Filters








100 Hits in 2.9 sec

Development of Cryptography since Shannon [article]

Funda Özdemir, Çetin Kaya Koç
2022 IACR Cryptology ePrint Archive  
Then, Fan and Vercauteren [36] optimized the Brakerski's scheme by changing the based assumption from LWE problem to RLWE problem.  ...  The semantic security of the achieved FHE scheme is based on an additional assumption called "sparse subset sum assumption".  ... 
dblp:journals/iacr/OzdemirK22 fatcat:wzia5wptezdt3guwsic2a4oo6m

CSI-RAShi: Distributed key generation for CSIDH [article]

Ward Beullens, Lucas Disson, Robi Pedersen, Frederik Vercauteren
2020 IACR Cryptology ePrint Archive  
We present an honest-majority Distributed Key Generation protocol (DKG) based on Shamir's (k, n)-threshold secret sharing in the setting of Very Hard Homogenous Spaces (VHHS).  ...  For n participants, the total runtime of our protocol is 2 + λ + n(1 + 4λ) group action evaluations, where λ is the underlying security parameter, and is thus independent of the threshold k.  ...  This paper focuses on the threshold schemes.  ... 
dblp:journals/iacr/BeullensDPV20 fatcat:m6a6iafndratfemdikfecqq22a

Verifiable Delay Functions from Supersingular Isogenies and Pairings [chapter]

Luca De Feo, Simon Masson, Christophe Petit, Antonio Sanso
2019 Lecture Notes in Computer Science  
We present two new Verifiable Delay Functions (VDF) based on assumptions from elliptic curve cryptography.  ...  Finally, a distributed trusted setup with n − 1 threshold security can be efficiently constructed in our case purely from isogeny assumptions, whereas the RSA setting requires heavy multi-party computation  ...  Conclusion and Perspectives We presented two new candidate Verifiable Delay Functions, based on assumptions from pairing-based and isogeny-based cryptography.  ... 
doi:10.1007/978-3-030-34578-5_10 fatcat:xz5fbejjdngk7glu5vp7w5gp44

On Actively Secure Fine-grained Access Structures from Isogeny Assumptions [article]

Philipp Muth, Fabio Campos
2021 IACR Cryptology ePrint Archive  
More precisely, we elevate a given passively secure isogeny based threshold scheme to an actively secure setting. We prove the active security and simulatability of our advanced schemes.  ...  We present an actively secure threshold scheme in the setting of Hard Homogenous Spaces (HHS) which allows fine-grained access structures.  ...  Cozzo and Smart [11] presented the first actively secure but not robust distributed signature scheme based on isogeny assumptions.  ... 
dblp:journals/iacr/MuthC21 fatcat:crvcpawq4zg2ndua5c4dg47mxm

Collusion Resistant Revocable Ring Signatures and Group Signatures from Hard Homogeneous Spaces [article]

Yi-Fu Lai, Samuel Dobson
2021 IACR Cryptology ePrint Archive  
Secondly (and more concretely), we construct a practical collusion-resistant revocable ring signature scheme based on hard homogenous spaces (HHS), and thus obtain a group signature scheme based on isogenies  ...  To the best of our knowledge, the schemes given in this work are the first efficient post-quantum (collusion-resistant) revocable ring signature scheme, and the first efficient isogeny-based group signature  ...  Recently, a variety of isogeny-based cryptographic primitives have been proposed, including signature schemes [Sto09, BKV19, DKL + 20], a ring signature scheme [BKP20] , a threshold scheme [DM20] , a  ... 
dblp:journals/iacr/LaiD21 fatcat:dvf5mhva4vhotmpc2yx7orfley

Attribute-Based Encryption in Securing Big Data from Post-Quantum Perspective: A Survey

Zulianie Binti Jemihin, Soo Fun Tan, Gwo-Chin Chung
2022 Cryptography  
Like the conventional ABE schemes, present cryptography is not excluded from the impacts of quantum technology as they are not made to be quantum-resistant.  ...  This survey reviews the challenges faced by the recent ABE cryptography in the post-quantum era and highlights its differences from the conventional pairing-based ABE schemes.  ...  [66] enhanced the CP-ABE scheme with a binary tree structure and threshold gates, respectively. Tsabary [62] designed a CP-ABE scheme from t-CNF based on the LWE problem. Liu et al.  ... 
doi:10.3390/cryptography6030040 fatcat:h3zmbvouwvchvnb54as7zsa3li

CSIDH on the Surface [chapter]

Wouter Castryck, Thomas Decru
2020 Lecture Notes in Computer Science  
If p ≡ 7 mod 8 then horizontal 2-isogenies can be used to help compute the class group action.  ...  The formulas we derive for these 2-isogenies are very efficient (they basically amount to a single exponentiation in Fp) and allow for a noticeable speed-up, e.g., our resulting CSURF-512 protocol runs  ...  We thank Luca De Feo for pointing out the relevance to isogeny-based threshold schemes [12] , and Frederik Vercauteren for helpful feedback regarding the proof of Lemma 4.  ... 
doi:10.1007/978-3-030-44223-1_7 fatcat:dwemmf34kvcctbqxqgihtnzf6e

Batching CSIDH Group Actions using AVX-512

Hao Cheng, Georgios Fotiadis, Johann Großschädl, Peter Y. A. Ryan, Peter B. Rønne
2021 Transactions on Cryptographic Hardware and Embedded Systems  
Commutative Supersingular Isogeny Diffie-Hellman (or CSIDH for short) is a recently-proposed post-quantum key establishment scheme that belongs to the family of isogeny-based cryptosystems.  ...  there is a strong demand for optimizations that increase the efficiency of the class group action evaluation, which is not only important for CSIDH, but also for related cryptosystems like the signature schemes  ...  While isogenybased schemes are computation-intensive, their key sizes are among the smallest of the five categories and come even close to that of pre-quantum elliptic curve schemes.  ... 
doi:10.46586/tches.v2021.i4.618-649 fatcat:onlwu4m2anettm727l4zipmvuu

