Lecturer: Yevgeniy Dodis Lecture 9
نویسنده
چکیده
Up to this point all our security definitions in the CRS model have (either implicitly or explicitly) made the assumption that the adversary selects the target statement independently from the CRS. For example in the definition of soundness1 the false statement y is chosen by adversary P on input only (1λ). Less explicitly, although the definitions of ZK and same-string ZK quantify over all statements in the language they do not provide the adversary with any extra side information such as the variable aux which an adversary V might learn from selecting y adaptively. Thus the seemingly strong quantification over all statements still doesn’t capture the setting where V generates y depending on the CRS adaptively.
منابع مشابه
Domain Extension for MACs Beyond the Birthday Barrier
Given an n-bit to n-bit MAC (e.g., a fixed key blockcipher) with MAC security ε against q queries, we design a variable-length MAC achieving MAC security O(εq poly(n)) against queries of total length qn. In particular, our construction is the first to break the “birthday barrier” for MAC domain extension from noncompressing primitives, since our security bound is meaningful even for q = 2/poly(...
متن کاملThreshold and Proactive Pseudo-Random Permutations
We construct a reasonably efficient threshold and proactive pseudo-random permutation (PRP). Our protocol needs only O(1) communication rounds. It tolerates up to (n − 1)/2 of n dishonest servers in the semi-honest environment. Many protocols that use PRPs (e.g., a CBC block cipher mode) can now be translated into the distributed setting. Our main technique for constructing invertible threshold...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2009