In this paper, we revisit the private κ data aggregation problem, and formally define the problem’s security requirements as both data and user privacy goals. To achieve both goals, and to strike a balance between efficiency and functionality, we devise a novel cryptographic construction that comes in two schemes; a fully decentralized construction and its practical but semi-decentralized varia...

Recently, various side-channel attacks on widely used encryption methods have been discovered. Extensive research is currently undertaken to develop new types of combined encryption and authentication mechanisms. Developers of security systems ask whether to implement methods recommended by international standards or to choose one of the new proposals. We explain the nature of the attacks and h...

In this paper, we rigorously study tractable models for provably recovering low-rank tensors. Unlike their matrix-based predecessors, current convex approaches for recovering low-rank tensors based on incomplete (tensor completion) and/or grossly corrupted (tensor robust principal analysis) observations still suffer from the lack of theoretical guarantees, although they have been used in variou...

Steganography is the task of concealing a message within a medium such that the presence of the hidden message cannot be detected. Though the prospect of steganography is conceivably interesting in many contexts, and though work has been done both towards formalizing steganographic security and providing provably secure constructions, little work exists attempting to provide efficient and prova...

There is a serious problem with one of the assumptions made in the security proof of the SURF scheme. This problem turns out to be easy in the regime of parameters needed for the SURF scheme to work. We give afterwards the old version of the paper for the reader’s convenience.

Many identity based signature (IBS) schemes have been proposed so far. However, most of the schemes are based on bilinear pairings. Only a few IBS schemes are without pairings. Up to now, there still remains a challenge to construct a provably secure and efficient IBS scheme without pairings. In this paper, we propose an efficient IBS scheme based on cubic residues, and we prove that our scheme...

We construct efficient public key steganographic schemes, without resort to any special existence assumption such as unbiased functions. This is the first time such a construction is obtained. Not only our constructions are secure, but also are essentially optimal and have no error decoding. We achieve this by designing a new primitive called P-codes.

In many heterogeneous networked applications the integrity of multimedia data plays an essential role, but is not directly supported by the application. In this paper, we propose a method which enables an individual user to detect tampering with a multimedia file without changing the software application provided by the third party. Our method is based on a combination of cryptographic signatur...

We propose a new encryption primitive called Membership Encryption. Let P(G) be a privacy-preserving token on a group attribute/identity G, such that given P(G) it is hard to know the attributes in G. In this membership encryption, if an encryption takes as input an attribute A and the token P(G) , the decryption requires holding the membership A ∈ G, i.e., A belongs to this group attribute. Me...

We study linking attacks on communication protocols. We show that an active attacker is strictly more powerful in this setting than previously-considered passive attackers. We introduce a formal model to reason about active linkability attacks, formally define security against these attacks and give very general conditions for both security and insecurity of protocols. In addition, we introduce...