#diffie hellman

The DH key exchange is a method by which two entities may establish a so-called ‘shared secret’ which can be used to facilitate secured communication over an unsecured line. It exploits what are essentially shared arbitrarily long primes to mutually agree on a third, secret prime in such a way that any eavesdroppers cannot derive that third prime.

Included below are a series of slides from University of TX, Austin, as well as a YouTube video posted by Computerphile on the DH key exchange.

U of Tx : Dr. Bill Young, https://www.cs.utexas.edu/~byoung/cs361/lecture52.pdf

In dieser Einheit sollen die Teilnehmer die Grundlagen hinter moderner Kryptographie Kennenlernen und verstehen.

Asymmetrische Verschlüsselung, Private-Public-Keys und Zertifikate sind ebenfalls Bestandteil der Einheit. (more…)

<span class=”paragraphSection”><div class=”boxTitle”>Abstract</div>Certificate-based cryptography is a novel cryptographic primitive that has many attractive merits. It solves the certificate revocation problem in conventional public key cryptography and overcomes the key-escrow problem in identity-based cryptography. Recently, Li <span style=”font-style:italic;”>et al</span>. presented a certificate-based key-insulated signature (CBKIS) scheme in the standard model. However, their scheme suffers from a security vulnerability caused by the malicious certification authority (CA) attack. Our cryptanalysis shows that a malicious CA is able to break its unforgeability by implanting some trapdoors in the public system parameters. To remedy the security weakness in Li <span style=”font-style:italic;”>et al</span>.’s scheme, we put forward an improved CBKIS scheme. Under the complexity assumption of the square computational Diffie–Hellman problem, the improved scheme is proven to be existentially unforgeable in the standard model. Compared with the original CBKIS scheme proposed by Li <span style=”font-style:italic;”>et al</span>., it enjoys better performance while offering stronger security guarantee as it can resist the malicious CA attack.</span> Source: Oxford Journals

<span class=”paragraphSection”><div class=”boxTitle”>Abstract</div>In recent years, much attention has been focused on designing provably secure public-key encryption (PKE) scheme in the presence of key-leakage. However, most of them are researched in the bounded-leakage model, and cannot keep their claimed security in the continuous leakage setting. What’s more, most of traditional leakage-resilient PKE schemes cannot ensure that all of elements in ciphertext are random from the adversary’s view, and any polynomial time adversary can get leakage on the secret key from the corresponding ciphertext. But, in the real world, an adversary can trivially break the security of PKE scheme under the continuous leakage attacks. To get an efficient PKE scheme which can keep its original security in the continuous-leakage model, we propose a new construction of chosen-ciphertext attacks secure PKE scheme, and whose security is based on the hardness of the classical decisional Diffie–Hellman assumption and the target collision resistance of the hash function. Our method not only can tolerate continuous leakage attacks on the secret key through key update operation, but also enjoys better performances, such as the round leakage parameter λC≤logq−ω(logk) (<span style=”font-style:italic;”>k</span> is the security parameter, <span style=”font-style:italic;”>q</span> is a big prime order of the underlying group.) is independent of the plaintext space, and has the constant size, also, any polynomial time adversary unable to obtain leakage on the secret key from the corresponding ciphertext, etc. Because of these good performance features, our proposal may have some significant value in the practical applications.</span> Source: Oxford Journals

In recent years, much attention has been focused on designing provably secure public-key encryption (PKE) scheme in the presence of key-leakage. However, most of them are researched in the bounded-leakage model, and cannot keep their claimed security in the continuous leakage setting. What’s more, most of traditional leakage-resilient PKE schemes cannot ensure that all of elements in ciphertext are random from the adversary’s view, and any polynomial time adversary can get leakage on the secret key from the corresponding ciphertext. But, in the real world, an adversary can trivially break the security of PKE scheme under the continuous leakage attacks. To get an efficient PKE scheme which can keep its original security in the continuous-leakage model, we propose a new construction of chosen-ciphertext attacks secure PKE scheme, and whose security is based on the hardness of the classical decisional Diffie–Hellman assumption and the target collision resistance of the hash function. Our method not only can tolerate continuous leakage attacks on the secret key through key update operation, but also enjoys better performances, such as the round leakage parameter C≤logq–(logk) (k is the security parameter, q is a big prime order of the underlying group.) is independent of the plaintext space, and has the constant size, also, any polynomial time adversary unable to obtain leakage on the secret key from the corresponding ciphertext, etc. Because of these good performance features, our proposal may have some significant value in the practical applications.

Source: Oxford Journals

We present a public key encryption scheme for relational databases (PKDE) that allows the owner to control the execution of cross-relation joins on an outsourced server. The scheme allows anyone to deposit encrypted records in a database on the server. Thereafter, the database owner may authorize the server to join any two relations to identify matching records across them, while preventing self-joins that would reveal information on records that are unmatched in the join. The security of our construction is formally proved in the random oracle model based on the computational bilinear Diffie–Hellman assumption. Specifically, before a relation is joined, its encrypted records enjoy indistinguishability under adaptively chosen ciphertext attacks (CCA2) security; after a join, our scheme offers One-Way CCA2 security protection on the records. Our PKDE construction is shown to outperform the only existing work, both in security guarantee and in efficiency.

Source: Oxford Journals

The main goal of introducing an identity-based cryptosystem and certificateless cryptosystem was avoiding certificates’ management costs. In turn, the goal of introducing a certificate-based cryptosystem was to solve the certificate revocation problem. In this paper, we propose a new digital Implicit and Explicit Certificates-Based Hess’s Signature (IE-CBHS) scheme that combines the features of a standard public key infrastructure (PKI) and certificate-based cryptosystem. Our IE-CBHS scheme is an efficient certificates-based signature. The security analysis proves that the scheme is secure against two game attacks in the random oracle model. The security is closely related to the difficulty of solving the computational Diffie–Hellman and discrete logarithm problems. The IE-CBHS scheme, when compared with other signature schemes, has similar efficiency and is both more flexible and more useful in practice. It is possible to revoke the explicit certificate and use that fact during digital signature verification. Thus, our scheme is useful in applications where typical mechanisms of standard PKI are used. One of many important security features is resistance to denial of signature verification attack. Also, it is impossible for a trusted authority to recreate a partial private key, even with cooperation with the signer.

Source: Oxford Journals