a non-malleable code is a variant of an encoding scheme which is resilient to tampering attacks. the main idea behind nonmalleable coding is that the adversary should not be able to obtain any valuable information about the message. non-malleablecodes are used in tamper-resilient cryptography and protecting memories against tampering attacks. many different types of nonmalleability have already...

A non-malleable code is a variant of an encoding scheme which is resilient to tampering attacks. The main idea behind non-malleable coding is that the adversary should not be able to obtain any valuable information about the message. Non-malleable codes are used in tamper-resilient cryptography and protecting memories against tampering attacks. Many different types of non-malleability have alre...

Non-malleable codes are a natural relaxation of error correcting/detecting codes that have useful applications in the context of tamper resilient cryptography. Informally, a code is non-malleable if an adversary trying to tamper with an encoding of a given message can only leave it unchanged or modify it to the encoding of a completely unrelated value. This paper introduces an extension of the ...

We explore whether non-malleability is necessary for the applications typically used to mo-tivate it, and propose two alternatives. The first we call weak non-malleability (wnm) and showthat it suffices to achieve secure contract bidding (the application for which non-malleability wasinitially introduced), despite being strictly weaker than non-malleability. The second we callta...

Roughly speaking, an encryption scheme is said to be non-malleable, if no adversary can modify a ciphertext so that the resulting message is meaningfully related to the original message. We compare this notion of security to secrecy and authenticity, and provide a complete characterization of their relative strengths. In particular, we show that information-theoretic perfect non-malleability is...

We introduce a new security notion for public-key encryption (PKE) that we dub non-malleability under (chosen-ciphertext) self-destruct attacks (NM-SDA), which appears to be the strongest natural PKE security notion below full-blown chosen-ciphertext (IND-CCA) security. In this notion, the adversary is allowed to ask many adaptive “parallel” decryption queries (i.e., a query consists of many ci...

In encryption, non-malleability is a highly desirable property: it ensures that adversaries cannot manipulate the plaintext by acting on the ciphertext. In [5], Ambainis et al. gave a definition of non-malleability for the encryption of quantum data. In this work, we show that this definition is too weak, as it allows adversaries to “inject” plaintexts of their choice into the ciphertext. We gi...

The Internet enables concurrent executions of cryptographic protocols. This concurrent setting, however, also brings forth new types of coordinated attacks in which an adversary controls many parties, interleaving the executions of the various protocol instances, and attempts to ”maul” messages from one execution to use in another. In this talk, we will survey some recent methods for achieving ...

We formalize the security notions of non-malleability under selective opening attacks (NM-SO security) in two approaches: the indistinguishability-based approach and the simulationbased approach. We explore the relations between NM-SO security notions and the known selective opening security notions, and the relations between NM-SO security notions and the standard non-malleability notions.

We give an alternative security proof for NMAC and HMAC when deployed as a message authentication code, supplementing the previous result by Bellare (Crypto 2006). We show that (black-box) non-malleability and unpredictability of the compression function suffice in this case, yielding security under different assumptions. This also suggests that some sort of non-malleability is a desirable desi...