Browsing by Subject "Cryptography"

Now showing 1 - 18 of 18

Open Access
Cryptographic solutions for genomic privacy
(Springer, 2016-02) Ayday, Erman
With the help of rapidly developing technology, DNA sequencing is becoming less expensive. As a consequence, the research in genomics has gained speed in paving the way to personalized (genomic) medicine, and geneticists need large collections of human genomes to further increase this speed. Furthermore, individuals are using their genomes to learn about their (genetic) predispositions to diseases, their ancestries, and even their (genetic) compatibilities with potential partners. This trend has also caused the launch of health-related websites and online social networks (OSNs), in which individuals share their genomic data (e.g., OpenSNP or 23andMe). On the other hand, genomic data carries much sensitive information about its owner. By analyzing the DNA of an individual, it is now possible to learn about his disease predispositions (e.g., for Alzheimer’s or Parkinson’s), ancestries, and physical attributes. The threat to genomic privacy is magnified by the fact that a person’s genome is correlated to his family members’ genomes, thus leading to interdependent privacy risks. In this work, focusing on our existing and ongoing work on genomic privacy, we will first highlight one serious threat for genomic privacy. Then, we will present the high level descriptions of our cryptographic solutions to protect the privacy of genomic data. © International Financial Cryptography Association 2016.
Open Access
Differential entropy analysis of the IDEA block cipher
(Elsevier, 2014) Biryukov, A.; Nakahara, Jr. J.; Yıldırım H. M.
This paper describes a new cryptanalytic technique that combines differential cryptanalysis with Shannon entropy. We call it differential entropy (DE). The objective is to exploit the non-uniform distribution of output differences from a given mapping as a distinguishing tool in cryptanalysis. Our preferred target is the IDEA block cipher, since we detected significantly low entropy at the output of its multiplication operation. We looked to further extend this entropy analysis to larger components and for a number of rounds. We present key-recovery attacks on up to 2.5-round IDEA in the single-key model and without weak-key assumptions. © 2013 Elsevier B.V. All rights reserved.
Open Access
Generalizations of verheul's theorem to asymmetric pairings
(2013) Karabina, K.; Knapp, E.; Menezes, A.
For symmetric pairings e: G × G → GT, Verheul proved that the existence of an efficiently-computable isomorphism Φ: GT → G implies that the Diffie-Hellman problems in G and GT can be efficiently solved. In this paper, we explore the implications of the existence of efficiently-computable isomorphisms Φ1: GT →G1 and Φ2: GT →G2 for asymmetric pairings e: G1 × G2 → GT. We also give a simplified proof of Verheul's theorem. © 2013 AIMS.
Open Access
Generalized ID-based ElGamal signatures
(IEEE, 2007-11) Kalkan, Said; Kaya, Kamer; Selçuk, Ali Aydın
ID-based cryptography has been a very active area of research in cryptography since bilinear pairings were introduced as a cryptographic tool, and there have been many proposals for ID-based signatures recently. In this paper, we introduce the concept of generalized ID-based ElGamal signatures and show that most of the proposed ID-based signature schemes in the literature are special instances of this generalized scheme. We also obtain numerous new signatures from this generalized scheme which have not been proposed before. ©2007 IEEE.
Open Access
GenoGuard: protecting genomic data against brute-force attacks
(IEEE, 2015-05) Huang, Z.; Ayday, Erman; Fellay, Jacques; Hubaux, J-P.; Juels, A.
Secure storage of genomic data is of great and increasing importance. The scientific community's improving ability to interpret individuals' genetic materials and the growing size of genetic database populations have been aggravating the potential consequences of data breaches. The prevalent use of passwords to generate encryption keys thus poses an especially serious problem when applied to genetic data. Weak passwords can jeopardize genetic data in the short term, but given the multi-decade lifespan of genetic data, even the use of strong passwords with conventional encryption can lead to compromise. We present a tool, called Geno Guard, for providing strong protection for genomic data both today and in the long term. Geno Guard incorporates a new theoretical framework for encryption called honey encryption (HE): it can provide information-theoretic confidentiality guarantees for encrypted data. Previously proposed HE schemes, however, can be applied to messages from, unfortunately, a very restricted set of probability distributions. Therefore, Geno Guard addresses the open problem of applying HE techniques to the highly non-uniform probability distributions that characterize sequences of genetic data. In Geno Guard, a potential adversary can attempt exhaustively to guess keys or passwords and decrypt via a brute-force attack. We prove that decryption under any key will yield a plausible genome sequence, and that Geno Guard offers an information-theoretic security guarantee against message-recovery attacks. We also explore attacks that use side information. Finally, we present an efficient and parallelized software implementation of Geno Guard. © 2015 IEEE.
Open Access
A meet-in-the-middle attack on 8-round AES
(Springer, 2008-02) Demirci, H.; Selçuk, Ali Aydın
We present a 5-round distinguisher for AES. We exploit this distinguisher to develop a meet-in-the-middle attack on 7 rounds of AES-192 and 8 rounds of AES-256. We also give a time-memory tradeoff generalization of the basic attack which gives a better balancing between different costs of the attack. As an additional note, we state a new square-like property of the AES algorithm. © 2008 Springer-Verlag Berlin Heidelberg.
Open Access
On non-cooperative genomic privacy
(Springer, Berlin, Heidelberg, 2015) Humbert, M.; Ayday, Erman; Hubaux J.-P.; Telenti, A.
Over the last few years, the vast progress in genome sequencing has highly increased the availability of genomic data. Today, individuals can obtain their digital genomic sequences at reasonable prices from many online service providers. Individuals can store their data on personal devices, reveal it on public online databases, or share it with third parties. Yet, it has been shown that genomic data is very privacysensitive and highly correlated between relatives. Therefore, individuals’ decisions about how to manage and secure their genomic data are crucial. People of the same family might have very different opinions about (i) how to protect and (ii) whether or not to reveal their genome. We study this tension by using a game-theoretic approach. First, we model the interplay between two purely-selfish family members. We also analyze how the game evolves when relatives behave altruistically. We define closed-form Nash equilibria in different settings. We then extend the game to N players by means of multi-agent influence diagrams that enable us to efficiently compute Nash equilibria. Our results notably demonstrate that altruism does not always lead to a more efficient outcome in genomic-privacy games. They also show that, if the discrepancy between the genome-sharing benefits that players perceive is too high, they will follow opposite sharing strategies, which has a negative impact on the familial utility. © International Financial Cryptography Association 2015.
Open Access
On probability of success in linear and differential cryptanalysis
(Springer New York LLC, 2008-01) Selçuk, A. A.
Despite their widespread usage in block cipher security, linear and differential cryptanalysis still lack a robust treatment of their success probability, and the success chances of these attacks have commonly been estimated in a rather ad hoc fashion. In this paper, we present an analytical calculation of the success probability of linear and differential cryptanalytic attacks. The results apply to an extended sense of the term "success" where the correct key is found not necessarily as the highest-ranking candidate but within a set of high-ranking candidates. Experimental results show that the analysis provides accurate results in most cases, especially in linear cryptanalysis. In cases where the results are less accurate, as in certain cases of differential cryptanalysis, the results are useful to provide approximate estimates of the success probability and the necessary plaintext requirement. The analysis also reveals that the attacked key length in differential cryptanalysis is one of the factors that affect the success probability directly besides the signal-to-noise ratio and the available plaintext amount. © 2007 International Association for Cryptologic Research.
Open Access
Persistent perfect entanglement in atomic systems
(IOP, 2004) Çakır, Özgür; Can, M. Ali; Klyachko, Alexander A.; Shumovsky, Alexander S.
It is shown that the system of an even number of three-level atoms in the Λ configuration in a cavity can evolve into a persistent maximum entangled state. The time of formation of such an entangled state is estimated.
