P074 - WEWoRC 2005 - Western European Workshop on Research in Cryptology
Autor*innen mit den meisten Dokumenten
Auflistung nach:
Neueste Veröffentlichungen
- KonferenzbeitragApplications of partial hiding in RSA(WEWoRC 2005 – Western European Workshop on Research in Cryptology, 2005) Fhloinn, Eabhnat Ní; Purser, MichaelWe explore the possibility of exposing sections of the private key in RSA without jeopardising the security of the overall system. Making significant segments of the key publicly available greatly reduces the amount of data which must be securely hidden, allowing us to use biometric readings to protect the key. We suggest the use of iris recognition for this purpose and propose possible implementations of this scheme.
- KonferenzbeitragCollision attacks on processors with cache and countermeasures(WEWoRC 2005 – Western European Workshop on Research in Cryptology, 2005) Lauradoux, CédricImplementing cryptographic algorithms is a difficult problem since additional secret information can be recovered from some physical characteristics of a cryptographic device. Among all side-channel attacks, collision attacks and cache attacks are the most recent ones. The first technique uses side-channel information to detect internal collisions related to the algorithm. The second one exploits timing or power consumptions related to the memory accesses. This paper presents a new attack on the first round of AES based on power analysis, which combines both collision attacks and cache attacks. It provides many linear relations between the secret key bits from the encryption of a few chosen plaintexts. For instance, for a classical implementation using 4 lookup tables on a processor with 64-byte cache blocks, 48 linear relations involving half of the key bits are derived. Some countermeasures which defeat such attacks are also presented.
- KonferenzbeitragRelated-cipher attacks on block ciphers with flexible number of rounds(WEWoRC 2005 – Western European Workshop on Research in Cryptology, 2005) Sung, Jaechul; Kim, Jongsung; Lee, Changhoon; Hong, SeokhieRelated-cipher attack was introduced by Hongjun Wu in 2002 [25]. We can consider related ciphers as block ciphers with the same round function but different number of rounds. This attack can be applied to related ciphers by using the fact that their key schedules do not depend on the total number of rounds. In this paper we introduce differential related-cipher attack on block ciphers, which combine related- cipher attack with differential cryptanalysis. We apply this attack to the block ciphers ARIA [15] and SC2000 [24]. Furthermore, related-cipher attack can be combined with other block cipher attacks such as linear cryptanalysis, higher-order differential crypt- analysis, and so on. With these combined attacks we also analyze some other block ciphers which use flexible number of rounds, SAFER++, CAST-128 and DEAL.
- KonferenzbeitragA scanning tool for PC root public key stores(WEWoRC 2005 – Western European Workshop on Research in Cryptology, 2005) Alsaid, Adil; Mitchell, Chris J.As has recently been demonstrated, a malicious third party could insert a self-issued CA public key into the list of trusted root CA public keys stored on an end user PC. As a consequence, the malicious third party could potentially do severe damage to the end user computing environment. In this paper, we discuss the problem of fake root public keys and suggest a solution that can be used to detect and remove them. We further describe a prototype implementation of this solution.
- KonferenzbeitragState recovery attacks on pseudorandom generators(WEWoRC 2005 – Western European Workshop on Research in Cryptology, 2005) Sidorenko, Andrey; Schoenmakers, BerryState recovery attacks comprise an important class of attacks on pseudorandom generators. In this paper we analyze resistance of pseudorandom generators against these attacks in terms of concrete security. We show that security of the Blum- Micali pseudorandom generator against state recovery attacks is tightly related to the security of the corresponding one-way function.
- KonferenzbeitragA cryptosystem "à la" ElGamal on an elliptic curve over Fp[ϵ](WEWoRC 2005 – Western European Workshop on Research in Cryptology, 2005) Virat, MarieThis paper introduces a new public key cryptosystem which is a variant of the ElGamal cryptosystem on an elliptic curve. To this end, we study the equations of type y2 = x3 + ax + b with a and b in Fq[ϵ] where ϵ2 = 0. When 4a3 + 27b2 is invertible in Fq[ϵ], they allow us to define new groups which seem to be good candidates for the ElGamal public key cryptosystem. The variant we introduce has the advantage to present no plaintext encoding problem. Moreover, it reaches security levels which are similar to the ElGamal cryptosystem on an elliptic curve.
- KonferenzbeitragA secure network storage system with information privacy(WEWoRC 2005 – Western European Workshop on Research in Cryptology, 2005) Shin, SeongHan; Kobara, Kazukuni; Imai, HidekiA more realistic threat on cryptographic techniques (than breaking the underlying computational problems) is exposure of stored secrets that may be secret keys, private keys, password verification data and/or password-encrypted keys. In this paper we propose a secure network storage system (NSS) that provides not only a higher level of security against exposure of stored secrets but also information privacy with respect to the servers involved. The assumption of the NSS protocol is that a client remembers his password and stores an additional secret on insecure devices. We also analyzed its security of the NSS protocol, followed by some discussions whether the assumption is reasonable or not.
- KonferenzbeitragAlgebraic attacks and and annihilators(WEWoRC 2005 – Western European Workshop on Research in Cryptology, 2005) Armknecht, FrederikAlgebraic attacks on block ciphers and stream ciphers have gained more and more attention in cryptography. Their idea is to express a cipher by a system of equations whose solution reveals the secret key. The complexity of an algebraic attack generally increases with the degree of the equations. Hence, low-degree equations are crucial for the efficiency of algebraic attacks. In the case of simple combiners over GF(2), it was proved in [9] that the existence of low-degree equations is equivalent to the existence of low-degree annihilators, and the term "algebraic immunity" was introduced. This result was extended to general finite fields GF (q) in [4]. In this paper, which improves parts of the unpublished eprint paper [2], we present a generalized framework which additionally covers combiners with memory and S- Boxes over GF (q). In all three cases, the existence of low-degree equations can be reduced to the existence of certain annihilators. This might serve as a starting point for further research.
- Editiertes Buch
- KonferenzbeitragIssues on designing a cryptographic compiler(WEWoRC 2005 – Western European Workshop on Research in Cryptology, 2005) Lucks, Stefan; Schmoigl, Nico; Tatlı, Emin İslamFlawed implementations of security protocols is a major source of real world security problems. Typically, security protocols are specified in some "highlevel" way and may even be formally proven secure. Implementing them in practical (and comparatively low-level) source code has turned out to be error-prone. This paper introduces an experimental language for high-level protocol specifications and describes a tool to automatically compile source code from these specifications.