framework for analyzing basic integrity properties of file systems, namely the binding of files to filenames and writing capabilities. A salient feature of our modeling and analysis is that it is *composable*: In spite of the fact that we analyze the filesystem in isolation, security is guaranteed even when the file system operates as a component within an arbitrary, and potentially adversarial system. Such secure composability properties seem essential when trying...

2008/534 (PDF) Last updated: 2009-04-15
Somewhat Non-Committing Encryption and Efficient Adaptively Secure Oblivious Transfer
Juan A. Garay, Daniel Wichs, Hong-Sheng Zhou
Cryptographic protocols

Designing efficient cryptographic protocols tolerating adaptive adversaries, who are able to corrupt parties on the fly as the computation proceeds, has been an elusive task. Indeed, thus far no \emph{efficient} protocols achieve adaptive security for general multi-party computation, or even for many specific two-party tasks such as oblivious transfer (OT). In fact, it is difficult and expensive to achieve adaptive security even for the task of \emph{secure communication}, which is arguably...

2005/220 (PS) Last updated: 2005-07-09
Limits of the Cryptographic Realization of Dolev-Yao-style XOR
Michael Backes, Birgit Pfitzmann
Foundations

The abstraction of cryptographic operations by term algebras, called Dolev-Yao models, is essential in almost all tool-supported methods for proving security protocols. Recently significant progress was made in proving that such abstractions can be sound with respect to actual cryptographic realizations and security definitions. The strongest results show this in the sense of reactive simulatability/UC, a notion that essentially means retention of arbitrary security properties under...

2004/059 (PS) Last updated: 2004-02-23
Symmetric Encryption in a Simulatable Dolev-Yao Style Cryptographic Library
Michael Backes, Birgit Pfitzmann
Foundations

Recently we solved the long-standing open problem of justifying a Dolev-Yao type model of cryptography as used in virtually all automated protocol provers under active attacks. The justification was done by defining an ideal system handling Dolev-Yao-style terms and a cryptographic realization with the same user interface, and by showing that the realization is as secure as the ideal system in the sense of reactive simulatability. This definition encompasses arbitrary active attacks and...

2003/145 (PS) Last updated: 2003-07-25
Symmetric Authentication Within a Simulatable Cryptographic Library
Michael Backes, Birgit Pfitzmann, Michael Waidner
Foundations

Proofs of security protocols typically employ simple abstractions of cryptographic operations, so that large parts of such proofs are independent of cryptographic details. The typical abstraction is the Dolev-Yao model, which treats cryptographic operations as a specific term algebra. However, there is no cryptographic semantics, i.e., no theorem that says what a proof with the Dolev-Yao abstraction implies for the real protocol, even if provably secure cryptographic primitives are...

2003/015 (PDF) (PS) Last updated: 2003-01-24
A Universally Composable Cryptographic Library
Michael Backes, Birgit Pfitzmann, Michael Waidner
Foundations

Bridging the gap between formal methods and cryptography has recently received a lot of interest, i.e., investigating to what extent proofs of cryptographic protocols made with abstracted cryptographic operations are valid for real implementations. However, a major goal has not been achieved yet: a soundness proof for an abstract crypto-library as needed for the cryptographic protocols typically proved with formal methods, e.g., authentication and key exchange protocols. Prior work that...

2002/047 (PS) Last updated: 2003-11-17
Universal Composition with Joint State
Ran Canetti, Tal Rabin
Foundations

Cryptographic systems often involve running multiple concurrent instances of some protocol, where the instances have some amount of joint state and randomness. (Examples include systems where multiple protocol instances use the same public-key infrastructure, or the same common reference string.) Rather than attempting to analyze the entire system as a single unit, we would like to be able to analyze each such protocol instance as stand-alone, and then use a general composition theorem to...

2000/067 (PDF) Last updated: 2020-02-12
Universally Composable Security: A New Paradigm for Cryptographic Protocols
Ran Canetti
Foundations

We present a general framework for representing cryptographic protocols and analyzing their security. The framework allows specifying the security requirements of practically any cryptographic task in a unified and systematic way. Furthermore, in this framework the security of protocols is maintained under a general composition operation, called universal composition. The proposed framework with its security-preserving composition property allow for modular design and analysis of complex...

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.