Phong Le

Phong Le

Cryptographer, Security Researcher

Posts by Collection

portfolio

publications

A Variant of Miller Formula and Algorithm

Published in Pairing-Based Cryptography, 2010

In this paper, we propose a variant of Miller formula which gives rise to a generically faster algorithm for any pairing friendly curve. Concretely, it provides an improvement in cases little studied until now, in particular when denominator elimination is not available. It allows for instance the use of elliptic curve with embedding degree not of the form $2^i3^j$, and is suitable for the computation of optimal pairings.

Recommended citation: John Boxall, Nadia El Mrabet, Fabien Laguillaumie, Duc-Phong Le. " A variant of Miller formula and algorithm (2010)." Pairing 2010. https://link.springer.com/chapter/10.1007/978-3-642-17455-1_26

Speeding up Ate Pairing Computation in Affine Coordinates

Published in ICISC, 2012

In this paper, we investigate techniques to speed up Ate pairing computation in affine coordinates. We first analyze Ate pairing computation using 4-ary Miller algorithm in affine coordinates. This technique allows us to trade one multiplication in the full extension field and one field inversion for several multiplications in a smaller field. Then, we focus on pairing computations over elliptic curves admitting a twist of degree 3. We propose new fast explicit formulas for Miller function that are comparable to formulas over even twisted curves. We further analyze pairing computation on cubic twisted curves by proposing efficient subfamilies of pairing-friendly elliptic curves with embedding degrees k = 9, and 15.

Recommended citation: Duc-Phong Le, Chik How Tan. (2012). "Speeding up Ate Pairing Computation in Affine Coordinates." ICISC 2012. https://eprint.iacr.org/2013/119.pdf

On Double Exponentiation for Securing RSA against Fault Analysis

Published in CT-RSA, 2014

In this paper, we revisit the double exponentiation countermeasure and propose faster methods to perform a double exponentiation. On the one hand, we present new heuristics for generating shorter double addition chains. On the other hand, we present an efficient double exponentiation algorithm based on a right-to-left sliding window approach.

Recommended citation: Duc-Phong Le, Matthieu Rivain, Chik How Tan. (2014). "On Double Exponentiation for Securing RSA against Fault Analysis." CT-RSA 2014. https://eprint.iacr.org/2015/657.pdf

Randomizing the montgomery powering ladder

Published in Information Security Theory and Practice: 9th IFIP WG 11.2 International Conference (WISTP), 2015

In this paper, we present novel randomized techniques to enhance Montgomery powering ladder. The proposed techniques increase the resistance against side-channel attacks and especially recently published correlation collision attacks in the horizontal setting.

Recommended citation: Duc-Phong Le, Chik How Tan, Michael Tunstall. (2015). "Randomizing the montgomery powering ladder." WISTP 2015. https://eprint.iacr.org/2015/657.pdf

On the near prime-order MNT curves

Published in Applicable Algebra in Engineering, Communication and Computing, 2018

This paper extends the method of Scott and Barreto to introduce an explicit and simple algorithm that is able to generate all families of MNT curves with any given cofactor.

Recommended citation: Duc-Phong Le, Nadia El Mrabet, Safia Haloui, Chik How Tan. (2019). "On the near prime-order MNT curves." Applicable Algebra in Engineering, Communication and Computing. 30(2). https://link.springer.com/article/10.1007/s00200-018-0363-1

BIFF: A blockchain-based IoT forensics framework with identity privacy

Published in TENCON 2018-2018 IEEE region 10 conference, 2018

In this paper, leveraging on the blockchain technology, we propose a per-missioned blockchain-based IoT forensics framework to enhance the integrity, authenticity and non-repudiation properties for the collected evidence. We formally define the system architecture, provide framework details, and propose a cryptographic-based approach to mitigate identity privacy concern.

Recommended citation: Duc-Phong Le, Huasong Meng, Le Su, Sze Ling Yeo, Vrizlynn Thing. (2018). "BIFF: A blockchain-based IoT forensics framework with identity privacy." TENCON 2018-2018 IEEE region 10 conference. https://ieeexplore.ieee.org/abstract/document/8650434

A new multisignature scheme with public key aggregation for blockchain

Published in The 17th International Conference on Privacy, Security and Trust (PST), 2019

This paper introduces a new multisignature scheme with public key aggregation. Our scheme is proven secure under the Decisional Diffie-Hellman assumption. In addition, in the presence of rogue key attacks, the security of our scheme is proven in the plain public key model.

Recommended citation: Duc-Phong Le, Guomin Yang, Ali Ghorbani. (2019). "A new multisignature scheme with public key aggregation for blockchain." 2019 17th International Conference on Privacy, Security and Trust (PST). https://ieeexplore.ieee.org/abstract/document/8949046

Algebraic Differential Fault Analysis on SIMON Block Cipher

Published in IEEE Transactions on Computers, 2019

This paper presents three attacks using three different algebraic techniques combined with a differential fault attack in the bit-flip fault model to break the SIMON block cipher.

