Haibin Shen,Yier Jin,Rongquan You

DOI: https://doi.org/10.1109/ICICIC.2006.180

2006-01-01

Abstract:Modular reduction is the basic operation of cryptographic systems. The Barrett's algorithm and Montgomery's algorithm are widely used nowadays and they are both based on pre-computation. In the field of elliptic curve cryptosystem (ECC) over GF(2m), the reduction polynomials recommended by SEC have few items and the degree of second item is much less than that of the first one. Making use of this characteristic, the paper presents a new method to accelerate modular reduction without pre-computation which speeds up modular reduction by 10-30 times over GF(2m) and speeds up ECC point multiplication by 40%-50%. This algorithm has been implemented in a high-speed public-key cipher accelerator

Jianhong Zhang,Yuehai Wang

2019-01-01

Abstract:.As a significant cryptographical primitive, proxy re-signature(PRS) technique is broadly applied to distributed computation, copyright transfer and hidden path transfer because it permits that a proxy translates an entity’s signature into the other entity’s signature on the identical data. Recently, to discard time-consuming pairing operator and intricate certificate-maintenance, Wang et al. proposed two efficient pairing-free ID-based PRS schemes, and declared that their schemes were provably secure in the ROM. Very unluckily, in this investigation, we point out that Wang et al.’s schemes suffer from attacks of universal forgery by analysing their security, i.e., anyone can fabricate a signature on arbitrary file. After the relevant attacks are shown, the reasons which result in such attacks is analyzed. Finally, we discuss the corresponding improved method. Key–Words: ID-based PRS, integer factorization problem, universal forgeability, security attack

Azadeh Farzan,Dominik Klumpp,Andreas Podelski

2023-11-05

Abstract:Commutativity has proven to be a powerful tool in reasoning about concurrent programs. Recent work has shown that a commutativity-based reduction of a program may admit simpler proofs than the program itself. The framework of lexicographical program reductions was introduced to formalize a broad class of reductions. Approaches based on this framework, however, were limited to program models with a fixed number of threads. In this paper, we show that it is possible to define an effective parametric family of program reductions that can be used to find simple proofs for parameterized programs, i.e., programs with an unbounded number of threads. We show that reductions are indeed useful for the simplification of proofs of parameterized programs, in a sense that can be made precise: A reduction of a parameterized program may admit a proof which uses fewer or less sophisticated ghost variables. The reduction may therefore be within reach of an automated verification technique, even when the original parameterized program is not. We introduce a notion of reductions for parameterized programs such that the reduction $\mathcal{R}$ of a parameterized program $\mathcal{P}$ is again a parameterized program (the thread template of $\mathcal{R}$ is obtained by source-to-source transformation of the thread template of $\mathcal{P}$). Consequently, existing techniques for the verification of parameterized programs can be directly applied to $\mathcal{R}$ instead of $\mathcal{P}$. We define an appropriate family of pairwise preference orders which can be used to produce different lexicographical reductions. To determine whether this theoretical foundation amounts to a usable solution in practice, we have implemented the approach, based on a recently proposed framework for parameterized program verification. The results of our preliminary experiments on a representative set of examples are encouraging.

Programming Languages

Zongyang Zhang,Yu Chen,Sherman S. M. Chow,Goichiro Hanaoka,Zhenfu Cao,Yunlei Zhao

DOI: https://doi.org/10.1007/978-3-319-26059-4_24

2015-01-01

Abstract:A popular methodology of designing cryptosystems with practical efficiency is to give a security proof in the random oracle RO model. The work of Fischlin and Fleischhacker Eurocrypt﾿'13 investigated the case of Schnorr signature and generally, Fiat-Shamir signatures and showed the reliance of RO model is inherent. We generalize their results to a large class of \"malleable\" hash-and-sign signatures, where one can efficiently \"maul\"any two valid signatures between two signature instances with different public keys if it can get the difference between the secret keys. We follow the technique of Fischlin and Fleischhacker to show that the security of malleable hash-and-sign signature cannot be reduced to its related hard cryptographic problem without programming the RO. Our proof assumes the hardness of a one-more cryptographic problem depending on the signature instantiation. Our result applies to single-instance black-box reductions, subsuming those reductions used in existing proofs. Our framework not only encompasses Fiat-Shamir signatures as special cases, but also covers $$\\Gamma $$-signature Yao and Zhao, IEEE Transactions on Information Forensics and Security﾿'13, and other schemes which implicitly used malleable hash-and-sign signatures, including Boneh-Franklin identity-based encryption, and Sakai-Ohgishi-Kasahara non-interactive identity-based key exchange.

