A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Filters
Improving Practical UC-Secure Commitments Based on the DDH Assumption
[chapter]
2016
Lecture Notes in Computer Science
Preserved Fulltext
At Eurocrypt 2011, Lindell presented practical static and adaptively UC-secure commitment schemes based on the DDH assumption. Later, Blazy et al. ...
In this paper, we present static and adaptively UC-secure commitment schemes based on the same assumption and further improve the communication and computational complexity, as well as the size of the ...
Commitment Protocol Adaptive with Erasures
Table 1 . 1 Comparison among the UC commitments based on the DDH assumption Schemes
Public Communication Computational Rounds
Security
Parameter Complexity ...
doi:10.1007/978-3-319-44618-9_14
fatcat:4txkfu25jverxpaqj4sziyskhm
Non-interactive and Re-usable Universally Composable String Commitments with Adaptive Security
[chapter]
2011
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2012; you can also visit the original URL.
The file type is application/pdf.
We present the first provably secure constructions of universally composable (UC) commitments (in pairing-friendly groups) that simultaneously combine the key properties of being non-interactive, supporting ...
commitments to strings (instead of bits only), and offering reusability of the common reference string for multiple commitments. ...
CRS) and possible reliance on secure erasures, UC-security of commitments is typically based on further hardness assumptions. ...
doi:10.1007/978-3-642-25385-0_25
fatcat:x5amq5zz5vgbbhai7rwsxx4zaq
On the Complexity of UC Commitments
[chapter]
2014
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Several recent works obtain practical UC commitment protocols in the common reference string (CRS) model under the DDH assumption. These protocols have two main disadvantages. ...
By plugging in known efficient protocols for UC-secure OT, we get rate-1, computationally efficient UC commitment protocols under a variety of setup assumptions (including the CRS model) and under a variety ...
An important improvement in concrete efficiency was presented recently by Lindell [28] ; this is achieved for static corruptions based on the DDH assumption in the CRS model. Blazy et al. ...
doi:10.1007/978-3-642-55220-5_37
fatcat:dtgdsyr7mngndgzsswbi322coi
Efficient Concurrent Oblivious Transfer in Super-Polynomial-Simulation Security
[chapter]
2012
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
The security of our protocol is based on the decisional Diffie-Hellman (DDH) assumption. c ≈ Y denote that X and Y are computationally indistinguishable. ...
In this paper, we show a concurrent oblivious transfer protocol in super-polynomial-simulation (SPS) security. ...
The security of our protocol is based on the decisional Diffie-Hellman (DDH) assumption. Our Technique. Here, we give a brief overview of our protocol. ...
doi:10.1007/978-3-642-34117-5_14
fatcat:mq5hnueae5antd2mj7f4ewlnae
Highly-Efficient Universally-Composable Commitments Based on the DDH Assumption
[chapter]
2011
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
In this paper, we construct highly efficient UC-secure commitments from the standard DDH assumption, in the common reference string model. ...
Commitment schemes are a basic building block in many cryptographic constructions, and as such universally composable commitments are of great importance in constructing UC-secure protocols. ...
We also thank Olivier Blazy, Céline Chevalier, David Pointcheval and Damien Vergnaud (the authors of [27] ) for finding the error in the construction appearing in previous versions of this paper for security ...
doi:10.1007/978-3-642-20465-4_25
fatcat:5wmhkuxmf5fbrl5fgkntjsr4ku
Somewhat Non-committing Encryption and Efficient Adaptively Secure Oblivious Transfer
[chapter]
2009
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
We solve the latter problem by means of a new primitive that we call somewhat non-committing encryption resulting in significant efficiency improvements over the standard method for realizing secure channels ...
The main difference between adaptive and semi-adaptive security is that semi-adaptive security allows for the case where one party starts out corrupted and the other party becomes corrupted later on, but ...
We also thank the anonymous referees for their constructive comments. ...
doi:10.1007/978-3-642-03356-8_30
fatcat:r6cuynclera67nj22acjec2n44
Practical UC security with a Global Random Oracle
2014
Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security - CCS '14
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
in turns is based on UC-Commitments only. ...
We show how to construct very efficient protocols in the gRO model, which in most cases improve on the highly efficient known existing solutions in the CRS model. ...
Acknowledgment We thanks Vassilis Zikas for pointing out ways to improve the presentation of our model. ...
doi:10.1145/2660267.2660374
dblp:conf/ccs/Canetti0S14
fatcat:zlix3j3o6ncg3pynvygouwxbwm
Practical Fully Simulatable Oblivious Transfer with Sublinear Communication
[chapter]
2013
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We propose the first fully simulatable adaptive OT with sublinear communication under the DDH assumption in the plain model. ...
On the other hand, in some applications, the receiver just needs to fetch a small number of documents, so the initialization cost dominates in the entire protocol, especially for 1-outof-N OT. ...
The second author was supported by Estonian Research Council, the Tiger University Program of the Estonian Information Technology Foundation, and European Union through the European Regional Development ...
doi:10.1007/978-3-642-39884-1_8
fatcat:724accjte5cb3pf3lb5mrbudfe
Post-quantum Universal Composable OT Based on Key Exchange
2020
IEEE Access
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
We construct a universal composable framework for two-message oblivious transfer protocols based on lattice-assumption. ...
We instantiate Hash Function as SPHF, which can be more secure in practical application and can achieve full-simulatable in security proof. ...
They constructed a two round protocol based on DDH assumption, whose security proof wasn't based on random oracles [10] . ...
doi:10.1109/access.2020.3014165
fatcat:37j3hz2nardupa4fyphcbtsnmq
Practical Adaptive Oblivious Transfer from Simple Assumptions
[chapter]
2011
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
All prior protocols in the standard model either do not meet our efficiency requirements or require dynamic "q-based" assumptions. ...
of having the same view of the database, (2) execute transfers in time independent of the size of the database, and (3) satisfy a strong notion of security under a simple assumption in the standard model ...
It was based on the Decision Linear and q-Hidden LRSW assumptions, in the asymmetric setting. The latter assumption implies that DDH must hold in both G 1 and G 2 . ...
doi:10.1007/978-3-642-19571-6_21
fatcat:zmkpoyydvzfnfdvebzwli5unme
Efficiency-Improved Fully Simulatable Adaptive OT under the DDH Assumption
[chapter]
2010
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2012; you can also visit the original URL.
The file type is application/pdf.
At Asiacrypt 2009, Kurosawa and Nojima showed a fully simulatable adaptive oblivious transfer (OT) protocol under the DDH assumption in the standard model. ...
However, Green and Hohenberger pointed out that the communication cost of each transfer phase is O(n), where n is the number of the sender's messages. ...
We stress that all the above schemes rely on dynamic assumptions (namely, the q-based assumptions in Table 1 where q may depend on n, the number of messages in OT). ...
doi:10.1007/978-3-642-15317-4_12
fatcat:6n52xedcvradli7x5ychktmioe
Shorter Quasi-Adaptive NIZK Proofs for Linear Subspaces
[chapter]
2013
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Our construction can be based on any k-linear assumption, and in particular under the eXternal Diffie Hellman (XDH) assumption our proofs are even competitive with Random-Oracle based Σ-protocol NIZK proofs ...
Our techniques also lead to the shortest known (ciphertext) fully secure identity based encryption (IBE) scheme under standard static assumptions (SXDH). ...
For starters, based on [11] , our system yields an adaptive UC-secure commitment scheme (in the erasure model) that has only four group elements as commitment, and another four as opening (under the DLIN ...
doi:10.1007/978-3-642-42033-7_1
fatcat:p56yevlgyrfrnh4kb42lqlrbjy
Implicit Zero-Knowledge Arguments and Applications to the Malicious Setting
[chapter]
2015
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
As an application of iZK, we improve upon the round-efficiency of existing protocols for securely computing inner product under the DDH assumption. ...
Our main technical contribution is a construction of efficient two-flow iZK and SSiZK protocols for a large class of languages under the (plain) DDH assumption in cyclic groups in the common reference ...
This work was supported in part by the CFM Foundation, ANR-14-CE28-0003 (Project EnBid), and the European Research Council under the European Community's Seventh Framework Programme (FP7/2007 -2013 . ...
doi:10.1007/978-3-662-48000-7_6
fatcat:c4t4q6oc75hidczekkwurl6siu
Removing Erasures with Explainable Hash Proof Systems
[chapter]
2017
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
As an important side contribution, we also propose a new commitment scheme based on DDH, which leads to the construction of the first one-round PAKE adaptively secure under plain DDH without pairing, assuming ...
Next, we demonstrate that this new tool generically leads to efficient PAKE and OT protocols that are secure against semi-adaptive adversaries without erasures in the Universal Composability (UC) framework ...
Acknowledgments This work was supported in part by the French ANR-12-INSE-0014 SIMPATIC Project, the CFM Foundation, and the European Research Council under the European Community's Seventh Framework Programme ...
doi:10.1007/978-3-662-54365-8_7
fatcat:qak4wib37nd4zlqonf42drbofa
One-Sided Adaptively Secure Two-Party Computation
[chapter]
2014
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
Furthermore, general two-party protocols require a number of NCE calls that is dependent both on the circuit size and the security parameter. ...
In this paper we study the two-party setting in which at most one of the parties is adaptively corrupted, which we believe is the right security notion in the two-party setting. ...
Finally, we discuss two instantiations of ZK PoK based on the DDH and QR assumptions. Constant round one-sided secure computation. ...
doi:10.1007/978-3-642-54242-8_16
fatcat:dtfougkw3nhojilbl7u4mbjrf4
« Previous
Showing results 1 — 15 out of 147 results