Info
- Utilizzare la checkbox di selezione a fianco di ciascun documento per attivare le funzionalità di stampa, invio email, download nei formati disponibili del (i) record.
Advances in cryptology - CRYPTO 2022 . Part III : 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings / / Yevgeniy Dodis and Thomas Shrimpton
| Advances in cryptology - CRYPTO 2022 . Part III : 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings / / Yevgeniy Dodis and Thomas Shrimpton |
| Autore | Dodis Yevgeniy |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer International Publishing, , [2022] |
| Descrizione fisica | 1 online resource (813 pages) |
| Disciplina | 005.8 |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico | Data encryption (Computer science) |
| ISBN | 3-031-15982-9 |
| Formato | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Organization -- Contents - Part III -- Signatures -- .26em plus .1em minus .1emPI-Cut-Choo and Friends: Compact Blind Signatures via Parallel Instance Cut-and-Choose and More -- 1 Introduction -- 1.1 Starting Point: The Basic Boosting Transform -- 1.2 Our Contribution: Improved Boosting Transforms -- 2 Preliminaries -- 3 An Improved Boosting Transform -- 3.1 Overview -- 3.2 Blind Signatures from Linear Function Families -- 3.3 Construction -- 3.4 Security Analysis -- 4 A Concrete Scheme Based on CDH -- 4.1 Overview -- 4.2 Construction -- 4.3 Security Analysis -- 5 A Concrete Scheme Based on RSA -- References -- Idealized Models -- Augmented Random Oracles -- 1 Introduction -- 1.1 Augmented Random Oracles -- 1.2 Best Possible Hash Functions? -- 1.3 Our Results -- 1.4 A Classification of ROM Failures -- 1.5 Discussion: Do We Really Need Another ROM Variant? -- 2 Preliminaries -- 2.1 Cryptosystems and Games -- 2.2 Cryptographic Definitions -- 3 The Augmented Random Oracle Model -- 3.1 The Plain ROM -- 3.2 Augmented Random Oracles -- 3.3 Some Basic Results -- 4 A Case Study: Encrypt-with-Hash -- 4.1 The (Tweaked) EwH Transform -- 4.2 Uninstantiability of EwH -- 4.3 Translation to the AROM -- 4.4 An Improved Uninstantiability -- 4.5 Other Possible Oracles -- 4.6 Overcoming ROM Failures for EwH -- 5 Fujisaki-Okamoto in the AROM -- 5.1 Our CCA-secure Construction -- 6 Fiat-Shamir in the AROM -- 7 On Best Possible Hashing -- 7.1 Incompatibility of the Definitions -- References -- To Label, or Not To Label (in Generic Groups) -- 1 Introduction -- 1.1 Overview of Results -- 1.2 Takeaways -- 1.3 Organization -- 2 Preliminaries and Notation -- 2.1 Games and Cryptosystems -- 2.2 Groups -- 3 Different Generic Group Models -- 3.1 Random Representation (RR)/Shoup Model ch3EC:Shoup97 -- 3.2 Maurer's Model ch3IMA:Maurer05.
3.3 The Type Safe (TS) Model -- 3.4 Examples -- 3.5 Compiling TS to RR -- 3.6 From TS Security to RR Security for Single-Stage Games -- 4 Further Impossibilities in the Type Safe Model -- 4.1 Collision Resistant Domain Extension -- 4.2 Pseudorandom Permutations -- 4.3 Efficient CPA-Secure Encryption for Message Strings -- 5 On the Insecurity of the Type-Safe Model for Multi-stage Games -- 6 TS Un-instantiability -- 6.1 Overview -- 6.2 Our Un-instantiable Construction -- 7 Impossibility of IBE from Generic Groups -- 8 On the Algebraic Group Model -- 8.1 Allowed Games in the AGM -- 8.2 AGM Un-instantiability -- 8.3 Is the AGM Superior to Generic Groups? -- References -- Lower Bound on SNARGs in the Random Oracle Model -- 1 Introduction -- 1.1 Our Results -- 1.2 Related Work -- 2 Techniques -- 2.1 Warmup -- 2.2 Actual Scenario -- 2.3 Completeness -- 2.4 Soundness -- 3 Preliminaries -- 3.1 Notations -- 3.2 Entropy Measures -- 3.3 Randomized Exponential Time Hypothesis -- 3.4 Random Oracles -- 3.5 Non-interactive Arguments in the ROM -- 4 Hitting High-Entropy Distribution Using Product Sets -- 4.1 High-Entropy Distributions Have an (Almost) Uniform Large Projection, Proving Lemma 3 -- 4.2 Hitting Almost Full-Entropy Distributions Using Product Set, Proving Lemma 4 -- 5 Lower Bound on the Length of ROM-SNARGs -- 5.1 Proof of Theorem 13 -- 5.2 Short ROM-SNARGs to Low Query ROM-SNARGs, Proving Lemma 6 -- References -- Lower Bounds -- Time-Space Tradeoffs for Sponge Hashing: Attacks and Limitations for Short Collisions -- 1 Introduction -- 1.1 Detour: The Case of Merkle-Damgård -- 1.2 Our Results -- 1.3 Future Directions -- 1.4 Related Work -- 2 Technical Overview -- 2.1 Attacks -- 2.2 Impossibility Results for Best Attacks -- 3 Preliminaries -- 4 Attacks -- 4.1 Generic Attack for B-Block Collisions -- 4.2 Preprocessing Attack for B=1. 4.3 Time-Space Tradeoffs for Inverting a Restricted Permutation -- 5 Impossibility Results -- 5.1 Advantage Upper Bound for B=1 -- 5.2 Advantage Upper Bound for B=2 -- References -- On Time-Space Tradeoffs for Bounded-Length Collisions in Merkle-Damgård Hashing *-9pt -- 1 Introduction -- 1.1 Our Results -- 1.2 Discussion -- 2 Our Techniques -- 3 Preliminaries -- 4 The Framework: Reducing the Problem to a Multi-instance Collision Finder -- 5 Proving the STB Conjecture for BO(1) -- 5.1 The Compression Argument -- 5.2 Handling Cases [case:newsl]1 to [case:oldsl]4 -- 5.3 Handling Case [case:somerep]5 -- 6 Proving the STB Conjecture for SB T -- References -- Time-Space Lower Bounds for Finding Collisions in Merkle-Damgård Hash Functions -- 1 Introduction -- 1.1 Our Results -- 1.2 Our Techniques -- 1.3 Discussions and Open Problems -- 2 Preliminaries -- 2.1 Merkle-Damågard Hash Functions (MD) -- 2.2 Collision-Resistance Against Auxiliary Input (AI) -- 3 Auxiliary Input Collision Resistance for B=2 Merkle-Damgard -- 4 Auxiliary Input Collision Resistance for B Merkle-Damgard -- 4.1 Proof of Claim 7 -- References -- .26em plus .1em minus .1emSustained Space and Cumulative Complexity Trade-Offs for Data-Dependent Memory-Hard Functions*-10pt -- 1 Introduction -- 1.1 Our Results -- 1.2 Dynamic Graphs and Dynamic Pebbling Games -- 1.3 Trade-Offs for dMHFs -- 1.4 Technical Overview -- 2 Preliminaries -- 2.1 Dynamic Pebbling Notation -- 2.2 Generalized Hoeffding Inequality -- 2.3 Useful Graphs and Their Pebbling Complexity -- 3 A Theoretical MHF with Ideal Trade-Off -- 3.1 The Construction -- 3.2 Lowerbounding Costly Edges -- 3.3 The Trade-Off Between Sustained Space and Cumulative Complexity -- 4 Dynamic EGS -- 4.1 Lowerbounds on Getting Unlucky -- 4.2 The Cost of Getting Unlucky -- 5 Dynamic DRSample -- 5.1 Lowerbounds on Getting Unlucky. 5.2 The Cost of Being Unlucky -- 6 Argon2id -- 6.1 The Trade-Off and Cumulative Complexity -- 7 Open Problems -- References -- Low Communication Complexity Protocols, Collision Resistant Hash Functions and Secret Key-Agreement Protocols -- 1 Introduction -- 1.1 Cryptographic Primitives -- 1.2 Cryptographic Hash Functions -- 1.3 Adversarially Robust Property-Preserving Hash Functions -- 1.4 Secret Key Agreement -- 1.5 Our Results -- 1.6 Related Work -- 1.7 Technical Overview -- 2 Models and Preliminaries -- 2.1 Model Definition -- 2.2 Free Talk Model -- 2.3 Notation -- 2.4 Probability -- 2.5 Collision Resistant Hash Functions -- 2.6 Adversarially Robust Property-Preserving Hash Functions -- 2.7 Secret Key Agreement and Its Amplification -- 3 Collision Resistance and the Preset Public Coins Model -- 3.1 CRHs Imply Succinct Protocols -- 3.2 Succinct Protocols Imply dCRHs -- 4 No Ultra Short Interactive Communication -- 5 Secret Key Agreement from Efficient SM Protocols -- 5.1 Optimal Protocols from SKA -- 5.2 SKA from Near Optimal Protocols -- 6 Conclusions -- References -- Cryptanalysis II -- Accelerating the Delfs-Galbraith Algorithm with Fast Subfield Root Detection -- 1 Introduction -- 2 Preliminaries -- 3 Solver: Optimised Delfs-Galbraith Subfield