Secure Computation against Adaptive Auxiliary Information.

We formalize a definition of multiparty computation secure against adaptive auxiliary information (AAI-MPC), that intuitively guarantees that such an adversary learns no more than the function output and ... At the heart of our construction is a new two-round oblivious transfer protocol secure against malicious adversaries who may receive adaptive auxiliary information. ... How to Define Security Against Adaptive Auxiliary Information? ...

doi:10.1007/978-3-642-40041-4_18 fatcat:khpwd2kcmzgwrb256jh6zjtl7m

compute from this auxiliary input. ... extractor that remains secure with exponentially hard-to-invert auxiliary input. ... A more realistic scenario is the adaptive one, where the auxiliary information can be adaptively gathered. ...

doi:10.1145/1536414.1536498 dblp:conf/stoc/DodisKL09 fatcat:2jyrcpbnpnh7bdjdhzbxnx37km

We also give some instantiations: the first is a UCP based on the Boneh-Boyen Identity based encryption scheme, with provable security in the standard model. ... of ciphertexts against adaptive chosen ciphertext and adaptive chosen auxiliary public key attack if for the advantage of any A is at most ǫ with running time at most t. ... On the other hand, the security can be upgraded to be secure against adaptive chosen public key attacks, by either assuming random oracles, or require polynomially bounded ID (auxiliary public key) space ...

doi:10.1145/1533057.1533070 dblp:conf/ccs/ZhangHI09 fatcat:www55wpgmfbsbk3wn75jurxuya

against post-challenge auxiliary inputs and adaptive chosen-ciphertext attacks is defined as the following game pAI-CCA Scheme Description Strong Extractor with Hard-to-invert Auxiliary Inputs Interestingly ... output of f applied to the secret key sk (auxiliary input) Restriction of the Auxiliary Input Model Security Model The basic setting of our new security model is similar to the classic IND-CCA model ...

doi:10.1007/978-3-319-11203-9_8 fatcat:nwcis3tcxjgfbk25en5yenxlyu

For each version, which has fewer than the original number of logical units, the auxiliary information R* is computed as follows: 1. ... Further, it must also be conveyed unambiguously to a mid-stream adaptation engine in order to enable it to compute the auxiliary hashes. ...

doi:10.1109/icassp.2007.366364 dblp:conf/icassp/Mukherjee07 fatcat:kihd6vpig5d2hamfw2gb3traji

In this work, we show how to construct a distributed fully homomorphic identity-based encryption secure in the continual auxiliary input model. ... History tells us that is not enough to base security solely on the unfeasability of solving the underlying hard problem of a cryptosystem. ... A cryptosystem is secure in this model if it remains secure even when an adversary is given a computationally uninvertible function on input a secret key as an auxiliary input. ...

doi:10.5220/0006832202070218 dblp:conf/icete/GerardKS0M18 fatcat:vs77pwj345fava37tuoeh33lgq

In this paper, we rst observe that a subprotocol of theirs, known as weak secret sharing (WSS), is not secure against an adaptive adversary, contrary to what was believed earlier. ... Our protocols generalize easily to provide security against general Q2 adversaries. ... Then there is a multiparty computation protocol for computing C, secure against any adaptive adversary corrupting less than n/2 of the players. ...

doi:10.7146/brics.v5i36.19441 fatcat:6drzvpmw5rclza6lg5g3lkekmm

against adaptive chosen ciphertext attack without a random oracle. ... An important research area in the past decade is to search for efficient cryptographic schemes that do not rely for their security on the controversial random oracle assumption. ... We say that the PRG G is adaptively secure if, for any probability polynomialtime adversary A which has the auxiliary information f tag (x) on the seed x and has access to the oracle O tag (·, ·, ·), there ...

doi:10.1016/j.compeleceng.2012.02.001 fatcat:qty7vgz2enfyrkjtqgck7dy4ke

against adaptive chosen ciphertext attack without a random oracle. ... An important research area in the past decade is to search for efficient cryptographic schemes that do not rely for their security on the controversial random oracle assumption. ... We say that the PRG G is adaptively secure if, for any probability polynomialtime adversary A which has the auxiliary information f tag (x) on the seed x and has access to the oracle O tag (·, ·, ·), there ...

