galois geometries contributing to cryptography
play

Galois geometries contributing to cryptography Leo Storme Ghent - PowerPoint PPT Presentation

Jun 22, 2023 •274 likes •729 views

Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES Galois geometries contributing to cryptography Leo Storme Ghent University Dept. of Mathematics Krijgslaan 281 - S22 9000 Ghent Belgium Opatija,

  1. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES Galois geometries contributing to cryptography Leo Storme Ghent University Dept. of Mathematics Krijgslaan 281 - S22 9000 Ghent Belgium Opatija, 2010 Leo Storme Galois geometries contributing to cryptography

  2. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES O UTLINE 1 C RYPTOGRAPHY 2 S ECRET SHARING SCHEME 3 M ESSAGE A UTHENTICATION CODE (MAC) 4 L INEAR MDS CODE IN AES Leo Storme Galois geometries contributing to cryptography

  3. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES O UTLINE 1 C RYPTOGRAPHY 2 S ECRET SHARING SCHEME 3 M ESSAGE A UTHENTICATION CODE (MAC) 4 L INEAR MDS CODE IN AES Leo Storme Galois geometries contributing to cryptography

  4. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES C RYPTOGRAPHY Transmit information in confidential way, 1 Split secret into shares, 2 Authentication. 3 Leo Storme Galois geometries contributing to cryptography

  5. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES O UTLINE 1 C RYPTOGRAPHY 2 S ECRET SHARING SCHEME 3 M ESSAGE A UTHENTICATION CODE (MAC) 4 L INEAR MDS CODE IN AES Leo Storme Galois geometries contributing to cryptography

  6. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES S ECRET SHARING SCHEME Secret sharing scheme : cryptographic equivalent of vault 1 that needs several keys to be opened. Secret S divided into shares . 2 Authorised sets : have access to secret S by putting their 3 shares together. Unauthorised sets : have no access to secret S by putting 4 their shares together. Leo Storme Galois geometries contributing to cryptography

  7. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES ( n , k ) - THRESHOLD SCHEME n participants. 1 Each group of k participants can reconstruct secret S , but 2 less than k participants have no way to learn anything about secret S . Leo Storme Galois geometries contributing to cryptography

  8. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES S HAMIR ’ S k - OUT - OF - n SECRET SHARING SCHEME F q = finite field of order q . 1 Dealer chooses polynomial 2 f ( X ) = f 0 + f 1 X + · · · + f k − 1 X k − 1 ∈ F q [ X ] , and, gives participant number i , point ( x i , f ( x i )) on graph of f 3 ( x i � = 0). Value f ( 0 ) = f 0 is secret S . 4 Leo Storme Galois geometries contributing to cryptography

  9. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES S HAMIR ’ S k - OUT - OF - n SECRET SHARING SCHEME Set of k participants can reconstruct 1 f ( X ) = f 0 + f 1 X + · · · + f k − 1 X k − 1 by interpolating their shares ( x i , f ( x i )) . Then they can compute secret f ( 0 ) . If k ′ < k persons try to reconstruct secret, for every y ∈ F q , 2 there are exactly | F q | k − k ′ − 1 polynomials of degree at most k − 1 which pass through their shares and the point ( 0 , y ) . Thus they gain no information about f ( 0 ) . Leo Storme Galois geometries contributing to cryptography

  10. ut ut rs ut ut ut Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES R EALISATION OF S HAMIR ’ S k - OUT - OF - n SECRET SHARING SCHEME secret point S 1 S 3 S 5 S 2 S 4 Leo Storme Galois geometries contributing to cryptography

  11. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES G EOMETRICAL REALISATION OF S HAMIR ’ S k - OUT - OF - n SECRET SHARING SCHEME (B LAKLEY ) Secret S = point of PG ( 3 , q ) . 1 Shares = planes of PG ( 3 , q ) such that exactly three of 2 them only intersect in S . Leo Storme Galois geometries contributing to cryptography