Open Access
Privacy threats and practical solutions for genetic risk tests
(IEEE, 2015) Barman, L.; Elgraini, M.-T.; Raisaro, J. L.; Hubaux, J. -P.; Ayday, Erman
Recently, several solutions have been proposed to address the complex challenge of protecting individuals' genetic data during personalized medicine tests. In this short paper, we analyze different privacy threats and propose simple countermeasures for the generic architecture mainly used in the literature. In particular, we present and evaluate a new practical solution against a critical attack of a malicious medical center trying to actively infer raw genetic information of patients. © 2015 IEEE.
Open Access
Privacy-preserving data sharing and utilization between entities
(2017-07) Demirağ, Didem
In this thesis, we aim to enable privacy-preserving data sharing between entities and propose two systems for this purpose: (i) a veri able computation scheme that enables privacy-preserving similarity computation in the malicious setting and (ii) a privacy-preserving link prediction scheme in the semi-honest setting. Both of these schemes preserve the privacy of the involving parties, while performing some tasks to improve the service quality. In veri able computation, we propose a centralized system, which involves a client and multiple servers. We speci cally focus on the case, in which we want to compute the similarity of a patient's data across several hospitals. Client, who is the hospital that owns the patient data, sends the query to multiple servers, which are di erent hospitals. Client wants to nd similar patients in these hospitals in order to learn about the treatment techniques applied to those patients. In our link prediction scheme, we have two social networks with common users in both of them. We choose two nodes to perform link prediction between them. We perform link prediction in a privacy-preserving way so that neither of the networks learn the structure of the other network. We apply di erent metrics to de ne the similarity of the nodes. While doing this, we utilize privacy-preserving integer comparison.
Open Access
A privacy-preserving solution for the bipartite ranking problem
(IEEE, 2016-12) Faramarzi, Noushin Salek; Ayday, Erman; Güvenir, H. Altay
In this paper, we propose an efficient solution for the privacy-preserving of a bipartite ranking algorithm. The bipartite ranking problem can be considered as finding a function that ranks positive instances (in a dataset) higher than the negative ones. However, one common concern for all the existing schemes is the privacy of individuals in the dataset. That is, one (e.g., a researcher) needs to access the records of all individuals in the dataset in order to run the algorithm. This privacy concern puts limitations on the use of sensitive personal data for such analysis. The RIMARC (Ranking Instances by Maximizing Area under the ROC Curve) algorithm solves the bipartite ranking problem by learning a model to rank instances. As part of the model, it learns weights for each feature by analyzing the area under receiver operating characteristic (ROC) curve. RIMARC algorithm is shown to be more accurate and efficient than its counterparts. Thus, we use this algorithm as a building-block and provide a privacy-preserving version of the RIMARC algorithm using homomorphic encryption and secure multi-party computation. Our proposed algorithm lets a data owner outsource the storage and processing of its encrypted dataset to a semi-trusted cloud. Then, a researcher can get the results of his/her queries (to learn the ranking function) on the dataset by interacting with the cloud. During this process, neither the researcher nor the cloud learns any information about the raw dataset. We prove the security of the proposed algorithm and show its efficiency via experiments on real data.
Open Access
Robust threshold schemes based on the Chinese remainder theorem
(Springer, 2008-06) Kaya, Kamer; Selçuk, Ali Aydın
Recently, Chinese Remainder Theorem (CRT) based function sharing schemes are proposed in the literature. In this paper, we investigate how a CRT-based threshold scheme can be enhanced with the robustness property. To the best of our knowledge, these are the first robust threshold cryptosystems based on a CRT-based secret sharing. © 2008 Springer-Verlag Berlin Heidelberg.
Open Access
The Shannon cipher system with a guessing wiretapper
(Institute of Electrical and Electronics Engineers, 1999-09) Merhav, N.; Arikan, E.
The Shannon theory of cipher systems is combined with recent work on guessing values of random variables. The security of encryption systems is measured in terms of moments of the number of guesses needed for the wiretapper to uncover the plaintext given the cryptogram. While the encrypter aims at maximizing the guessing effort, the wiretapper strives to minimize it, e.g., by ordering guesses according to descending order of posterior probabilities of plaintexts given the cryptogram. For a memoryless plaintext source and a given key rate, a singleletter characterization is given for the highest achievable guessing exponent function, that is, the exponential rate of the th moment of the number of guesses as a function of the plaintext message length. Moreover, we demonstrate asymptotically optimal strategies for both encryption and guessing, which are universal in the sense of being independent of the statistics of the source. The guessing exponent is then investigated as a function of the key rate and related to the large-deviations guessing performance.
Open Access
Threshold broadcast encryption with reduced complexity
(IEEE, 2007-11) Kaşkaloǧlu, K.; Kaya, Kamer; Selçuk, Ali Aydın
Threshold Broadcast Encryption (TBE) is a promising extension of threshold cryptography with its advantages over traditional threshold cryptosystems, such as eliminating the need of a trusted party, the ability of setting up the system by individual users independently and the ability of choosing the threshold parameter and the group of privileged receivers at the time of encryption. An ElGamal-based solution for TBE was proposed by Ghodosi et al. In this paper, we propose an improved ElGamal-based TBE scheme with reduced transmission cost. ©2007 IEEE.
Open Access
Threshold cryptography based on asmuth-bloom secret sharing
(Springer, 2006-11) Kaya, Kamer; Selçuk, Ali Aydın; Tezcan, Zahir
In this paper, we investigate how threshold cryptography can be conducted with the Asmuth-Bloom secret sharing scheme and present two novel function sharing schemes, one for the RSA signature and the other for the ElGamal decryption functions, based on the Asmuth-Bloom scheme. To the best of our knowledge, these are the first threshold cryptosystems realized using the Asmuth-Bloom secret sharing. The proposed schemes compare favorably to the earlier function sharing schemes in performance as well as in certain theoretical aspects. © Springer-Verlag Berlin Heidelberg 2006.
Open Access
A verifiable secret sharing scheme based on the chinese remainder theorem
(Springer, 2008-12) Kaya, Kamer; Selçuk, Ali Aydın
In this paper, we investigate how to achieve verifiable secret sharing (VSS) schemes by using the Chinese Remainder Theorem (CRT). We first show that two schemes proposed earlier are not secure by an attack where the dealer is able to distribute inconsistent shares to the users. Then we propose a new VSS scheme based on the CRT and prove its security. Using the proposed VSS scheme, we develop a joint random secret sharing (JRSS) protocol, which, to the best of our knowledge, is the first JRSS protocol based on the CRT. © 2008 Springer Berlin Heidelberg.
Open Access
Watermarking based on discrete wavelet transform and q-deformed chaotic map
(Elsevier Ltd, 2017) Behnia, Sohrab; Yahyavi, Mohammad; Habibpourbisafar, Reza
Hierarchy of one-dimensional ergodic chaotic maps with Tsallis type of q-deformation are studied. We find that in the chaotic region, these maps with q-deformation are ergodic as the Birkhoff ergodic theorem predicts. q-deformed maps are defined as ratios of polynomials of degree N. Hence, by using the Stieltjes transform approach (STA), invariant measure is proposed. In addition, considering Sinai-Ruelle-Bowen (SRB) measure, Kolmogorov-Sinai (KS) entropy for q-deformed maps is calculated analytically. The new q-deformed scheme have ability to keep previous significant properties such as ergodicity, sensitivity to initial condition. By adding q-parameter to the hierarchy in order increase the randomness and one-way computation, we present a new scheme for watermarking. The introduced algorithm tries to improve the problem of failure of encryption such as small key space, encryption speed and level of security. To illustrate the effectiveness of the proposed scheme, some security analyses are presented. By considering the obtained results, it can be concluded that, this scheme have a high potential to be adopted for watermarking. It can be concluded that, the proposed novel watermarking scheme for image authentication can be applied for practical applications. © 2017 Elsevier Ltd