scholarly journals Multiparty Non-Interactive Key Exchange and More From Isogenies on Elliptic Curves

2020 ◽  
Vol 14 (1) ◽  
pp. 5-14
Author(s):  
Dan Boneh ◽  
Darren Glass ◽  
Daniel Krashen ◽  
Kristin Lauter ◽  
Shahed Sharif ◽  
...  
Keyword(s):  
Elliptic Curves ◽  
Abelian Variety ◽  
Efficient Algorithm ◽  
Group Structure ◽  
Mathematical Problem ◽  
Key Exchange ◽  
Cryptographic Primitives ◽  
Indistinguishability Obfuscation ◽  
Multilinear Maps ◽  
Multilinear Map

AbstractWe describe a framework for constructing an efficient non-interactive key exchange (NIKE) protocol for n parties for any n ≥ 2. Our approach is based on the problem of computing isogenies between isogenous elliptic curves, which is believed to be difficult. We do not obtain a working protocol because of a missing step that is currently an open mathematical problem. What we need to complete our protocol is an efficient algorithm that takes as input an abelian variety presented as a product of isogenous elliptic curves, and outputs an isomorphism invariant of the abelian variety.Our framework builds a cryptographic invariant map, which is a new primitive closely related to a cryptographic multilinear map, but whose range does not necessarily have a group structure. Nevertheless, we show that a cryptographic invariant map can be used to build several cryptographic primitives, including NIKE, that were previously constructed from multilinear maps and indistinguishability obfuscation.

An Improved Multilinear Map and its Applications

2015 ◽  
Vol 10 (3) ◽  
pp. 64-81 ◽  
Author(s):  
Chunsheng Gu
Keyword(s):  
Random Matrix ◽  
Principal Ideal ◽  
Key Exchange ◽  
Ideal Lattice ◽  
Witness Encryption ◽  
Lattice Problem ◽  
Multilinear Maps ◽  
Multilinear Map ◽  
Cover Problem ◽  
Exact Cover

Cryptographic multilinear maps have extensive applications. However, current constructions of multilinear maps suffer from the zeroizing attacks. For a candidate construction of multilinear maps described by Garg, Gentry, and Halevi (GGH13), Hu & Jia recently presented an efficient attack, which broke the GGH13-based applications of multipartite key exchange (MPKE) and witness encryption (WE) based on the hardness of 3-exact cover problem. By introducing random matrix, the author presents an improvement of the GGH13 map, which supports the applications for public tools of encoding in the GGH13 map, such as MPKE and WE. The security of the construction depends upon new hardness assumption. Moreover, the author's improvement destroys the structure of the ring element in the principal ideal lattice problem, and avoids potential attacks using algorithm of solving short principal ideal lattice generator.

scholarly journals A note on extensions of multilinear maps defined on multilinear varieties

2021 ◽  
pp. 1-26
Author(s):  
W. T. Gowers ◽  
L. Milićević
Keyword(s):  
Finite Fields ◽  
Vector Spaces ◽  
Restriction Map ◽  
Zero Set ◽  
Dimensional Vector ◽  
Prime Field ◽  
Finite Dimensional ◽  
Multilinear Maps ◽  
Multilinear Map

Abstract Let $G_1, \ldots , G_k$ be finite-dimensional vector spaces over a prime field $\mathbb {F}_p$ . A multilinear variety of codimension at most $d$ is a subset of $G_1 \times \cdots \times G_k$ defined as the zero set of $d$ forms, each of which is multilinear on some subset of the coordinates. A map $\phi$ defined on a multilinear variety $B$ is multilinear if for each coordinate $c$ and all choices of $x_i \in G_i$ , $i\not =c$ , the restriction map $y \mapsto \phi (x_1, \ldots , x_{c-1}, y, x_{c+1}, \ldots , x_k)$ is linear where defined. In this note, we show that a multilinear map defined on a multilinear variety of codimension at most $d$ coincides on a multilinear variety of codimension $O_{k}(d^{O_{k}(1)})$ with a multilinear map defined on the whole of $G_1\times \cdots \times G_k$ . Additionally, in the case of general finite fields, we deduce similar (but slightly weaker) results.

Computing Galois representations of modular abelian surfaces

2014 ◽  
Vol 17 (A) ◽  
pp. 36-48 ◽  
Author(s):  
Jinxiang Zeng
Keyword(s):  
Abelian Variety ◽  
Efficient Algorithm ◽  
Galois Representations ◽  
Abelian Surfaces ◽  
Genus Two

AbstractLet $\def \xmlpi #1{}\def \mathsfbi #1{\boldsymbol {\mathsf {#1}}}\let \le =\leqslant \let \leq =\leqslant \let \ge =\geqslant \let \geq =\geqslant \def \Pr {\mathit {Pr}}\def \Fr {\mathit {Fr}}\def \Rey {\mathit {Re}}f\in S_2(\Gamma _0(N))$ be a normalized newform such that the abelian variety $A_f$ attached by Shimura to $f$ is the Jacobian of a genus-two curve. We give an efficient algorithm for computing Galois representations associated to such newforms.

scholarly journals ON SELMER RANK PARITY OF TWISTS

2016 ◽  
Vol 102 (3) ◽  
pp. 316-330 ◽  
Author(s):  
MAJID HADIAN ◽  
MATTHEW WEIDNER
Keyword(s):  
Elliptic Curves ◽  
Abelian Variety ◽  
Number Field ◽  
Arbitrary Number ◽  
Hyperelliptic Curve ◽  
Abelian Varieties ◽  
Hyperelliptic Curves ◽  
Torsion Subgroup ◽  
Tate Conjecture ◽  
Quadratic Twists

In this paper we study the variation of the $p$-Selmer rank parities of $p$-twists of a principally polarized Abelian variety over an arbitrary number field $K$ and show, under certain assumptions, that this parity is periodic with an explicit period. Our result applies in particular to principally polarized Abelian varieties with full $K$-rational $p$-torsion subgroup, arbitrary elliptic curves, and Jacobians of hyperelliptic curves. Assuming the Shafarevich–Tate conjecture, our result allows one to classify the rank parities of all quadratic twists of an elliptic or hyperelliptic curve after a finite calculation.

scholarly journals Identity-Based Key Exchange on In-Vehicle Networks: CAN-FD & FlexRay

Sensors ◽  
2019 ◽  
Vol 19 (22) ◽  
pp. 4919
Author(s):  
Bogdan Groza ◽  
Pal-Stefan Murvay
Keyword(s):  
Bilinear Pairings ◽  
Group Extension ◽  
Key Exchange ◽  
Area Network ◽  
Secret Key ◽  
Cryptographic Primitives ◽  
Diffie Hellman ◽  
Vehicle Networks ◽  
Identity Based ◽  
Diffie Hellman Key Exchange

Security has become critical for in-vehicle networks as they carry safety-critical data from various components, e.g., sensors or actuators, and current research proposals were quick to react with cryptographic protocols designed for in-vehicle buses, e.g., CAN (Controller Area Network). Obviously, the majority of existing proposals are built on cryptographic primitives that rely on a secret shared key. However, how to share such a secret key is less obvious due to numerous practical constraints. In this work, we explore in a comparative manner several approaches based on a group extension of the Diffie–Hellman key-exchange protocol and identity-based authenticated key agreements. We discuss approaches based on conventional signatures and identity-based signatures, garnering advantages from bilinear pairings that open road to several well-known cryptographic constructions: short signatures, the tripartite Diffie–Hellman key exchange and identity-based signatures or key exchanges. Pairing-based cryptographic primitives do not come computationally cheap, but they offer more flexibility that leads to constructive advantages. To further improve on performance, we also account for pairing-free identity-based key exchange protocols that do not require expensive pairing operations nor explicit signing of the key material. We present both computational results on automotive-grade controllers as well as bandwidth simulations with industry-standard tools, i.e., CANoe, on modern in-vehicle buses CAN-FD and FlexRay.

scholarly journals Practical CCA-Secure Functional Encryptions for Deterministic Functions

2020 ◽  
Vol 2020 ◽  
pp. 1-14
Author(s):  
Huige Wang ◽  
Kefei Chen ◽  
Tianyu Pan ◽  
Yunlei Zhao
Keyword(s):  
Affirmative Answer ◽  
Inner Product ◽  
Secret Key ◽  
Functional Encryption ◽  
Fine Grained ◽  
Indistinguishability Obfuscation ◽  
Simulation Based ◽  
Multilinear Maps ◽  
Hard Problems ◽  
Generic Transformation

Functional encryption (FE) can implement fine-grained control to encrypted plaintext via permitting users to compute only some specified functions on the encrypted plaintext using private keys with respect to those functions. Recently, many FEs were put forward; nonetheless, most of them cannot resist chosen-ciphertext attacks (CCAs), especially for those in the secret-key settings. This changed with the work, i.e., a generic transformation of public-key functional encryption (PK-FE) from chosen-plaintext (CPA) to chosen-ciphertext (CCA), where the underlying schemes are required to have some special properties such as restricted delegation or verifiability features. However, examples for such underlying schemes with these features have not been found so far. Later, a CCA-secure functional encryption from projective hash functions was proposed, but their scheme only applies to inner product functions. To construct such a scheme, some nontrivial techniques will be needed. Our key contribution in this work is to propose CCA-secure functional encryptions in the PKE and SK environment, respectively. In the existing generic transformation from (adaptively) simulation-based CPA- (SIM-CPA-) secure ones for deterministic functions to (adaptively) simulation-based CCA- (SIM-CCA-) secure ones for randomized functions, whether the schemes were directly applied to CCA settings for deterministic functions is not implied. We give an affirmative answer and derive a SIM-CCA-secure scheme for deterministic functions by making some modifications on it. Again, based on this derived scheme, we also propose an (adaptively) indistinguishable CCA- (IND-CCA-) secure SK-FE for deterministic functions. The final results show that our scheme can be instantiated under both nonstandard assumptions (e.g., hard problems on multilinear maps and indistinguishability obfuscation (IO)) and under standard assumptions (e.g., DDH, RSA, LWE, and LPN).

scholarly journals An algorithm for NTRU problems and cryptanalysis of the GGH multilinear map without a low-level encoding of zero

2016 ◽  
Vol 19 (A) ◽  
pp. 255-266 ◽  
Author(s):  
Jung Hee Cheon ◽  
Jinhyuck Jeong ◽  
Changmin Lee
Keyword(s):  
Polynomial Time ◽  
Euclidean Norm ◽  
Low Level ◽  
Ideal Lattices ◽  
Security Parameter ◽  
Main Technique ◽  
Multilinear Maps ◽  
Multilinear Map

Let$\mathbf{f}$and$\mathbf{g}$be polynomials of a bounded Euclidean norm in the ring$\mathbb{Z}[X]/\langle X^{n}+1\rangle$. Given the polynomial$[\mathbf{f}/\mathbf{g}]_{q}\in \mathbb{Z}_{q}[X]/\langle X^{n}+1\rangle$, the NTRU problem is to find$\mathbf{a},\mathbf{b}\in \mathbb{Z}[X]/\langle X^{n}+1\rangle$with a small Euclidean norm such that$[\mathbf{a}/\mathbf{b}]_{q}=[\mathbf{f}/\mathbf{g}]_{q}$. We propose an algorithm to solve the NTRU problem, which runs in$2^{O(\log ^{2}\unicode[STIX]{x1D706})}$time when$\Vert \mathbf{g}\Vert ,\Vert \mathbf{f}\Vert$, and$\Vert \mathbf{g}^{-1}\Vert$are within some range. The main technique of our algorithm is the reduction of a problem on a field to one on a subfield. The GGH scheme, the first candidate of an (approximate) multilinear map, was recently found to be insecure by the Hu–Jia attack using low-level encodings of zero, but no polynomial-time attack was known without them. In the GGH scheme without low-level encodings of zero, our algorithm can be directly applied to attack this scheme if we have some top-level encodings of zero and a known pair of plaintext and ciphertext. Using our algorithm, we can construct a level-$0$encoding of zero and utilize it to attack a security ground of this scheme in the quasi-polynomial time of its security parameter using the parameters suggested by Garg, Gentry and Halevi [‘Candidate multilinear maps from ideal lattices’,Advances in cryptology — EUROCRYPT 2013(Springer, 2013) 1–17].

Sign in / Sign up

Export Citation Format

Share Document