Dates are inconsistent

Dates are inconsistent

52 results sorted by ID

2024/1579 (PDF) Last updated: 2024-10-07
Re-visiting Authorized Private Set Intersection: A New Privacy-Preserving Variant and Two Protocols
Francesca Falzon, Evangelia Anna Markatou
Cryptographic protocols

We revisit the problem of Authorized Private Set Intersection (APSI), which allows mutually untrusting parties to authorize their items using a trusted third-party judge before privately computing the intersection. We also initiate the study of Partial-APSI, a novel privacy-preserving generalization of APSI in which the client only reveals a subset of their items to a third-party semi-honest judge for authorization. Partial-APSI allows for partial verification of the set, preserving the...

2024/1538 (PDF) Last updated: 2024-10-02
Security Perceptions of Users in Stablecoins: Advantages and Risks within the Cryptocurrency Ecosystem
Maggie Yongqi Guan, Yaman Yu, Tanusree Sharma, Molly Zhuangtong Huang, Kaihua Qin, Yang Wang, Kanye Ye Wang
Applications

Stablecoins, a type of cryptocurrency pegged to another asset to maintain a stable price, have become an important part of the cryptocurrency ecosystem. Prior studies have primarily focused on examining the security of stablecoins from technical and theoretical perspectives, with limited investigation into users’ risk perceptions and security behaviors in stablecoin practices. To address this research gap, we conducted a mixed-method study that included constructing a stablecoin interaction...

2024/813 (PDF) Last updated: 2024-05-28
How to Redact the Bitcoin Backbone Protocol
Mehmet Sabir Kiraz, Enrique Larraia, Owen Vaughan
Cryptographic protocols

We explain how to extend the Bitcoin backbone model of Garay et al. (Eurocrypt, 2015) to accommodate for redactable blockchains. Our extension captures fluid blockchain-based databases (with mutability requirements) and compliance with existing legislation, such as the GDPR right to be forgotten, or the need to erase offending data from nodes’ databases that would otherwise provoke legal shutdowns. Our redactable backbone protocol retains the essential properties of blockchains. Leveraging...

2024/502 (PDF) Last updated: 2024-03-29
Best of Two Worlds: Efficient, Usable and Auditable Biometric ABC on the Blockchain
Neyire Deniz Sarier
Applications

In [1], two generic constructions for biometric-based non-transferable Attribute Based Credentials (biometric ABC) are presented, which offer different trade-offs between efficiency and trust assumptions. In this paper, we focus on the second scheme denoted as BioABC-ZK that tries to remove the strong (and unrealistic) trust assumption on the Reader R, and show that BioABC-ZK has a security flaw for a colluding R and Verifier V. Besides, BioABC-ZK lacks GDPR-compliance, which requires secure...

2024/379 (PDF) Last updated: 2024-06-04
SyRA: Sybil-Resilient Anonymous Signatures with Applications to Decentralized Identity
Elizabeth Crites, Aggelos Kiayias, Markulf Kohlweiss, Amirreza Sarencheh
Cryptographic protocols

We introduce a new cryptographic primitive, called Sybil-Resilient Anonymous (SyRA) signatures, which enable users to generate, on demand, unlinkable pseudonyms tied to any given context, and issue signatures on behalf of these pseudonyms. Concretely, given a personhood relation, an issuer (who may be a distributed entity) enables users to prove their personhood and extract an associated long-term key, which can then be used to issue signatures for any given context and message....

2024/164 (PDF) Last updated: 2024-10-03
Faster BGV Bootstrapping for Power-of-Two Cyclotomics through Homomorphic NTT
Shihe Ma, Tairong Huang, Anyu Wang, Xiaoyun Wang
Public-key cryptography

Power-of-two cyclotomics is a popular choice when instantiating the BGV scheme because of its efficiency and compliance with the FHE standard. However, in power-of-two cyclotomics, the linear transformations in BGV bootstrapping cannot be decomposed into sub-transformations for acceleration with existing techniques. Thus, they can be highly time-consuming when the number of slots is large, degrading the advantage brought by the SIMD property of the plaintext space. By exploiting the...

