Abstract: Protocols for password authenticated key exchange (PAKE) allow two parties who share only a weak password to agree on a cryptographic key. We revisit the notion of PAKE in the universal composability (UC) framework, and propose a relaxation of the PAKE functionality of Canetti et al. that we call lazy-extraction PAKE (lePAKE). Our relaxation allows the ideal-world adversary to postpone its password guess until after a session is complete. We argue that this relaxed notion still provides meaningful security in the password-only setting. As our main result, we show that several PAKE protocols that were previously only proven secure with respect to a “game-based” definition of security can be shown to UC-realize the lePAKE functionality in the random-oracle model. These include SPEKE, SPAKE2, and TBPEKE, the most efficient PAKE schemes currently known.

Abstract: After several years of research on onion routing, Camenisch and Lysyanskaya, in an attempt at rigorous analysis, defined an ideal functionality in the universal composability model, together with properties that protocols have to meet to achieve provable security. A whole family of systems based their security proofs on this work. However, analyzing HORNET and Sphinx, two instances from this family, we show that this proof strategy is broken. We discover a previously unknown vulnerability that breaks anonymity completely, and explain a known one. Both should not exist if privacy is proven correctly.In this work, we analyze and fix the proof strategy used for this family of systems. After proving the efficacy of the ideal functionality, we show how the original properties are flawed and suggest improved, effective properties in their place. Finally, we discover another common mistake in the proofs. We demonstrate how to avoid it by showing our improved properties for one protocol, thus partially fixing the family of provably secure onion routing protocols.

Abstract: Password-Authenticated Key Exchange (PAKE) is a method to establish cryptographic keys between two users sharing a low-entropy password. In its asymmetric version, one of the users acts as a server and only stores some function of the password, e.g., a hash. Upon server compromise, the adversary learns \(H(\mathsf {pw})\). Depending on the strength of the password, the attacker now has to invest more or less work to reconstruct \(\mathsf {pw} \) from \(H(\mathsf {pw})\). Intuitively, asymmetric PAKE seems more challenging than symmetric PAKE since the latter is not supposed to protect the password upon compromise. In this paper, we provide three contributions: Separating symmetric and asymmetric PAKE. We prove that a strong assumption like a programmable random oracle is necessary to achieve security of asymmetric PAKE in the Universal Composability (UC) framework. For symmetric PAKE, programmability is not required. Our results also rule out the existence of UC-secure asymmetric PAKE in the CRS model. Revising the security definition. We identify and close some gaps in the UC security definition of 2-party asymmetric PAKE given by Gentry, MacKenzie and Ramzan (Crypto 2006). For this, we specify a natural corruption model for server compromise attacks. We further remove an undesirable weakness that lets parties wrongly believe in security of compromised session keys. We demonstrate usefulness by proving that the \(\varOmega \)-method proposed by Gentry et al. satisfies our new security notion for asymmetric PAKE. To our knowledge, this is the first formal security proof of the \(\varOmega \)-method in the literature. Composable multi-party asymmetric PAKE. We showcase how our revisited security notion for 2-party asymmetric PAKE can be used to obtain asymmetric PAKE protocols in the multi-user setting and discuss important aspects for implementing such a protocol.

Abstract: Ring confidential transaction (RingCT) protocol is widely used in cryptocurrency to protect the privacy of both users' identities and transaction amounts. Most recently, a new RingCT protocol was proposed by leveraging cryptographic accumulators, which can achieve a constant-size output theoretically but still far from being practical due to the heavy zero-knowledge associated with the accumulator. In this work, we revisit the design of ring confidential transaction protocol and put forward a more efficient privacy-preserving payment protocol, which is built upon a extended version of one-out-of-many proof and a special multi-signature. Compared with previous works, the new protocol is not only more practical, but also does not suffer from a trusted setup. Besides, we show that the protocol satisfies the security requirements provided that the underlying cryptographic primitives are secure in the random oracle model. We implement our new payment protocol in Java, and the experimental results show that it is efficient enough to be used in practice.

Abstract: In frameworks for universal composability, complex protocols can be built from sub-protocols in a modular way using composition theorems. However, as first pointed out and studied by Canetti and Rabin, this modular approach often leads to impractical implementations. For example, when using a functionality for digital signatures within a more complex protocol, parties have to generate new verification and signing keys for every session of the protocol. This motivates to generalize composition theorems to so-called joint state (composition) theorems, where different copies of a functionality may share some state, e.g., the same verification and signing keys. In this paper, we present a joint state theorem which is more general than the original theorem of Canetti and Rabin, for which several problems and limitations are pointed out. We apply our theorem to obtain joint state realizations for three functionalities: public-key encryption, replayable public-key encryption, and digital signatures. Unlike most other formulations, our functionalities model that ciphertexts and signatures are computed locally, rather than being provided by the adversary. To obtain the joint state realizations, the functionalities have to be designed carefully. Other formulations proposed in the literature are shown to be unsuitable. Our work is based on the IITM model. Our definitions and results demonstrate the expressivity and simplicity of this model. For example, unlike Canetti’s UC model, in the IITM model no explicit joint state operator needs to be defined and the joint state theorem follows immediately from the composition theorem in the IITM model.

Abstract: We define an ideal functionality \(\mathcal {F} _{\mathrm {UD}}\) and a construction \(\mathrm {\Pi _{\mathrm {UD}}}\) for an updatable database (\(\mathrm {UD}\)) \(\mathrm {UD}\) is a two-party protocol between an updater and a reader The updater sets the database and updates it at any time throughout the protocol execution The reader computes zero-knowledge (ZK) proofs of knowledge of database entries These proofs prove that a value is stored at a certain position in the database, without revealing the position or the value

Abstract: A Trusted Platform Module (TPM), is a tamper-resistant hardware device that serves as a trust anchor for the host platform that it is embedded in. To do this, the TPM chip creates attestations about the state of the host system. These attestations convince a remote verifier that the platform it is communicating with is running on trusted hardware and using the correct software. Direct Anonymous Attestation (DAA) is an anonymous digital signature scheme that allows the TPM attestation service to hold the privacy-preserving property. That is, the verifier can check that those attestations originate from a certified TPM, but it does not learn the identity of the particular TPM. Another important feature of DAA is that it supports user-controlled linkability which is obtained by using a basename (bsn). If a platform uses a fresh or empty basename, the resulting attestations cannot be linked whereas using the same basename makes the corresponding transactions linkable. Currently standardised Direct Anonymous Attestation (DAA) schemes have their security based on the factoring and the discrete logarithm problems and are therefore insecure against quantum attackers as a result of Shor’s quantum algorithm. Thus, it is important to find alternatives for the currently used DAA signature schemes. Lattice-based cryptography is considered as a powerful candidate receiving lots of attention not only due to its conjectured quantum-attack resistance but also due to its security guarantee to provide worst-case hardness of average-case instances. This thesis contributes to a smooth transition of the current Direct Anonymous Attestation (DAA) and Enhanced Privacy ID (EPID) schemes, which can be seen as DAA with different linkability requirements, into the world of lattice-based cryptographic schemes. We also provide a novel solution for an outstanding authentication problem in the DAA join protocol. Our contributions are classified into three main parts. The first contribution of this work is constructing two quantum-safe lattice-based Direct Anonymous Attestation protocols from lattice assumptions. Compared to the only other lattice-based DAA scheme with conjectured post-quantum security available in the related art, the first proposed lattice-based DAA (LDAA) the protocol ensures that the storage requirements of the Trusted Platform Module (TPM) are reduced twofold and the signature sizes five times. Moreover, experimental results show that the signing and verification operations are accelerated 1.1 and 2.0 times, respectively. To achieve more efficiency, we constructed a compact quantum-safe lattice-based Direct Anonymous Attestation protocol whose signature size is around 2MB, which is (at least) two orders of magnitude smaller compared to existing post-quantum DAA schemes. The security of both proposed lattice-based DAA schemes is proved in the Universal Composability (UC) model under the assumed hardness of the Ring-Short Integer Solution (Ring-SIS) and the Ring-Learning With Errors (Ring-LWE) problems. This work is a contribution to the European H2020 FutureTPM project and the final result of this work may lead to a post-quantum DAA scheme that is suitable for inclusion in a future quantum-resistant TPM. The second contribution of this work is a new Lattice-based EPID (LEPID) protocol. Inspired by our work on lattice-based DAA schemes, we present the first Enhanced Privacy ID (EPID) scheme, supported on lattice primitives, that may benefit from future research developments in post-quantum cryptography. We also give a new security model for the EPID in the Universal Composability (UC) framework. The proposed LEPID scheme is proved secure under the new model. The third contribution deals with the DAA join protocol when the TPM uses two different keys for the purpose of user privacy. An Endorsement Key (EK) which is used to identify the TPM and an Attestation Key (AK) used for TPM attestation services. Using two different keys result with a problem of how to bind these two keys together. This is a crucial property in scenarios in which an issuer needs reliable information about AK-EK pairs before certifying the AK in the join interface of a DAA protocol. Thus we introduced a new security property of “key binding” in the process of issuing TPM Attestation Key (AK) certificates. Our analysis also showed that the DAA schemes that are supported by the TPM chips (either the TPM 1.2 version or TPM 2.0 version) can suffer from man-in-the-middle attacks from a malicious TPM and/or a malicious host, or cannot be implemented by following the TPM specifications. Finally, we present a novel solution for such an authentication problem with a rigorous security proof and implement this solution by using the existing TPM 2.0 commands with a real TPM 2.0 chip.

