Kevin Atighehchi

Towards fully incremental cryptographic schemes

This paper focus on incremental cryptographic schemes that solve the privacy problem introduced by Bellare, Goldreich and Goldwasser. To our knowledge, none of the schemes designed so far provide simultaneously strong privacy guarantees and byte-wise incremental operations. We propose a new method that extends a block-wise incremental cryptographic scheme into a fully byte-wise incremental one while keeping good performances. This one insures the property of perfect privacy with the same average overhead for both the size of the cryptographic form and the number of operations to perform when applying the conjugate algorithm.

Optimization of Tree Modes for Parallel Hash Functions: A Case Study

This paper focuses on parallel hash functions based on tree modes of operation for an inner Variable-Input-Length function. This inner function can be either a single-block-length (SBL) and prefix-free MD hash function, or a sponge-based hash function. We discuss the various forms of optimality that can be obtained when designing parallel hash functions based on trees where all leaves have the same depth. The first result is a scheme which optimizes the tree topology in order to decrease the running time. Then, without affecting the optimal running time we show that we can slightly change the corresponding tree topology so as to minimize the number of required processors as well. Consequently, the resulting scheme decreases in the first place the running time and in the second place the number of required processors.

Asymptotic Analysis of Plausible Tree Hash Modes for SHA-3

Discussions about the choice of a tree hash mode of operation for a standardization have recently been undertaken. It appears that a single tree mode cannot address adequately all possible uses and specifications of a system. In this paper, we review the tree modes which have been proposed, we discuss their problems and propose remedies. We make the reasonable assumption that communicating systems have different specifications and that software applications are of different types (securing stored content or live-streamed content). Finally, we propose new modes of operation that address the resource usage problem for the three most representative categories of devices and we analyse their asymptotic behavior.

New models for efficient authenticated dictionaries

We propose models for data authentication which take into account the behavior of the clients who perform queries. Our models reduce the size of the authenticated proof when the frequency of the query corresponding to a given data is higher. Existing models implicitly assume the frequency distribution of queries to be uniform, but in reality, this distribution generally follows Zipfs law. Our models better reflect reality and the communication cost between clients and the server provider is reduced allowing the server to save bandwidth. The obtained gain on the average proof size compared to existing schemes depends on the parameter of Zipf law. The greater the parameter, the greater the gain. When the frequency distribution follows a perfect Zipfs law, we obtain a gain that can reach 26%. Experiments show the existence of applications for which Zipf parameter is greater than 1, leading to even higher gains. We propose new models for efficient authenticated dictionaries.Our models reduce the average authenticated proof size.Obtained gain reaches 26% when the frequency distribution follows a perfect Zipf.Experiments show even higher gains when Zipf parameter is greater than 1.

Authenticated dictionary based on frequency

We propose a model for data authentication which takes into account the behavior of the clients who perform queries. Our model reduces the size of the authenticated proof when the frequency of the query corresponding to a given data is higher. Existing models implicitly assume the frequency distribution of queries to be uniform, but in reality, this distribution generally follows Zipf’s law. Therefore, our model better reflects reality and the communication cost between clients and the server provider is reduced allowing the server to save bandwith. When the frequency distribution follows Zipf’s law, we obtain a gain of at least 20% on the average proof size compared to existing schemes.

A Cryptographic Keys Transfer Protocol for Secure Communicating Systems

This paper describes a new key forwarding protocol for networks messages exchange which guaranties both authentication of participants and forward security. The protocol lies within the framework of a keys derivation scheme used for spanning tree-based networks messages diffusion where compromising a key in a node involves compromising all derived keys in the corresponding sub tree. A complete specification and full proof of the protocol will be subject of a longer forthcoming conjoint paper.

Arithmetic in finite fields based on the Chudnovsky-Chudnovsky multiplication algorithm

Thanks to a new construction of the so-called Chudnovsky-Chudnovsky multiplication algorithm, we design efficient algorithms for both the exponentiation and the multiplication in finite fields. They are tailored to hardware implementation and they allow computations to be parallelized while maintaining a low number of bilinear multiplications. We give an example with the finite field

Generic Parallel Cryptography for Hashing Schemes

{\mathbb F}_{16^{13}}

An Efficient Parallel Algorithm for Skein Hash Functions.

.

Optimization of Tree Modes for Parallel Hash Functions.

We emphasize that future secure communicating systems, secured mass storages and access policies will require efficient and scalable security algorithms and protocols. More-over, parallelism will be used at quiet low level implementation of software or hardware basic mechanisms for offering efficient support to cryptographic algorithms. In this paper we concentrate on a family of generic schemes for efficient implementation of tree based hash functions. The main reason for designing a parallel algorithm based on a hash tree scheme is to obtain optimal performances when dealing with critical applications which can require tuned implementations for security aspects on multi-core target processors. Indeed, parallelism for cryptographic primitives has become a mandatory feature as imposed also by recent NIST requirements.