EP2517397A1 - Verschlüsselungs- und entschlüsselungsverfahren - Google Patents

Verschlüsselungs- und entschlüsselungsverfahren

Info

Publication number
EP2517397A1
EP2517397A1 EP10805718A EP10805718A EP2517397A1 EP 2517397 A1 EP2517397 A1 EP 2517397A1 EP 10805718 A EP10805718 A EP 10805718A EP 10805718 A EP10805718 A EP 10805718A EP 2517397 A1 EP2517397 A1 EP 2517397A1
Authority
EP
European Patent Office
Prior art keywords
users
user
encryption
vector
secret
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP10805718A
Other languages
English (en)
French (fr)
Inventor
Yannick Seurin
Henri Gilbert
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Orange SA
Original Assignee
France Telecom SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by France Telecom SA filed Critical France Telecom SA
Publication of EP2517397A1 publication Critical patent/EP2517397A1/de
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/34Encoding or coding, e.g. Huffman coding or error correction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/46Secure multiparty computation, e.g. millionaire problem
    • H04L2209/463Electronic voting

Definitions

  • the present invention relates to the field of secret key cryptography. It relates to a method of encryption and decryption.
  • the invention allows a set of users to share the power to encrypt or decrypt a message with a secret key, without any of the users who participated in the encryption is aware of the key.
  • the invention finds a particularly interesting application in critical activities where, for security reasons, trust is distributed between a predefined number of users. Thus, it is necessary that these users collaborate in order to encrypt a message in clear, or to decrypt an encrypted message. The power to encrypt or decipher a message is therefore not held by one person. For example, the opening of a bank vault, or the signature in a company can advantageously implement the methods of the invention.
  • the invention also finds an interesting application in electronic voting systems.
  • the sender and the recipient of a message share the knowledge of the same secret key K. This allows the sender to transform a plaintext message into a cryptogram, or encrypted message, and to the recipient recover the message in clear from the encrypted message.
  • the invention improves the situation by proposing a method for encrypting a clear message element x into an encrypted message element associated with a random vector ⁇ a, y) by a first subset of p encryption users, in which the message element is encoded using an error correction code C and then encrypted by means of a secret matrix M parameterized by the random vector a and noised by a noise vector, characterized in that it comprises a step of obtaining the secret matrix parameterized by the random and noisy vector, by adding secret user matrices specific to the encrypting users, said user secret matrices being parameterized by the random vector and noisy by vectors noise specific to the encryption users.
  • a "message element” comprises all or part of a message.
  • the encryption functionality is shared between encrypting users who must collaborate to encrypt the message element in the clear. None of the encrypting users are aware at any time of the secret matrix used during the encryption operation. Indeed, it is necessary that the p users collaborate for the encryption operation, otherwise, no one is able to perform the operation. In addition, any new encryption operation requires that users collaborate again, even if it is the same secret matrix that is involved, or in other words, even if the same encrypting users are involved.
  • the encryption functionality according to the invention is reconfigurable in the sense that a new group of encryption users, different from the group of encrypting users, can be defined in order to implement the sharing of the encryption functionality between these q users without requiring a specific prior configuration such as a distribution to each q users of the new group of new clean secret matrices.
  • the method of the invention also has proven security, which is rare in symmetric cryptography.
  • the encryption according to the invention is based on encryption symmetric probabilistic for which it is possible to prove security by a reductionist approach of translating security into an hypothesis on the difficulty of solving a known problem. In other words, it is possible to prove that, to break the security of this method of encryption, an attacker must be able to solve a known problem, presumed difficult.
  • the well-defined and well-known problem is the "LPN" problem (for "Learning Parity with Noise").
  • the method of the invention requires limited computing capabilities.
  • the method finds an interesting application in environments where the computing capacity is limited and where the required level of security is still high.
  • the method can be implemented in user terminals of the mobile terminal type.
  • the first subset of p encryption users and a second subset of q deciphering users form a set of p + q users and there is provided a step of reception by each user of said set of a secret user matrix own, the sum of the p + q own user matrices being equal to a null matrix.
  • the sum of the n proper matrices of the n users is equal to the null matrix.
  • This preliminary phase is only executed once.
  • none of the users, at any time, is aware of the secret matrix used to encrypt the clear message element. Indeed, the secret matrix is never computed as such but the collaboration of all the encryption users makes it possible to obtain the secret matrix parameterized by a random and noisy.
  • the clean secret matrices distributed during the prior phase can be used for successive decryption or decryption operations without the security level of these operations being altered.
  • the method of the invention comprises a step of:
  • This exemplary embodiment provides a simple way of generating the clean secret matrices of the n users, the sum of these n own matrices being equal to the null matrix.
  • (n-1) matrices are generated randomly.
  • the nth and last matrix is then obtained by solving a simple equation where the sum of this nth matrix with randomly generated (n-1) matrices is equal to the null matrix.
  • the prior phase of generating and distributing the clean matrices is fast and requires little computing resources.
  • the invention also relates to a method of decryption by a second subset of q deciphering users of the encrypted message element associated with the random vector (, y) and obtained according to the encryption method of the invention, comprising the steps of :
  • each deciphering user vector comprising a specific matrix of said user parameterized by the random vector
  • the calculation of the sum and the decoding are carried out by one of the deciphering user q, said master decipherer user, and the sum contains the noise vectors generated for the q - 1 other users, excluding the noise vector of the master decryptor user.
  • a decryptor user plays the role of the decryption entity.
  • it receives from all the other deciphering users a contribution to decryption comprising a respective vector and a noise vector generated by the noise source specific to each of the users.
  • the encryption he must then calculate the sum of the cipher, contributions received from other users and his own contribution. Its own contribution usually comprises its respective vector and a noise vector generated by the noise source of its own. However, since he knows the value of his own noise vector, he can eliminate it from his contribution.
  • the cipher it calculates the sum of the cipher, the contributions of the other users and its respective vector.
  • the noise The sum obtained by summing the noise is then reduced, compared to the embodiment where the decryption entity calculates a total noise equal to the sum of the noise vectors of all the deciphering users.
  • the decoding procedure is facilitated.
  • the invention also relates to an encryption entity capable of encrypting a clear message element x into an encrypted message element associated with a random vector ⁇ a, y) for a subset of encrypting users, comprising:
  • encoding means adapted to encode the message element by means of an error correction code
  • encryption means adapted to encrypt said encoded element by means of a secret matrix parameterized by the random and noisy vector, the parameterized and noisy matrix being obtained by adding secret user matrices specific to the encrypting users, said matrices user secrets being parameterized by the random vector and noisy by noise vectors specific to the encrypting users.
  • the invention also relates to an encryption and decryption system comprising an encryption entity and a decryption entity according to the invention, comprising:
  • reception means adapted to receive an encrypted message element associated with a random vector (a, y), and to receive at least (q-1) noise vectors generated by (q-1) decryption users,
  • computing means adapted to calculate the sum of the encrypted message element and the at least noise vectors (q-1),
  • the decryption entity is a device of a decryption user further comprising means for calculating a respective vector, comprising a specific matrix of said user parameterized by the random vector.
  • the invention also relates to a computer program intended to be installed in a memory of an encryption entity, comprising instructions for implementing the steps of the encryption method according to the invention, when the program is executed by a processor.
  • the invention also relates to a data carrier on which the previous computer program is stored.
  • the invention also relates to a computer program for installation in a memory of a decryption entity, including instructions for the implementation of steps of the decryption method according to the invention, when the program is executed by a processor.
  • the invention also relates to a data carrier on which the above computer program is recorded.
  • the figurel represents a flowchart of the steps of an encryption method according to a particular embodiment
  • FIG. 2 represents a flowchart of the steps of a method for decrypting an encrypted message in accordance with the encryption method of the invention, according to a particular embodiment
  • FIG. 3 represents a functional block diagram of a particular form of an encryption entity adapted to implement the encryption method according to the invention
  • FIG. 4 represents a functional block diagram of a particular form of a decryption entity adapted to implement the decryption method according to the invention.
  • the encryption / decryption method according to the invention makes it possible to share the encryption and decryption functionality between several users. It is based on symmetric probabilistic decryption encryption as described in the international patent application published under the number WO2009 / 095574. This application describes a probabilistic encryption which, by definition, involves a hazard in the encryption and which further relies on the combination of an error correction code encoding and the addition of a noise. This combination has the effect of making it more difficult for the decryption of the encrypted by an adversary while being adapted to be naturally deleted by the decoding of the error correction code. With this encryption, it is possible to prove security by a reductionist approach of translating security into an assumption about the difficulty of solving a known problem.
  • the probabilistic symmetric encryption between a transmitter and a receiver described in the international application uses: a binary error correction code, denoted C, of length m, of dimension r and of correction capacity t.