Jiayu Zhang

2023-11-16

Abstract:How could quantum cryptography help us achieve what are not achievable in classical cryptography? In this work we consider the following problem, which we call succinct RSPV for classical functions (SRC). Suppose $f$ is a function described by a polynomial time classical Turing machine, which is public; the client would like to sample a random $x$ as the function input and use a protocol to send $f(x)$ to the server. What's more, (1) when the server is malicious, what it knows in the passing space should be no more than $f(x)$; (2) the communication should be succinct (that is, independent to the running time of evaluating $f$). Solving this problem in classical cryptography seems to require strong cryptographic assumptions. We show that, perhaps surprisingly, it's possible to solve this problem with quantum techniques under much weaker assumptions. By allowing for quantum communication and computations, we give a protocol for this problem assuming only collapsing hash functions [Unr16]. Our work conveys an interesting message that quantum cryptography could outperform classical cryptography in a new type of problems, that is, to reduce communications in meaningful primitives without using heavy classical cryptographic assumptions.

Quantum Physics,Cryptography and Security

Zhihong Chen,Bo Zhao,Hai Lin,Lin Chen

DOI: https://doi.org/10.1109/ojcs.2020.3032020

2020-01-01

IEEE Open Journal of the Computer Society

Abstract:When scaling a distributed ORAM to a two-party secure computation, the overhead is dominated by the number of pseudo-random generator (PRG) calls in generation and evaluation of a distributed point function (DPF), which are O(logn) and O(n) respectively, where n is the number of data blocks. We propose a distributed ORAM scheme, in which the PRG calls are reduced to O(log(zn/λ)) for generation and O(2log(zn/λ)) for evaluation, where λ is the secure parameter and z is the length of outputs in DPF. Technically, we first extend the optimization of Function Secret Sharing (FSS), early termination for functions with small output groups, to the context of ORAM for secure computation. Then, we design a scheme named etoram to exploit the high efficiency achieved by early termination. In etoram, we introduce an access counter for each data block. Then, instead of {0,1}λ, the output of the point function becomes the maximum value of these counters, i.e.,{0,1}z. Data blocks are privately updated by masking random strings generated by their counters. In practice, according to different access rates, z ranges from 1 to logn in sequential mode and from 3 to logn in random mode if the total number of accesses is n.

Louis Narmour,Ryan Job,Tomofumi Yuki,Sanjay Rajopadhye

2024-11-26

Abstract:Reductions combine collections of inputs with an associative (and here, also commutative) operator to produce collections of outputs. When the same value contributes to multiple outputs, there is an opportunity to reuse partial results, enabling reduction simplification. We provide the first complete push-button implementation of reduction simplification in a compiler. We evaluate its effectiveness on a range of real-world applications, and show that simplification rediscovers several key results in algorithmic improvement across multiple domains, previously only obtained through clever manual human analysis and effort. We also discover alternate, previously unknown algorithms, albeit without improving the asymptotic complexity.

Programming Languages

Yu Chen,LiQun Chen,DongDai Lin

DOI: https://doi.org/10.1007/s11425-013-4673-2

2013-01-01

Science China Mathematics

Abstract:In this paper, we first review the existing proofs of the Boneh-Franklin identity-based encryption scheme (BF-IBE for short), and show how to admit a new proof by slightly modifying the specifications of the hash functions of the original BF-IBE. Compared with prior proofs, our new proof provides a tighter security reduction and minimizes the use of random oracles, thus indicates BF-IBE has better provable security with our new choices of hash functions. The techniques developed in our proof can also be applied to improving security analysis of some other IBE schemes. As an independent technical contribution, we also give a rigorous proof of the Fujisaki-Okamoto (FO) transformation in the case of CPA-to-CCA, which demonstrates the efficiency of the FO-transformation (CPA-to-CCA), in terms of the tightness of security reduction, has long been underestimated. This result can remarkably benefit the security proofs of encryption schemes using the FO-transformation for CPA-to-CCA enhancement.

Yongqiang Tian,Xueyan Zhang,Yiwen Dong,Zhenyang Xu,Mengxiao Zhang,Yu Jiang,Shing-Chi Cheung,Chengnian Sun

DOI: https://doi.org/10.1145/3617172

IF: 3.685

2024-01-01

ACM Transactions on Software Engineering and Methodology

Abstract:Program reduction is a highly practical, widely demanded technique to help debug language tools, such as compilers, interpreters and debuggers. Given a program P that exhibits a property ψ, conceptually, program reduction iteratively applies various program transformations to generate a vast number of variants from P by deleting certain tokens and returns the minimal variant preserving ψ as the result. A program reduction process inevitably generates duplicate variants, and the number of them can be significant. Our study reveals that on average 61.8% and 24.3% of the generated variants in two representative program reducers HDD and Perses, respectively, are duplicates. Checking them against ψ is thus redundant and unnecessary, which wastes time and computation resources. Although it seems that simply caching the generated variants can avoid redundant property tests, such a trivial method is impractical in the real world due to the significant memory footprint. Therefore, a memory-efficient caching scheme for program reduction is in great demand. This study is the first effort to conduct a systematic, extensive analysis of memory-efficient caching schemes for program reduction. We first propose to use two well-known compression methods, ZIP and SHA , to compress the generated variants before they are stored in the cache. Furthermore, our keen understanding on the program reduction process motivates us to propose a novel, domain-specific, both memory and computation-efficient caching scheme, R efreshable C ompact C aching ( RCC ). Our key insight is two-fold: ① by leveraging the correlation between variants and the original program P , we losslessly encode each variant into an equivalent , compact , canonical representation; ② periodically, stale cache entries, which will never be accessed, are timely removed to minimize the memory footprint over time. Our extensive evaluation on 31 real-world C compiler bugs demonstrates that caching schemes help avoid issuing redundant queries by 61.8% and 24.3% in HDD and Perses, respectively; correspondingly, the runtime performance is notably boosted by 22.8% and 18.2%. With regard to the memory efficiency, all three methods use less memory than the state-of-the-art string-based scheme STR . Specifically, ZIP and SHA cut down the memory footprint by more than 80% and 90% in both Perses and HDD compared to STR ; moreover, the highly-scalable, domain-specific RCC dominates peer schemes, and outperforms the SHA by 96.4% and 91.74% in HDD and Perses, respectively.

Mengxiao Zhang,Zhenyang Xu,Yongqiang Tian,Yu Jiang,Chengnian Sun

DOI: https://doi.org/10.1145/3611643.3616275

2023-01-01

Abstract:Program reduction is a practical technique widely used for debugging compilers. To report a compiler bug with a bug-triggering program, one needs to minimize the program by removing bugirrelevant program elements first. Though existing program reduction techniques, such as C-Reduce and Perses, can reduce a bug-triggering program as a whole, they overlook the fact that the degree of relevance of each remaining token to the bug varies. To this end, we propose Pairwise Program Reduction (PPR), a new program reduction technique for minimizing a pair of programs w.r.t. certain properties. Given a seed program 𝑃𝑠 , a variant 𝑃𝑣 derived from 𝑃𝑠 , and the properties 𝑃𝑠 and 𝑃𝑣 exhibit separately (e.g., 𝑃𝑣 crashes a compiler whereas 𝑃𝑠 does not), PPR not only reduces the sizes of 𝑃𝑠 and 𝑃𝑣 , but also minimizes the differences between 𝑃𝑠 and 𝑃𝑣 . The final result of PPR is a pair of minimized programs that still preserve the properties, but the minimized differences between the pair highlight the critical program elements that are highly related to the bug. To thoroughly evaluate PPR, we manually constructed the first pairwise benchmark suite from real-world compiler bugs (20 bugs in GCC and LLVM, 9 bugs in Rustc and 9 bugs in JerryScript). The evaluation results show that PPR significantly outperforms the baseline: DD, a variant of Delta Debugging. Specifically, on large and complex programs, PPR’s reduction results are only 0.6% of those by DD w.r.t. program size. The sizes of the minimized variants (i.e., 𝑃𝑣 ) by PPR are also comparable to those by Perses and C-Reduce; but PPR offers more for debugging by highlighting the critical, bug-inducing changes via the minimized differences. Evaluation on Rust and JavaScript demonstrates PPR’s strong generality to other languages.