2023/1900 (PDF) Last updated: 2024-06-04
Conan: Distributed Proofs of Compliance for Anonymous Data Collection
Mingxun Zhou, Elaine Shi, Giulia Fanti
Cryptographic protocols

We consider how to design an anonymous data collection protocol that enforces compliance rules. Imagine that each client contributes multiple data items (e.g., votes, location crumbs, or secret shares of its input) to an anonymous network, which mixes all clients' data items so that the receiver cannot determine which data items belong to the same user. Now, each user must prove to an auditor that the set it contributed satisfies a compliance predicate, without identifying which items it...

2023/1717 (PDF) Last updated: 2024-01-10
A Framework for Resilient, Transparent, High-throughput, Privacy-Enabled Central Bank Digital Currencies
Elli Androulaki, Marcus Brandenburger, Angelo De Caro, Kaoutar Elkhiyaoui, Alexandros Filios, Liran Funaro, Yacov Manevich, Senthilnathan Natarajan, Manish Sethi
Applications

Central Bank Digital Currencies refer to the digitization of lifecycle's of central bank money in a way that meets first of a kind requirements for transparency in transaction processing, interoperability with legacy or new world, and resilience that goes beyond the traditional crash fault tolerant model. This comes in addition to legacy system requirements for privacy and regulation compliance, that may differ from central bank to central bank. This paper introduces a novel framework for...

2023/1363 (PDF) Last updated: 2023-09-12
Amortized NISC over $\mathbb{Z}_{2^k}$ from RMFE
Fuchun Lin, Chaoping Xing, Yizhou Yao, Chen Yuan
Cryptographic protocols

Reversed multiplication friendly embedding (RMFE) amortization has been playing an active role in the state-of-the-art constructions of MPC protocols over rings (in particular, the ring $\mathbb{Z}_{2^k}$). As far as we know, this powerful technique has NOT been able to find applications in the crown jewel of two-party computation, the non-interactive secure computation (NISC), where the requirement of the protocol being non-interactive constitutes a formidable technical bottle-neck. We...

2023/1317 (PDF) Last updated: 2023-09-04
Pisces: Private and Compliable Cryptocurrency Exchange
Ya-Nan Li, Tian Qiu, Qiang Tang
Applications

Cryptocurrency exchange platforms such as Coinbase, Binance, enable users to purchase and sell cryptocurrencies conveniently just like trading stocks/commodities. However, because of the nature of blockchain, when a user withdraws coins (i.e., transfers coins to an external on-chain account), all future transactions can be learned by the platform. This is in sharp contrast to conventional stock exchange where all external activities of users are always hidden from the platform. Since the...

2023/1178 (PDF) Last updated: 2023-08-01
Towards Open Scan for the Open-source Hardware
Leonid Azriel, Avi Mendelson
Applications

The open-source hardware IP model has recently started gaining popularity in the developer community. This model offers the integrated circuit (IC) developers wider standardization, faster time-to-market and richer platform for research. In addition, open-source hardware conforms to the Kerckhoff’s principle of a publicly-known algorithm and thus helps to enhance security. However, when security comes into consideration, source transparency is only one part of the solution. A complex global...

2023/1152 (PDF) Last updated: 2024-09-10
Haze and Daze: Compliant Privacy Mixers
Stanislaw Baranski, Maya Dotan, Ayelet Lotem, Margarita Vald
Applications

Blockchains enable mutually distrustful parties to perform financial operations in a trustless, decentralized, publicly-verifiable environment. Blockchains typically offer little privacy, and thus motivated the construction of privacy mixers, a solution to make funds untraceable. Privacy mixers concern regulators due to their increasing use by bad actors to illegally conceal the origin of funds. Consequently, Tornado Cash, the largest privacy mixer to date, is sanctioned by large portions of...