  • the correction code C is a function of a binary space of dimension r ⁇ 0, l ⁇ r in a binary space of dimension m ⁇ , ⁇ ".
  • This function is adapted to transform a message of r bits into a word of m bit code, with m> r, by adding redundancy bits
  • the correction code C is adapted to ensure that, if a number of errors less than the correction capacity t is added to the code word , the decoding makes it possible to restore the original message
  • the corrector code can be a code by block, or a convolutional code
  • a Bernoullian noise source B accessible by the transmitter and adapted to generate a bit noise vector £ at m bits.
  • This source produces independent bits worth 1 with a robustness ⁇ , and independent bits worth 0 with a probability 1 - 7], with
  • the Bernoullian noise source B is adapted so that the probability that the
  • the Hamming weight associated with the noise vector £ to be greater than the correction capacity / correction code is very low.
  • this threshold may be equal to 10 -3 .
  • the Hamming weight of a binary vector is the number of bits different from 0, in other words equal to 1, of this vector.
  • Hwt ( ⁇ ) is less than or equal to the correction capacity t of the correction code C.
  • the transmitter tests the noise vector ⁇ before adding it, in order to verify that the condition Hwt ⁇ ) ⁇ t is indeed satisfied. If this is not the case, the transmitter regenerates this vector;
  • the transmitter To encrypt a clear message element x of r bits, the transmitter performs the following operations:
  • is an m-bit noise vector produced by the Bernernian noise source B.
  • the cipher transmitted to the receiver is then defined by a pair ( a, y) composed of the encrypted message element y and the random vector used to encrypt said message element.
  • the message is split into r-bit message elements, possibly with an addition of predetermined values to to complete a block with r bits, if the value R is not a multiple of r (we usually speak of padding), the encryption procedure is then applied to each of the blocks of r bits.
  • a receiver When a receiver receives the pair [a, y], it adds to the cipher y its secret matrix parameterized by the random vector a, in other words it calculates y ⁇ a ⁇ M. Then he decodes the result. If the Hamming weight of the added noise vector ⁇ is less than the correction capability t of the code, the clear message element is found.
  • an encryption entity 12 is adapted to calculate an encryption of the clear message element x from information received from the users who collaborate on the encryption. In another embodiment, it is one of the users (or more) among the users who collaborate with the encryption that performs this calculation and plays the role of the encryption entity 12.
  • a prior configuration phase E10 the key distribution entity 11 generates and distributes n secret matrices belonging to the n users.
  • the preliminary configuration phase E10 comprises a first step E10-1 for generating clean secret matrices.
  • this generation step El 0-1 the key distribution entity 11 generates n own secret matrices such that the sum of the generated n matrices is equal to the null matrix.
  • M, ⁇ ... ⁇ M n 0.
  • the key distribution entity 11 transmits securely to each of the n users Ui, U "of group 10 its own secret matrix M], M n .
  • the clean secret matrices are received by each of the n users during an E10-3 reception step.
  • the preliminary configuration phase E10 is executed only once.
  • the following steps concern the group Gl of encrypting users.
  • the encryption entity 12 randomly generates a random vector a of k bits, and distributes this vector a to all the encrypting users during a step E13 sending of hazard.
  • the random vector a is received by each of the encryption users during a reception step E14.
  • each of the p encrypting users U d calculates a vector b ci equal to the secret matrix of said user, parameterized by the random vector a and to which is added a vector s own noise above the user.
  • each encryption user U ci calculates b ci - a ⁇ M ci ⁇ S ci , where £ ci is a noise vector of m bits produced by a source of noise level Bernanlian noise noise 7], the source of noise being independent for each user.
  • Each encryptor user U ci transmits his vector b ci to the encryption entity 12 in a step E16 for receiving the respective vectors.
  • the vectors b c! encrypting users are received by the encryption entity 12 during a step E17 for receiving the eigenvectors.
  • the encryption entity 12 calculates the encryption of the clear message element.
  • the encryption entity 12 encodes the plaintext message x using the error correction code C and adds to this encoded value the sum of the respective vectors b ci received from the encrypting users. In other words, the encryption entity 12 calculates:
  • This calculation is in accordance with a symmetric probabilistic ciphering in which the secret matrix is the sum of the respective secret matrices of the ciphering users, and the brait vector is equal to the sum of the respective noises produced by the c encryption users.
  • the cipher is calculated by the encryption entity 12 without it, at any moment does not have the secret matrix of encryption used, in this case the sum of the own matrices of the encrypting users. Indeed, the entity has received the eigenvectors calculated independently of each other by the encrypting users for the clear message x. At no time is the secret encryption matrix manipulated as such.
  • step E19 sending an encrypted, the encryption entity 12 sends a pair
  • the secret matrices specific to each of the n users are Toeplitz matrices. It is known that in a Toeplitz matrix, the coefficients on a diagonal descending from left to right are the same. Thus, the set of coefficients of a clean secret matrix can be deduced from the only coefficients of the first row and the first column of the matrix. Also, it is sufficient for each user to store the only coefficients of the first row and the first column of the conversion matrix to have all the coefficients of its own secret matrix.
  • the distribution of the secret matrices of the users carried out during the step E10-2 of the prior configuration phase E10 can be done in accordance with various known existing procedures.
  • each user U can move physically to obtain its matrix of the key distribution entity IL
  • the distribution is performed through a secure distribution channel by cryptographic means well known to those skilled in the art and based on example on public key cryptography.
  • the matrix is distributed to the user by telephone.
  • the generation step El 0-1 clean secret matrices of the prior phase for the distribution entity lia generate n - 1 clean matrices for n - 1 users in a random manner.
  • the distribution entity 11 then calculates the nth eigenmatrix of the nth user, so that the sum of the n clean secret matrices is equal to the null matrix.
  • a decryption entity 20 is in charge of decrypting an encrypted message y of a clear message x obtained by collaboration of a group G1 of encrypting users U c i, U cp (not shown in FIG. FIG. 2), in accordance with the encryption method described with reference to FIG.
  • the decryption entity 20 receives, for example from an encryption entity 12 according to FIG. 1 (not shown in FIG. 2), a pair (a, y) comprising the random vector a and the cipher calculated therein according to the encryption method described in connection with Figure 1.
  • the cipher was obtained by collaboration of users c encryptors.
  • is intended for a group G2 of q users U d ], U dq , said decryption users, able to decipher it by collaborating.
  • the set of encrypting users and the set of deciphering users make up the group 10 of the n users according to FIG. 1, n therefore being equal to the sum of p and q.
  • each decryptor user ⁇ 3 ⁇ 4 ⁇ calculates a respective vector v dJ including its own matrix M dj parameterized by the random vector a.
  • each deciphering user adds to the respective vector a noise vector e dj of m bits generated by a Bernernn noise source B of parameter ⁇ , the noise source being independent of one user to another.
  • each deciphering user 13 ⁇ 4 transmits its respective noisy vector b dj to the decryption entity 20.
  • the decryption entity 20 receives the set of the respective noisy vectors b d ⁇ decoding users 13 ⁇ 4.
  • a decryption step E25 the decryption entity 20 decodes the encrypted message element y.
  • the decryption entity 20 calculates in a computation substep E25-1 the sum of the encrypted message element y and the respective q noisy vectors b d - deciphering users. In other words, the entity 20 calculates:
  • the sum of the own matrices of the encrypting users U ci and the eigenmatrices of the q wasteful users is equal to the sum of the own matrices of the n users. Since the sum of the clean secret matrices of the n users is equal to the null matrix, then the sum (1) calculated by the entity is equal to:
  • the decryption entity 20 proceeds to decode the sum (1) calculated using the error correction code C. If the weight of
  • each deciphering user transmits to the other deciphering users its respective noisy vector, for example by a diffusion mechanism.
  • the user decryptor U dk calculates:
  • the decoding operation is performed by the decoding user U dk - H is now provided some examples of embodiment of this encryption method with concrete parameters.
  • the security of the encryption system depends on the difficulty of solving the LPN problem.
  • this difficulty is based on the parameters k and ⁇ , corresponding to the number of bits of the random vector a and the probability for a bit of the noise vector ⁇ to be 1 respectively. It is therefore necessary to choose values suitable for these parameters, to guarantee a good security of the system.
  • Two examples of suitable values for these parameters k and ⁇ are as follows:
  • the error correction code C used has an impact on the efficiency of the system, but not on its security. Indeed, if the code C is of dimension r, the total size of the element of the cipher, for a message element in clear x of r bits is (m + k) bits. There is, therefore, a certain expansion of the cipher, which incites, at fixed k, to take the greatest possible, and m, the smallest possible.
  • (7 the expansion factor
  • the correction capacity t and the length m of the code C must verify t > ⁇ * ⁇ , ⁇ ⁇ is the total noise resulting from the addition of all the noise vectors of the users. It is easily shown that when adding n noise parameter independent noise vectors 7], the noise parameter
  • the resulting noise is J - 0.244.
  • This case corresponds for example to the case where the functionality is shared between four users and where the decryption is performed by a user decryptor; in this case, the user decryptor can subtract the noise he generated.
  • the parameters of the code C are denoted [/? Z, r, ⁇ f], where m is the length of the code, r is its dimension and d is its minimum dimension, the correction capacity t being linked to the distance
  • An encryption entity 12 able to implement the encryption method will now be described in relation with FIG. 3.
  • Such an entity is for example a computer of server type capable of communicating with a plurality of encryption users.
  • the encryption entity 12 comprises several modules:
  • a processor 121 or “CPU” (of the "Central Processing Unit"), or processing unit;
  • a memory 122 makes it possible to perform calculations, to load software instructions corresponding to the steps of the encryption method described above, and to execute them by the microprocessor 121;
  • communication interfaces 123 adapted to send to encryption users a random vector a, to receive from the encrypting users respective vectors, and to transmit to a second entity, for example a decryption entity, a pair (a, y) where a is the random vector and y is a cipher of a clear message x.
