Decentralized Finance (DeFi) is a new paradigm in the creation, distribution, and utilization of financial services via the integration of blockchain technology. Our research conducts a comprehensive introduction and meticulous classification of various DeFi applications. Beyond that, we thoroughly analyze these risks from both technical and economic perspectives, spanning multiple layers. Lastly, we point out research directions in DeFi, encompassing areas of technological advancements, innovative economics, and privacy optimization.
{"title":"Decentralized Finance (DeFi): A Survey","authors":"Erya Jiang, Bo Qin, Qin Wang, Zhipeng Wang, Qianhong Wu, Jian Weng, Xinyu Li, Chenyang Wang, Yuhang Ding, Yanran Zhang","doi":"10.48550/arXiv.2308.05282","DOIUrl":"https://doi.org/10.48550/arXiv.2308.05282","url":null,"abstract":"Decentralized Finance (DeFi) is a new paradigm in the creation, distribution, and utilization of financial services via the integration of blockchain technology. Our research conducts a comprehensive introduction and meticulous classification of various DeFi applications. Beyond that, we thoroughly analyze these risks from both technical and economic perspectives, spanning multiple layers. Lastly, we point out research directions in DeFi, encompassing areas of technological advancements, innovative economics, and privacy optimization.","PeriodicalId":13158,"journal":{"name":"IACR Cryptol. ePrint Arch.","volume":"112 1","pages":"1210"},"PeriodicalIF":0.0,"publicationDate":"2023-08-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87922782","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The deep learning-based side-channel analysis gave some of the most prominent side-channel attacks against protected targets in the past few years. To this end, the research community’s focus has been on creating the following: (1) powerful multilayer perceptron or convolutional neural network architectures and (2) (if possible) minimal multilayer perceptron or convolutional neural network architectures. Currently, we see that, computationally intensive hyperparameter tuning methods (e.g., Bayesian optimization or reinforcement learning) provide the best results. However, as targets with more complex countermeasures become available, these minimal architectures may be insufficient, and we will require novel deep learning approaches.This work explores how residual neural networks (ResNets) perform in side-channel analysis and how to construct deeper ResNets capable of working with larger input sizes and requiring minimal tuning. The resulting architectures, obtained by following our guidelines, are significantly deeper than commonly seen in side-channel analysis, require minimal hyperparameter tuning for specific datasets, and offer competitive performance with state-of-the-art methods across several datasets. Additionally, the results indicate that ResNets work especially well when the number of profiling traces and features in a trace is large.
{"title":"Resolving the Doubts: On the Construction and Use of ResNets for Side-channel Analysis","authors":"Sengim Karayalçın, S. Picek","doi":"10.3390/math11153265","DOIUrl":"https://doi.org/10.3390/math11153265","url":null,"abstract":"The deep learning-based side-channel analysis gave some of the most prominent side-channel attacks against protected targets in the past few years. To this end, the research community’s focus has been on creating the following: (1) powerful multilayer perceptron or convolutional neural network architectures and (2) (if possible) minimal multilayer perceptron or convolutional neural network architectures. Currently, we see that, computationally intensive hyperparameter tuning methods (e.g., Bayesian optimization or reinforcement learning) provide the best results. However, as targets with more complex countermeasures become available, these minimal architectures may be insufficient, and we will require novel deep learning approaches.This work explores how residual neural networks (ResNets) perform in side-channel analysis and how to construct deeper ResNets capable of working with larger input sizes and requiring minimal tuning. The resulting architectures, obtained by following our guidelines, are significantly deeper than commonly seen in side-channel analysis, require minimal hyperparameter tuning for specific datasets, and offer competitive performance with state-of-the-art methods across several datasets. Additionally, the results indicate that ResNets work especially well when the number of profiling traces and features in a trace is large.","PeriodicalId":13158,"journal":{"name":"IACR Cryptol. ePrint Arch.","volume":"7 1","pages":"963"},"PeriodicalIF":0.0,"publicationDate":"2023-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78887295","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-07-24DOI: 10.4230/LIPIcs.ITCS.2022.2
Divesh Aggarwal, Nico Döttling, Jesko Dujmovic, Mohammad Hajiabadi, Giulio Malavolta, Maciej Obremski
Consider the following problem: You have a device that is supposed to compute a linear combination of its inputs, which are taken from some finite field. However, the device may be faulty and compute arbitrary functions of its inputs. Is it possible to encode the inputs in such a way that only linear functions can be evaluated over the encodings? I.e., learning an arbitrary function of the encodings will not reveal more information about the inputs than a linear combination. In this work, we introduce the notion of algebraic restriction codes (AR codes), which constrain adversaries who might compute any function to computing a linear function. Our main result is an information-theoretic construction AR codes that restrict any class of function with a bounded number of output bits to linear functions. Our construction relies on a seed which is not provided to the adversary. While interesting and natural on its own, we show an application of this notion in cryptography. In particular, we show that AR codes lead to the first construction of rate-1 oblivious transfer with statistical sender security from the Decisional Diffie–Hellman assumption, and the first-ever construction that makes black-box use of cryptography. Previously, such protocols were known only from the LWE assumption, using non-black-box cryptographic techniques. We expect our new notion of AR codes to find further applications, e.g., in the context of non-malleability, in the future.
