A fault attack on the Niederreiter cryptosystem using binary irreducible Goppa codes

A fault injection framework for the decryption algorithm of the Niederreiter public-key cryptosystem using binary irreducible Goppa codes and classical decoding techniques is described. In particular, we obtain low-degree polynomial equations in parts of the secret key. For the resulting system of polynomial equations, we present an efficient solving strategy and show how to extend certain solutions to alternative secret keys. We also provide estimates for the expected number of required fault injections, apply the framework to state-of-the-art security levels, and propose countermeasures against this type of fault attack. Comment: 20 pages

Download Full-text

A Fault Attack on the Family of Enocoro Stream Ciphers

Cryptography ◽

10.3390/cryptography5040026 ◽

2021 ◽

Vol 5 (4) ◽

pp. 26

Author(s):

Julian Danner ◽

Martin Kreuzer

Keyword(s):

Fault Injection ◽

Internal State ◽

Linear Equations ◽

Stream Ciphers ◽

Secret Key ◽

Fault Attack ◽

Time Period ◽

The Family ◽

Small Parts ◽

Differential Fault Attack

A differential fault attack framework for the Enocoro family of stream ciphers is presented. We only require that the attacker can reset the internal state and inject a random byte-fault, in a random register, during a known time period. For a single fault injection, we develop a differential clocking algorithm that computes a set of linear equations in the in- and output differences of the non-linear parts of the cipher and relates them to the differential keystream. The usage of these equations is two-fold. Firstly, one can determine those differentials that can be computed from the faulty keystream, and secondly they help to pin down the actual location and timing of the fault injection. Combining these results, each fault injection gives us information on specific small parts of the internal state. By encoding the information we gain from several fault injections using the weighted Horn clauses, we construct a guessing path that can be used to quickly retrieve the internal state using a suitable heuristic. Finally, we evaluate our framework with the ISO-standardized and CRYPTREC candidate recommended cipher Enocoro-128v2. Simulations show that, on average, the secret key can be retrieved within 20 min on a standard workstation using less than five fault injections.

Download Full-text

Cryptanalysis of Plantlet

IACR Transactions on Symmetric Cryptology ◽

10.46586/tosc.v2019.i3.103-120 ◽

2019 ◽

pp. 103-120

Author(s):

Subhadeep Banik ◽

Khashayar Barooti ◽

Takanori Isobe

Keyword(s):

Stream Cipher ◽

Internal State ◽

Polynomial Equations ◽

Secret Key ◽

Key Recovery ◽

Internal States ◽

Key Recovery Attack ◽

System Of Polynomial Equations ◽

The Given ◽

Generic Time

Plantlet is a lightweight stream cipher designed by Mikhalev, Armknecht and Müller in IACR ToSC 2017. It has a Grain-like structure with two state registers of size 40 and 61 bits. In spite of this, the cipher does not seem to lose in security against generic Time-Memory-Data Tradeoff attacks due to the novelty of its design. The cipher uses a 80-bit secret key and a 90-bit IV. In this paper, we first present a key recovery attack on Plantlet that requires around 276.26 Plantlet encryptions. The attack leverages the fact that two internal states of Plantlet that differ in the 43rd LFSR location are guaranteed to produce keystream that are either equal or unequal in 45 locations with probability 1. Thus an attacker can with some probability guess that when 2 segments of keystream blocks possess the 45 bit difference just mentioned, they have been produced by two internal states that differ only in the 43rd LFSR location. Thereafter by solving a system of polynomial equations representing the keystream bits, the attacker can find the secret key if his guess was indeed correct, or reach some kind of contradiction if his guess was incorrect. In the latter event, he would repeat the procedure for other keystream blocks with the given difference. We show that the process when repeated a finite number of times, does indeed yield the value of the secret key. In the second part of the paper, we observe that the previous attack was limited to internal state differences that occurred at time instances that were congruent to 0 mod 80. We further observe that by generalizing the attack to include internal state differences that are congruent to all equivalence classed modulo 80, we lower the total number of keystream bits required to perform the attack and in the process reduce the attack complexity to 269.98 Plantlet encryptions.

Download Full-text

Low Degree Nullstellensatz Certificates for 3-Colorability

The Electronic Journal of Combinatorics ◽

10.37236/5103 ◽

2016 ◽

Vol 23 (1) ◽

Author(s):

Bo Li ◽

Benjamin Lowenstein ◽

Mohamed Omar

Keyword(s):

Linear Algebra ◽

Directed Graphs ◽

Polynomial Equations ◽

Combinatorial Characterization ◽

Seminal Paper ◽

Low Degree ◽

System Of Polynomial Equations

In a seminal paper, De Loera et. al introduce the algorithm NulLA (Nullstellensatz Linear Algebra) and use it to measure the difficulty of determining if a graph is not 3-colorable. The crux of this relies on a correspondence between 3-colorings of a graph and solutions to a certain system of polynomial equations over a field $\mathbb{k}$. In this article, we give a new direct combinatorial characterization of graphs that can be determined to be non-3-colorable in the first iteration of this algorithm when $\mathbb{k}=GF(2)$. This greatly simplifies the work of De Loera et. al, as we express the combinatorial characterization directly in terms of the graphs themselves without introducing superfluous directed graphs. Furthermore, for all graphs on at most $12$ vertices, we determine at which iteration NulLA detects a graph is not 3-colorable when $\mathbb{k}=GF(2)$.

Download Full-text

ID-based key-insulated signcryption with equality test in cloud computing

SN Applied Sciences ◽

10.1007/s42452-021-04469-9 ◽

2021 ◽

Vol 3 (4) ◽

Author(s):

Seth Alornyo ◽

Kingsford Kissi Mireku ◽

Mustapha Adamu Mohammed ◽

Daniel Adu-Gyamfi ◽

Michael Asante

Keyword(s):

Cloud Computing ◽

Random Oracle Model ◽

Random Oracle ◽

Harsh Environments ◽

Secret Key ◽

Secret Keys ◽

Security Property ◽

Equality Test ◽

Chosen Ciphertext Attack ◽

Chosen Message Attack

AbstractKey-insulated encryption reduces the problem of secret key exposure in hostile setting while signcryption cryptosystem attains the benefits of digitally signing a ciphertext and public key cryptosystem. In this study, we merge the primitives of parallel key-insulation cryptosystem and signcryption with equality test to construct ID-based parallel key-insulated signcryption with a test for equality (ID-PKSET) in cloud computing. The construction prevent data forgery, data re-play attacks and reduces the leakage of secret keys in harsh environments. Our scheme attains the security property of existential unforgeable chosen message attack (EUF-CMA) and indistinquishable identity chosen ciphertext attack (IND-ID-CCA2) using random oracle model.

Download Full-text

Computing Blindfolded on Data Homomorphically Encrypted under Multiple Keys: A Survey

ACM Computing Surveys ◽

10.1145/3477139 ◽

2022 ◽

Vol 54 (9) ◽

pp. 1-37

Author(s):

Asma Aloufi ◽

Peizhao Hu ◽

Yongsoo Song ◽

Kristin Lauter

Keyword(s):

Homomorphic Encryption ◽

Lessons Learned ◽

Secret Key ◽

Sensitive Data ◽

Encrypted Data ◽

Outsourced Computation ◽

Secret Keys ◽

Comprehensive Survey ◽

Multiple Keys ◽

Cryptographic Techniques

With capability of performing computations on encrypted data without needing the secret key, homomorphic encryption (HE) is a promising cryptographic technique that makes outsourced computations secure and privacy-preserving. A decade after Gentry’s breakthrough discovery of how we might support arbitrary computations on encrypted data, many studies followed and improved various aspects of HE, such as faster bootstrapping and ciphertext packing. However, the topic of how to support secure computations on ciphertexts encrypted under multiple keys does not receive enough attention. This capability is crucial in many application scenarios where data owners want to engage in joint computations and are preferred to protect their sensitive data under their own secret keys. Enabling this capability is a non-trivial task. In this article, we present a comprehensive survey of the state-of-the-art multi-key techniques and schemes that target different systems and threat models. In particular, we review recent constructions based on Threshold Homomorphic Encryption (ThHE) and Multi-Key Homomorphic Encryption (MKHE). We analyze these cryptographic techniques and schemes based on a new secure outsourced computation model and examine their complexities. We share lessons learned and draw observations for designing better schemes with reduced overheads.

Download Full-text

Hiding Data in Plain Sight: Towards Provably Unbreakable Encryption with Short Secret Keys and One-Way Functions

10.5121/csit.2021.110914 ◽

2021 ◽

Author(s):

Mircea-Adrian Digulescu

Keyword(s):

Encryption Scheme ◽

Secret Key ◽

Small Probability ◽

Random Data ◽

Computing Power ◽

Plain Text ◽

Secret Keys ◽

The One ◽

One Way Function ◽

The Cost

It has long been known that cryptographic schemes offering provably unbreakable security exist, namely the One Time Pad (OTP). The OTP, however, comes at the cost of a very long secret key - as long as the plain-text itself. In this paper we propose an encryption scheme which we (boldly) claim offers the same level of security as the OTP, while allowing for much shorter keys, of size polylogarithmic in the computing power available to the adversary. The Scheme requires a large sequence of truly random words, of length polynomial in the both plain-text size and the logarithm of the computing power the adversary has. We claim that it ensures such an attacker cannot discern the cipher output from random data, except with small probability. We also show how it can be adapted to allow for several plain-texts to be encrypted in the same cipher output, with almost independent keys. Also, we describe how it can be used in lieu of a One Way Function.

Download Full-text

A Numerical Local Dimension Test for Points on the Solution Set of a System of Polynomial Equations

SIAM Journal on Numerical Analysis ◽

10.1137/08073264x ◽

2009 ◽

Vol 47 (5) ◽

pp. 3608-3623 ◽

Cited By ~ 28

Author(s):

Daniel J. Bates ◽

Jonathan D. Hauenstein ◽

Chris Peterson ◽

Andrew J. Sommese

Keyword(s):

Solution Set ◽

Polynomial Equations ◽

Local Dimension ◽

System Of Polynomial Equations

Download Full-text

Higher Rate Secret Key Formation (HRKF) based on Physical Layer for Securing Vehicle-to-Vehicle Communication

EMITTER International Journal of Engineering Technology ◽

10.24003/emitter.v8i1.493 ◽

2020 ◽

Vol 8 (1) ◽

pp. 140-160

Author(s):

Inka Trisna Dewi ◽

Amang Sudarsono ◽

Prima Kristalina ◽

Mike Yuliana

Keyword(s):

Polynomial Regression ◽

Formation Rate ◽

Physical Layer ◽

Test Results ◽

Secret Key ◽

Vehicle Communication ◽

V2v Communication ◽

Vehicle To Vehicle ◽

Secret Keys ◽

Shared Secret

One effort to secure vehicle-to-vehicle (V2V) communication is to use a symmetrical cryptographic scheme that requires the distribution of shared secret keys. To reduce attacks on key distribution, physical layer-based key formation schemes that utilize the characteristics of wireless channels have been implemented. However, existing schemes still produce a low bit formation rate (BFR) even though they can reach a low bit error rate (BER). Note that V2V communication requires a scheme with high BFR in order to fulfill its main goal of improving road safety. In this research, we propose a higher rate secret key formation (HRKF) scheme using received signal strength (RSS) as a source of random information. The focus of this research is to produce keys with high BFR without compromising BER. To reduce bit mismatch, we propose a polynomial regression method that can increase channel reciprocity. We also propose a fixed threshold quantization (FTQ) method to maintain the number of bits so that the BFR increases. The test results show that the HRKF scheme can increase BFR from 40% up to 100% compared to existing research schemes. To ensure the key cannot be guessed by the attacker, the HRKF scheme succeeds in producing a key that meets the randomness of the NIST test.

Download Full-text

Bivariate systems of polynomial equations with roots of high multiplicity

Journal of Algebra and Its Applications ◽

10.1142/s0219498823500147 ◽

2021 ◽

Author(s):

I. Nikitin

Keyword(s):

High Multiplicity ◽

Polynomial Equations ◽

Support Sets ◽

Multiplicity Formula ◽

System Of Polynomial Equations ◽

Systems Of Polynomial Equations

Given a bivariate system of polynomial equations with fixed support sets [Formula: see text] it is natural to ask which multiplicities its solutions can have. We prove that there exists a system with a solution of multiplicity [Formula: see text] for all [Formula: see text] in the range [Formula: see text], where [Formula: see text] is the set of all integral vectors that shift B to a subset of [Formula: see text]. As an application, we classify all pairs [Formula: see text] such that the system supported at [Formula: see text] does not have a solution of multiplicity higher than [Formula: see text].

Download Full-text

MIMO-Based Secret Key Generation Strategies

International Journal of Mobile Computing and Multimedia Communications ◽

10.4018/ijmcmc.2014070102 ◽

2014 ◽

Vol 6 (3) ◽

pp. 22-55 ◽

Cited By ~ 6

Author(s):

Kan Chen ◽

Bala Natarajan

Keyword(s):

Key Management ◽

Multiple Input Multiple Output ◽

Key Generation ◽

Secret Key ◽

Secret Key Generation ◽

Cooperative Mimo ◽

Multiple Input ◽

Secret Keys ◽

Input Multiple Output ◽

Network Technologies

Over the last decade, physical layer secret key generation (PHY-SKG) techniques that exploit reciprocity of wireless channels have attracted considerable interest among researchers in the field of wireless communication. Compared to traditional cryptographic methods, PHY-SKG techniques offer the following advantages: a computationally bounded adversary does not need to be assumed; PHY-SKG avoids the requirement of key management, and secret keys can be dynamically replenished. Additionally, PHY-SKG can enhance existing security schemes because it operates independently of higher layer security schemes. However, a key drawback of PHY-SKG is low secret key generation rate (SKGR), a critical performance metric. Therefore, the role of advanced network technologies (e.g., multiple input multiple output (MIMO) and cooperative MIMO) must be explored to enhance SKGR. This paper describes how MIMO and cooperative MIMO techniques can enhance SKGR.

Download Full-text