Searching in X(p, 2) -- 4 Fast Subfield Root Detection -- 5 SuperSolver: Optimised Subfield Searching With Fast Subfield Root Detection in X(p, ) -- 6 A Worked Example -- 7 Implementation Results -- References -- Secret Can Be Public: Low-Memory AEAD Mode for High-Order Masking -- 1 Introduction -- 1.1 Low-Memory AEAD for Masking -- 1.2 Summary of Contributions -- 1.3 Related Work -- 2 Preliminaries -- 3 Design of AEAD Mode for High-Order Masking -- 3.1 Intuition and Design of HOMA -- 3.2 Specification of HOMA -- 3.3 Protected and Unprotected Values of HOMA -- 4 Security Claim and Proof of HOMA. 4.1 AE Security for Masking -- 4.2 AEL-Security of HOMA -- 4.3 Proof of Theorem 1 -- 5 A TBC Optimized for HOMA -- 5.1 SKINNY64 and SKINNYe with TK4 -- 5.2 Elastic-Tweak Framework for Small Tweaks -- 5.3 Design Approach of SKINNYee -- 5.4 Specifications of SKINNYee -- 5.5 Design Rationale -- 5.6 Security Analysis Against Various Cryptanalyses -- 6 Implementation -- 6.1 Targets and Design Policy -- 6.2 Masked S-box Implementation -- 6.3 Hardware Design -- 6.4 Performance Evaluation and Comparison -- 7 Conclusions -- References -- Partial Key Exposure Attacks on BIKE, Rainbow and NTRU -- 1 Introduction -- 2 Preliminaries -- 2.1 Key Exposure Models -- 2.2 Decoding -- 3 BIKE -- 3.1 Standard Format Keys -- 3.2 Compact Format Keys -- 3.3 Practical Attacks on BIKE -- 4 Rainbow -- 4.1 Attack Strategy -- 4.2 Fq-Errors and -Erasures -- 4.3 Practical Attacks on Rainbow -- 5 NTRU -- 5.1 Fq-Errors and -Erasures -- 5.2 Practical Attacks on NTRU -- References -- Improving Support-Minors Rank Attacks: Applications to GeMSS and Rainbow -- 1 Introduction -- 2 Preliminaries -- 2.1 Notation -- 2.2 Relevant Material for the Attack on GeMSS -- 2.3 Relevant Material on Rainbow for Section8.3 -- 3 Support-Minors Modeling (SM) -- 4 Improved Attack on GeMSS Using Support-Minors -- 4.1 Fixing Variables in the Support-Minors System -- 4.2 Solving via Gröbner Bases when n' 2d+1 -- 5 Complexity of the Attack -- 5.1 Time Complexity of Step 1 -- 5.2 Time Complexity of Step 2 -- 5.3 Memory Cost -- 6 Application to GeMSS and pHFEv- Parameter Sets -- 7 Experiments for Step 1 -- 8 Memory Management Strategy for the Support-Minors Equations Within Block Wiedemann -- 8.1 Hashing Strategy on the Main Memory -- 8.2 Memory Savings from Our Approach -- 8.3 Application to the Rainbow Rectangular MinRank Attack ch13uovspsbeullens -- 9 Conclusion -- References -- Distributed Algorithms. log*-Round Game-Theoretically-Fair Leader Election. |
| Record Nr. | UNINA-9910616356203321 |
Dodis Yevgeniy
|
||
| Cham, Switzerland : , : Springer International Publishing, , [2022] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Advances in cryptology - CRYPTO 2022 . Part I : 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings / / Yevgeniy Dodis and Thomas Shrimpton
| Advances in cryptology - CRYPTO 2022 . Part I : 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings / / Yevgeniy Dodis and Thomas Shrimpton |
| Autore | Dodis Yevgeniy |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer, , [2022] |
| Descrizione fisica | 1 online resource (822 pages) |
| Disciplina | 005.8 |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico |
Computer security
Data encryption (Computer science) |
| ISBN | 3-031-15802-4 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Organization -- Contents - Part I -- Cryptanalysis I -- Rotational Differential-Linear Distinguishers of ARX Ciphers with Arbitrary Output Linear Masks -- 1 Introduction -- 2 Notations and Preliminaries -- 2.1 Modulo Addition with an Initial Carry Bit -- 2.2 Useful Partitions of F2k F2k -- 3 Ordinary Differential-Linear Correlation of -- 4 Rotational Differential-Linear Correlation of -- 5 Computing the (Rotational) Differential-Linear Correlation of Iterative ARX Primitives -- 6 Applications to ARX Primitives -- 6.1 Cryptanalysis of Alzette -- 6.2 Cryptanalysis of SipHash -- 6.3 Cryptanalysis of SPECK -- 6.4 Cryptanalysis of ChaCha -- 7 Conclusion, Discussion, and Open Problems -- References -- Implicit White-Box Implementations: White-Boxing ARX Ciphers -- 1 Introduction -- 1.1 Contributions -- 2 Preliminaries -- 2.1 Implicit Functions, Self-equivalences and Graph Automorphisms -- 2.2 Encoded Implementations -- 3 Implicit White-Box Implementations -- 3.1 Quasilinear Implicit Round Functions -- 4 Security Analysis -- 4.1 Previous Generic Attacks -- 4.2 Reducing Implicit Implementations to Self-equivalence Implementations -- 5 Self-equivalences of Modular Addition -- 5.1 Computing Self-equivalences from a CCZ-Equivalent Function -- 5.2 Self-equivalences and Graph Automorphisms of the Permuted Modular Addition -- 6 An Implicit Implementation of an ARX Cipher -- 7 Conclusion -- A Affine Self-equivalences of the Permuted Modular Addition with Wordsize 4 -- References -- Superposition Meet-in-the-Middle Attacks: Updates on Fundamental Security of AES-like Hashing -- 1 Introduction -- 1.1 Our Contribution -- 2 AES-like Hashing and MITM Preimage Attacks -- 3 MILP Model for the Configuration Search -- 3.1 Basic MILP Model for MITM -- 3.2 Superposition States and Separate Attribute-Propagation.
3.3 Multiple Ways of AddRoundKey (MulAK) -- 3.4 Enhanced Model with Guess-and-Determine (GnD) -- 3.5 Transforming to Models for Searching for Collision Attacks -- 3.6 Exploit Symmetry of the Ciphers -- 4 Application to Preimage Attacks on Whirlpool -- 4.1 New Attacks Resulted from Applying the MILP Modeling -- 4.2 Discussions on the New Attacks -- 5 Application to Preimage Attacks on Grøstl -- 5.1 New Attacks Resulted from Applying the MILP Modeling -- 5.2 Discussions on the New Attacks -- 6 Applications to Collision and Key-Recovery Attacks -- References -- Triangulating Rebound Attack on AES-like Hashing -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Novelty and Comparison with Previous Works -- 2 Preliminaries -- 2.1 AES-like Hashing -- 2.2 The Rebound Attack -- 2.3 The Super-Sbox Technique -- 2.4 Triangulation Algorithm -- 2.5 Collision Attacks and Its Variants -- 3 Triangulating Rebound Attack -- 3.1 Solving Non-full-active Super-Sbox by Key Bytes -- 3.2 Connecting Multiple Inbound Phases by Key Bytes -- 3.3 The Triangulating Rebound Attack -- 4 Improved Collision Attacks on AES-128-MMO -- 4.1 Semi-free-start Collision Attack on 7-Round AES-128 -- 4.2 Semi-free-start Collision Attack on 8-Round AES-128-MMO -- 4.3 Quantum Collision Attack on 8-Round AES-128 -- 5 Improved Quantum Attacks on Saturnin-Hash -- 5.1 Improved 8-Round Quantum Free-Start Collision -- 5.2 Extend the Attack to 10-round Free-Start Collision -- 6 Quantum Collision Attack on SKINNY-128-384-MMO -- 6.1 21-Round Quantum Free-Start Collision Attack -- 6.2 Classic Free-Start Collision Attack on 19-Round -- 7 Discussion and Conclusion -- 7.1 Possible Generalization of Triangulating Rebound -- 7.2 Conclusion -- References -- Randomness -- Public Randomness Extraction with Ephemeral Roles and Worst-Case Corruptions -- 1 Introduction -- 1.1 The Motivation Behind Our Setting. 