Waldyr Benits - Academia.edu (original) (raw)
Papers by Waldyr Benits
Springer eBooks, Dec 6, 2007
The problem of constructing elliptic curves suitable for pairing applications has received a lot ... more The problem of constructing elliptic curves suitable for pairing applications has received a lot of attention. One of the most general methods to solve this problem is due to Scott. We propose a variant of this method which replaces an exhaustive search with a Gröbner basis calculation. This makes the method potentially able to generate a larger set of families
IACR Cryptology ePrint Archive, 2018
We present an oblivious transfer (OT) protocol that combines the OT scheme of Chou and Orlandi [5... more We present an oblivious transfer (OT) protocol that combines the OT scheme of Chou and Orlandi [5] together with the supersingular isogeny Diffie-Hellman (SIDH) primitive of De Feo, Jao, and Plût [15]. Our construction is a candidate for post-quantum secure OT and demonstrates that SIDH naturally supports OT functionality. We consider the protocol in the simplest configuration of 2 1-OT and analyze the protocol to verify its security.
Nowadays, severa! activities-like purchases and bank operations of small or big value-can be done... more Nowadays, severa! activities-like purchases and bank operations of small or big value-can be done lhrough the Internet, allowing users to share resources, and resulting with this an economy gain in scale. Unfortunately, the infonnation on the Web can be easi ly observed by anyone, many times ill-intentioned. It is necessary, however, a constant concem with the security in the transpo rt and storage of sensitive infonnation. We cannot even think of a "secure environment" if the infomiation is not protected by a strong cryptography and other security devices. The public-key cryptosystems which follow the PKI pattem have some problems, such as the necessity of a complex key-managing infrastructure and the need of a public-key owner to prove his/her identity with digital certificates. Recently, the use of elliptic curves in cryptography allowed the development of an asymmetric cryptography in that the public key of a user is not a random string, but an identity that characterizes him in a unique way, as for example, his e-mail address. Based on this property, we can establish a secure communication without exchanging secrets, without exchanging certificates and without keeping a public key directory. This asymmetric cryptography scheme, that will be presented in this Mas ter Thesis, is nowadays known as ID-based cryptosystems. IV Resumo Nos dias de hoje, diversas operações-como compras e tran sações bancárias de pequena e grande monta-podem ser feitas através da Internet, possibilitando um compartilhamento de recursos, o que, por sua vez, propicia um ganho de economia em escala. Infelizmente, as informações que circulam na grande rede podem ser facilmente observadas por terceiros, muitas vezes mal-intencionados. Faz-se necessátio, portanto, uma preocupação constante com a segurança no transporte e armazenamento de informações sensíveis. É impensável se falar em "ambiente seguro" se as informações não estiverem protegidas por uma criptografia forte e outros mecanismos de segurança. Os sistemas criptográficos de chave pública que seguem o padrão PKI apresentam alguns problemas, como a necessidade de uma complexa infra-estrutura de gerenciamento de chaves e a necessidade de o detentor de uma chave pública provar sua identidade, por meio de certificados digitais. Mais recentemente, o emprego de curvas elípticas em criptografia permitiu o desenvolvimento de uma criptografia assirnéttica em que a chave pública de um usu ário não é urna seqüência aleatória de bits e sim um identificador que caracteriza esse usuário de fonna única, como por exemplo seu número de CPF ou seu endereço eletrônico. Tal fato possibilitou que se estabeleça uma comunicação segura sem troca de segredos , sem troca de certificados digitais e sem a necessidade de se manter um diretório público de chaves. Este esquema de criptografia assimétrica, que será apresentado nesta dissertação, é hoje conhecido como criptografia baseada em identidades (ID-based cryptosystems).
In this paper we present an Oblivious Transfer (OT) protocol that combines an OT scheme together ... more In this paper we present an Oblivious Transfer (OT) protocol that combines an OT scheme together with the Supersingular Isogeny Diffie-Hellman (SIDH) primitive. Our proposal is a candidate for postquantum secure OT and demonstrates that SIDH naturally supports OT functionality. We consider the protocol in the simplest configuration of ( 2 1 ) -SIOT and analyze the protocol to verify its security.
Anais do XIX Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2019), 2019
Neste artigo, apresentamos um protocolo Oblivious Transfer (OT) que combina um esquema OT juntame... more Neste artigo, apresentamos um protocolo Oblivious Transfer (OT) que combina um esquema OT juntamente com a primitiva do protocolo Supersingular Isogeny Diffie-Hellman (SIDH). Nossa proposta é um candidato para segurança pós-quântica OT e demonstra que o SIDH naturalmente suporta a funcionalidade OT. Consideramos o protocolo na configuração mais simples de (cid:0)2 1 (cid:1)-SIOT e analisamos a sua segurança.