2023/1070 (PDF) Last updated: 2024-03-12
Unlinkable Policy-Compliant Signatures for Compliant and Decentralized Anonymous Payments
Christian Badertscher, Mahdi Sedaghat, Hendrik Waldner
Cryptographic protocols

Privacy-preserving payment systems face the difficult task of balancing privacy and accountability: on one hand, users should be able to transact privately and anonymously, on the other hand, no illegal activities should be tolerated. The challenging question of finding the right balance lies at the core of the research on accountable privacy that stipulates the use of cryptographic techniques for policy enforcement. Current state-of-the-art systems are only able to enforce rather limited...

2023/999 (PDF) Last updated: 2023-06-27
Enforcing Data Geolocation Policies in Public Cloud using Trusted Computing
Syed Zair Abbas, Mudassar Aslam
Applications

With the advancement in technology, Cloud computing always amazes the world with revolutionizing solutions that automate and simplify complex computational tasks. The advantages like no maintenance cost, accessibility, data backup, pay-per-use models, unlimited storage, and processing power encourage individuals and businesses to migrate their workload to the cloud. Despite the numerous advantages of cloud computing, the geolocation of data in the cloud environment is a massive concern,...

2023/713 (PDF) Last updated: 2024-07-12
KAIME : Central Bank Digital Currency with Realistic and Modular Privacy
Ali Dogan, Kemal Bicakci
Cryptographic protocols

Recently, with the increasing interest in Central Bank Digital Currency (CBDC), many countries have been working on researching and developing digital currency. The most important reasons for this interest are that CBDC eliminates the disadvantages of traditional currencies and provides a safer, faster, and more efficient payment system. These benefits also come with challenges, such as safeguarding individuals’ privacy and ensuring regulatory mechanisms. While most researches address the...

2023/587 (PDF) Last updated: 2023-04-24
Proof-Carrying Data From Arithmetized Random Oracles
Megan Chen, Alessandro Chiesa, Tom Gur, Jack O'Connor, Nicholas Spooner
Foundations

Proof-carrying data (PCD) is a powerful cryptographic primitive that allows mutually distrustful parties to perform distributed computation in an efficiently verifiable manner. Known constructions of PCD are obtained by recursively-composing SNARKs or related primitives. SNARKs with desirable properties such as transparent setup are constructed in the random oracle model. However, using such SNARKs to construct PCD requires heuristically instantiating the oracle and using it in a...

2023/356 (PDF) Last updated: 2023-06-02
Anamorphic Signatures: Secrecy From a Dictator Who Only Permits Authentication!
Miroslaw Kutylowski, Giuseppe Persiano, Duong Hieu Phan, Moti Yung, Marcin Zawada
Foundations

The goal of this research is to raise technical doubts regarding the usefulness of the repeated attempts by governments to curb Cryptography (aka the ``Crypto Wars''), and argue that they, in fact, cause more damage than adding effective control. The notion of Anamorphic Encryption was presented in Eurocrypt '22 for a similar aim. There, despite the presence of a Dictator who possesses all keys and knows all messages, parties can arrange a hidden ``anamorphic'' message in an otherwise...

2023/116 (PDF) Last updated: 2023-07-06
A Cryptographic Layer for the Interoperability of CBDC and Cryptocurrency Ledgers
Diego Castejon-Molina, Alberto del Amo Pastelero, Dimitrios Vasilopoulos, Pedro Moreno-Sanchez
Applications

Cryptocurrencies are used in several, distinct use cases, thereby sustaining the existence of many ledgers that are heterogeneous in terms of design and purpose. In addition, the interest of central banks in deploying Central Bank Digital Currency (CBDC) has spurred a blooming number of conceptually different proposals from central banks and academia. As a result of the diversity of cryptocurrency and CBDC ledgers, interoperability, i.e., the seamless transfer of value between users that...

2022/974 (PDF) Last updated: 2024-08-02
PEReDi: Privacy-Enhanced, Regulated and Distributed Central Bank Digital Currencies
Amirreza Sarencheh, Aggelos Kiayias, Markulf Kohlweiss
Applications

Central Bank Digital Currencies (CBDCs) aspire to offer a digital replacement for physical cash and as such need to tackle two fundamental requirements that are in conflict. On the one hand, it is desired they are private so that a financial “panopticon” is avoided, while on the other, they should be regulation friendly in the sense of facilitating any threshold-limiting, tracing, and counterparty auditing functionality that is necessary to comply with regulations such as Know Your Customer...

