Info
- Utilizzare la checkbox di selezione a fianco di ciascun documento per attivare le funzionalità di stampa, invio email, download nei formati disponibili del (i) record.
Advances in cryptology - CRYPTO 2022 . Part III : 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings / / Yevgeniy Dodis and Thomas Shrimpton
| Advances in cryptology - CRYPTO 2022 . Part III : 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings / / Yevgeniy Dodis and Thomas Shrimpton |
| Autore | Dodis Yevgeniy |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer International Publishing, , [2022] |
| Descrizione fisica | 1 online resource (813 pages) |
| Disciplina | 005.8 |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico | Data encryption (Computer science) |
| ISBN | 3-031-15982-9 |
| Formato | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Organization -- Contents - Part III -- Signatures -- .26em plus .1em minus .1emPI-Cut-Choo and Friends: Compact Blind Signatures via Parallel Instance Cut-and-Choose and More -- 1 Introduction -- 1.1 Starting Point: The Basic Boosting Transform -- 1.2 Our Contribution: Improved Boosting Transforms -- 2 Preliminaries -- 3 An Improved Boosting Transform -- 3.1 Overview -- 3.2 Blind Signatures from Linear Function Families -- 3.3 Construction -- 3.4 Security Analysis -- 4 A Concrete Scheme Based on CDH -- 4.1 Overview -- 4.2 Construction -- 4.3 Security Analysis -- 5 A Concrete Scheme Based on RSA -- References -- Idealized Models -- Augmented Random Oracles -- 1 Introduction -- 1.1 Augmented Random Oracles -- 1.2 Best Possible Hash Functions? -- 1.3 Our Results -- 1.4 A Classification of ROM Failures -- 1.5 Discussion: Do We Really Need Another ROM Variant? -- 2 Preliminaries -- 2.1 Cryptosystems and Games -- 2.2 Cryptographic Definitions -- 3 The Augmented Random Oracle Model -- 3.1 The Plain ROM -- 3.2 Augmented Random Oracles -- 3.3 Some Basic Results -- 4 A Case Study: Encrypt-with-Hash -- 4.1 The (Tweaked) EwH Transform -- 4.2 Uninstantiability of EwH -- 4.3 Translation to the AROM -- 4.4 An Improved Uninstantiability -- 4.5 Other Possible Oracles -- 4.6 Overcoming ROM Failures for EwH -- 5 Fujisaki-Okamoto in the AROM -- 5.1 Our CCA-secure Construction -- 6 Fiat-Shamir in the AROM -- 7 On Best Possible Hashing -- 7.1 Incompatibility of the Definitions -- References -- To Label, or Not To Label (in Generic Groups) -- 1 Introduction -- 1.1 Overview of Results -- 1.2 Takeaways -- 1.3 Organization -- 2 Preliminaries and Notation -- 2.1 Games and Cryptosystems -- 2.2 Groups -- 3 Different Generic Group Models -- 3.1 Random Representation (RR)/Shoup Model ch3EC:Shoup97 -- 3.2 Maurer's Model ch3IMA:Maurer05.
3.3 The Type Safe (TS) Model -- 3.4 Examples -- 3.5 Compiling TS to RR -- 3.6 From TS Security to RR Security for Single-Stage Games -- 4 Further Impossibilities in the Type Safe Model -- 4.1 Collision Resistant Domain Extension -- 4.2 Pseudorandom Permutations -- 4.3 Efficient CPA-Secure Encryption for Message Strings -- 5 On the Insecurity of the Type-Safe Model for Multi-stage Games -- 6 TS Un-instantiability -- 6.1 Overview -- 6.2 Our Un-instantiable Construction -- 7 Impossibility of IBE from Generic Groups -- 8 On the Algebraic Group Model -- 8.1 Allowed Games in the AGM -- 8.2 AGM Un-instantiability -- 8.3 Is the AGM Superior to Generic Groups? -- References -- Lower Bound on SNARGs in the Random Oracle Model -- 1 Introduction -- 1.1 Our Results -- 1.2 Related Work -- 2 Techniques -- 2.1 Warmup -- 2.2 Actual Scenario -- 2.3 Completeness -- 2.4 Soundness -- 3 Preliminaries -- 3.1 Notations -- 3.2 Entropy Measures -- 3.3 Randomized Exponential Time Hypothesis -- 3.4 Random Oracles -- 3.5 Non-interactive Arguments in the ROM -- 4 Hitting High-Entropy Distribution Using Product Sets -- 4.1 High-Entropy Distributions Have an (Almost) Uniform Large Projection, Proving Lemma 3 -- 4.2 Hitting Almost Full-Entropy Distributions Using Product Set, Proving Lemma 4 -- 5 Lower Bound on the Length of ROM-SNARGs -- 5.1 Proof of Theorem 13 -- 5.2 Short ROM-SNARGs to Low Query ROM-SNARGs, Proving Lemma 6 -- References -- Lower Bounds -- Time-Space Tradeoffs for Sponge Hashing: Attacks and Limitations for Short Collisions -- 1 Introduction -- 1.1 Detour: The Case of Merkle-Damgård -- 1.2 Our Results -- 1.3 Future Directions -- 1.4 Related Work -- 2 Technical Overview -- 2.1 Attacks -- 2.2 Impossibility Results for Best Attacks -- 3 Preliminaries -- 4 Attacks -- 4.1 Generic Attack for B-Block Collisions -- 4.2 Preprocessing Attack for B=1. 