key dependent message security in the standard model
play

Key-Dependent Message Security in the Standard Model Dennis - PowerPoint PPT Presentation

Sep 09, 2023 •226 likes •272 views

Key-Dependent Message Security in the Standard Model Dennis Hofheinz (CWI, Amsterdam) What and why? Key-dependent message (KDM) security As IND, but with special encryption oracle Real game: O(F) = ENC SK ( F(SK) ) Random

  1. Key-Dependent Message Security in the Standard Model Dennis Hofheinz (CWI, Amsterdam)

  2. What and why? • Key-dependent message (KDM) security • As IND, but with special encryption oracle – Real game: O(F) = ENC SK ( F(SK) ) – Random game: O(F) = ENC SK ( random ) • Security: no adv. can distinguish real/rand • Useful : formal link, encrypt your hard drive • Our focus : symmetric setting and CPA

  3. What is known? • Black, Shrimpton, Rogaway 2002: ENC SK ( M ) = ( R, H( SK||R ) + M ) • KDM-CPA in RO model, but RO essential • Only* provable construction known! * except for straightforward but uninteresting solutions: – schemes with secret key longer than total volume of messages ever encrypted (then privacy amplification techniques work) – “hey, look how easy the proof now is”-style interactive non-standard computational assumptions beyond intuition

  4. What do we have? • Stateful encryption assuming PRNG only ENC SKi ( M ) : 1.) pick UHF h 2.) cond := h( SK i ) 3.) (SK i+1 , pad) := PRNG( cond ) 4.) C := (h, pad + M) • Weak stateful KDM-CPA (i.e., M=M(SK i ))

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Randomness Dependent Randomness Dependent Message Security g y Eleanor Birrell Kai

Randomness Dependent Randomness Dependent Message Security g y Eleanor Birrell Kai

Randomness Dependent Randomness Dependent Message Security g y Eleanor Birrell Kai Min Chung Rafael Pass Sidharth Telang Public key Encryption Public key Encryption Goal: l (pk,sk) Gen c = Enc(pk,m) E ( k ) Dec(sk,c) = m

638 views • 40 slides
MPI - Message Passing Interface MPI is the mostly used message passing-standard By

MPI - Message Passing Interface MPI is the mostly used message passing-standard By

MPI - Message Passing Interface MPI is the mostly used message passing-standard By using MPI you obtain portable programs MPI is based on earlier message passing libraries Lecture 7: NX, MPL, PVM, P4, TCGMSH, PARMACS, ...

360 views • 9 slides
Message Passing Concepts Message Passing Model The message passing model is based on the

Message Passing Concepts Message Passing Model The message passing model is based on the

Message Passing Concepts Message Passing Model The message passing model is based on the notion of processes can think of a process as an instance of a running program, together with the programs data In the message passing model,

601 views • 16 slides
A Standard-Model Security Analysis of TLS-DHE Tibor Jager

A Standard-Model Security Analysis of TLS-DHE Tibor Jager

A Standard-Model Security Analysis of TLS-DHE Tibor Jager 1 , Florian Kohlar 2 , Sven Schge 3 , and Jrg Schwenk 2 1 Karlsruhe Ins-tute of Technology

425 views • 17 slides
A Standard-Model Security Analysis of TLS-DHE Tibor Jager

A Standard-Model Security Analysis of TLS-DHE Tibor Jager

A Standard-Model Security Analysis of TLS-DHE Tibor Jager 1 , Florian Kohlar 2 , Sven Schge 3 , and Jrg Schwenk 2 1 Karlsruhe Ins-tute of Technology

763 views • 37 slides
1 Message Encryption- see Table 11.1 in the book Message Encryption if public-key encryption

1 Message Encryption- see Table 11.1 in the book Message Encryption if public-key encryption

Message Authentication CPE 542: CRYPTOGRAPHY & NETWORK SECURITY message authentication is concerned with: protecting the integrity of a message Chapter 11 Message Authentication and validating identity of originator Hash

462 views • 6 slides
Homomorphic Smooth Projective Hashing Hoeteck Wee ENS, Paris . . . . . . . .

Homomorphic Smooth Projective Hashing Hoeteck Wee ENS, Paris . . . . . . . .

KDM-Security via Homomorphic Smooth Projective Hashing Hoeteck Wee ENS, Paris . . . . . . . . key-dependent message security. [ Black Rogaway Shrimpton 02 ] this work. unifying framework with a simple proof of security enc pk ( sk )

955 views • 44 slides
Choosing with the Worst in Mind: A Reference-Dependent Model Gerelt Tserenjigmid Caltech

Choosing with the Worst in Mind: A Reference-Dependent Model Gerelt Tserenjigmid Caltech

Choosing with the Worst in Mind: A Reference-Dependent Model Gerelt Tserenjigmid Caltech Bounded Rationality in Choice Conference 2015 Gerelt Tserenjigmid A Reference-Dependent Model Motivation A new axiomatic model of reference-dependent

722 views • 50 slides
Security Public key (e.g., RSA) Message digest (e.g., MD5) Security services

Security Public key (e.g., RSA) Message digest (e.g., MD5) Security services

Overview Cryptography functions Secret key (e.g., DES) Security Public key (e.g., RSA) Message digest (e.g., MD5) Security services Privacy: preventing unauthorized release of information Outline Authentication:

883 views • 5 slides
Hash Functions, Message Hash Functions, Message Security Services Security Services

Hash Functions, Message Hash Functions, Message Security Services Security Services

Hash Functions, Message Hash Functions, Message Security Services Security Services Authentication Codes Authentication Codes Confidentiality : Symmetric encryption solves Integrity Ahmet Burak Can Authentication Hacettepe

341 views • 4 slides
Message Passing Programming with MPI Message Passing Programming with MPI 1 What is MPI?

Message Passing Programming with MPI Message Passing Programming with MPI 1 What is MPI?

Message Passing Programming with MPI Message Passing Programming with MPI 1 What is MPI? Message Passing Programming with MPI 2 MPI Forum First message-passing interface standard. Sixty people from forty different organisations.

1.61k views • 113 slides
Model checking with Message Sequence Charts Doron Peled Collaborators: R. Alur, E. Gunter, G.

Model checking with Message Sequence Charts Doron Peled Collaborators: R. Alur, E. Gunter, G.

Model checking with Message Sequence Charts Doron Peled Collaborators: R. Alur, E. Gunter, G. Holzmann, A. Muscholl, Z. Su Department of Computer Science University of Warwick, UK Bar Ilan University, IL MSCs An ITU standard notation

678 views • 55 slides
What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Message Passing Programming with MPI What is MPI? Message Passing Programming with MPI 1

Message Passing Programming with MPI What is MPI? Message Passing Programming with MPI 1

Message Passing Programming with MPI What is MPI? Message Passing Programming with MPI 1 Message Passing Programming with MPI 2 MPI Forum Goals and Scope of MPI First message-passing interface standard. MPIs prime goals are:

511 views • 29 slides
Security 2 CSC 249 April 12, 2018 Network Security Recap Message Integrity and Authentication

Security 2 CSC 249 April 12, 2018 Network Security Recap Message Integrity and Authentication

Security 2 CSC 249 April 12, 2018 Network Security Recap Message Integrity and Authentication Trusted Intermediaries Secure email pretty good privacy (PGP) 2 1 Cryptographic Keys Alices Bobs K A encryption decryption K B key

427 views • 13 slides
RPS Work Item: Beta Testing of Message Standard IMDRF Stakeholder Forum Washington, D.C.

RPS Work Item: Beta Testing of Message Standard IMDRF Stakeholder Forum Washington, D.C.

