All-Or-Nothing Secret Disclosure

•Transferir como PPTX, PDF•

0 gostou•268 visualizações

That slides contains some explanation of the "All-or-Nothing Disclosure of Secrets" protocol introduced by Bruce Schneier in Applied Cryptography, Second Edition: Protocols, Algorithms, and Source Code in C

Educação

SECRET DISCLOSURE
ALL-OR-NOTHING
DISCLOSURE SCHEME

FBI
The fixed bit index of x and y are the bits
where the ith bit of x equals the ith bit of y.
x = 110101001011
y = 101010000110
FBI(x, y) = {1, 4, 5, 11}

(1)
Alice generates a public-key/private-key key pair and
tells Bob (but not Carol) the public key. She generates
another public-key/private-key key pair and tells Carol
(but not Bob) the public key.
Alice
Bob Carol
B C

(2)
Bob generates k n-bit random numbers, B1 , B2 , ..., Bk,
and tells them to Carol. Carol generates k n-bit random
numbers, C1 , C2 , ..., Ck, and tells them to Bob.
Bob Carol
B1 , B2 , ..., Bk
C1 , C2 , ..., Ck

(3)
Bob encrypts Cb (remember, Sb is the secret he wants
to buy) with the public key from Alice. He computes the
FBI of Cb and the result he just encrypted. He sends this
FBI to Carol.
Bob Carol
FBI(Cb, E(Cb)) =
FBI(Bc, E(Bc)) =
b
c
B
C

(4)
Alice
Bob Carol
CB
b
C
B
…, compl(FBIc,Bi), … …, compl(FBIb,Ci), …
Bob takes each of the n-bit numbers B1, B2 , ..., Bk, and
replaces every bit whose index is not in the FBI he
received from Carol with its complement. He sends this
new list of n-bit numbers, B'1, B'2, ..., B'k, to Alice

(5)
Alice decrypts all C'i with Bob’s private key, giving her k
n-bit numbers: C"1, C"2, ..., C"k. She computes
Si ⊕ C"i, for i = 1 to k, and sends the results to Bob
Alice
Bob Carol
CB
b
C
B
…, Si ⊕ D(C’i), … …, Si ⊕ D(B’i), …

(6)
Bob computes Sb by XORing Cb and the bth number
he received from Alice.
Bob Carol
B
b
C
Sb
C’’i ⊕ Ci B’’i ⊕ Bi
Sc
Alice

REFERENCES
1. All-or-Nothing Disclosure of Secrets. Bruce Schneier.
Applied Cryptography, Second Edition: Protocols,
Algorithms, and Source Code in C. Wiley Computer
Publishing, John Wiley & Sons, Inc.
2. Python implementation:
https://gitlab.com/yalegko/secret-disclosure

Recomendados

How to Open School For Young Hackersyalegko

AOP and Inversion of Conrolyalegko

How to make school CTFyalegko

Not a children in da webyalegko

Include and extend in Rubyyalegko

How to adminyalegko

ИИ: Этические аспекты проблемы выбораyalegko

White-Box HMAC. Make your cipher secure to white-box attacks.yalegko

SD-WAN Internet Censusyalegko

So Your WAF Needs a Parseryalegko

WebGoat.SDWAN.Net in Depthyalegko

[ISC] Docker + Swarmyalegko

White box cryptographyyalegko

Covert timing channels using HTTP cache headersyalegko

USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...Postal Advocate Inc.

Active Learning Strategies (in short ALS).pdfPatidar M

Presentation Activity 2. Unit 3 transv.pptxRosabel UA

ClimART Action | eTwinning Projectjordimapav

Activity 2-unit 2-update 2024. English translationRosabel UA

Student Profile Sample - We help schools to connect the data they have, with ...Seán Kennedy

Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)lakshayb543

EMBODO Lesson Plan Grade 9 Law of Sines.docxElton John Embodo

Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxlancelewisportillo

AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxiammrhaywood

Field Attribute Index Feature in Odoo 17Celine George

The Contemporary World: The Globalization of World PoliticsRommel Regala

Millenials and Fillennials (Ethical Challenge and Responses).pptxJanEmmanBrigoli

YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxConquiztadors- the Quiz Society of Sri Venkateswara College

MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma

Mais conteúdo relacionado

Mais de yalegko

SD-WAN Internet Censusyalegko

So Your WAF Needs a Parseryalegko

WebGoat.SDWAN.Net in Depthyalegko

[ISC] Docker + Swarmyalegko

White box cryptographyyalegko

Covert timing channels using HTTP cache headersyalegko

Mais de yalegko (7)

SD-WAN Internet Census

So Your WAF Needs a Parser

WebGoat.SDWAN.Net in Depth

[ISC] Docker + Swarm

White box cryptography

Covert timing channels using HTTP cache headers

Último

USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...Postal Advocate Inc.

