|
Identity-based Encryption
ID-based encryption, or identity-based encryption (IBE), is an important primitive of ID-based cryptography. As such it is a type of public-key encryption in which the public key of a user is some unique information about the identity of the user (e.g. a user's email address). This means that a sender who has access to the public parameters of the system can encrypt a message using e.g. the text-value of the receiver's name or email address as a key. The receiver obtains its decryption key from a central authority, which needs to be trusted as it generates secret keys for every user. ID-based encryption was proposed by Adi Shamir in 1984. He was however only able to give an instantiation of identity-based signatures. Identity-based encryption remained an open problem for many years. The pairing-based Boneh–Franklin scheme and Cocks's encryption scheme based on quadratic residues both solved the IBE problem in 2001. Usage Identity-based systems allow any party to generate a p ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ID-based Cryptography
Identity-based cryptography is a type of public-key cryptography in which a publicly known string representing an individual or organization is used as a public key. The public string could include an email address, domain name, or a physical IP address. The first implementation of identity-based signatures and an email-address based public-key infrastructure (PKI) was developed by Adi Shamir in 1984, which allowed users to verify digital signatures using only public information such as the user's identifier. Under Shamir's scheme, a trusted third party would deliver the private key to the user after verification of the user's identity, with verification essentially the same as that required for issuing a certificate in a typical PKI. Shamir similarly proposed identity-based encryption, which appeared particularly attractive since there was no need to acquire an identity's public key prior to encryption. However, he was unable to come up with a concrete solution, and identity-based ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Security Parameter
In cryptography, a security parameter is a way of measuring of how "hard" it is for an adversary to break a cryptographic scheme. There are two main types of security parameter: ''computational'' and ''statistical'', often denoted by \kappa and \lambda, respectively. Roughly speaking, the computational security parameter is a measure for the input size of the computational problem on which the cryptographic scheme is based, which determines its computational complexity, whereas the statistical security parameter is a measure of the probability with which an adversary can break the scheme (whatever that means for the protocol). Security parameters are usually expressed in unary representation - i.e. \kappa is expressed as a string of \kappa 1s, \kappa=1\cdots 1, conventionally written as 1^\kappa - so that the time complexity of the cryptographic algorithm is polynomial in the size of the input. Computational security The security of cryptographic primitives relies on the hardne ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Quadratic Residuosity Problem
The quadratic residuosity problem (QRP) in computational number theory is to decide, given integers a and N, whether a is a quadratic residue modulo N or not. Here N = p_1 p_2 for two unknown primes p_1 and p_2, and a is among the numbers which are not obviously quadratic non-residues (see below). The problem was first described by Gauss in his ''Disquisitiones Arithmeticae'' in 1801. This problem is believed to be computationally difficult. Several cryptographic methods rely on its hardness, see . An efficient algorithm for the quadratic residuosity problem immediately implies efficient algorithms for other number theoretic problems, such as deciding whether a composite N of unknown factorization is the product of 2 or 3 primes. Precise formulation Given integers a and T, a is said to be a ''quadratic residue modulo T'' if there exists an integer b such that :a \equiv b^2 \pmod T. Otherwise we say it is a quadratic non-residue. When T = p is a prime, it is customary to us ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Clifford Cocks
Clifford Christopher Cocks (born 28 December 1950) is a British mathematician and cryptographer. In 1973, while working at the United Kingdom Government Communications Headquarters (GCHQ), he invented a public-key cryptography algorithm equivalent to what would become (in 1977) the RSA algorithm. The idea was classified information and his insight remained hidden for 24 years, although it was independently invented by Ronald Rivest, Adi Shamir, and Leonard Adleman in 1977. Public-key cryptography using prime factorisation is now part of nearly every Internet transaction. Education Cocks was educated at Manchester Grammar School and went on to study the Mathematical Tripos as an undergraduate at King's College, Cambridge. He continued as a PhD student at the University of Oxford, where he specialised in number theory under Bryan Birch, but left academia without finishing his doctorate. Career Non-secret encryption Cocks left Oxford to join Communications-Electronics Securi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Provable Security
Provable security refers to any type or level of computer security that can be proved. It is used in different ways by different fields. Usually, this refers to mathematical proofs, which are common in cryptography. In such a proof, the capabilities of the attacker are defined by an adversarial model (also referred to as attacker model): the aim of the proof is to show that the attacker must solve the underlying hard problem in order to break the security of the modelled system. Such a proof generally does not consider side-channel attacks or other implementation-specific attacks, because they are usually impossible to model without implementing the system (and thus, the proof only applies to this implementation). Outside of cryptography, the term is often used in conjunction with secure coding and security by design, both of which can rely on proofs to show the security of a particular approach. As with the cryptographic setting, this involves an attacker model and a model of th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ElGamal Encryption
