Vishal Saraswat

Anonymous Signatures Revisited

We revisit the notion of the anonymous signature, first formalized by Yang, Wong, Deng and Wang [10], and then further developed by Fischlin [4] and Zhang and Imai [11]. We present a new formalism of anonymous signature, where instead of the message, a part of the signature is withheld to maintain anonymity. We introduce the notion unpretendability to guarantee infeasibility for someone other than the correct signer to pretend authorship of the message and signature. Our definition retains applicability for all previous applications of the anonymous signature, provides stronger security, and is conceptually simpler. We give a generic construction from any ordinary signature scheme, and also show that the short signature scheme by Boneh and Boyen [2] can be naturally regarded as such a secure anonymous signature scheme according to our formalism.

Remote cache-timing attacks against AES

We present a cache-timing attack on the Advanced Encryption Standard (AES) [14] with the potential to be applied remotely and develop an evaluation framework for comparing the relative performance of the attacks under various simulated network conditions. We examine Bernsteins original AES cache-timing attack [3], and its variants [6, 12, 10]. We conduct an analysis of network noise and develop a hypothesis fishing concept in order to reduce the number of samples required to recover a key in our implementation of the attacks of [3]. Our rough estimate for the number of samples required is about 2 × 109 which is comparable to the estimate 4 × 109 of our month-long experiment using Bernsteins technique [3].

Practical and secure integrated PKE+PEKS with keyword privacy

Public-key encryption with keyword search (PEKS) schemes are useful to delegate searching capabilities on encrypted data to a third party, who does not hold the entire secret key, but only an appropriate token which allows searching operations but preserves data privacy. We propose an efficient and practical integrated public-key encryption (PKE) and public-key encryption with keyword search (PEKS) scheme (PKE+PEKS) which we prove to be secure in the strongest security notion for PKE+PEKS schemes. In particular, we provide a unified security proof of its joint CCA-security in standard model. The security of our scheme relies on Symmetric eXternal Diffie-Hellman (SXDH) assumption which is a much simpler and more standard hardness assumption than the ones used in most of the comparable schemes. Ours is the first construction to use asymmetric pairings which enable an extremely fast implementation useful for practical applications. Finally we compare our scheme with other proposed integrated PKE+PEKS schemes and provide a relative analysis of its efficiency.

A Secure Anonymous Proxy Signcryption Scheme

Abstract We introduce a new cryptographic primitive identity-based anonymous proxy signcryption which provides anonymity to the proxy sender while also providing a mechanism to the original sender to expose the identity of the proxy sender in case of misuse. We introduce a formal definition of an identity-based anonymous proxy signcryption (IBAPS) scheme and give a security model for it. We also construct an IBAPS scheme and prove its security under the discrete logarithm assumption and computational Diffie–Hellman assumption. Moreover, we do an efficiency comparison with the existing identity-based signcryption schemes and anonymous signcryption schemes and show that our scheme is much more efficient than those schemes, we also compare the efficiency of our scheme with the available proxy signcryption schemes and show that our scheme provides anonymity to the proxy sender at cost less than those of existing proxy signcryption schemes.

An Evaluation of Lightweight Block Ciphers for Resource-Constrained Applications: Area, Performance, and Security

In March 2017, NIST (National Institute of Standards and Technology) has announced to create a portfolio of lightweight algorithms through an open process. The report emphasizes that with emerging applications like automotive systems, sensor networks, healthcare, distributed control systems, the Internet of Things (IoT), cyber-physical systems, and the smart grid, a detailed evaluation of the so called light-weight ciphers helps to recommend algorithms in the context of profiles, which describe physical, performance, and security characteristics. In recent years, a number of lightweight block ciphers have been proposed for encryption/decryption of data which makes such choices complex. Each such cipher offers a unique combination of resistance to classical cryptanalysis and resource-efficient implementations. At the same time, these implementations must be protected against implementation-based attacks such as side-channel analysis. In this paper, we present a holistic comparison study of four lightweight block ciphers, PRESENT, SIMON, SPECK, and KHUDRA, along with the more traditional Advanced Encryption Standard (AES). We present a uniform comparison of the performance and efficiency of these block ciphers in terms of area and power consumption, on ASIC and FPGA-based platforms. Additionally, we also compare the amenability to side-channel secure implementations for these ciphers on ASIC-based platforms. Our study is expected to help designers make suitable choices when securing a given application, across a wide range of implementation platforms.