Active Learning Strategies (in short ALS).pdfPatidar M

Presentation Activity 2. Unit 3 transv.pptxRosabel UA

ClimART Action | eTwinning Projectjordimapav

Activity 2-unit 2-update 2024. English translationRosabel UA

Student Profile Sample - We help schools to connect the data they have, with ...Seán Kennedy

Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)lakshayb543

EMBODO Lesson Plan Grade 9 Law of Sines.docxElton John Embodo

Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxlancelewisportillo

AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxiammrhaywood

Field Attribute Index Feature in Odoo 17Celine George

The Contemporary World: The Globalization of World PoliticsRommel Regala

Millenials and Fillennials (Ethical Challenge and Responses).pptxJanEmmanBrigoli

YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxConquiztadors- the Quiz Society of Sri Venkateswara College

MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma

Measures of Position DECILES for ungrouped dataBabyAnnMotar

TEACHER REFLECTION FORM (NEW SET........).docxruthvilladarez

Oppenheimer Film Discussion for Philosophy and FilmStan Meyer

How to Add Barcode on PDF Report in Odoo 17Celine George

Influencing policy (training slides from Fast Track Impact)Mark Reed

All-Or-Nothing Secret Disclosure

1. SECRET DISCLOSURE ALL-OR-NOTHING DISCLOSURE SCHEME

2. IDEA Bob Carol Alice . . . S1 SN Sb Sc

3. FBI The fixed bit index of x and y are the bits where the ith bit of x equals the ith bit of y. x = 110101001011 y = 101010000110 FBI(x, y) = {1, 4, 5, 11}

4. (1) Alice generates a public-key/private-key key pair and tells Bob (but not Carol) the public key. She generates another public-key/private-key key pair and tells Carol (but not Bob) the public key. Alice Bob Carol B C

5. (2) Bob generates k n-bit random numbers, B1 , B2 , ..., Bk, and tells them to Carol. Carol generates k n-bit random numbers, C1 , C2 , ..., Ck, and tells them to Bob. Bob Carol B1 , B2 , ..., Bk C1 , C2 , ..., Ck

6. (3) Bob encrypts Cb (remember, Sb is the secret he wants to buy) with the public key from Alice. He computes the FBI of Cb and the result he just encrypted. He sends this FBI to Carol. Bob Carol FBI(Cb, E(Cb)) = FBI(Bc, E(Bc)) = b c B C

7. (4) Alice Bob Carol CB b C B …, compl(FBIc,Bi), … …, compl(FBIb,Ci), … Bob takes each of the n-bit numbers B1, B2 , ..., Bk, and replaces every bit whose index is not in the FBI he received from Carol with its complement. He sends this new list of n-bit numbers, B'1, B'2, ..., B'k, to Alice

8. (5) Alice decrypts all C'i with Bob’s private key, giving her k n-bit numbers: C"1, C"2, ..., C"k. She computes Si ⊕ C"i, for i = 1 to k, and sends the results to Bob Alice Bob Carol CB b C B …, Si ⊕ D(C’i), … …, Si ⊕ D(B’i), …

9. (5) Alice decrypts all C'i with Bob’s private key, giving her k n-bit numbers: C"1, C"2, ..., C"k. She computes Si ⊕ C"i, for i = 1 to k, and sends the results to Bob Alice Bob Carol CB b C B …, Si ⊕ D(compl(FBIb,Ci)), … …, Si ⊕ D(compl(FBIc,Bi)), …

10. (6) Bob computes Sb by XORing Cb and the bth number he received from Alice. Bob Carol B b C Sb C’’i ⊕ Ci B’’i ⊕ Bi Sc Alice

11. REFERENCES 1. All-or-Nothing Disclosure of Secrets. Bruce Schneier. Applied Cryptography, Second Edition: Protocols, Algorithms, and Source Code in C. Wiley Computer Publishing, John Wiley & Sons, Inc. 2. Python implementation: https://gitlab.com/yalegko/secret-disclosure

All-Or-Nothing Secret Disclosure

Recomendados

Recomendados

Mais conteúdo relacionado

Mais de yalegko

Mais de yalegko (7)

Último

Último (20)

All-Or-Nothing Secret Disclosure