  12. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES G EOMETRICAL REALISATION OF S HAMIR ’ S k - OUT - OF - n SECRET SHARING SCHEME (B LAKLEY ) Leo Storme Galois geometries contributing to cryptography

  13. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES G EOMETRICAL REALISATION OF S HAMIR ’ S k - OUT - OF - n SECRET SHARING SCHEME Leo Storme Galois geometries contributing to cryptography

  14. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES G EOMETRICAL REALISATION OF S HAMIR ’ S k - OUT - OF - n SECRET SHARING SCHEME Leo Storme Galois geometries contributing to cryptography

  15. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES C ODING - THEORETICAL REALISATION OF S HAMIR ’ S k - OUT - OF - n SECRET SHARING SCHEME (McEliece and Sarwate) C : [ n + 1 , k , n − k + 2 ] q MDS code. 1 For secret c 0 ∈ F q , dealer creates codeword 2 c = ( c 0 , c 1 , . . . , c n ) ∈ C . Share of participant number i is symbol c i . Since C is MDS code with minimum distance n − k + 2, 3 codeword c can be uniquely reconstructed if only k symbols are known. So any set of k persons can compute secret c 0 . 4 On the other hand, less than k persons do not learn 5 anything about secret, since for any possible secret c ′ , the same number of codewords that fit to secret c ′ and their shares exist. Leo Storme Galois geometries contributing to cryptography

  16. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES M ORE GENERAL SECRET SHARING SCHEME D EFINITION Support of c = ( c 1 , . . . , c n ) ∈ F n q : sup ( c ) = { i | c i � = 0 } . Let C be linear code. Nonzero codeword c ∈ C is called minimal if ∀ c ′ ∈ C : sup ( c ′ ) ⊆ sup ( c ) = ⇒ c ′ ∈ � c � . Leo Storme Galois geometries contributing to cryptography

  17. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES M ORE GENERAL SECRET SHARING SCHEME L EMMA (M ASSEY ) Let C be an [ n + 1 , k ] q -code. Secret sharing scheme is constructed from C by choosing codeword c = ( c 0 , . . . , c n ) . Secret is c 0 and shares of participants are coordinates c i ( 1 ≤ i ≤ n). Minimal authorized sets of secret sharing scheme correspond to minimal codewords of C ⊥ with 0 in their supports. Leo Storme Galois geometries contributing to cryptography

  18. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES M ORE GENERAL SECRET SHARING SCHEME Proof: Suppose set { 1 , . . . , k } is authorised set. This means that c 0 can be determined from c 1 , . . . , c k , i.e. there exist constants a 1 , . . . , a k , with c 0 = a 1 c 1 + · · · + a k c k , (1) which means that ( 1 , − a 1 , . . . , − a k , 0 , . . . , 0 ) is codeword of C ⊥ with 0 in its support. Leo Storme Galois geometries contributing to cryptography

  19. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES O UTLINE 1 C RYPTOGRAPHY 2 S ECRET SHARING SCHEME 3 M ESSAGE A UTHENTICATION CODE (MAC) 4 L INEAR MDS CODE IN AES Leo Storme Galois geometries contributing to cryptography

  20. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES P ROBLEM OF AUTHENTICATION Problem: Alice wants to send Bob a message m . 1 Attacker intercepts m and sends alternated message m ′ to 2 Bob. Leo Storme Galois geometries contributing to cryptography

  21. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES P ROBLEM OF AUTHENTICATION How can Bob be sure that message he gets is correct? Introduce authentication ! Leo Storme Galois geometries contributing to cryptography

  22. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES E XAMPLE OF MESSAGE AUTHENTICATION CODE l = line of PG ( 2 , q ) . 1 Message m = point of l . 2 Authentication key K = point in PG ( 2 , q ) \ l . 3 Authentication tag = line through message m and key K . 4 Leo Storme Galois geometries contributing to cryptography

