425 resultados para Homomorphic encryption
Resumo:
Waters, in 2009, introduced an important technique, called dual system encryption, to construct identity-based encryption (IBE) and related schemes. The resulting IBE scheme was described in the setting of symmetric pairing. A key feature of the construction is the presence of random tags in the ciphertext and decryption key. Later work by Lewko and Waters removed the tags and proceeding through composite-order pairings led to a more efficient dual system IBE scheme using asymmetric pairings whose security is based on non-standard but static assumptions. In this work, we have systematically simplified Waters 2009 IBE scheme in the setting of asymmetric pairing. The simplifications retain tags used in the original description. This leads to several variants, the first one of which is based on standard assumptions and in comparison to Waters’ original scheme reduces ciphertexts and keys by two elements each. Going through several stages of simplifications, we finally obtain a simple scheme whose security can be based on two standard assumptions and a natural and minimal extension of the decision Diffie-Hellman problem for asymmetric pairing groups. The scheme itself is also minimal in the sense that apart from the tags, both encryption and key generation use exactly one randomiser each. This final scheme is more efficient than both the previous dual system IBE scheme in the asymmetric setting due to Lewko and Waters and the more recent dual system IBE scheme due to Lewko. We extend the IBE scheme to hierarchical IBE (HIBE) and broadcast encryption (BE) schemes. Both primitives are secure in their respective full models and have better efficiencies compared to previously known schemes offering the same level and type of security.
Resumo:
We address the problem of reconstructing a sparse signal from its DFT magnitude. We refer to this problem as the sparse phase retrieval (SPR) problem, which finds applications in tomography, digital holography, electron microscopy, etc. We develop a Fienup-type iterative algorithm, referred to as the Max-K algorithm, to enforce sparsity and successively refine the estimate of phase. We show that the Max-K algorithm possesses Cauchy convergence properties under certain conditions, that is, the MSE of reconstruction does not increase with iterations. We also formulate the problem of SPR as a feasibility problem, where the goal is to find a signal that is sparse in a known basis and whose Fourier transform magnitude is consistent with the measurement. Subsequently, we interpret the Max-K algorithm as alternating projections onto the object-domain and measurement-domain constraint sets and generalize it to a parameterized relaxation, known as the relaxed averaged alternating reflections (RAAR) algorithm. On the application front, we work with measurements acquired using a frequency-domain optical-coherence tomography (FDOCT) experimental setup. Experimental results on measured data show that the proposed algorithms exhibit good reconstruction performance compared with the direct inversion technique, homomorphic technique, and the classical Fienup algorithm without sparsity constraint; specifically, the autocorrelation artifacts and background noise are suppressed to a significant extent. We also demonstrate that the RAAR algorithm offers a broader framework for FDOCT reconstruction, of which the direct inversion technique and the proposed Max-K algorithm become special instances corresponding to specific values of the relaxation parameter.
Resumo:
Several papers have studied fault attacks on computing a pairing value e(P, Q), where P is a public point and Q is a secret point. In this paper, we observe that these attacks are in fact effective only on a small number of pairing-based protocols, and that too only when the protocols are implemented with specific symmetric pairings. We demonstrate the effectiveness of the fault attacks on a public-key encryption scheme, an identity-based encryption scheme, and an oblivious transfer protocol when implemented with a symmetric pairing derived from a supersingular elliptic curve with embedding degree 2.
Resumo:
Anonymity and authenticity are both important yet often conflicting security goals in a wide range of applications. On the one hand for many applications (say for access control) it is crucial to be able to verify the identity of a given legitimate party (a.k.a. entity authentication). Alternatively an application might require that no one but a party can communicate on its behalf (a.k.a. message authentication). Yet, on the other hand privacy concerns also dictate that anonymity of a legitimate party should be preserved; that is no information concerning the identity of parties should be leaked to an outside entity eavesdropping on the communication. This conflict becomes even more acute when considering anonymity with respect to an active entity that may attempt to impersonate other parties in the system. In this work we resolve this conflict in two steps. First we formalize what it means for a system to provide both authenticity and anonymity even in the presence of an active man-in-the-middle adversary for various specific applications such as message and entity authentication using the constructive cryptography framework of Mau11, MR11]. Our approach inherits the composability statement of constructive cryptography and can therefore be directly used in any higher-level context. Next we demonstrate several simple protocols for realizing these systems, at times relying on a new type of (probabilistic) Message Authentication Code (MAC) called key indistinguishable (KI) MACs. Similar to the key hiding encryption schemes of BBDP01] they guarantee that tags leak no discernible information about the keys used to generate them.
