1, 2, 3, Fork: Counter Mode Variants based on a Generalized Forkcipher

A multi-forkcipher (MFC) is a generalization of the forkcipher (FC) primitive introduced by Andreeva et al. at ASIACRYPT’19. An MFC is a tweakable cipher that computes s output blocks for a single input block, with s arbitrary but fixed. We define the MFC security in the ind-prtmfp notion as indistinguishability from s tweaked permutations. Generalizing tweakable block ciphers (TBCs, s = 1), as well as forkciphers (s = 2), MFC lends itself well to building simple-to-analyze modes of operation that support any number of cipher output blocks.Our main contribution is the generic CTR encryption mode GCTR that makes parallel calls to an MFC to encrypt a message M. We analyze the set of all 36 “simple and natural” GCTR variants under the nivE security notion by Peyrin and Seurin rom CRYPTO’16. Our proof method makes use of an intermediate abstraction called tweakable CTR (TCTR) that captures the core security properties of GCTR common to all variants, making their analyses easier. Our results show that many of the schemes achieve from well beyond birthday bound (BBB) to full n-bit security under nonce respecting adversaries and some even BBB and close to full n-bit security in the face of realistic nonce misuse conditions.We finally present an efficiency comparison of GCTR using ForkSkinny (an MFC with s = 2) with the traditional CTR and the more recent CTRT modes, both are instantiated with the SKINNY TBC. Our estimations show that any GCTR variant with ForkSkinny can achieve an efficiency advantage of over 20% for moderately long messages, illustrating that the use of an efficient MFC with s ≥ 2 brings a clear speed-up.

Digital signature schemes with strong existential unforgeability

Digital signature schemes (DSS) are ubiquitously used for public authentication in the infrastructure of the internet, in addition to their use as a cryptographic tool to construct even more sophisticated schemes such as those that are identity-based. The security of DSS is analyzed through the existential unforgeability under chosen message attack (EUF-CMA) experiment which promises unforgeability of signatures on new messages even when the attacker has access to an arbitrary set of messages and their corresponding signatures. However, the EUF-CMA model does not account for attacks such as an attacker forging a different signature on an existing message, even though the attack could be devastating in the real world and constitutes a severe breach of the security system. Nonetheless, most of the DSS are not analyzed in this security model, which possibly makes them vulnerable to such an attack. In contrast, a better security notion known as strong EUF-CMA (sEUF-CMA) is designed to be resistant to such attacks. This review aims to identify DSS in the literature that are secure in the sEUF-CMA model. In addition, the article discusses the challenges and future directions of DSS. In our review, we consider the security of existing DSS that fit our criterion in the sEUF-CMA model; our criterion is simple as we only require the DSS to be at least secure against the minimum of existential forgery. Our findings are categorized into two classes: the direct and indirect classes of sEUF-CMA. The former is inherently sEUF-CMA without any modification while the latter requires some transformation. Our comprehensive review contributes to the security and cryptographic research community by discussing the efficiency and security of DSS that are sEUF-CMA, which aids in selecting robust DSS in future design considerations.

Probing Security through Input-Output Separation and Revisited Quasilinear Masking

The probing security model is widely used to formally prove the security of masking schemes. Whenever a masked implementation can be proven secure in this model with a reasonable leakage rate, it is also provably secure in a realistic leakage model known as the noisy leakage model. This paper introduces a new framework for the composition of probing-secure circuits. We introduce the security notion of input-output separation (IOS) for a refresh gadget. From this notion, one can easily compose gadgets satisfying the classical probing security notion –which does not ensure composability on its own– to obtain a region probing secure circuit. Such a circuit is secure against an adversary placing up to t probes in each gadget composing the circuit, which ensures a tight reduction to the more realistic noisy leakage model. After introducing the notion and proving our composition theorem, we compare our approach to the composition approaches obtained with the (Strong) Non-Interference (S/NI) notions as well as the Probe-Isolating Non-Interference (PINI) notion. We further show that any uniform SNI gadget achieves the IOS security notion, while the converse is not true. We further describe a refresh gadget achieving the IOS property for any linear sharing with a quasilinear complexity Θ(n log n) and a O(1/ log n) leakage rate (for an n-size sharing). This refresh gadget is a simplified version of the quasilinear SNI refresh gadget proposed by Battistello, Coron, Prouff, and Zeitoun (ePrint 2016). As an application of our composition framework, we revisit the quasilinear-complexity masking scheme of Goudarzi, Joux and Rivain (Asiacrypt 2018). We improve this scheme by generalizing it to any base field (whereas the original proposal only applies to field with nth powers of unity) and by taking advantage of our composition approach. We further patch a flaw in the original security proof and extend it from the random probing model to the stronger region probing model. Finally, we present some application of this extended quasilinear masking scheme to AES and MiMC and compare the obtained performances.

