639 Hits in 5.1 sec

Non-committing Encryption from Φ-hiding [chapter]

Brett Hemenway, Rafail Ostrovsky, Alon Rosen
2015 Lecture Notes in Computer Science  
In this work, we present the first non-committing encryption scheme that achieves ciphertext expansion that is logarithmic in the message length.  ...  A central tool for constructing adaptively secure protocols is non-committing encryption (Canetti, Feige, Goldreich and Naor, STOC '96).  ...  Achieving non-interactive (2-round) non-committing encryption with optimal rate (i.e., O(1) ciphertext expansion) remained an open question.  ... 
doi:10.1007/978-3-662-46494-6_24 fatcat:nkfuoe3evrdbbpnedkfygf6xn4

Cryptography with Constant Input Locality

Benny Applebaum, Yuval Ishai, Eyal Kushilevitz
2009 Journal of Cryptology  
On the negative side, we show that primitives which require some form of non-malleability (such as digital signatures, message authentication, or non-malleable encryption) cannot be realized with constant  ...  It was recently shown (Applebaum et al., FOCS 2004) that, under standard cryptographic assumptions, most cryptographic primitives can be realized by functions with constant output locality, namely ones  ...  This problem was addressed by [4] , who gave a construction of a linear-stretch PRG with (large) constant output locality under a non-standard assumption taken from [1] .  ... 
doi:10.1007/s00145-009-9039-0 fatcat:bflxo6zcw5g27hbmcspq5doory

Succinct Arguments from Multi-prover Interactive Proofs and Their Efficiency Benefits [chapter]

Nir Bitansky, Alessandro Chiesa
2012 Lecture Notes in Computer Science  
We formulate a natural (though non-standard) variant of homomorphic encryption that has a homomorphismextraction property.  ...  The scheme is based on fully-homomorphic encryption (and no additional assumptions are needed for our succinct argument). (3) In addition, we revisit the problem of non-interactive succinct arguments of  ...  Their result suggests that non-standard assumptions, such as knowledge (extractability) assumptions may be inherent for constructing succinct non-interactive arguments (even if we were to drop the proof  ... 
doi:10.1007/978-3-642-32009-5_16 fatcat:je4zuvn23bcfvb5xwzgv3t3zjm

Auditable Privacy: On Tamper-Evident Mix Networks [chapter]

Jong Youl Choi, Philippe Golle, Markus Jakobsson
2006 Lecture Notes in Computer Science  
server is committed.  ...  Our tamper-evident mix network is a type of re-encryption mixnet in which a server proves that the permutation and re-encryption factors that it uses are correctly derived from a random seed to which the  ...  Therein, each mix server re-encrypts and permutes a list of n input ciphertexts two times, and commits to the ciphertext values inbetween the two rounds.  ... 
doi:10.1007/11889663_9 fatcat:m3wj3e6x6fbk7hffusb6u7znfa

Practical Dual-Receiver Encryption [chapter]

Sherman S. M. Chow, Matthew Franklin, Haibin Zhang
2014 Lecture Notes in Computer Science  
It is one of the most common cryptographic tasks to prove that two ciphertexts (or commitments) are well-formed and encrypting (or committing to) the same plaintext.  ...  Complete Non-Malleability. The notion of complete non-malleability (CNM) prohibits adversaries from computing encryptions of related plaintexts under adversarially generated public-keys.  ...  One primary interest in studying completely non-malleable encryption schemes springs from non-malleable commitments.  ... 
doi:10.1007/978-3-319-04852-9_5 fatcat:ltbusejyand6fem4crtkn2fwca

Improved, black-box, non-malleable encryption from semantic security

Seung Geol Choi, Dana Dachman-Soled, Tal Malkin, Hoeteck Wee
2017 Designs, Codes and Cryptography  
We also use a Shamir secret-share packing technique to improve the rate of the underlying error-correcting code. Non-malleable encryption from semantic security.  ...  We give a new black-box transformation from any semantically secure encryption scheme into a non-malleable one which has a better rate than the best previous work of Coretti et al. (TCC 2016-A).  ...  For example, there have been black-box constructions of non-malleable commitments [PW09] , set intersection protocols from homomorphic encryptions [DMRY09] , and a CCA2-secure encryption scheme for strings  ... 
doi:10.1007/s10623-017-0348-2 fatcat:iiz7magfrjcz3pwe6s2scosa4m

Recent Fingerprinting Techniques with Cryptographic Protocol [chapter]

Minoru Kuribayashi
2010 Signal Processing  
Under non-blind detection, which is a reasonable assumption in fingerprinting system, there is still a performance gap with the spread spectrum method.  ...  Then the seller verifies that the received ciphertext is made from the real fingerprint, and embeds it in his encrypted copy by multiplying those ciphertexts.  ...  .), ISBN: 978-953-7619-91-6, InTech, Available from:  ... 
doi:10.5772/8522 fatcat:3t6yp336jndhnmkvj3agjuuxoe

A Black-Box Construction of Non-malleable Encryption from Semantically Secure Encryption