4.3 Time-Space Tradeoffs for Inverting a Restricted Permutation -- 5 Impossibility Results -- 5.1 Advantage Upper Bound for B=1 -- 5.2 Advantage Upper Bound for B=2 -- References -- On Time-Space Tradeoffs for Bounded-Length Collisions in Merkle-Damgård Hashing *-9pt -- 1 Introduction -- 1.1 Our Results -- 1.2 Discussion -- 2 Our Techniques -- 3 Preliminaries -- 4 The Framework: Reducing the Problem to a Multi-instance Collision Finder -- 5 Proving the STB Conjecture for BO(1) -- 5.1 The Compression Argument -- 5.2 Handling Cases [case:newsl]1 to [case:oldsl]4 -- 5.3 Handling Case [case:somerep]5 -- 6 Proving the STB Conjecture for SB T -- References -- Time-Space Lower Bounds for Finding Collisions in Merkle-Damgård Hash Functions -- 1 Introduction -- 1.1 Our Results -- 1.2 Our Techniques -- 1.3 Discussions and Open Problems -- 2 Preliminaries -- 2.1 Merkle-Damågard Hash Functions (MD) -- 2.2 Collision-Resistance Against Auxiliary Input (AI) -- 3 Auxiliary Input Collision Resistance for B=2 Merkle-Damgard -- 4 Auxiliary Input Collision Resistance for B Merkle-Damgard -- 4.1 Proof of Claim 7 -- References -- .26em plus .1em minus .1emSustained Space and Cumulative Complexity Trade-Offs for Data-Dependent Memory-Hard Functions*-10pt -- 1 Introduction -- 1.1 Our Results -- 1.2 Dynamic Graphs and Dynamic Pebbling Games -- 1.3 Trade-Offs for dMHFs -- 1.4 Technical Overview -- 2 Preliminaries -- 2.1 Dynamic Pebbling Notation -- 2.2 Generalized Hoeffding Inequality -- 2.3 Useful Graphs and Their Pebbling Complexity -- 3 A Theoretical MHF with Ideal Trade-Off -- 3.1 The Construction -- 3.2 Lowerbounding Costly Edges -- 3.3 The Trade-Off Between Sustained Space and Cumulative Complexity -- 4 Dynamic EGS -- 4.1 Lowerbounds on Getting Unlucky -- 4.2 The Cost of Getting Unlucky -- 5 Dynamic DRSample -- 5.1 Lowerbounds on Getting Unlucky. 5.2 The Cost of Being Unlucky -- 6 Argon2id -- 6.1 The Trade-Off and Cumulative Complexity -- 7 Open Problems -- References -- Low Communication Complexity Protocols, Collision Resistant Hash Functions and Secret Key-Agreement Protocols -- 1 Introduction -- 1.1 Cryptographic Primitives -- 1.2 Cryptographic Hash Functions -- 1.3 Adversarially Robust Property-Preserving Hash Functions -- 1.4 Secret Key Agreement -- 1.5 Our Results -- 1.6 Related Work -- 1.7 Technical Overview -- 2 Models and Preliminaries -- 2.1 Model Definition -- 2.2 Free Talk Model -- 2.3 Notation -- 2.4 Probability -- 2.5 Collision Resistant Hash Functions -- 2.6 Adversarially Robust Property-Preserving Hash Functions -- 2.7 Secret Key Agreement and Its Amplification -- 3 Collision Resistance and the Preset Public Coins Model -- 3.1 CRHs Imply Succinct Protocols -- 3.2 Succinct Protocols Imply dCRHs -- 4 No Ultra Short Interactive Communication -- 5 Secret Key Agreement from Efficient SM Protocols -- 5.1 Optimal Protocols from SKA -- 5.2 SKA from Near Optimal Protocols -- 6 Conclusions -- References -- Cryptanalysis II -- Accelerating the Delfs-Galbraith Algorithm with Fast Subfield Root Detection -- 1 Introduction -- 2 Preliminaries -- 3 Solver: Optimised Delfs-Galbraith Subfield Searching in X(p, 2) -- 4 Fast Subfield Root Detection -- 5 SuperSolver: Optimised Subfield Searching With Fast Subfield Root Detection in X(p, ) -- 6 A Worked Example -- 7 Implementation Results -- References -- Secret Can Be Public: Low-Memory AEAD Mode for High-Order Masking -- 1 Introduction -- 1.1 Low-Memory AEAD for Masking -- 1.2 Summary of Contributions -- 1.3 Related Work -- 2 Preliminaries -- 3 Design of AEAD Mode for High-Order Masking -- 3.1 Intuition and Design of HOMA -- 3.2 Specification of HOMA -- 3.3 Protected and Unprotected Values of HOMA -- 4 Security Claim and Proof of HOMA. 4.1 AE Security for Masking -- 4.2 AEL-Security of HOMA -- 4.3 Proof of Theorem 1 -- 5 A TBC Optimized for HOMA -- 5.1 SKINNY64 and SKINNYe with TK4 -- 5.2 Elastic-Tweak Framework for Small Tweaks -- 5.3 Design Approach of SKINNYee -- 5.4 Specifications of SKINNYee -- 5.5 Design Rationale -- 5.6 Security Analysis Against Various Cryptanalyses -- 6 Implementation -- 6.1 Targets and Design Policy -- 6.2 Masked S-box Implementation -- 6.3 Hardware Design -- 6.4 Performance Evaluation and Comparison -- 7 Conclusions -- References -- Partial Key Exposure Attacks on BIKE, Rainbow and NTRU -- 1 Introduction -- 2 Preliminaries -- 2.1 Key Exposure Models -- 2.2 Decoding -- 3 BIKE -- 3.1 Standard Format Keys -- 3.2 Compact Format Keys -- 3.3 Practical Attacks on BIKE -- 4 Rainbow -- 4.1 Attack Strategy -- 4.2 Fq-Errors and -Erasures -- 4.3 Practical Attacks on Rainbow -- 5 NTRU -- 5.1 Fq-Errors and -Erasures -- 5.2 Practical Attacks on NTRU -- References -- Improving Support-Minors Rank Attacks: Applications to GeMSS and Rainbow -- 1 Introduction -- 2 Preliminaries -- 2.1 Notation -- 2.2 Relevant Material for the Attack on GeMSS -- 2.3 Relevant Material on Rainbow for Section8.3 -- 3 Support-Minors Modeling (SM) -- 4 Improved Attack on GeMSS Using Support-Minors -- 4.1 Fixing Variables in the Support-Minors System -- 4.2 Solving via Gröbner Bases when n' 2d+1 -- 5 Complexity of the Attack -- 5.1 Time Complexity of Step 1 -- 5.2 Time Complexity of Step 2 -- 5.3 Memory Cost -- 6 Application to GeMSS and pHFEv- Parameter Sets -- 7 Experiments for Step 1 -- 8 Memory Management Strategy for the Support-Minors Equations Within Block Wiedemann -- 8.1 Hashing Strategy on the Main Memory -- 8.2 Memory Savings from Our Approach -- 8.3 Application to the Rainbow Rectangular MinRank Attack ch13uovspsbeullens -- 9 Conclusion -- References -- Distributed Algorithms. log*-Round Game-Theoretically-Fair Leader Election. |
