Since Gentry’s breakthrough result was introduced in the year 2009, the homomorphic encryption has become a very popular topic. The main contribution of Gentry’s thesis  was, that it has proven, that it actually is possible to design a fully homomorphic encryption scheme. However ground-breaking Gentry’s result was, the designs, that employ the bootstrapping technique suffer from terrible performance both in key generation and homomorphic evaluation of circuits. Some authors tried to design schemes, that could evaluate homomorphic circuits of arbitrarily many inputs without need of bootstrapping. This paper introduces the notion of symmetric homomorphic encryption, and analyses the security of four such proposals, published in three different papers (, , ). Our result is a known plaintext key-recovery attack on every one of these schemes.
HaF is a family of hash functions developed in Poland at Poznán University of Technology, see [1, 2]. It is a classical Merkle-Damgård construction with the output sizes of 256, 512 or 1024 bits. In this paper we present a collision attack with negligible complexity (collisions can be found without using a computer) for all the members of HaF family. We have also shown that the improved function (without the critical transformation) is still insecure. It is possible to find a preimage for a short message with the complexity lower than the exhaustive search. We are also able to create some fixed points with a complexity of single compression function call.
New multivariate cryptosystems are introduced. Sequences f(n) of bijective polynomial transformations of bijective multivariate transformations of affine spaces Kn, n = 2, 3, ... , where K is a finite commutative ring with special properties, are used for the constructions of cryptosystems. On axiomatic level, the concept of a family of multivariate maps with invertible decomposition is proposed. Such decomposition is used as private key in a public key infrastructure. Requirements of polynomiality of degree and density allow to estimate the complexity of encryption procedure for a public user. The concepts of stable family and family of increasing order are motivated by studies of discrete logarithm problem in Cremona group. Statement on the existence of families of multivariate maps of polynomial degree and polynomial density with the invertible decomposition is formulated. We observe known explicit constructions of special families of multivariate maps. They correspond to explicit constructions of families of nonlinear algebraic graphs of increasing girth which appeared in Extremal Graph Theory. The families are generated by pseudorandom walks on graphs. This fact ensures the existence of invertible decomposition; a certain girth property guarantees the increase of order for the family of multivariate maps, good expansion properties of families of graphs lead to good mixing properties of graph based private key algorithms. We describe the general schemes of cryptographic applications of such families (public key infrastructure, symbolic Diffie—Hellman protocol, functional versions of El Gamal algorithm).
Authors:Eduardo Ruiz Duarte and Octavio Páez Osuna
We present an efficient endomorphism for the Jacobian of a curve C of genus 2 for divisors having a Non disjoint support. This extends the work of Costello and Lauter in  who calculated explicit formulæ for divisor doubling and addition of divisors with disjoint support in JF(C) using only base field operations. Explicit formulæ is presented for this third case and a different approach for divisor doubling.
The main aim of this paper is to present the concept of fault-injection backdoors in Random Number Generators. Backdoors can be activated by fault-injection techniques. Presented algorithms can be used in embedded systems like smart-cards and hardware security modules in order to implement subliminal channels in random number generators.
Authors:Tommi Meskanen, Valtteri Niemi, and Noora Nieminen
The methods for secure outsourcing and secure one-time programs have recently been of great research interest. Garbling schemes are regarded as a promising technique for these applications while Bellare, Hoang and Rogaway introduced the first formal security notions for garbling schemes in [3, 4]. Ever since, even more security notions have been introduced and garbling schemes have been categorized in different security classes according to these notions. In this paper, we introduce new security classes of garbling schemes and build a hierarchy for the security classes including the known classes as well as classes introduced in this paper.
In this paper we introduce a novel block cipher based on the composition of abstract finite automata and Latin cubes. For information encryption and decryption the apparatus uses the same secret keys, which consist of key-automata based on composition of abstract finite automata such that the transition matrices of the component automata form Latin cubes. The aim of the paper is to show the essence of our algorithms not only for specialists working in compositions of abstract automata but also for all researchers interested in cryptosystems. Therefore, automata theoretical background of our results is not emphasized. The introduced cryptosystem is important also from a theoretical point of view, because it is the first fully functioning block cipher based on automata network.
Authors:Nicolas T. Courtois, Theodosis Mourouzis, Anna Grocholewska-Czuryło, and Jean-Jacques Quisquater
Differential Cryptanalysis (DC) is one of the oldest known attacks on block ciphers. DC is based on tracking of changes in the differences between two messages as they pass through the consecutive rounds of encryption. However DC remains very poorly understood. In his textbook written in the late 1990s Schneier wrote that against differential cryptanalysis, GOST is “probably stronger than DES”. In fact Knudsen have soon proposed more powerful advanced differential attacks however the potential space of such attacks is truly immense. To this day there is no method which allows to evaluate the security of a cipher against such attacks in a systematic way. Instead, attacks are designed and improved in ad-hoc ways with heuristics [6–13,21]. The best differential attack known has time complexity of 2179 .
In this paper we show that for a given block cipher there exists an optimal size for advanced differential properties. This new understanding allows to considerably reduce the space to be searched for “good” truncated differential properties suitable for an attack.
This paper deals with the phase-shift fault analysis of cipher Trivium. So far, only bit-flipping technique has been presented in the literature. The best fault attack on Trivium  combines bit-flipping with algebraic cryptanalysis and needs to induce 2 one-bit faults and to generate 420 bits per each keystream. Our attack combines phase-shifting and algebraic cryptanalysis and needs to phase-shift 2 registers of the cipher and to generate 120 bits per each keystream.
In this paper we propose a decentralized privacy-preserving system which is able to share sensible data in a way, that only predefined subsets of authorized entities can recover the data after getting an additional alarm message. The protocol uses two main communication channels: a P2P network where the encrypted information is stored, and a smaller private P2P network, which consists of the authorized parties called friend-to-friend network. We describe the communication protocol fulfilling the desired security requirements. The proposed protocol achieves unconditional security. The main cryptographic building blocks of the protocol are symmetric encryption schemes and secret sharing schemes.