1.2 Other Related Work -- 1.3 Our Contributions -- 1.4 Technical Overview -- 1.5 Directions for Future Research -- 2 Network Models for Randomness Extraction -- 2.1 The Sending-Leaks Adversarial Model -- 2.2 The Execution-Leaks Adversarial Model -- 3 Zero-Error Randomness Extraction Protocols -- 3.1 Zero-Error Randomness Extraction in the Sending-Leaks Model -- 3.2 Improved Zero-Error Randomness Extraction in the Execution-Leaks Model -- 4 Low-Error Randomness Extraction Is Impossible with n/4 Corruptions -- References -- (Nondeterministic) Hardness vs. Non-malleability -- 1 Introduction -- 1.1 Hardness Assumptions for Nondeterministic and i-Circuits -- 1.2 Our Results-Included in This Work -- 1.3 Our Results-Included in the Full Version ch6ePrint:BalDacLos22 -- 1.4 Technical Overview -- 1.5 Related Work -- 2 Preliminaries -- 2.1 Complexity Classes and Assumptions -- 2.2 Non-malleable Codes -- 2.3 Seed-Extending Pseudorandom Generators -- 3 A Non-malleable Code for Small Circuit Tampering -- References -- Short Leakage Resilient and Non-malleable Secret Sharing Schemes -- 1 Introduction -- 1.1 Our Results -- 1.2 Technical Overview -- 1.3 Related Work -- 1.4 Organization of the Paper -- 2 Preliminaries -- 2.1 Notation -- 2.2 Statistical Distance and Entropy - Definitions and Lemmata -- 2.3 Randomness Extractors -- 2.4 Secret Sharing Schemes -- 3 Leakage Resilient Secret Sharing Schemes -- 3.1 Local Leakage Family -- 3.2 Construction -- 3.3 Security Proof -- 3.4 Parameters -- 4 Non-malleable Secret Sharing Schemes -- 4.1 Building Blocks -- 4.2 Our Construction -- 4.3 Instantiation of Our Scheme -- References -- *-6ptCryptography from Pseudorandom Quantum States -- 1 Introduction -- 1.1 Our Results -- 1.2 Discussion: Why Explore a World Without One-Way Functions? -- 1.3 Technical Overview -- 1.4 Future Directions -- 2 Pseudorandom States. 2.1 Pseudorandom Function-Like State (PRFS) Generators -- 2.2 Testing Pseudorandom States -- 3 Constructing PRFS from PRS -- 4 Quantum Pseudo One-Time Pad from PRFS -- 5 Quantum Bit Commitments from PRFS -- 5.1 Definition -- 5.2 Construction -- 5.3 Application: Secure Computation -- References -- Quantum Cryptography I -- .26em plus .1em minus .1emCertified Everlasting Zero-Knowledge Proof for QMA*-10pt -- 1 Introduction -- 1.1 Background -- 1.2 Our Results -- 1.3 Technical Overview -- 1.4 Related Works -- 2 Preliminaries -- 2.1 Notations -- 2.2 Quantum Computation -- 2.3 QMA and k-SimQMA -- 2.4 Cryptographic Tools -- 3 Commitment with Certified Everlasting Hiding and Classical-Extractor-Based Binding -- 3.1 Definition -- 3.2 Construction -- 4 Certified Everlasting Zero-Knowledge Proof for QMA -- 4.1 Definition -- 4.2 Construction of Three Round Protocol -- 4.3 Sequential Repetition for Certified Everlasting Zero-Knowledge Proof for QMA -- References -- Quantum Commitments and Signatures Without One-Way Functions -- 1 Introduction -- 1.1 Background -- 1.2 Our Results -- 1.3 Technical Overviews -- 1.4 Concurrent Work -- 2 Preliminaries -- 2.1 Basic Notations -- 2.2 Pseudorandom Quantum States Generators -- 3 Commitments -- 3.1 Definition -- 3.2 Construction -- 3.3 Computational Hiding -- 3.4 Statistical Binding -- 4 Digital Signatures -- 4.1 One-Way Quantum States Generators -- 4.2 Definition of Digital Signatures with Quantum Public Keys -- 4.3 Construction -- 4.4 Security -- A Making Opening Message Classical -- B Equivalence of Binding Properties -- References -- Semi-quantum Tokenized Signatures -- 1 Introduction -- 1.1 The Advantages of Quantum Signature Tokens -- 1.2 Semi-quantum Tokenized Signatures -- 1.3 Results -- 2 Technical Overview -- 2.1 Semi-quantum CCD Tokens and Fully-quantum Signature Tokens -- 2.2 Signing Coset States by Splitting. 2.3 Proving CCD Security Versus Proving Tokenized Signing Security -- 2.4 Hardness of Concentration in Dual of Obfuscated Subspace -- 3 Semi-quantum Tokenized Signatures Construction -- 3.1 Correctness and Security Against Sabotage -- References -- Secure Multiparty Computation I -- Structure-Aware Private Set Intersection, with Applications to Fuzzy Matching -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Related Work -- 2 Preliminaries -- 2.1 Hamming Correlation Robustness -- 3 Building Blocks -- 3.1 2PC Ideal Functionalities -- 3.2 Function Secret Sharing -- 3.3 Oblivious Key Value Store -- 4 bFSS Constructions -- 4.1 Existing Schemes -- 4.2 New concat Technique for Cross Products -- 4.3 New Spatial Hashing Technique -- 4.4 xor-share Technique -- 5 Structure-Aware PSI from bFSS -- 5.1 Costs -- 5.2 Other Protocols as Instances of Our Framework -- 5.3 bFSS Performance -- 6 Fuzzy PSI Application and Performance -- 6.1 Performance Comparison -- 6.2 Implementation -- 7 Limitation and Open Problems -- References -- .28em plus .1em minus .1emTwo-Round MPC Without Round Collapsing Revisited - Towards Efficient Malicious Protocols*-12pt -- 1 Introduction -- 2 Technical Overview -- 2.1 Multi-party Randomized Encoding -- 2.2 Semi-Malicious Effective-Degree-2 MPRE -- 2.3 MPC for Effective-Degree-2 Functions -- 2.4 Lift Security with Output Substitution -- 2.5 Tensor OLE Correlated Randomness Generation from OT -- 3 Definition of Multi-Party Randomized Encoding -- 4 MPRE for Degree-3 Functions -- 4.1 Background: Semi-honest MPRE for Degree-3 Functions -- 4.2 CDS Encoding -- 4.3 Semi-Malicious MPRE for Degree-3 Functions -- 5 Putting Pieces Together -- References -- More Efficient Dishonest Majority Secure Computation over Z2k via Galois Rings -- 1 Introduction -- 1.1 Our Contribution -- 1.2 Overview of Our Techniques -- 1.3 Related Work. 1.4 Organization of the Paper. |
| Record Nr. | UNISA-996495571903316 |
|
Dodis Yevgeniy
|
||
| Cham, Switzerland : , : Springer, , [2022] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Advances in cryptology - CRYPTO 2022 . Part I : 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings / / Yevgeniy Dodis and Thomas Shrimpton
| Advances in cryptology - CRYPTO 2022 . Part I : 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings / / Yevgeniy Dodis and Thomas Shrimpton |
| Autore | Dodis Yevgeniy |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer, , [2022] |
| Descrizione fisica | 1 online resource (822 pages) |
| Disciplina | 005.8 |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico |
Computer security
Data encryption (Computer science) |
| ISBN | 3-031-15802-4 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Organization -- Contents - Part I -- Cryptanalysis I -- Rotational Differential-Linear Distinguishers of ARX Ciphers with Arbitrary Output Linear Masks -- 1 Introduction -- 2 Notations and Preliminaries -- 2.1 Modulo Addition with an Initial Carry Bit -- 2.2 Useful Partitions of F2k F2k -- 3 Ordinary Differential-Linear Correlation of -- 4 Rotational Differential-Linear Correlation of -- 5 Computing the (Rotational) Differential-Linear Correlation of Iterative ARX Primitives -- 6 Applications to ARX Primitives -- 6.1 Cryptanalysis of Alzette -- 6.2 Cryptanalysis of SipHash -- 6.3 Cryptanalysis of SPECK -- 6.4 Cryptanalysis of ChaCha -- 7 Conclusion, Discussion, and Open Problems -- References -- Implicit White-Box Implementations: White-Boxing ARX Ciphers -- 1 Introduction -- 1.1 Contributions -- 2 Preliminaries -- 2.1 Implicit Functions, Self-equivalences and Graph Automorphisms -- 2.2 Encoded Implementations -- 3 Implicit White-Box Implementations -- 3.1 Quasilinear Implicit Round Functions -- 4 Security Analysis -- 4.1 Previous Generic Attacks -- 4.2 Reducing Implicit Implementations to Self-equivalence Implementations -- 5 Self-equivalences of Modular Addition -- 5.1 Computing Self-equivalences from a CCZ-Equivalent Function -- 5.2 Self-equivalences and Graph Automorphisms of the Permuted Modular Addition -- 6 An Implicit Implementation of an ARX Cipher -- 7 Conclusion -- A Affine Self-equivalences of the Permuted Modular Addition with Wordsize 4 -- References -- Superposition Meet-in-the-Middle Attacks: Updates on Fundamental Security of AES-like Hashing -- 1 Introduction -- 1.1 Our Contribution -- 2 AES-like Hashing and MITM Preimage Attacks -- 3 MILP Model for the Configuration Search -- 3.1 Basic MILP Model for MITM -- 3.2 Superposition States and Separate Attribute-Propagation.
