With more and more acceptance of Digital Certificates and Public Key Infrastructures (PKI), the mechanisms to revoke a certificate in a PKI have recently received increasing attention. The revocation mechanisms are commonly classified into Certificate Revocation Lists (CRLs), trusted dictionaries and online mechanisms. The designer of a PKI should select an appropriate revocation method suiting...

A proxy re-encryption scheme (PRE) allows a semi-trusted proxy to convert a ciphertext encrypted under one key into a ciphertext encrypted under another key without leaking the underlying plaintext. In the process of the arithmetic processing, proxy should be able to learn as little information about the plaintext as possible. Conditional proxy re-encryption (CPRE) is a new cryptography primiti...

While neural networks have achieved high accuracy on standard image classification benchmarks, their accuracy drops to nearly zero in the presence of small adversarial perturbations to test inputs. Defenses based on regularization and adversarial training have been proposed, but often followed by new, stronger attacks that defeat these defenses. Can we somehow end this arms race? In this work, ...

We give three variants and improvements of Bleichenbacher’s low-exponent attack from CRYPTO 2006 on PKCS#1 v1.5 RSA signatures. For each of these three variants the fake signature representatives are accepted as valid by a flawed implementation. Our attacks work against much shorter keys as Bleichenbacher’s original attack, i.e. even for usual 1024 bit RSA keys. The first two variants can be us...

We propose adding users’ Media Access Control (MAC) addresses to standard X.509 certificates to provide more secure authentication. Recent patents demonstrate efforts on a X.509 certificate by adding security features in order to establish secure communications. The MAC address can be added by the issuing Certification Authority (CA) to the “extensions” section of the X.509 certificate. We demo...

In this paper we present a non-transferable anonymous credential system that is based on the concept of a chameleon certificate. A chameleon certificate is a special certificate that enjoys two interesting properties. Firstly, the owner can choose which attributes of the certificate to disclose. Moreover, a chameleon certificate is multi-show in the sense that several uses of the same chameleon...