128 Hits in 1.4 sec

Designing Efficient Dyadic Operations for Cryptographic Applications

Gustavo Banegas, Paulo S. L. M. Barreto, Edoardo Persichetti, Paolo Santini
2018 Zenodo  
Cryptographic primitives from coding theory are some of the most promising candidates for NIST's Post-Quantum Cryptography Standardization process. In this paper, we introduce a variety of techniques to improve operations on dyadic matrices, a particular type of symmetric matrices that appear in the automorphism group of certain linear codes. Besides the independent interest, these techniques find an immediate application in practice. In fact, one of the candidates for the Key Exchange
more » ... lity, called DAGS, makes use of quasi-dyadic matrices to provide compact keys for the scheme.
doi:10.5281/zenodo.2594607 fatcat:kvr43mtqezduxkuqednkkmjq3i

On recovering block cipher secret keys in the cold boot attack setting [article]

Gustavo Banegas, Ricardo Villanueva-Polanco
2022 arXiv   pre-print
This paper presents a general strategy to recover a block cipher secret key in the cold boot attack setting. More precisely, we propose a key-recovery method that combines key enumeration algorithms and Grover's quantum algorithm to recover a block cipher secret key after an attacker has procured a noisy version of it via a cold boot attack. We also show how to implement the quantum component of our algorithm for several block ciphers such as AES, PRESENT and GIFT, and LowMC. Additionally,
more » ... evaluating the third-round post-quantum candidates of the National Institute of Standards and Technology (NIST) post-quantum standardization process against different attack vectors is of great importance for their overall assessment, we show the feasibility of performing our hybrid attack on Picnic, a post-quantum signature algorithm being an alternate candidate in the NIST post-quantum standardization competition. According to our results, our method may recover the Picnic private key for all Picnic parameter sets, tolerating up to 40% of noise for some of the parameter sets. Furthermore, we provide a detailed analysis of our method by giving the cost of its resources, its running time, and its success rate for various enumerations.
arXiv:2205.04220v1 fatcat:msrqj73iyjcifhfmhr2m2hxbuy

Statically Aggregate Verifiable Random Functions and Application to E-Lottery

Bei Liang, Gustavo Banegas, Aikaterini Mitrokotsa
2020 Cryptography  
Cohen, Goldwasser, and Vaikuntanathan (TCC'15) introduced the concept of aggregate pseudo-random functions (PRFs), which allow efficiently computing the aggregate of PRF values over exponential-sized sets. In this paper, we explore the aggregation augmentation on verifiable random function (VRFs), introduced by Micali, Rabin and Vadhan (FOCS'99), as well as its application to e-lottery schemes. We introduce the notion of static aggregate verifiable random functions (Agg-VRFs), which perform
more » ... egation for VRFs in a static setting. Our contributions can be summarized as follows: (1) we define static aggregate VRFs, which allow the efficient aggregation of VRF values and the corresponding proofs over super-polynomially large sets; (2) we present a static Agg-VRF construction over bit-fixing sets with respect to product aggregation based on the q-decisional Diffie–Hellman exponent assumption; (3) we test the performance of our static Agg-VRFs instantiation in comparison to a standard (non-aggregate) VRF in terms of costing time for the aggregation and verification processes, which shows that Agg-VRFs lower considerably the timing of verification of big sets; and (4) by employing Agg-VRFs, we propose an improved e-lottery scheme based on the framework of Chow et al.'s VRF-based e-lottery proposal (ICCSA'05). We evaluate the performance of Chow et al.'s e-lottery scheme and our improved scheme, and the latter shows a significant improvement in the efficiency of generating the winning number and the player verification.
doi:10.3390/cryptography4040037 fatcat:kuvuku4jevb2vhkwloc4e2yiw4

Low-Communication Parallel Quantum Multi-Target Preimage Search [chapter]

Gustavo Banegas, Daniel J. Bernstein
2017 Lecture Notes in Computer Science  
The most important pre-quantum threat to AES-128 is the 1994 van Oorschot-Wiener "parallel rho method", a low-communication parallel pre-quantum multi-target preimage-search algorithm. This algorithm uses a mesh of p small processors, each running for approximately 2 128 /pt fast steps, to find one of t independent AES keys k1, . . . , kt, given the ciphertexts AES k 1 (0), . . . , AES k t (0) for a shared plaintext 0. NIST has claimed a high post-quantum security level for AES-128, starting
more » ... m the following rationale: "Grover's algorithm requires a longrunning serial computation, which is difficult to implement in practice. In a realistic attack, one has to run many smaller instances of the algorithm in parallel, which makes the quantum speedup less dramatic." NIST has also stated that resistance to multi-key attacks is desirable; but, in a realistic parallel setting, a straightforward multi-key application of Grover's algorithm costs more than targeting one key at a time. This paper introduces a different quantum algorithm for multi-target preimage search. This algorithm shows, in the same realistic parallel setting, that quantum preimage search benefits asymptotically from having multiple targets. The new algorithm requires a revision of NIST's AES-128, AES-192, and AES-256 security claims.
doi:10.1007/978-3-319-72565-9_16 fatcat:vbbeh5v3wbazbk53tfpm46xxvi

Practical and Provably Secure Distributed Aggregation: Verifiable Additive Homomorphic Secret Sharing

Georgia Tsaloli, Gustavo Banegas, Aikaterini Mitrokotsa
2020 Cryptography  
Gustavo Banegas is funded by WASP expedition project Massive, Secure, and Low-Latency Connectivity for IoT Applications. Conflicts of Interest: The authors declare no conflict of interest.  ... 
doi:10.3390/cryptography4030025 fatcat:sbkoaweq6zaixf3renptg46edm

Designing Efficient Dyadic Operations for Cryptographic Applications

Gustavo Banegas, Paulo S. L. M. Barreto, Edoardo Persichetti, Paolo Santini
2020 Journal of Mathematical Cryptology  
AbstractCryptographic primitives from coding theory are some of the most promising candidates for NIST's Post-Quantum Cryptography Standardization process. In this paper, we introduce a variety of techniques to improve operations on dyadic matrices, a particular type of symmetric matrices that appear in the automorphism group of certain linear codes. Besides the independent interest, these techniques find an immediate application in practice. In fact, one of the candidates for the Key Exchange
more » ... unctionality, called DAGS, makes use of quasi-dyadic matrices to provide compact keys for the scheme.
doi:10.1515/jmc-2015-0054 fatcat:so456wffuvbino5cdtulti4e5u

Quantum-Resistant Security for Software Updates on Low-power Networked Embedded Devices [article]

Gustavo Banegas
2021 arXiv   pre-print
As the Internet of Things (IoT) rolls out today to devices whose lifetime may well exceed a decade, conservative threat models should consider attackers with access to quantum computing power. The SUIT standard (specified by the IETF) defines a security architecture for IoT software updates, standardizing the metadata and the cryptographic tools-namely, digital signatures and hash functions-that guarantee the legitimacy of software updates. While the performance of SUIT has previously been
more » ... ated in the pre-quantum context, it has not yet been studied in a post-quantum context. Taking the open-source implementation of SUIT available in RIOT as a case study, we overview post-quantum considerations, and quantum-resistant digital signatures in particular, focusing on lowpower, microcontroller-based IoT devices which have stringent resource constraints in terms of memory, CPU, and energy consumption. We benchmark a selection of proposed post-quantum signature schemes (LMS, Falcon, and Dilithium) and compare them with current pre-quantum signature schemes (Ed25519 and ECDSA). Our benchmarks are carried out on a variety of IoT hardware including ARM Cortex-M, RISC-V, and Espressif (ESP32), which form the bulk of modern 32-bit microcontroller architectures. We interpret our benchmark results in the context of SUIT, and estimate the real-world impact of post-quantum alternatives for a range of typical software update categories. CCS CONCEPTS ∙ Computer systems organization → Embedded systems.
arXiv:2106.05577v2 fatcat:pcg64enerzgqhe3qw6ime2vksi

