伽罗瓦环上的一类No序列的构造

近年来,伽罗瓦环上的序列理论成为人们研究的热点问题.有限域上的No序列是一类伪随机序列,它在序列密码中占具十分重要的角色.本文利用伽罗瓦环上的置换,构造了伽罗瓦环Z_(p~e)上的一类新的No序列,并且研究了其线性复杂度.研究的结果表明此类No序列具有相当大的线性复杂度.     

基于有限非阿贝尔群的密钥交换

从一般线性群GL（n,F）和对称群Sn上的困难问题出发,构造了几个密钥交换算法,新算法具有更高的效率.同时,指出基于一般线性群的密钥交换算法的安全性直接依赖于广义矩阵覆盖问题,基于对称群的密钥交换协议的安全性直接依赖于置换群上的共轭问题.     

Quantum anonymous voting with anonymity check

We propose a new protocol for quantum anonymous voting having serious advantages over the existing protocols: it protects both the voters from a curious tallyman and all the participants from a dishonest voter in unconditional way. The central idea of the protocol is that the ballots are given back to the voters after the voting process, which gives a possibility for two voters to check the anonymity of the vote counting process by preparing a special entangled state of two ballots. Any attempt of cheating from the side of the tallyman results in destroying the entanglement, which can be detected by the voters.     

The Diffie–Hellman problem and generalization of Verheul’s theorem

Bilinear pairings on elliptic curves have been of much interest in cryptography recently. Most of the protocols involving pairings rely on the hardness of the bilinear Diffie–Hellman problem. In contrast to the discrete log (or Diffie–Hellman) problem in a finite field, the difficulty of this problem has not yet been much studied. In 2001, Verheul (Advances in Cryptology—EUROCRYPT 2001, LNCS 2045, pp. 195–210, 2001) proved that on a certain class of curves, the discrete log and Diffie–Hellman problems are unlikely to be provably equivalent to the same problems in a corresponding finite field unless both Diffie–Hellman problems are easy. In this paper we generalize Verheul’s theorem and discuss the implications on the security of pairing based systems.      

Provable security of block ciphers against linear cryptanalysis: a mission impossible?

In this paper, we are concerned with the security of block ciphers against linear cryptanalysis and discuss the distance between the so-called practical security approach and the actual theoretical security provided by a given cipher. For this purpose, we present a number of illustrative experiments performed against small (i.e. computationally tractable) ciphers. We compare the linear probability of the best linear characteristic and the actual best linear probability (averaged over all keys). We also test the key equivalence hypothesis. Our experiments illustrate both that provable security against linear cryptanalysis is not achieved by present design strategies and the relevance of the practical security approach. Finally, we discuss the (im)possibility to derive actual design criteria from the intuitions underlined in these experiments. F.-X. Standaert is a Postdoctoral researcher of the Belgian Fund for Scientific Research (FNRS).     

Elementary symmetric polynomials in Shamir's scheme

The concept of k-admissible tracks in Shamir's secret sharing scheme over a finite field was introduced by Schinzel et al. (2009) [10]. Using some estimates for the elementary symmetric polynomials, we show that the track (1,…,n) over Fp is practically always k-admissible; i.e., the scheme allows to place the secret as an arbitrary coefficient of its generic polynomial even for relatively small p. Here k is the threshold and n the number of shareholders.     

Finding composite order ordinary elliptic curves using the Cocks-Pinch method

We apply the Cocks-Pinch method to obtain pairing-friendly composite order groups with prescribed embedding degree associated to ordinary elliptic curves, and we show that new security issues arise in the composite order setting.     

Selecting an Effective Entropy Estimator for Short Sequences of Bits and Bytes with Maximum Entropy

Entropy makes it possible to measure the uncertainty about an information source from the distribution of its output symbols. It is known that the maximum Shannon’s entropy of a discrete source of information is reached when its symbols follow a Uniform distribution. In cryptography, these sources have great applications since they allow for the highest security standards to be reached. In this work, the most effective estimator is selected to estimate entropy in short samples of bytes and bits with maximum entropy. For this, 18 estimators were compared. Results concerning the comparisons published in the literature between these estimators are discussed. The most suitable estimator is determined experimentally, based on its bias, the mean square error short samples of bytes and bits.