| Record Nr. | UNINA-9910616356203321 |
Dodis Yevgeniy
|
||
| Cham, Switzerland : , : Springer International Publishing, , [2022] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Advances in cryptology - CRYPTO 2022 . Part I : 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings / / Yevgeniy Dodis and Thomas Shrimpton
| Advances in cryptology - CRYPTO 2022 . Part I : 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings / / Yevgeniy Dodis and Thomas Shrimpton |
| Autore | Dodis Yevgeniy |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer, , [2022] |
| Descrizione fisica | 1 online resource (822 pages) |
| Disciplina | 005.8 |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico |
Computer security
Data encryption (Computer science) |
| ISBN | 3-031-15802-4 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Organization -- Contents - Part I -- Cryptanalysis I -- Rotational Differential-Linear Distinguishers of ARX Ciphers with Arbitrary Output Linear Masks -- 1 Introduction -- 2 Notations and Preliminaries -- 2.1 Modulo Addition with an Initial Carry Bit -- 2.2 Useful Partitions of F2k F2k -- 3 Ordinary Differential-Linear Correlation of -- 4 Rotational Differential-Linear Correlation of -- 5 Computing the (Rotational) Differential-Linear Correlation of Iterative ARX Primitives -- 6 Applications to ARX Primitives -- 6.1 Cryptanalysis of Alzette -- 6.2 Cryptanalysis of SipHash -- 6.3 Cryptanalysis of SPECK -- 6.4 Cryptanalysis of ChaCha -- 7 Conclusion, Discussion, and Open Problems -- References -- Implicit White-Box Implementations: White-Boxing ARX Ciphers -- 1 Introduction -- 1.1 Contributions -- 2 Preliminaries -- 2.1 Implicit Functions, Self-equivalences and Graph Automorphisms -- 2.2 Encoded Implementations -- 3 Implicit White-Box Implementations -- 3.1 Quasilinear Implicit Round Functions -- 4 Security Analysis -- 4.1 Previous Generic Attacks -- 4.2 Reducing Implicit Implementations to Self-equivalence Implementations -- 5 Self-equivalences of Modular Addition -- 5.1 Computing Self-equivalences from a CCZ-Equivalent Function -- 5.2 Self-equivalences and Graph Automorphisms of the Permuted Modular Addition -- 6 An Implicit Implementation of an ARX Cipher -- 7 Conclusion -- A Affine Self-equivalences of the Permuted Modular Addition with Wordsize 4 -- References -- Superposition Meet-in-the-Middle Attacks: Updates on Fundamental Security of AES-like Hashing -- 1 Introduction -- 1.1 Our Contribution -- 2 AES-like Hashing and MITM Preimage Attacks -- 3 MILP Model for the Configuration Search -- 3.1 Basic MILP Model for MITM -- 3.2 Superposition States and Separate Attribute-Propagation.
3.3 Multiple Ways of AddRoundKey (MulAK) -- 3.4 Enhanced Model with Guess-and-Determine (GnD) -- 3.5 Transforming to Models for Searching for Collision Attacks -- 3.6 Exploit Symmetry of the Ciphers -- 4 Application to Preimage Attacks on Whirlpool -- 4.1 New Attacks Resulted from Applying the MILP Modeling -- 4.2 Discussions on the New Attacks -- 5 Application to Preimage Attacks on Grøstl -- 5.1 New Attacks Resulted from Applying the MILP Modeling -- 5.2 Discussions on the New Attacks -- 6 Applications to Collision and Key-Recovery Attacks -- References -- Triangulating Rebound Attack on AES-like Hashing -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Novelty and Comparison with Previous Works -- 2 Preliminaries -- 2.1 AES-like Hashing -- 2.2 The Rebound Attack -- 2.3 The Super-Sbox Technique -- 2.4 Triangulation Algorithm -- 2.5 Collision Attacks and Its Variants -- 3 Triangulating Rebound Attack -- 3.1 Solving Non-full-active Super-Sbox by Key Bytes -- 3.2 Connecting Multiple Inbound Phases by Key Bytes -- 3.3 The Triangulating Rebound Attack -- 4 Improved Collision Attacks on AES-128-MMO -- 4.1 Semi-free-start Collision Attack on 7-Round AES-128 -- 4.2 Semi-free-start Collision Attack on 8-Round AES-128-MMO -- 4.3 Quantum Collision Attack on 8-Round AES-128 -- 5 Improved Quantum Attacks on Saturnin-Hash -- 5.1 Improved 8-Round Quantum Free-Start Collision -- 5.2 Extend the Attack to 10-round Free-Start Collision -- 6 Quantum Collision Attack on SKINNY-128-384-MMO -- 6.1 21-Round Quantum Free-Start Collision Attack -- 6.2 Classic Free-Start Collision Attack on 19-Round -- 7 Discussion and Conclusion -- 7.1 Possible Generalization of Triangulating Rebound -- 7.2 Conclusion -- References -- Randomness -- Public Randomness Extraction with Ephemeral Roles and Worst-Case Corruptions -- 1 Introduction -- 1.1 The Motivation Behind Our Setting. 