Congressos (Departament de Tecnologies de la Informació i les Comunicacions)
http://hdl.handle.net/10230/16116
Tue, 17 Sep 2019 15:14:18 GMT2019-09-17T15:14:18ZCCA2-secure threshold broadcast encryption with shorter ciphertexts
http://hdl.handle.net/10230/42275
CCA2-secure threshold broadcast encryption with shorter ciphertexts
Daza, Vanesa; Herranz, Javier; Morillo, Paz; Ràfols, Carla
In a threshold broadcast encryption scheme, a sender chooses (ad-hoc) a
set of n receivers and a threshold t, and then encrypts a message by using the
public keys of all the receivers, in such a way that the original plaintext can be
recovered only if at least t receivers cooperate. Previously proposed threshold
broadcast encryption schemes have ciphertexts whose length is O(n). In this paper,
we propose new schemes, for both PKI and identity-based scenarios, where
the ciphertexts’ length is O(n − t). The construction uses secret sharing techniques
and the Canetti-Halevi-Katz transformation to achieve chosen-ciphertext
security. The security of our schemes is formally proved under the Decisional
Bilinear Diffie-Hellman (DBDH) Assumption.
Comunicació presentada a: ProvSec 2007: Provable Security First International Conference, celebrada de l'1 al 2 de novembre de 2007 a Wollongong, Austràlia.
Mon, 01 Jan 2007 00:00:00 GMThttp://hdl.handle.net/10230/422752007-01-01T00:00:00ZThe Security of all bits using list decoding
http://hdl.handle.net/10230/42272
The Security of all bits using list decoding
Morillo, Paz; Ràfols, Carla
The relation between list decoding and hard-core predicates
has provided a clean and easy methodology to prove the hardness of
certain predicates. So far this methodology has only been used to prove
that the O(log logN) least and most significant bits of any function with
multiplicative access |which include the most common number theoretic
trapdoor permutations| are secure. In this paper we show that the
method applies to all bits of any function defined on a cyclic group of
order N with multiplicative access for cryptographically interesting N.
As a result, in this paper we reprove the security of all bits of RSA, the
discrete logarithm in a group of prime order or the Paillier encryption
scheme.
Comunicació presentada a: PKC 2009
12th International Conference on Practice and Theory in Public Key Cryptography, celebrada del 18 al 20 de març de 2009 a Irvine, Califòrnia, Estats Units d'Amèrica.
Thu, 01 Jan 2009 00:00:00 GMThttp://hdl.handle.net/10230/422722009-01-01T00:00:00ZConstant size ciphertexts in threshold attribute-based encryption
http://hdl.handle.net/10230/42265
Constant size ciphertexts in threshold attribute-based encryption
Herranz, Javier; Laguillaumie, Fabien; Ràfols, Carla
Attribute-based cryptography has emerged in the last years
as a promising primitive for digital security. For instance, it provides good
solutions to the problem of anonymous access control. In a ciphertext-
policy attribute-based encryption scheme, the secret keys of the users de-
pend on their attributes. When encrypting a message, the sender chooses
which subset of attributes must be held by a receiver in order to be able
to decrypt.
All current attribute-based encryption schemes that admit reasonably
expressive decryption policies produce ciphertexts whose size depends at
least linearly on the number of attributes involved in the policy. In this
paper we propose the first scheme whose ciphertexts have constant size.
Our scheme works for the threshold case: users authorized to decrypt
are those who hold at least t attributes among a certain universe of
attributes, for some threshold t chosen by the sender. An extension to the
case of weighted threshold decryption policies is possible. The security
of the scheme against selective chosen plaintext attacks can be proven
in the standard model by reduction to the augmented multi-sequence of
exponents decisional Di e-Hellman (aMSE-DDH) problem.
Comunicació presentada a: PKC 2010. 13th International Conference on Practice and Theory in Public Key Cryptography, celebrada del 26 al 28 de maig de 2010 a París, França.
Fri, 01 Jan 2010 00:00:00 GMThttp://hdl.handle.net/10230/422652010-01-01T00:00:00ZShort attribute-based signatures for threshold predicates
http://hdl.handle.net/10230/42263
Short attribute-based signatures for threshold predicates
Herranz, Javier; Laguillaumie, Fabien; Libert, Benoît; Ràfols, Carla
Attribute-based cryptography is a natural solution for fine-
grained access control with respect to security policies. In the case of
attribute-based signatures (ABS), users obtain from an authority their
secret keys as a function of the attributes they hold, with which they
can later sign messages for any predicate satisfied by their attributes. A
verifier will be convinced of the fact that the signer's attributes satisfy
the signing predicate while remaining completely ignorant of the identity
of the signer. In many scenarios where authentication and anonymity are
required, like distributed access control mechanisms in ad hoc networks,
the bandwidth is a crucial and sensitive concern. The signatures' size of
all previous ABS schemes grows linearly in the number of attributes in-
volved in the signing predicate. We propose the first two attribute-based
signature schemes with constant size signatures. Their security is proven
in the selective-predicate and adaptive-message setting, in the standard
model, under chosen message attacks, with respect to some algorithmic
assumptions related to bilinear groups. The described schemes are for the
case of threshold predicates, but they can be extended to admit some
other (more expressive) kinds of monotone predicates.
Comunicació presentada a: RSA Conference, celebrada del 27 de febrer al 2 de març de 2012 a San Francisco, Califòrnia, Estats Units d'Amèrica.
Sun, 01 Jan 2012 00:00:00 GMThttp://hdl.handle.net/10230/422632012-01-01T00:00:00Z