In Ciphertext-Policy Attribute-Based Encryption (CP-ABE), a user secret key is associated with a ... more In Ciphertext-Policy Attribute-Based Encryption (CP-ABE), a user secret key is associated with a set of attributes, and the ciphertext is associated with an access structure or decryption policy over attributes. The user can decrypt the ciphertext if and only if the attribute set of his secret key satisfies the decryption policy specified in the ciphertext. Several CP-ABE schemes have been proposed, however, to become practical the problem of revocation and delegation should be addressed. In this paper, we propose Ciphertext-Policy Attribute-Based Threshold Decryption (CP-ABTD) which extends CP-ABE with flexible attribute delegation and instantaneous attribute revocation. CP-ABTD has three advantages over CP-ABE. First, Alice (delegator), who has a secret key associated with a set of attributes, can delegate her authorization to Bob (delegatee). Second, Alice can decide whether to allow Bob to be able to delegate her authorization further. Third, the proposed scheme achieves instantaneous attribute revocation, that is, once the attribute is revoked the user cannot use it in the decryption phase. We demonstrate how to apply the proposed CP-ABTD scheme to securely manage Personal Health Records (PHRs).
... The workshop was sponsored by NATO and the Institute of Mathematics and Informatics of the Bu... more ... The workshop was sponsored by NATO and the Institute of Mathematics and Informatics of the Bulgarian Academy of Sciences. Co-directors of the NATO ARW were Prof. Dr. Bart Preneel (Katholieke Univer-siteit Leuven and IBBT, Belgium) and Prof. Dr. Sc. ...
Recent years have seen numerous examples when designs play an important role in the study of such... more Recent years have seen numerous examples when designs play an important role in the study of such topics in cryptography as secrecy and authen- tication codes, secret sharing schemes, correlation-immune and resilient functions. In this paper we give applications of some methods and results from the design theory, especially bounding the optimal size of the designs and codes, to cryptography.
The paper addresses the cheating prevention in secret sharing. We consider secret sharing with bi... more The paper addresses the cheating prevention in secret sharing. We consider secret sharing with binary shares. The secret also is binary. This model allows us to use results and constructions from the well developed theory of cryp-tographically strong boolean functions. In ...
In some applications for synchronous stream ciphers frequent resynchronization or resynchronizati... more In some applications for synchronous stream ciphers frequent resynchronization or resynchronization upon request may be necessary. We describe a weakness in a class of combiners with one-bit memory which makes them vulnerable in such applications requesting resynchronization. A correlation attack based on chi-square criterion, which in some aspects complements the attack studied by Daemen et. al., is presented.
The substitution box (S-box) of the Advanced Encryption Standard (AES) is based on the multiplica... more The substitution box (S-box) of the Advanced Encryption Standard (AES) is based on the multiplicative inversion s(x) = x −1 in GF(256) and followed by an affine transformation in GF(2). The S-box is the most expansive building block of any hardware implementation of the AES, and the multiplicative inversion is the most costly step of the S-box transformation. There exist many publications about hardware implementations of the S-box and the smallest known implementations are based on normal bases. In this paper, we introduce a new method to implement the multiplicative inversion over GF(256) based on normal bases that have not been considered before in the context of AES implementations.
In Ciphertext-Policy Attribute-Based Encryption (CP-ABE), a user secret key is associated with a ... more In Ciphertext-Policy Attribute-Based Encryption (CP-ABE), a user secret key is associated with a set of attributes, and the ciphertext is associated with an access structure or decryption policy over attributes. The user can decrypt the ciphertext if and only if the attribute set of his secret key satisfies the decryption policy specified in the ciphertext. Several CP-ABE schemes have been proposed, however, to become practical the problem of revocation and delegation should be addressed. In this paper, we propose Ciphertext-Policy Attribute-Based Threshold Decryption (CP-ABTD) which extends CP-ABE with flexible attribute delegation and instantaneous attribute revocation. CP-ABTD has three advantages over CP-ABE. First, Alice (delegator), who has a secret key associated with a set of attributes, can delegate her authorization to Bob (delegatee). Second, Alice can decide whether to allow Bob to be able to delegate her authorization further. Third, the proposed scheme achieves instant...
In this paper, we analyze the communication of trusted platform modules and their interface to th... more In this paper, we analyze the communication of trusted platform modules and their interface to the hosting platforms. While trusted platform modules are considered to be tamper resistant, the communication channel between these modules and the rest of ...
Abstract. In this paper, some practical problems with the Message Authentication Codes (MACs), wh... more Abstract. In this paper, some practical problems with the Message Authentication Codes (MACs), which are suggested in the current security architectures for wireless sensor network (WSN), are reconsidered. The analysis exploits the fact that the recommended MACs for WSN, eg, TinySec (CBC-MAC), MiniSec (OCB-MAC), and SenSec (XCBC-MAC), are not exactly suitable for body sensor network (BSN). Particularly a dedicated attack is elaborated on the XCBC-MAC. Considering the hardware limitations of BSN, we propose ...
Based on classification of Boolean cubic forms of seven variables given by X. D. Hou in 1996, we ... more Based on classification of Boolean cubic forms of seven variables given by X. D. Hou in 1996, we show how to efficiently classify the cosets of RM(1,7) in RM(3,7) under the action of the general affine group AGL(7,2). At the same time the sizes of the orbits are determined. We also discuss the correctness of our computations.