1.2 Other Related Work -- 1.3 Our Contributions -- 1.4 Technical Overview -- 1.5 Directions for Future Research -- 2 Network Models for Randomness Extraction -- 2.1 The Sending-Leaks Adversarial Model -- 2.2 The Execution-Leaks Adversarial Model -- 3 Zero-Error Randomness Extraction Protocols -- 3.1 Zero-Error Randomness Extraction in the Sending-Leaks Model -- 3.2 Improved Zero-Error Randomness Extraction in the Execution-Leaks Model -- 4 Low-Error Randomness Extraction Is Impossible with n/4 Corruptions -- References -- (Nondeterministic) Hardness vs. Non-malleability -- 1 Introduction -- 1.1 Hardness Assumptions for Nondeterministic and i-Circuits -- 1.2 Our Results-Included in This Work -- 1.3 Our Results-Included in the Full Version ch6ePrint:BalDacLos22 -- 1.4 Technical Overview -- 1.5 Related Work -- 2 Preliminaries -- 2.1 Complexity Classes and Assumptions -- 2.2 Non-malleable Codes -- 2.3 Seed-Extending Pseudorandom Generators -- 3 A Non-malleable Code for Small Circuit Tampering -- References -- Short Leakage Resilient and Non-malleable Secret Sharing Schemes -- 1 Introduction -- 1.1 Our Results -- 1.2 Technical Overview -- 1.3 Related Work -- 1.4 Organization of the Paper -- 2 Preliminaries -- 2.1 Notation -- 2.2 Statistical Distance and Entropy - Definitions and Lemmata -- 2.3 Randomness Extractors -- 2.4 Secret Sharing Schemes -- 3 Leakage Resilient Secret Sharing Schemes -- 3.1 Local Leakage Family -- 3.2 Construction -- 3.3 Security Proof -- 3.4 Parameters -- 4 Non-malleable Secret Sharing Schemes -- 4.1 Building Blocks -- 4.2 Our Construction -- 4.3 Instantiation of Our Scheme -- References -- *-6ptCryptography from Pseudorandom Quantum States -- 1 Introduction -- 1.1 Our Results -- 1.2 Discussion: Why Explore a World Without One-Way Functions? -- 1.3 Technical Overview -- 1.4 Future Directions -- 2 Pseudorandom States. 2.1 Pseudorandom Function-Like State (PRFS) Generators -- 2.2 Testing Pseudorandom States -- 3 Constructing PRFS from PRS -- 4 Quantum Pseudo One-Time Pad from PRFS -- 5 Quantum Bit Commitments from PRFS -- 5.1 Definition -- 5.2 Construction -- 5.3 Application: Secure Computation -- References -- Quantum Cryptography I -- .26em plus .1em minus .1emCertified Everlasting Zero-Knowledge Proof for QMA*-10pt -- 1 Introduction -- 1.1 Background -- 1.2 Our Results -- 1.3 Technical Overview -- 1.4 Related Works -- 2 Preliminaries -- 2.1 Notations -- 2.2 Quantum Computation -- 2.3 QMA and k-SimQMA -- 2.4 Cryptographic Tools -- 3 Commitment with Certified Everlasting Hiding and Classical-Extractor-Based Binding -- 3.1 Definition -- 3.2 Construction -- 4 Certified Everlasting Zero-Knowledge Proof for QMA -- 4.1 Definition -- 4.2 Construction of Three Round Protocol -- 4.3 Sequential Repetition for Certified Everlasting Zero-Knowledge Proof for QMA -- References -- Quantum Commitments and Signatures Without One-Way Functions -- 1 Introduction -- 1.1 Background -- 1.2 Our Results -- 1.3 Technical Overviews -- 1.4 Concurrent Work -- 2 Preliminaries -- 2.1 Basic Notations -- 2.2 Pseudorandom Quantum States Generators -- 3 Commitments -- 3.1 Definition -- 3.2 Construction -- 3.3 Computational Hiding -- 3.4 Statistical Binding -- 4 Digital Signatures -- 4.1 One-Way Quantum States Generators -- 4.2 Definition of Digital Signatures with Quantum Public Keys -- 4.3 Construction -- 4.4 Security -- A Making Opening Message Classical -- B Equivalence of Binding Properties -- References -- Semi-quantum Tokenized Signatures -- 1 Introduction -- 1.1 The Advantages of Quantum Signature Tokens -- 1.2 Semi-quantum Tokenized Signatures -- 1.3 Results -- 2 Technical Overview -- 2.1 Semi-quantum CCD Tokens and Fully-quantum Signature Tokens -- 2.2 Signing Coset States by Splitting. 2.3 Proving CCD Security Versus Proving Tokenized Signing Security -- 2.4 Hardness of Concentration in Dual of Obfuscated Subspace -- 3 Semi-quantum Tokenized Signatures Construction -- 3.1 Correctness and Security Against Sabotage -- References -- Secure Multiparty Computation I -- Structure-Aware Private Set Intersection, with Applications to Fuzzy Matching -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Related Work -- 2 Preliminaries -- 2.1 Hamming Correlation Robustness -- 3 Building Blocks -- 3.1 2PC Ideal Functionalities -- 3.2 Function Secret Sharing -- 3.3 Oblivious Key Value Store -- 4 bFSS Constructions -- 4.1 Existing Schemes -- 4.2 New concat Technique for Cross Products -- 4.3 New Spatial Hashing Technique -- 4.4 xor-share Technique -- 5 Structure-Aware PSI from bFSS -- 5.1 Costs -- 5.2 Other Protocols as Instances of Our Framework -- 5.3 bFSS Performance -- 6 Fuzzy PSI Application and Performance -- 6.1 Performance Comparison -- 6.2 Implementation -- 7 Limitation and Open Problems -- References -- .28em plus .1em minus .1emTwo-Round MPC Without Round Collapsing Revisited - Towards Efficient Malicious Protocols*-12pt -- 1 Introduction -- 2 Technical Overview -- 2.1 Multi-party Randomized Encoding -- 2.2 Semi-Malicious Effective-Degree-2 MPRE -- 2.3 MPC for Effective-Degree-2 Functions -- 2.4 Lift Security with Output Substitution -- 2.5 Tensor OLE Correlated Randomness Generation from OT -- 3 Definition of Multi-Party Randomized Encoding -- 4 MPRE for Degree-3 Functions -- 4.1 Background: Semi-honest MPRE for Degree-3 Functions -- 4.2 CDS Encoding -- 4.3 Semi-Malicious MPRE for Degree-3 Functions -- 5 Putting Pieces Together -- References -- More Efficient Dishonest Majority Secure Computation over Z2k via Galois Rings -- 1 Introduction -- 1.1 Our Contribution -- 1.2 Overview of Our Techniques -- 1.3 Related Work. 1.4 Organization of the Paper. |
| Record Nr. | UNISA-996495571903316 |
|
Dodis Yevgeniy
|
||