Resumo:
El objetivo principal del trabajo es el diseño, utilizando técnicas de bajo consumo, del algoritmo de cifrado estándar AES (Advanced Encryption Standard) y su implementación sobre dispositivos reconfigurables, en particular sobre una FPGA.
Resumo:
A cascaded Fresnel digital hologram (CFDH) is proposed, together with its mathematical derivation. Its application to watermarking has been demonstrated by a simulation procedure, in which the watermark image to be hidden is encoded into the phase of the host image. The watermark image can be deciphered by the CFDH setup, the reconstructed image shows good quality and the error is almost close to zero. Compared with previous technique, this is a lensless architecture which minimizes the hardware requirement, and it is used for the encryption of digital image.
Resumo:
A cascaded Fresnel digital hologram (CFDH) is proposed, together with its mathematical derivation. Its application to watermarking has been demonstrated by a simulation procedure, in which the watermark image to be hidden is encoded into the phase of the host image. The watermark image can be deciphered by the CFDH setup, the reconstructed image shows good quality and the error is almost closed to zeros. Compared with previous technique, this is a lensless architecture, which minimizes the hardware requirement. (c) 2006 Elsevier GmbH. All rights reserved.
Resumo:
If R is a ring with identity, let N(R) denote the Jacobson radical of R. R is local if R/N(R) is an artinian simple ring and ∩N(R)i = 0. It is known that if R is complete in the N(R)-adic topology then R is equal to (B)n, the full n by n matrix ring over B where E/N(E) is a division ring. The main results of the thesis deal with the structure of such rings B. In fact we have the following.
If B is a complete local algebra over F where B/N(B) is a finite dimensional normal extension of F and N(B) is finitely generated as a left ideal by k elements, then there exist automorphisms gi,...,gk of B/N(B) over F such that B is a homomorphic image of B/N[[x1,…,xk;g1,…,gk]] the power series ring over B/N(B) in noncommuting indeterminates xi, where xib = gi(b)xi for all b ϵ B/N.
Another theorem generalizes this result to complete local rings which have suitable commutative subrings. As a corollary of this we have the following. Let B be a complete local ring with B/N(B) a finite field. If N(B) is finitely generated as a left ideal by k elements then there exist automorphisms g1,…,gk of a v-ring V such that B is a homomorphic image of V [[x1,…,xk;g1,…,gk]].
In both these results it is essential to know the structure of N(B) as a two sided module over a suitable subring of B.
Resumo:
Esta pesquisa foi realizada com a intenção de motivar o estudo da criptografia, mostrando que a matemática e a comunicação estão presentes em diversos momentos, tanto no passado quanto no presente. Este trabalho mostra a origem da criptoanálise e toda a sua evolução dando ênfase nos mecanismos de codificação e decodificação através de exemplos práticos. Além disso, alguns métodos criptográficos são destacados como a cifra de substituição monoalfabética, a cifra de Vigenère, a criptografia RSA que é o método mais conhecido de criptografia de chave pública, as cifras de Hill, o método das transformações lineares e o método de Rabin, devido a sua grande importância para a evolução de sistemas computacionais e assinaturas digitais entre outros. Por fim, mostra-se a importância e a necessidade dos recursos criptográficos nos dias de hoje, na tentativa de impedir que hackers e pessoas que fazem mau uso do conhecimento matemático possam causar danos a sociedade, seja por uma simples mensagem ou até mesmo através de situações mais imprudentes como as transações bancárias indevidas
Resumo:
作者用扫描电镜、透射电镜和组织化学方法研究了甘蓝型油菜(Brassica napus L.)花粉和柱头的发育及相互作用,得到了如下结果: 一.甘蓝型油菜具有典型的同型孢子体自交不亲和性(Homomorphic and sporophytic self-incompatibility)。自花授粉后,部分花粉粘住在乳突细胞表面,随后萌发出花粉管,花粉管生长受阻于乳突细胞,花粉管表现出各种异常形态,缠绕卷曲(Coiled pattern),顶端膨大成基足状(pad-Like swelling),花粉管二叉分枝(dichotomous branching Pollen tubes),花粉管相互连接(connections of pollen tubes),有的花粉粒还形成两个花粉管。 二.不同时期的乳突细胞的扫描电镜观察表明: 开花前6—7天 乳突细胞壁内陷,柱头中央有一沟槽; 开花前4—5天 乳突细胞被有孔的块状物覆盖; 开花前2—3天 覆盖物消失,壁表面只剩下波状纹或小凹; 开花前l - 2天 乳突细胞充分吸水膨胀,呈指状,排列疏松,细胞壁上有一些小颗粒。此时的乳突细胞已发育成熟。 三.不亲和授粉时,花粉和乳突细胞均有强烈的胼胝质荧光。 四.乳突细胞的组织化学特点:缺乏淀粉积累,细胞壁和细胞质中有过氧化物酶活性。 五.乳突细胞的超微结构特点:细胞壁分为三层,蜡质层、角质层和纤维素层。粗面内质网成群分布在细胞壁附近,并以及泡形式向细胞壁分泌物质。缺乏质体,细胞核位于乳突细胞基部,细胞中央为大液泡占据。 六.花粉的超微结构发育特点:单核花粉已发育出内壁和外壁,外壁内层不明显。细胞核位于中央。细胞质浓厚,缺乏层膜结构而积累大量淀粉粒的质体存在于细胞质中。其他细胞器不发达。两细胞花粉时期,花粉壁接受乌氏体转运的孢粉素和含油体转运的脂类物质。生殖细胞没有壁,悬浮在营养细胞的细胞质中。细胞核大,细胞质稀薄,只有一些嵴不明显的线粒体。营养细胞的核显著,细胞质浓厚,线粒体发达,质体内部的淀粉消失,转变成嗜饿小体。内质网短而粗,遍布于细胞质中,高尔基体缺乏。 七.绒毡层积极参与了花粉外壁的建成。首先,它通过分泌作用把物质(可能是蛋白质)转移到单核花粉的腔隙中或在它后期滚解后,由分布在二细胞花粉间的粗面内质网合成蛋白质,转移到花粉壁内。其次,绒毡层细胞的质体层膜形成许多造油小体,至二胞花粉时,造油小体进入壁的柱状层,参与花粉鞘形成。第三,绒毡层细胞形成许多乌氏体,花粉发育后期,乌氏体与花粉外壁接触,将孢粉素转移到花粉外壁上。
Resumo:
This is a study on a certain group theoretic property of the set of encryption functions of a block cipher. We have shown how to construct a subset which has this property in a given symmetric group by a computer algebra software GAP4.2 (Groups, Algorithms, and Programming, Version 4.2). These observations on group structures of block ciphers suggest us that we may be able to set a trapdoor based on meet-in-the-middle attack on block ciphers.
Resumo:
SEED是韩国的数据加密标准,设计者称用线性密码分析攻击SEED的复杂度为2^335.4,而用本文构造的15轮线性逼近攻击SEED的复杂度为2^328.为了说明SEED抵抗差分密码分析的能力,设计者首先对SEED的变体SEED‘做差分密码分析,指出9轮SEED*对差分密码分析是安全的;利用SEED^*的扩散置换和盒子的特性,本文构造SEED^*的9轮截断差分,因此10轮SEED^*对截断差分密码分析是不免疫的.本文的结果虽然对SEED的实际应用构成不了威胁,但是显示了SEED的安全性并没有设计者所称的那样安全.
Resumo:
DAS(databaseasaservice)模型数据库中采用加密方案的关键问题之一是针对密文关系的查询处理.DAS模型特有的体系结构和信任模型决定了加密解密操作只能在客户端进行,目前的方案普遍在元组粒度加密的基础上进行查询重写,不可避免地造成了加密效率的损失.为此,提出一种支持属性粒度加密方案的查询重写算法,利用关系代数公式对查询语句进行等价变换,将涉及加密属性的条件谓词与其他条件谓词分离,重构查询语句,支持任意层次的相关子查询.实验显示,算法能够降低客户端与服务器间的网络传输数据量,从而有效地缩短加密DAS模型数据库的查询执行时间.
Resumo:
提出了一种基于加同态公钥密码算法的匿名数字指纹方案,并给出了具有匿名功能的公钥和私钥对的具体构造方法,从而使该匿名指纹方案在发现盗版的情况下,销售商不需要第三方的帮助就能鉴别出数字多媒体作品的非法分发者,解决版权纠纷时也不需要购买者参与并提供相关的秘密信息,从而达到实现两方审判的目的.分析结果表明,该方案具有用户匿名及不可关联、销售商的可保证安全性和用户的可保证安全性等特点.
Resumo:
TAE(tweakable authenticated encryption)模式是一种基于可调分组密码的加密认证模式.研究结果表明,安全的可调分组密码不是安全的TAE模式的充分条件.只有当可调分组密码是强安全的时候,TAE模式才是安全的.同时,还给出了TAE模式的一些改进,得到模式MTAE(modified tweakable authenticat edencryption),并且证明了其安全性.
