|
Naccache–Stern Cryptosystem
The Naccache–Stern cryptosystem is a homomorphic public-key cryptosystem whose security rests on the higher residuosity problem. The Naccache–Stern cryptosystem was discovered by David Naccache and Jacques Stern in 1998. Scheme Definition Like many public key cryptosystems, this scheme works in the group (\mathbb/n\mathbb)^* where ''n'' is a product of two large primes. This scheme is homomorphic and hence malleable. Key Generation *Pick a family of ''k'' small distinct primes ''p''1,...,''p''k. *Divide the set in half and set u = \prod_^ p_i and v = \prod_^k p_i. *Set \sigma = uv = \prod_^k p_i *Choose large primes ''a'' and ''b'' such that both ''p'' = 2''au''+1 and ''q''=2''bv''+1 are prime. *Set ''n''=''pq''. *Choose a random ''g'' mod ''n'' such that ''g'' has order φ(''n'')/4. The public key is the numbers σ,''n'',''g'' and the private key is the pair ''p'',''q''. When ''k''=1 this is essentially the Benaloh cryptosystem. Message Encryption This system allows e ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Homomorphic Encryption
Homomorphic encryption is a form of encryption that permits users to perform computations on its encrypted data without first decrypting it. These resulting computations are left in an encrypted form which, when decrypted, result in an identical output to that produced had the operations been performed on the unencrypted data. Homomorphic encryption can be used for privacy-preserving outsourced storage and computation. This allows data to be encrypted and out-sourced to commercial cloud environments for processing, all while encrypted. For sensitive data, such as health care information, homomorphic encryption can be used to enable new services by removing privacy barriers inhibiting data sharing or increase security to existing services. For example, predictive analytics in health care can be hard to apply via a third party service provider due to medical data privacy concerns, but if the predictive analytics service provider can operate on encrypted data instead, these priva ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Public-key Cryptosystem
Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic algorithms based on mathematical problems termed one-way functions. Security of public-key cryptography depends on keeping the private key secret; the public key can be openly distributed without compromising security. In a public-key encryption system, anyone with a public key can encrypt a message, yielding a ciphertext, but only those who know the corresponding private key can decrypt the ciphertext to obtain the original message. For example, a journalist can publish the public key of an encryption key pair on a web site so that sources can send secret messages to the news organization in ciphertext. Only the journalist who knows the corresponding private key can decrypt the ciphertexts to obtain the sources' messages—an eavesdropp ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Higher Residuosity Problem
In cryptography, most public key cryptosystems are founded on problems that are believed to be intractable. The higher residuosity problem (also called the n th-residuosity problem) is one such problem. This problem is ''easier'' to solve than integer factorization, so the assumption that this problem is hard to solve is ''stronger'' than the assumption that integer factorization is hard. Mathematical background If ''n'' is an integer, then the integers modulo ''n'' form a ring. If ''n''=''pq'' where ''p'' and ''q'' are primes, then the Chinese remainder theorem tells us that :\mathbb/n\mathbb \simeq \mathbb/p\mathbb \times \mathbb/q\mathbb The group of units of any ring form a group, and the group of units in \mathbb/n\mathbb is traditionally denoted (\mathbb/n\mathbb) ^*. From the isomorphism above, we have :(\mathbb/n\mathbb)^* \simeq (\mathbb/p\mathbb)^* \times (\mathbb/q\mathbb)^* as an isomorphism of ''groups''. Since ''p'' and ''q'' were assumed to be prime, the ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
David Naccache
David Naccache is a cryptographer, currently a professor at the École normale supérieure and a member of its Computer Laboratory. He was previously a professor at Panthéon-Assas University. Biography He received his Ph.D. in 1995 from the École nationale supérieure des télécommunications. Naccache's most notable work is in public-key cryptography, including the cryptanalysis of digital signature schemes. Together with Jacques Stern he designed the similarly named but very distinct Naccache-Stern cryptosystem and Naccache-Stern knapsack cryptosystem. In 2004 David Naccache and Claire Whelan, then employed by Gemplus International, used image processing techniques to uncover redacted information from the declassified 6 August 2001 President's Daily Brief '' Bin Ladin Determined To Strike in US''. They also demonstrated how the same process could be applied to other redacted documents. Naccache is also a visiting professor and researcher at the Information Security ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Jacques Stern
Jacques Stern (born 21 August 1949) is a cryptographer, currently a professor at the École Normale Supérieure. He received the 2006 CNRS Gold medal. His notable work includes the cryptanalysis of numerous encryption and signature schemes, the design of the Pointcheval–Stern signature algorithm, the Naccache–Stern cryptosystem and Naccache–Stern knapsack cryptosystem, and the block ciphers CS-Cipher, DFC, and xmx. He also contributed to the cryptanalysis of the ''SFLASH'' signature scheme. Awards * Knight of the Légion d'honneur recipient * 2005 CNRS Silver Medal The CNRS Silver Medal is a scientific award given every year to about fifteen researchers by the French National Centre for Scientific Research The French National Centre for Scientific Research (french: link=no, Centre national de la recherch ... * IACR Fellow, 2005 * 2006 CNRS Gold medal * 2007 RSA Award for Excellence in Mathematics References External links * Modern cryptographers ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Public Key Cryptography
Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic algorithms based on mathematical problems termed one-way functions. Security of public-key cryptography depends on keeping the private key secret; the public key can be openly distributed without compromising security. In a public-key encryption system, anyone with a public key can encrypt a message, yielding a ciphertext, but only those who know the corresponding private key can decrypt the ciphertext to obtain the original message. For example, a journalist can publish the public key of an encryption key pair on a web site so that sources can send secret messages to the news organization in ciphertext. Only the journalist who knows the corresponding private key can decrypt the ciphertexts to obtain the sources' messages—an eavesdropp ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Prime Number
