Jorge L. Villar

Weighted threshold secret sharing schemes

In a secret sharing scheme, each participant receives a share of a secret in such a way that only authorized subsets can reconstruct the secret. The information rate of a secret sharing scheme is the ratio between the size of the secret and the size of the shares given to the participants. In a weighted threshold scheme each participant has his or her own weight. A subset of participants is authorized to reconstruct the secret if the sum of their weights is greater than or equal to the threshold. This paper deals with weighted threshold schemes, mainly the properties related to the information rate. A complete characterization of the access structures of weighted threshold schemes when all the minimal authorized subsets have at most two elements is presented. Lower bounds for the optimal information rate of these access structures are given.

Identity-Based Encryption with Master Key-Dependent Message Security and Leakage-Resilience

We introduce the concept of identity-based encryption (IBE) with master key-dependent chosen-plaintext (mKDM-sID-CPA) security. These are IBE schemes that remain secure even after the adversary sees encryptions, under some initially selected identities, of functions of the master secret keys. We then show that the Canetti, Halevi and Katz (Eurocrypt 2004) transformation delivers chosen-ciphertext secure key-dependent encryption (KDM-CCA) schemes when applied to mKDM-sID-CPA secure IBE schemes. Previously only one generic construction of KDM-CCA secure public key schemes was known, due to Camenisch, Chandran and Shoup (Eurocrypt 2009), and it required non-interactive zero knowledge proofs (NIZKs). Thus we show that NIZKs are not intrinsic to KDM-CCA public key encryption. As a proof of concept, we are able to instantiate our new concept under the Rank assumption on pairing groups and for affine functions of the secret keys. The scheme is inspired by the work by Boneh, Halevi, Hamburg and Ostrovsky (Crypto 2008). Our instantiation is only able to provide security against single encryption queries, or alternatively, against a bounded number of encryption queries. Secondly, we show that a special parameters setting of our main scheme provides master-key leakage-resilient identity-based encryption against chosen-plaintext attacks. This recently proposed security notion aims at taking into account security against side-channel attacks that only decrease the entropy of the master-key up to a certain threshold. Thirdly, we give new and better reductions between the Rank problem (previously named as Matrix-DDH or Matrix d-Linear problem) and the Decisional Linear problem.

Trading one-wayness against chosen-ciphertext security in factoring-based encryption

We revisit a long-lived folklore impossibility result for factoring-based encryption and properly establish that reaching maximally secure one-wayness (i.e. equivalent to factoring) and resisting chosen-ciphertext attacks (CCA) are incompatible goals for single-key cryptosystems. We pinpoint two tradeoffs between security notions in the standard model that have always remained unnoticed in the Random Oracle (RO) model. These imply that simple RO-model schemes such as Rabin/RW-SAEP[+]/OAEP[+][+], EPOC-2, etc. admit no instantiation in the standard model which CCA security is equivalent to factoring via a key-preserving reduction. We extend this impossibility to arbitrary reductions assuming non-malleable key generation, a property capturing the intuition that factoring a modulus n should not be any easier when given a factoring oracle for moduli n′≠n. The only known countermeasures against our impossibility results, besides malleable key generation, are the inclusion of an additional random string in the public key, or encryption twinning as in Naor-Yung or Dolev-Dwork-Naor constructions.

Detection of Cheaters in Vector Space Secret Sharing Schemes

A perfect secret sharing scheme is a method of distributing shares of a secret among a set P of participants in such a way that only qualified subsets of P can reconstruct the secret from their shares and non-qualified subsets have absolutely no information on the value of the secret. In a secret sharing scheme, some participants could lie about the value of their shares in order to obtain some illicit benefit. Therefore, the security against cheating is an important issue in the implementation of secret sharing schemes. Two new secret sharing schemes in which cheaters are detected with high probability are presented in this paper. The first one has information rate equal to 1/2 and can be implemented not only in threshold structures, but in a more general family of access structures. We prove that the information rate of this scheme is almost optimal among all schemes with the same security requirements. The second scheme we propose is a threshold scheme in which cheaters are detected with high probability even if they know the secret. The information rate is in this case 1/3 In both schemes, the probability of cheating successfully is a fixed value that is determined by the size of the secret.

A Practical Public Key Cryptosystem from Paillier and Rabin Schemes

We propose a practical scheme based on factoring and semantically secure (IND-CPA) in the standard model. The scheme is obtained from a modi.cation of the so called RSA-Paillier [5] scheme. This modification is reminiscent of the ones applied by Rabin [22] and Williams [25] to the well-known RSA cryptosystem. Thanks to the special properties of such schemes, we obtain efficiency similar to that of RSA cryptosystem, provably secure encryption (since recovering plaintext from ciphertext is as hard as factoring) and indistinguishability against plaintext attacks. We also construct a new trapdoor permutation based on factoring, which has interest on its own. Semantic security of the scheme is based on an appropiate decisional assumption, named as Decisional Small 2e-Residues assumption. The robustness of this assumption is also discussed. Compared to Okamoto-Uchiyamas scheme [18], the previous IND-CPA cryptosystem in the standard model with onewayness based on factoring, our scheme is drastically more efficient in encryption, and presents higher bandwith, achieving the same expansion factor as Paillier or El Gamal schemes. We believe the new scheme could be an interesting starting point to develop efficient IND-CCA schemes in the standard model with one-wayness based on factoring.

Intermodulation measurement of nonlinearities in piezoceramic resonators

A method for measuring the nonlinear coefficients of piezoceramic resonators with low signal excitation is presented. It consists of the intermodulation produced by two signals with variable amplitude and closely spaced in frequency at the neighborhood of the resonance, performing the measurement of the intermodulation distortion signals at frequencies near excitation. This method is highly sensitive and allows nonlinear measurements to be taken at relatively low levels, avoiding thermal effects. The module and argument of the nonlinear increase in the impedance can be determined by the analysis of these measurements. This method is compared with other previously used methods, and the advantages of the proposed method are analyzed. The described nonlinear coefficient allows us to understand and foresee the nonlinear behavior near the resonance: amplitude-frequency shift effect, decrease of mechanical quality factor Q, and the jump phenomenon observed in frequency sweeps.

The underlying graph of a line digraph

Abstract The recovery of a line digraph from its underlying graph is considered in this paper. The location of loops and digons are determined, and save for a few exceptions, the solution is unique up to converses. The relation between the automorphism groups of a line digraph and its underlying graph follows as a corollary. The results are applied to de Bruijn and Kautz digraphs.

An Algebraic Framework for Diffie---Hellman Assumptions

We put forward a new algebraic framework to generalize and analyze Diffie–Hellman like decisional assumptions which allows us to argue about security and applications by considering only algebraic properties. Our

Cryptanalysis of a key exchange scheme based on block matrices

\mathcal {D}_{\ell ,k}\text{- }\textsf {MDDH}