Sie haben Javascript deaktiviert!
Sie haben versucht eine Funktion zu nutzen, die nur mit Javascript möglich ist. Um sämtliche Funktionalitäten unserer Internetseite zu nutzen, aktivieren Sie bitte Javascript in Ihrem Browser.

AG Codes and Kryptographie Show image information

AG Codes and Kryptographie

Collaborative Research Centre 901 On-The-Fly Computing

Here is the web page of SFB 901 On-The-Fly Computing

The objective of CRC 901 – On-The-Fly Computing (OTF Computing) – is to develop techniques and processes for automatic on-the-fly configuration and provision of individual IT services out of base services that are available on world-wide markets. In addition to the configuration by special OTF service providers and the provision by what are called OTF Compute Centers, this involves developing methods for quality assurance and the protection of participating clients and providers, methods for the target-oriented further development of markets, and methods to support the interaction of the participants in dynamically changing markets.

Cryptographic solutions in On-The-Fly Computing system

Successful marketing and acceptance of On-The-Fly Computing systems require dealing with their security. The highly dynamic and heterogeneous nature of the visioned system as well as data protection and further legal requirements pose a challenge for modern cryptography and require novel cryptographic solutions.

During the course of the project we intend to design solutions for confidential and authenticated communication in dynamic groups based on identity-based cryptography. This requires key revocation and reduction of power of authority for identity-based schemes. Efficient allocation of services and data access control in On-The-Fly Computing systems also require novel cryptographic schemes, which we intend to realize based on the attribute-based encryption schemes.

Another important market mechanism in On-The-Fly Computing Systems is an anonymous reputation system which enables clients to rate products and services and gives incentives to providers to improve their services. Hence, in this part of the project we develop new models of security and schemes to build a highly flexible and secure reputation system.

Work area: Access Control systems

One of our current goals is to develop secure, efficient and flexible access control systems for On-The-Fly Computing Data Centers and On-The-Fly service providers. A promising approach is to use attribute-based encryption schemes. These novel schemes use techniques from pairing-based cryptography and are related to identity-based cryptography too.

In the ciphertext-policy attribute-based encryption schemes, the owner of data defines an access policy for each data and encrypts it once using this policy. The policies for different data are Boolean formulas over predefined attributes. In order to provide access to the encrypted data, the owner of data gets each customer with a special decryption key. Every key is related to a set of attributes. A customer will be able to decrypt a ciphertext if and only if the attributes of his/her key satisfy the policy of the ciphertext.

The attribute-based approach simplifies the realization of data access control systems, which then can be even stored on an untrusted server. The data access control is completely realized by the encryption and all the data must be encrypted only once for all the customers.

In this area, our research focus is on the development of efficient and flexible attribute-based encryption schemes. The policies of the existing schemes are restricted to several classes of functions and are quite inefficient. On the one hand, we are interested in the development of schemes which can be applied to general function classes. On the other hand, we are looking for more efficient methods when realizing restricted function classes. Other modifications of the schemes will be also necessary when considering further questions arising from privacy protection and further legal requirements.

Work area: reputation systems

A second goal is to develop anonymous reputation systems. To provide trustworthy, reliable, and honest ratings there is a need for anonymous reputation systems that also guarantee that customers rate products only once. To further increase trust in the system, everyone – even outsiders – should be able to verify the validity of ratings. Some of these properties have been studied in the context of group signatures. However, the concept of group signatures does not meet all the requirements for reputation systems. In particular, reputation systems do not consist of a single group of users. Rather one can think of reputation systems as a family of group signature schemes – one for each product. Moreover, we may have providers with several products. Hence, when looking at security and anonymity group signature schemes for different products can not be considered in isolation. Finally, known constructions of group signatures do not provide all properties that we need for a secure and anonymous reputation system and do not provide them simultaneously.

The research focus in the area of reputation systems is the development of new security models and efficient, flexible and secure schemes which meet all our requirements. Here we mainly consider group signatures, but also attribute-based signatures and anonymous credential systems will be taken into account.