{"title":"Algebraic Restriction Codes and their Applications","authors":"Divesh Aggarwal, Nico Döttling, Jesko Dujmovic, Mohammad Hajiabadi, Giulio Malavolta, Maciej Obremski","doi":"10.4230/LIPIcs.ITCS.2022.2","DOIUrl":"https://doi.org/10.4230/LIPIcs.ITCS.2022.2","url":null,"abstract":"Consider the following problem: You have a device that is supposed to compute a linear combination of its inputs, which are taken from some finite field. However, the device may be faulty and compute arbitrary functions of its inputs. Is it possible to encode the inputs in such a way that only linear functions can be evaluated over the encodings? I.e., learning an arbitrary function of the encodings will not reveal more information about the inputs than a linear combination. In this work, we introduce the notion of algebraic restriction codes (AR codes), which constrain adversaries who might compute any function to computing a linear function. Our main result is an information-theoretic construction AR codes that restrict any class of function with a bounded number of output bits to linear functions. Our construction relies on a seed which is not provided to the adversary. While interesting and natural on its own, we show an application of this notion in cryptography. In particular, we show that AR codes lead to the first construction of rate-1 oblivious transfer with statistical sender security from the Decisional Diffie–Hellman assumption, and the first-ever construction that makes black-box use of cryptography. Previously, such protocols were known only from the LWE assumption, using non-black-box cryptographic techniques. We expect our new notion of AR codes to find further applications, e.g., in the context of non-malleability, in the future.","PeriodicalId":13158,"journal":{"name":"IACR Cryptol. ePrint Arch.","volume":"13 1","pages":"1177"},"PeriodicalIF":0.0,"publicationDate":"2023-07-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87440843","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-07-22DOI: 10.48550/arXiv.2307.12120
Mark Zhandry
We give a construction of public key quantum money, and even a strengthened version called quantum lightning, from abelian group actions, which can in turn be constructed from suitable isogenies over elliptic curves. We prove security in the generic group model for group actions under a plausible computational assumption, and develop a general toolkit for proving quantum security in this model. Along the way, we explore knowledge assumptions and algebraic group actions in the quantum setting, finding significant limitations of these assumptions/models compared to generic group actions.
{"title":"Quantum Money from Abelian Group Actions","authors":"Mark Zhandry","doi":"10.48550/arXiv.2307.12120","DOIUrl":"https://doi.org/10.48550/arXiv.2307.12120","url":null,"abstract":"We give a construction of public key quantum money, and even a strengthened version called quantum lightning, from abelian group actions, which can in turn be constructed from suitable isogenies over elliptic curves. We prove security in the generic group model for group actions under a plausible computational assumption, and develop a general toolkit for proving quantum security in this model. Along the way, we explore knowledge assumptions and algebraic group actions in the quantum setting, finding significant limitations of these assumptions/models compared to generic group actions.","PeriodicalId":13158,"journal":{"name":"IACR Cryptol. ePrint Arch.","volume":"6 1","pages":"1097"},"PeriodicalIF":0.0,"publicationDate":"2023-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78064408","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Multi-signatures (MS) are a special type of public-key signature (PKS) in which multiple signers participate cooperatively to generate a signature for a single message. Recently, applications that use an MS scheme to strengthen the security of blockchain wallets or to strengthen the security of blockchain consensus protocols are attracting a lot of attention. In this paper, we propose an efficient two-round MS scheme based on Okamoto signatures rather than Schnorr signatures. To this end, we first propose a new PKS scheme by modifying the Okamoto signature scheme and prove the unforgeability of our PKS scheme under the discrete logarithm assumption in the algebraic group model (AGM) and the non-programmable random oracle model (ROM). Next, we propose a two-round MS scheme based on the new PKS scheme and prove the unforgeability of our MS scheme under the discrete logarithm assumption in the AGM and the non-programmable ROM. Our MS scheme is the first one to prove security among two-round MS based on Okamoto signatures.