Abstract: We show that random oblivious transfer protocols that are statistically secure according to a definition based on a list of information-theoretical properties are also statistically universally composable. That is, they are simulatable secure with an unlimited adversary, an unlimited simulator, and an unlimited environment machine. Our result implies that several previous oblivious transfer protocols in the literature that were proven secure under weaker, non-composable definitions of security can actually be used in arbitrary statistically secure applications without lowering the security.

Abstract: We introduce the notion of TMPS: Ticket-Mediated Password Strengthening, a technique for allowing users to derive keys from passwords while imposing a strict limit on the number of guesses of their password any attacker can make, and strongly protecting the users’ privacy. We describe the security requirements of TMPS, and then a set of efficient and practical protocols to implement a TMPS scheme, requiring only hash functions, CCA2-secure encryption, and blind signatures. We provide several variant protocols, including an offline symmetric-only protocol that uses a local trusted computing environment, and online variants that use group signatures or stronger trust assumptions instead of blind signatures. We formalize the security of our scheme by defining an ideal functionality in the Universal Composability (UC) framework, and by providing game-based definitions of security. We prove that our protocol realizes the ideal functionality in the random oracle model (ROM) under adaptive corruptions with erasures, and prove that security with respect to the ideal/real definition implies security with respect to the game-based definitions.

Abstract: A recent line of work has explored the use of physically unclonable functions (PUFs) for secure computation, with the goals of (1) achieving universal composability without additional setup and/or (2) obtaining unconditional security (i.e., avoiding complexity-theoretic assumptions). Initial work assumed that all PUFs, even those created by an attacker, are honestly generated. Subsequently, researchers have investigated models in which an adversary can create malicious PUFs with arbitrary behavior. Researchers have considered both malicious PUFs that might be stateful, as well as malicious PUFs that can have arbitrary behavior but are guaranteed to be stateless. We settle the main open questions regarding secure computation in the malicious-PUF model:

Abstract: Oblivious transfer (OT) is an essential cryptographic tool that can serve as a building block for almost all secure multiparty functionalities. The strongest security notion against malicious adversaries is universal composability (UC-secure). An important goal is to have post-quantum OT protocols. One area of interest for post-quantum cryptography is isogeny-based crypto. Isogeny-based cryptography has some similarities to Diffie-Hellman, but lacks some algebraic properties that are needed for discrete-log-based OT protocols. Hence it is not always possible to directly adapt existing protocols to the isogeny setting.

Abstract: A central tenet of theoretical cryptography is the study of the minimal assumptions required to implement a given cryptographic primitive One such primitive is the one-time memory (OTM), introduced by Goldwasser, Kalai, and Rothblum [CRYPTO 2008], which is a classical functionality modeled after a non-interactive 1-out-of-2 oblivious transfer, and which is complete for one-time classical and quantum programs It is known that secure OTMs do not exist in the standard model in both the classical and quantum settings Here, we propose a scheme for using quantum information, together with the assumption of stateless (ie, reusable) hardware tokens, to build statistically secure OTMs Via the semidefinite programming-based quantum games framework of Gutoski and Watrous [STOC 2007], we prove security for a malicious receiver, against a linear number of adaptive queries to the token, in the quantum universal composability framework, but leave open the question of security against a polynomial amount of queries Compared to alternative schemes derived from the literature on quantum money, our scheme is technologically simple since it is of the "prepare-and-measure" type We also show our scheme is "tight" according to two scenarios

Abstract: Payment protocols developed to realize off-chain transactions in Payment channel network (PCN) assumes the underlying routing algorithm transfers the payment via a single path. However, a path may not have sufficient capacity to route a transaction. It is inevitable to split the payment across multiple paths. If we run independent instances of the protocol on each path, the execution may fail in some of the paths, leading to partial transfer of funds. A payer has to reattempt the entire process for the residual amount. We propose a secure and privacy-preserving payment protocol, CryptoMaze. Instead of independent paths, the funds are transferred from sender to receiver across several payment channels responsible for routing, in a breadth-first fashion. Payments are resolved faster at reduced setup cost, compared to existing state-of-the-art. Correlation among the partial payments in captured, guaranteeing atomicity. Further, two party ECDSA signature can be used for establishing scriptless locks among parties involved in the payment. It reduces space overhead by leveraging on core Bitcoin scripts. We provide a formal model in the Universal Composability framework and state the privacy goals achieved by CryptoMaze. We compare the performance of our protocol with the existing single path based payment protocol, Multi-hop HTLC, applied iteratively on one path at a time on several instances. It is observed that CryptoMaze requires less communication overhead and low execution time, demonstrating efficiency and scalability.

Abstract: We answer an open question about Quantum Key Recycling (QKR): Is it possible to put the message entirely in the qubits without increasing the number of qubits? We show that this is indeed possible. We introduce a prepare-and-measure QKR protocol where the communication from Alice to Bob consists entirely of qubits. As usual, Bob responds with an authenticated one-bit accept/reject classical message. Compared to Quantum Key Distribution (QKD), QKR has reduced round complexity. Compared to previous qubit-wise QKR protocols, our scheme has far less classical communication. We provide a security proof in the universal composability framework and find that the communication rate is asymptotically the same as for QKD with one-way postprocessing.

Abstract: An oblivious transfer with access control protocol (OTAC) allows us to protect privacy of accesses to a database while enforcing access control policies. Existing OTAC have several shortcomings. First, their design is not modular. Typically, to create an OTAC, an adaptive oblivious transfer protocol (OT) is extended ad-hoc. Consequently, the security of the OT is reanalyzed when proving security of the OTAC, and it is not possible to instantiate the OTAC with any secure OT. Second, existing OTAC do not allow for policy updates. Finally, in practical applications, many messages share the same policy. However, existing OTAC cannot take advantage of that to improve storage efficiency.

Abstract: We present the first treatment of non-interactive publicly-verifiable timestamping schemes in the Universal Composability framework. Inspired by the timestamping properties of Bitcoin, we use non-parallelizable computational work that relates to elapsed time to avoid previous impossibility results on non-interactive timestamping. We introduce models of verifiable delay functions (VDF) related to a clock and non-interactive timestamping in the UC-framework. These are used to present a secure construction that provides improvements over previous concrete constructions. Namely, timestamps forged by the adversary are now limited to a certain time-window that depends only on the adversary’s ability to compute VDFs more quickly and on the length of corruption. Finally, we discuss how our construction can be added to non-PoW blockchain protocols to prevent costless simulation attacks.