There are several candidate semantically secure encryption schemes, yet in many applications non-malleability of encryptions is crucial. We show how to transform any semantically secure encryption scheme into one that is non-malleable for arbitrarily many messages.

The round complexity of non-malleable commitments and non-malleable zero knowledge arguments has been an open question for long time. Very recent results of Pass [TCC 2013] and of Goyal et al. [FOCS 2014, STOC 2016], gave almost definitive answers. In this work we show how to construct round-efficient non-malleable protocols via compilers. Starting from protocols enjoying limited non-malleabili...

This paper presents a user-level runtime system which provides memory malleability to programs running on non-dedicated computational environments. Memory malleability is analogous to processor malleability in the memory space, i.e. it lets a program shrink and expand its resident set size in response to runtime events, without affecting the correct execution of the program. Malleability become...

Under an adaptive chosen ciphertext attack (CCA2), the security of an encryption scheme must hold against adversaries that have access to a decryption oracle. We consider a weakening of CCA2 security, wherein security need only hold against adversaries making an a-priori bounded number of queries to the decryption oracle. Concerning this notion, which we call bounded-CCA2 security, we show the ...

Related-Key Attacks (RKAs) allow an adversary to observe the outcomes of a cryptographic primitive under not only its original secret key e.g., s, but also a sequence of modified keys φ(s), where φ is specified by the adversary from a class Φ of so-called Related-Key Derivation (RKD) functions. This paper extends the notion of non-malleable Key Derivation Functions (nm-KDFs), introduced by Faus...

In this paper we consider commitment schemes that are secure against concurrent poly-time man-in-the-middle (cMiM) attacks. Under such attacks, two possible notions of security for commitment schemes have been proposed in the literature: concurrent nonmalleability with respect to commitment and concurrent non-malleability with respect to decommitment (i.e., opening). After the original notion o...

We compare the relative strengths of popular notions of security for public-key encryption schemes. We consider the goals of privacy and non-malleability, each under chosen-plaintext attack and two kinds of chosen-ciphertext attack. For each of the resulting pairs of definitions we prove either an implication (every scheme meeting one notion must meet the other) or a separation (there is a sche...

In this work, we settle the relations among a variety of security notions related to non-malleability and CCA-security that have been proposed for commitment schemes in the literature. Interestingly, all our separations follow from two generic transformations. Given two appropriate security notions X and Y from the class of security notions we compare, these transformations take a commitment sc...

Qin, Liu, Yuen, Deng, and Chen (PKC 2015) gave a new security notion of key-derivation function (KDF), continuous non-malleability with respect to Φ-related-key attacks (Φ-CNM), and its application to RKA-secure public-key cryptographic primitives. They constructed a KDF from cryptographic primitives and showed that the obtained KDF is Φhoe&iocr-CNM, where Φhoe&iocr contains the identity functi...