3.3 Multiple Ways of AddRoundKey (MulAK) -- 3.4 Enhanced Model with Guess-and-Determine (GnD) -- 3.5 Transforming to Models for Searching for Collision Attacks -- 3.6 Exploit Symmetry of the Ciphers -- 4 Application to Preimage Attacks on Whirlpool -- 4.1 New Attacks Resulted from Applying the MILP Modeling -- 4.2 Discussions on the New Attacks -- 5 Application to Preimage Attacks on Grøstl -- 5.1 New Attacks Resulted from Applying the MILP Modeling -- 5.2 Discussions on the New Attacks -- 6 Applications to Collision and Key-Recovery Attacks -- References -- Triangulating Rebound Attack on AES-like Hashing -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Novelty and Comparison with Previous Works -- 2 Preliminaries -- 2.1 AES-like Hashing -- 2.2 The Rebound Attack -- 2.3 The Super-Sbox Technique -- 2.4 Triangulation Algorithm -- 2.5 Collision Attacks and Its Variants -- 3 Triangulating Rebound Attack -- 3.1 Solving Non-full-active Super-Sbox by Key Bytes -- 3.2 Connecting Multiple Inbound Phases by Key Bytes -- 3.3 The Triangulating Rebound Attack -- 4 Improved Collision Attacks on AES-128-MMO -- 4.1 Semi-free-start Collision Attack on 7-Round AES-128 -- 4.2 Semi-free-start Collision Attack on 8-Round AES-128-MMO -- 4.3 Quantum Collision Attack on 8-Round AES-128 -- 5 Improved Quantum Attacks on Saturnin-Hash -- 5.1 Improved 8-Round Quantum Free-Start Collision -- 5.2 Extend the Attack to 10-round Free-Start Collision -- 6 Quantum Collision Attack on SKINNY-128-384-MMO -- 6.1 21-Round Quantum Free-Start Collision Attack -- 6.2 Classic Free-Start Collision Attack on 19-Round -- 7 Discussion and Conclusion -- 7.1 Possible Generalization of Triangulating Rebound -- 7.2 Conclusion -- References -- Randomness -- Public Randomness Extraction with Ephemeral Roles and Worst-Case Corruptions -- 1 Introduction -- 1.1 The Motivation Behind Our Setting. 1.2 Other Related Work -- 1.3 Our Contributions -- 1.4 Technical Overview -- 1.5 Directions for Future Research -- 2 Network Models for Randomness Extraction -- 2.1 The Sending-Leaks Adversarial Model -- 2.2 The Execution-Leaks Adversarial Model -- 3 Zero-Error Randomness Extraction Protocols -- 3.1 Zero-Error Randomness Extraction in the Sending-Leaks Model -- 3.2 Improved Zero-Error Randomness Extraction in the Execution-Leaks Model -- 4 Low-Error Randomness Extraction Is Impossible with n/4 Corruptions -- References -- (Nondeterministic) Hardness vs. Non-malleability -- 1 Introduction -- 1.1 Hardness Assumptions for Nondeterministic and i-Circuits -- 1.2 Our Results-Included in This Work -- 1.3 Our Results-Included in the Full Version ch6ePrint:BalDacLos22 -- 1.4 Technical Overview -- 1.5 Related Work -- 2 Preliminaries -- 2.1 Complexity Classes and Assumptions -- 2.2 Non-malleable Codes -- 2.3 Seed-Extending Pseudorandom Generators -- 3 A Non-malleable Code for Small Circuit Tampering -- References -- Short Leakage Resilient and Non-malleable Secret Sharing Schemes -- 1 Introduction -- 1.1 Our Results -- 1.2 Technical Overview -- 1.3 Related Work -- 1.4 Organization of the Paper -- 2 Preliminaries -- 2.1 Notation -- 2.2 Statistical Distance and Entropy - Definitions and Lemmata -- 2.3 Randomness Extractors -- 2.4 Secret Sharing Schemes -- 3 Leakage Resilient Secret Sharing Schemes -- 3.1 Local Leakage Family -- 3.2 Construction -- 3.3 Security Proof -- 3.4 Parameters -- 4 Non-malleable Secret Sharing Schemes -- 4.1 Building Blocks -- 4.2 Our Construction -- 4.3 Instantiation of Our Scheme -- References -- *-6ptCryptography from Pseudorandom Quantum States -- 1 Introduction -- 1.1 Our Results -- 1.2 Discussion: Why Explore a World Without One-Way Functions? -- 1.3 Technical Overview -- 1.4 Future Directions -- 2 Pseudorandom States. 2.1 Pseudorandom Function-Like State (PRFS) Generators -- 2.2 Testing Pseudorandom States -- 3 Constructing PRFS from PRS -- 4 Quantum Pseudo One-Time Pad from PRFS -- 5 Quantum Bit Commitments from PRFS -- 5.1 Definition -- 5.2 Construction -- 5.3 Application: Secure Computation -- References -- Quantum Cryptography I -- .26em plus .1em minus .1emCertified Everlasting Zero-Knowledge Proof for QMA*-10pt -- 1 Introduction -- 1.1 Background -- 1.2 Our Results -- 1.3 Technical Overview -- 1.4 Related Works -- 2 Preliminaries -- 2.1 Notations -- 2.2 Quantum Computation -- 2.3 QMA and k-SimQMA -- 2.4 Cryptographic Tools -- 3 Commitment with Certified Everlasting Hiding and Classical-Extractor-Based Binding -- 3.1 Definition -- 3.2 Construction -- 4 Certified Everlasting Zero-Knowledge Proof for QMA -- 4.1 Definition -- 4.2 Construction of Three Round Protocol -- 4.3 Sequential Repetition for Certified Everlasting Zero-Knowledge Proof for QMA -- References -- Quantum Commitments and Signatures Without One-Way Functions -- 1 Introduction -- 1.1 Background -- 1.2 Our Results -- 1.3 Technical Overviews -- 1.4 Concurrent Work -- 2 Preliminaries -- 2.1 Basic Notations -- 2.2 Pseudorandom Quantum States Generators -- 3 Commitments -- 3.1 Definition -- 3.2 Construction -- 3.3 Computational Hiding -- 3.4 Statistical Binding -- 4 Digital Signatures -- 4.1 One-Way Quantum States Generators -- 4.2 Definition of Digital Signatures with Quantum Public Keys -- 4.3 Construction -- 4.4 Security -- A Making Opening Message Classical -- B Equivalence of Binding Properties -- References -- Semi-quantum Tokenized Signatures -- 1 Introduction -- 1.1 The Advantages of Quantum Signature Tokens -- 1.2 Semi-quantum Tokenized Signatures -- 1.3 Results -- 2 Technical Overview -- 2.1 Semi-quantum CCD Tokens and Fully-quantum Signature Tokens -- 2.2 Signing Coset States by Splitting. 2.3 Proving CCD Security Versus Proving Tokenized Signing Security -- 2.4 Hardness of Concentration in Dual of Obfuscated Subspace -- 3 Semi-quantum Tokenized Signatures Construction -- 3.1 Correctness and Security Against Sabotage -- References -- Secure Multiparty Computation I -- Structure-Aware Private Set Intersection, with Applications to Fuzzy Matching -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Related Work -- 2 Preliminaries -- 2.1 Hamming Correlation Robustness -- 3 Building Blocks -- 3.1 2PC Ideal Functionalities -- 3.2 Function Secret Sharing -- 3.3 Oblivious Key Value Store -- 4 bFSS Constructions -- 4.1 Existing Schemes -- 4.2 New concat Technique for Cross Products -- 4.3 New Spatial Hashing Technique -- 4.4 xor-share Technique -- 5 Structure-Aware PSI from bFSS -- 5.1 Costs -- 5.2 Other Protocols as Instances of Our Framework -- 5.3 bFSS Performance -- 6 Fuzzy PSI Application and Performance -- 6.1 Performance Comparison -- 6.2 Implementation -- 7 Limitation and Open Problems -- References -- .28em plus .1em minus .1emTwo-Round MPC Without Round Collapsing Revisited - Towards Efficient Malicious Protocols*-12pt -- 1 Introduction -- 2 Technical Overview -- 2.1 Multi-party Randomized Encoding -- 2.2 Semi-Malicious Effective-Degree-2 MPRE -- 2.3 MPC for Effective-Degree-2 Functions -- 2.4 Lift Security with Output Substitution -- 2.5 Tensor OLE Correlated Randomness Generation from OT -- 3 Definition of Multi-Party Randomized Encoding -- 4 MPRE for Degree-3 Functions -- 4.1 Background: Semi-honest MPRE for Degree-3 Functions -- 4.2 CDS Encoding -- 4.3 Semi-Malicious MPRE for Degree-3 Functions -- 5 Putting Pieces Together -- References -- More Efficient Dishonest Majority Secure Computation over Z2k via Galois Rings -- 1 Introduction -- 1.1 Our Contribution -- 1.2 Overview of Our Techniques -- 1.3 Related Work. 1.4 Organization of the Paper. |
| Record Nr. | UNINA-9910616383103321 |
|
Dodis Yevgeniy
|
||
| Cham, Switzerland : , : Springer, , [2022] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Advances in cryptology - CRYPTO 2022 . Part III : 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings / / Yevgeniy Dodis and Thomas Shrimpton
| Advances in cryptology - CRYPTO 2022 . Part III : 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings / / Yevgeniy Dodis and Thomas Shrimpton |
| Autore | Dodis Yevgeniy |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer International Publishing, , [2022] |
| Descrizione fisica | 1 online resource (813 pages) |
| Disciplina | 005.8 |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico | Data encryption (Computer science) |
| ISBN | 3-031-15982-9 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Organization -- Contents - Part III -- Signatures -- .26em plus .1em minus .1emPI-Cut-Choo and Friends: Compact Blind Signatures via Parallel Instance Cut-and-Choose and More -- 1 Introduction -- 1.1 Starting Point: The Basic Boosting Transform -- 1.2 Our Contribution: Improved Boosting Transforms -- 2 Preliminaries -- 3 An Improved Boosting Transform -- 3.1 Overview -- 3.2 Blind Signatures from Linear Function Families -- 3.3 Construction -- 3.4 Security Analysis -- 4 A Concrete Scheme Based on CDH -- 4.1 Overview -- 4.2 Construction -- 4.3 Security Analysis -- 5 A Concrete Scheme Based on RSA -- References -- Idealized Models -- Augmented Random Oracles -- 1 Introduction -- 1.1 Augmented Random Oracles -- 1.2 Best Possible Hash Functions? -- 1.3 Our Results -- 1.4 A Classification of ROM Failures -- 1.5 Discussion: Do We Really Need Another ROM Variant? -- 2 Preliminaries -- 2.1 Cryptosystems and Games -- 2.2 Cryptographic Definitions -- 3 The Augmented Random Oracle Model -- 3.1 The Plain ROM -- 3.2 Augmented Random Oracles -- 3.3 Some Basic Results -- 4 A Case Study: Encrypt-with-Hash -- 4.1 The (Tweaked) EwH Transform -- 4.2 Uninstantiability of EwH -- 4.3 Translation to the AROM -- 4.4 An Improved Uninstantiability -- 4.5 Other Possible Oracles -- 4.6 Overcoming ROM Failures for EwH -- 5 Fujisaki-Okamoto in the AROM -- 5.1 Our CCA-secure Construction -- 6 Fiat-Shamir in the AROM -- 7 On Best Possible Hashing -- 7.1 Incompatibility of the Definitions -- References -- To Label, or Not To Label (in Generic Groups) -- 1 Introduction -- 1.1 Overview of Results -- 1.2 Takeaways -- 1.3 Organization -- 2 Preliminaries and Notation -- 2.1 Games and Cryptosystems -- 2.2 Groups -- 3 Different Generic Group Models -- 3.1 Random Representation (RR)/Shoup Model ch3EC:Shoup97 -- 3.2 Maurer's Model ch3IMA:Maurer05.