2022/491 (PDF) Last updated: 2022-04-23
Multi-Party Computation in the GDPR
Lukas Helminger, Christian Rechberger

The EU GDPR has two main goals: Protecting individuals from personal data abuse and simplifying the free movement of personal data. Privacy-enhancing technologies promise to fulfill both goals simultaneously. A particularly effective and versatile technology solution is multi-party computation (MPC). It allows protecting data during a computation involving multiple parties. This paper aims for a better understanding of the role of MPC in the GDPR. Although MPC is relatively mature, little...

2022/397 (PDF) Last updated: 2022-03-28
Revocable Hierarchical Attribute-based Signatures from Lattices
Daniel Gardham, Mark Manulis
Public-key cryptography

Attribute-based Signatures (ABS) allow users to obtain attributes from issuing authorities, and sign messages whilst simultaneously proving compliance of their attributes with a verification policy. ABS demands that both the signer and the set of attributes used to satisfy a policy remain hidden to the verifier. Hierarchical ABS (HABS) supporting roots of trust and delegation were recently proposed to alleviate scalability issues in centralised ABS schemes. An important yet challenging...

2022/321 (PDF) Last updated: 2022-03-08
zkKYC in DeFi: An approach for implementing the zkKYC solution concept in Decentralized Finance
Pieter Pauwels, Joni Pirovich, Peter Braunz, Jack Deeb
Applications

Decentralized Finance (DeFi) protocols have triggered a paradigm shift in the world of finance: intermediaries as known in traditional finance risk becoming redundant because DeFi creates an inherent state of “trustlessness”; financial transactions are executed in a deterministic, trustless and censorship resistant manner; the individual is granted verifiability, control and sovereignty. This creates challenges for compliance with jurisdictional Anti-Money Laundering and Combatting the...

2022/119 (PDF) Last updated: 2022-02-20
Hardware Implementation of SpoC-128
Ambati Sathvik, Tirunagari Rahul, Anubhab Baksi, Vikramkumar Pudi
Secret-key cryptography

In this work, we present a hardware implementation of the lightweight Authenticated Encryption with Associated Data (AEAD) SpoC-128. Designed by AlTawy, Gong, He, Jha, Mandal, Nandi and Rohit; SpoC-128 was submitted to the Lightweight Cryptography (LWC) competition being organised by the National Institute of Standards and Technology (NIST) of the United States Department of Commerce. Our implementation follows the Application Programming Interface (API) specified by the cryptographic...

2022/033 (PDF) Last updated: 2022-01-14
Deletion-Compliance in the Absence of Privacy
Jonathan Godin, Philippe Lamontagne

Garg, Goldwasser and Vasudevan (Eurocrypt 2020) invented the notion of deletion-compliance to formally model the "right to be forgotten", a concept that confers individuals more control over their digital data. A requirement of deletion-compliance is strong privacy for the deletion requesters since no outside observer must be able to tell if deleted data was ever present in the first place. Naturally, many real world systems where information can flow across users are automatically ruled...

2021/1443 (PDF) Last updated: 2022-09-05
Platypus: A Central Bank Digital Currency with Unlinkable Transactions and Privacy Preserving Regulation
Karl Wüst, Kari Kostiainen, Noah Delius, Srdjan Capkun
Applications

Due to the popularity of blockchain-based cryptocurrencies, the increasing digitalization of payments, and the constantly reducing role of cash in society, central banks have shown an increased interest in deploying central bank digital currencies (CBDCs) that could serve as a digital cash-equivalent. While most recent research on CBDCs focuses on blockchain technology, it is not clear that this choice of technology provides the optimal solution. In particular, the centralized trust model of...