  • Johannes Blömer, Fabian Eidens, Jakob Juhnke
    Practical, Anonymous and Publicly Linkable, Universally Composable Reputation Systems
    In: The Cryptographers' Track at the RSA Conference 2018, San Francisco, CA, USA, Proceedings
    accepted for publication
  • Gennadij Liske
    CCA-Security for Predicate Encryption Schemes

    PhD Thesis, Paderborn University, 2017, [Download]
  • Johannes Blömer, Gennadij Liske
    Construction of Fully CCA-Secure Predicate Encryptions from Pair Encoding Schemes
    In: CT-RSA, 2016, [DOI], [Download]
  • Johannes Blömer, Jakob Juhnke, Christina Kolb
    Anonymous and Publicly Linkable Reputation Systems
    In: Financial Cryptography and Data Security (FC), 2015, [DOI], [Download]
  • Johannes Blömer, Jakob Juhnke, Nils Löken
    Short Group Signatures with Distributed Traceability
    In: Proceedings of the Sixth International Conference on Mathematical Aspects of Computer and Information Sciences (MACIS), 2015
  • Johannes Blömer, Kathlén Kohn
    Voronoi Cells of Lattices with Respect to Arbitrary Norms
    In: ArXiv e-prints, 2015, [Download]
  • Benedikt Kalde
    Implementierung eines hybriden Verschlüsselungsverfahrens nach Cramer und Shoup
    Master's Thesis, Paderborn University, 2015
  • Patrick Schleiter
    Constructions of Fully Secure Predicate Encryption Schemes
    Master's Thesis, Paderborn University, 2015, [Download]
  • Johannes Blömer, Peter Günther, Gennadij Liske
    Tampering Attacks in Pairing-Based Cryptography
    In: Proceedings of Fault Tolerance and Diagnosis in Cryptography (FDTC '14), 2014, [DOI]
  • Johannes Blömer, Gennadij Liske
    Constructing CCA-secure predicate encapsulation schemes from CPA-secure schemes and universal one-way hash functions
    In: Cryptology ePrint Archive, 2014, [Download]
  • Johannes Blömer, Ricardo Gomes da Silva, Peter Günther, Juliane Krämer, Jean-Pierre Seifert
    A Practical Second-Order Fault Attack against a Real-World Pairing Implementation
    In: Proceedings of Fault Tolerance and Diagnosis in Cryptography (FDTC '14), 2014, [DOI], [Download]
  • Janek Jochheim
    Hiding software components using functional encryption
    Master's Thesis, Paderborn University, 2014, [Download]
  • Jan Lippert
    Fujisaki-Okamoto Transformation
    Bachelor's Thesis, Paderborn University, 2014, [Download]
  • Timo Rath
    RSA-Full Domain Hash Revisited
    Bachelor's Thesis, Paderborn University, 2014
  • Johannes Blömer, Volker Krummel, Peter Günther
    Securing Critical Unattended Systems with Identity Based Cryptography - A Case Study
    In: Proceedings of the Fifth International Conference on Mathematical Aspects of Computer and Information Sciences (MACIS), 2013
  • Johannes Blömer, Gennadij Liske
    Direct Chosen-Ciphertext Secure Attribute-Based Key Encapsulations without Random Oracles
    In: Cryptology ePrint Archive, 2013, [Download]
  • Kathlén Kohn
    Attributbasierte Verschlüsselung mittels Gittermethoden - Mathematische Grundlagen, Verfahren und Sicherheitsbeweise
    Bachelor's Thesis, Paderborn University, 2013, [Download]
  • Oliver Otte
    Seitenkanalresistenz paarungsbasierter Kryptographie
    Bachelor's Thesis, Paderborn University, 2013, [Download]
  • Alina Tezer
    Verteilte Erstellung und Aktualisierung von Schlüsselservern in identitätsbasierten Verschlüsselungssystemen
    Bachelor's Thesis, Paderborn University, 2013
  • Thomas Haarhoff
    Identitätsbasierte Kryptographie - Implementierung von Paarungen für Körper der Charakteristik 2
    Bachelor's Thesis, Paderborn University, 2012, [Download]
  • Nils Löken
    Identitätsbasierte Signaturen - Ein Sicherheitsbeweis für Signaturen auf Grundlage von Gap-Diffie-Hellman-Gruppen mit Hilfe des Forking-Lemmas
    Bachelor's Thesis, Paderborn University, 2012, [Download]
  • Patrick Schleiter
    Attribute-basierte Verschlüsselung
    Bachelor's Thesis, Paderborn University, 2012, [Download]
  • Gennadij Liske
    Fault attacks in pairing-based cryptography
    Master's Thesis, Paderborn University, 2011, [Download]

The University for the Information Society