Change search
Refine search result
1 - 5 of 5
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Khazaei, Shahram
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Terelius, Björn
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Wikström, Douglas
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Cryptanalysis of a Universally Verifiable Efficient Re-encryption Mixnet2012Manuscript (preprint) (Other academic)
    Abstract [en]

    We study the heuristically secure mix-net proposed by Puiggal´ı and Guasch (EVOTE2010). We present practical attacks on both correctness and privacy for some sets of parametersof the scheme. Although our attacks only allow us to replace a few inputs, or tobreak the privacy of a few voters, this shows that the scheme can not be proven secure.

  • 2.
    Terelius, Björn
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Some aspects of cryptographic protocols: with applications in electronic voting and digital watermarking2015Doctoral thesis, comprehensive summary (Other academic)
    Abstract [en]

    Cryptographic protocols are widely used on the internet, from relatively simple tasks such as key-agreement and authentication to much more complex problems like digital cash and electronic voting. Electronic voting in particular is a problem we investigate in this thesis.

    In a typical election, the main goals are to ensure that the votes are counted correctly and that the voters remain anonymous, i.e. that nobody, not even the election authorities, can trace a particular vote back to the voter. There are several ways to achieve these properties, the most general being a mix-net with a proof of a shuffle to ensure correctness. We propose a new, conceptually simple, proof of a shuffle. We also investigate a mix-net which omits the proof of a shuffle in favor of a faster, heuristically secure verification. We demonstrate that this mix-net is susceptible to both attacks on correctness and anonymity. A version of this mix-net was tested in the 2011 elections in Norway.

    We also look at a simple and widely used proof of knowledge of a discrete logarithm in groups of prime order. While the requirement of prime order is well known, we give a precise characterization of what the protocol proves in a group of composite order. Furthermore, we present attacks against a class of protocols of the same form, which shows that the protocol cannot easily be extended to groups where the order is composite or unknown.

    We finally look at the problem of music and video piracy. Using a buyer-seller watermark to embed a unique watermark in each sold copy has been proposed as a deterrent since it allows a seller who discovers a pirated copy to extract the watermark and find out which buyer released it. Existing buyer-seller watermarking schemes assume that all copies are downloaded directly from the seller. In practice, however, the seller wants to save bandwidth by allowing a paying customer to download most of the content from other buyers. We introduce this as an interesting open research problem and present a proof-of-concept protocol which allows transfer of content between buyers while keeping the seller's communication proportional to the size of the watermark rather than the size of the content.

  • 3.
    Terelius, Björn
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Towards transferable watermarks in buyer-seller watermarking protocols2013In: Proceedings of the 2013 IEEE International Workshop on Information Forensics and Security, WIFS 2013, IEEE conference proceedings, 2013, p. 197-202Conference paper (Refereed)
    Abstract [en]

    Buyer-seller watermarking protocols are protocols that let a seller embed a watermark which uniquely identifies the buyer of each sold copy of some work without allowing the seller to learn the watermark. The purpose of such protocols is to deter buyers from illegally redistributing the work while protecting the buyer from being framed by dishonest sellers. Existing buyer-seller watermarking schemes require that every buyer receives his or her copy directly from the seller. We consider the problem of extending buyer-seller watermarking to allow (controlled) redistribution between buyers while maintaining a watermark that uniquely identifies each recipient. An efficient and secure protocol of this type could allow distribution of digital content in peer-to-peer networks while protecting the owner's copyright. We give a proof-of-concept protocol which only requires limited interaction with the original seller to change the watermark.

  • 4.
    Terelius, Björn
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Wikström, Douglas
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Efficiency limitations of Σ-protocols for group homomorphisms revisited2012In: Security and Cryptography for Networks, Springer Berlin/Heidelberg, 2012, p. 461-476Conference paper (Refereed)
    Abstract [en]

    We study the problem of constructing efficient proofs of knowledge of preimages of general group homomorphisms. We simplify and extend the recent negative results of Bangerter et al. (TCC 2010) to constant round (from three-message) generic protocols over concrete (instead of generic) groups, i.e., we prove lower bounds on both the soundness error and the knowledge error of such protocols. We also give a precise characterization of what can be extracted from the prover in the direct (common) generalization of the Guillou-Quisquater and Schnorr protocols to the setting of general group homomorphisms. Then we consider some settings in which these bounds can be circumvented. For groups with no subgroups of small order we present: (1) a three-move honest verifier zero-knowledge argument under some set-up assumptions and the standard discrete logarithm assumption, and (2) a Σ-proof of both the order of the group and the preimage. The former may be viewed as an offline/online protocol, where all slow cut-andchoose protocols can be moved to an offline phase.

  • 5.
    Terelius, Björn
    et al.
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Wikström, Douglas
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
    Proofs of Restricted Shuffles2010In: PROGRESS IN CRYPTOLOGY - AFRICACRYPT 2010 / [ed] Bernstein DJ; Lange T, 2010, Vol. 6055, p. 100-113Conference paper (Refereed)
    Abstract [en]

    A proof of a shuffle is a zero-knowledge proof that one list of ciphertexts is a permutation and re-encryption of another list of ciphertexts. We call a shuffle restricted if the permutation is chosen from a public subset of all permutations. In this paper, we introduce a general technique for constructing proofs of shuffles which restrict the permutation to a group that is characterized by a public polynomial. This generalizes previous work by Reiter and Wang [22], and de Hoogh et al. [7]. Our approach also gives a new efficient proof of an unrestricted shuffle that we think is conceptually simpler and allow a simpler analysis than all previous proofs of shuffles.

1 - 5 of 5
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf