Filters








1,653 Hits in 5.2 sec

Collective Coin Tossing Without Assumptions nor Broadcasting [chapter]

Silvio Micali, Tal Rabin
1991 Lecture Notes in Computer Science  
It works without broadcasting. It is enough thatevery pair of players can exchange messages. Our protocol is in fact the first VSS protocol implementable without broadcasting.  ...  We focus on one such a primitive, collective coin flipping. Here a group of players, some of which are dishonest, want to select a common, random and totally unbiased bit.  ... 
doi:10.1007/3-540-38424-3_18 fatcat:xxpqkzqo2naq3nd3ewvbbqrc3i

Fault-Tolerant Distributed Computing in Full-Information Networks

Shafi Goldwasser, Elan Pavlov, Vinod Vaikuntanathan
2006 2006 47th Annual IEEE Symposium on Foundations of Computer Science (FOCS'06)  
In this work, we will construct an ( , δ)-common-coin protocol for some , δ > 0, without assuming broadcast channels. We then show, Main Theorem 1.  ...  Informally "auditing" is a transformation that converts any protocol that assumes built-in broadcast channels into one that achieves a slightly weaker guarantee, without assuming broadcast channels.  ...  Lemma 10 (Committee-selection without Broadcast Channels).  ... 
doi:10.1109/focs.2006.30 dblp:conf/focs/GoldwasserPV06 fatcat:yfdtn3nmrbdbzdwow75ylapif4

Bootstrapping Consensus Without Trusted Setup: Fully Asynchronous Distributed Key Generation [article]

Eleftherios Kokoris-Kogias, Alexander Spiegelman, Dahlia Malkhi, Ittai Abraham
2019 IACR Cryptology ePrint Archive  
The solution comes from a novel Eventually Perfect Common Coin (EPCC) abstraction that enables the generation of a common coin from n concurrent HAVSS invocations.  ...  As a result, using our ADKG we remove the trusted setup assumption that the most scalable consensus algorithms make.  ...  ., without timing assumptions).  ... 
dblp:journals/iacr/Kokoris-KogiasS19 fatcat:c6dwatqsgfh7vipvpcjyfiy4dm

Eluding carnivores

Emin Gün Sirer, Sharad Goel, Mark Robson, Doǧan Engin
2004 Proceedings of the 11th workshop on ACM SIGOPS European workshop: beyond the PC - EW11  
First, we can make standard cryptographic assumptions to eliminate the coin tosses and use a computationally secure PRNGgenerated bit stream instead.  ...  Each pair of users tosses a coin in secret; call these AB, AC and BC. Bob and Charlie report the XOR of their two coin tosses to the mediator (Bob reports B = AB ⊕ BC, Charlie reports C = AC ⊕ BC).  ... 
doi:10.1145/1133572.1133611 dblp:conf/sigopsE/SirerGRE04 fatcat:hhnsyvuqabgs5atckud2zo2fym

Computational Hardness of Optimal FairComputation: Beyond Minicrypt [article]

Hemanta K. Maji, Mingyuan Wang
2021 IACR Cryptology ePrint Archive  
Our work focuses on tightly characterizing the hardness of computation assumption necessary and sufficient for optimal fair coin-tossing within Cryptomania, outside Minicrypt.  ...  Therefore, Moran, Naor, and Segev's coin-tossing protocol is optimal. However, is oblivious transfer necessary for optimal fair coin-tossing?  ...  Consequently, it is plausible that one can even implement optimal fair coin-tossing without implementing oblivious transfer in the f -hybrid model.  ... 
dblp:journals/iacr/MajiW21 fatcat:cht6ua6g2fd3tar3ljftmyqeie

Randomized Consensus in Wireless Environments: A Case Where More is Better

Bruno Vavala, Nuno Neves, Henrique Moniz, Paulo Veríssimo
2010 2010 Third International Conference on Dependability  
Since there is no strong majority, all of them will be compelled to toss a coin (with or without immediate progress) after running the first phases (line 29).  ...  After one coin tossing we have that P (¬E) > P (E), hence: (1) proposals tend to be equally distributed between the values, but (2) the chances to get a strong majority overtake the others (more and more  ... 
doi:10.1109/depend.2010.9 fatcat:xmfc2a4vavhuljtz6y75f2tpki

Blockchain BFT Protocol for Complete Asynchronous Networks [article]

Yongge Wang
2020 arXiv   pre-print
Unfortunately, neither constructive finality rule nor satisfactory liveness property has been obtained for CBC Casper, and it is commonly believed that CBC Casper could not achieve liveness property in  ...  In fact, there is a simple algebraic approach to specify this without timing assumptions.  ...  In Ben-Or's BFT protocol [2] , if consensus is not achieved yet, the participants autonomously toss a coin until more than n+t 2 participant outcomes coincide.  ... 
arXiv:2005.04309v2 fatcat:pmpz7galqnenjecsujea6hlogm

Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems

Wenbo Xu, Signe Rüsch, Bijun Li, Rüdiger Kapitza, Michael Wagner
2018 International Conference on Principles of Distributed Systems  
The communication does not require encryption, nor complex communication primitives such as reliable broadcast, nor TCP-like protocols that could be unavailable in certain application domains.  ...  Note that at line 15 of Algorithm 1, P R, φ, p, coin(), R-GET is authenticated by invoking authenticate_with_coin, and the result of the a coin toss is filled into the place where coin() stands.  ... 
doi:10.4230/lipics.opodis.2018.15 dblp:conf/opodis/XuRLK18 fatcat:adkfm37hqbhvvosr5x5equ4atq

Verifiable Postal Voting [chapter]

Josh Benaloh, Peter Y. A. Ryan, Vanessa Teague
2013 Lecture Notes in Computer Science  
The proposed scheme is not strictly end-to-end verifiable, because it depends on procedural assumptions at the point where the ballots are received.  ...  The piece of paper containing VI is accordingly stapled to either VE or VR, depending on the coin toss.  ...  For each envelope, a coin is tossed which determines whether observers will later get a link from VR to VI, or a link from VI to VE.  ... 
doi:10.1007/978-3-642-41717-7_8 fatcat:n3oev4sibfhohlq3e2bfp6jfcu

Formal Verification of Blockchain Byzantine Fault Tolerance [article]

Pierre Tholoniat, Vincent Gramoli
2019 arXiv   pre-print
First, we specify a simple broadcast primitive in 116 lines of code that is verified in 40 seconds on a 2-core Intel machine.  ...  Initial state with value 0, nothing has been broadcast nor delivered • locV1. Initial state with value 1, nothing has been broadcast nor delivered • locB0.  ...  The binary value broadcast finds applications in blockchains: First, it is implemented in HoneyBadger [40] to detect that correct processes have proposed diverging values in order to toss a common coin  ... 
arXiv:1909.07453v2 fatcat:tjruy6rpcvdqrigpyos5d6lbha

Collusion-Free Multiparty Computation in the Mediated Model [chapter]

Joël Alwen, Jonathan Katz, Yehuda Lindell, Giuseppe Persiano, abhi shelat, Ivan Visconti
2009 Lecture Notes in Computer Science  
Ensuring "broadcast". Protocol π is secure under the assumption that parties communicate over a broadcast channel.  ...  The coin-tossing functionality is defined by F ct (1 , λ) = ((r, s), C(r; s)), where |r| = and both r and s are uniformly distributed. 3. Let R be an N P-relation.  ...  (P n+1 "broadcasts" the round-i message of π.) Let sid = 1i.  ... 
doi:10.1007/978-3-642-03356-8_31 fatcat:q6qf374bdndxnlf2mzwxmboz5a

Secure key loss recovery for network broadcast in single-hop wireless sensor networks

Syed Taha Ali, Vijay Sivaraman, Ashay Dhamdhere, Diethelm Ostry
2010 Ad hoc networks  
broadcasts.  ...  Our scheme appends recovery information to each broadcast message to help out-of-sync receivers re-attach probabilistically using an older key.  ...  Figure 1 : 1 Key chain encryption of broadcast packets Figure 3 : 3 Operations performed by node upon arrival of broadcast packet P i Figure 4 : 4 Ultimate recovery probability versus coin toss bias  ... 
doi:10.1016/j.adhoc.2010.01.003 fatcat:rw4736r4zbg5vlfssx44zz3gra

Experimental Evaluation of Asynchronous Binary Byzantine Consensus Algorithms with t < n/3 and O(n^2) Messages and O(1) Round Expected Termination [article]

Tyler Crain
2020 arXiv   pre-print
Two different non-interactive threshold common coin implementations are tested, one using threshold signatures, and one based on the Diffe-Hellman problem using validity proofs [11].  ...  Each of the four algorithms have different requirements for the random coin, for the number of messages needed per round, whether or not cryptographic signatures are needed, among other details.  ...  In the random oracle model, this coin-tossing scheme is secure under the Computational Diffie-Hellman assumption if the threshold is t + 1, and under the Decisional Diffie-Hellman assumption otherwise.  ... 
arXiv:2004.09547v2 fatcat:mejxed43lvhqdgmspmsfmuecba

CRAFT: Composable Randomness and Almost Fairness from Time [article]

Carsten Baum, Bernardo David, Rafael Dowsley, Jesper Buus Nielsen, Sabine Oechsner
2020 IACR Cryptology ePrint Archive  
Fig. 18 : 18 Fig. 18: Functionality F ∆ ct for Multiparty Coin Tossing.  ...  OIA-2PC itself implies fair coin tossing, an important task used in randomness beacons.  ...  Each Pi ∈ P sends (Toss, sid, m • λ) to F ∆ ct and ticks. It then waits for the message (Coins, sid, A) where A ∈ F λ×m . 6.  ... 
dblp:journals/iacr/BaumDDNO20a fatcat:tf75sos7wzattiz5q27o5pwmky

Quantum Cryptography: Key Distribution and Beyond

Akshata Shenoy-Hejamadi, Anirban Pathak, Srikanth Radhakrishna
2017 Quanta  
classical coin tossing scheme.  ...  In strong coin tossing, the coin toss must be perfectly random. This is the requirement of correctness.  ... 
doi:10.12743/quanta.v6i1.57 fatcat:nwczh5zqjjch3abhrpcjb34ry4
« Previous Showing results 1 — 15 out of 1,653 results