| Cham, Switzerland : , : Springer, , [2022] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Advances in cryptology - CRYPTO 2022 . Part I : 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings / / Yevgeniy Dodis and Thomas Shrimpton
| Advances in cryptology - CRYPTO 2022 . Part I : 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings / / Yevgeniy Dodis and Thomas Shrimpton |
| Autore | Dodis Yevgeniy |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer, , [2022] |
| Descrizione fisica | 1 online resource (822 pages) |
| Disciplina | 005.8 |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico |
Computer security
Data encryption (Computer science) |
| ISBN | 3-031-15802-4 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Organization -- Contents - Part I -- Cryptanalysis I -- Rotational Differential-Linear Distinguishers of ARX Ciphers with Arbitrary Output Linear Masks -- 1 Introduction -- 2 Notations and Preliminaries -- 2.1 Modulo Addition with an Initial Carry Bit -- 2.2 Useful Partitions of F2k F2k -- 3 Ordinary Differential-Linear Correlation of -- 4 Rotational Differential-Linear Correlation of -- 5 Computing the (Rotational) Differential-Linear Correlation of Iterative ARX Primitives -- 6 Applications to ARX Primitives -- 6.1 Cryptanalysis of Alzette -- 6.2 Cryptanalysis of SipHash -- 6.3 Cryptanalysis of SPECK -- 6.4 Cryptanalysis of ChaCha -- 7 Conclusion, Discussion, and Open Problems -- References -- Implicit White-Box Implementations: White-Boxing ARX Ciphers -- 1 Introduction -- 1.1 Contributions -- 2 Preliminaries -- 2.1 Implicit Functions, Self-equivalences and Graph Automorphisms -- 2.2 Encoded Implementations -- 3 Implicit White-Box Implementations -- 3.1 Quasilinear Implicit Round Functions -- 4 Security Analysis -- 4.1 Previous Generic Attacks -- 4.2 Reducing Implicit Implementations to Self-equivalence Implementations -- 5 Self-equivalences of Modular Addition -- 5.1 Computing Self-equivalences from a CCZ-Equivalent Function -- 5.2 Self-equivalences and Graph Automorphisms of the Permuted Modular Addition -- 6 An Implicit Implementation of an ARX Cipher -- 7 Conclusion -- A Affine Self-equivalences of the Permuted Modular Addition with Wordsize 4 -- References -- Superposition Meet-in-the-Middle Attacks: Updates on Fundamental Security of AES-like Hashing -- 1 Introduction -- 1.1 Our Contribution -- 2 AES-like Hashing and MITM Preimage Attacks -- 3 MILP Model for the Configuration Search -- 3.1 Basic MILP Model for MITM -- 3.2 Superposition States and Separate Attribute-Propagation.
3.3 Multiple Ways of AddRoundKey (MulAK) -- 3.4 Enhanced Model with Guess-and-Determine (GnD) -- 3.5 Transforming to Models for Searching for Collision Attacks -- 3.6 Exploit Symmetry of the Ciphers -- 4 Application to Preimage Attacks on Whirlpool -- 4.1 New Attacks Resulted from Applying the MILP Modeling -- 4.2 Discussions on the New Attacks -- 5 Application to Preimage Attacks on Grøstl -- 5.1 New Attacks Resulted from Applying the MILP Modeling -- 5.2 Discussions on the New Attacks -- 6 Applications to Collision and Key-Recovery Attacks -- References -- Triangulating Rebound Attack on AES-like Hashing -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Novelty and Comparison with Previous Works -- 2 Preliminaries -- 2.1 AES-like Hashing -- 2.2 The Rebound Attack -- 2.3 The Super-Sbox Technique -- 2.4 Triangulation Algorithm -- 2.5 Collision Attacks and Its Variants -- 3 Triangulating Rebound Attack -- 3.1 Solving Non-full-active Super-Sbox by Key Bytes -- 3.2 Connecting Multiple Inbound Phases by Key Bytes -- 3.3 The Triangulating Rebound Attack -- 4 Improved Collision Attacks on AES-128-MMO -- 4.1 Semi-free-start Collision Attack on 7-Round AES-128 -- 4.2 Semi-free-start Collision Attack on 8-Round AES-128-MMO -- 4.3 Quantum Collision Attack on 8-Round AES-128 -- 5 Improved Quantum Attacks on Saturnin-Hash -- 5.1 Improved 8-Round Quantum Free-Start Collision -- 5.2 Extend the Attack to 10-round Free-Start Collision -- 6 Quantum Collision Attack on SKINNY-128-384-MMO -- 6.1 21-Round Quantum Free-Start Collision Attack -- 6.2 Classic Free-Start Collision Attack on 19-Round -- 7 Discussion and Conclusion -- 7.1 Possible Generalization of Triangulating Rebound -- 7.2 Conclusion -- References -- Randomness -- Public Randomness Extraction with Ephemeral Roles and Worst-Case Corruptions -- 1 Introduction -- 1.1 The Motivation Behind Our Setting. 