-
Chapter and Conference Paper
Universally Composable Auditable Surveillance
User privacy is becoming increasingly important in our digital society. Yet, many applications face legal requirements or regulations that prohibit unconditional anonymity guarantees, e.g., in electronic payme...
-
Chapter and Conference Paper
Onion Routing with Replies
Onion routing (OR) protocols are a crucial tool for providing anonymous internet communication. An OR protocol enables a user to anonymously send requests to a server. A fundamental problem of OR protocols is ...
-
Article
Open AccessP6V2G: a privacy-preserving V2G scheme for two-way payments and reputation
The number of electric vehicles (EVs) is steadily growing. This provides a promising opportunity for balancing the smart grid of the future, because vehicle-to-grid (V2G) systems can utilize the batteries of p...
-
Chapter and Conference Paper
(R)CCA Secure Updatable Encryption with Integrity Protection
An updatable encryption scheme allows a data host to update ciphertexts of a client from an old to a new key, given so-called update tokens from the client. Rotation of the encryption key is a common requireme...
-
Chapter and Conference Paper
Non-malleability vs. CCA-Security: The Case of Commitments
In this work, we settle the relations among a variety of security notions related to non-malleability and CCA-security that have been proposed for commitment schemes in the literature. Interestingly, all our s...
-
Chapter and Conference Paper
Reconfigurable Cryptography: A Flexible Approach to Long-Term Security
We put forward the concept of a reconfigurable cryptosystem. Intuitively, a reconfigurable cryptosystem allows to increase the security of the system at runtime, by changing a single central parameter we call com...
-
Chapter and Conference Paper
Public-Key Encryption with Simulation-Based Selective-Opening Security and Compact Ciphertexts
In a selective-opening (SO) attack on an encryption scheme, an adversary \(A\) ...
-
Chapter and Conference Paper
Fault-Tolerant Aggregate Signatures
Aggregate signature schemes allow for the creation of a short aggregate of multiple signatures. This feature leads to significant reductions of bandwidth and storage space in sensor networks, secure routing pr...
-
Chapter and Conference Paper
Standard versus Selective Opening Security: Separation and Equivalence Results
Suppose many messages are encrypted using a public-key encryption scheme. Imagine an adversary that may adaptively ask for openings of some of the ciphertexts. Selective opening (SO) security requires that the un...
-
Chapter and Conference Paper
Polynomial Spaces: A New Framework for Composite-to-Prime-Order Transformations
At Eurocrypt 2010, Freeman presented a framework to convert cryptosystems based on composite-order groups into ones that use prime-order groups. Such a transformation is interesting not only from a conceptual ...
-
Chapter and Conference Paper
P4R: Privacy-Preserving Pre-Payments with Refunds for Transportation Systems
We propose a new lightweight payment scheme for transit systems called P4R: Privacy-Preserving Pre-Payments with Refunds. In P4R a user deposits money to obtain a bundle of credentials, where each credential a...
-
Chapter and Conference Paper
Efficient Threshold Zero-Knowledge with Applications to User-Centric Protocols
In this paper, we investigate on threshold proofs, a framework for distributing the prover’s side of interactive proofs of knowledge over multiple parties. Interactive proofs of knowledge (PoK) are widely used pr...
-
Chapter and Conference Paper
The Semi-Generic Group Model and Applications to Pairing-Based Cryptography
In pairing-based cryptography the Generic Group Model (GGM) is used frequently to provide evidence towards newly introduced hardness assumptions. Unfortunately, the GGM does not reflect many known properties o...
-
Chapter and Conference Paper
On Black-Box Ring Extraction and Integer Factorization
The black-box extraction problem over rings has (at least) two important interpretations in cryptography: An efficient algorithm for this problem implies (i) the equivalence of computing discrete logarithms an...
-
Chapter and Conference Paper
A Real-World Attack Breaking A5/1 within Hours
In this paper we present a real-world hardware-assisted attack on the well-known A5/1 stream cipher which is (still) used to secure GSM communication in most countries all over the world. During the last ten y...
-
Chapter and Conference Paper
Faster Multi-exponentiation through Caching: Accelerating (EC)DSA Signature Verification
When verifying digital signatures, achieving a high throughput can be crucial. We present a technique that is useful for ECDSA and DSA signatures. It assumes that common domain parameters are used (which is ty...
-
Chapter and Conference Paper
Sufficient Conditions for Intractability over Black-Box Groups: Generic Lower Bounds for Generalized DL and DH Problems
The generic group model is a valuable methodology for analyzing the computational hardness of number-theoretic problems used in cryptography. Although generic hardness proofs exhibit many similarities, still t...
-
Chapter and Conference Paper
Time-Area Optimized Public-Key Engines: \(\mathcal{MQ}\) -Cryptosystems as Replacement for Elliptic Curves?
In this paper ways to efficiently implement public-key schemes based on ultivariate
-
Chapter and Conference Paper
A Hardware-Assisted Realtime Attack on A5/2 Without Precomputations
A5/2 is a synchronous stream cipher that is used for protecting GSM communication. Recently, some powerful attacks [2,5] on A5/2 have been proposed. In this contribution we enhance the ciphertext-only attack [...
-
Chapter and Conference Paper
On the Equivalence of RSA and Factoring Regarding Generic Ring Algorithms
To prove or disprove the computational equivalence of solving the RSA problem and factoring integers is a longstanding open problem in cryptography. This paper provides some evidence towards the validity of th...