Designing public key encryption schemes withstanding chosen ciphertext attacks, which is the highest security level for such schemes, is generally perceived as a delicate and intricate task, and for good reason. In the standard model, there are essentially three well-known but quite involved approaches. This state of affairs is to be contrasted with the situation for semantically secure encrypt...

While opinions differ when reviewing factors of economic stability and development, there is clearly a common endorsement of the belief that economic stability is linked to security. Therefore, addressing the issue of security in Albania and Ukraine, speakers actually focused on the search for solutions to the severe economic problems of these countries. Indeed, “economic security is constructi...

We study the security of hash-then-publish time-stamping schemes and concentrate on the tightness of security reductions from the collision-resistance of the underlying hash functions. While the previous security reductions create a quadratic loss in the security in terms of time-success ratio of the adversary being protected against, this paper achieves a notably smaller loss of power 1.5. Thi...

Encryption that is only semantically secure should not be used on messages that depend on the underlying secret key; all bets are off when, for example, one encrypts using a shared key K the value K. Here we introduce a new notion of security, KDM security, appropriate for key-dependent messages. The notion makes sense in both the public-key and shared-key settings. For the latter we show that ...

We investigate several alternate characterizations of pseudorandom functions (PRFs) and pseudorandom permutations (PRPs) in a concrete security setting. By analyzing the concrete complexity of the reductions between the standard notions and the alternate ones, we show that the latter, while equivalent under polynomial-time reductions, are weaker in the concrete security sense. With these altern...

At TCC 2012, Dziembowski and Faust show how to construct leakage resilient circuits using secret sharing based on the inner product [2]. At Asiacrypt 2012, Ballash et al. turned the latter construction into an efficient masking scheme and they apply it to protect an implementation of AES against side-channel attacks [1]. The so-called Inner-Product masking (IP masking for short) was claimed to ...

This effort focused on improving transportation security by making the objects (e.g. containers) being transported active agents in their own protection. Here, the objects are equipped with sensing and communication capabilities and are able to determine and communicate their sense of security throughout the dynamic transportation chain in a distributed manner. As part of the project, we have d...

This effort focused on improving transportation security by making the objects (e.g. containers) being transported active agents in their own protection. Here, the objects are equipped with sensing and communication capabilities and are able to determine and communicate their sense of security throughout the dynamic transportation chain in a distributed manner. As part of the project, we have d...

We show that two well-known and widely employed public-key encryption schemes – RSA Optimal Asymmetric Encryption Padding (RSA-OAEP) and Diffie-Hellman Integrated Encryption Standard (DHIES), the latter one instantiated with a one-time pad, – are secure under (the strong, simulation-based security notion of) selective opening security against chosen-ciphertext attacks in the random oracle model...