Veronika Kuchta,Amin Sakzad,Damien Stehle,Ron Steinfeld,Shi-Feng Sun

DOI: https://doi.org/10.1007/978-3-030-45727-3_24

2020-01-01

Abstract:We introduce a new technique called `Measure-RewindMeasure' (MRM) to achieve tighter security proofs in the quantum random oracle model (QROM). We first apply our MRM technique to derive a new security proof for a variant of the `double-sided' quantum OneWay to Hiding Lemma (O2H) of Bindel et al. [TCC 2019] which, for the first time, avoids the square-root advantage loss in the security proof. In particular, it bypasses a previous `impossibility result' of Jiang, Zhang and Ma [IACR eprint 2019]. We then apply our new O2H Lemma to give a new tighter security proof for the Fujisaki-Okamoto transform for constructing a strong (IND-CCA) Key Encapsulation Mechanism (KEM) from a weak (IND-CPA) public-key encryption scheme satisfying a mild injectivity assumption.

Masayuki Tezuka,Keisuke Tanaka

DOI: https://doi.org/10.1587/transfun.2020DMP0013

2022-02-20

Abstract:Redactable signature allows anyone to remove parts of a signed message without invalidating the signature. The need to prove the validity of digital documents issued by governments is increasing. When governments disclose documents, they must remove private information concerning individuals. Redactable signature is useful for such a situation. However, in most redactable signature schemes, to remove parts of the signed message, we need pieces of information for each part we want to remove. If a signed message consists of l elements, the number of elements in an original signature is at least linear in l. As far as we know, in some redactable signature schemes, the number of elements in an original signature is constant, regardless of the number of elements in a message to be signed. However, these constructions have drawbacks in that the use of the random oracle model or generic group model. In this paper, we construct an efficient redactable signature to overcome these drawbacks. Our redactable signature is obtained by combining set-commitment proposed in the recent work by Fuchsbauer et al. (JoC 2019) and digital signatures.

Cryptography and Security

Nai-Hui Chia,Sean Hallgren,Fang Song

DOI: https://doi.org/10.22331/q-2020-08-27-312

2020-08-10

Abstract:A fundamental pursuit in complexity theory concerns reducing worst-case problems to average-case problems. There exist complexity classes such as PSPACE that admit worst-case to average-case reductions. However, for many other classes such as NP, the evidence so far is typically negative, in the sense that the existence of such reductions would cause collapses of the polynomial hierarchy(PH). Basing cryptographic primitives, e.g., the average-case hardness of inverting one-way permutations, on NP-completeness is a particularly intriguing instance. As there is evidence showing that classical reductions from NP-hard problems to breaking these primitives result in PH collapses, it seems unlikely to base cryptographic primitives on NP-hard problems. Nevertheless, these results do not rule out the possibilities of the existence of quantum reductions. In this work, we initiate a study of the quantum analogues of these questions. Aside from formalizing basic notions of quantum reductions and demonstrating powers of quantum reductions by examples of separations, our main result shows that if NP-complete problems reduce to inverting one-way permutations using certain types of quantum reductions, then coNP $\subseteq$ QIP(2).