Computation of Trusted Short Weierstrass Elliptic Curves for Cryptography

Short Weierstrass elliptic curves with underlying hard Elliptic Curve Discrete Logarithm Problem (ECDLP) are widely used in cryptographic applications. A notion of security called Elliptic Curve Cryptography (ECC) security is also suggested in literature to safeguard the elliptic curve cryptosystems from their implementation flaws. In this paper, a new security notion called the “trusted security” is introduced for computational method of elliptic curves for cryptography. We propose three additional “trusted security acceptance criteria” which need to be met by the elliptic curves aimed for cryptography. Further, two cryptographically secure elliptic curves over 256 bit and 384 bit prime fields are demonstrated which are secure from ECDLP, ECC as well as trust perspectives. The proposed elliptic curves are successfully subjected to thorough security analysis and performance evaluation with respect to key generation and signing/verification and hence, proven for their cryptographic suitability and great feasibility for acceptance by the community.

A Fully Adaptively Secure Threshold Signature Scheme Based on Dual-Form Signatures Technology

In t , n threshold signature schemes, any subset of t participants out of n can produce a valid signature, but any fewer than t participants cannot. Meanwhile, a threshold signature scheme should remain robust and unforgeable against up to t − 1 corrupted participants. This nonforgeability property is that even an adversary breaking into up to t − 1 participants should be unable to generate signatures on its own. Existential unforgeability against adaptive chosen message attacks is widely considered as a standard security notion for digital signature, and threshold signature should also follow this accordingly. However, there are two special attack models in a threshold signature scheme: one is the static corruption attack and the other is the adaptive corruption attack. Since the adaptive corruption model appears to better capture real threats, designing and proving threshold signature schemes secure in the adaptive corruption model has been focused on in recent years. If a threshold signature is secure under adaptive chosen message attack and adaptive corruption attack, we say it is fully adaptively secure. In this paper, based on the dual pairing vector spaces technology, we construct a threshold signature scheme and use Gerbush et al.’s dual-form signatures technology to prove our scheme, which is fully adaptively secure in the standard model, and then compare it to other schemes in terms of the efficiency and computation.

SUBSTANTIALIZING AND IMPLEMENTING HUMAN SECURITY IN THE CONTEXT OF FOREIGN POLICY

The presentation of ‘human security’ notion in 1990s signified transformation of international relations from nation-centred international system to people-centred international system. This concept not only redefined the term security, but altered the perceptions of both objects and subjects of threat as well. This development in the discourse of ‘security’ and the logic of linkage between national-interests and human-interests convinced states to reconsider and reframe their security policy. This article describes the notion of human security as a crux to chain the people across the world owing to the recognition of identical security challenges and responses. The concept of human security brought states closer and infused the sense of collaboration and cooperation to mitigate the threats to the security of human being. Methodologically, this paper presents qualitative and analytical study applying secondary data. This study presents the period 1995-2003 as a historical tenure regarding development of human security approach in the foreign policy of Japan. This research analyses how the Japanese governments under the leadership of some people-friendly Prime Ministers advocated the concept of human security and promoted it as a vital determinant of the foreign policy of Japan.

Almost Fully Secured Lattice-Based Group Signatures with Verifier-Local Revocation

An efficient member revocation mechanism is a desirable feature when group signature schemes are applied in practical scenarios. Revocation methods, such as verifier-local revocation (VLR), provide an efficient member revocation in applications of group signatures. However, VLR-group signatures rely on a weaker security notion. On the other hand, group signature schemes for static groups gain stronger security with the full-anonymity security notion. Even though an outsider sees the secret signing keys of all group members in the full-anonymity, the signer is still anonymous. Achieving the full-anonymity for VLR group signature schemes is challenging due to the structure of secret signing keys. The secret signing keys of those schemes consist of tokens, which are used to manage revocation. The reveal of tokens may destroy the anonymity of the signers. We obtain stronger security for the lattice-based VLR group signature schemes by providing a new key generation method, which outputs revocation tokens without deriving from the members’ secret signing keys. We propose a new group signature scheme from lattices with VLR, which achieves stronger security than the previous related works. To avoid signature forgeries, we suggest a new zero-knowledge proof system that requires signers to validate themselves. Moreover, we output an efficient tracing mechanism.

Private Set Operations Over Encrypted Cloud Dataset and Applications

We introduce the notion of private set operations (PSO) as a symmetric-key primitive in the cloud scenario, where a client securely outsources his dataset to a cloud service provider and later privately issues queries in the form of common set operations. We define a syntax and security notion for PSO and propose a general construction that satisfies it. There are two main ingredients to our PSO scheme: an adjustable join (Adjoin) scheme (MIT-CSAIL-TR-2012-006 (2012) Cryptographic treatment of CryptDB’s adjustable join. http://people.csail.mit.edu/nickolai/papers/popa-join-tr.pdf) and a tuple set (TSet) scheme (Cash, D., Jarecki, S., Jutla, C. S., Krawczyk, H., Rosu, M.-C., and Steiner, M. (2013) Highly-Scalable Searchable Symmetric Encryption With Support for Boolean Queries. 33rd Annual Cryptology Conf., Santa Barbara, CA, August 18–22, pp. 353–373. Springer, Berlin, Heidelberg). We also propose an Adjoin construction that is substantially more efficient (in computation and storage) than the previous ones (Mironov, I., Segev, G., and Shahaf, I. (2017) Strengthening the Security of Encrypted Databases: Non-Transitive Joins. 15th Int. Conf., TCC 2017, Baltimore, MD, USA, November 12–15, pp. 631–661. Springer, Cham) due to the hardness assumption that we rely on, while retaining the same security notion. The proposed PSO scheme can be used to perform join queries on encrypted databases without revealing the duplicate patterns in the unqueried columns, which is inherent to an Adjoin scheme. In addition, we also show that the PSO scheme can be used to perform Boolean search queries on a collection of encrypted documents. We also provide standard security proofs for our constructions and present detailed efficiency evaluation and compare them with well-known previous ones.

A New Framework of IND-CCA Secure Public Key Encryption with Keyword Search

In the era of cloud computing, public key encryption with keyword search (PEKS) is an extremely useful cryptographic tool for searching on encryption data, whose strongest security notion is indistinguishability encryption against chosen ciphertext attack (ind-cca). Adballa et al. presented a transformation from identity based encryption (IBE) to PEKS in the Theory of Cryptography Conference 2010. This paper proposes a new framework of ind-cca secure PEKS in the standard model. Our main technical tool is a newly introduced notion of smooth projective hash function with key mapping, in which the hash key hk is mapped into another mapping projection key mhp besides the classical projection key hp. Finally, we provide an instantiation of our framework based on symmetric eXternal Diffie–Hellman assumption.

GLOBALIZATION MEASUREMENT OF NATIONAL SECURITY RUSSIA IN THE XXI CENTURY (THE CRITICAL ANALYSIS)

The article examines critically the phenomenon of modern globalization. Globalization is considered as the process of Westernification – inculcation of Western civilizational and cultural forms of identity in non-Western countries and peoples and replacement of traditional historically formed identities of these countries and peoples with them. The primary focus is on the issue of national security of countries and peoples faced with the threats of “westernified” globalization, and related new economic order and global consumer society. Globalization is interpreted by the author first of all as economic process, objectifying and subordinating all other aspects of life of countries and peoples, destroying historically established traditional social institutions and replacing them by ersatz (artificial constructions alienated from individuals). Special attention is made to the analysis of the position of Russia in a globalized world. The author suggests his own definition of the “national security” notion and reveals its content. General nationwide interests and specific tasks of national security of Russia under new global economic order are clarified. It is shown that the strategy of excessive openness of Russia for globalization influences during the perestroika years provoked destructive social consequences, especially for traditional social institutions of the Russian society. The need for rational, open-close type strategy for sustainable development of Russia is justified.