Don't forget your roots: constant-time root finding over 픽 2 m [article]

Douglas Marcelino Beppler Martins, Gustavo Banegas, Ricardo Felipe Custódio
2019 IACR Cryptology ePrint Archive  
Ours SCA Ours 5.24 • 10 9 5.28 • 10 9 5.32 • 10 9 5.36 • 10 9 BTA Ours 7.6 • 10 8 8 • 10 8 8.4 • 10 8 8.8 • 10 8 9.2 • 10 8 Fig. 2: available in finding  ... 
dblp:journals/iacr/MartinsBC19 fatcat:sedwcxip4vcgpfhbifhqgt3hzm

Concrete quantum cryptanalysis of binary elliptic curves

Gustavo Banegas, Daniel J. Bernstein, Iggy Van Hoof, Tanja Lange
2020 Transactions on Cryptographic Hardware and Embedded Systems  
This paper analyzes and optimizes quantum circuits for computing discrete logarithms on binary elliptic curves, including reversible circuits for fixed-base-point scalar multiplication and the full stack of relevant subroutines. The main optimization target is the size of the quantum computer, i.e., the number of logical qubits required, as this appears to be the main obstacle to implementing Shor's polynomial-time discrete-logarithm algorithm. The secondary optimization target is the number of
more » ... logical Toffoli gates. For an elliptic curve over a field of 2n elements, this paper reduces the number of qubits to 7n + ⌊log2(n)⌋ + 9. At the same time this paper reduces the number of Toffoli gates to 48n3 + 8nlog2(3)+1 + 352n2 log2(n) + 512n2 + O(nlog2(3)) with double-and-add scalar multiplication, and a logarithmic factor smaller with fixed-window scalar multiplication. The number of CNOT gates is also O(n3). Exact gate counts are given for various sizes of elliptic curves currently used for cryptography.
doi:10.46586/tches.v2021.i1.451-472 fatcat:2chsn37mzba27ktdutfaq7oc2q

CTIDH: faster constant-time CSIDH

Gustavo Banegas, Daniel J. Bernstein, Fabio Campos, Tung Chou, Tanja Lange, Michael Meyer, Benjamin Smith, Jana Sotáková
2021 Transactions on Cryptographic Hardware and Embedded Systems  
This paper introduces a new key space for CSIDH and a new algorithm for constant-time evaluation of the CSIDH group action. The key space is not useful with previous algorithms, and the algorithm is not useful with previous key spaces, but combining the new key space with the new algorithm produces speed records for constant-time CSIDH. For example, for CSIDH-512 with a 256-bit key space, the best previous constant-time results used 789000 multiplications and more than 200 million Skylake
more » ... ; this paper uses 438006 multiplications and 125.53 million cycles.
doi:10.46586/tches.v2021.i4.351-387 fatcat:nr4ue2uyqndzjl6luqbwb7tuse