Quantum Physics,Computational Complexity

Zhishuo Zhang,Wen Huang,Lin Yang,Yongjian Liao,Shijie Zhou

DOI: https://doi.org/10.1109/jiot.2023.3268699

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Outsourced Decryption Attribute-based Encryption (OD-ABE) is emerging as a promising cryptographic tool to provide efficient fine-grained access control for data accessing and sharing in cloud-assisted Intelligent Internet of Mobile Things (IIoMT). Decryption verification is an essential property of OD-ABE to enable the mobile user to verify the precision of the decryption data. Unfortunately, the most representative verification (commitment) algorithms have various security flaws. In this paper, we first indicate that the two state-of-art key-based commitment schemes are vulnerable to “Commitment Extract(Decrypt)-then-Reuse Attack” and “Commitment Impersonation Attack” which demolish the unforgeability of the commitment. Then to cover all the existing attacks to commitment algorithms, we re-define a robuster verifiable security model for verifiable OD-ABE. Subsequently, we invent a ciphertext fingerprint (CTfp) based commitment scheme and give rigorous proof to the proposed commitment scheme including binding, hiding, unforgeability, and non-repudiation (traceability) in the random oracle. Next, we apply our CTfp-based commitment to the widely used OD-ABE schemes to provide them robuster verifiability. Finally, the theoretical comparison and simulation experiments are presented to show our new type of commitment algorithm is more secure and practical.

computer science, information systems,telecommunications,engineering, electrical & electronic

Zheng Qiao,Jie Li,Chunyang Liu,Lei Guo,Pengpeng Ren,Sheng Ye,Bo Zhou,Jianfu Zhang,Zhigang Ji,Junhua Liu,Runsheng Wang,Ru Huang

DOI: https://doi.org/10.1109/EDTM53872.2022.9798182

2022-01-01

Abstract:In this study, a novel method, Bi-mode Activation, is proposed to implement logical NOT. For the first time, this is achieved without the need in modifying Dynamic Random Access Memory (DRAM) cells and core peripheral circuits, making it possible to be adopted in existing commercial DRAMs. The proposed method is successfully validated through simulation. Combined with the recently-proposed OR operation, the XOR-based data encryption is demonstrated, which paves ways for future security-centric in-memory-computing.

Liu, Feng-Hao

DOI: https://doi.org/10.1007/s10623-024-01523-6

IF: 1.4

2024-11-25

Designs Codes and Cryptography

Abstract:Achieving tight security is a fundamental task in cryptography. While one of the most important purposes of this task is to improve the overall efficiency of a construction (by allowing smaller security parameters), many current lattice-based instantiations do not completely achieve the goal. Particularly, a super-polynomial modulus seems to be necessary in all prior work for (almost) tight schemes that allow the adversary to conduct queries, such as PRF, IBE, and Signatures. As the super-polynomial modulus would affect the noise-to-modulus ratio and thus increase the parameters, this might cancel out the advantages (in efficiency) brought from the tighter analysis. To determine the full power of tight security/analysis in lattices, it is necessary to determine whether the super-polynomial modulus restriction is inherent. In this work, we remove the super-polynomial modulus restriction for many important primitives—PRF, IBE, all-but-many Lossy Trapdoor Functions, and Signatures. The crux relies on an improvement over the framework of Boyen and Li (Asiacrypt 16), and an almost tight reduction from LWE to LWR, which improves prior work by Alwen et al. (Eurocrypt 13), Bogdanov et al. (TCC 16), and Bai et al. (Asiacrypt 15). By combining these two advances, we are able to derive these almost tight schemes under LWE with a polynomial modulus.

mathematics, applied,computer science, theory & methods

Zhixing Jiang,Yue Xi,Jianshi Tang,Yuyao Lu,Ruihua Yu,Ruofei Hu,Qi Hu,Bin Gao,He Qian,Huaqiang Wu

DOI: https://doi.org/10.1109/iedm45741.2023.10413764

2023-01-01

Abstract:This work develops an efficient and reliability-enhanced programming scheme for analog RRAM, named Conductance and Operation-dependent Programming Scheme (COPS), which maximizes the probability of RESET as the final operation with small last conductance change (ΔG last ) and further incorporates verify-delay-verify (VDV) to effectively suppress the post-programming relaxation effect of RRAM. Compared to the standard incremental step pulse programming (ISPP) scheme, COPS reduces the relative deviation (RD) of conductance drift by 38.6% at the same programming speed. Meanwhile, it reduces the programming time by up to 55.8% compared to the repeated programming (RP) with the same RD. The effectiveness of COPS is verified on different RRAM materials stacks and further validated by the on-chip classifications of handwritten digits and news articles, achieving 3~4-bit software-equivalent accuracy over 10 4 s. For the first time, a more drift-sensitive task, denoising diffusion probabilistic model (DDPM), is further implemented on-chip, yielding results comparable to 4-bit software accuracy.

