Applications of Galois Geometries to Coding Theory and Cryptography

Galois geometries
Geometry and cryptography
Applications of Galois Geometries to Coding
Theory and Cryptography
Leo Storme
Ghent University
Dept. of Mathematics
Krijgslaan 281 - Building S22
9000 Ghent
Belgium
Albena, July 1, 2013
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1. Affine spaces
2. Projective spaces
O UTLINE
1
G ALOIS GEOMETRIES
1. Affine spaces
2. Projective spaces
2
G EOMETRY AND CRYPTOGRAPHY
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1. Affine spaces
2. Projective spaces
F INITE FIELDS
q = prime number.
Prime fields Fq = {0, 1, . . . , q − 1} (mod q).
Binary field F2 = {0, 1}.
Ternary field F3 = {0, 1, 2} = {−1, 0, 1}.
Finite fields Fq : q prime power.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1. Affine spaces
2. Projective spaces
A FFINE SPACE AG(n, q)
V (n, q) = n-dimensional vector space over Fq .
AG(n, q) = V (n, q) plus parallelism.
k -dimensional affine subspace = (translate) of
k -dimensional vector space.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1. Affine spaces
2. Projective spaces
PARALLELISM IN AFFINE SPACE AG(n, q)
Let Πk be k -dimensional vector space of V (n, q).
Πk + b, for b ∈ V (n, q), are the affine k -subspaces parallel
to Πk .
Two parallel affine k -subspaces are disjoint or equal.
Parallelism leads to partitions of AG(n, q) into (parallel)
affine k -subspaces.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1. Affine spaces
2. Projective spaces
A FFINE PLANE AG(2, 3) OF ORDER 3
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1. Affine spaces
2. Projective spaces
F ROM V (3, q) TO PG(2, q)
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1. Affine spaces
2. Projective spaces
F ROM V (3, q) TO PG(2, q)
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1. Affine spaces
2. Projective spaces
T HE FANO PLANE PG(2, 2)
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1. Affine spaces
2. Projective spaces
T HE FANO PLANE PG(2, 2)
Gino Fano (1871-1952)
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1. Affine spaces
2. Projective spaces
T HE PLANE PG(2, 3)
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1. Affine spaces
2. Projective spaces
F ROM V (4, q) TO PG(3, q)
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1. Affine spaces
2. Projective spaces
F ROM V (4, q) TO PG(3, q)
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1. Affine spaces
2. Projective spaces
PG(3, 2)
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1. Affine spaces
2. Projective spaces
F ROM V (n + 1, q) TO PG(n, q)
1
From V (1, q) to PG(0, q) (projective point),
2
From V (2, q) to PG(1, q) (projective line),
3
···
4
From V (i + 1, q) to PG(i, q) (i-dimensional projective
subspace),
5
···
6
From V (n, q) to PG(n − 1, q) ((n − 1)-dimensional
subspace = hyperplane),
7
From V (n + 1, q) to PG(n, q) (n-dimensional space).
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1. Affine spaces
2. Projective spaces
L INK BETWEEN AFFINE AND PROJECTIVE SPACES
AG(n, q) = PG(n, q) minus one hyperplane (the hyperplane
at infinity).
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1. Affine spaces
2. Projective spaces
L INK BETWEEN AG(2, 3) AND PG(2, 3)
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
O UTLINE
1
G ALOIS GEOMETRIES
1. Affine spaces
2. Projective spaces
2
G EOMETRY AND CRYPTOGRAPHY
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
S ECRET SHARING SCHEME
1
Secret sharing scheme: cryptographic equivalent of vault
that needs several keys to be opened.
2
Secret S divided into shares.
3
Authorised sets: have access to secret S by putting their
shares together.
4
Unauthorised sets: have no access to secret S by putting
their shares together.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
(n, k )- THRESHOLD SCHEME
1
n participants.
2
Each group of k participants can reconstruct secret S, but
less than k participants have no way to learn anything
about secret S.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
S HAMIR ’ S k - OUT- OF -n SECRET SHARING SCHEME
1
Fq = finite field of order q.
2
Dealer chooses polynomial
f (X ) = f0 + f1 X + · · · + fk −1 X k −1 ∈ Fq [X ], and,
3
gives participant number i, point (xi , f (xi )) on graph of f
(xi 6= 0).
4
Value f (0) = f0 is secret S.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
S HAMIR ’ S k - OUT- OF -n SECRET SHARING SCHEME
1
2
Set of k participants can reconstruct
f (X ) = f0 + f1 X + · · · + fk −1 X k −1 by interpolating their
shares (xi , f (xi )). Then they can compute secret f (0).
If k 0 < k persons try to reconstruct secret, for every y ∈ Fq ,
0
there are exactly |Fq |k −k −1 polynomials of degree at most
k − 1 which pass through their shares and the point (0, y ).
Thus they gain no information about f (0).
Leo Storme
Galois geometries and cryptography
1.
2.
3.
4.
Galois geometries
Geometry and cryptography
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
R EALISATION OF S HAMIR ’ S k - OUT- OF -n SECRET
SHARING SCHEME
secret point
S1
ut
S5
ut
S3
ut
S2
ut
rs
ut
S4
Leo Storme
Galois geometries and cryptography
1.
2.
3.
4.
Galois geometries
Geometry and cryptography
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
G EOMETRICAL REALISATION OF S HAMIR ’ S k - OUT- OF -n
SECRET SHARING SCHEME (B LAKLEY )
1
Secret S = point of PG(3, q).
2
Shares = planes of PG(3, q) such that exactly three of
them only intersect in S.
3
Classical example: Normal rational curve of planes
X0 + tX1 + t 2 X2 + t 3 X3 = 0, t ∈ Fq ,
and
X3 = 0.
Leo Storme
Galois geometries and cryptography
1.
2.
3.
4.
Galois geometries
Geometry and cryptography
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
G EOMETRICAL REALISATION OF S HAMIR ’ S k - OUT- OF -n
SECRET SHARING SCHEME (B LAKLEY )
1
Secret S = point of PG(k , q).
2
Shares = hyperplanes of PG(k , q) such that exactly k of
them only intersect in S.
3
Classical example: Normal rational curve of hyperplanes
X0 + tX1 + t 2 X2 + · · · + t k Xk = 0, t ∈ Fq ,
and
Xk = 0.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
G EOMETRICAL REALISATION OF S HAMIR ’ S k - OUT- OF -n
SECRET SHARING SCHEME (B LAKLEY )
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
G EOMETRICAL REALISATION OF S HAMIR ’ S k - OUT- OF -n
SECRET SHARING SCHEME
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
G EOMETRICAL REALISATION OF S HAMIR ’ S k - OUT- OF -n
SECRET SHARING SCHEME
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
C ODING - THEORETICAL REALISATION OF S HAMIR ’ S
k - OUT- OF -n SECRET SHARING SCHEME
(McEliece and Sarwate)
1 C : [n + 1, k , n − k + 2] MDS code.
q
2 For secret c ∈ F , dealer creates codeword
q
0
c = (c0 , c1 , . . . , cn ) ∈ C. Share of participant number i is
symbol ci .
3 Since C is MDS code with minimum distance n − k + 2,
codeword c can be uniquely reconstructed if only k
symbols are known.
4 So any set of k persons can compute secret c .
0
5 On the other hand, less than k persons do not learn
anything about secret, since for any possible secret c 0 , the
same number of codewords that fit to secret c 0 and their
shares exist.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
M ORE GENERAL SECRET SHARING SCHEME
D EFINITION
Support of c = (c1 , . . . , cn ) ∈ Fnq :
sup(c) = {i | ci 6= 0}.
Let C be linear code. Nonzero codeword c ∈ C is called
minimal if
∀c 0 ∈ C \ {0} : sup(c 0 ) ⊆ sup(c) =⇒ c 0 = ρc,
ρ ∈ Fq \ {0}.
(In binary case, c minimal if no non-zero codeword c 0 with
sup(c 0 ) ⊂ sup(c), sup(c 0 ) 6= sup(c))
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
M ORE GENERAL SECRET SHARING SCHEME
L EMMA (M ASSEY )
Let C be an [n + 1, k ]q -code. Secret sharing scheme is
constructed from C by choosing codeword c = (c0 , . . . , cn ).
Secret is c0 and shares of participants are coordinates ci
(1 ≤ i ≤ n).
Minimal authorized sets of secret sharing scheme correspond
to minimal codewords of C ⊥ with 0 in their supports.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
B INARY R EED -M ULLER CODES
D EFINITION
Binary r -th order Reed-Muller code RM(r , m) (0 ≤ r ≤ m) = set
of all binary vectors f of length n = 2m associated with Boolean
polynomials f (x1 , x2 , ..., xm ) of degree at most r :
c = (f (0, . . . , 0), . . . , f (1, . . . , 1)).
Minimum weight d = 2m−r .
Minimum weight codewords of RM(r , m) = incidence
vectors of AG(m − r , 2) in AG(m, 2).
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
B INARY R EED -M ULLER CODES
T HEOREM (K ASAMI , T OKURA , AND A ZUMI )
Let f (x1 , ..., xm ) be Boolean function of degree at most r , where
r ≥ 2, such that |sup(f )| < 2m−r +1 . Then f can be transformed
by an affine transformation into
f = x1 · · · xr −2 (xr −1 xr +· · ·+xr +2µ−3 xr +2µ−2 ), 2 ≤ 2µ ≤ m−r +2,
or
f = x1 · · · xr −µ (xr −µ+1 · · · xr +xr +1 · · · xr +µ ), 3 ≤ µ ≤ r , µ ≤ m−r .
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
B INARY R EED -M ULLER CODES
First type of codewords
(1)
f = x1 · · · xr −2 (xr −1 xr +· · ·+xr +2µ−3 xr +2µ−2 ), 2 ≤ 2µ ≤ m−r +2,
In PG(m − r + 2, 2) defined by X1 = X0 , . . . , Xr −2 = X0 ,
cone Ψ with vertex PG(m − r + 1 − 2µ, 2) at infinity, and
base non-singular parabolic quadric Q(2µ, 2) in 2µ
dimensions having non-singular hyperbolic quadric at
infinity.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
Q UADRATIC CONE
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
B INARY R EED -M ULLER CODES
Second type of codewords
(2)
f = x1 · · · xr −µ (xr −µ+1 · · · xr +xr +1 · · · xr +µ ), 3 ≤ µ ≤ r , µ ≤ m−r .
(Symmetric difference): Union of two (m − r )-dimensional
affine spaces α and β, but not (m − r − µ)-dimensional
affine intersection space α ∩ β.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
S YMMETRIC DIFFERENCE
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
C OUNTING NON - MINIMAL CODEWORDS IN RM(r , m)
Non-minimal codeword c = c1 + c2 , with c1 , c2 non-zero
codewords having disjoint supports.
For w(c) < 3 · 2m−r , c1 codeword of smallest weight 2m−r ,
and c2 codeword of weight 2m−r or quadric or symmetric
difference.
Number of non-minimal codewords c of weight 2 · 2m−r
calculated by Borissov, Manev, and Nikova.
Number of non-minimal codewords c of weight
2 · 2m−r < w(c) < 3 · 2m−r calculated by Schillewaert,
Storme, and Thas.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
C OUNTING NON - MINIMAL CODEWORDS IN RM(r , m)
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
P ROBLEM OF AUTHENTICATION
1
2
Problem: Alice wants to send Bob a message m.
Attacker intercepts m and sends alternated message m0 to
Bob.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
P ROBLEM OF AUTHENTICATION
How can Bob be sure that message he gets is correct?
Introduce authentication!
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
E XAMPLE OF MESSAGE AUTHENTICATION CODE
1
` = line of PG(2, q).
2
Message m = point of `.
3
Authentication key K = point in PG(2, q)\`.
4
Authentication tag = line through message m and key K .
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
Leo Storme
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
E XAMPLE OF AUTHENTICATION CODE
1
If attacker wants to create message (m, K ) without
knowing key K , he must guess an affine line through m.
There are q possibilities, i.e. the chance for correct attack
is q1 .
2
If attacker already knows authenticated message (m, K ),
he knows that key K must lie on the line mK .
But for every of q affine points on line mK , there exists line
through m. So he cannot do better than guess the key
which gives probability of q1 for successful attack.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
S ECURITY OF AUTHENTICATION CODE
1
pi = probability of attacker to construct pair (m, K ) without
knowledge of key K , if he only knows i different pairs
(mj , K ).
2
Smallest value r for which pr +1 = 1 is called order of
authentication code.
3
For r = 1, p0 = probability of impersonation attack and
probability p1 = probability of substitution attack.
T HEOREM
If MAC has attack probabilities pi = 1/ni (0 ≤ i ≤ r ), then
|K| ≥ n0 · · · nr .
MAC that satisfies this theorem with equality is called perfect.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
G EOMETRICAL CONSTRUCTION OF PERFECT MAC
D EFINITION
Generalised dual arc D of order l with dimensions
d1 > d2 > · · · > dl+1 of PG(n, q) is set of subspaces of
dimension d1 such that:
1
each j subspaces intersect in subspace of dimension dj ,
1 ≤ j ≤ l + 1,
2
each l + 2 subspaces have no common intersection.
(n, d1 , . . . , dl+1 ) = parameters of dual arc.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
G ENERALISED DUAL ARCS
T HEOREM
There exists generalised dual arc in PG( n+d+1
− 1, q), with
d+1
n+d+1−i
dimensions di = d+1−i − 1, i = 0, . . . , d + 1.
n+d
d
− 1.
1
Spaces have dimension d1 =
2
Two spaces intersect in space of dimension
d2 = n+d−1
− 1.
d−1
3
Three spaces
intersect in space of dimension
d3 = n+d−2
− 1.
d−2
4
···
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
L INK BETWEEN MAC AND GENERALISED DUAL ARC
1
π = hyperplane of PG(n + 1, q) and D = generalised dual
arc of order l in π with parameters (n, d1 , . . . , dl+1 ).
2
message m = element of D.
3
key K = point of PG(n + 1, q) not in π.
4
Authentication tag that belongs to message m and key K is
generated (d1 + 1)-dimensional subspace.
5
Perfect MAC of order r = l + 1 with attack probabilities
pi = q di+1 −di .
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
Leo Storme
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
Leo Storme
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
Leo Storme
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
A NONYMOUS DATABASE SEARCH
Anonymous database search: query a database
anonomously.
Peer-to-peer community: let users post queries on behalf
of each other.
Neighbourhood attack: can be modeled as the intersection
of neighbourhoods that may return a single identified
person in case of unique neighbourhoods.
k -Anonymous neighbourhoods: neighbourhood of person
is also neighbourhood of at least k − 1 other persons.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
Leo Storme
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
T RANSVERSAL DESIGNS
Transversal design TDλ (k , n) = k -uniform structure (P, L)
of points and blocks, with |P| = kn, that admits partition of
P in k groups of cardinality n, and that satisfies:
any group and block contain exactly one common point,
every pair of points from distinct groups is contained in
exactly λ blocks.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
F ROM AG(2, n) TO TD1 (k , n)
From affine plane AG(2, n) to transversal design TD1 (k , n),
2 ≤ k ≤ n.
Point set P of TD1 (k , n) = points of AG(2, n) on k lines of
one parallel class of AG(2, n),
Groups = lines from this parallel class,
Blocks of TD1 (k , n) = lines of the other parallel classes of
AG(2, n), restricted to the points in P.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
F ROM AG(2, n) TO TD1 (k , n)
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
T RANSVERSAL DESIGN TD1 (k , n) AND n- ANONYMOUS
NEIGHBOURHOODS
T HEOREM
Transversal design TD1 (k , n) has n-anonymous
neighbourhoods.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
T HEOREMS
T HEOREM (S TOKES AND FARRÀS )
Combinatorial (v , b, r , k )-configuration with n-anonymous
neighbourhoods satisfies:
There exists partition G = {gi }m
i=1 of the point set such that
the points in the same part are not collinear and |gi | ≥ n,
for all i ∈ {1, . . . , m},
r ≥ n and m ≥ k .
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
T HEOREMS
T HEOREM (S TOKES AND FARRÀS )
In combinatorial (v , b, r , k )-configuration C with n-anonymous
neighbourhoods and anonymity partition G = {gi }m
i=1 and
|gi | = n for all i ∈ {1, . . . , m},
v = n iff m = k .
In this case, C is transversal design TD1 (k , n), and v = kn and
b = n2 .
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
A PPLICATION IN PAY TELEVISION
(Korjik, Ivkov, Merinovich, Barg, and van Tilborg)
subscribers = points of PG(2, q),
codes = lines of PG(2, q),
subscriber quits: codes of lines become invalid,
new issue of codes: only necessary when codes of all lines
through subscriber become invalid.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
T HE FANO PLANE PG(2, 2)
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
R EFERENCES
W.-A. Jackson, K.M. Martin, and C.M. O’Keefe,
Geometrical contributions to secret sharing theory. J.
Geom. 79 (2004), 102–133.
W.-A. Jackson, K.M. Martin, and M.B. Paterson,
Applications of Galois geometry to cryptology. Chapter in
Current research topics in Galois geometry (J. De Beule
and L. Storme, Eds.), NOVA Academic Publishers (2012),
215–244.
Leo Storme
Galois geometries and cryptography
Galois geometries
Geometry and cryptography
1.
2.
3.
4.
Secret sharing scheme
Message Authentication code (MAC)
Anonymous database search
Application in pay television
Thank you very much for your attention!
Leo Storme
Galois geometries and cryptography

Download Report

Applications of Galois Geometries to Coding Theory and Cryptography

Paperzz.com

Your Paperzz