  • the interfaces 123 allow the implementation of the steps E13 sending random, E16 receiving the respective vectors and E19 sending the encrypted. These steps have been described in connection with Figure 1;
  • the encryption entity 12 also hosts an application in the form of a program, able to implement the steps of the encryption method described above.
  • entity 12 also includes:
  • a pseudo-random generator 124 adapted to generate the random vector a.
  • the generator 124 implements the step E12 for drawing a random vector described previously;
  • an encoding module 125 adapted to encode the plaintext message x by means of an error correction code C;
  • a calculation module 126 adapted to calculate the encrypted value of the plaintext message x from the encoded clear message and the respective vectors received from the encryption users.
  • the computation performed by the module 126 is in accordance with a symmetric probabilistic ciphering in which the secret matrix is the sum of the respective secret matrices of the ciphering users, and the noise vector is equal to the sum of the respective noises produced by the c encryption users.
  • the calculation module 126 cooperates with the encoding module to obtain the encoded clear message.
  • the encoding modules 125 and calculation 126 implement the step E18 for calculating the cipher.
  • the modules 123, 124, 125 and 126 which implement the encryption method described above are preferably software modules comprising software instructions for executing the steps of the encryption method.
  • the invention therefore also relates to:
  • a computer program comprising instructions for implementing the encryption method as described above when this program is executed by a processor, and a recording medium readable by a computer on which the program described above is recorded.
  • the software modules can be stored in or transmitted by a data carrier.
  • a data carrier This may be a hardware storage medium, for example a CD-ROM, a magnetic diskette or a hard disk, or a transmission medium such as a signal, or a telecommunications network.
  • a decryption entity 20 capable of implementing the decryption of an encryption obtained according to the previously described encryption method will now be described in relation with FIG. 4.
  • Such an entity is for example a server computer capable of communicating with a plurality of deciphering users.
  • the decryption entity 20 comprises several modules:
  • processor 201 or CPU
  • a memory 202 makes it possible to perform calculations, to load software instructions corresponding to the steps of the encryption method described above, and to execute them by the processor 201;
  • the communication interfaces 203 adapted to receive a pair (a, y) of the encryption entity 12, where a is the random vector and y an encrypted of a clear message x and to receive at least (q-1 ) decoding users a respective noisy vector.
  • the decryption entity is an entity independent of the users, it is received by the interfaces 203 q noisy vectors q q decryption users.
  • the decryption is performed by a particular decryptor user device, it is received by these interfaces only (q-1) respective noisy vectors (q-1) other users.
  • the interfaces 203 make it possible to implement the steps E20 for receiving an encryption and E24 for receiving the respective noisy vectors of the deciphering users. These steps have been described in connection with Figure 2;
  • the decryption entity 20 also hosts an application in the form of a program, able to implement the steps of the decryption method described above.
  • the entity 20 also comprises:
  • a computation module 204 adapted to calculate the sum of the encrypted message element y and at least (q-1) noisy vectors received from the deciphering users.
  • the decryption is performed by a particular user decryptor device, and where it is received by the interfaces 203 only (q-1) respective noise vectors, it is calculated by the calculation module 20 the sum of encrypted, noisy vectors (q-1) and the noisy vector specific to the decipherer user device.
  • the non-noisy vector is equal to the own matrix of this deciphering user, parameterized by the random vector. Indeed, in this embodiment, it is not useful for the user device that decrypts to add its own noise vector that it knows.
  • the module 204 implements the substep E25-1 calculation previously described;
  • a decoding module 205 adapted to decode the code word C (x) obtained by the calculation module 204 by means of the error correction code C.
  • the module 205 implements the substep E25-2 decoding described above.
  • the calculation module 204 and the decoding module 205 perform the decryption step E25 described above.
  • the modules 203, 204 and 205 which implement the decryption method described above are preferably software modules comprising software instructions for executing the steps of the encryption method.
  • the invention therefore also relates to:
  • the software modules can be stored in or transmitted by a data carrier.
  • a data carrier This may be a hardware storage medium, for example a CD-ROM, a magnetic diskette or a hard disk, or a transmission medium such as a signal, or a telecommunications network.
  • the invention is not limited to an encryption entity, respectively server type decryption.
  • the encryption or decryption entity is a mobile user terminal.
  • an entity capable of encrypting is also able to decrypt. It is therefore able to implement the encryption method and the decryption method.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
EP10805718A 2009-12-22 2010-12-13 Verschlüsselungs- und entschlüsselungsverfahren Withdrawn EP2517397A1 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR0959425 2009-12-22
PCT/FR2010/052693 WO2011083232A1 (fr) 2009-12-22 2010-12-13 Procede de chiffrement et de dechiffrement