1.2 Other Related Work -- 1.3 Our Contributions -- 1.4 Technical Overview -- 1.5 Directions for Future Research -- 2 Network Models for Randomness Extraction -- 2.1 The Sending-Leaks Adversarial Model -- 2.2 The Execution-Leaks Adversarial Model -- 3 Zero-Error Randomness Extraction Protocols -- 3.1 Zero-Error Randomness Extraction in the Sending-Leaks Model -- 3.2 Improved Zero-Error Randomness Extraction in the Execution-Leaks Model -- 4 Low-Error Randomness Extraction Is Impossible with n/4 Corruptions -- References -- (Nondeterministic) Hardness vs. Non-malleability -- 1 Introduction -- 1.1 Hardness Assumptions for Nondeterministic and i-Circuits -- 1.2 Our Results-Included in This Work -- 1.3 Our Results-Included in the Full Version ch6ePrint:BalDacLos22 -- 1.4 Technical Overview -- 1.5 Related Work -- 2 Preliminaries -- 2.1 Complexity Classes and Assumptions -- 2.2 Non-malleable Codes -- 2.3 Seed-Extending Pseudorandom Generators -- 3 A Non-malleable Code for Small Circuit Tampering -- References -- Short Leakage Resilient and Non-malleable Secret Sharing Schemes -- 1 Introduction -- 1.1 Our Results -- 1.2 Technical Overview -- 1.3 Related Work -- 1.4 Organization of the Paper -- 2 Preliminaries -- 2.1 Notation -- 2.2 Statistical Distance and Entropy - Definitions and Lemmata -- 2.3 Randomness Extractors -- 2.4 Secret Sharing Schemes -- 3 Leakage Resilient Secret Sharing Schemes -- 3.1 Local Leakage Family -- 3.2 Construction -- 3.3 Security Proof -- 3.4 Parameters -- 4 Non-malleable Secret Sharing Schemes -- 4.1 Building Blocks -- 4.2 Our Construction -- 4.3 Instantiation of Our Scheme -- References -- *-6ptCryptography from Pseudorandom Quantum States -- 1 Introduction -- 1.1 Our Results -- 1.2 Discussion: Why Explore a World Without One-Way Functions? -- 1.3 Technical Overview -- 1.4 Future Directions -- 2 Pseudorandom States. 2.1 Pseudorandom Function-Like State (PRFS) Generators -- 2.2 Testing Pseudorandom States -- 3 Constructing PRFS from PRS -- 4 Quantum Pseudo One-Time Pad from PRFS -- 5 Quantum Bit Commitments from PRFS -- 5.1 Definition -- 5.2 Construction -- 5.3 Application: Secure Computation -- References -- Quantum Cryptography I -- .26em plus .1em minus .1emCertified Everlasting Zero-Knowledge Proof for QMA*-10pt -- 1 Introduction -- 1.1 Background -- 1.2 Our Results -- 1.3 Technical Overview -- 1.4 Related Works -- 2 Preliminaries -- 2.1 Notations -- 2.2 Quantum Computation -- 2.3 QMA and k-SimQMA -- 2.4 Cryptographic Tools -- 3 Commitment with Certified Everlasting Hiding and Classical-Extractor-Based Binding -- 3.1 Definition -- 3.2 Construction -- 4 Certified Everlasting Zero-Knowledge Proof for QMA -- 4.1 Definition -- 4.2 Construction of Three Round Protocol -- 4.3 Sequential Repetition for Certified Everlasting Zero-Knowledge Proof for QMA -- References -- Quantum Commitments and Signatures Without One-Way Functions -- 1 Introduction -- 1.1 Background -- 1.2 Our Results -- 1.3 Technical Overviews -- 1.4 Concurrent Work -- 2 Preliminaries -- 2.1 Basic Notations -- 2.2 Pseudorandom Quantum States Generators -- 3 Commitments -- 3.1 Definition -- 3.2 Construction -- 3.3 Computational Hiding -- 3.4 Statistical Binding -- 4 Digital Signatures -- 4.1 One-Way Quantum States Generators -- 4.2 Definition of Digital Signatures with Quantum Public Keys -- 4.3 Construction -- 4.4 Security -- A Making Opening Message Classical -- B Equivalence of Binding Properties -- References -- Semi-quantum Tokenized Signatures -- 1 Introduction -- 1.1 The Advantages of Quantum Signature Tokens -- 1.2 Semi-quantum Tokenized Signatures -- 1.3 Results -- 2 Technical Overview -- 2.1 Semi-quantum CCD Tokens and Fully-quantum Signature Tokens -- 2.2 Signing Coset States by Splitting. 2.3 Proving CCD Security Versus Proving Tokenized Signing Security -- 2.4 Hardness of Concentration in Dual of Obfuscated Subspace -- 3 Semi-quantum Tokenized Signatures Construction -- 3.1 Correctness and Security Against Sabotage -- References -- Secure Multiparty Computation I -- Structure-Aware Private Set Intersection, with Applications to Fuzzy Matching -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Related Work -- 2 Preliminaries -- 2.1 Hamming Correlation Robustness -- 3 Building Blocks -- 3.1 2PC Ideal Functionalities -- 3.2 Function Secret Sharing -- 3.3 Oblivious Key Value Store -- 4 bFSS Constructions -- 4.1 Existing Schemes -- 4.2 New concat Technique for Cross Products -- 4.3 New Spatial Hashing Technique -- 4.4 xor-share Technique -- 5 Structure-Aware PSI from bFSS -- 5.1 Costs -- 5.2 Other Protocols as Instances of Our Framework -- 5.3 bFSS Performance -- 6 Fuzzy PSI Application and Performance -- 6.1 Performance Comparison -- 6.2 Implementation -- 7 Limitation and Open Problems -- References -- .28em plus .1em minus .1emTwo-Round MPC Without Round Collapsing Revisited - Towards Efficient Malicious Protocols*-12pt -- 1 Introduction -- 2 Technical Overview -- 2.1 Multi-party Randomized Encoding -- 2.2 Semi-Malicious Effective-Degree-2 MPRE -- 2.3 MPC for Effective-Degree-2 Functions -- 2.4 Lift Security with Output Substitution -- 2.5 Tensor OLE Correlated Randomness Generation from OT -- 3 Definition of Multi-Party Randomized Encoding -- 4 MPRE for Degree-3 Functions -- 4.1 Background: Semi-honest MPRE for Degree-3 Functions -- 4.2 CDS Encoding -- 4.3 Semi-Malicious MPRE for Degree-3 Functions -- 5 Putting Pieces Together -- References -- More Efficient Dishonest Majority Secure Computation over Z2k via Galois Rings -- 1 Introduction -- 1.1 Our Contribution -- 1.2 Overview of Our Techniques -- 1.3 Related Work. 1.4 Organization of the Paper. |
| Record Nr. | UNINA-9910616383103321 |
|
Dodis Yevgeniy
|
||