2021/1234 (PDF) Last updated: 2022-03-04
Policy-Compliant Signatures
Christian Badertscher, Christian Matt, Hendrik Waldner

We introduce policy-compliant signatures (PCS). A PCS scheme can be used in a setting where a central authority determines a global policy and distributes public and secret keys associated with sets of attributes to the users in the system. If two users, Alice and Bob, have attribute sets that jointly satisfy the global policy, Alice can use her secret key and Bob's public key to sign a message. Unforgeability ensures that a valid signature can only be produced if Alice's secret key is known...

2021/598 (PDF) Last updated: 2021-05-10
Proof of Assets in the Diem Blockchain
Panagiotis Chatzigiannis, Konstantinos Chalkias
Applications

A great challenge for distributed payment systems is their compliance with regulations, such as anti-money laundering, insolvency legislation, countering the financing of terrorism and sanctions laws. After Bitcoin's MtGox scandal, one of the most needed auditing functionalities for financial solvency and tax reporting purposes is to prove ownership of blockchain reserves, a process known as Proof of Assets (PoA). This work formalizes the PoA requirements in account-based blockchains,...

2021/360 (PDF) Last updated: 2021-03-18
An Architecture for Blockchain-based Cloud Banking
Thuat Do
Foundations

Blockchain has been practiced in crypto-currencies and crossborder banking settlement. However, no clear evidence that a distributed ledger network (or Blockchain) is built within domestic payment systems, although many experts believe that Blockchain has wide applicability in various industries and disciplines. As the author’s best knowledge, no one has published a clear architecture and a feasible framework for a Blockchain-based banking network. Thus, \how Blockchain can be implemented in...

2021/054 (PDF) Last updated: 2021-07-08
The Cost of IEEE Arithmetic in Secure Computation
David W. Archer, Shahla Atapoor, Nigel P. Smart
Cryptographic protocols

Programmers are used to the rounding and error properties of IEEE double precision arithmetic, however in secure computing paradigms, such as provided by Multi-Party Computation (MPC), usually a different form of approximation is provided for real number arithmetic. We compare the two standard variants using for LSSS-based MPC, with an implementation of IEEE compliant double precision using binary circuit-based MPC. We compare the relative performance, and conclude that the addition cost of...

2020/1511 (PDF) Last updated: 2022-05-30
Balancing Privacy and Accountability in Blockchain Identity Management
Ivan Damgård, Chaya Ganesh, Hamidreza Khoshakhlagh, Claudio Orlandi, Luisa Siniscalchi
Cryptographic protocols

The lack of privacy in the first generation of cryptocurrencies such as Bitcoin, Ethereum, etc. is a well known problem in cryptocurrency research. To overcome this problem, several new cryptocurrencies were designed to guarantee transaction privacy and anonymity for their users (examples include ZCash, Monero, etc.). However, the anonymity provided by such systems appears to be fundamentally problematic in current business and legislation settings: banks and other financial institutions...

2020/1207 (PDF) Last updated: 2021-02-24
FPGA Benchmarking of Round 2 Candidates in the NIST Lightweight Cryptography Standardization Process: Methodology, Metrics, Tools, and Results
Kamyar Mohajerani, Richard Haeussler, Rishub Nagpal, Farnoud Farahmand, Abubakr Abdulgadir, Jens-Peter Kaps, Kris Gaj
Implementation

Twenty seven Round 2 candidates in the NIST Lightweight Cryptography (LWC) process have been implemented in hardware by groups from all over the world. All implementations compliant with the LWC Hardware API, proposed in 2019, have been submitted for hardware benchmarking to George Mason University’s LWC benchmarking team. The received submissions were first verified for correct functionality and compliance with the hardware API’s specification. Then, the execution times in clock cycles, as...

2020/866 (PDF) Last updated: 2021-11-11
Development of The RISC-V Entropy Source Interface
Markku-Juhani O. Saarinen, G. Richard Newell, Ben Marshall
Implementation

The RISC-V True Random Number Generator (TRNG) architecture breaks with previous ISA TRNG practice by splitting the Entropy Source (ES) component away from cryptographic DRBGs into a separate privileged interface, and in its use of polling. The modular approach is suitable for the RISC-V hardware IP ecosystem, allows a significantly smaller implementation footprint on platforms that need it, while directly supporting current standards compliance testing methods. We describe the interface,...