An Analysis of Fault Attacks on CSIDH [article]

Jason T. LeGrow, Aaron Hutchinson
2020 IACR Cryptology ePrint Archive  
In this work, we analyze attacking implementations of CSIDH which use dummy isogeny operations using fault injections from a mathematical perspective.  ...  We derive theoretical bounds on the number of attacks required to reach a specified certainty threshold about the key under our model.  ...  The vector b is called a bound vector and must be carefully chosen to ensure the security of the scheme.  ... 
dblp:journals/iacr/LeGrowH20 fatcat:hfi5nx6irvcizngxmx25u53smm

Efficient Algorithms for Large Prime Characteristic Fields and Their Application to Bilinear Pairings and Supersingular Isogeny-Based Protocols [article]

Patrick Longa
2022 IACR Cryptology ePrint Archive  
Keywords: Sum of products • prime fields • extension fields • bilinear pairings • BLS12-381 • supersingular isogeny-based cryptography • SIKE • efficient computation. 1 This generalization is similar to  ...  performance of the proposed approach in the computation of multiplication over an extension field F p k , and demonstrate its impact in two popular cryptographic settings: bilinear pairings and supersingular isogeny-based  ...  From now on, we make the assumption that inputs a i and b i are already in the Montgomery domain.  ... 
dblp:journals/iacr/Longa22 fatcat:umm2gpzr45dexccuxk6ipzy3ba

Curse of Re-encryption: A Generic Power/EM Analysis on Post-Quantum KEMs

Rei Ueno, Keita Xagawa, Yutaro Tanaka, Akira Ito, Junko Takahashi, Naofumi Homma
2021 Transactions on Cryptographic Hardware and Embedded Systems  
attack is evaluated through experimental attacks on various PRF implementations (a SHAKE software, an AES software, an AES hardware, a bit-sliced masked AES software, and a masked AES hardware based on threshold  ...  The FO transformation has been widely used in actively securing KEMs from passively secure public key encryption (PKE), as it is employed in most of NIST post-quantum cryptography (PQC) candidates for  ...  Note that the timing attack cannot be applied to SIKE (the isogeny-based KEM in NIST PQC), because the known adaptive attack on SIKE.PKE uses invalid ciphertext(s) that differs significantly from reference  ... 
doi:10.46586/tches.v2022.i1.296-322 fatcat:harfhr4cjbawfctnupxar6upmi

18 Seconds to Key Exchange: Limitations of Supersingular Isogeny Diffie-Hellman on Embedded Devices [article]

Philipp Koppermann, Eduard Pop, Johann Heyszl, Georg Sigl
2018 IACR Cryptology ePrint Archive  
The quantum secure supersingular isogeny Diffie-Hellman (SIDH) key exchange is a promising candidate in NIST's on-going postquantum standardization process.  ...  Since there are no published results to test this assumption, we present speed-optimized implementations for two small microcontrollers and set a first benchmark that can be of relevance for the standardization  ...  There is a one to one correspondence between isogenies and their kernels, and an isogeny can be computed from its kernel.  ... 
dblp:journals/iacr/KoppermannPHS18 fatcat:rbmuiebyofgmtj2g5tbhmsvwj4

On new Vélu's formulae and their applications to CSIDH and B-SIDH constant-time implementations [article]

Gora Adj, Jesús-Javier Chi-Domínguez, Francisco Rodríguez-Henríquez
2020 IACR Cryptology ePrint Archive  
At a combined computational expense of about 6 field operations, Vélu's formulas are used to construct and evaluate degree-isogenies in the vast majority of isogeny-based cryptographic schemes.  ...  We also report an optimized Python3-code implementation of several instantiations of two isogeny-based key-exchange protocols, namely, CSIDH and B-SIDH.  ...  Background Most if not all of the fastest isogeny-based constant-time protocol implementations, have adopted for their schemes Montgomery and twisted Edwards curve models.  ... 
dblp:journals/iacr/AdjCR20 fatcat:saqfe5uiwbhzbns6h6oatpx4qm

Fast arithmetics in Artin–Schreier towers over finite fields

Luca De Feo, Éric Schost
2012 Journal of symbolic computation  
As an application, we present an implementation of Couveignes' algorithm for computing isogenies between elliptic curves using the p-torsion.  ...  by assumptions on M and L. The conclusion follows, again by assumptions on L. 2 Theorem 18.  ...  Experimental results We describe here the implementation of our algorithms and an application coming from elliptic curve cryptology, isogeny computation. Implementation.  ... 
doi:10.1016/j.jsc.2011.12.008 fatcat:iifmqekumvb3lattsy3pcdzrfy

Fast arithmetics in artin-schreier towers over finite fields

Luca De Feo, Éric Schost
2009 Proceedings of the 2009 international symposium on Symbolic and algebraic computation - ISSAC '09  
As an application, we present an implementation of Couveignes' algorithm for computing isogenies between elliptic curves using the p-torsion.  ...  by assumptions on M and L. The conclusion follows, again by assumptions on L. 2 Theorem 18.  ...  Experimental results We describe here the implementation of our algorithms and an application coming from elliptic curve cryptology, isogeny computation. Implementation.  ... 
doi:10.1145/1576702.1576722 dblp:conf/issac/FeoS09 fatcat:ahsgz7hfd5axvhranfxynmkxbm
« Previous Showing results 1 — 15 out of 100 results