Filters








8 Hits in 1.1 sec

Certifying RSA [chapter]

Saqib A. Kakvi, Eike Kiltz, Alexander May
2012 Lecture Notes in Computer Science  
We propose an algorithm that, given an arbitrary N of unknown factorization and prime e ≥ N 1 4 +ε , certifies whether the RSA function RSAN,e(x) := x e mod N defines a permutation over Z * N or not.  ...  A dishonest prover may send a malicious description of a trapdoor function which is not a permutation. If this remains unnoticed by the verifier, it may allow the prover to cheat in the protocol.  ...  the (description of ) the trapdoor permutation f includes a number which is a product of two primes, and there is (probably) no polynomial time procedure to test whether or not a number is a product of  ... 
doi:10.1007/978-3-642-34961-4_25 fatcat:5cldedwdnjcitnxqzhq6a4imee

Reinforcement Learning for Blackjack [chapter]

Saqib A. Kakvi
2009 Lecture Notes in Computer Science  
Reinforcement Learning attempts to teach a computer certain actions, given certain states, based on past experience and numerical rewards gained.  ...  It learns based on past rewards for an action, A, and the reward received for action A.  ...  By calculating these values, the agent learns a policy, P , which is the action the agent will take in a given state. We aim to learn a policy P P * .  ... 
doi:10.1007/978-3-642-04052-8_43 fatcat:5bflopenmbcbzj7q5uarqynrym

How to build time-lock encryption

Jia Liu, Tibor Jager, Saqib A. Kakvi, Bogdan Warinschi
2018 Designs, Codes and Cryptography  
Time-lock encryption is a method to encrypt a message such that it can only be decrypted after a certain deadline has passed.  ...  We propose a new construction of a witness encryption scheme which is of independent interest: our scheme, based on Subset-Sum, achieves extractable security without relying on obfuscation.  ...  Part of this work was done while Jia Liu and Saqib A. Kakvi were employed at the University of Bristol.  ... 
doi:10.1007/s10623-018-0461-x fatcat:gp5tebkchbexnmdhj7girsh4ki

Optimal Security Proofs for Full Domain Hash, Revisited

Saqib A. Kakvi, Eike Kiltz
2017 Journal of Cryptology  
Concretely, we give a new tight security reduction from a stronger assumption, the Phi-Hiding assumption introduced by Cachin et al (EUROCRYPT 1999).  ...  It was furthermore proved by Coron (EUROCRYPT 2002) that a security loss of qs is optimal and cannot possibly be improved. In this work we uncover a subtle flaw in Coron's impossibility result.  ...  For any algorithm A, we define x ← $ A(a 1 , . . . , a n ) as the execution of A with inputs a 1 , . . . , a n and fresh randomness and then assigning the output to x.  ... 
doi:10.1007/s00145-017-9257-9 fatcat:az67cv5hzvejzb5vvg6qaakegi

Optimal Security Proofs for Full Domain Hash, Revisited [chapter]

Saqib A. Kakvi, Eike Kiltz
2012 Lecture Notes in Computer Science  
Concretely, we give a new tight security reduction from a stronger assumption, the Phi-Hiding assumption introduced by Cachin et al (EUROCRYPT 1999).  ...  It was furthermore proved by Coron (EUROCRYPT 2002) that a security loss of qs is optimal and cannot possibly be improved. In this work we uncover a subtle flaw in Coron's impossibility result.  ...  For any algorithm A, we define x ← $ A(a 1 , . . . , a n ) as the execution of A with inputs a 1 , . . . , a n and fresh randomness and then assigning the output to x.  ... 
doi:10.1007/978-3-642-29011-4_32 fatcat:afhuyvuy2nft3d6y3xmzvttttu

Tightly-Secure Signatures from Chameleon Hash Functions [chapter]

Olivier Blazy, Saqib A. Kakvi, Eike Kiltz, Jiaxin Pan
2015 Lecture Notes in Computer Science  
doi:10.1007/978-3-662-46447-2_12 fatcat:gmll6i2oq5amtnapagw4rb3r2i

Tighter Reductions for Forward-Secure Signature Schemes [chapter]

Michel Abdalla, Fabrice Ben Hamouda, David Pointcheval
2013 Lecture Notes in Computer Science  
Unlike the original Itkis-Reyzin scheme, our construction can be instantiated under different decisional complexity assumptions and has a much tighter security reduction.  ...  We do so by proving that the underlying identification schemes used in these schemes are a particular case of the lossy identification notion recently introduced by Abdalla et al. at Eurocrypt 2012.  ...  Acknowledgments We would like to thank Mihir Bellare and Eike Kiltz for their helpful comments on a preliminary version of this paper and the anonymous referees of PKC 2013 for their valuable input.  ... 
doi:10.1007/978-3-642-36362-7_19 fatcat:maay2um3unch3htxbrwtqqz3uy

Time Reveals The Truth - More Efficient Constructions of Timed Cryptographic Primitives

Peter Chvojka, Bergische Universität Wuppertal
2021
[LJKW18], aims to avoid both the dependency on a trusted entity and the need to perform a sequential computation.  ...  Historically the first approach suggested by May [May93] relies on a trusted entity which at a required time point essentially reveals the secret information.  ...  The content of this chapter is joint work with Tibor Jager and Saqib A. Kakvi [CJK20] .  ... 
doi:10.25926/n2k9-cj05 fatcat:z2krowzhdzeyhlaihexym3btte