Resume

• 2008

  Doctor of Philosophy (Ph.D.)

  Mathematics

  Universidad de Oviedo

• 2003

  German

  Spanish

  English

  French

  Bachelor of Science (BS)

  Mathematics

  Universidad de Oviedo

• Lecturing

  Mathematics

  Theory

  Research

  Computer Science

  Science

  Higher Education

  Algorithms

  Mathematical Modeling

  Teaching

  LaTeX

  Matlab

  Cryptography

  University Teaching

  Computer Security

  Identity-based non-interactive key distribution with forward security

  Rainer Steinwandt

  Identity-based non-interactive key distribution (ID-NIKD) is a cryptographic primitive that enables two users to establish a common secret key without exchanging messages. All users of the system have access to public system parameters and a private key

  obtained through the help of a trusted key generation center. In this contribution

  we discuss how to capture an intuitive form of forward security for ID-NIKD schemes in a security model. Building on results of Sakai et al. as well as of Paterson and Srinivasan

  we discuss how the proposed notion of forward security can be achieved in the random oracle model

  using a Bilinear Diffie-Hellman assumption in combination with a forward-secure pseudorandom bit generator. We also show how a forward-secure ID-NIKD scheme can be used to realize forward-secure identity-based encryption.

  Identity-based non-interactive key distribution with forward security

  Ángel Luis Pérez del Pozo

  Abstract In this paper

  we present a cryptanalysis of a recently proposed server-aided group \nkey agreement scheme by Sun et al. This proposal is designed for mobile environments

  in \nwhich a group of users aim at establishing a common secret key with the help of a semi-\ntrusted server. At this

  authentication is achieved using certificateless public key \ncryptography. We evidence that the scheme does not achieve forward secrecy

  is vulnerable \nto a known session attack (that can

  for instance

  be mounted by a semi-honest server) and \nis not (as claimed by the authors) contributory. Further security hardships in more restricted \nmodels (ie in which stronger corruptions are allowed) are also discussed.

  Pitfalls in a server-aided authenticated group key establishment

  Rainer Steinwandt

  An Advances in Mathematics of Communications article from 2007 proposes an informal 2-party key establishment along the lines of the classic Diffie-Hellman construction

  but using a two-sided matrix semiring action. The article contains no formal security analysis

  but a specific parameter choice has been considered. We describe a heuristic attack technique against the suggested instance

  which for the published \"challenge value\" results in a complete session key recovery with only a minor computational effort.

  Cryptanalysis of a 2-party key establishment based on a semigroup action problem

  David Naccache

  Moti Yung

  Reverse Public-Key Encryption (RPKE) is a mode of operation exploiting a weak form of key privacy to provide message privacy. In principle

  RPKE offers a fallback mode

  if the underlying encryption scheme’s message secrecy fails while a weak form of key privacy survives. To date

  all published RPKE constructions suffer from a low bandwidth

  and low bandwidth seems naturally inherent to reverse encryption. We show how reverse encryption can

  in connection with and as a novel application of anonymous broadcast encryption

  achieve high-bandwidth. We point out that by using traditional and reverse encryption simultaneously

  a form of crypto-steganographic channel inside a cryptosystem can be provided.

  Narrow Bandwidth Is Not Inherent in Reverse Public-Key Encryption

  Pairing-friendly curves and elliptic curves with a trapdoor for the discrete logarithm problem are versatile tools in the design\nof cryptographic protocols. We show that curves having both properties simultaneously enable a non-interactive protocol for identitybased\n3-party key distribution and deterministic identity-based signing with “short” signatures. All our protocols are in the random\noracle model.

  Pairing-Friendly Curves with Discrete Logarithm Trapdoor Could be Useful

  Group key exchange protocols withstanding ephemeral-key reveals

  Ángel Luis Pérez del Pozo

  When a group key exchange protocol is executed

  the session key is typically extracted from two types of secrets: long-term keys (for authentication) and freshly generated (often random) values. The leakage of this latter so-called ephemeral keys has been extensively analysed in the 2-party case

  yet very few works are concerned with it in the group setting. The authors provide a generic group key exchange construction that is strongly secure

  meaning that the attacker is allowed to learn both long-term and ephemeral keys (but not both from the same participant

  as this would trivially disclose the session key). Their design can be seen as a compiler

  in the sense that it builds on a 2-party key exchange protocol which is strongly secure and transforms it into a strongly secure group key exchange protocol by adding only one extra round of communication. When applied to an existing 2-party protocol from Bergsma et al.

  the result is a 2-round group key exchange protocol which is strongly secure in the standard model

  thus yielding the first construction with this property.

