Showing 1–6 of 6 results for author: Mateu, V

Mapping Literacies in the Tourism Labor Market: A Cross-Database Comparison

Authors: Eddy Soria Leyva, Aida Valls Mateu, Ana Beatriz Hernandez Lara

Abstract: This book chapter conducts a comparative bibliometric analysis of literacies in the tourism labor market, drawing from the Web of Science (WoS) and Scopus databases. The objective is to assess scientific outputs and identify key patterns of scientific collaboration. Findings suggest a statistically significant difference between the two databases with an overlap level of 35.71%. However, there is… ▽ More This book chapter conducts a comparative bibliometric analysis of literacies in the tourism labor market, drawing from the Web of Science (WoS) and Scopus databases. The objective is to assess scientific outputs and identify key patterns of scientific collaboration. Findings suggest a statistically significant difference between the two databases with an overlap level of 35.71%. However, there is a gradual and correlated increase in the number of publications over time. Scopus stands out for its broader impact and enduring citation relevance, suggesting its academic contributions have a longer-lasting effect. Conversely, WoS is characterized by a focus on more recent influential publications and exhibits a marginally more intense collaboration network. △ Less

Submitted 9 September, 2024; v1 submitted 23 February, 2024; originally announced February 2024.

Towards Automated Detection of Single-Trace Side-Channel Vulnerabilities in Constant-Time Cryptographic Code

Authors: Ferhat Erata, Ruzica Piskac, Victor Mateu, Jakub Szefer

Abstract: Although cryptographic algorithms may be mathematically secure, it is often possible to leak secret information from the implementation of the algorithms. Timing and power side-channel vulnerabilities are some of the most widely considered threats to cryptographic algorithm implementations. Timing vulnerabilities may be easier to detect and exploit, and all high-quality cryptographic code today sh… ▽ More Although cryptographic algorithms may be mathematically secure, it is often possible to leak secret information from the implementation of the algorithms. Timing and power side-channel vulnerabilities are some of the most widely considered threats to cryptographic algorithm implementations. Timing vulnerabilities may be easier to detect and exploit, and all high-quality cryptographic code today should be written in constant-time style. However, this does not prevent power side-channels from existing. With constant time code, potential attackers can resort to power side-channel attacks to try leaking secrets. Detecting potential power side-channel vulnerabilities is a tedious task, as it requires analyzing code at the assembly level and needs reasoning about which instructions could be leaking information based on their operands and their values. To help make the process of detecting potential power side-channel vulnerabilities easier for cryptographers, this work presents Pascal: Power Analysis Side Channel Attack Locator, a tool that introduces novel symbolic register analysis techniques for binary analysis of constant-time cryptographic algorithms, and verifies locations of potential power side-channel vulnerabilities with high precision. Pascal is evaluated on a number of implementations of post-quantum cryptographic algorithms, and it is able to find dozens of previously reported single-trace power side-channel vulnerabilities in these algorithms, all in an automated manner. △ Less

Submitted 4 April, 2023; originally announced April 2023.

Faulty isogenies: a new kind of leakage

Authors: Gora Adj, Jesús-Javier Chi-Domínguez, Víctor Mateu, Francisco Rodríguez-Henríquez

Abstract: In SIDH and SIKE protocols, public keys are defined over quadratic extensions of prime fields. We present in this work a projective invariant property characterizing affine Montgomery curves defined over prime fields. We then force a secret 3-isogeny chain to repeatedly pass through a curve defined over a prime field in order to exploit the new property and inject zeros in the A-coefficient of an… ▽ More In SIDH and SIKE protocols, public keys are defined over quadratic extensions of prime fields. We present in this work a projective invariant property characterizing affine Montgomery curves defined over prime fields. We then force a secret 3-isogeny chain to repeatedly pass through a curve defined over a prime field in order to exploit the new property and inject zeros in the A-coefficient of an intermediate curve to successfully recover the isogeny chain one step at a time. Our results introduce a new kind of fault attacks applicable to SIDH and SIKE. △ Less

Submitted 27 February, 2022; v1 submitted 10 February, 2022; originally announced February 2022.