| Cham, Switzerland : , : Springer, , [2022] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Advances in cryptology - CRYPTO 2022 . Part III : 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings / / Yevgeniy Dodis and Thomas Shrimpton
| Advances in cryptology - CRYPTO 2022 . Part III : 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings / / Yevgeniy Dodis and Thomas Shrimpton |
| Autore | Dodis Yevgeniy |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer International Publishing, , [2022] |
| Descrizione fisica | 1 online resource (813 pages) |
| Disciplina | 005.8 |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico | Data encryption (Computer science) |
| ISBN | 3-031-15982-9 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Organization -- Contents - Part III -- Signatures -- .26em plus .1em minus .1emPI-Cut-Choo and Friends: Compact Blind Signatures via Parallel Instance Cut-and-Choose and More -- 1 Introduction -- 1.1 Starting Point: The Basic Boosting Transform -- 1.2 Our Contribution: Improved Boosting Transforms -- 2 Preliminaries -- 3 An Improved Boosting Transform -- 3.1 Overview -- 3.2 Blind Signatures from Linear Function Families -- 3.3 Construction -- 3.4 Security Analysis -- 4 A Concrete Scheme Based on CDH -- 4.1 Overview -- 4.2 Construction -- 4.3 Security Analysis -- 5 A Concrete Scheme Based on RSA -- References -- Idealized Models -- Augmented Random Oracles -- 1 Introduction -- 1.1 Augmented Random Oracles -- 1.2 Best Possible Hash Functions? -- 1.3 Our Results -- 1.4 A Classification of ROM Failures -- 1.5 Discussion: Do We Really Need Another ROM Variant? -- 2 Preliminaries -- 2.1 Cryptosystems and Games -- 2.2 Cryptographic Definitions -- 3 The Augmented Random Oracle Model -- 3.1 The Plain ROM -- 3.2 Augmented Random Oracles -- 3.3 Some Basic Results -- 4 A Case Study: Encrypt-with-Hash -- 4.1 The (Tweaked) EwH Transform -- 4.2 Uninstantiability of EwH -- 4.3 Translation to the AROM -- 4.4 An Improved Uninstantiability -- 4.5 Other Possible Oracles -- 4.6 Overcoming ROM Failures for EwH -- 5 Fujisaki-Okamoto in the AROM -- 5.1 Our CCA-secure Construction -- 6 Fiat-Shamir in the AROM -- 7 On Best Possible Hashing -- 7.1 Incompatibility of the Definitions -- References -- To Label, or Not To Label (in Generic Groups) -- 1 Introduction -- 1.1 Overview of Results -- 1.2 Takeaways -- 1.3 Organization -- 2 Preliminaries and Notation -- 2.1 Games and Cryptosystems -- 2.2 Groups -- 3 Different Generic Group Models -- 3.1 Random Representation (RR)/Shoup Model ch3EC:Shoup97 -- 3.2 Maurer's Model ch3IMA:Maurer05.
3.3 The Type Safe (TS) Model -- 3.4 Examples -- 3.5 Compiling TS to RR -- 3.6 From TS Security to RR Security for Single-Stage Games -- 4 Further Impossibilities in the Type Safe Model -- 4.1 Collision Resistant Domain Extension -- 4.2 Pseudorandom Permutations -- 4.3 Efficient CPA-Secure Encryption for Message Strings -- 5 On the Insecurity of the Type-Safe Model for Multi-stage Games -- 6 TS Un-instantiability -- 6.1 Overview -- 6.2 Our Un-instantiable Construction -- 7 Impossibility of IBE from Generic Groups -- 8 On the Algebraic Group Model -- 8.1 Allowed Games in the AGM -- 8.2 AGM Un-instantiability -- 8.3 Is the AGM Superior to Generic Groups? -- References -- Lower Bound on SNARGs in the Random Oracle Model -- 1 Introduction -- 1.1 Our Results -- 1.2 Related Work -- 2 Techniques -- 2.1 Warmup -- 2.2 Actual Scenario -- 2.3 Completeness -- 2.4 Soundness -- 3 Preliminaries -- 3.1 Notations -- 3.2 Entropy Measures -- 3.3 Randomized Exponential Time Hypothesis -- 3.4 Random Oracles -- 3.5 Non-interactive Arguments in the ROM -- 4 Hitting High-Entropy Distribution Using Product Sets -- 4.1 High-Entropy Distributions Have an (Almost) Uniform Large Projection, Proving Lemma 3 -- 4.2 Hitting Almost Full-Entropy Distributions Using Product Set, Proving Lemma 4 -- 5 Lower Bound on the Length of ROM-SNARGs -- 5.1 Proof of Theorem 13 -- 5.2 Short ROM-SNARGs to Low Query ROM-SNARGs, Proving Lemma 6 -- References -- Lower Bounds -- Time-Space Tradeoffs for Sponge Hashing: Attacks and Limitations for Short Collisions -- 1 Introduction -- 1.1 Detour: The Case of Merkle-Damgård -- 1.2 Our Results -- 1.3 Future Directions -- 1.4 Related Work -- 2 Technical Overview -- 2.1 Attacks -- 2.2 Impossibility Results for Best Attacks -- 3 Preliminaries -- 4 Attacks -- 4.1 Generic Attack for B-Block Collisions -- 4.2 Preprocessing Attack for B=1. 