Lecture Notes in Computer Science
ABSTRACT
Lecture Notes in Computer Science
Information confidentiality is an essential requirement for cyber security in critical infrastruc... more Information confidentiality is an essential requirement for cyber security in critical infrastructure. Identity-based cryptography, an increasingly popular branch of cryptography, is widely used to protect the information confidentiality in the critical infrastructure sector due to the ability to directly compute the user's public key based on the user's identity. However, computational requirements complicate the practical application of Identity-based cryptography. In order to improve the efficiency of identity-based cryptography, this paper presents an effective method to construct pairing-friendly elliptic curves with low hamming weight 4 under embedding degree 1. Based on the analysis of the Complex Multiplication(CM) method, the soundness of our method to calculate the characteristic of the finite field is proved. And then, three relative algorithms to construct pairing-friendly elliptic curve are put forward. 10 elliptic curves with low hamming weight 4 under 160 bits are presented to demonstrate the utility of our approach. Finally, the evaluation also indicates that it is more efficient to compute Tate pairing with our curves, than that of Bertoni et al.
Designs, Codes and Cryptography, 2010
Frobenius expansions are representations of integers to an algebraic base which are sometimes use... more Frobenius expansions are representations of integers to an algebraic base which are sometimes useful for efficient (hyper)elliptic curve cryptography. The normal form of a Frobenius expansion is the polynomial with integer coefficients obtained by reducing a Frobenius expansion modulo the characteristic polynomial of Frobenius. We consider the distribution of the coefficients of reductions of Frobenius expansions and non-adjacent forms of Frobenius expansions (NAFs) to normal form. We give asymptotic bounds on the coefficients which improve on naive bounds, for both genus one and genus two. We also discuss the non-uniformity of the distribution of the coefficients (assuming a uniform distribution for Frobenius expansions).
We present a variant of the Boneh & Franklin Identiy- based Encryption IBE scheme to derive an au... more We present a variant of the Boneh & Franklin Identiy- based Encryption IBE scheme to derive an authenticated sym- metric key-exchange protocol, when combined with a signature scheme. Our protocol uses IBE as a secure channel to establish a symmetric key between two users and, after that, further co m- munication can be done by symmetric cryptography, much faster than pairing-based cryptography. In this paper, we propose a variant of the BF's scheme, replacing the XOR function by a symmetric encryption algorithm. With this change, BF's scheme can be used as a key-exchange protocol provided that it is combined with a signature scheme to guarantee mutual authentication of the parties involved.
Springer eBooks, Dec 6, 2007
The problem of constructing elliptic curves suitable for pairing applications has received a lot ... more The problem of constructing elliptic curves suitable for pairing applications has received a lot of attention. One of the most general methods to solve this problem is due to Scott. We propose a variant of this method which replaces an exhaustive search with a Gröbner basis calculation. This makes the method potentially able to generate a larger set of families
IACR Cryptology ePrint Archive, 2018
We present an oblivious transfer (OT) protocol that combines the OT scheme of Chou and Orlandi [5... more We present an oblivious transfer (OT) protocol that combines the OT scheme of Chou and Orlandi [5] together with the supersingular isogeny Diffie-Hellman (SIDH) primitive of De Feo, Jao, and Plût [15]. Our construction is a candidate for post-quantum secure OT and demonstrates that SIDH naturally supports OT functionality. We consider the protocol in the simplest configuration of 2 1-OT and analyze the protocol to verify its security.
Nowadays, severa! activities-like purchases and bank operations of small or big value-can be done... more Nowadays, severa! activities-like purchases and bank operations of small or big value-can be done lhrough the Internet, allowing users to share resources, and resulting with this an economy gain in scale. Unfortunately, the infonnation on the Web can be easi ly observed by anyone, many times ill-intentioned. It is necessary, however, a constant concem with the security in the transpo rt and storage of sensitive infonnation. We cannot even think of a "secure environment" if the infomiation is not protected by a strong cryptography and other security devices. The public-key cryptosystems which follow the PKI pattem have some problems, such as the necessity of a complex key-managing infrastructure and the need of a public-key owner to prove his/her identity with digital certificates. Recently, the use of elliptic curves in cryptography allowed the development of an asymmetric cryptography in that the public key of a user is not a random string, but an identity that characterizes him in a unique way, as for example, his e-mail address. Based on this property, we can establish a secure communication without exchanging secrets, without exchanging certificates and without keeping a public key directory. This asymmetric cryptography scheme, that will be presented in this Mas ter Thesis, is nowadays known as ID-based cryptosystems. IV Resumo Nos dias de hoje, diversas operações-como compras e tran sações bancárias de pequena e grande monta-podem ser feitas através da Internet, possibilitando um compartilhamento de recursos, o que, por sua vez, propicia um ganho de economia em escala. Infelizmente, as informações que circulam na grande rede podem ser facilmente observadas por terceiros, muitas vezes mal-intencionados. Faz-se necessátio, portanto, uma preocupação constante com a segurança no transporte e armazenamento de informações sensíveis. É impensável se falar em "ambiente seguro" se as informações não estiverem protegidas por uma criptografia forte e outros mecanismos de segurança. Os sistemas criptográficos de chave pública que seguem o padrão PKI apresentam alguns problemas, como a necessidade de uma complexa infra-estrutura de gerenciamento de chaves e a necessidade de o detentor de uma chave pública provar sua identidade, por meio de certificados digitais. Mais recentemente, o emprego de curvas elípticas em criptografia permitiu o desenvolvimento de uma criptografia assirnéttica em que a chave pública de um usu ário não é urna seqüência aleatória de bits e sim um identificador que caracteriza esse usuário de fonna única, como por exemplo seu número de CPF ou seu endereço eletrônico. Tal fato possibilitou que se estabeleça uma comunicação segura sem troca de segredos , sem troca de certificados digitais e sem a necessidade de se manter um diretório público de chaves. Este esquema de criptografia assimétrica, que será apresentado nesta dissertação, é hoje conhecido como criptografia baseada em identidades (ID-based cryptosystems).