In cryptography, the ElGamal encryption system is an asymmetric key encryption algorithm for public-key cryptography which is based on the Diffie–Hellman key exchange. It was described by Taher Elgamal in 1985. ElGamal encryption is used in the free GNU Privacy Guard software, recent versions of PGP, and other cryptosystems. The Digital Signature Algorithm (DSA) is a variant of the ElGamal signature scheme, which should not be confused with ElGamal encryption. ElGamal encryption can be defined over any cyclic group G, like multiplicative group of integers modulo ''n''. Its security depends upon the difficulty of a certain problem in G related to computing discrete logarithms. The algorithm ElGamal encryption consists of three components: the key generator, the encryption algorithm, and the decryption algorithm. Key generation The first party, Alice, generates a key pair as follows: * Generate an efficient description of a cyclic group G\, of order q\, with g ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Probabilistic Encryption
Probabilistic encryption is the use of randomness in an encryption algorithm, so that when encrypting the same message several times it will, in general, yield different ciphertexts. The term "probabilistic encryption" is typically used in reference to public key encryption algorithms; however various symmetric key encryption algorithms achieve a similar property (e.g., block ciphers when used in a chaining mode such as CBC), and stream ciphers such as Freestyle which are inherently random. To be semantically secure, that is, to hide even partial information about the plaintext, an encryption algorithm must be probabilistic. History The first provably-secure probabilistic public-key encryption scheme was proposed by Shafi Goldwasser and Silvio Micali, based on the hardness of the quadratic residuosity problem and had a message expansion factor equal to the public key size. More efficient probabilistic encryption algorithms include Elgamal, Paillier, and various constructio ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Tate Pairing
In mathematics, Tate pairing is any of several closely related bilinear pairings involving elliptic curves or abelian varieties, usually over local or finite fields, based on the Tate duality pairings introduced by and extended by . applied the Tate pairing over finite fields to cryptography. See also * Weil pairing Weil may refer to: Places in Germany *Weil, Bavaria *Weil am Rhein, Baden-Württemberg * Weil der Stadt, Baden-Württemberg *Weil im Schönbuch, Baden-Württemberg Other uses * Weil (river), Hesse, Germany * Weil (surname), including people with ... References * * * * Pairing-based cryptography Elliptic curve cryptography Elliptic curves {{Crypto-stub ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Weil Pairing
Weil may refer to: Places in Germany *Weil, Bavaria *Weil am Rhein, Baden-Württemberg *Weil der Stadt, Baden-Württemberg *Weil im Schönbuch, Baden-Württemberg Other uses * Weil (river), Hesse, Germany * Weil (surname), including people with the surname Weill, Weyl * Doctor Weil (Mega Man Zero), a fictional character from the ''Mega Man'' Zero video game series * Weil-Marbach, now the Marbach Stud in Baden-Württemberg See also * Weill (other) * Weil, Gotshal & Manges Weil, Gotshal & Manges LLP is an American international law firm with approximately 1,100 attorneys, headquartered in New York City. With a gross annual revenue in excess of $1.8 billion, it is among the world's largest law firms according to ..., law firm founded in the United States * Weil's disease {{disambiguation, geo ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Elliptic Curves
In mathematics, an elliptic curve is a smooth, projective, algebraic curve of genus one, on which there is a specified point . An elliptic curve is defined over a field and describes points in , the Cartesian product of with itself. If the field's characteristic is different from 2 and 3, then the curve can be described as a plane algebraic curve which consists of solutions for: :y^2 = x^3 + ax + b for some coefficients and in . The curve is required to be non-singular, which means that the curve has no cusps or self-intersections. (This is equivalent to the condition , that is, being square-free in .) It is always understood that the curve is really sitting in the projective plane, with the point being the unique point at infinity. Many sources define an elliptic curve to be simply a curve given by an equation of this form. (When the coefficient field has characteristic 2 or 3, the above equation is not quite general enough to include all non-singular cubic curve ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Pairing
In mathematics, a pairing is an ''R''-bilinear map from the Cartesian product of two ''R''-modules, where the underlying ring ''R'' is commutative. Definition Let ''R'' be a commutative ring with unit, and let ''M'', ''N'' and ''L'' be ''R''-modules. A pairing is any ''R''-bilinear map e:M \times N \to L. That is, it satisfies :e(r\cdot m,n)=e(m,r \cdot n)=r\cdot e(m,n), :e(m_1+m_2,n)=e(m_1,n)+e(m_2,n) and e(m,n_1+n_2)=e(m,n_1)+e(m,n_2) for any r \in R and any m,m_1,m_2 \in M and any n,n_1,n_2 \in N . Equivalently, a pairing is an ''R''-linear map :M \otimes_R N \to L where M \otimes_R N denotes the tensor product of ''M'' and ''N''. A pairing can also be considered as an ''R''-linear map \Phi : M \to \operatorname_ (N, L) , which matches the first definition by setting \Phi (m) (n) := e(m,n) . A pairing is called perfect if the above map \Phi is an isomorphism of ''R''-modules. A pairing is called non-degenerate on the right if for the above map we have that e(m,n) = ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