In Ciphertext-Policy Attribute-Based Encryption (CP-ABE), a user secret key is associated with a ... more In Ciphertext-Policy Attribute-Based Encryption (CP-ABE), a user secret key is associated with a set of attributes, and the ciphertext is associated with an access structure or decryption policy over attributes. The user can decrypt the ciphertext if and only if the attribute set of his secret key satisfies the decryption policy specified in the ciphertext. Several CP-ABE schemes have been proposed, however, to become practical the problem of revocation and delegation should be addressed. In this paper, we propose Ciphertext-Policy Attribute-Based Threshold Decryption (CP-ABTD) which extends CP-ABE with flexible attribute delegation and instantaneous attribute revocation. CP-ABTD has three advantages over CP-ABE. First, Alice (delegator), who has a secret key associated with a set of attributes, can delegate her authorization to Bob (delegatee). Second, Alice can decide whether to allow Bob to be able to delegate her authorization further. Third, the proposed scheme achieves instantaneous attribute revocation, that is, once the attribute is revoked the user cannot use it in the decryption phase. We demonstrate how to apply the proposed CP-ABTD scheme to securely manage Personal Health Records (PHRs).
... The workshop was sponsored by NATO and the Institute of Mathematics and Informatics of the Bu... more ... The workshop was sponsored by NATO and the Institute of Mathematics and Informatics of the Bulgarian Academy of Sciences. Co-directors of the NATO ARW were Prof. Dr. Bart Preneel (Katholieke Univer-siteit Leuven and IBBT, Belgium) and Prof. Dr. Sc. ...
Recent years have seen numerous examples when designs play an important role in the study of such... more Recent years have seen numerous examples when designs play an important role in the study of such topics in cryptography as secrecy and authen- tication codes, secret sharing schemes, correlation-immune and resilient functions. In this paper we give applications of some methods and results from the design theory, especially bounding the optimal size of the designs and codes, to cryptography.
The paper addresses the cheating prevention in secret sharing. We consider secret sharing with bi... more The paper addresses the cheating prevention in secret sharing. We consider secret sharing with binary shares. The secret also is binary. This model allows us to use results and constructions from the well developed theory of cryp-tographically strong boolean functions. In ...
In some applications for synchronous stream ciphers frequent resynchronization or resynchronizati... more In some applications for synchronous stream ciphers frequent resynchronization or resynchronization upon request may be necessary. We describe a weakness in a class of combiners with one-bit memory which makes them vulnerable in such applications requesting resynchronization. A correlation attack based on chi-square criterion, which in some aspects complements the attack studied by Daemen et. al., is presented.
The substitution box (S-box) of the Advanced Encryption Standard (AES) is based on the multiplica... more The substitution box (S-box) of the Advanced Encryption Standard (AES) is based on the multiplicative inversion s(x) = x −1 in GF(256) and followed by an affine transformation in GF(2). The S-box is the most expansive building block of any hardware implementation of the AES, and the multiplicative inversion is the most costly step of the S-box transformation. There exist many publications about hardware implementations of the S-box and the smallest known implementations are based on normal bases. In this paper, we introduce a new method to implement the multiplicative inversion over GF(256) based on normal bases that have not been considered before in the context of AES implementations.
In Ciphertext-Policy Attribute-Based Encryption (CP-ABE), a user secret key is associated with a ... more In Ciphertext-Policy Attribute-Based Encryption (CP-ABE), a user secret key is associated with a set of attributes, and the ciphertext is associated with an access structure or decryption policy over attributes. The user can decrypt the ciphertext if and only if the attribute set of his secret key satisfies the decryption policy specified in the ciphertext. Several CP-ABE schemes have been proposed, however, to become practical the problem of revocation and delegation should be addressed. In this paper, we propose Ciphertext-Policy Attribute-Based Threshold Decryption (CP-ABTD) which extends CP-ABE with flexible attribute delegation and instantaneous attribute revocation. CP-ABTD has three advantages over CP-ABE. First, Alice (delegator), who has a secret key associated with a set of attributes, can delegate her authorization to Bob (delegatee). Second, Alice can decide whether to allow Bob to be able to delegate her authorization further. Third, the proposed scheme achieves instant...
In this paper, we analyze the communication of trusted platform modules and their interface to th... more In this paper, we analyze the communication of trusted platform modules and their interface to the hosting platforms. While trusted platform modules are considered to be tamper resistant, the communication channel between these modules and the rest of ...
Abstract. In this paper, some practical problems with the Message Authentication Codes (MACs), wh... more Abstract. In this paper, some practical problems with the Message Authentication Codes (MACs), which are suggested in the current security architectures for wireless sensor network (WSN), are reconsidered. The analysis exploits the fact that the recommended MACs for WSN, eg, TinySec (CBC-MAC), MiniSec (OCB-MAC), and SenSec (XCBC-MAC), are not exactly suitable for body sensor network (BSN). Particularly a dedicated attack is elaborated on the XCBC-MAC. Considering the hardware limitations of BSN, we propose ...
Based on classification of Boolean cubic forms of seven variables given by X. D. Hou in 1996, we ... more Based on classification of Boolean cubic forms of seven variables given by X. D. Hou in 1996, we show how to efficiently classify the cosets of RM(1,7) in RM(3,7) under the action of the general affine group AGL(7,2). At the same time the sizes of the orbits are determined. We also discuss the correctness of our computations.
Uploads
Papers by Svetla Nikova