  23. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES Leo Storme Galois geometries contributing to cryptography

  24. Cryptography Secret sharing scheme Message Authentication code (MAC) Linear MDS code in AES E XAMPLE OF AUTHENTICATION CODE If attacker wants to create message ( m , K ) without 1 knowing key K , he must guess an affine line through m . There are q possibilities, i.e. the chance for correct attack is 1 q . If attacker already knows authenticated message ( m , K ) , 2 he knows that key K must lie on the line mK . But for every of q affine points on line mK , there exists line through m . So he cannot do better than guess the key which gives probability of 1 q for successful attack. Leo Storme Galois geometries contributing to cryptography

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Applications of Galois Geometries to Coding Theory and Cryptography Leo Storme Ghent University

Applications of Galois Geometries to Coding Theory and Cryptography Leo Storme Ghent University

Galois geometries Geometry and cryptography Applications of Galois Geometries to Coding Theory and Cryptography Leo Storme Ghent University Dept. of Mathematics Krijgslaan 281 - Building S22 9000 Ghent Belgium Albena, July 1, 2013 Leo

739 views • 63 slides
Galois geometries contributing to coding theory Leo Storme Ghent University Dept. of Mathematics

Galois geometries contributing to coding theory Leo Storme Ghent University Dept. of Mathematics

Coding theory Griesmer bound and minihypers Covering radius and saturating sets Linear MDS codes and arcs Extendability results and blocking sets Galois geometries contributing to coding theory Leo Storme Ghent University Dept. of

708 views • 59 slides
Coding theory and Galois geometries: two interacting research areas Leo Storme Ghent University

Coding theory and Galois geometries: two interacting research areas Leo Storme Ghent University

Coding theory Equivalent problem in coding theory and Galois geometries ( x ( q + 1 ) , x ; 2 , q ) -minihypers Coding theory and Galois geometries: two interacting research areas Leo Storme Ghent University Dept. of Pure Mathematics and

758 views • 30 slides
Hopf-Galois Theory and Galois Module Structure University of Exeter. Induced Hopf Galois

Hopf-Galois Theory and Galois Module Structure University of Exeter. Induced Hopf Galois

Hopf-Galois Theory and Galois Module Structure University of Exeter. Induced Hopf Galois structures Teresa Crespo, Anna Rio and Montserrat Vela June 25th, 2015 Let K/k be a separable field extension of degree n , K its Galois closure, G =

270 views • 14 slides
F p 2 -maximal curves with many automorphisms are Galois-covered by the Hermitian curve Daniele

F p 2 -maximal curves with many automorphisms are Galois-covered by the Hermitian curve Daniele

F p 2 -maximal curves with many automorphisms are Galois-covered by the Hermitian curve Daniele Bartoli Universit` a degli Studi di Perugia (Italy) (Joint work with Maria Montanucci and Fernando Torres) Finite Geometries - Fifth Irsee

577 views • 47 slides
:i extensions ) characterizations for Galois Thin ( Equivalent - Gal ( EIF ) . Then and

:i extensions ) characterizations for Galois Thin ( Equivalent - Gal ( EIF ) . Then and

Extension , Galois Galois Intermediate I : Extensions lame l Gal LEIF ) t.EE if ] ' tf Galois Elf is :i extensions ) characterizations for Galois Thin ( Equivalent - Gal ( EIF ) . Then and [ E : F) so let G - suppose

1.01k views • 15 slides
ECC mod 8^91+5 especially elliptic curve 2y^2=x^3+x for cryptography Andrew Allen and Dan Brown,

ECC mod 8^91+5 especially elliptic curve 2y^2=x^3+x for cryptography Andrew Allen and Dan Brown,