Gilles Barthe,Justin Hsu,Mingsheng Ying,Nengkun Yu,Li Zhou

DOI: https://doi.org/10.1145/3371089

2019-01-01

Proceedings of the ACM on Programming Languages

Abstract:Relational verification of quantum programs has many potential applications in quantum and post-quantum security and other domains. We propose a relational program logic for quantum programs. The interpretation of our logic is based on a quantum analogue of probabilistic couplings. We use our logic to verify non-trivial relational properties of quantum programs, including uniformity for samples generated by the quantum Bernoulli factory, reliability of quantum teleportation against noise (bit and phase flip), security of quantum one-time pad and equivalence of quantum walks.

Andrew Litteken,Lennart Maximilian Seifert,Jason Chadwick,Natalia Nottingham,Fredric T. Chong,Jonathan M. Baker

DOI: https://doi.org/10.1145/3575693.3575726

2023-03-03

Abstract:Quantum computing is in an era of limited resources. Current hardware lacks high fidelity gates, long coherence times, and the number of computational units required to perform meaningful computation. Contemporary quantum devices typically use a binary system, where each qubit exists in a superposition of the $\ket{0}$ and $\ket{1}$ states. However, it is often possible to access the $\ket{2}$ or even $\ket{3}$ states in the same physical unit by manipulating the system in different ways. In this work, we consider automatically encoding two qubits into one four-state qu\emph{quart} via a \emph{compression scheme}. We use quantum optimal control to design efficient proof-of-concept gates that fully replicate standard qubit computation on these encoded qubits. We extend qubit compilation schemes to efficiently route qubits on an arbitrary mixed-radix system consisting of both qubits and ququarts, reducing communication and minimizing excess circuit execution time introduced by longer-duration ququart gates. In conjunction with these compilation strategies, we introduce several methods to find beneficial compressions, reducing circuit error due to computation and communication by up to 50\%. These methods can increase the computational space available on a limited near-term machine by up to 2x while maintaining circuit fidelity.

Quantum Physics,Hardware Architecture,Emerging Technologies

Mengxiao Zhang,Yongqiang Tian,Zhenyang Xu,Yiwen Dong,Shin Hwei Tan,Chengnian Sun

DOI: https://doi.org/10.1145/3650212.3652126

2024-05-11

Abstract:Program reduction is a prevalent technique to facilitate compilers' debugging by automatically minimizing bug-triggering programs. Existing program reduction techniques are either generic across languages (e.g., Perses and Vulcan) or specifically customized for one certain language by employing language-specific features, like C-Reduce. However, striking the balance between generality across multiple programming languages and specificity to individual languages in program reduction is yet to be explored. This paper proposes LPR, the first technique utilizing LLMs to perform language-specific program reduction for multiple languages. The core insight is to utilize both the language-generic syntax level program reduction (e.g., Perses) and the language-specific semantic level program transformations learned by LLMs. Alternately, language-generic program reducers efficiently reduce programs into 1-tree-minimality, which is small enough to be manageable for LLMs; LLMs effectively transform programs via the learned semantics to expose new reduction opportunities for the language-generic program reducers to further reduce the programs. Our extensive evaluation on 50 benchmarks across three languages (C, Rust, and JavaScript) has highlighted LPR's practicality and superiority over Vulcan, the state-of-the-art language-generic program reducer. For effectiveness, LPR surpasses Vulcan by producing 24.93%, 4.47%, and 11.71% smaller programs on benchmarks in C, Rust and JavaScript. Moreover, LPR and Vulcan have demonstrated their potential to complement each other. By using Vulcan on LPR's output for C programs, we achieve program sizes comparable to those reduced by C-Reduce. For efficiency, LPR takes 10.77%, 34.88%, 36.96% less time than Vulcan to finish all benchmarks in C, Rust and JavaScript, separately.

Programming Languages,Software Engineering