In this paper we present an Oblivious Transfer (OT) protocol that combines an OT scheme together ... more In this paper we present an Oblivious Transfer (OT) protocol that combines an OT scheme together with the Supersingular Isogeny Diffie-Hellman (SIDH) primitive. Our proposal is a candidate for postquantum secure OT and demonstrates that SIDH naturally supports OT functionality. We consider the protocol in the simplest configuration of ( 2 1 ) -SIOT and analyze the protocol to verify its security.
Anais do XIX Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2019), 2019
Neste artigo, apresentamos um protocolo Oblivious Transfer (OT) que combina um esquema OT juntame... more Neste artigo, apresentamos um protocolo Oblivious Transfer (OT) que combina um esquema OT juntamente com a primitiva do protocolo Supersingular Isogeny Diffie-Hellman (SIDH). Nossa proposta é um candidato para segurança pós-quântica OT e demonstra que o SIDH naturalmente suporta a funcionalidade OT. Consideramos o protocolo na configuração mais simples de (cid:0)2 1 (cid:1)-SIOT e analisamos a sua segurança.
Lecture Notes in Computer Science
ABSTRACT
Lecture Notes in Computer Science
Information confidentiality is an essential requirement for cyber security in critical infrastruc... more Information confidentiality is an essential requirement for cyber security in critical infrastructure. Identity-based cryptography, an increasingly popular branch of cryptography, is widely used to protect the information confidentiality in the critical infrastructure sector due to the ability to directly compute the user's public key based on the user's identity. However, computational requirements complicate the practical application of Identity-based cryptography. In order to improve the efficiency of identity-based cryptography, this paper presents an effective method to construct pairing-friendly elliptic curves with low hamming weight 4 under embedding degree 1. Based on the analysis of the Complex Multiplication(CM) method, the soundness of our method to calculate the characteristic of the finite field is proved. And then, three relative algorithms to construct pairing-friendly elliptic curve are put forward. 10 elliptic curves with low hamming weight 4 under 160 bits are presented to demonstrate the utility of our approach. Finally, the evaluation also indicates that it is more efficient to compute Tate pairing with our curves, than that of Bertoni et al.
Designs, Codes and Cryptography, 2010
Frobenius expansions are representations of integers to an algebraic base which are sometimes use... more Frobenius expansions are representations of integers to an algebraic base which are sometimes useful for efficient (hyper)elliptic curve cryptography. The normal form of a Frobenius expansion is the polynomial with integer coefficients obtained by reducing a Frobenius expansion modulo the characteristic polynomial of Frobenius. We consider the distribution of the coefficients of reductions of Frobenius expansions and non-adjacent forms of Frobenius expansions (NAFs) to normal form. We give asymptotic bounds on the coefficients which improve on naive bounds, for both genus one and genus two. We also discuss the non-uniformity of the distribution of the coefficients (assuming a uniform distribution for Frobenius expansions).
We present a variant of the Boneh & Franklin Identiy- based Encryption IBE scheme to derive an au... more We present a variant of the Boneh & Franklin Identiy- based Encryption IBE scheme to derive an authenticated sym- metric key-exchange protocol, when combined with a signature scheme. Our protocol uses IBE as a secure channel to establish a symmetric key between two users and, after that, further co m- munication can be done by symmetric cryptography, much faster than pairing-based cryptography. In this paper, we propose a variant of the BF's scheme, replacing the XOR function by a symmetric encryption algorithm. With this change, BF's scheme can be used as a key-exchange protocol provided that it is combined with a signature scheme to guarantee mutual authentication of the parties involved.