International Association for Cryptologic Research

# IACR News Central

A secret-sharing scheme realizes a graph if every two vertices connected by an edge can reconstruct the secret while every independent set in the graph does not get any information on the secret. Similar to secret-sharing schemes for general access structures, there are gaps between the known lower bounds and upper bounds on the share size for graphs. Motivated by the question of what makes a graph hard\'\' for secret-sharing schemes (that is, require large shares), we study very dense graphs, that is, graphs whose complement contains few edges. We show that if a graph with $n$ vertices contains $\\binom{n}{2}-n^{1+\\beta}$ edges for some constant $0\\leq\\beta 18:17 [Pub][ePrint] Secure computation undeniably received a lot of attention in the recent years, with the shift toward cloud computing offering a new incentive for secure computation and outsourcing. Surprisingly little attention, however, has been paid to computation with non-integer data types. To narrow this gap, in this work we develop efficient solutions for computation with real numbers in floating point representation, as well as more complex operations such as square root, logarithm, and exponentiation. Our techniques are information-theoretically secure, do not use expensive cryptographic techniques, and can be applied to a variety of settings. Our experimental results also show that the techniques exhibit rather fast performance and in some cases outperform operations on integers. 18:17 [Pub][ePrint] Recently, researchers have proposed several nice multi-server authentication protocols. They claim that their protocols are secure and can withstand various attacks. However, after reviewing their schemes, we found that they although are perfect whereas flawed. Due to this observation, in this paper, we list the weakness found in these recent literatures. 18:17 [Pub][ePrint] We introduce the notion of Cross-Unlinkability for group signature schemes. Considering groups organized in a tree structure, where belonging to the parent group is required to join a new group, Cross-Unlinkability enables a cascade revocation process that takes into account the underlying tree structure, while ensuring anonymity for non-revoked users, in particular, towards the managers of the other groups. We show how to achieve Cross-Unlinkability using the Verifier-Local Revocation group signature scheme of Bringer and Patey at Secrypt 2012, by exploiting its property of Backward Unlinkability. 18:17 [Pub][ePrint] As hardware capabilities increase, low-power devices such as smartphones represent a natural environment for the efficient implementation of cryptographic pairings. Few works in the literature have considered such platforms despite their growing importance in a post-PC world. In this paper, we investigate the efficient computation of the Optimal-Ate pairing over Barreto-Naehrig curves in software at different security levels on ARM processors. We exploit state-of-the-art techniques and propose new optimizations to speed up the computation in the tower field and curve arithmetic. In particular, we extend the concept of lazy reduction to inversion in extension fields, analyze an efficient alternative for the sparse multiplication used inside the Miller\'s algorithm and reduce further the cost of point/line evaluation formulas in affine and projective homogeneous coordinates. In addition, we study the efficiency of using M-type sextic twists in the pairing computation and carry out a detailed comparison between affine and projective coordinate systems. Our implementations on various mass-market smartphones and tablets significantly improve the state-of-the-art of pairing computation on ARM-powered devices, outperforming by at least a factor of 3.5 the best previous results in the literature. 04:48 [Event][New] Submission: 31 July 2012 Notification: 15 September 2012 From October 31 to October 31 More Information: http://cscjournals.org/csc/journals/IJCSS/journal_cfp.php?JCode=IJCSS 2012-07-23 12:17 [Pub][ePrint] In this article we propose an identity based key agreement protocol based on elliptic curve cryptography (ECC) between users of different networks with independent private key generations (PKGs). Our protocol is based on Cao et al.\'s protocol ,proposed in 2010, in which instead of bilinear pairings, elliptic curves are used for constructing an ID-based key agreement protocol . Our protocol develops Cao et al\'s protocol for situations that two users of independent organizations or networks with separate servers (that in this article, are named PKGs, because their main duty is generating private keys for the users) want to share a secret key via an insecure link. We also prove the security of the protocol in the random oracle model. 12:17 [Pub][ePrint] Group key agreement (GKA) protocols Play a main role in constructing secure multicast channels. These protocols are algorithms that describe how a group of parties communicating over a public network can gain a common secret key. ID-based authenticated group key agreement (AGKA) cryptosystems based on bilinear pairings are update researching subject because of the simplicity of their public key management and their efficiency. The key agreement protocol is a good way to establish a common session key for communication. But in a group of member\'s communication, we not only need to establish a common session key, but also need to concern the member changing situation. In this paper we propose a protocol based on Weil pairing, ID-based authentication and complete ternary tree architecture. We show that our protocol satisfies all known security requirements, and therefore it is more secure and efficient than the compared group key exchange protocols that we discuss in this article. 12:17 [Pub][ePrint] In this paper, by modifying a subclass of bent functions in$\\mathcal P S_{ap}$, we construct another subclass of bent functions in$\\mathcal P S^+$with maximum algebraic degree. We demonstrate that the algebraic immunity of the constructed functions is maximum. The result is proved by using the well known conjecture proposed by Tu and Deng (Des. Codes Cryptogr. 60(1), pp. 1-14, 2011) which has been proved recently by Cohen and Flori (http://eprint.iacr.org/ 2011/400.pdf). Finally, we identify a class of$\\cD_0$type bent functions constructed by modifying Dillon functions whose lower bound on second-order nonlinearity is very high. 12:17 [Pub][ePrint] We revisit the problem of cross-domain secure communication between two users belonging to different security domains within an open and distributed environment. Existing approaches presuppose that either the users are in possession of public key certificates issued by a trusted certificate authority (CA), or the associated domain authentication servers share a long-term secret key. In this paper, we propose a four-party password-based authenticated key exchange (4PAKE) protocol that takes a different approach from previous work. The users are not required to have public key certificates, but they simply reuse their login passwords they share with their respective domain authentication servers. On the other hand, the authentication servers, assumed to be part of a standard PKI, act as ephemeral CAs that certify\'\' some key materials that the users can subsequently exchange and agree on a session key. Moreover, we adopt a compositional approach. That is, by treating any secure two-party password-based key exchange protocol and two-party asymmetric-key based key exchange protocol as black boxes, we combine them to obtain a generic and provably secure 4PAKE protocol. 12:17 [Pub][ePrint] Private Information Retrieval (PIR) allows for retrieval of bits from a database in a way that hides a user\'s access pattern from the server. However, its practicality in a cloud computing setting has recently been questioned. In such a setting, PIR\'s enormous computation and communication overhead is expected to outweigh any cost saving advantages of cloud computing. This paper presents PIRMAP, a practical, highly efficient protocol for PIR in MapReduce, a widely supported cloud computing API. PIRMAP focuses especially on the retrieval of large files from the cloud, where it achieves optimal communication complexity ($O(l)$for retrieval of an$l$bit file) with query times significantly faster than previous schemes. To achieve this, PIRMAP arranges files so parallel evaluation can be done during the Map\'\' phase of MapReduce and aggregation can be carried out via an efficient additively homomorphic encryption scheme in the Reduce\'\' phase. PIRMAP has been implemented and tested in Amazon\'s public cloud with total database sizes of up to 1~TByte. Our performance evaluations show that PIRMAP is more than one order of magnitude cheaper and faster than trivial PIR\'\' on Amazon and adds only$20\\%\$ overhead to a