A prime number (or a prime) is a natural number greater than 1 that is not a product of two smaller natural numbers. A natural number greater than 1 that is not prime is called a composite number. For example, 5 is prime because the only ways of writing it as a product, or , involve 5 itself. However, 4 is composite because it is a product (2 × 2) in which both numbers are smaller than 4. Primes are central in number theory because of the fundamental theorem of arithmetic: every natural number greater than 1 is either a prime itself or can be factorized as a product of primes that is unique up to their order. The property of being prime is called primality. A simple but slow method of checking the primality of a given number n, called trial division, tests whether n is a multiple of any integer between 2 and \sqrt. Faster algorithms include the Miller–Rabin primality test, which is fast but has a small chance of error, and the AKS primality test, which always pr ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Malleability (cryptography)
Malleability is a property of some cryptographic algorithms. An encryption algorithm is "malleable" if it is possible to transform a ciphertext into another ciphertext which decrypts to a related plaintext. That is, given an encryption of a plaintext m, it is possible to generate another ciphertext which decrypts to f(m), for a known function f, without necessarily knowing or learning m. Malleability is often an undesirable property in a general-purpose cryptosystem, since it allows an attacker to modify the contents of a message. For example, suppose that a bank uses a stream cipher to hide its financial information, and a user sends an encrypted message containing, say, "." If an attacker can modify the message on the wire, and can guess the format of the unencrypted message, the attacker could change the amount of the transaction, or the recipient of the funds, e.g. "". Malleability does not refer to the attacker's ability to read the encrypted message. Both before and after ta ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Benaloh Cryptosystem
The Benaloh Cryptosystem is an extension of the Goldwasser-Micali cryptosystem (GM) created in 1985 by Josh (Cohen) Benaloh. The main improvement of the Benaloh Cryptosystem over GM is that longer blocks of data can be encrypted at once, whereas in GM each bit is encrypted individually. Scheme Definition Like many public key cryptosystems, this scheme works in the group (\mathbb/n\mathbb)^* where ''n'' is a product of two large primes. This scheme is homomorphic and hence malleable. Key Generation Given block size ''r'', a public/private key pair is generated as follows: #Choose large primes ''p'' and ''q'' such that r \vert (p-1), \operatorname(r, (p-1)/r)=1, and \operatorname(r, (q-1))=1 #Set n=pq, \phi=(p-1)(q-1) #Choose y \in \mathbb^*_n such that y^ \not \equiv 1 \mod n. :: Note: If ''r'' is composite, it was pointed out by Fousse et al. in 2011 that the above conditions (i.e., those stated in the original paper) are insufficient to guarantee correct decryption, i.e., to ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Chinese Remainder Theorem
In mathematics, the Chinese remainder theorem states that if one knows the remainders of the Euclidean division of an integer ''n'' by several integers, then one can determine uniquely the remainder of the division of ''n'' by the product of these integers, under the condition that the divisors are pairwise coprime (no two divisors share a common factor other than 1). For example, if we know that the remainder of ''n'' divided by 3 is 2, the remainder of ''n'' divided by 5 is 3, and the remainder of ''n'' divided by 7 is 2, then without knowing the value of ''n'', we can determine that the remainder of ''n'' divided by 105 (the product of 3, 5, and 7) is 23. Importantly, this tells us that if ''n'' is a natural number less than 105, then 23 is the only possible value of ''n''. The earliest known statement of the theorem is by the Chinese mathematician Sun-tzu in the '' Sun-tzu Suan-ching'' in the 3rd century CE. The Chinese remainder theorem is widely used for computing with lar ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Semantic Security
In cryptography, a semantically secure cryptosystem is one where only negligible information about the plaintext can be feasibly extracted from the ciphertext. Specifically, any probabilistic, polynomial-time algorithm (PPTA) that is given the ciphertext of a certain message m (taken from any distribution of messages), and the message's length, cannot determine any partial information on the message with probability non-negligibly higher than all other PPTA's that only have access to the message length (and not the ciphertext). S. Goldwasser and S. MicaliProbabilistic encryption & how to play mental poker keeping secret all partial information Annual ACM Symposium on Theory of Computing, 1982. This concept is the computational complexity analogue to Shannon's concept of perfect secrecy. Perfect secrecy means that the ciphertext reveals no information at all about the plaintext, whereas semantic security implies that any information revealed cannot be feasibly extracted. Goldreich, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Quadratic Residuosity Problem
The quadratic residuosity problem (QRP) in computational number theory is to decide, given integers a and N, whether a is a quadratic residue modulo N or not. Here N = p_1 p_2 for two unknown primes p_1 and p_2, and a is among the numbers which are not obviously quadratic non-residues (see below). The problem was first described by Gauss in his ''Disquisitiones Arithmeticae'' in 1801. This problem is believed to be computationally difficult. Several cryptographic methods rely on its hardness, see . An efficient algorithm for the quadratic residuosity problem immediately implies efficient algorithms for other number theoretic problems, such as deciding whether a composite N of unknown factorization is the product of 2 or 3 primes. Precise formulation Given integers a and T, a is said to be a ''quadratic residue modulo T'' if there exists an integer b such that :a \equiv b^2 \pmod T. Otherwise we say it is a quadratic non-residue. When T = p is a prime, it is customary to us ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