A secure anonymous proxy multi-signature scheme

Proxy signature scheme enables a signer to delegate its signing rights to any other user, called the proxy signer, to produce a signature on its behalf. In a proxy multi-signature scheme, the proxy signer can produce one single signature on behalf of multiple original signers. We propose an efficient and provably secure threshold-anonymous identity-based proxy multi-signature (IBPMS) scheme which provides anonymity to the proxy signer while also providing a threshold mechanism to the original signers to expose the identity of the proxy signer in case of misuse. The proposed scheme is proved secure against adaptive chosen-message and adaptive chosen-ID attacks under the computational Diffie-Hellman assumption. We compare our scheme with the recently proposed anonymous proxy multi-signature scheme and other ID-based proxy multi-signature schemes, and show that our scheme requires significantly less operation time in the practical implementation and thus it is more efficient in computation than the existing schemes.

Short Integrated PKE+PEKS in Standard Model

At SeCrypt 2015, Buccafurri et al. [BLSS15] presented an integrated public-key encryption (PKE) and public-key encryption with keyword search (PEKS) scheme (PKE+PEKS) whose security relies on the Symmetric eXternal Diffie-Hellman (SXDH) assumption but they did not provide a security proof. We present a construction of PKE+PEKS and prove its security in the standard model under the SXDH assumption. We prove that our scheme is both IND-PKE-CCA secure, that is, it provides message confidentiality against an adaptive chosen ciphertext adversary, and IND-PEKS-CCA secure, that is, it provides keyword privacy against an adaptive chosen ciphertext adversary. Ours is the first secure PKE+PEKS construction to use asymmetric pairings which enable an extremely fast implementation useful for practical applications. Our scheme has much shorter ciphertexts than the scheme in [BLSS15] and all other publicly known PKE+PEKS schemes. Finally, we compare our scheme with other proposed PEKS and integrated PKE+PEKS schemes and provide a relative analysis of various parameters including assumption, security and efficiency.

An Offline Outdoor Navigation System with Full Privacy.

GPS navigation systems are a potential threat to user privacy in case of curious providers, espionage and many other aspects. Users tend to place blind trust into GPS applications without realizing the ease at which the GPS can be spoofed or their position compromised via either the hardware or software. Thus, when a high level of privacy assurance is required, the GPS should be completely switched off. This paper presents an efficient method, a smartphone-based alternative solution, for an outdoor offline navigation system, which works in the absence of GPS, wireless, and cellular signals. The proposed approach exploits the various digital and mathematical resources present to use DEM data and sensor data to minimize errors in the calculated position

Efficient Proxy Signature Scheme from Pairings

A proxy signature enables an entity to transfer its signing rights to another entity, called the proxy signer, without actually sharing its signing key. Most of the proxy signatures in literature have been designed using bilinear pairing on the elliptic curve group with the aim of providing either the property of being identity-based or efficiency or security. But almost all of these schemes do not provide all these three desirable properties together and most of the identity-based proxy signature (IBPS) schemes are either too inefficient or their security is based on non-standard assumptions to have practical significance. In this paper, we propose an efficient and provably secure identity-based proxy signature scheme from bilinear pairing based on a standard assumption, the hardness of the computational Diffie-Hellman problem. The proposed scheme is secure against existential forgery on adaptive chosen-message and adaptive chosen-ID attack in the random oracle model. Moreover, we do an efficiency analysis and show that our scheme is significantly more efficient in the view of computation and operation time than the existing similar schemes.

Adaptively Secure Strong Designated Signature

Almost all the available strong designated verifier signature (SDVS) schemes are either insecure or inefficient for practical implementation. Hence, an efficient and secure SDVS algorithm is desired. In this paper, we propose an efficient strong designated verifier signature on identity-based setting, we call it ID-SDVS scheme. The proposed scheme is strong existentially unforgeable against adaptive chosen message and adaptive chosen identity attack under standard assumptions, the hardness of the decisional and computational Bilinear Diffie-Hellman Problem (BDHP). Though the unverifiability by a non-designated verifier and the strongness are essential security properties of a SDVS, the proofs for these properties are not provided in most of the literature on SDVS we reviewed. We provide the proofs of unverifiability and of strongness of the proposed scheme. Moreover, we show that the proposed scheme is significantly more efficient in the view of computation and operation time than the existing similar schemes.