Topics in Cryptology – CT-RSA 2021
Cryptographers’ Track at the RSA Conference 2021, Virtual Event, May 17–20, 2021, Proceedings
Chapter and Conference Paper
MEGA is a large-scale cloud storage and communication platform that aims to provide end-to-end encryption for stored data. A recent analysis by Backendal, Haller and Paterson (IEEE S &P 2023) invalidated these...
Chapter and Conference Paper
Ghosh, Kamara and Tamassia (ASIA CCS 2021) presented a Graph Encryption Scheme supporting shortest path queries. We show how to perform a query recovery attack against this GKT scheme when the adversary is giv...
Chapter and Conference Paper
We introduce puncturable key wrap** (PKW), a new cryptographic primitive that supports fine-grained forward security properties in symmetric key hierarchies. We develop syntax and security definitions, along wi...
Chapter and Conference Paper
A core goal of the NIST PQC competition is to produce PKE schemes which, even if attacked with a large-scale quantum computer, maintain the security guarantees needed by applications. The main security focus i...
Book and Conference Proceedings
Cryptographers’ Track at the RSA Conference 2021, Virtual Event, May 17–20, 2021, Proceedings
Article
We provide constructions of multilinear groups equipped with natural hard problems from indistinguishability obfuscation, homomorphic encryption, and NIZKs. This complements known results on the constructions ...
Book and Conference Proceedings
26th International Conference, Waterloo, ON, Canada, August 12–16, 2019, Revised Selected Papers
Chapter and Conference Paper
Hybrid Authenticated Key Exchange (AKE) protocols combine keying material from different sources (post-quantum, classical, and quantum key distribution (QKD)) to build protocols that are resilient to catastrop...
Chapter and Conference Paper
We consider the problem of constructing Diffie-Hellman (DH) parameters which pass standard approaches to parameter validation but for which the Discrete Logarithm Problem (DLP) is relatively easy to solve. We ...
Article
Related-key attacks (RKAs) concern the security of cryptographic primitives in the situation where the key can be manipulated by the adversary. In the RKA setting, the adversary’s power is expressed through th...
Article
Levillain et al. (Asia CCS 2015) proposed two cookie masking methods, TLS Scramble and MCookies, to counter a class of attacks on SSL/TLS in which the attacker is able to exploit its ability to obtain many encryp...
Article
We explore the use of the Mantin biases (Mantin, Eurocrypt 2005) to recover plaintexts from RC4-encrypted traffic. We provide a more fine-grained analysis of these biases than in Mantin’s original work. We sho...
Chapter and Conference Paper
WireGuard (Donenfeld, NDSS 2017) is a recently proposed secure network tunnel operating at layer 3. WireGuard aims to replace existing tunnelling solutions like IPsec and OpenVPN, while requiring less code, be...
Article
Most security models for authenticated key exchange (AKE) do not explicitly model the associated certification system, which includes the certification authority and its behaviour. However, there are several well...
Chapter and Conference Paper
The multi-key, or multi-user, setting challenges cryptographic algorithms to maintain high levels of security when used with many different keys, by many different users. Its significance lies in the fact that...
Chapter and Conference Paper
Cold boot attacks target memory remanence effects in hardware to secret key material. Such attacks were first explored in the scientific literature by Halderman et al. (USENIX Security Symposium 2008) and, sin...
Chapter and Conference Paper
We provide a tight security proof for an IND-CCA Ring-LWE based Key Encapsulation Mechanism that is derived from a generic construction of Dent (IMA Cryptography and Coding, 2003). Such a tight reduction is no...
Article
The Protocol for Lightweight Authentication of Identity (PLAID) aims at secure and private authentication between a smart card and a terminal. Originally developed by a unit of the Australian Department of Hum...
Chapter and Conference Paper
s2n is an implementation of the TLS protocol that was released in late June 2015 by Amazon. It is implemented in around 6,000 lines of C99 code. By comparison, OpenSSL needs around 70,000 lines of code t...
Chapter and Conference Paper
In the development of TLS 1.3, the IETF TLS Working Group has adopted an “analysis-prior-to-deployment” design philosophy. This is in sharp contrast to all previous versions of the protocol. We present an acco...