We investigate the possibility of using index forms as basic ingredients of cryptographically important functions. We suggest
the use of a hash function based on index forms and we prove some important properties of the suggested function.
In our constribution we explore a combination of local reduction with the method of syllogisms and the applications of generic
guessing strategies in the cryptanalysis of the block cipher GOST. Our experiments show that GOST with 64/128/256 bit key
requires at least 12/16/22 rounds to achieve full bit security against the method of syllogisms combined with the “maximum
This paper deals with the phase-shift fault analysis of cipher Trivium. So far, only bit-flipping technique has been presented in the literature. The best fault attack on Trivium  combines bit-flipping with algebraic cryptanalysis and needs to induce 2 one-bit faults and to generate 420 bits per each keystream. Our attack combines phase-shifting and algebraic cryptanalysis and needs to phase-shift 2 registers of the cipher and to generate 120 bits per each keystream.
In this paper we introduce a novel block cipher based on the composition of abstract finite automata and Latin cubes. For information encryption and decryption the apparatus uses the same secret keys, which consist of key-automata based on composition of abstract finite automata such that the transition matrices of the component automata form Latin cubes. The aim of the paper is to show the essence of our algorithms not only for specialists working in compositions of abstract automata but also for all researchers interested in cryptosystems. Therefore, automata theoretical background of our results is not emphasized. The introduced cryptosystem is important also from a theoretical point of view, because it is the first fully functioning block cipher based on automata network.
Authors:Mihály Bárász, Péter Ligeti, László Mérai and Dániel Nagy
Sealed bid auctions are a popular means of high-stakes bidding, as they eliminate the temporal element from the auction process,
allowing participants to take less emotional, more thoughtful decisions. In this paper, we propose a digital communication
protocol for conducting sealed bid auctions with high stakes, where the anonymity of bids as well as other aspects of fairness
must be protected.
The Dining Cryptographers’ Protocol (denoted by DC) was presented by David Chaum in 1988. The protocol allows the participants
to broadcast a message anonymously. In a recent paper (Another Twist in the Dining Cryptographers’ Protocol, submitted to
the Journal of Cryptology) the authors propose a variant of the original DC eliminating its main disadvantages.
In this paper we present a cryptographic protocol realizing anonymous sealed bid auctions, such as first price or Vickrey
auction, based on this variant. The proposed scheme allows to identify at least one dishonest participant violating the protocol
without using of Trusted Third Parties. Additionally, we require that bids are binding. It is achieved by enabling all participants
acting in concert (the so-called “angry mob”) to find out the identity of the winner, in case the winner fails to make the
Authors:Miodrag Mihaljević, Sugata Gangopadhyay, Goutam Paul and Hideki Imai
This paper considers security implications of k-normal Boolean functions when they are employed in certain stream ciphers.
A generic algorithm is proposed for cryptanalysis of the considered class of stream ciphers based on a security weakness of
k-normal Boolean functions. The proposed algorithm yields a framework for mounting cryptanalysis against particular stream
ciphers within the considered class. Also, the proposed algorithm for cryptanalysis implies certain design guidelines for
avoiding certain weak stream cipher constructions. A particular objective of this paper is security evaluation of stream cipher
Grain-128 employing the developed generic algorithm. Contrary to the best known attacks against Grain-128 which provide complexity
of a secret key recovery lower than exhaustive search only over a subset of secret keys which is just a fraction (up to 5%)
of all possible secret keys, the cryptanalysis proposed in this paper provides significantly lower complexity than exhaustive
search for any secret key. The proposed approach for cryptanalysis primarily depends on the order of normality of the employed
Boolean function in Grain-128. Accordingly, in addition to the security evaluation insights of Grain-128, the results of this
paper are also an evidence of the cryptographic significance of the normality criteria of Boolean functions.
New multivariate cryptosystems are introduced. Sequences f(n) of bijective polynomial transformations of bijective multivariate transformations of affine spaces Kn, n = 2, 3, ... , where K is a finite commutative ring with special properties, are used for the constructions of cryptosystems. On axiomatic level, the concept of a family of multivariate maps with invertible decomposition is proposed. Such decomposition is used as private key in a public key infrastructure. Requirements of polynomiality of degree and density allow to estimate the complexity of encryption procedure for a public user. The concepts of stable family and family of increasing order are motivated by studies of discrete logarithm problem in Cremona group. Statement on the existence of families of multivariate maps of polynomial degree and polynomial density with the invertible decomposition is formulated. We observe known explicit constructions of special families of multivariate maps. They correspond to explicit constructions of families of nonlinear algebraic graphs of increasing girth which appeared in Extremal Graph Theory. The families are generated by pseudorandom walks on graphs. This fact ensures the existence of invertible decomposition; a certain girth property guarantees the increase of order for the family of multivariate maps, good expansion properties of families of graphs lead to good mixing properties of graph based private key algorithms. We describe the general schemes of cryptographic applications of such families (public key infrastructure, symbolic Diffie—Hellman protocol, functional versions of El Gamal algorithm).
Authors:Eduardo Ruiz Duarte and Octavio Páez Osuna
We present an efficient endomorphism for the Jacobian of a curve C of genus 2 for divisors having a Non disjoint support. This extends the work of Costello and Lauter in  who calculated explicit formulæ for divisor doubling and addition of divisors with disjoint support in JF(C) using only base field operations. Explicit formulæ is presented for this third case and a different approach for divisor doubling.
In this paper we look at the security of two block ciphers which were both claimed in the published literature to be secure
against differential crypt-analysis (DC). However, a more careful examination shows that none of these ciphers is very secure
against... differential cryptanalysis, in particular if we consider attacks with sets of differentials. For both these ciphers
we report new perfectly periodic (iterative) aggregated differential attacks which propagate with quite high probabilities.
The first cipher we look at is GOST, a well-known Russian government encryption standard. The second cipher we look at is
PP-1, a very recent Polish block cipher. Both ciphers were designed to withstand linear and differential cryptanalysis. Unhappily,
both ciphers are shown to be much weaker than expected against advanced differential attacks. For GOST, we report better and
stronger sets of differentials than the best currently known attacks presented at SAC 2000  and propose the first attack
ever able to distinguish 16 rounds of GOST from random permutation. For PP-1 we show that in spite of the fact, that its S-box
has an optimal theoretical security level against differential cryptanalysis , , our differentials are strong enough
to allow to break all the known versions of the PP-1 cipher.