Fall 2002
WPI Joint Mathematical Sciences and Cryptography Colloquium: Digital Fingerprinting Codes
Dr. Alexander Barg, Fundamental Mathematics Research, Lucent Technologies
[Postscript Slides][Related Papers]
Friday, December 13, 2002, 11:00 AM, Stratton Hall, WPI, Room 203Abstract
Concepts like fingerprinting, traceability, broadcast enCryption, have become a commonplace in modern-day Cryptography. These concepts give rise to a collection of quite nice combinatorial problems. One example is given by codes with the identifiable parent property (i.p.p.-codes) defined as follows.
Let C be a code, i.e., a set of words of length n over an alphabet of size q. An n-word y is called a descendant of a set of t codewords x1,...,xt if yi in {x1i,...,xti} for all i=1,2,...,n. A code is said to have the t-i.p.p. property if for any word y that is a descendant of at most t parents it is possible to identify at least one of them. A natural question to address about this definition is whether nontrivial t-i.p.p. codes exist. We will outline a positive answer to it based on the Helly property of hypergraphs and partially hashing families.
By changing the definition of the descendant we can define another version of the problem in which identification is possible only if we allow a small probability of identification error. The existence question of codes again is of primary importance. We again provide a positive answer, this time based on separating set families and list decoding of algebraic geometry codes.
On an intuitive level these problems can be explained as follows. Copies of the data provided to the users of the system by the distributor are personalized with length-n bit strings (fingerprints) to prevent redistribution. Coalitions of up to t users attempt to create a copy of the data in such a way that it cannot be traced back to any member of the coalition. The distributor's task is to assign the fingerprints so that it is always (or almost always) possible to recover at least one member of the coalition.
References:
- A. Barg, G. Cohen, S. Encheva, G. Kabatiansky and G. Zemor "A hypergraph approach to the identifying parent property" SIAM J. Discrete Math. 14 (3) (2001), 423-431.
- A. Barg, G. R. Blakley and G. Kabatiansky, "Digital fingerprinting codes: Problem statements, constructions, identification of traitors", preprint (2001-2002).
- A. Barg and G. Kabatiansky, "A class of i.p.p. codes with efficient identification", preprint (2002).
Making of a FIPS 140 Certified Crypto Module
Dr. Tolga Acar, Novell, Inc., Utah
Friday, November 15, 2002, 11:00 AM, Atwater Kent, WPI, Room 218
Abstract
Cryptographic modules are inseparable components of trusted computer systems. Much like any trusted computer system, their design and implementations must provide adequate assurance that such modules do not violate prescribed security policies. The Cryptographic Module Validation Program is a joint effort between NIST of US and CSE of Canada, and validates Cryptographic modules to FIPS 140. This presentation covers the engineering aspects of a Cryptographic module design, implementation, testing, validation, and lessons learned.
A New Class of Side-Channel Attacks on DES
Prof. Christof Paar, Chair for Communication Security, Ruhr-University Bochum, Germany
Thursday, August 8, 2002, 1:30 PM, Atwater Kent, WPI, Room 218
[Joint work with Kai Schramm, Thomas Wollinger and Hans Dobbertin]
Abstract
About 5 years ago, a new approach for attacking Cryptographic hardware was proposed. This approach is referred to as side-channel attack. It exploits information such as power consumption, timing behavior, or electro magnetic radiation to extract a secret key from a piece of Cryptographic hardware. These attacks have been proved to be especially powerfull for reading "hidden" keys from smart cards.
This presentation introduces a new class of side-channel attacks against the popular block cipher DES. Power analysis is used to detect collisions within the DES algorithm thus combining a Cryptanalytic approach with side channel evaluation. A step-by-step optimization of the attack is presented in order to increase the probability of a collision. It is shown that a collision within three adjacent S-boxes of DES can be found with as few as 135 enCryptions (averaged over 10,000 simulated attacks with random keys) exposing detailed information about 18 key bits.
Maintained by webmaster@wpi.eduLast modified: Sep 22, 2006, 20:31 EDT
![[WPI]](http://www.wpi.edu/Buttons/seal.gif "WPI Homepage"){kind=small}
![[ECE]](http://www.ece.wpi.edu/Buttons/ece.gif){kind=small}
![[Home]](http://www.wpi.edu/Buttons/home.gif){kind=small}
![[Back]](http://www.wpi.edu/Buttons/back.gif){kind=small}