{"title":"Two-Round Multi-Signatures from Okamoto Signatures","authors":"Kwangsu Lee, Hyoseung Kim","doi":"10.3390/math11143223","DOIUrl":"https://doi.org/10.3390/math11143223","url":null,"abstract":"Multi-signatures (MS) are a special type of public-key signature (PKS) in which multiple signers participate cooperatively to generate a signature for a single message. Recently, applications that use an MS scheme to strengthen the security of blockchain wallets or to strengthen the security of blockchain consensus protocols are attracting a lot of attention. In this paper, we propose an efficient two-round MS scheme based on Okamoto signatures rather than Schnorr signatures. To this end, we first propose a new PKS scheme by modifying the Okamoto signature scheme and prove the unforgeability of our PKS scheme under the discrete logarithm assumption in the algebraic group model (AGM) and the non-programmable random oracle model (ROM). Next, we propose a two-round MS scheme based on the new PKS scheme and prove the unforgeability of our MS scheme under the discrete logarithm assumption in the AGM and the non-programmable ROM. Our MS scheme is the first one to prove security among two-round MS based on Okamoto signatures.","PeriodicalId":13158,"journal":{"name":"IACR Cryptol. ePrint Arch.","volume":"134 1","pages":"1117"},"PeriodicalIF":0.0,"publicationDate":"2023-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72741017","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-07-21DOI: 10.1007/s13226-023-00469-0
M. Kotov, A. Treier, Ivan Buchinskiy
{"title":"An attack on a key exchange protocol based on max-times and min-times algebras","authors":"M. Kotov, A. Treier, Ivan Buchinskiy","doi":"10.1007/s13226-023-00469-0","DOIUrl":"https://doi.org/10.1007/s13226-023-00469-0","url":null,"abstract":"","PeriodicalId":13158,"journal":{"name":"IACR Cryptol. ePrint Arch.","volume":"1 1","pages":"1644"},"PeriodicalIF":0.0,"publicationDate":"2023-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80579291","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-07-20DOI: 10.1007/s13389-023-00328-y
Mick G. D. Remmerswaal, Lichao Wu, S. Tiran, N. Mentens
{"title":"AutoPOI: Automated Points Of Interest Selection for Side-channel Analysis","authors":"Mick G. D. Remmerswaal, Lichao Wu, S. Tiran, N. Mentens","doi":"10.1007/s13389-023-00328-y","DOIUrl":"https://doi.org/10.1007/s13389-023-00328-y","url":null,"abstract":"","PeriodicalId":13158,"journal":{"name":"IACR Cryptol. ePrint Arch.","volume":"133 1","pages":"8"},"PeriodicalIF":0.0,"publicationDate":"2023-07-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80165041","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-07-20DOI: 10.24425/ijet.2021.137868
M. Jurkiewicz
—In this paper we construct and consider a new group-based digital signature scheme with evolving secret key, which is built using a bilinear map. This map is an asymmetric pairing of Type 3, and although, for the reason of this paper, it is treated in a completely abstract fashion it ought to be viewed as being actually defined over E ( F q n )[ p ] × E ( F q nk )[ p ] → F q nk [ p ] . The crucial element of the scheme is the key updater algorithm. With the adoption of pairings and binary trees where a number of leaves is the same as a number of time periods, we are assured that an updated secret key can not be used to recover any of its predecessors. This, in consequence, means that the scheme is forward-secure. To formally justify this assertion, we conduct analysis in fu - cma security model by reducing the security of the scheme to the computational hardness of solving the Weak ℓ -th Bilinear Diffie-Hellman Inversion problem type. We define this problem and explain why it can be treated as a source of security for cryptographic schemes. As for the reduction itself, in general case, it could be possible to make only in the random oracle model.