Genetic diversity of Plasmodium vivax and Plasmodium falciparum in Honduras

Ana Lopez, Andres Ortiz, Jorge Coello, Wilfredo Sosa-Ochoa, Rosa E Torres, Engels I Banegas, Irina Jovel, Gustavo A Fontecha
2012 Malaria Journal  
Understanding the population structure of Plasmodium species through genetic diversity studies can assist in the design of more effective malaria control strategies, particularly in vaccine development. Central America is an area where malaria is a public health problem, but little is known about the genetic diversity of the parasite's circulating species. This study aimed to investigate the allelic frequency and molecular diversity of five surface antigens in field isolates from Honduras.
more » ... ds: Five molecular markers were analysed to determine the genotypes of Plasmodium vivax and Plasmodium falciparum from endemic areas in Honduras. Genetic diversity of ama-1, msp-1 and csp was investigated for P. vivax, and msp-1 and msp-2 for P. falciparum. Allelic frequencies were calculated and sequence analysis performed. Results and conclusion: A high genetic diversity was observed within Plasmodium isolates from Honduras. A different number of genotypes were elucidated: 41 (n = 77) for pvama-1; 23 (n = 84) for pvcsp; and 23 (n = 35) for pfmsp-1. Pvcsp sequences showed VK210 as the only subtype present in Honduran isolates. Pvmsp-1 (F2) was the most polymorphic marker for P. vivax isolates while pvama-1 was least variable. All three allelic families described for pfmsp-1 (n = 30) block 2 (K1, MAD20, and RO33), and both allelic families described for the central domain of pfmsp-2 (n = 11) (3D7 and FC27) were detected. However, K1 and 3D7 allelic families were predominant. All markers were randomly distributed across the country and no geographic correlation was found. To date, this is the most complete report on molecular characterization of P. vivax and P. falciparum field isolates in Honduras with regards to genetic diversity. These results indicate that P. vivax and P. falciparum parasite populations are highly diverse in Honduras despite the low level of transmission.
doi:10.1186/1475-2875-11-391 pmid:23181845 pmcid:PMC3519596 fatcat:4vjetgp3dndpfmo4x7jqubaqvi

A new class of irreducible pentanomials for polynomial based multipliers in binary fields [article]

Gustavo Banegas and Ricardo Custodio and Daniel Panario
2018 arXiv   pre-print
We introduce a new class of irreducible pentanomials over F_2 of the form f(x) = x^2b+c + x^b+c + x^b + x^c + 1. Let m=2b+c and use f to define the finite field extension of degree m. We give the exact number of operations required for computing the reduction modulo f. We also provide a multiplier based on Karatsuba algorithm in F_2[x] combined with our reduction process. We give the total cost of the multiplier and found that the bit-parallel multiplier defined by this new class of polynomials
more » ... has improved XOR and AND complexity. Our multiplier has comparable time delay when compared to other multipliers based on Karatsuba algorithm.
arXiv:1806.00432v1 fatcat:r5w3vglx6bex3cleyrmswcvk5a

Comparación de gota gruesa y PCR para la detección de infecciones maláricas en Honduras

Ana Cecilia López, Jorge Coello Quan, Rosa Elena Mejía, Engels Banegas, Gustavo Fontecha
2012 Revista Ciencia y Tecnología  
, Gustavo Fontecha El esquema de la región amplificada se muestra en la Figura 1 y corresponde a un segmento del gen ADNr 18S.  ... Comparación de gota gruesa y PCR para la detección de infecciones maláricas en Honduras 1 2 1 1 2 Ana Cecilia López , Jorge Coello Quan , Rosa Elena Mejía , 2 1* Engels Banegas  ... 
doi:10.5377/rct.v0i9.708 fatcat:v4eq5hjgkzf6ddssbxev7hw7gm

G6PD deficiency, primaquine treatment, and risk of haemolysis in malaria-infected patients

Sara Avalos, Rosa E Mejia, Engels Banegas, Cesar Salinas, Lester Gutierrez, Marcela Fajardo, Suzeth Galo, Alejandra Pinto, Angel Mejia, Gustavo Fontecha
2018 Malaria Journal  
The incidence of malaria in the Americas has decreased markedly in recent years. Honduras and the other countries of Mesoamerica and the island of Hispaniola have set the goal of eliminating native malaria by the year 2020. To achieve this goal, Honduras has recently approved national regulations to expand the possibilities of a shortened double dose primaquine (PQ) treatment for vivax malaria. Considering this new shortened anti-malarial treatment, the high frequency of G6PDd genotypes in
more » ... ras, and the lack of routinely assessment of the G6PD deficiency status, this study aimed at investigating the potential association between the intake of PQ and haemolysis in malaria-infected G6PDd subjects. This was a prospective cohort and open-label study. Participants with malaria were recruited. Plasmodium vivax infection was treated with 0.25 mg/kg of PQ daily for 14 days. Safety and signs of haemolysis were evaluated by clinical criteria and laboratory values before and during the 3rd and 7th day of PQ treatment. G6PD status was assessed by a rapid test (CareStart™) and two molecular approaches. Overall 55 participants were enrolled. The frequency of G6PD deficient genotypes was 7/55 (12.7%), where 5/7 (71.4%) were hemizygous A- males and 2/7 (28.6%) heterozygous A- females. Haemoglobin concentrations were compared between G6PD wild type (B) and G6PDd A- subjects, showing a significant difference between the means of both groups in the 3rd and 7th days. Furthermore, a statistically significant difference was evident in the change in haemoglobin concentration between the 3rd day and the 1st day for both genotypes, but there was no statistical difference for the change in haemoglobin concentration between the 7th day and the 1st day. Besides these changes in the haemoglobin concentrations, none of the patients showed signs or symptoms associated with severe haemolysis, and none needed to be admitted to a hospital for further medical attention. The findings support that the intake of PQ during 14 days of treatment against vivax malaria is safe in patients with a class III variant of G6PDd. In view of the new national regulations in the shortened treatment of vivax malaria for 7 days, it is advisable to be alert of potential cases of severe haemolysis that could occur among G6PD deficient hemizygous males with a class II mutation such as the Santamaria variant, previously reported in the country.
doi:10.1186/s12936-018-2564-2 pmid:30409136 pmcid:PMC6225638 fatcat:rr2hlt3nevf73bwcn5iyxgmtl4

Comparison of molecular tests for the diagnosis of malaria in Honduras

Gustavo A Fontecha, Meisy Mendoza, Engels Banegas, Mitra Poorak, Alexandre M De Oliveira, Tamara Mancero, Venkatachalam Udhayakumar, Naomi W Lucchi, Rosa E Mejia
2012 Malaria Journal  
Honduras is a tropical country with more than 70% of its population living at risk of being infected with either Plasmodium vivax or Plasmodium falciparum. Laboratory diagnosis is a very important factor for adequate treatment and management of malaria. In Honduras, malaria is diagnosed by both, microscopy and rapid diagnostic tests and to date, no molecular methods have been implemented for routine diagnosis. However, since mixed infections, and asymptomatic and low-parasitaemic cases are
more » ... cult to detect by light microscopy alone, identifying appropriate molecular tools for diagnostic applications in Honduras deserves further study. The present study investigated the utility of different molecular tests for the diagnosis of malaria in Honduras. Methods: A total of 138 blood samples collected as part of a clinical trial to assess the efficacy of chloroquine were used: 69 microscopically confirmed P. falciparum positive samples obtained on the day of enrolment and 69 followup samples obtained 28 days after chloroquine treatment and shown to be malaria negative by microscopy. Sensitivity and specificity of microscopy was compared to an 18 s ribosomal RNA gene-based nested PCR, two single-PCR reactions designed to detect Plasmodium falciparum infections, one single-PCR to detect Plasmodium vivax infections, and one multiplex one-step PCR reaction to detect both parasite species. Results: Of the 69 microscopically positive P. falciparum samples, 68 were confirmed to be P. falciparum-positive by two of the molecular tests used. The one sample not detected as P. falciparum by any of the molecular tests was shown to be P. vivax-positive by a reference molecular test indicating a misdiagnosis by microscopy. The reference molecular test detected five cases of P. vivax/P. falciparum mixed infections, which were not recognized by microscopy as mixed infections. Only two of these mixed infections were recognized by a multiplex test while a P. vivax-specific polymerase chain reaction (PCR) detected three of them. In addition, one of the day 28 samples, previously determined to be malaria negative by microscopy, was shown to be P. vivax-positive by three of the molecular tests specific for this parasite. Conclusions: Molecular tests are valuable tools for the confirmation of Plasmodium species and in detecting mixed infections in malaria endemic regions.
doi:10.1186/1475-2875-11-119 pmid:22513192 pmcid:PMC3407797 fatcat:gtkj6wre4vbezezlqjzzgoylbe
« Previous Showing results 1 — 15 out of 128 results