3.3 The Type Safe (TS) Model -- 3.4 Examples -- 3.5 Compiling TS to RR -- 3.6 From TS Security to RR Security for Single-Stage Games -- 4 Further Impossibilities in the Type Safe Model -- 4.1 Collision Resistant Domain Extension -- 4.2 Pseudorandom Permutations -- 4.3 Efficient CPA-Secure Encryption for Message Strings -- 5 On the Insecurity of the Type-Safe Model for Multi-stage Games -- 6 TS Un-instantiability -- 6.1 Overview -- 6.2 Our Un-instantiable Construction -- 7 Impossibility of IBE from Generic Groups -- 8 On the Algebraic Group Model -- 8.1 Allowed Games in the AGM -- 8.2 AGM Un-instantiability -- 8.3 Is the AGM Superior to Generic Groups? -- References -- Lower Bound on SNARGs in the Random Oracle Model -- 1 Introduction -- 1.1 Our Results -- 1.2 Related Work -- 2 Techniques -- 2.1 Warmup -- 2.2 Actual Scenario -- 2.3 Completeness -- 2.4 Soundness -- 3 Preliminaries -- 3.1 Notations -- 3.2 Entropy Measures -- 3.3 Randomized Exponential Time Hypothesis -- 3.4 Random Oracles -- 3.5 Non-interactive Arguments in the ROM -- 4 Hitting High-Entropy Distribution Using Product Sets -- 4.1 High-Entropy Distributions Have an (Almost) Uniform Large Projection, Proving Lemma 3 -- 4.2 Hitting Almost Full-Entropy Distributions Using Product Set, Proving Lemma 4 -- 5 Lower Bound on the Length of ROM-SNARGs -- 5.1 Proof of Theorem 13 -- 5.2 Short ROM-SNARGs to Low Query ROM-SNARGs, Proving Lemma 6 -- References -- Lower Bounds -- Time-Space Tradeoffs for Sponge Hashing: Attacks and Limitations for Short Collisions -- 1 Introduction -- 1.1 Detour: The Case of Merkle-Damgård -- 1.2 Our Results -- 1.3 Future Directions -- 1.4 Related Work -- 2 Technical Overview -- 2.1 Attacks -- 2.2 Impossibility Results for Best Attacks -- 3 Preliminaries -- 4 Attacks -- 4.1 Generic Attack for B-Block Collisions -- 4.2 Preprocessing Attack for B=1. 4.3 Time-Space Tradeoffs for Inverting a Restricted Permutation -- 5 Impossibility Results -- 5.1 Advantage Upper Bound for B=1 -- 5.2 Advantage Upper Bound for B=2 -- References -- On Time-Space Tradeoffs for Bounded-Length Collisions in Merkle-Damgård Hashing *-9pt -- 1 Introduction -- 1.1 Our Results -- 1.2 Discussion -- 2 Our Techniques -- 3 Preliminaries -- 4 The Framework: Reducing the Problem to a Multi-instance Collision Finder -- 5 Proving the STB Conjecture for BO(1) -- 5.1 The Compression Argument -- 5.2 Handling Cases [case:newsl]1 to [case:oldsl]4 -- 5.3 Handling Case [case:somerep]5 -- 6 Proving the STB Conjecture for SB T -- References -- Time-Space Lower Bounds for Finding Collisions in Merkle-Damgård Hash Functions -- 1 Introduction -- 1.1 Our Results -- 1.2 Our Techniques -- 1.3 Discussions and Open Problems -- 2 Preliminaries -- 2.1 Merkle-Damågard Hash Functions (MD) -- 2.2 Collision-Resistance Against Auxiliary Input (AI) -- 3 Auxiliary Input Collision Resistance for B=2 Merkle-Damgard -- 4 Auxiliary Input Collision Resistance for B Merkle-Damgard -- 4.1 Proof of Claim 7 -- References -- .26em plus .1em minus .1emSustained Space and Cumulative Complexity Trade-Offs for Data-Dependent Memory-Hard Functions*-10pt -- 1 Introduction -- 1.1 Our Results -- 1.2 Dynamic Graphs and Dynamic Pebbling Games -- 1.3 Trade-Offs for dMHFs -- 1.4 Technical Overview -- 2 Preliminaries -- 2.1 Dynamic Pebbling Notation -- 2.2 Generalized Hoeffding Inequality -- 2.3 Useful Graphs and Their Pebbling Complexity -- 3 A Theoretical MHF with Ideal Trade-Off -- 3.1 The Construction -- 3.2 Lowerbounding Costly Edges -- 3.3 The Trade-Off Between Sustained Space and Cumulative Complexity -- 4 Dynamic EGS -- 4.1 Lowerbounds on Getting Unlucky -- 4.2 The Cost of Getting Unlucky -- 5 Dynamic DRSample -- 5.1 Lowerbounds on Getting Unlucky. 5.2 The Cost of Being Unlucky -- 6 Argon2id -- 6.1 The Trade-Off and Cumulative Complexity -- 7 Open Problems -- References -- Low Communication Complexity Protocols, Collision Resistant Hash Functions and Secret Key-Agreement Protocols -- 1 Introduction -- 1.1 Cryptographic Primitives -- 1.2 Cryptographic Hash Functions -- 1.3 Adversarially Robust Property-Preserving Hash Functions -- 1.4 Secret Key Agreement -- 1.5 Our Results -- 1.6 Related Work -- 1.7 Technical Overview -- 2 Models and Preliminaries -- 2.1 Model Definition -- 2.2 Free Talk Model -- 2.3 Notation -- 2.4 Probability -- 2.5 Collision Resistant Hash Functions -- 2.6 Adversarially Robust Property-Preserving Hash Functions -- 2.7 Secret Key Agreement and Its Amplification -- 3 Collision Resistance and the Preset Public Coins Model -- 3.1 CRHs Imply Succinct Protocols -- 3.2 Succinct Protocols Imply dCRHs -- 4 No Ultra Short Interactive Communication -- 5 Secret Key Agreement from Efficient SM Protocols -- 5.1 Optimal Protocols from SKA -- 5.2 SKA from Near Optimal Protocols -- 6 Conclusions -- References -- Cryptanalysis II -- Accelerating the Delfs-Galbraith Algorithm with Fast Subfield Root Detection -- 1 Introduction -- 2 Preliminaries -- 3 Solver: Optimised Delfs-Galbraith Subfield Searching in X(p, 2) -- 4 Fast Subfield Root Detection -- 5 SuperSolver: Optimised Subfield Searching With Fast Subfield Root Detection in X(p, ) -- 6 A Worked Example -- 7 Implementation Results -- References -- Secret Can Be Public: Low-Memory AEAD Mode for High-Order Masking -- 1 Introduction -- 1.1 Low-Memory AEAD for Masking -- 1.2 Summary of Contributions -- 1.3 Related Work -- 2 Preliminaries -- 3 Design of AEAD Mode for High-Order Masking -- 3.1 Intuition and Design of HOMA -- 3.2 Specification of HOMA -- 3.3 Protected and Unprotected Values of HOMA -- 4 Security Claim and Proof of HOMA. 4.1 AE Security for Masking -- 4.2 AEL-Security of HOMA -- 4.3 Proof of Theorem 1 -- 5 A TBC Optimized for HOMA -- 5.1 SKINNY64 and SKINNYe with TK4 -- 5.2 Elastic-Tweak Framework for Small Tweaks -- 5.3 Design Approach of SKINNYee -- 5.4 Specifications of SKINNYee -- 5.5 Design Rationale -- 5.6 Security Analysis Against Various Cryptanalyses -- 6 Implementation -- 6.1 Targets and Design Policy -- 6.2 Masked S-box Implementation -- 6.3 Hardware Design -- 6.4 Performance Evaluation and Comparison -- 7 Conclusions -- References -- Partial Key Exposure Attacks on BIKE, Rainbow and NTRU -- 1 Introduction -- 2 Preliminaries -- 2.1 Key Exposure Models -- 2.2 Decoding -- 3 BIKE -- 3.1 Standard Format Keys -- 3.2 Compact Format Keys -- 3.3 Practical Attacks on BIKE -- 4 Rainbow -- 4.1 Attack Strategy -- 4.2 Fq-Errors and -Erasures -- 4.3 Practical Attacks on Rainbow -- 5 NTRU -- 5.1 Fq-Errors and -Erasures -- 5.2 Practical Attacks on NTRU -- References -- Improving Support-Minors Rank Attacks: Applications to GeMSS and Rainbow -- 1 Introduction -- 2 Preliminaries -- 2.1 Notation -- 2.2 Relevant Material for the Attack on GeMSS -- 2.3 Relevant Material on Rainbow for Section8.3 -- 3 Support-Minors Modeling (SM) -- 4 Improved Attack on GeMSS Using Support-Minors -- 4.1 Fixing Variables in the Support-Minors System -- 4.2 Solving via Gröbner Bases when n' 2d+1 -- 5 Complexity of the Attack -- 5.1 Time Complexity of Step 1 -- 5.2 Time Complexity of Step 2 -- 5.3 Memory Cost -- 6 Application to GeMSS and pHFEv- Parameter Sets -- 7 Experiments for Step 1 -- 8 Memory Management Strategy for the Support-Minors Equations Within Block Wiedemann -- 8.1 Hashing Strategy on the Main Memory -- 8.2 Memory Savings from Our Approach -- 8.3 Application to the Rainbow Rectangular MinRank Attack ch13uovspsbeullens -- 9 Conclusion -- References -- Distributed Algorithms. log*-Round Game-Theoretically-Fair Leader Election. |