ECC mod 8^91+5 especially elliptic curve 2y^2=x^3+x for cryptography Andrew Allen and Dan Brown, BlackBerry CFRG, Prague, 2017 July 18 2y 2 =x 3 +x/GF(8 91 +5) Simplest secure and fast ECC ? Benefits of Galois field size 8 91 +5 for ECC Feature

285 views • 12 slides
On Galois Cohomology, Norm Functions and Cycles Markus Rost Bielefeld, September 2006 Galois

On Galois Cohomology, Norm Functions and Cycles Markus Rost Bielefeld, September 2006 Galois

On Galois Cohomology, Norm Functions and Cycles Markus Rost Bielefeld, September 2006 Galois Cohomology p a prime F a field, char F = p F a separable closure of F G F = Gal( F/F ) the absolute Galois group H n ( F, Z /p ) = H n ( G F

404 views • 14 slides
PLURISUBHARMONICITY and PSEUDOCONVEXITY IN CALIBRATED (and other) GEOMETRIES with REESE HARVEY

PLURISUBHARMONICITY and PSEUDOCONVEXITY IN CALIBRATED (and other) GEOMETRIES with REESE HARVEY

PLURISUBHARMONICITY and PSEUDOCONVEXITY IN CALIBRATED (and other) GEOMETRIES with REESE HARVEY 1 Complex Geometry: from O or H Many Powerful techniques : also from PSH 2 Other Geometries: Calibrated Geometries Arising, for

542 views • 33 slides
&quot;:::i too big ) aren't CI ( Galois groups [ E : F) 31gal ( EIHL i

&quot;:::i too big ) aren't CI ( Galois groups [ E : F) 31gal ( EIHL i

Galois Extensions &quot; big &quot; ? Galois group ' when I : are &quot; Independence of &quot; Chohuters , Part I &quot;:::i too big ) aren't CI ( Galois groups [ E : F) 31gal ( EIHL i F) sis . Then ( E Suppose (

535 views • 9 slides
L-relations and Galois triangles Basic notions Adjoint product Symmetry Commutativity and

L-relations and Galois triangles Basic notions Adjoint product Symmetry Commutativity and

L-relations and Galois triangles M.Emilia Della Stella , Cosimo Guido Preliminaries Galois connections Extended-order algebras L-relations and Galois triangles Basic notions Adjoint product Symmetry Commutativity and associativity

2.13k views • 170 slides
HOST Cryptography I ECE 525 Cryptography Handbook of Applied Cryptography &amp;

HOST Cryptography I ECE 525 Cryptography Handbook of Applied Cryptography &amp;

HOST Cryptography I ECE 525 Cryptography Handbook of Applied Cryptography &amp; http://cseweb.ucsd.edu/users/mihir/cse207/ Brief History: Proliferation of computers and communication systems in 1960s brought with it a demand to protect

273 views • 24 slides
Automorphism groups of parabolic geometries Andreas Cap January 2004 Cartan geometries Let

Automorphism groups of parabolic geometries Andreas Cap January 2004 Cartan geometries Let

Automorphism groups of parabolic geometries Andreas Cap January 2004 Cartan geometries Let G be a Lie group, H G a closed sub- group such that G/H is connected, and let h g be the corresponding Lie algebras. Try to interpret G as the

811 views • 13 slides
Galois connections between group actions and functions some results and problems Reinhard P

Galois connections between group actions and functions some results and problems Reinhard P

Galois connections Group actions and functions Galois closed groups Problems and references Galois connections between group actions and functions some results and problems Reinhard P oschel (joint work with E. Friese, Rostock

899 views • 52 slides
Saltmans Generic Galois Extensions and Problems in Field Theory David Harbater May 16, 2011

Saltmans Generic Galois Extensions and Problems in Field Theory David Harbater May 16, 2011

Saltmans Generic Galois Extensions and Problems in Field Theory David Harbater May 16, 2011 Motivation from Inverse Galois Problem Saltman, Advances in Math. (1982) Motivated by (inverse) Galois theory; has motivated further work. IGP: Is

