题目:“密码学中若干前沿问题”研讨会
时间:2012年12月30日上午9:00 – 12:00
地点: 341室
主持人:钱海峰教授
研讨安排:
时间 | 内容 | 主讲人 |
9:00-9:40 | Selective Opening Chosen Ciphertext Security Directly from the DDH Assumption | 刘胜利教授 上海交通大学 |
9:40-10:20 | New Observations on Impossible Differential Cryptanalysis of Reduced-Round Camellia | 刘亚博士 上海交通大学 |
10:20-10:30 | 休息 | |
10:30-11:10 | 演化密码研究进展 | 王潮教授 上海大学 |
11:10-11:50 | Overcoming Weak Expectations | 郁昱副教授 清华大学 华东师范大学 |
附:部分报告摘要
报告人:Shengli Liu:
题目:Selective Opening Chosen Ciphertext Security Directly from the DDH Assumption
摘要:Chosen-ciphertext security has been well-accepted as a standard security notion for public key encryption. But in a multi-user surrounding, it may not be sufficient, since the adversary may corrupt some users to get the random coins as well as the plaintexts used to generate ciphertexts. The attack is named “selective opening attack”. We study how to achieve full-fledged chosen-ciphertext security in selective opening setting directly from the DDH assumption. Our construction is free of chameleon hashing, since tags are created for encryptions in a flexible way to serve the security proof.
报告人:Ya Liu:
题目:New Observations on Impossible Differential Cryptanalysis of Reduced-Round Camellia
摘要:Camellia is one of the widely used block ciphers, which has been selected as an international standard by ISO/IEC. In this presentation, by exploiting some interesting properties of the key-dependent layer, we improve previous results on impossible differential cryptanalysis of reduced-round Camellia and gain some new observations. First, we introduce some new 7-round impossible differentials of Camellia for weak keys. These weak keys that work for the impossible differential take 3/4 of the whole key space, therefore, we further get rid of the weak-key assumption and leverage the attacks on reduced-round Camellia to all keys by utilizing the multiplied method. Second, we build a set of differentials which contains at least one 8-round impossible differential of Camellia with two FL/FL−1 layers. Following this new result, we show that the key-dependent transformations inserted in Camellia cannot resist impossible differential cryptanalysis effectively. Based on this set of differentials, we present a new cryptanalytic strategy to mount impossible differential attacks on reduced-round Camellia-128/192/256.
报告人:Yu Yu:
题目:Overcoming Weak Expectations
摘要:Recently, there has been renewed interest in basing cryptographic primitives on weak secrets, where the only information about the secret is some non-trivial amount of (min-) entropy. From a formal point of view, such results require to upper bound the expectation of some function f(X), where X is a weak source in question. We show an elementary inequality which essentially upper bounds such ‘weak expectation’ by two terms, the first of which is independent of f, while the second only depends on the ‘variance’ of f under uniform distribution. Quite remarkably, as relatively simple corollaries of this elementary inequality, we obtain some ‘unexpected’ results, in several cases noticeably simplifying/improving prior techniques for the same problem. Examples include non-malleable extractors, leakage-resilient symmetric encryption, alternative to the dense model theorem, seed-dependent condensers and improved entropy loss for the leftover hash lemma.