4.3 Time-Space Tradeoffs for Inverting a Restricted Permutation -- 5 Impossibility Results -- 5.1 Advantage Upper Bound for B=1 -- 5.2 Advantage Upper Bound for B=2 -- References -- On Time-Space Tradeoffs for Bounded-Length Collisions in Merkle-Damgård Hashing *-9pt -- 1 Introduction -- 1.1 Our Results -- 1.2 Discussion -- 2 Our Techniques -- 3 Preliminaries -- 4 The Framework: Reducing the Problem to a Multi-instance Collision Finder -- 5 Proving the STB Conjecture for BO(1) -- 5.1 The Compression Argument -- 5.2 Handling Cases [case:newsl]1 to [case:oldsl]4 -- 5.3 Handling Case [case:somerep]5 -- 6 Proving the STB Conjecture for SB T -- References -- Time-Space Lower Bounds for Finding Collisions in Merkle-Damgård Hash Functions -- 1 Introduction -- 1.1 Our Results -- 1.2 Our Techniques -- 1.3 Discussions and Open Problems -- 2 Preliminaries -- 2.1 Merkle-Damågard Hash Functions (MD) -- 2.2 Collision-Resistance Against Auxiliary Input (AI) -- 3 Auxiliary Input Collision Resistance for B=2 Merkle-Damgard -- 4 Auxiliary Input Collision Resistance for B Merkle-Damgard -- 4.1 Proof of Claim 7 -- References -- .26em plus .1em minus .1emSustained Space and Cumulative Complexity Trade-Offs for Data-Dependent Memory-Hard Functions*-10pt -- 1 Introduction -- 1.1 Our Results -- 1.2 Dynamic Graphs and Dynamic Pebbling Games -- 1.3 Trade-Offs for dMHFs -- 1.4 Technical Overview -- 2 Preliminaries -- 2.1 Dynamic Pebbling Notation -- 2.2 Generalized Hoeffding Inequality -- 2.3 Useful Graphs and Their Pebbling Complexity -- 3 A Theoretical MHF with Ideal Trade-Off -- 3.1 The Construction -- 3.2 Lowerbounding Costly Edges -- 3.3 The Trade-Off Between Sustained Space and Cumulative Complexity -- 4 Dynamic EGS -- 4.1 Lowerbounds on Getting Unlucky -- 4.2 The Cost of Getting Unlucky -- 5 Dynamic DRSample -- 5.1 Lowerbounds on Getting Unlucky. 5.2 The Cost of Being Unlucky -- 6 Argon2id -- 6.1 The Trade-Off and Cumulative Complexity -- 7 Open Problems -- References -- Low Communication Complexity Protocols, Collision Resistant Hash Functions and Secret Key-Agreement Protocols -- 1 Introduction -- 1.1 Cryptographic Primitives -- 1.2 Cryptographic Hash Functions -- 1.3 Adversarially Robust Property-Preserving Hash Functions -- 1.4 Secret Key Agreement -- 1.5 Our Results -- 1.6 Related Work -- 1.7 Technical Overview -- 2 Models and Preliminaries -- 2.1 Model Definition -- 2.2 Free Talk Model -- 2.3 Notation -- 2.4 Probability -- 2.5 Collision Resistant Hash Functions -- 2.6 Adversarially Robust Property-Preserving Hash Functions -- 2.7 Secret Key Agreement and Its Amplification -- 3 Collision Resistance and the Preset Public Coins Model -- 3.1 CRHs Imply Succinct Protocols -- 3.2 Succinct Protocols Imply dCRHs -- 4 No Ultra Short Interactive Communication -- 5 Secret Key Agreement from Efficient SM Protocols -- 5.1 Optimal Protocols from SKA -- 5.2 SKA from Near Optimal Protocols -- 6 Conclusions -- References -- Cryptanalysis II -- Accelerating the Delfs-Galbraith Algorithm with Fast Subfield Root Detection -- 1 Introduction -- 2 Preliminaries -- 3 Solver: Optimised Delfs-Galbraith Subfield Searching in X(p, 2) -- 4 Fast Subfield Root Detection -- 5 SuperSolver: Optimised Subfield Searching With Fast Subfield Root Detection in X(p, ) -- 6 A Worked Example -- 7 Implementation Results -- References -- Secret Can Be Public: Low-Memory AEAD Mode for High-Order Masking -- 1 Introduction -- 1.1 Low-Memory AEAD for Masking -- 1.2 Summary of Contributions -- 1.3 Related Work -- 2 Preliminaries -- 3 Design of AEAD Mode for High-Order Masking -- 3.1 Intuition and Design of HOMA -- 3.2 Specification of HOMA -- 3.3 Protected and Unprotected Values of HOMA -- 4 Security Claim and Proof of HOMA. 4.1 AE Security for Masking -- 4.2 AEL-Security of HOMA -- 4.3 Proof of Theorem 1 -- 5 A TBC Optimized for HOMA -- 5.1 SKINNY64 and SKINNYe with TK4 -- 5.2 Elastic-Tweak Framework for Small Tweaks -- 5.3 Design Approach of SKINNYee -- 5.4 Specifications of SKINNYee -- 5.5 Design Rationale -- 5.6 Security Analysis Against Various Cryptanalyses -- 6 Implementation -- 6.1 Targets and Design Policy -- 6.2 Masked S-box Implementation -- 6.3 Hardware Design -- 6.4 Performance Evaluation and Comparison -- 7 Conclusions -- References -- Partial Key Exposure Attacks on BIKE, Rainbow and NTRU -- 1 Introduction -- 2 Preliminaries -- 2.1 Key Exposure Models -- 2.2 Decoding -- 3 BIKE -- 3.1 Standard Format Keys -- 3.2 Compact Format Keys -- 3.3 Practical Attacks on BIKE -- 4 Rainbow -- 4.1 Attack Strategy -- 4.2 Fq-Errors and -Erasures -- 4.3 Practical Attacks on Rainbow -- 5 NTRU -- 5.1 Fq-Errors and -Erasures -- 5.2 Practical Attacks on NTRU -- References -- Improving Support-Minors Rank Attacks: Applications to GeMSS and Rainbow -- 1 Introduction -- 2 Preliminaries -- 2.1 Notation -- 2.2 Relevant Material for the Attack on GeMSS -- 2.3 Relevant Material on Rainbow for Section8.3 -- 3 Support-Minors Modeling (SM) -- 4 Improved Attack on GeMSS Using Support-Minors -- 4.1 Fixing Variables in the Support-Minors System -- 4.2 Solving via Gröbner Bases when n' 2d+1 -- 5 Complexity of the Attack -- 5.1 Time Complexity of Step 1 -- 5.2 Time Complexity of Step 2 -- 5.3 Memory Cost -- 6 Application to GeMSS and pHFEv- Parameter Sets -- 7 Experiments for Step 1 -- 8 Memory Management Strategy for the Support-Minors Equations Within Block Wiedemann -- 8.1 Hashing Strategy on the Main Memory -- 8.2 Memory Savings from Our Approach -- 8.3 Application to the Rainbow Rectangular MinRank Attack ch13uovspsbeullens -- 9 Conclusion -- References -- Distributed Algorithms. log*-Round Game-Theoretically-Fair Leader Election. |
| Record Nr. | UNISA-996495571803316 |
|
Dodis Yevgeniy
|
||
| Cham, Switzerland : , : Springer International Publishing, , [2022] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||