RPS Work Item: Beta Testing of Message Standard IMDRF Stakeholder Forum Washington, D.C. September 17, 2014 Nancy Shadeed Health Canada Recap Beta Testing Objective (Phase 1): Assess RPS Standard fitness for use with device

224 views • 11 slides
RACEMIZATION OF SECONDARY ALCOHOL OH OH Ru cat. R R Ru cat: O H O Ph Ph Ph Ph H +

RACEMIZATION OF SECONDARY ALCOHOL OH OH Ru cat. R R Ru cat: O H O Ph Ph Ph Ph H +

RACEMIZATION OF SECONDARY ALCOHOL OH OH Ru cat. R R Ru cat: O H O Ph Ph Ph Ph H + 5KOH Ph Ph Ru Ru P(C 6 H 5 ) 3 Ru Ph Ph Cl P(C 6 H 5 ) 3 OC CO CO OC Shovo (1986) Bckvall (1999) Park (1998) Casey(2001) RuCl 2 (PPh

643 views • 10 slides
Social protection and social security organised by socialprotection.org , and the International

Social protection and social security organised by socialprotection.org , and the International

Welcome to USP2030 Webinar #3 Social protection and social security organised by socialprotection.org , and the International Policy Centre for Inclusive Growth (IPC-IG) USP2030 Webinar Series #USP2030series organised by Join the USP2030

1.55k views • 62 slides
RIIO-T2 STAKEHOLDER WORKSHOP 28 November 2018 Housekeeping Safety Moment Phones and IT Venue

RIIO-T2 STAKEHOLDER WORKSHOP 28 November 2018 Housekeeping Safety Moment Phones and IT Venue

RIIO-T2 STAKEHOLDER WORKSHOP 28 November 2018 Housekeeping Safety Moment Phones and IT Venue and Hospitality Reflections on 2018 RECAP Stakeholder Workshop 8 March 2018 How we engage with stakeholders well provide an update on our

950 views • 80 slides
A DEEP VALUE OPPORTUNITY A DEEP VALUE OPPORTUNITY Nick Holland Chief Executive Officer Denver

A DEEP VALUE OPPORTUNITY A DEEP VALUE OPPORTUNITY Nick Holland Chief Executive Officer Denver

A DEEP VALUE OPPORTUNITY A DEEP VALUE OPPORTUNITY Nick Holland Chief Executive Officer Denver Gold Forum 22 September 2010 Forward Looking Statements Certain statements in this document constitute forward looking statements within the

323 views • 28 slides
HOLLAND CENTRAL SCHOOL DISTRICT 2017-2018 BUDGET PRESENTATION DRAFT #1 PRESENTED BY: CATHY

HOLLAND CENTRAL SCHOOL DISTRICT 2017-2018 BUDGET PRESENTATION DRAFT #1 PRESENTED BY: CATHY

HOLLAND CENTRAL SCHOOL DISTRICT 2017-2018 BUDGET PRESENTATION DRAFT #1 PRESENTED BY: CATHY V. FABIATOS, SUPERINTENDENT LAURA BOSINSKI, BUSINESS OFFICIAL CARL GUIDOTTI, JSHS PRINCIPAL JASON SMITH, ES PRINCIPAL LAURIE GREGORY, DIRECTOR OF

295 views • 16 slides
Kingston Hospital NHS Foundation Trust Recovery Plan Update Trust Board Meeting 29 th July 2015

Kingston Hospital NHS Foundation Trust Recovery Plan Update Trust Board Meeting 29 th July 2015

Kingston Hospital NHS Foundation Trust Recovery Plan Update Trust Board Meeting 29 th July 2015 Summary We have been through a robust There are a number of key process to set the plan and assumptions underpinning this: have subsequently

327 views • 15 slides
2 3 Child Development Fund (12): Pending Receipts: California Department of Education and

2 3 Child Development Fund (12): Pending Receipts: California Department of Education and

Budget / staffing allocations are based on Third Friday Enrollment (September 16, 2016). 2 3 Child Development Fund (12): Pending Receipts: California Department of Education and Neighborhood House Association payments expected to be

676 views • 9 slides
The Economic Outlook and Its Policy Implications Eric S. Rosengren President & CEO Federal

The Economic Outlook and Its Policy Implications Eric S. Rosengren President & CEO Federal

The Economic Outlook and Its Policy Implications Eric S. Rosengren President & CEO Federal Reserve Bank of Boston Worcester Regional Research Bureau Worcester, Massachusetts May 30, 2012 EMBARGOED UNTIL WEDNESDAY, MAY 30, 2012 AT 4:50

844 views • 16 slides

More recommend