Download presentation

Presentation is loading. Please wait.

Published byJesus Potter Modified over 2 years ago

1
A Crash Course in Modern Crypto Tools Dan Boneh Stanford University

2
1. Aggregate sigs Anyone can aggregate n signatures into one. Aggregate S convinces verifier that M 1, …, M n were properly signed by users 1, …, n. User 1: PK 1, M 1 S 1 User 2: PK 2, M 2 S 2 User n: PK n, M n S n S [BGLS02]

3
Sample applications Secure routing protocols (SBGP) # sigs in path attestation grows linearly in length of path. Aggregating sigs reduces traffic and memory. Certificate chains (chains of trust) Aggregate all sigs in chain into one ,1 4,1 3,1 4,1 9 8,2,1

4
2. Group Signatures Simple solution: give all users same private key … but, also need to: revoke signers when needed, and trace: trapdoor for undoing sig privacy. Key Issuer User 1 User 2 Is sig from user 1 or 2? msg sig

5
Example: Vehicle Safety Comm. (VSC) Car 1Car 2Car 3Car 4 brake Car Ambulance out of my way !! Require authenticated (signed) messages from cars. Prevent impersonation and DoS on traffic system. Privacy problem: cars broadcasting signed (x,y, v ). Clean solution: group sigs. Group = set of all cars.

6
3. Broadcast Encryption [FN93] Encrypt to arbitrary subsets S. Collusion resistance: secure even if all users in S c collude. K1K1 K2K2 K3K3 S {1,…,n} CT = E[M,S]

7
Example: Encrypted File Systems Broadcast to small sets: |S| << n Best construction: trivial. |CT|=O(|S|), |priv|=O(1) Examples: EFS, . File F E K F [F] E PK A [K F ] E PK C [K F ] Header < 256K E PK B [K F ]

8
Broadcast Encryption Public-key BE system: Setup(n):outputs private keys d 1, …, d n and public-key PK. Encrypt(S, PK, M): Encrypt M for users S {1, …, n} Output ciphertext CT. Decrypt(CT, S, j, d j, PK): If j S, output M. Broadcast contains ( [S], CT )

9
Broadcast size CT SizePriv-key size Small sets:trivialO(|S|)O(1) Large sets: NNL,HS,GST O(n-|S|)O(log n) Any set: BGW 05 O(1)

10
Broadcast size CT SizePriv-key size Small sets:trivialO(|S|)O(1) Large sets: NNL,HS,GST O(n-|S|)O(log n) Any set: BGW 05 O(1) with O(n) size public key

11
Summary Surveyed: Aggragate sigs, groups sigs, broadcast enc. All implemented in PBC Library: Open source under GPL

Similar presentations

© 2017 SlidePlayer.com Inc.

All rights reserved.

Ads by Google