doi:10.1007/978-3-642-11145-7_10 fatcat:idiu42ricbey7ezl23vxkw6lty

In the auxiliary input model an adversary is allowed to see a computationally hard-to-invert function of the secret key. ... Our main contribution is a digital signature scheme that is secure against chosen message attacks when given an exponentially hard-to-invert function of the secret key. ... The Auxiliary Input Model The auxiliary input model of Dodis, Kalai and Lovett [10] introduced the notion of security of cryptographic schemes in the presence of computationally hard-to-invert leakage ...

doi:10.1007/s00145-015-9197-1 fatcat:gv752itwbzdlfamfrc6aigft4i

In the auxiliary input model an adversary is allowed to see a computationally hard-to-invert function of the secret key. ... Our main contribution is a digital signature scheme that is secure against chosen message attacks when given an exponentially hard-to-invert function of the secret key. ... The Auxiliary Input Model The auxiliary input model of Dodis, Kalai and Lovett [10] introduced the notion of security of cryptographic schemes in the presence of computationally hard-to-invert leakage ...

doi:10.1007/978-3-642-34961-4_8 fatcat:mw2sl5jqmrggte7ixr3dzqr2zu

Towards settling this problem, in this paper, we propose two lightweight authentication protocols which are privacy-preservi against active attack, in an asymmetric way. ... In particular, the attacker may not only eavesdrop the communication in a passive way, but also mount an active attack to ask queries adaptively, which is obviously more dangerous. ... An auxiliary information aux is defined. This auxiliary tag is necessarily required for promotion of the device to the active security. ...

doi:10.1093/ietisy/e91-d.5.1457 fatcat:tt5opyt5pjf6nmp5kroykctfzi

Such schemes, however, still leak statistical information about the users' search pattern. ... Recently, a number of efficient searchable encryption schemes have been proposed under weaker security guarantees. ... Theorem 1 . 1 If SE is L-secure against adaptive chosen keyword attack, then SE GBC as described above is L ′ -secure against adaptive chosen keyword attack, where L(D) = (|D 1 |, ..., |D n |, #SI) L(H ...

doi:10.1016/j.ins.2013.11.021 fatcat:emdpu2ps75cj3lhv7oq3cpxuj4

While prior work focuses on the case of adversarial provers that may receive (statically generated) auxiliary information, here we consider the scenario where adversarial provers are given access to an ... The search of ways to beat this bound motivated the study of computationally-sound proof systems, also called argument systems [BCC88]. ... Non-adaptive security. ...

doi:10.1007/978-3-662-53641-4_5 fatcat:thhtr53kl5et7k3wcia5ooag4a

They put forth notions of leakage tolerance for zero-knowledge and general secure multi-party computation that aim at capturing the best-possible security when the private inputs of honest parties are ... At the core of our construction, is a tight connection between secure compilers in the Only-Computation-Leaks (OCL) model and leakagetolerant protocols. ... These LTC protocol (assisted by the auxiliary parties) eventually lead to standard multi-party LTC, with no auxiliary parties. Multiparty LTC and security against corruptions. ...

doi:10.1007/978-3-662-44381-1_9 fatcat:5nfpaiypmfhufbrin3nsbtpbyu

Secure Computation against Adaptive Auxiliary Information [chapter]

Preserved Fulltext

On cryptography with auxiliary input

Preserved Fulltext

A generic construction of useful client puzzles

Preserved Fulltext

Identity-Based Encryption with Post-Challenge Auxiliary Inputs for Secure Cloud Applications and Sensor Networks [chapter]

Preserved Fulltext

Format-Independent Authentication of Arbitrary Scalable Bit-Streams using One-Way Accumulators

Preserved Fulltext

Fully Homomorphic Distributed Identity-based Encryption Resilient to Continual Auxiliary Input Leakage

Preserved Fulltext

Efficient Multiparty Computations with Dishonest Minority

Preserved Fulltext

Public key encryption without random oracle made truly practical

Preserved Fulltext

Public Key Encryption without Random Oracle Made Truly Practical [chapter]

Preserved Fulltext

Signature Schemes Secure Against Hard-to-Invert Leakage

Preserved Fulltext

Signature Schemes Secure against Hard-to-Invert Leakage [chapter]

Preserved Fulltext

Lightweight Privacy-Preserving Authentication Protocols Secure against Active Attack in an Asymmetric Way

Preserved Fulltext

Search pattern leakage in searchable encryption: Attacks and new construction

Preserved Fulltext

On the (In)Security of SNARKs in the Presence of Oracles [chapter]

Preserved Fulltext

Leakage-Tolerant Computation with Input-Independent Preprocessing [chapter]

Preserved Fulltext