2020/522 (PDF) Last updated: 2022-06-13
Privately Connecting Mobility to Infectious Diseases via Applied Cryptography
Alexandros Bampoulidis, Alessandro Bruni, Lukas Helminger, Daniel Kales, Christian Rechberger, Roman Walch
Cryptographic protocols

Recent work has shown that cell phone mobility data has the unique potential to create accurate models for human mobility and consequently the spread of infected diseases. While prior studies have exclusively relied on a mobile network operator's subscribers' aggregated data in modelling disease dynamics, it may be preferable to contemplate aggregated mobility data of infected individuals only. Clearly, naively linking mobile phone data with health records would violate privacy by either...

2020/097 (PDF) Last updated: 2020-02-04
Research on OpenSSL Elliptic Curves for Compliance with the Russian National Digital Signature Standard
Stanislav S. Malakhov
Applications

The survey deals with elliptic curves which are implemented in the OpenSSL 1.1.1d software library. The objective of this work is to highlight the elliptic curves which comply with the Russian national digital signature standard, namely the GOST R 34.10--2012. For this reason the paper focuses on the OpenSSL elliptic curves over a finite field of a prime order and provides the results of testing those curves for compliance with the GOST R 34.10--2012 requirements. Two cases are observed. The...

2020/046 (PDF) Last updated: 2020-01-17
On Analysis of Lightweight Stream Ciphers with Keyed Update
Orhun Kara, Muhammed F. Esgin
Secret-key cryptography

As the need for lightweight cryptography has grown even more due to the evolution of the Internet of Things, it has become a greater challenge for cryptographers to design ultra lightweight stream ciphers in compliance with the rule of thumb that the internal state size should be at least twice as the key size to defend against generic Time-Memory-Data Tradeoff (TMDT) attacks. However, recently in 2015, Armknecht and Mikhalev sparked a new light on designing keystream generators (KSGs),...

2019/1273 (PDF) Last updated: 2019-11-05
A Comprehensive Framework for Fair and Efficient Benchmarking of Hardware Implementations of Lightweight Cryptography
Jens-Peter Kaps, William Diehl, Michael Tempelmeier, Farnoud Farahmand, Ekawat Homsirikamol, Kris Gaj
Implementation

In this paper, we propose a comprehensive framework for fair and efficient benchmarking of hardware implementations of lightweight cryptography (LWC). Our framework is centered around the hardware API (Application Programming Interface) for the implementations of lightweight authenticated ciphers, hash functions, and cores combining both functionalities. The major parts of our API include the minimum compliance criteria, interface, and communication protocol supported by the LWC core. The...

2019/1113 (PDF) Last updated: 2019-12-22
Towards a Homomorphic Machine Learning Big Data Pipeline for the Financial Services Sector
Oliver Masters, Hamish Hunt, Enrico Steffinlongo, Jack Crawford, Flavio Bergamaschi, Maria E. Dela Rosa, Caio C. Quini, Camila T. Alves, Feranda de Souza, Deise G. Ferreira
Applications

Machinelearning(ML)istodaycommonlyemployedintheFinancialServicesSector(FSS) to create various models to predict a variety of conditions ranging from financial transactions fraud to outcomes of investments and also targeted marketing campaigns. The common ML technique used for the modeling is supervised learning using regression algorithms and usually involves large amounts of data that needs to be shared and prepared before the actual learning phase. Compliance with privacy laws and...

2019/382 (PDF) Last updated: 2019-05-23
Hierarchical Attribute-based Signatures: Short Keys and Optimal Signature Length
Daniel Gardham, Mark Manulis
Public-key cryptography

With Attribute-based Signatures (ABS) users can simultaneously sign messages and prove compliance of their attributes, issued by designated attribute authorities, with some verification policy. Neither signer's identity nor possessed attributes are leaked during the verification process, making ABS schemes a handy tool for applications requiring privacy-preserving authentication. Earlier ABS schemes lacked support for hierarchical delegation of attributes (across tiers of attribute...

