The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
An increasingly important design constraint for software running on ubiquitous computing devices is security, particularly against physical methods such as side-channel attack. One well studied methodology for defending against such attacks is the concept of indistinguishable functions which leak no information about program control flow since all execution paths are computationally identical. However,...
The Frobenius endomorphism τ is known to be useful for efficient scalar multiplication on elliptic curves defined over a field with small characteristic ( $E(\mathbb{F}_q^m)$ ). However, on devices with small resources, scalar multiplication algorithms using Frobenius are, as the usual double-and-add algorithms, vulnerable to Side Channel Attacks (SCA). The more successful countermeasure for thwarting...
We discuss various issues associated with signature schemes based solely upon hash functions. Such schemes are currently attractive in some limited applications, but their importance may increase if ever a practical quantum computer was built. We discuss issues related to both their implementation and their security. As far as we are aware this is the first complete treatment of practical implementations...
In this paper we present a very efficient, general construction for simultaneous signing and encrypting data. Our construction uses the KEM-DEM methodology of Cramer and Shoup combined with a secure signature scheme. We describe an instantiation of our construction that provides all the functionality of a signature scheme and of an encryption scheme. This instantiation is more efficient than...
Non-interactive designated verifier (NIDV) proofs were first introduced by Jakobsson et al. and have widely been used as confirmation and denial proofs for undeniable signature schemes. There appears to be no formal security modelling for NIDV undeniable signatures or for NIDV proofs in general. Indeed, recent work by Wang has shown the original NIDV undeniable signature scheme of Jakobsson et al....
The security provided by the XCBC, TMAC and OMAC schemes is analysed and compared with other MAC schemes. In particular, ‘partial’ key recovery attacks against all three of these schemes are described, yielding upper bounds on the effective security level. The results imply that there is relatively little to be gained practically through the introduction of these schemes by comparison with other well-established...
In this paper, a study of a paradigm for domain expansion of MACs is generalized. In particular, a tradeoff between the efficiency of a MAC and the tightness of its security reduction is investigated in detail. Our new on-line single-key AIL-MAC construction, the PDI-construction, transforms any FIL-MAC into an AIL-MAC and is superior to all previous AIL-MAC constructions given in the literature (taking...
The most important building blocks of symmetric cryptographic primitives such as the DES or the AES, are vectorial Boolean functions, also called S-boxes. In this paper, we extend the definition of normality for Boolean functions into several new affine invariant properties for vectorial Boolean functions. We compute the probability of occurrence of these properties and present practical algorithms...
Cobra-H64 and Cobra-H128, which use data-dependent permutations as a main cryptographic primitive, are 64-bit and 128-bit iterated block ciphers with 128-bit and 256-bit keys, respectively. Since these ciphers use very simple key scheduling and controlled permutation (CP) for fast hardware encryption, they are suitable for wireless communications networks which require high-speed networks. Actually,...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.