New Security Proof for the Boneh-Boyen IBE: Tight Reduction in Unbounded Multi-challenge Security

2015 ◽  
pp. 176-190 ◽  
Author(s):  
Nuttapong Attrapadung ◽  
Goichiro Hanaoka ◽  
Shota Yamada
Keyword(s):  
Security Proof ◽  
Tight Reduction

scholarly journals Probing Security through Input-Output Separation and Revisited Quasilinear Masking

2021 ◽  
pp. 599-640
Author(s):  
Dahmun Goudarzi ◽  
Thomas Prest ◽  
Matthieu Rivain ◽  
Damien Vergnaud
Keyword(s):  
Leakage Rate ◽  
Security Model ◽  
Input Output ◽  
Leakage Model ◽  
Original Proposal ◽  
Security Proof ◽  
Tight Reduction ◽  
Security Notion ◽  
New Framework ◽  
Composition Theorem

The probing security model is widely used to formally prove the security of masking schemes. Whenever a masked implementation can be proven secure in this model with a reasonable leakage rate, it is also provably secure in a realistic leakage model known as the noisy leakage model. This paper introduces a new framework for the composition of probing-secure circuits. We introduce the security notion of input-output separation (IOS) for a refresh gadget. From this notion, one can easily compose gadgets satisfying the classical probing security notion –which does not ensure composability on its own– to obtain a region probing secure circuit. Such a circuit is secure against an adversary placing up to t probes in each gadget composing the circuit, which ensures a tight reduction to the more realistic noisy leakage model. After introducing the notion and proving our composition theorem, we compare our approach to the composition approaches obtained with the (Strong) Non-Interference (S/NI) notions as well as the Probe-Isolating Non-Interference (PINI) notion. We further show that any uniform SNI gadget achieves the IOS security notion, while the converse is not true. We further describe a refresh gadget achieving the IOS property for any linear sharing with a quasilinear complexity Θ(n log n) and a O(1/ log n) leakage rate (for an n-size sharing). This refresh gadget is a simplified version of the quasilinear SNI refresh gadget proposed by Battistello, Coron, Prouff, and Zeitoun (ePrint 2016). As an application of our composition framework, we revisit the quasilinear-complexity masking scheme of Goudarzi, Joux and Rivain (Asiacrypt 2018). We improve this scheme by generalizing it to any base field (whereas the original proposal only applies to field with nth powers of unity) and by taking advantage of our composition approach. We further patch a flaw in the original security proof and extend it from the random probing model to the stronger region probing model. Finally, we present some application of this extended quasilinear masking scheme to AES and MiMC and compare the obtained performances.

scholarly journals Anonymous Multireceiver Identity-Based Encryption against Chosen-Ciphertext Attacks with Tight Reduction in the Standard Model

2021 ◽  
Vol 2021 ◽  
pp. 1-11
Author(s):  
Yi-Fan Tseng ◽  
Chun-I Fan
Keyword(s):  
Standard Model ◽  
Open Problem ◽  
Multiple Receivers ◽  
Identity Based Encryption ◽  
Security Proof ◽  
Cryptographic Primitive ◽  
The Standard Model ◽  
Tight Reduction ◽  
Identity Based

Multireceiver identity-based encryption is a cryptographic primitive, which allows a sender to encrypt a message for multiple receivers efficiently and securely. In some applications, the receivers may not want their identities to be revealed. Motivated by this issue, in 2010, Fan et al. first proposed the concept of anonymous multireceiver identity-based encryption (AMRIBE). Since then, lots of literature studies in this field have been proposed. After surveying the existing works, however, we found that most of them fail to achieve provable anonymity with tight reduction. A security proof with tight reduction means better quality of security and better efficiency of implementation. In this paper, we focus on solving the open problem in this field that is to achieve the ANON-IND-CCA security with tight reduction by giving an AMRIBE scheme. The proposed scheme is proven to be IND-MID-CCA and ANON-MID-CCA secure with tight reduction under a variant of the DBDH assumption. To the best of our knowledge, this is the first scheme proven with tight reducible full CCA security in the standard model.

Digital Multi-Signature Scheme and Its Security Proof

2009 ◽  
Vol 31 (1) ◽  
pp. 176-183
Author(s):  
Xiao-Feng WANG ◽  
Jing ZHANG ◽  
Shang-Ping WANG
Keyword(s):  
Signature Scheme ◽  
Security Proof

scholarly journals Apply current exponential de Finetti theorem to realistic quantum key distribution

2014 ◽  
Vol 33 ◽  
pp. 1460370 ◽  
Author(s):  
Yi-Bo Zhao ◽  
Zhen-Qiang Yin
Keyword(s):  
Quantum Key Distribution ◽  
Key Distribution ◽  
Small Error ◽  
Heterodyne Detection ◽  
Finite Dimensional Subspace ◽  
Dimensional System ◽  
Finite Dimensional ◽  
Security Proof ◽  
De Finetti Theorem ◽  
De Finetti

In the realistic quantum key distribution (QKD), Alice and Bob respectively get a quantum state from an unknown channel, whose dimension may be unknown. However, while discussing the security, sometime we need to know exact dimension, since current exponential de Finetti theorem, crucial to the information-theoretical security proof, is deeply related with the dimension and can only be applied to finite dimensional case. Here we address this problem in detail. We show that if POVM elements corresponding to Alice and Bob's measured results can be well described in a finite dimensional subspace with sufficiently small error, then dimensions of Alice and Bob's states can be almost regarded as finite. Since the security is well defined by the smooth entropy, which is continuous with the density matrix, the small error of state actually means small change of security. Then the security of unknown-dimensional system can be solved. Finally we prove that for heterodyne detection continuous variable QKD and differential phase shift QKD, the collective attack is optimal under the infinite key size case.

Sign in / Sign up

Export Citation Format

Share Document