Random Oracles in a Quantum World - Cryptology ePrint Archive

adversary can make quantum oracle queries. We then set out to develop generic conditions under which a classical random oracle proof implies security in the ...

Random Oracles in a Quantum World - Cryptology ePrint Archive - Related Documents

Random Oracles in a Quantum World - Cryptology ePrint Archive

adversary can make quantum oracle queries. We then set out to develop generic conditions under which a classical random oracle proof implies security in the ...

Uncloneable Quantum Encryption via Oracles - Cryptology ePrint ...

Quantum information is well-known to achieve cryptographic feats that are unattainable using ... Modelling the qPRF as an oracle, we show security by adapt-.

Unforgeable Quantum Encryption - Cryptology ePrint Archive - IACR

We now formally define the two worlds: the real world QAE-Real, and the ideal (or cheat-detecting) world QAE-Ideal. In both cases, the adversary A receives two ...

Oblivion - Cryptology ePrint Archive

sive evaluations of Oblivion, showing that the framework is capable of handling ... helpdesk. Along with the relevant links, she hands over publicly verifiable ID ... anywhere in the article; if this happens, the matched item could be tagged with.

Speck - Cryptology ePrint Archive

9800 Savage Road, Fort Meade, MD 20755, USA. {rabeaul, djshors, jksmit3, sgtreat, beweeks, lrwinge}@tycho.ncsc.mil. 19 June 2013. A .

The CS2 Block Cipher - Cryptology ePrint Archive

final post-whitening key step. 1. for k = 0 to 7 do. 1.1 x ← ζ(x, k, K). 2. return x ⊕ K32. Fig. 8. CS2 Block Cipher. We note that no decryption routine is described.

Steganography techniques - Cryptology ePrint Archive

In [2] and [3], the same theoretical definitions are presented. Page 3. 3. 2.1 Theoretical model. Preliminary to defining the steganography system, let Alice ...

Marlin - Cryptology ePrint Archive - IACR

1 Jan 2020 ... preprocessing SNARK with universal SRS. Figure 3: Diagram of our methodology to construct preprocessing SNARGs with universal SRS.

Wave - Cryptology ePrint Archive - IACR

and secure digital signature scheme based on the hardness of decoding a linear code ... Wave: a New Family of Trapdoor One-Way PSF Based on Codes. 3 property in a ... This relates to the, so called, Decoding One Out of Many (DOOM).

Trap Me If You Can - Cryptology ePrint Archive - IACR

5 Sep 2013 ... future, using future national lottery results, an elliptic-curve suited for ... January 27, 2016, commitment on the design of MDCurve201601:.

Cryptanalysis of Zorro - Cryptology ePrint Archive

[11] attack published at CRYPTO'11 on the lightweight cipher PRINTcipher [10]: both are single-key attacks on the full ciphers under the weak-key assumption.

Sonic - Cryptology ePrint Archive - IACR

We present Sonic, a new zk-SNARK for general arithmetic circuit ... 20 G, 16 F. 273n Ex. 13P. Table 2: Comparison of helped and unhelped Sonic against a pairing-based zk-SNARK and ... [55] H. Lipmaa, P. Mohassel, and S. S. Sadeghian.

SHA-1 is a Shambles - Cryptology ePrint Archive - IACR

14 Dec 2019 ... In this article, we exhibit the very first chosen-prefix collision against the SHA-1 hash function, with a direct application to PGP/GnuPG security.

Decoding One Out of Many - Cryptology ePrint Archive - IACR

limited, we show that the cost of the decoding is raised to the power 2/3 c. (with a small ... The security of code-based cryptography heavily relies on the hardness of de- coding in a ... the probability for one execution of doom loop to succeed.

White-Box Cryptography - Cryptology ePrint Archive - IACR

Keywords: White-box cryptography, Software execution traces, Differential computation ... to realize a white-box implementation of symmetric ciphers [28,27].

Cryptography for Human Senses - Cryptology ePrint Archive

In this paper, we present ideas that could make cryptog- raphy more accessible to humans. We review previous research on this topic and some results that have ...

ROYALE: A Framework for Universally ... - Cryptology ePrint Archive

employs a novel shuffling phase based on efficient NIZK proofs of shuffle correctness, ... If j = i, upon receiving the message (shuffle, sid, Pj , id1,..., idm, ctj id1.

Round5: KEM and PKE based on GLWR - Cryptology ePrint Archive

In HILA5[87]'s XE5 code, r0 is such a special register. When using this special ... [51] Guillaume Hanrot, Xavier Pujol, and Damien Stehlé. Analyzing blockwise.