Seung Geol Choi, Dana Dachman-Soled, Tal Malkin, Hoeteck Wee
2017 Journal of Cryptology  
We show how to transform any semantically secure encryption scheme into a non-malleable one, with a black-box construction that achieves a quasi-linear blow-up in the size of the ciphertext.  ...  Our construction departs from the oft-used paradigm of re-encrypting the same message with different keys and then proving consistency of encryption.  ...  We thank Vinod Vaikuntanathan for sharing his insights on non-malleability, and Oded Goldreich for pointing out [DGR99] , and for other helpful suggestions.  ... 
doi:10.1007/s00145-017-9254-z fatcat:bkvf747hdvauln3sjcqnq4yde4

Immunizing Encryption Schemes from Decryption Errors [chapter]

Cynthia Dwork, Moni Naor, Omer Reingold
2004 Lecture Notes in Computer Science  
Immunity to decryption errors is vital when constructing non-malleable and chosen ciphertext secure encryption schemes via current techniques; in addition, it may help defend against certain cryptanalytic  ...  We also consider the random oracle model, where we give a simple transformation from a one-way encryption scheme which is error-prone into one that is immune to errors.  ...  The standard definition of public-key encryption schemes requires perfect correctness.  ... 
doi:10.1007/978-3-540-24676-3_21 fatcat:t6ze3waifraxxj7mrwjt5yact4

Distributed public key schemes secure against continual leakage

Adi Akavia, Shafi Goldwasser, Carmit Hazay
2012 Proceedings of the 2012 ACM symposium on Principles of distributed computing - PODC '12  
and 2-linear assumptions. .  ...  We present distributed public key encryption (DPKE) and distributed identity based encryption (DIBE) schemes that are secure against continual memory leakage, under the Bilinear Decisional Diffie-Hellman  ...  We define the kLin and matrix kLin assumptions for k ≥ 1 a constant.  ... 
doi:10.1145/2332432.2332462 dblp:conf/podc/AkaviaGH12 fatcat:zmzonp4yxvanvbm6pxuzqrony4

A Protocol for Privately Reporting Ad Impressions at Scale

Matthew Green, Watson Ladd, Ian Miers
2016 Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS'16  
Our approach builds on the homomorphic encryption approach proposed by Adnostic [42] , but uses new cryptographic proof techniques to efficiently report billions of ad impressions a day using an additively  ...  Computational PIR (cPIR), does so solely with cryptographic assumptions and without assuming non-cooperating parties.  ...  We first force the prover to commit to the ciphertext vector C1, . . . , CN where each ciphertext is the Elgamal encryption of an encoded message in G.  ... 
doi:10.1145/2976749.2978407 dblp:conf/ccs/0001LM16 fatcat:tnxqmedeprfjfbrxaquvcj4lme

NTRUCCA: How to Strengthen NTRUEncrypt to Chosen-Ciphertext Security in the Standard Model [chapter]

Ron Steinfeld, San Ling, Josef Pieprzyk, Christophe Tartary, Huaxiong Wang
2012 Lecture Notes in Computer Science  
We present a variant of pNE called NTRUCCA, that is IND-CCA2 secure in the standard model assuming the hardness of worst-case problems in ideal lattices, and only incurs a constant factor overhead in ciphertext  ...  To our knowledge, our result gives the rst IND-CCA2 secure variant of NTRUEncrypt in the standard model, based on standard cryptographic assumptions.  ...  a one-time signature or commitment scheme.  ... 
doi:10.1007/978-3-642-30057-8_21 fatcat:5pcdq34otjbexajswvgq5gyi64

Arithmetic Cryptography

Benny Applebaum, Jonathan Avron, Chris Brzuska
2017 Journal of the ACM  
On the positive side, we show that, under reasonable assumptions, computational primitives like commitment schemes, public-key encryption, oblivious transfer, and general secure two-party computation can  ...  a full (non-black-box) access to the field.  ...  We will later (Section 9) show that APRG with polynomial stretch can be constructed based on the RLC assumption (with constant rate and constant noise rate).  ... 
doi:10.1145/3046675 fatcat:qhxd4yf32nck5ldmkyxot5lwxy

Black-Box Proof of Knowledge of Plaintext and Multiparty Computation with Low Communication Overhead [chapter]

Steven Myers, Mona Sergi, abhi shelat
2013 Lecture Notes in Computer Science  
We present a 2-round protocol to prove knowledge of a plaintext corresponding to a given ciphertext.  ...  To illustrate the merit of this relaxed proof of knowledge property, we use our result to construct a secure multi-party computation protocol for evaluating a function f in the standard model using only  ...  By the security of the commitment scheme (here we are using our encryption scheme as a simple commitment scheme), the probability that there is a ciphertext c i,j that is ever decommitted to in two distinct  ... 
doi:10.1007/978-3-642-36594-2_23 fatcat:uqboiem2ijbsff2utlxmbd74la

Compact Zero-Knowledge Proofs of Small Hamming Weight [chapter]

Ivan Damgård, Ji Luo, Sabine Oechsner, Peter Scholl, Mark Simkin
2018 Lecture Notes in Computer Science  
We introduce a new technique that allows to give a zeroknowledge proof that a committed vector has Hamming weight bounded by a given constant.  ...  The proof has unconditional soundness and is very compact: It has size independent of the length of the committed string, and for large fields, it has size corresponding to a constant number of commitments  ...  One slightly non-standard detail is that given the i'th row {[Π i,j ]} j=1,...  ... 
doi:10.1007/978-3-319-76581-5_18 fatcat:x5ubojvqyjefdax4nhi3bhnrqy
« Previous Showing results 1 — 15 out of 639 results