| Record Nr. | UNISA-996495571803316 |
|
Dodis Yevgeniy
|
||
| Cham, Switzerland : , : Springer International Publishing, , [2022] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Advances in cryptology - CRYPTO 2022 : 42nd annual international cryptology conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings, Part II / / edited by Yevgeniy Dodis and Thomas Shrimpton
| Advances in cryptology - CRYPTO 2022 : 42nd annual international cryptology conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings, Part II / / edited by Yevgeniy Dodis and Thomas Shrimpton |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer, , [2022] |
| Descrizione fisica | 1 online resource (830 pages) |
| Disciplina | 652.8 |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico |
Cryptography
Data encryption (Computer science) |
| ISBN | 3-031-15979-9 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Organization -- Contents - Part II -- Secure Messaging -- .24em plus .1em minus .1emUniversally Composable End-to-End Secure Messaging -- 1 Introduction -- 1.1 This Work -- 1.2 On the Ideal Secure Messaging Functionality, FSM -- 1.3 Realizing FSM, Modularly -- 1.4 Streamlining UC Analysis -- 1.5 Related Work -- 2 Universally Composable Security: New Capabilities -- 3 Formal Modeling and Analysis -- References -- On the Insider Security of MLS -- 1 Introduction -- 1.1 Background and Motivation -- 1.2 Our Contribution -- 1.3 Related Work -- 1.4 Outline of the Rest of the Paper -- 2 Preliminaries -- 2.1 Notation -- 2.2 Universal Composability -- 3 Insider-Secure Continuous Group Key Agreement -- 3.1 Overview -- 3.2 PKI Setup -- 3.3 Interfaces of the CGKA Functionality -- 3.4 History Graph -- 3.5 Details of the CGKA Functionality -- 4 The Insider-Secure TreeKEM Protocol -- 5 Security of ITK -- 6 Insider Attacks -- 6.1 An Attack on Authenticity in Certain Modes -- 6.2 Breaking Agreement -- 6.3 Inadequate Joiner Security (Tree-Signing) -- 6.4 IND-CPA Security Is Insufficient -- References -- Lattice-Based Zero Knowledge -- Lattice-Based Zero-Knowledge Proofs and Applications: Shorter, Simpler, and More General -- 1 Introduction -- 1.1 Prior Art for Proofs of (1) -- 1.2 Our Results -- 1.3 Techniques Overview -- 2 Preliminaries -- 2.1 Notation -- 2.2 Probability Distributions -- 2.3 Module-SIS and Module-LWE Problems -- 2.4 Rejection Sampling -- 2.5 Challenge Space -- 3 The ABDLOP Commitment Scheme and Proofs of Linear Relations -- 3.1 The ABDLOP Commitment Scheme -- 4 Proofs of Quadratic Relations -- 4.1 Single Quadratic Equation with Automorphisms -- 4.2 Many Quadratic Equations with Automorphisms -- 4.3 Polynomial Evaluations with Vanishing Constant Coefficients -- References.
Lattice-Based SNARKs: Publicly Verifiable, Preprocessing, and Recursively Composable -- 1 Introduction -- 1.1 The Seascape of SNARKs -- 1.2 Our Contributions -- 1.3 Technical Overview -- 1.4 Application -- 1.5 Related Work -- 2 Preliminaries -- 2.1 Lattices -- 2.2 Sampling Algorithms -- 2.3 Hard Problems -- 3 The kMISIS Assumption -- 3.1 Knowledge Variants -- 4 Compact Extractable Vector Commitments -- 4.1 Definitions -- 4.2 Construction -- References -- Practical Sublinear Proofs for R1CS from Lattices -- 1 Introduction -- 1.1 Technical Overview -- 2 Preliminaries -- 2.1 Notation -- 2.2 Module-SIS and Module-LWE Problems -- 2.3 Challenge Space -- 2.4 BDLOP Commitment Scheme -- 3 Interactive Schwartz-Zippel -- 3.1 Making Use of Lemma 2 in Zero-Knowledge Protocols -- 4 Exact Amortized Binary Opening Proof -- 4.1 Extending the Proof to Linear and Product Relations -- 4.2 Proof Size -- 5 Induction -- References -- Quantum Cryptography II -- On the Impossibility of Key Agreements from Quantum Random Oracles -- 1 Introduction -- 1.1 Our Results -- 1.2 Technical Overview -- 1.3 Related Work -- 2 Preliminaries and Notation -- 2.1 Quantum Computation -- 2.2 Key Agreement Using Quantum Computation and Classical Communication -- 3 Attacking Classical-Alice Quantum-Bob Protocols -- 3.1 Useful Lemmas -- 3.2 The Attack and Its Analysis -- 4 Attacking Quantum-Alice Quantum-Bob Protocols -- 4.1 Main Conjecture and Related Notions -- 4.2 Attacking Quantum-Alice Quantum-Bob Protocols -- 4.3 Proof of Lemma 4.7 -- 5 Case of Exponentially Small Influences: Proving Theorem 4.4 -- 5.1 The Polynomial Formulation -- 5.2 Proving Theorem 4.4 -- References -- Succinct Classical Verification of Quantum Computation -- 1 Introduction -- 2 Technical Overview -- 2.1 Recap: Mahadev's Measurement Protocol -- 2.2 Defining a (Succinct) Measurement Protocol. 2.3 Constructing a Verifier-Succinct Measurement Protocol -- 2.4 Proof of Soundness -- 2.5 From a Verifier-Succinct Measurement Protocol to Succinct Arguments for BQP -- References -- On the Feasibility of Unclonable Encryption, and More -- 1 Introduction -- 1.1 Achieving Unclonable Indistinguishability: Challenges -- 1.2 Our Results -- 1.3 Organization -- 1.4 Technical Overview -- 1.5 Related Work -- 2 Preliminaries -- 2.1 Basics -- 2.2 Quantum Random Oracle Model (QROM) -- 2.3 More on Jordan's Lemma -- 2.4 Measuring Success Probability -- 2.5 Unclonable Encryption -- 3 More on Coset States -- 3.1 Preliminaries -- 3.2 Strengthened MOE Game in the QROM -- 3.3 Proof for Theorem 12 -- 4 Unclonable Encryption in the QROM -- 5 Copy-Protection for Point Functions in QROM -- 5.1 Copy-Protection Preliminaries -- 5.2 Construction -- References -- Lattice-Based Signatures -- Shorter Hash-and-Sign Lattice-Based Signatures -- 1 Introduction -- 1.1 Hash-and-Sign Signatures over Lattices -- 1.2 Our Contributions -- 1.3 Related Works -- 2 Background -- 3 New Hash-and-Sign Tradeoffs -- 3.1 Shorter Signatures by Elliptic Sampling -- 3.2 Parameters Selection -- 4 Security Analysis -- 4.1 Forging Signatures -- 4.2 Key-Recovery Attacks -- 4.3 Concrete Security Estimates -- 5 Batch Compressing Gaussian Vectors -- 5.1 Preliminary Information-Theoretical Analysis -- 5.2 Golomb-Rice Style Coding of a Single Variable -- 5.3 Batch-Coding and Full Signature Compression -- 5.4 Nearly Optimal Encoding for Hash-and-Sign Signatures -- References -- MuSig-L: Lattice-Based Multi-signature with Single-Round Online Phase -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Our Techniques -- 1.3 Other Related Work -- 2 Preliminaries -- 2.1 Assumptions -- 2.2 Offline-Online Multi-signature -- 3 Our MuSig-L Scheme -- 3.1 Definition of the Scheme -- 3.2 Rejection Sampling. 