The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
8th International Conference on the Theory and Application of Cryptology and Information Security Queenstown, New Zealand, December 1–5, 2002 Proceedings
Since the first use of a p-adic method for counting points of elliptic curves, by Satoh in 1999, several variants of his algorithm have been proposed. In the current state, the AGM algorithm, proposed by Mestre is thought to be the fastest in practice, and the algorithm by Satoh-Skjernaa-Taguchi has the best asymptotic complexity but requires precomputations. We present an amelioration of the SST...
This paper provides a new method for construction of the generating (or basis) matrices of the (t, n)-threshold visual secret sharing scheme ((t, n)-VSSS) for any n ≥ 2 and 2 ≤t ≤n. We show that there exists a bijection between a set of generating matrices of the (t, n)-VSSS and a set of homogeneous polynomials of degree n satisfying a certain property. We also show that the set of homogeneous polynomials...
A Key Distribution Center enables secure communications among groups of users in a network by providing common keys that can be used with a symmetric encryption algorithm to encrypt and decrypt messages the users wish to send to each other. A Distributed Key Distribution Center is a set of servers of a network that jointly realize a Key Distribution Center. In this paper we propose an unconditionally...
We study how digital signature schemes can generate signatures as short as possible, in particular in the case where partial message recovery is allowed. We give a concrete proposition named OPSSR that achieves the lower bound for message expansion, and give an exact security proof of the scheme in the ideal cipher model. We extend it to the multi-key setting. We also show that this padding can be...
Essentially all known one-time signature schemes can be described as special instances of a general scheme suggested by Bleichenbacher and Maurer based on “graphs of one-way functions”. Bleichenbacher and Maurer thoroughly analyze graph based signatures from a combinatorial point of view, studying the graphs that result in the most efficient schemes (with respect to various efficiency measures, but...
We present novel realizations of the transitive signature primitive introduced by Micali and Rivest [12], and also provide an answer to an open question they raise regarding the security of their RSA based scheme. Our schemes provide performance improvements over the scheme of [12].
This paper addresses how to use public-keys of several different signature schemes to generate 1-out-of-n signatures. Previously known constructions are for either RSA-keys only or DL-type keys only. We present a widely applicable method to construct a 1-out-of-n signature scheme that allows mixture use of different flavors of keys at the same time. The resulting scheme is more efficient than previous...
A revocation or a broadcast encryption technology allows a sender to transmit information securely over a broadcast channel to a select group of receivers excluding some revoked receivers. In this paper we propose two efficient revocation methods which are suitable for stateless receivers. The proposed methods use an a-ary key tree structure and require at most r (log (N/r)/log a + 1 ) ciphertexts...
We propose a new mix network that is optimized to produce a correct output very fast when all mix servers execute the mixing protocol correctly (the usual case). Our mix network only produces an output if no server cheats. However, in the rare case when one or several mix servers cheat, we convert the inputs to a format that allows “back-up” mixing. This back-up mixing can be implemented using any...
We provide two new construction methods for nonlinear resilient functions. The first method is a simple modification of an elegant construction due to Zhang and Zheng and constructs n-input, m-output resilient S-boxes with degree d > m. We prove by an application of the Griesmer bound for linear error correcting codes that the modified Zhang-Zheng construction is superior to the previous method...
The enumeration of m-resilient Boolean functions in n variables would be a quite useful information for cryptography. But it seems to be an intractable open problem. Upper and lower bounds have appeared in the literature in the mid 80’s. Since then, improving them has been the goal of several papers. In this paper, we give a new upper bound which partially improves upon all the known bounds.
Group Diffie-Hellman schemes for password-based key exchange are designed to provide a pool of players communicating over a public network, and sharing just a human-memorable password, with a session key (e.g, the key is used for multicast data integrity and confidentiality). The fundamental security goal to achieve in this scenario is security against dictionary attacks. While solutions have been...
We consider communication sessions in which a pair of parties begin by running an authenticated key-exchange protocol to obtain a shared session key, and then secure successive data transmissions between them via an authenticated encryption scheme based on the session key. We show that such a communication session meets the notion of a secure channel protocol proposed by Canetti and Krawczyk [9] if...
Recently the bilinear pairing such as Weil pairing or Tate pairing on elliptic curves and hyperelliptic curves have been found various applications in cryptography. Several identity-based (simply ID-based) cryptosystems using bilinear pairings of elliptic curves or hyperelliptic curves were presented. Blind signature and ring signature are very useful to provide the user’s anonymity and the signer’s...
We present hierarchical identity-based encryption schemes and signature schemes that have total collusion resistance on an arbitrary number of levels and that have chosen ciphertext security in the random oracle model assuming the difficulty of the Bilinear Diffie-Hellman problem.
Designing cryptographic mechanisms and products is a challenging task. This task will become increasingly hard as software technology and systems evolve and as the new computational environment becomes more distributed, more diverse, and more global. In order to enable the inclusion of cryptographic components in the future infrastructure and within future applications, it is argued that assurance...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.