Comments: Update: extended countermeasures

Code-based Signatures from New Proofs of Knowledge for the Syndrome Decoding Problem

Authors: Loïc Bidoux, Philippe Gaborit, Mukul Kulkarni, Victor Mateu

Abstract: In this paper, we study code-based signatures constructed from Proof of Knowledge (PoK). This line of work can be traced back to Stern who introduces the first efficient PoK for the syndrome decoding problem in 1993. Afterward, different variations were proposed in order to reduce signature's size. In practice, obtaining a smaller signature size relies on the interaction of two main considerations… ▽ More In this paper, we study code-based signatures constructed from Proof of Knowledge (PoK). This line of work can be traced back to Stern who introduces the first efficient PoK for the syndrome decoding problem in 1993. Afterward, different variations were proposed in order to reduce signature's size. In practice, obtaining a smaller signature size relies on the interaction of two main considerations: (i) the underlying protocol and its soundness error and (ii) the type of optimizations which are compatible with a given protocol. Over the years, different variations were proposed to improve the Stern scheme such as the Veron scheme (with public key a noisy codeword rather than a syndrome), the AGS scheme which is a 5-pass protocol with cheating probability asymptotically equal to 1/2 and more recently the FJR approach which permits to decrease the cheating probability to 1/N but induces a performance overhead. Overall the length of the signature depends on a trade-off between: the scheme in itself, the possible optimizations and the cost of the implementation. The recent approaches which increase the cost of the implementation opens the door to many different type of trade-offs. In this paper we propose three new schemes and different trade-offs, which are all interesting in themselves, since depending on potential future optimizations a scheme may eventually become more efficient than another. All the schemes we propose use a trusted helper: a first scheme permits to get a 1/2 cheating probability, a second scheme permits to decrease the cheating probability in 1/N but with a different approach than the recent FJR scheme and at last a third scheme propose a Veron-like adaptation of the FJR scheme in which the public key is a noisy codeword rather than a syndrome. We provide an extensive comparison table which lists various trade-offs between our schemes and previous ones. △ Less

Submitted 14 January, 2022; originally announced January 2022.

Quantum Search for Scaled Hash Function Preimages

Authors: Sergi Ramos-Calderer, Emanuele Bellini, José I. Latorre, Marc Manzano, Victor Mateu

Abstract: We present the implementation of Grover's algorithm in a quantum simulator to perform a quantum search for preimages of two scaled hash functions, whose design only uses modular addition, word rotation, and bitwise exclusive or. Our implementation provides the means to assess with precision the scaling of the number of gates and depth of a full-fledged quantum circuit designed to find the preimage… ▽ More We present the implementation of Grover's algorithm in a quantum simulator to perform a quantum search for preimages of two scaled hash functions, whose design only uses modular addition, word rotation, and bitwise exclusive or. Our implementation provides the means to assess with precision the scaling of the number of gates and depth of a full-fledged quantum circuit designed to find the preimages of a given hash digest. The detailed construction of the quantum oracle shows that the presence of AND gates, OR gates, shifts of bits and the reuse of the initial state along the computation, require extra quantum resources as compared with other hash functions based on modular additions, XOR gates and rotations. We also track the entanglement entropy present in the quantum register at every step along the computation, showing that it becomes maximal at the inner core of the first action of the quantum oracle, which implies that no classical simulation based on Tensor Networks would be of relevance. Finally, we show that strategies that suggest a shortcut based on sampling the quantum register after a few steps of Grover's algorithm can only provide some marginal practical advantage in terms of error mitigation. △ Less

Submitted 1 September, 2020; originally announced September 2020.

Comments: 24 pages, 14 figures

Improved Veron Identification and Signature Schemes in the Rank Metric

Authors: Emanuele Bellini, Florian Caullery, Philippe Gaborit, Marc Manzano, Victor Mateu

Abstract: It is notably challenging to design an efficient and secure signature scheme based on error-correcting codes. An approach to build such signature schemes is to derive it from an identification protocol through the Fiat-Shamir transform. All such protocols based on codes must be run several rounds, since each run of the protocol allows a cheating probability of either 2/3 or 1/2. The resulting sign… ▽ More It is notably challenging to design an efficient and secure signature scheme based on error-correcting codes. An approach to build such signature schemes is to derive it from an identification protocol through the Fiat-Shamir transform. All such protocols based on codes must be run several rounds, since each run of the protocol allows a cheating probability of either 2/3 or 1/2. The resulting signature size is proportional to the number of rounds, thus making the 1/2 cheating probability version more attractive. We present a signature scheme based on double circulant codes in the rank metric, derived from an identification protocol with cheating probability of 2/3. We reduced this probability to 1/2 to obtain the smallest signature among signature schemes based on the Fiat-Shamir paradigm, around 22 KBytes for 128 bit security level. Furthermore, among all code-based signature schemes, our proposal has the lowest value of signature plus public key size, and the smallest secret and public key sizes. We provide a security proof in the Random Oracle Model, implementation performances, and a comparison with the parameters of the most important code-based signature schemes. △ Less

Submitted 19 April, 2019; v1 submitted 25 March, 2019; originally announced March 2019.