3.3 Correctness and Efficiency Analysis -- 4 Security Proofs -- 4.1 Reduction to LWE and SIS -- 4.2 Switching Lemma -- 4.3 Simulating Nonces via Trapdoor Sampling -- 4.4 Oracle Simulation Lemma -- 4.5 MS-UF-CMA Security of MuSig-L -- References -- A New Framework for More Efficient Round-Optimal Lattice-Based (Partially) Blind Signature via Trapdoor Sampling -- 1 Introduction -- 1.1 Background -- 1.2 Our Contribution -- 1.3 Technical Overview -- 2 Preliminaries -- 2.1 Blind Signature -- 2.2 Non-interactive Zero-Knowledge Proofs in the (Q)ROM -- 3 Lattice-Based Blind Signature from Compatible Commitments -- 3.1 Trapdoor-Sampling-Compatible Commitments -- 3.2 Construction of Blind Signature -- 3.3 Proof of One-More Unforgeability -- 3.4 Extension: Partially Blind Signatures -- 4 Instantiating Our Generic Construction -- 4.1 Concrete Choices for Trapdoor-Sampling-Compatible Commitments and Single-Proof Extractable NIZK -- 4.2 Concrete Choice for Multi-proof Extractable NIZK -- 4.3 Putting Everything Together -- References -- Blockchain -- Ofelimos: Combinatorial Optimization via Proof-of-Useful-Work*1mm -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Related Work -- 1.3 Organization of the Paper -- 2 Preliminaries -- 3 Doubly Parallel Local Search -- 3.1 Overview -- 3.2 DPLS Modeled in a Blockchain Setting -- 3.3 An Example -- 3.4 Generality of the Approach -- 4 Moderately Hard DAG Computations -- 4.1 Syntax -- 4.2 Moderate Hardness -- 5 The PoUW Blockchain Protocol -- 5.1 Protocol Description -- 5.2 Deployment Considerations -- 6 Security Analysis -- 6.1 Ledger Security -- 6.2 Protocol Usefulness -- References -- Practical Statistically-Sound Proofs of Exponentiation in Any Group -- 1 Introduction -- 1.1 Our Contribution -- 1.2 Additional Related Work -- 2 Basic Protocol -- 2.1 Soundness -- 2.2 Efficiency. 3 Reducing (Verifier-) Complexity by Batching -- 3.1 The Protocol -- 3.2 Improving Verifier's Efficiency -- A Improving Verifier's Efficiency -- B Application in Polynomial Commitments -- B.1 Efficiency -- References -- .26em plus .1em minus .1emFormalizing Delayed Adaptive Corruptions and the Security of Flooding Networks -- 1 Introduction -- 1.1 Motivation -- 1.2 Contributions and Results -- 1.3 Techniques -- 1.4 Related Work -- 2 Preliminaries -- 2.1 Notation -- 2.2 Universally Composable Security -- 3 Delayed Adversaries Within UC -- 3.1 The -Delay Shell -- 3.2 Relating Corruption Models -- 4 Functionalities -- 4.1 MessageTransfer -- 4.2 Flood -- 5 Implementations of Flood -- 5.1 Naive Flood -- 5.2 Efficient Flood -- 6 Conclusion and Future Work -- References -- Best Paper Awards -- Batch Arguments for NP and More from Standard Bilinear Group Assumptions -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Technical Overview -- 1.3 Related Work -- 2 Preliminaries -- 2.1 Non-Interactive Batch Arguments for NP -- 3 BARG for NP from Subgroup Decision in Bilinear Groups -- 4 BARG for NP from k-Lin in Bilinear Groups -- 5 Extensions and Applications -- References -- Breaking Rainbow Takes a Weekend on a Laptop -- 1 Introduction -- 2 Preliminaries -- 3 Simple Attack -- 4 Combination with Rectangular MinRank Attack -- 5 Experimental Results and Conclusion -- A Rank Experiments -- References -- Some Easy Instances of Ideal-SVP and Implications on the Partial Vandermonde Knapsack Problem -- 1 Introduction -- 2 Preliminaries -- 2.1 Number Fields -- 2.2 Lattices -- 2.3 Representation and Size of Algebraic Objects -- 2.4 The Partial Vandermonde Knapsack Problem -- 3 Easy Instances of Ideal-SVP -- 3.1 Reducing the Ideal in a Subfield -- 3.2 Proof of Theorem 3.1 -- 4 Easy Instances of Partial Vandermonde Knapsack -- 4.1 PV-Knap as an Instance of Ideal Hermite BDD. 4.2 Reduction from Ideal Hermite BDD to Ideal Hermite SVP in the Inverse Ideal. |
| Record Nr. | UNISA-996495571603316 |
| Cham, Switzerland : , : Springer, , [2022] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Advances in Cryptology - CRYPTO 2022 : 42nd annual international Cryptology conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings, part IV / / edited by Yevgeniy Dodis, Thomas Shrimpton
| Advances in Cryptology - CRYPTO 2022 : 42nd annual international Cryptology conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings, part IV / / edited by Yevgeniy Dodis, Thomas Shrimpton |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer, , [2022] |
| Descrizione fisica | 1 online resource (590 pages) |
| Disciplina | 929 |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico | Cryptography |
| ISBN | 3-031-15985-3 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Record Nr. | UNISA-996495571703316 |
| Cham, Switzerland : , : Springer, , [2022] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Advances in Cryptology - CRYPTO 2022 : 42nd annual international Cryptology conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings, part IV / / edited by Yevgeniy Dodis, Thomas Shrimpton
| Advances in Cryptology - CRYPTO 2022 : 42nd annual international Cryptology conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings, part IV / / edited by Yevgeniy Dodis, Thomas Shrimpton |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer, , [2022] |
| Descrizione fisica | 1 online resource (590 pages) |
| Disciplina | 929 |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico | Cryptography |
| ISBN | 3-031-15985-3 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Record Nr. | UNINA-9910616373503321 |
| Cham, Switzerland : , : Springer, , [2022] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Advances in cryptology - CRYPTO 2022 : 42nd annual international cryptology conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings, Part II / / edited by Yevgeniy Dodis and Thomas Shrimpton
| Advances in cryptology - CRYPTO 2022 : 42nd annual international cryptology conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, proceedings, Part II / / edited by Yevgeniy Dodis and Thomas Shrimpton |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer, , [2022] |
| Descrizione fisica | 1 online resource (830 pages) |
| Disciplina | 652.8 |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico |
Cryptography
Data encryption (Computer science) |
| ISBN | 3-031-15979-9 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Organization -- Contents - Part II -- Secure Messaging -- .24em plus .1em minus .1emUniversally Composable End-to-End Secure Messaging -- 1 Introduction -- 1.1 This Work -- 1.2 On the Ideal Secure Messaging Functionality, FSM -- 1.3 Realizing FSM, Modularly -- 1.4 Streamlining UC Analysis -- 1.5 Related Work -- 2 Universally Composable Security: New Capabilities -- 3 Formal Modeling and Analysis -- References -- On the Insider Security of MLS -- 1 Introduction -- 1.1 Background and Motivation -- 1.2 Our Contribution -- 1.3 Related Work -- 1.4 Outline of the Rest of the Paper -- 2 Preliminaries -- 2.1 Notation -- 2.2 Universal Composability -- 3 Insider-Secure Continuous Group Key Agreement -- 3.1 Overview -- 3.2 PKI Setup -- 3.3 Interfaces of the CGKA Functionality -- 3.4 History Graph -- 3.5 Details of the CGKA Functionality -- 4 The Insider-Secure TreeKEM Protocol -- 5 Security of ITK -- 6 Insider Attacks -- 6.1 An Attack on Authenticity in Certain Modes -- 6.2 Breaking Agreement -- 6.3 Inadequate Joiner Security (Tree-Signing) -- 6.4 IND-CPA Security Is Insufficient -- References -- Lattice-Based Zero Knowledge -- Lattice-Based Zero-Knowledge Proofs and Applications: Shorter, Simpler, and More General -- 1 Introduction -- 1.1 Prior Art for Proofs of (1) -- 1.2 Our Results -- 1.3 Techniques Overview -- 2 Preliminaries -- 2.1 Notation -- 2.2 Probability Distributions -- 2.3 Module-SIS and Module-LWE Problems -- 2.4 Rejection Sampling -- 2.5 Challenge Space -- 3 The ABDLOP Commitment Scheme and Proofs of Linear Relations -- 3.1 The ABDLOP Commitment Scheme -- 4 Proofs of Quadratic Relations -- 4.1 Single Quadratic Equation with Automorphisms -- 4.2 Many Quadratic Equations with Automorphisms -- 4.3 Polynomial Evaluations with Vanishing Constant Coefficients -- References.
