*21:17* [Pub][ePrint]
Fair Exchange of Short Signatures Without Trusted Third Party, by Philippe Camacho
We propose a protocol to exchange Boneh-Boyen short signatures in a fair way, without relying on a trusted third party. Our protocol is quite practical and is the first of the sort to the bestof our knowledge.Our construction uses a new non-interactive zero-knowledge (NIZK) argument to prove that a commitment is the encryption of a bit vector.

We also design a NIZK argument to prove that a commitment to a bit vector $v=(b_1,b_2,...,b_\\secparam)$ is such that $\\sum_{i \\in [\\secparam]}b_i2^{i-1}=\\Blinding$ where $\\Blinding$

is the discrete logarithm of some public value $\\BasicCommitment=g^\\Blinding$.These arguments may be of independent interest.

*21:17* [Pub][ePrint]
Ring Group Signatures, by Liqun Chen
In many applications of group signatures, not only a signer\'sidentity but also which group the signer belongs to is sensitive

information regarding signer privacy. In this paper, we study these

applications and combine a group signature with a ring signature to

create a ring group signature, which specifies a set of possible

groups without revealing which member of which group produced the

signature. The main contributions of this paper are a formal

definition of a ring group signature scheme and its security model,

a generic construction and a concrete example of such a scheme. Both

the construction and concrete scheme are provably secure if the

underlying group signature and ring signature schemes are

secure.

*21:17* [Pub][ePrint]
Efficient Dynamic Provable Possession of Remote Data via Update Trees, by Yihua Zhang and Marina Blanton
The emergence and wide availability of remote storage service providers prompted work inthe security community that allows a client to verify integrity and availability of the data that

she outsourced to an untrusted remove storage server at a relatively low cost. Most recent

solutions to this problem allow the client to read and update (i.e., insert, modify, or delete)

stored data blocks while trying to lower the overhead associated with verifying the integrity

of the stored data. In this work we develop a novel scheme, performance of which favorably

compares with the existing solutions. Our solution enjoys a number of new features such as a

natural support for operations on ranges of blocks, revision control, and support for multiple

user access to shared content. The performance guarantees that we achieve stem from a novel

data structure termed a balanced update tree and removing the need to verify update operations.

*17:37* [PhD][New]
Jens Zumbrägel: Public-key cryptography based on simple semirings
Name: Jens Zumbrägel

Topic: Public-key cryptography based on simple semirings

Category: public-key cryptography

Description: The discrete logarithm problem is the basic ingredient of many\r\n public-key cryptosystems. It can be stated as follows: Given a\r\n cyclic group (*G*,?) of order *n*, a\r\n generator *g* of *G*, and another\r\n element *h*?*G*, find the unique\r\n integer *a*?[0,*n*) such that\r\n *h*=*g*ˆ*a*. The integer *a* is called\r\n the *discrete logarithm* of\r\n *h* to the base *g*.

\r\n \r\nThere are key agreement protocols, public-key encryption schemes,\r\n and digital signatures employing the discrete logarithm problem.\r\n One example is the Diffie-Hellman key agreement protocol. It allows\r\n two parties, A and B, to agree on a secret key over an insecure\r\n channel. In order to achieve this goal they fix a finite cyclic\r\n group *G* and a generator *g* of *G*. Then A and B\r\n pick random integers *a*,*b* respectively and exchange\r\n *h*A=*g*ˆ*a*\r\n and *h*B=*g*ˆ*b*. Finally they\r\n compute *h*Bˆ*a*=*g*ˆ*ba*\r\n and *h*Aˆ*b*=*g*ˆ*ab*, and\r\n since *g*ˆ*ab*=*g*ˆ*ba* this element\r\n can be used as their secret key.

\r\n\r\nIt is clear that solving the underlying discrete logarithm problem\r\n is sufficient for breaking the Diffie-Hellman protocol. For this\r\n reason one has been searching for groups in which the discrete\r\n logarithm problem is considered to be a computationally hard\r\n problem. Among the groups that have been proposed as candidates are\r\n the multiplicative group of a finite field and the group over an\r\n elliptic curve. It should however be pointed out that the\r\n infeasibility of the discrete logarithm problem has not been proved\r\n in any concrete group.

\r\n\r\nDiscrete logarithm based cryptosystems can be generalized in the\r\n framework of *semigroup actions* (see e.[...]