Abstract. We introduce and formally define polynomial commitment schemes, and provide two efficient constructions. A polynomial commitment scheme allows a committer to commit to a polynomial with a short string that can be used by a verifier to confirm claimed evaluations of the committed polynomial. Although the homomorphic commitment schemes in the literature can be used to achieve this goal, the sizes of their commitments are linear in the degree of the committed polynomial. On the other hand, polynomial commitments in our schemes are of constant size (single elements). The overhead of opening a commitment is also constant; even opening multiple evaluations requires only a constant amount of communication overhead. Therefore, our schemes are useful tools to reduce the communication cost in cryptographic protocols. On that front, we apply our polynomial commitment schemes to four problems in cryptography: verifiable secret sharing, zero-knowledge sets, credentials and content extraction signatures.
A delay tolerant network (DTN) is a store and forward network where end-to-end connectivity is not assumed and where opportunistic links between nodes are used to transfer data. An emerging application of DTNs are rural area DTNs, which provide Internet connectivity to rural areas in developing regions using conventional transportation mediums, like buses. Potential applications of these rural area DTNs are e-governance, telemedicine and citizen journalism. Therefore, security and privacy are critical for DTNs. Traditional cryptographic techniques based on PKI-certified public keys assume continuous network access, which makes these techniques inapplicable to DTNs because of their disconnected nature. We present the first anonymous communication solution for DTNs and introduce a new anonymous authentication protocol as part of it. Furthermore, we present a security infrastructure for DTNs to provide efficient secure communication. Our anonymity and security solutions are based on identity-based cryptography. We show that our solutions have better performance than previously proposed security infrastructures for DTNs. * Research supported by an NSERC PGS-D postgraduate scholarship 1. We introduce a new, IBC-based, anonymous authentication protocol and use this protocol to build the first system for providing anonymous communication in DTNs. 2. We present an IBC-based security infrastructure for DTNs that is more efficient than an existing security infrastructure for DTNs [25]. We provide an overview of DTNs and IBC in Section 2. In Section 3, we discuss related work in the area of DTN security and anonymous communication. In Section 4, we present our architecture for secure DTN communication. Section 5 describes our new anonymous authentication protocol and our anonymity architecture, which, as it turns out, can be integrated into our security architecture with no changes in the setup. This anonymity architecture forms the basis for anonymous and secure communication in DTNs, which we discuss in Section 6. Section 7 investigates system and network-related issues, like performance, routing and billing. In Appendix A, we briefly introduce bilinear pairings and the bilinear Diffie-Hellman problem. We discuss the security and anonymity provided by our anonymous authentication protocol in Appendix B. 2 Background In this section, we give a survey of DTNs and the special case of rural area DTNs. We also review an IBC scheme, namely the Sakai-Ohgishi-Kasahara key agreement protocol [24] in a Boneh-Franklin identity-based encryption setup [5]. Finally, we give an overview of hierarchical identity-based cryptography (HIBC). 2.1 Delay Tolerant Networks (DTNs) DTNs deal with communication in extreme and performance-challenged environments, where continuous end-to-end connectivity cannot be assumed. In a DTN, nodes use opportunistic connectivity over intermittent links for communication. Such opportunistic links are generally provided by mobile routers. They offer connectivity by acting as "data mules" to carry data to and fr...
Abstract. This paper introduces certified sets to the private set intersection problem. A private set intersection protocol allows Alice and Bob to jointly compute the set intersection function without revealing their input sets. Since the inputs are private, malicious participants may choose their sets arbitrarily and may use this flexibility to affect the result or learn more about the input of an honest participant. With certified sets, a trusted party ensures the inputs are valid and binds them to each participant. The strength of the malicious model with certified inputs increases the applicability of private set intersection to real world problems. With respect to efficiency the new certified set intersection protocol improves existing malicious model private set intersection protocols by a constant factor.
Consider a database where each record has different access control policies. These policies could be attributes, roles, or rights that the user needs to have in order to access the record. Here we provide a protocol that allows the users to access the database record while: (1) the database does not learn who queries a record; (2) the database does not learn which record is being queried, nor the access control policy of that record; (3) the database does not learn whether a user's attempt to access a record was successful or not; (4) the user can only obtain a single record per query; (5) the user can only access those records for which she has the correct permissions; (6) the user does not learn any other information about the database structure and the access control policies other than whether he was granted access to the queried record, and if so, the content of the record; and (7) the users' credentials can be revoked. Our scheme builds on the one by Camenisch, Dubovitskaya and Neven (CCS'09), who consider oblivious transfer with access control when the access control policies are public.
Abstract. In this paper we present a parallel approach to compute interleaved Montgomery multiplication. This approach is particularly suitable to be computed on 2-way single instruction, multiple data platforms as can be found on most modern computer architectures in the form of vector instruction set extensions. We have implemented this approach for tablet devices which run the x86 architecture (Intel Atom Z2760) using SSE2 instructions as well as devices which run on the ARM platform (Qualcomm MSM8960, NVIDIA Tegra 3 and 4) using NEON instructions. When instantiating modular exponentiation with this parallel version of Montgomery multiplication we observed a performance increase of more than a factor of 1.5 compared to the sequential implementation in OpenSSL for the classical arithmetic logic unit on the Atom platform for 2048-bit moduli.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
Contact Info
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Product
Resources
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.