  Group key exchange protocols withstanding ephemeral-key reveals

  Consuelo Martínez

  Probability plays a fundamental role in complexity theory

  which in turn is one of the pillars of modern cryptology. However

  security practitioners are not always familiar with probability theory

  and thus fail to foresee the impact of (seemingly small) deviations from the theoretical description of a scheme at the implementation level. On the other hand

  many cryptographic scenarios involve mutually distrusting parties

  which need however to cooperate towards a joint goal. In order to attain assurance of the good behavior of one party

  interactive validation methods (also known as interactive proof systems) are employed. Randomness is at the core of such methods

  which most often will only provide relative assurance

  in the sense that they will establish correctness in a probabilistic way. In this paper we will briefly discuss the role of probability theory within modern cryptology

  reviewing probabilistic proof systems as a powerful tool towards efficient protocol design

  and provable security

  as an invaluable framework for deriving formal security proofs.

  The Roll of Dices in Cryptology

  A protocol compiler is presented which transforms any unauthenticated (attribute-based) group key establishment protocol into an authenticated attribute-based group key establishment. If the protocol to which the compiler is applied does not make use of long-term secrets

  then the resulting protocol is

  in addition

  deniable. In particular

  applying our compiler to an unauthenticated 2-round protocol going back to Burmester and Desmedt results in a 3-round solution for attribute-based group key establishment

  offering both forward secrecy and deniability.

  Scalable attribute-based group key establishment: from passive to active and deniable

  Rainer Steinwandt

  Kashi Neupane

  The popular Katz-Yung compiler from CRYPTO 2003 can\nbe used to transform unauthenticated group key establishment proto-\ncols into authenticated ones. In this paper we present a modi?cation\nof Katz and Yung's construction which maintains the round complexity\nof their compiler

  but for `typical' unauthenticated group key establish-\nments adds authentication in such a way that deniability is achieved as\nwell. As an application

  a deniable authenticated group key establish-\nment with three rounds of communication can be constructed.

  Scalable Deniable Group Key Establishment

  Group Key Establishment: adding perfect forward secrecy at the cost of one round

  Rainer Steinwandt

  Kashi Neupane

  A compiler is presented which

  in the random oracle model

  \nallows to add perfect forward secrecy to any secure authenticated group\nkey establishment protocol P which has at least one round. The com-\npiler does not modify the session identi?er and does not impose changes\non the underlying public key infrastructure. Building on a secure unau-\nthenticated 1-round 2-party key establishment Q with perfect forward\nsecrecy as auxiliary input

  P is transformed into an authenticated group\nkey establishment protocol with perfect forward secrecy and with one\nmore round than P.

  Group Key Establishment: adding perfect forward secrecy at the cost of one round

  Attribute-based group key establishment

  Rainer Steinwandt

  Motivated by the problem of establishing a session key among parties based on the possession of certain credentials only

  we discuss a notion of attribute-based key establishment. A number of new issues arise in this setting that are not present in the usual settings of group key establishment where unique user identities are assumed to be publicly available. \n After detailing the security model

  we give a two-round solution in the random oracle model. As main technical tool we introduce a notion of attribute-based signcryption

  which may be of independent interest. We show that the type of signcryption needed can be realized through the encrypt-then-sign paradigm. Further

  we discuss additional guarantees of the proposed protocol

  that can be interpreted in terms of deniability and privacy.

  Attribute-based group key establishment

  Suarez Corona

  Universidad de León

  Universidad de Oviedo

  University of Denver

  Florida Atlantic University

  Florida Atlantic University

  Research in Cryptography

  Universidad de Oviedo

  Coordinadora Máster Universitario de Investigación en Ciberseguridad

  Universidad de León

  Visiting Assistant Professor

  Research in Cryptography.\nCourses taught:\nDiscrete Mathematics\nCalculus and Analytic Geometry I

  Florida Atlantic University

  University of Denver

  Courses taught:\nFoundations Seminar in Cryptography\nCalculus for Business and Social Sciences.\nCalculus of Several Variables.\nCalculus II\n

  Lecturer

  Greater Denver Area

  León Area

  Spain

  Research in Cryptography: provable security

  key establishment

  quantum cryptography

  post quantum cryptography...\n\nGraduate Courses taught:\n\nMathematics for Cybersecurity I-Cryptography (Master of Research in Cybersecurity)\nNew trends in Cybersecurity ((Master of Research in Cybersecurity)\nCryptography (Professional Master´s in Security Technologies

  organized by INCIBE).\n\nUndergraduate courses taught:\n\nComputer Security(Computer Science mayor)\nAlgorithms and Graphs (Computer Science mayor)\nNeural networks and genetic algorithms (Biotechnology and Computer Science mayors)\nCalculus I (Mining Engineering mayor)\nCalculus (Topography and Forrestry Engineering mayors)\nAlgebra (Topography and Forrestry Engineering mayors)\nMathematical Methods (Topography and Forrestry Engineering mayors)\n\nSummer courses taught:\n\nSummer school \"Cybersecurity for young students\"\nPhd Summer School \"Secure design and theat analysis for systems\"\n\n

  Profesor Ayudante Doctor

  University of León

  Research in Cryptography.\nCourses taught: Methods of Calculus

  Florida Atlantic University

  Directora del Área de Proyección Internacional

  Universidad de León