Honey Encryption - Cryptology ePrint Archive - IACR

February 28, 2014. Version 1.2 ... Should one of the candidate keys be correct (i.e., K is from a low-entropy distribution), M is guaranteed to appear in this list, and at this stage the ... kis more “concentrated” than pk: a prefix of any length of p′.

Attacking RSA-based Sessions in SSL/TLS - Cryptology ePrint Archive

SSL/TLS creates a side channel that allows the attacker to invert the RSA ... free control of acceptance rules for C and this is the reason why we conjecture that ...

Quisquis: A New Design for Anonymous ... - Cryptology ePrint Archive

... sender to transfer more than min(bl0, bl1): in one of the two worlds this would force the ... such that CA = XCom( a; r), and for a fixed t ∈ Fp, it holds that ∏n ... M. Pomarole, G. Jordan, K. Levchenko, D. McCoy, G. M. Voelker, and S. Savage.

Montgomery curves and their arithmetic - Cryptology ePrint Archive

gomery curves and the Montgomery ladder as a way of accelerating Lenstra's ... corresponds to a point on a cryptographically strong Montgomery curve, and ... http://www.ecc-brainpool.org/download/Domain-parameters.pdf, 2005. 23. Harold ...

Black-Box Wallets - Cryptology ePrint Archive - IACR

1 Oct 2019 ... such as BBW, so we allow malicious users to attack by running several ... in the case of public transportation with only a small amount of ...

The Fairy-Ring Dance - Cryptology ePrint Archive

“fairy-ring dance” construction that transforms any secure two-party PAKE scheme to a ... On the other hand, the open nature of the Internet invites all sorts of attacks ... source code of our implementations can be found at the end of the paper.).

inner product encryption - Cryptology ePrint Archive - IACR

product of their associated vectors. We emphasize that this definition of IPE is different from the notion of inner product predicate encryption from [KSW08, ...

Your Culture is in Your Password - Cryptology ePrint Archive - IACR

24 Oct 2018 ... most common password overall, abcd1234 is used less than 200 times ... “Abdulrahim” in Arabic has more than 1000 potential spellings in ...

Intel SGX Explained - Cryptology ePrint Archive - IACR

Intel's Software Guard Extensions (SGX) is the latest iteration in a long line of ... kernel vulnerabilities: State-of-the-art defenses and ... 177, 2000. [129] Jiang Lin ...

SoK: Off The Chain Transactions - Cryptology ePrint Archive - IACR

their unsolved challenges and promising avenues of future work. I. INTRODUCTION ... and we conclude the paper in Section VII. II. BLOCKCHAINS AND ...

Malicious Hashing: Eve's Variant of SHA-1 - Cryptology ePrint Archive

backdoor: Eve constructs a custom variant of SHA-1 that differs from the standardized specification only in ... This segment contains the familiar ”JFIF” string. However ... 00000000 23 de eb 7f aa 8a 34 9a 05 60 3f 3e d0 9c 31 5e |#.....4..'?>..1^|.

Faster 128-EEA3 and 128-EIA3 Software - Cryptology ePrint Archive

LTE confidentiality and integrity algorithms 128-EEA3 and 128-EIA3 [2] rely on the new stream cipher ZUC [3] as a keystream generator. Whereas many stream.

Security and Privacy Issues in E-passports - Cryptology ePrint Archive

teen passport issuing offices, such as “10” for Boston or. “03” for Los Angeles. The remaining seven digits are as- signed arbitrarily. Probably some two-digit ...

CHVote System Specification - Cryptology ePrint Archive - IACR

23 Dec 2019 ... serve as a manual for developers trying to implement an independent election verification ... a neutral element e P G. The following properties must be satisfied for G to ... IACR Cryptology ePrint Archive, 2017/325, 2017.

Single Password Authentication - Cryptology ePrint Archive - IACR

22 Mar 2013 ... can allow a user to use a single password to authenticate to multiple services securely. ... single-signon services such as Microsoft Passport, Google Accounts, ... In R. Canetti, editor, TCC 2008: 5th Theory of Cryptography ...

Signing a Linear Subspace - Cryptology ePrint Archive - IACR

Our schemes can be viewed as signing linear subspaces in the sense that a signature σ on a subspace V authenticates exactly those vectors in V . Our first.

How to manipulate curve standards - Cryptology ePrint Archive - IACR

27 Sep 2015 ... attacker; (2) the attacker is aware of a vulnerability in some curves that are not ... placeholder “vulnerability” we define E to be vulnerable if b starts with the hex- ... We have also not found any updates or errata to the Brainpool.

Covert Security with Public Verifiability - Cryptology ePrint Archive

14 Nov 2018 ... If PA cheats in the jth instance of the protocol, then it is caught with probability at least ... n1 ∪ {⊥, blatantCheat, cheat} and PB sends y ∈ {0, 1}.