在本文中,我们构造并考虑了一种新的基于群的具有演化密钥的数字签名方案,该方案使用双线性映射构造。这个映射是类型3的非对称配对,尽管由于本文的原因,它以完全抽象的方式处理,但它应该被视为实际上定义在E (F q n)[p] × E (F q nk)[p]→F q nk [p]上。该方案的关键是密钥更新算法。通过采用配对和二叉树,其中叶子的数量与时间段的数量相同,我们可以确保更新的密钥不能用于恢复其前任的任何密钥。因此,这意味着该方案是前向安全的。为了正式证明这一断言,我们在fu - cma安全模型中进行了分析,将该方案的安全性降低到求解弱i -th双线性Diffie-Hellman反演问题类型的计算硬度。我们定义了这个问题,并解释了为什么它可以被视为加密方案的安全来源。至于缩减本身,在一般情况下,它可能只在随机oracle模型中进行。
{"title":"Binary Tree Based Forward Secure Signature Scheme in the Random Oracle Model","authors":"M. Jurkiewicz","doi":"10.24425/ijet.2021.137868","DOIUrl":"https://doi.org/10.24425/ijet.2021.137868","url":null,"abstract":"—In this paper we construct and consider a new group-based digital signature scheme with evolving secret key, which is built using a bilinear map. This map is an asymmetric pairing of Type 3, and although, for the reason of this paper, it is treated in a completely abstract fashion it ought to be viewed as being actually defined over E ( F q n )[ p ] × E ( F q nk )[ p ] → F q nk [ p ] . The crucial element of the scheme is the key updater algorithm. With the adoption of pairings and binary trees where a number of leaves is the same as a number of time periods, we are assured that an updated secret key can not be used to recover any of its predecessors. This, in consequence, means that the scheme is forward-secure. To formally justify this assertion, we conduct analysis in fu - cma security model by reducing the security of the scheme to the computational hardness of solving the Weak ℓ -th Bilinear Diffie-Hellman Inversion problem type. We define this problem and explain why it can be treated as a source of security for cryptographic schemes. As for the reduction itself, in general case, it could be possible to make only in the random oracle model.","PeriodicalId":13158,"journal":{"name":"IACR Cryptol. ePrint Arch.","volume":"89 4 1","pages":"1505"},"PeriodicalIF":0.0,"publicationDate":"2023-07-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83933824","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-07-19DOI: 10.3390/cryptography7030037
Maher Boudabra, Abderrahmane Nitaj
In this paper, we propose a new scheme based on ephemeral elliptic curves over a finite ring with an RSA modulus. The new scheme is a variant of both the RSA and the KMOV cryptosystems and can be used for both signature and encryption. We study the security of the new scheme and show that it is immune to factorization attacks, discrete-logarithm-problem attacks, sum-of-two-squares attacks, sum-of-four-squares attacks, isomorphism attacks, and homomorphism attacks. Moreover, we show that the private exponents can be much smaller than the ordinary exponents in RSA and KMOV, which makes the decryption phase in the new scheme more efficient.
{"title":"A New RSA Variant Based on Elliptic Curves","authors":"Maher Boudabra, Abderrahmane Nitaj","doi":"10.3390/cryptography7030037","DOIUrl":"https://doi.org/10.3390/cryptography7030037","url":null,"abstract":"In this paper, we propose a new scheme based on ephemeral elliptic curves over a finite ring with an RSA modulus. The new scheme is a variant of both the RSA and the KMOV cryptosystems and can be used for both signature and encryption. We study the security of the new scheme and show that it is immune to factorization attacks, discrete-logarithm-problem attacks, sum-of-two-squares attacks, sum-of-four-squares attacks, isomorphism attacks, and homomorphism attacks. Moreover, we show that the private exponents can be much smaller than the ordinary exponents in RSA and KMOV, which makes the decryption phase in the new scheme more efficient.","PeriodicalId":13158,"journal":{"name":"IACR Cryptol. ePrint Arch.","volume":"2 1","pages":"1299"},"PeriodicalIF":0.0,"publicationDate":"2023-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89967871","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: