This paper focuses on building a tweakable blockcipher from a classical blockcipher whose input and output wires all have a size of n bits. The main goal is to achieve full 2 security. Such a tweakable blockcipher was proposed by Mennink at FSE’15, and it is also the only tweakable blockcipher so far that claimed full 2 security to our best knowledge. However, we find a key-recovery attack on M...

This article studies value assessments of IT solutions in public as well as in private contexts and aims to identify benefits of business-to-government innovations. The work analyzes the case of the implementation of European common e-customs solutions. Over the last few years, e-customs has become a widely studied topic within the European Union. However, only a little research has been conduc...

Anonymous credentials are an important privacy-enhancing technique that allows users to convince a service provider of their legitimacy for service accesses in an anonymous manner. Among others, a fundamental feature of anonymous credentials is unlinkability, that is, multiple showings of the same credential should not be linked by the service providers, the issuing organization, or the coaliti...

We consider a decentralized setting in which agents exchange data along with usage policies. Agents may violate the policies, although later on auditing authorities may verify the agents’ accountability with respect to the used data. Using (provably secure) time-stamping and signature schemes, we design and analyze an efficient cryptographic protocol that generates the sufficient communication ...

Key insulation is an important technique to protect private keys. To deal with the signing key exposure problem in attribute-based signature systems, we propose an attribute-based threshold key-insulated signature (ABTKIS) scheme. It strengthens the security and flexibility of existing attribute-based key-insulated signature schemes. Our scheme is provably secure in the standard model (i.e. wit...

Liskov, Rivest and Wagner formalized the tweakable blockcipher (TBC) primitive at CRYPTO’02. The typical recipe for instantiating a TBC is to start with a blockcipher, and then build up a construction that admits a tweak. Almost all such constructions enjoy provable security only to the birthday bound, and the one that does achieve security beyond the birthday bound (due to Minematsu) severely ...

In [17, 18] we presented a pairing based DAA protocol in the asymmetric setting, along with a “security proof”. Jiangtao Li has pointed out to us an attack against this published protocol, thus our prior work should not be considered sound. In this paper we give a repaired version, along with a highly detailed security proof. A full paper will be made available shortly. However in the meantime ...

Anonymous signcryption is synonyms of ring signcryption which provides anonymity of the sender along with the advantages of signcryption. Multi receiver signcryption is suited for situation where a sender wants to send a message to multiple receivers in the confidential and authenticated way. This paper proposes an identity based anonymous signcryption scheme in multireceiver setting. It also p...

We present a framework for security proofs for on-demand routing protocols. The framework relies on the composable cryptographic library by Backes, Pfitzmann and Waidner (BPW). The idea is to break down the security requirement against the system (the protocol) into security requirement against the elements of the system, the honest protocol machines in the BPW symbolic model. The practical inc...