Recommended citation: Duc-Phong, Le; Sze-Ling Yeo; Khoongming, Khoo. (2019). "Algebraic Differential Fault Analysis on SIMON Block Cipher." IEEE Transactions on Computers. 68(11). https://ieeexplore.ieee.org/abstract/document/8751983

Improved fault analysis on SIMECK ciphers

Published in Journal of Cryptographic Engineering, 2021

In this paper, under the one bit-flip model, we propose a new efficient fault analysis attack on SIMECK ciphers. Compared to those previously reported attacks, our attack can recover the full master key by injecting faults into only a single round of all SIMECK family members.

Recommended citation: Duc-Phong Le, Rongxing Lu, Ali A. Ghorbani. (2022). "Improved fault analysis on SIMECK ciphers." Journal 1. 12(2). https://link.springer.com/article/10.1007/s13389-021-00263-w

Privacy-preserving post-quantum credentials for digital payments

Published in Financial Cryptography Workshops 2022, 2022

Proposed herein is a pseudonymous credential scheme for use in payment systems. The scheme is privacy-preserving, efficient for practical applications, and hardened against quantum-compute attacks.

Recommended citation: Raza Ali Kazmi, Duc-Phong Le, Cyrus Minwalla (2022). "Privacy-Preserving Post-quantum Credentials for Digital Payments", Financial Crypptography Workshops 2022. https://www.bankofcanada.ca/wp-content/uploads/2023/06/swp2023-33.pdf

talks

A new multisignature scheme with public key aggregation for blockchain

Published:

A multi signature scheme allows a group of signers to produce a joint signature on a common message, which is more compact than a collection of distinct signatures from all signers. Given this signature and the list of signers’ public keys, a verifier is able to check if every signer in the group participated in signing. Recently, a multisignature scheme with public key aggregation has drawn a lot of attention due to their applications into the blockchain technology. Such multisignatures provide not only a compact signature, but also a compact aggregated public key, that is both the signature size and the public key size used to verify the correctness of the signature are independent from the number of signers. This is useful for a blockchain because of its duplication over a distributed network, and thus it is required to be as compact as possible. In this paper, we introduce a new multisignature scheme with such a feature. Our scheme is proven secure under the Decisional Diffie-Hellman assumption. In addition, in the presence of rogue key attacks, the security of our scheme is proven in the plain public key model.

Recommended citation: Duc-Phong Le, Guomin Yang, Ali Ghorbani. (2019). "A new multisignature scheme with public key aggregation for blockchain." 2019 17th International Conference on Privacy, Security and Trust (PST). 6(2).

Algebraic Differential Fault Attacks on SIMON Lightweight Block Ciphers

Published:

Algebraic differential fault attack (ADFA) is an attack in which an attacker combines a differential fault attack and an algebraic technique to break a targeted cipher. In this paper, we present three attacks using three different algebraic techniques combined with a differential fault attack in the bit-flip fault model to break the SIMON block cipher. First, we introduce a new analytic method which is based on a differential trail between the correct and faulty ciphertexts. This method is able to recover the entire master key of any member of the SIMON family by injecting faults into a single round of the cipher. In our second attack, we present a simplified Grobner basis algorithm to solve the faulty system. We show that this method could totally break SIMON ciphers with only 3 to 5 faults injected. Our third attack combines a fault attack with a modern SAT solver. By guessing some key bits and with only a single fault injected at the round T - 6, where T is the number of rounds of a SIMON cipher, this combined attack could manage to recover a master key of the cipher. For the last two attacks, we perform experiments to demonstrate the effectiveness of our attacks. These experiments are implemented on personal computers and run in very reasonable timing.

Synthetic Data Generation and Evaluation

Published:

Data privacy has recently become a hot topic in the news thanks to failures in security and concerns about how companies are using the personal data they collect about their customers or users. Facebook, for instance, faced scrutiny over its handling of consumer data both in the U.S. and in the U.K. Facing the above issues, the generation of synthetic data is becoming a fundamental task in the daily life of any organization. Synthetic data is directly and separately generated from an original data. The generated data should be realistic in certain aspects, like format, distribution of attributes, relationship among attributes, etc; and could provide the similar results when performing data analytics on both datasets. In this presentation, we will first present recent research to generate synthetic data, and then empirical methods to evaluate the similarity of the generated data.

Security & Privacy on Blockchains

Published:

This talk will present an overview of security and privacy issues on blockchains. I also provide some open research questions in this talk.

Blockchain in Fintech - An Overview

Published:

Blockchain technology is already being explored in a wide number of Fintech sectors. This talk will present an overview of the Fintech ecosystem and the topics that can be investigated as a result of the new digital advances brought forth by blockchain. We will first present the fundamentals of blockchain, and then how blockchain technology transforms the Fintech industry. Based on a list of selected characteristics, we will present a taxonomy of blockchain platforms. We then talk about the use cases for each of the Fintech ecosystem’s verticals, including Central bank digital currency (CBDC). These use cases are prevalent in public blockchain ecosystems and are upending established financial transaction protocols. Finally, we will mention some challenges of using blockchain technology in Fintech.

teaching