Publications (1)

Publication Number Publication Date
EP2517397A1 true EP2517397A1 (de) 2012-10-31

Family

ID=42320318

Family Applications (1)

Application Number Title Priority Date Filing Date
EP10805718A Withdrawn EP2517397A1 (de) 2009-12-22 2010-12-13 Verschlüsselungs- und entschlüsselungsverfahren

Country Status (3)

Country Link
US (1) US20130010953A1 (de)
EP (1) EP2517397A1 (de)
WO (1) WO2011083232A1 (de)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9639687B2 (en) * 2014-11-18 2017-05-02 Cloudfare, Inc. Multiply-encrypting data requiring multiple keys for decryption
US10496631B2 (en) * 2017-03-10 2019-12-03 Symphony Communication Services Holdings Llc Secure information retrieval and update
JP7132506B2 (ja) * 2019-01-07 2022-09-07 富士通株式会社 秘密情報検索システム、秘密情報検索プログラム、および秘密情報検索方法
US10892891B2 (en) * 2019-03-13 2021-01-12 Digital 14 Llc System, method, and computer program product for zero round trip secure communications based on two noisy secrets
US10951415B2 (en) * 2019-03-13 2021-03-16 Digital 14 Llc System, method, and computer program product for implementing zero round trip secure communications based on noisy secrets with a polynomial secret sharing scheme
US11784825B2 (en) 2019-09-26 2023-10-10 Visa International Service Association Lattice based signatures with uniform secrets
CN111400741B (zh) * 2020-04-07 2023-05-09 佛山市玖章智能科技有限公司 一种基于点阵排布可扩展样式的隐写信息加密方法

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030223579A1 (en) * 2000-07-13 2003-12-04 Eran Kanter Secure and linear public-key cryptosystem based on parity-check error-correcting
FR2912019B1 (fr) * 2007-01-26 2009-04-10 Thales Sa Procede de codage de donnees.
WO2009095574A2 (fr) 2008-01-11 2009-08-06 France Telecom Procede et entite de chiffrement symetrique probabiliste

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2011083232A1 *

Also Published As

Publication number Publication date
WO2011083232A1 (fr) 2011-07-14
US20130010953A1 (en) 2013-01-10

Similar Documents

Publication Publication Date Title
EP2232765B1 (de) Verfahren und einheit zur probabilistischen symmetrischen datenverschlüsselung
EP3078155B1 (de) Verfahren zur aktualisierung eines auf einem speicherserver gespeicherten dateibaums
BE1003932A6 (fr) Systeme cryptographique par bloc de donnees binaires.
EP2517397A1 (de) Verschlüsselungs- und entschlüsselungsverfahren
WO2014118257A1 (fr) Procede de chiffrement homomorphe pour le ou exclusif et calcul securise d'une distance de hamming
EP2537284B1 (de) Kryptografisches verfahren zur mitteilung von vertraulichen informationen
EP1802022A1 (de) Gesicherter Fehlerkorrektur-Kode
EP2457344B1 (de) Verfahren zur umwandlung einer ersten ziffer in eine zweite ziffer
WO2007074296A1 (fr) Transmission securisee avec code correcteur d'erreur
FR3079045A1 (fr) Procede d’emission de donnees depuis un vehicule automobile et procede de reception desdites donnees par un autre vehicule, a travers un canal de communication radio.
Ravi et al. Security and quantum computing: An overview
EP2659615A1 (de) Verfahren und system zur ermöglichung eines kryptografischen integritätstests eines fehlertoleranten datenelements
EP2652899B1 (de) Verfahren und system für bedingten zugang zu digitalem inhalt, entsprechendes endgerät und teilnehmervorrichtung
EP3266148B1 (de) Vorrichtung und verfahren zur administration eines digitalen hinterlegungsservers
WO2024125942A1 (fr) Procedes de distribution quantique et dispositifs de telecommunication associes
WO2024018158A1 (fr) Procédé d'échange d'un secret résistant aux attaques par ordinateur quantique, système informatique et programme d'ordinateur associés
WO2021165625A1 (fr) Procede de calcul d'une cle de session, procede de recuperation d'une telle cle de session
WO2023046557A1 (fr) Système et méthode de génération de clé secrète sûre
Kamel Security for wireless communications
EP4150853A1 (de) Kryptographisches verfahren, systeme und dienste zur bewertung realwertiger funktionen auf verschlüsselten daten
EP3008851A1 (de) Verfahren und system zum weiterleiten der berechnung eines bilinearen kupplungswertes für einen berechnungsserver
FR3080694A1 (fr) Procede et systeme pour assurer l'integrite de donnees confidentielles diffuses
EP1642413A1 (de) Verfahren zur verschlüsselung/entschlüng einer nachricht sowie dazugehörige vorrichtung
FR3029667A1 (fr) Procede d'encapsulation d'une cle de session
FR2878390A1 (fr) Systeme et procede cryptographiques pour chiffrer des donnees d'entree

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20120711

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

DAX Request for extension of the european patent (deleted)
RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: ORANGE

17Q First examination report despatched

Effective date: 20140327

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

INTG Intention to grant announced

Effective date: 20150724

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20151204