2019/319 (PDF) Last updated: 2023-07-15
PGC: Pretty Good Decentralized Confidential Payment System with Auditability
Yu Chen, Xuecheng Ma, Cong Tang, Man Ho Au
Applications

Modern cryptocurrencies such as Bitcoin and Ethereum achieve decentralization by replacing a trusted center with a distributed and append-only ledger (known as blockchain). However, removing this trusted center comes at significant cost of privacy due to the public nature of blockchain. Many existing cryptocurrencies fail to provide transaction anonymity and confidentiality, meaning that addresses of sender, receiver and transfer amount are publicly accessible. As the privacy concerns...

2017/1193 (PDF) Last updated: 2019-05-24
Rhythmic Keccak: SCA Security and Low Latency in HW
Victor Arribas, Begül Bilgin, George Petrides, Svetla Nikova, Vincent Rijmen
Secret-key cryptography

Glitches entail a great issue when securing a cryptographic implementation in hardware. Several masking schemes have been proposed in the literature that provide security even in the presence of glitches. The key property that allows this protection was introduced in threshold implementations as non-completeness. We address crucial points to ensure the right compliance of this property especially for low-latency implementations. Specifically, we first discuss the existence of a flaw in DSD...

2017/854 (PDF) Last updated: 2017-09-09
Zero-Knowledge Password Policy Check from Lattices
Khoa Nguyen, Benjamin Hong Meng Tan, Huaxiong Wang
Cryptographic protocols

Passwords are ubiquitous and most commonly used to authenticate users when logging into online services. Using high entropy passwords is critical to prevent unauthorized access and password policies emerged to enforce this requirement on passwords. However, with current methods of password storage, poor practices and server breaches have leaked many passwords to the public. To protect one's sensitive information in case of such events, passwords should be hidden from servers. Verifier-based...

2016/755 (PDF) Last updated: 2016-08-09
Auditable Data Structures
Michael T. Goodrich, Evgenios M. Kornaropoulos, Michael Mitzenmacher, Roberto Tamassia

The classic notion of history-independence guarantees that if a data structure is ever observed, only its current contents are revealed, not the history of operations that built it. This powerful concept has applications, for example, to e-voting and data retention compliance, where data structure histories should be private. The concept of weak history-independence (WHI) assumes only a single observation will ever occur, while strong history-independence (SHI) allows for multiple...

2016/626 (PDF) Last updated: 2016-06-17
CAESAR Hardware API
Ekawat Homsirikamol, William Diehl, Ahmed Ferozpuri, Farnoud Farahmand, Panasayya Yalla, Jens-Peter Kaps, Kris Gaj
Implementation

In this paper, we define the CAESAR hardware Application Programming Interface (API) for authenticated ciphers. In particular, our API is intended to meet the requirements of all algorithms submitted to the CAESAR competition. The major parts of our specification include: minimum compliance criteria, interface, communication protocol, and timing characteristics supported by the core. All of them have been defined with the goals of guaranteeing (a) compatibility among implementations of the...

2016/442 (PDF) Last updated: 2016-05-06
Blind Password Registration for Verifier-based PAKE
Franziskus Kiefer, Mark Manulis
Cryptographic protocols

We propose Blind Password Registration (BPR), a new class of cryptographic protocols that is instrumental for secure registration of client passwords at remote servers with additional protection against unwitting password disclosures on the server side that may occur due to the lack of the state-of-the-art password protection mechanisms implemented by the server or due to common server-compromise attacks. The dictionary attack resistance property of BPR protocols guarantees that the only...

2016/061 (PDF) Last updated: 2016-06-27
Accountable Privacy for Decentralized Anonymous Payments
Christina Garman, Matthew Green, Ian Miers

Decentralized ledger-based currencies such as Bitcoin provide a means to construct payment systems without requiring a trusted bank. Removing this trust assumption comes at the significant cost of transaction privacy. A number of academic works have sought to improve the privacy offered by ledger-based currencies using anonymous electronic cash (e-cash) techniques. Unfortunately, this strong degree of privacy creates new regulatory concerns, since the new private transactions cannot be...

2015/063 (PDF) Last updated: 2015-01-29
CamlCrush: A PKCS\#11 Filtering Proxy
R. Benadjila, T. Calderon, M. Daubignard
Applications

PKCS\#11 is a very popular cryptographic API: it is the standard used by many Hardware Security Modules, smartcards and software cryptographic tokens. Several attacks have been uncovered against PKCS\#11 at different levels: intrinsic logical flaws, cryptographic vulnerabilities or severe compliance issues. Since affected hardware remains widespread in computer infrastructures, we propose a user-centric and pragmatic approach for secure usage of vulnerable devices. We introduce \textit{Caml...

2014/602 (PDF) Last updated: 2014-08-12
A Cryptographic Study of Tokenization Systems
Sandra Diaz-Santiago, Lil Maria Rodriguez-Henriquez, Debrup Chakraborty
Secret-key cryptography

Payments through cards have become very popular in today's world. All businesses now have options to receive payments through this instrument, moreover most organizations store card information of its customers in some way to enable easy payments in future. Credit card data is a very sensitive information and theft of this data is a serious threat to any company. Any organization that stores credit card data needs to achieve payment card industry (PCI) compliance, which is an intricate ...

2014/242 (PDF) Last updated: 2015-01-13
Zero-Knowledge Password Policy Checks and Verifier-Based PAKE
Franziskus Kiefer, Mark Manulis

Zero-Knowledge Password Policy Checks (ZKPPC), introduced in this work, enable blind registration of client passwords at remote servers, i.e., client passwords are never transmitted to the servers. This eliminates the need for trusting servers to securely process and store client passwords. A ZKPPC protocol, executed as part of the registration procedure, allows clients to further prove compliance of chosen passwords with respect to password policies defined by the servers. The main...

2012/603 (PDF) Last updated: 2012-10-25
Collecting Data while Preserving Individuals' Privacy: A Case Study
Alexis Bonnecaze, Robert Rolland
Cryptographic protocols

Several companies exploit medical data to better understand medication consumption patterns. Their analyses are useful to various health actors in order to enhance health care management. In this article, we focus on a configuration which allows a network of pharmacies to forward medical data to a private company in order to construct a database. Pharmacies must operate in full compliance with legal requirements in terms of confidentiality and privacy. We show that our solution fulfills all...

2012/519 (PDF) Last updated: 2013-12-28
Faster implementation of scalar multiplication on Koblitz curves
Diego F. Aranha, Armando Faz-Hernández, Julio López, Francisco Rodríguez-Henríquez
Implementation

We design a state-of-the-art software implementation of field and elliptic curve arithmetic in standard Koblitz curves at the 128-bit security level. Field arithmetic is carefully crafted by using the best formulae and implementation strategies available, and the increasingly common native support to binary field arithmetic in modern desktop computing platforms. The i-th power of the Frobenius automorphism on Koblitz curves is exploited to obtain new and faster interleaved versions of the...

2009/306 (PDF) Last updated: 2009-07-01
Authentic Time-Stamps for Archival Storage
Alina Oprea, Kevin D. Bowers
Cryptographic protocols

We study the problem of authenticating the content and creation time of documents generated by an organization and retained in archival storage. Recent regulations (e.g., the Sarbanes-Oxley act and the Securities and Exchange Commission rule) mandate secure retention of important business records for several years. We provide a mechanism to authenticate bulk repositories of archived documents. In our approach, a space efficient local data structure encapsulates a full document repository in...

2009/149 (PDF) Last updated: 2009-05-14
Secure EPC Gen2 compliant Radio Frequency Identification
Mike Burmester, Breno de Medeiros, Jorge Munilla, Alberto Peinado

The increased functionality of EPC Class1 Gen2 (EPCGen2) is making this standard a de facto specification for inexpensive tags in the RFID industry. Recently three EPCGen2 compliant protocols that address security issues were proposed in the literature. In this paper we analyze these protocols and show that they are not secure and subject to replay/impersonation and statistical analysis attacks. We then propose an EPCGen2 compliant RFID protocol that uses the numbers drawn from synchronized...

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.