|
Naccache–Stern Cryptosystem
The Naccache–Stern cryptosystem is a homomorphic public-key cryptosystem whose security rests on the higher residuosity problem. The Naccache–Stern cryptosystem was discovered by David Naccache and Jacques Stern in 1998. Scheme Definition Like many public key cryptosystems, this scheme works in the group (\mathbb/n\mathbb)^* where ''n'' is a product of two large primes. This scheme is homomorphic and hence malleable. Key Generation *Pick a family of ''k'' small distinct primes ''p''1,...,''p''k. *Divide the set in half and set u = \prod_^ p_i and v = \prod_^k p_i. *Set \sigma = uv = \prod_^k p_i *Choose large primes ''a'' and ''b'' such that both ''p'' = 2''au''+1 and ''q''=2''bv''+1 are prime. *Set ''n''=''pq''. *Choose a random ''g'' mod ''n'' such that ''g'' has order φ(''n'')/4. The public key is the numbers σ,''n'',''g'' and the private key is the pair ''p'',''q''. When ''k''=1 this is essentially the Benaloh cryptosystem. Message Encryption This system allows e ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Homomorphic Encryption
Homomorphic encryption is a form of encryption that allows computations to be performed on encrypted data without first having to decrypt it. The resulting computations are left in an encrypted form which, when decrypted, result in an output that is identical to that of the operations performed on the unencrypted data. While homomorphic encryption does not protect against side-channel attacks that observe behavior, it can be used for privacy-preserving outsourced storage and computation. This allows data to be encrypted and outsourced to commercial cloud environments for processing, all while encrypted. As an example of a practical application of homomorphic encryption: encrypted photographs can be scanned for points of interest, without revealing the contents of a photo. However, observation of side-channels can see a photograph being sent to a point-of-interest lookup service, revealing the fact that photographs were taken. Thus, homomorphic encryption eliminates the need ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Public-key Cryptosystem
Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic algorithms based on mathematical problems termed one-way functions. Security of public-key cryptography depends on keeping the private key secret; the public key can be openly distributed without compromising security. There are many kinds of public-key cryptosystems, with different security goals, including digital signature, Diffie–Hellman key exchange, public-key key encapsulation, and public-key encryption. Public key algorithms are fundamental security primitives in modern cryptosystems, including applications and protocols that offer assurance of the confidentiality and authenticity of electronic communications and data storage. They underpin numerous Internet standards, such as Transport Layer Security (TLS), SSH, S/MIME, a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Higher Residuosity Problem
In cryptography, most public key cryptosystems are founded on problems that are believed to be intractable. The higher residuosity problem (also called the ''n''th-residuosity problem) is one such problem. This problem is ''easier'' to solve than integer factorization, so the assumption that this problem is hard to solve is ''stronger'' than the assumption that integer factorization is hard. Mathematical background If ''n'' is an integer, then the integers modulo ''n'' form a ring. If ''n'' = ''pq'' where ''p'' and ''q'' are primes, then the Chinese remainder theorem tells us that :\mathbb/n\mathbb \simeq \mathbb/p\mathbb \times \mathbb/q\mathbb The units of any ring form a group under multiplication, and the group of units in \mathbb/n\mathbb is traditionally denoted (\mathbb/n\mathbb) ^. From the ring isomorphism above, we have :(\mathbb/n\mathbb)^ \simeq (\mathbb/p\mathbb)^ \times (\mathbb/q\mathbb)^ as an isomorphism of groups. Since ''p'' and ''q'' were assumed to be ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
David Naccache
David Naccache is a cryptographer, currently a professor at the École normale supérieure and a member of its Computer Laboratory. He was previously a professor at Panthéon-Assas University. Biography He received his Ph.D. in 1995 from the École nationale supérieure des télécommunications. Naccache's most notable work is in public-key cryptography, including the cryptanalysis of digital signature schemes. Together with Jacques Stern he designed the similarly named but very distinct Naccache-Stern cryptosystem and Naccache-Stern knapsack cryptosystem. In 2004 David Naccache and Claire Whelan, then employed by Gemplus International, used image processing techniques to uncover redacted information from the declassified 6 August 2001 President's Daily Brief '' Bin Ladin Determined To Strike in US''. They also demonstrated how the same process could be applied to other redacted documents. Naccache is also a visiting professor and researcher at the Information Secur ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Jacques Stern
Jacques Stern (born 21 August 1949) is a cryptographer, currently a professor at the École Normale Supérieure. He received the 2006 CNRS Gold medal. His notable work includes the cryptanalysis of numerous encryption and signature schemes, the design of the Pointcheval–Stern signature algorithm, the Naccache–Stern cryptosystem and Naccache–Stern knapsack cryptosystem, and the block ciphers CS-Cipher, DFC, and xmx. He also contributed to the cryptanalysis of the ''SFLASH'' signature scheme. Awards * Knight of the Légion d'honneur recipient * 2005 CNRS Silver Medal * IACR Fellow, 2005 * 2006 CNRS Gold medal * 2007 RSA Award for Excellence in Mathematics Formally called since 2025 The RSAC Conference Award for Excellence in Mathematics, is an annual award. It is announced at the annual RSA Conference in recognition of innovations and contributions in the field of cryptography. An award committee o ... References External links * Public-key cryptographer ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Public Key Cryptography
Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic algorithms based on mathematical problems termed one-way functions. Security of public-key cryptography depends on keeping the private key secret; the public key can be openly distributed without compromising security. There are many kinds of public-key cryptosystems, with different security goals, including digital signature, Diffie–Hellman key exchange, public-key key encapsulation, and public-key encryption. Public key algorithms are fundamental security primitives in modern cryptosystems, including applications and protocols that offer assurance of the confidentiality and authenticity of electronic communications and data storage. They underpin numerous Internet standards, such as Transport Layer Security (TLS), SSH, S/MIME, and ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Prime Number
