A key problem in Tor’s architecture is that it requires users to maintain a global view of the system, which will become costly as the size of the network increases. Several peer-to-peer approaches have been proposed in order to alleviate the scalability concerns of the Tor network, but they are only able to provide heuristic security; in fact, the security community has been quite successful a...

We discuss the question of how to interpret reduction arguments in cryptography. We give some examples to show the subtlety and difficulty of this question.

Intuition. Suppose that your lecturer writes the number 25927 on the board and asks everyone in the class for its prime factorisation. Immediately Alice, who is incidentally a friend of the lecturer, shouts 11 × 2357. What conclusion can be drawn from this? Can we conclude that Alice is very good at factoring integers? It might haven been the case that Alice’s favourite primes are 11 and 2357 a...

In a hierarchical structure, an entity has access to another if and only if the former is a superior of the later. The access control scheme for a hierarchy represented by a partially ordered set (poset) has been researched intensively in the past years. In this paper, we propose a new scheme that achieves the best performance of previous schemes and is provably secure under a comprehensive sec...

Recently, Al-Riyami and Paterson proposed a generic conversion from CL-PKE (Certificateless Public Key Encryption) to CBE (Certificate Based Encryption) and claimed that the derived CBE scheme is secure and even more efficient than the original scheme of Gentry. In this paper, we show that their conversion is wrong due to the flaw of the security proof. It leads the new concrete CBE scheme by A...

Message authenticity (knowing “who sent this message”) is an important security issue for sensor networks, and often difficult to solve. Sometimes, it may be sufficient and more efficient to solve the simpler entitiy recognition problem, instead: “is the message from the same entity that sent the previous messages?”. This paper describes entity recognition for sensor network motes. A protocol p...

This paper introduces new techniques to generate provable prime numbers efficiently on embedded devices such as smartcards, based on variants of Pocklington’s and the Brillhart-Lehmer-Selfridge-TuckermanWagstaff theorems. We introduce two new generators that, combined with cryptoprocessor-specific optimizations, open the way to efficient and tamper-resistant on-board generation of provable prim...

Cloud storage is now an important development trend in information technology. However, information security has become an important problem to impede it for commercial application, such as data confidentiality, integrity, and availability. In this paper, we propose designated verifier provable data possession (DV-PDP). In public clouds, DV-PDP is a matter of crucial importance when the client ...

We consider basic notions of security for cryptographic hash functions: collision resistance,preimage resistance, and second-preimage resistance. We give seven different definitions thatcorrespond to these three underlying ideas, and then we work out all of the implications andseparations among these seven definitions within the concrete-security, provable-security frame-wor...