Lattice-Based SNARKs: Publicly Verifiable, Preprocessing, and Recursively Composable -- 1 Introduction -- 1.1 The Seascape of SNARKs -- 1.2 Our Contributions -- 1.3 Technical Overview -- 1.4 Application -- 1.5 Related Work -- 2 Preliminaries -- 2.1 Lattices -- 2.2 Sampling Algorithms -- 2.3 Hard Problems -- 3 The kMISIS Assumption -- 3.1 Knowledge Variants -- 4 Compact Extractable Vector Commitments -- 4.1 Definitions -- 4.2 Construction -- References -- Practical Sublinear Proofs for R1CS from Lattices -- 1 Introduction -- 1.1 Technical Overview -- 2 Preliminaries -- 2.1 Notation -- 2.2 Module-SIS and Module-LWE Problems -- 2.3 Challenge Space -- 2.4 BDLOP Commitment Scheme -- 3 Interactive Schwartz-Zippel -- 3.1 Making Use of Lemma 2 in Zero-Knowledge Protocols -- 4 Exact Amortized Binary Opening Proof -- 4.1 Extending the Proof to Linear and Product Relations -- 4.2 Proof Size -- 5 Induction -- References -- Quantum Cryptography II -- On the Impossibility of Key Agreements from Quantum Random Oracles -- 1 Introduction -- 1.1 Our Results -- 1.2 Technical Overview -- 1.3 Related Work -- 2 Preliminaries and Notation -- 2.1 Quantum Computation -- 2.2 Key Agreement Using Quantum Computation and Classical Communication -- 3 Attacking Classical-Alice Quantum-Bob Protocols -- 3.1 Useful Lemmas -- 3.2 The Attack and Its Analysis -- 4 Attacking Quantum-Alice Quantum-Bob Protocols -- 4.1 Main Conjecture and Related Notions -- 4.2 Attacking Quantum-Alice Quantum-Bob Protocols -- 4.3 Proof of Lemma 4.7 -- 5 Case of Exponentially Small Influences: Proving Theorem 4.4 -- 5.1 The Polynomial Formulation -- 5.2 Proving Theorem 4.4 -- References -- Succinct Classical Verification of Quantum Computation -- 1 Introduction -- 2 Technical Overview -- 2.1 Recap: Mahadev's Measurement Protocol -- 2.2 Defining a (Succinct) Measurement Protocol. 2.3 Constructing a Verifier-Succinct Measurement Protocol -- 2.4 Proof of Soundness -- 2.5 From a Verifier-Succinct Measurement Protocol to Succinct Arguments for BQP -- References -- On the Feasibility of Unclonable Encryption, and More -- 1 Introduction -- 1.1 Achieving Unclonable Indistinguishability: Challenges -- 1.2 Our Results -- 1.3 Organization -- 1.4 Technical Overview -- 1.5 Related Work -- 2 Preliminaries -- 2.1 Basics -- 2.2 Quantum Random Oracle Model (QROM) -- 2.3 More on Jordan's Lemma -- 2.4 Measuring Success Probability -- 2.5 Unclonable Encryption -- 3 More on Coset States -- 3.1 Preliminaries -- 3.2 Strengthened MOE Game in the QROM -- 3.3 Proof for Theorem 12 -- 4 Unclonable Encryption in the QROM -- 5 Copy-Protection for Point Functions in QROM -- 5.1 Copy-Protection Preliminaries -- 5.2 Construction -- References -- Lattice-Based Signatures -- Shorter Hash-and-Sign Lattice-Based Signatures -- 1 Introduction -- 1.1 Hash-and-Sign Signatures over Lattices -- 1.2 Our Contributions -- 1.3 Related Works -- 2 Background -- 3 New Hash-and-Sign Tradeoffs -- 3.1 Shorter Signatures by Elliptic Sampling -- 3.2 Parameters Selection -- 4 Security Analysis -- 4.1 Forging Signatures -- 4.2 Key-Recovery Attacks -- 4.3 Concrete Security Estimates -- 5 Batch Compressing Gaussian Vectors -- 5.1 Preliminary Information-Theoretical Analysis -- 5.2 Golomb-Rice Style Coding of a Single Variable -- 5.3 Batch-Coding and Full Signature Compression -- 5.4 Nearly Optimal Encoding for Hash-and-Sign Signatures -- References -- MuSig-L: Lattice-Based Multi-signature with Single-Round Online Phase -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Our Techniques -- 1.3 Other Related Work -- 2 Preliminaries -- 2.1 Assumptions -- 2.2 Offline-Online Multi-signature -- 3 Our MuSig-L Scheme -- 3.1 Definition of the Scheme -- 3.2 Rejection Sampling. 3.3 Correctness and Efficiency Analysis -- 4 Security Proofs -- 4.1 Reduction to LWE and SIS -- 4.2 Switching Lemma -- 4.3 Simulating Nonces via Trapdoor Sampling -- 4.4 Oracle Simulation Lemma -- 4.5 MS-UF-CMA Security of MuSig-L -- References -- A New Framework for More Efficient Round-Optimal Lattice-Based (Partially) Blind Signature via Trapdoor Sampling -- 1 Introduction -- 1.1 Background -- 1.2 Our Contribution -- 1.3 Technical Overview -- 2 Preliminaries -- 2.1 Blind Signature -- 2.2 Non-interactive Zero-Knowledge Proofs in the (Q)ROM -- 3 Lattice-Based Blind Signature from Compatible Commitments -- 3.1 Trapdoor-Sampling-Compatible Commitments -- 3.2 Construction of Blind Signature -- 3.3 Proof of One-More Unforgeability -- 3.4 Extension: Partially Blind Signatures -- 4 Instantiating Our Generic Construction -- 4.1 Concrete Choices for Trapdoor-Sampling-Compatible Commitments and Single-Proof Extractable NIZK -- 4.2 Concrete Choice for Multi-proof Extractable NIZK -- 4.3 Putting Everything Together -- References -- Blockchain -- Ofelimos: Combinatorial Optimization via Proof-of-Useful-Work*1mm -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Related Work -- 1.3 Organization of the Paper -- 2 Preliminaries -- 3 Doubly Parallel Local Search -- 3.1 Overview -- 3.2 DPLS Modeled in a Blockchain Setting -- 3.3 An Example -- 3.4 Generality of the Approach -- 4 Moderately Hard DAG Computations -- 4.1 Syntax -- 4.2 Moderate Hardness -- 5 The PoUW Blockchain Protocol -- 5.1 Protocol Description -- 5.2 Deployment Considerations -- 6 Security Analysis -- 6.1 Ledger Security -- 6.2 Protocol Usefulness -- References -- Practical Statistically-Sound Proofs of Exponentiation in Any Group -- 1 Introduction -- 1.1 Our Contribution -- 1.2 Additional Related Work -- 2 Basic Protocol -- 2.1 Soundness -- 2.2 Efficiency. 3 Reducing (Verifier-) Complexity by Batching -- 3.1 The Protocol -- 3.2 Improving Verifier's Efficiency -- A Improving Verifier's Efficiency -- B Application in Polynomial Commitments -- B.1 Efficiency -- References -- .26em plus .1em minus .1emFormalizing Delayed Adaptive Corruptions and the Security of Flooding Networks -- 1 Introduction -- 1.1 Motivation -- 1.2 Contributions and Results -- 1.3 Techniques -- 1.4 Related Work -- 2 Preliminaries -- 2.1 Notation -- 2.2 Universally Composable Security -- 3 Delayed Adversaries Within UC -- 3.1 The -Delay Shell -- 3.2 Relating Corruption Models -- 4 Functionalities -- 4.1 MessageTransfer -- 4.2 Flood -- 5 Implementations of Flood -- 5.1 Naive Flood -- 5.2 Efficient Flood -- 6 Conclusion and Future Work -- References -- Best Paper Awards -- Batch Arguments for NP and More from Standard Bilinear Group Assumptions -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Technical Overview -- 1.3 Related Work -- 2 Preliminaries -- 2.1 Non-Interactive Batch Arguments for NP -- 3 BARG for NP from Subgroup Decision in Bilinear Groups -- 4 BARG for NP from k-Lin in Bilinear Groups -- 5 Extensions and Applications -- References -- Breaking Rainbow Takes a Weekend on a Laptop -- 1 Introduction -- 2 Preliminaries -- 3 Simple Attack -- 4 Combination with Rectangular MinRank Attack -- 5 Experimental Results and Conclusion -- A Rank Experiments -- References -- Some Easy Instances of Ideal-SVP and Implications on the Partial Vandermonde Knapsack Problem -- 1 Introduction -- 2 Preliminaries -- 2.1 Number Fields -- 2.2 Lattices -- 2.3 Representation and Size of Algebraic Objects -- 2.4 The Partial Vandermonde Knapsack Problem -- 3 Easy Instances of Ideal-SVP -- 3.1 Reducing the Ideal in a Subfield -- 3.2 Proof of Theorem 3.1 -- 4 Easy Instances of Partial Vandermonde Knapsack -- 4.1 PV-Knap as an Instance of Ideal Hermite BDD. 4.2 Reduction from Ideal Hermite BDD to Ideal Hermite SVP in the Inverse Ideal. |
| Record Nr. | UNINA-9910616370103321 |
| Cham, Switzerland : , : Springer, , [2022] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||