614 views • 29 slides
Geometria Alg ebrica I lecture 16: Galois coverings and Galois categories Misha Verbitsky

Geometria Alg ebrica I lecture 16: Galois coverings and Galois categories Misha Verbitsky

Algebraic geometry I, lecture 16 M. Verbitsky Geometria Alg ebrica I lecture 16: Galois coverings and Galois categories Misha Verbitsky IMPA, sala 232 October 15, 2018 1 Algebraic geometry I, lecture 16 M. Verbitsky Covering maps

588 views • 20 slides
Information authentication for linear-coding-based communication networks: Homomorphic

Information authentication for linear-coding-based communication networks: Homomorphic

Information authentication for linear-coding-based communication networks: Homomorphic Message Authentication Codes Why do we need informa/on authen/ca/on? Why do we need informa/on

364 views • 19 slides
Middleware for the Internet of Things Revision : 536 Chantal Taconet SAMOVAR, Tlcom

Middleware for the Internet of Things Revision : 536 Chantal Taconet SAMOVAR, Tlcom

Middleware for the Internet of Things Revision : 536 Chantal Taconet SAMOVAR, Tlcom SudParis, CNRS, Universit Paris-Saclay September 2017 Outline 1. Internet of Things (IoT) 2. Middleware for the IoT 3. Standardization, reference

1.22k views • 65 slides
Agent-Based Modelling and Simulation Romain Franceschini, Hans Vangheluwe MoSIS Introduction 2

Agent-Based Modelling and Simulation Romain Franceschini, Hans Vangheluwe MoSIS Introduction 2

Agent-Based Modelling and Simulation Romain Franceschini, Hans Vangheluwe MoSIS Introduction 2 Agent Paradigm The agent paradigm is a collection of concepts used to tackle behaviour of Distributed, Situated, Interacting, Autonomous and

843 views • 70 slides
Statewide User Group Meeting February 27, 2012 Agenda Tresa Young Agenda Welcome

Statewide User Group Meeting February 27, 2012 Agenda Tresa Young Agenda Welcome

Statewide User Group Meeting February 27, 2012 Agenda Tresa Young Agenda Welcome Statewide User Group Feedback p Federal Monitoring Visit Update Onsite Visits &amp; Report / System Performance Feedback

1.3k views • 112 slides
Cybersecurity Shorts: Short Cyber Training Videos for Todays Workforce Dr. Kelly S. Wright,

Cybersecurity Shorts: Short Cyber Training Videos for Todays Workforce Dr. Kelly S. Wright,

Cybersecurity Shorts: Short Cyber Training Videos for Todays Workforce Dr. Kelly S. Wright, CISSP Instructional Systems Specialist IT Workforce Development (ITWD) Office of Information &amp; Technology Department of Veterans Affairs Why

360 views • 24 slides
Security Design Refinem ent through Mapping Tactics to Patterns Jungw oo Ryoo, Penn State Rick

Security Design Refinem ent through Mapping Tactics to Patterns Jungw oo Ryoo, Penn State Rick

Security Design Refinem ent through Mapping Tactics to Patterns Jungw oo Ryoo, Penn State Rick Kazm an, SEI / University of Haw aii SATURN, San Diego May 5 , 2 0 1 6 Goals of this Session To provide a quick look at Software security

753 views • 53 slides
t PP t st

t PP t st

trt rt PP t P s ss t tt ts t

898 views • 15 slides
Disclaimer This document does not constitute or form part of and should not be construed as a

Disclaimer This document does not constitute or form part of and should not be construed as a

Presentation Title ( Arial, Font size 28 ) The Tata Power Company Limited Analyst Call, Q3 FY18 Date, Venue, etc ..( Arial, Font size 18 ) 14 th February 2018 Message Box ( Arial, Font size 18 Bold) Disclaimer This document does not

635 views • 19 slides

More recommend