Martin Stanek

Efficient Simultaneous Contract Signing

Simultaneous contract signing is a two-party cryptographic protocol: two mutually suspicious parties wish to exchange signatures on a contract. We propose novel and efficient protocol for contract signing based on a construction by Even, Goldreich, and Lempel. We focus on the reduction of on-line computational complexity of the protocol. A significant part of the most time-consuming operations can be pre-computed. An important component used in our protocol is an efficient oblivious transfer, which can be of interest per se.

Analysis of dictionary methods for PIN selection

Personal Identification Numbers (PINs) are commonly used as an authentication mechanism. An important security requirement is that PINs should be hard to guess. On the other hand, remembering several random PINs can be difficult task for a user. We evaluate several dictionary-based methods of choosing the PIN. To assess their resistance to guessing attacks, we use entropy, covering of the PIN space, guesswork, marginal guesswork, and marginal success rate metrics. With respect to these metrics, most of the evaluated methods are far from ideal ones. Positive results are obtained by a more involved morphing method, and the technique of the reduced dictionary. We also discuss two methods for constructing easy to remember PIN words for randomly chosen PINs.

Unpuzzling Puzzle (analysis of a video encryption algorithm)

We analyze recently proposed encryption algorithm Puzzle, aimed at efficient (real time) encryption of video streams. We show some weaknesses in the generation of components used for encryption. Moreover, we present a known plaintext attack on Puzzle. Some ideas on design of video encryption algorithms are discussed as well

A Note on Security Protocol for Multicast Communications

We show that the protocol recently proposed in [2] for securing multicast communication is completely insecure.

Threshold encryption into multiple ciphertexts

We propose (T ,N ) multi-ciphertext scheme for symmetric encryption. The scheme encrypts a message into N distinct ciphertexts. The knowledge of the symmetric key allows decryption of the original message from any ciphertext. Moreover, knowing T +1 ciphertexts allows efficient recovery of the original message without the key, and without revealing the key as well. We define the security property of the scheme, and prove the security of the proposed scheme. We discuss several variants of the basic scheme that provides additional authenticity and efficiency.

Analysis of fast blockcipher-based hash functions

An important property of a hash function is the performance. We study fast iterated hash functions based on block ciphers. These hash functions and their compression functions are analyzed in the standard black-box model. We show an upper bound on rate of any collision resistant hash function. In addition, we improve known bound on the rate of collision resistant compression functions.

Generating cryptographically strong Boolean functions using partial information

In our paper we study the usage of partially defined Boolean functions (PDBFs) for generating cryptographically strong Boolean functions. A PDBF can be considered as a Boolean function with some undefined (unknown) values, i.e. its values are from the set 0,1,?. We generalize certain cryptographic properties to PDBFs, such as balancedness, nonlinearity and propagation characteristics. It is shown that usual relationships among properties hold for these generalizations as well. We apply these results to methods for generating cryptographically strong Boolean functions. We focus on greedy approach and test it in various settings. The paper compares obtained results with other methods.

Memory-only selection of dictionary PINs

We estimate the security of dictionary-based PINs (Personal Identification Numbers) that a user selects from his/her memory without any additional aids. The estimates take into account the distribution of words in source language. We use established security metrics, such as entropy, guesswork, marginal guesswork and marginal success rate. The metrics are evaluated for various scenarios -- aimed at improving the security of the produced PINs. In general, plain and straightforward construction of memory-only dictionary PINs yields unsatisfactory results and more involved methods must be used to produce secure PINs.

Attacking M&M Collective Signature Scheme

A collective signature scheme aims to solve the problem of signing a message by multiple signers. Recently, Moldovyan and Moldovyan proposed a scheme for collective signatures based on Schnorr signatures. We show some security weaknesses of the scheme.

Fast contract signing with batch oblivious transfer

Oblivious transfer protocol is a basic building block of various cryptographic constructions. We propose a novel protocol – batch oblivious transfer. It allows efficient computation of multiple instances of oblivious transfer protocols. We apply this protocol to improve the fast simultaneous contract signing protocol, recently proposed in [11], which gains its speed from computation of time-consuming operations in advance. Using batch oblivious transfer, a better efficiency can be achieved.