A prime number (or a prime) is a natural number greater than 1 that is not a Product (mathematics), product of two smaller natural numbers. A natural number greater than 1 that is not prime is called a composite number. For example, 5 is prime because the only ways of writing it as a product, or , involve 5 itself. However, 4 is composite because it is a product (2 × 2) in which both numbers are smaller than 4. Primes are central in number theory because of the fundamental theorem of arithmetic: every natural number greater than 1 is either a prime itself or can be factorization, factorized as a product of primes that is unique up to their order. The property of being prime is called primality. A simple but slow primality test, method of checking the primality of a given number , called trial division, tests whether is a multiple of any integer between 2 and . Faster algorithms include the Miller–Rabin primality test, which is fast but has a small chance of error ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Malleability (cryptography)
Malleability is a property of some cryptography, cryptographic algorithms. An encryption algorithm is "malleable" if it is possible to transform a ciphertext into another ciphertext which decrypts to a related plaintext. That is, given an encryption of a plaintext m, it is possible to generate another ciphertext which decrypts to f(m), for a known function f, without necessarily knowing or learning m. Malleability is often an undesirable property in a general-purpose cryptosystem, since it allows an attacker to modify the contents of a message. For example, suppose that a bank uses a stream cipher to hide its financial information, and a user sends an encrypted message containing, say, "." If an attacker can modify the message on the wire, and can guess the format of the unencrypted message, the attacker could change the amount of the transaction, or the recipient of the funds, e.g. "". Malleability does not refer to the attacker's ability to read the encrypted message. Both befo ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Benaloh Cryptosystem
The Benaloh Cryptosystem is an extension of the Goldwasser-Micali cryptosystem (GM) created in 1985 by Josh (Cohen) Benaloh. The main improvement of the Benaloh Cryptosystem over GM is that longer blocks of data can be encrypted at once, whereas in GM each bit is encrypted individually. Scheme Definition Like many public key cryptosystems, this scheme works in the group (\mathbb/n\mathbb)^* where ''n'' is a product of two large primes. This scheme is homomorphic and hence malleable. Key Generation Given block size ''r'', a public/private key pair is generated as follows: #Choose large primes ''p'' and ''q'' such that r \vert (p-1), \operatorname(r, (p-1)/r)=1, and \operatorname(r, (q-1))=1 #Set n=pq, \phi=(p-1)(q-1) #Choose y \in \mathbb^*_n such that y^ \not \equiv 1 \mod n. :: Note: If ''r'' is composite, it was pointed out by Fousse et al. in 2011 that the above conditions (i.e., those stated in the original paper) are insufficient to guarantee correct decryption, i.e., to ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Chinese Remainder Theorem
In mathematics, the Chinese remainder theorem states that if one knows the remainders of the Euclidean division of an integer ''n'' by several integers, then one can determine uniquely the remainder of the division of ''n'' by the product of these integers, under the condition that the divisors are pairwise coprime (no two divisors share a common factor other than 1). The theorem is sometimes called Sunzi's theorem. Both names of the theorem refer to its earliest known statement that appeared in '' Sunzi Suanjing'', a Chinese manuscript written during the 3rd to 5th century CE. This first statement was restricted to the following example: If one knows that the remainder of ''n'' divided by 3 is 2, the remainder of ''n'' divided by 5 is 3, and the remainder of ''n'' divided by 7 is 2, then with no other information, one can determine the remainder of ''n'' divided by 105 (the product of 3, 5, and 7) without knowing the value of ''n''. In this example, the remainder is 23. More ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Semantic Security
In cryptography, a semantically secure cryptosystem is one where only negligible information about the plaintext can be feasibly extracted from the ciphertext. Specifically, any probabilistic, polynomial-time algorithm (PPTA) that is given the ciphertext of a certain message m (taken from any distribution of messages), and the message's length, cannot determine any partial information on the message with probability non-negligibly higher than all other PPTA's that only have access to the message length (and not the ciphertext). S. Goldwasser and S. MicaliProbabilistic encryption & how to play mental poker keeping secret all partial information Annual ACM Symposium on Theory of Computing, 1982. This concept is the computational complexity analogue to Shannon's concept of perfect secrecy. Perfect secrecy means that the ciphertext reveals no information at all about the plaintext, whereas semantic security implies that any information revealed cannot be feasibly extracted. Goldreic ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Quadratic Residuosity Problem
The quadratic residuosity problem (QRP) in computational number theory is to decide, given integers a and N, whether a is a quadratic residue modulo N or not. Here N = p_1 p_2 for two unknown primes p_1 and p_2, and a is among the numbers which are not obviously quadratic non-residues (see below). The problem was first described by Gauss in his '' Disquisitiones Arithmeticae'' in 1801. This problem is believed to be computationally difficult. Several cryptographic methods rely on its hardness, see . An efficient algorithm for the quadratic residuosity problem immediately implies efficient algorithms for other number theoretic problems, such as deciding whether a composite N of unknown factorization is the product of 2 or 3 primes. Precise formulation Given integers a and T, a is said to be a ''quadratic residue modulo T'' if there exists an integer b such that :a \equiv b^2 \pmod T. Otherwise we say it is a quadratic non-residue. When T = p is a prime, it is customary t ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
