Results 1  10
of
14
Replication Is Not Needed: Single Database, ComputationallyPrivate Information Retrieval (Extended Abstract)
 IN PROC. OF THE 38TH ANNU. IEEE SYMP. ON FOUNDATIONS OF COMPUTER SCIENCE
, 1997
"... We establish the following, quite unexpected, result: replication of data for the computational Private Information Retrieval problem is not necessary. More specifically, based on the quadratic residuosity assumption, we present a single database, computationallyprivate informationretrieval scheme ..."
Abstract

Cited by 211 (18 self)
 Add to MetaCart
We establish the following, quite unexpected, result: replication of data for the computational Private Information Retrieval problem is not necessary. More specifically, based on the quadratic residuosity assumption, we present a single database, computationallyprivate informationretrieval scheme with O(n ffl ) communication complexity for any ffl ? 0.
Design and Analysis of Practical PublicKey Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack
 SIAM Journal on Computing
, 2001
"... A new public key encryption scheme, along with several variants, is proposed and analyzed. The scheme and its variants are quite practical, and are proved secure against adaptive chosen ciphertext attack under standard intractability assumptions. These appear to be the first publickey encryption sc ..."
Abstract

Cited by 189 (11 self)
 Add to MetaCart
A new public key encryption scheme, along with several variants, is proposed and analyzed. The scheme and its variants are quite practical, and are proved secure against adaptive chosen ciphertext attack under standard intractability assumptions. These appear to be the first publickey encryption schemes in the literature that are simultaneously practical and provably secure.
Signature Schemes Based on the Strong RSA Assumption
 ACM TRANSACTIONS ON INFORMATION AND SYSTEM SECURITY
, 1998
"... We describe and analyze a new digital signature scheme. The new scheme is quite efficient, does not require the the signer to maintain any state, and can be proven secure against adaptive chosen message attack under a reasonable intractability assumption, the socalled Strong RSA Assumption. Moreove ..."
Abstract

Cited by 150 (8 self)
 Add to MetaCart
We describe and analyze a new digital signature scheme. The new scheme is quite efficient, does not require the the signer to maintain any state, and can be proven secure against adaptive chosen message attack under a reasonable intractability assumption, the socalled Strong RSA Assumption. Moreover, a hash function can be incorporated into the scheme in such a way that it is also secure in the random oracle model under the standard RSA Assumption.
Polynomial approximation algorithms for the TSP and the QAP with a factorial domination number
 Discrete Appl. Math
"... Glover and Punnen (1997) asked whether there exists a polynomial time algorithm that always produces a tour which is not worse than at least n!=p(n) tours for some polynomial p(n) for every TSP instance on n cities. They conjectured that, unless P=NP, the answer to this question is negative. We prov ..."
Abstract

Cited by 23 (16 self)
 Add to MetaCart
Glover and Punnen (1997) asked whether there exists a polynomial time algorithm that always produces a tour which is not worse than at least n!=p(n) tours for some polynomial p(n) for every TSP instance on n cities. They conjectured that, unless P=NP, the answer to this question is negative. We prove that the answer to this question is, in fact, positive. A generalization of the TSP, the quadratic assignment problem, is also considered with respect to the analogous question. Probabilistic, graphtheoretical, grouptheoretical and numbertheoretical methods and results are used. Key words: Traveling salesman problem, quadratic assignment problem, approximation algorithm. 1 Introduction The domination number, dom(A;n), of an approximation algorithm for the traveling salesman problem (TSP) is the maximum integer k = k(n) such that, for every instance I of the TSP on n cities, A produces a tour T which is not worse than at least k tours in I including T itself. F. Glover and A.P. Punnen...
Multitrapdoor commitments and their applications to proofs of knowledge secure under concurrent maninthemiddle attacks,” in CRYPTO, 2004. A Cryptographic Assumptions We define the hardness assumptions that we use in the security proof of our optimized
 Similarly, B recovers Wmid(x) and Ymid(x) such that Wmid = Wmid(s) and Ymid = Ymid(s). Then, it sets H(x) = ((v0(x)+V (x))(w0(x)+W(x))−(y0(x)+Y (x)))/t(x), where V (x) = ∑k∈[N] ckvk(x) +Vmid(x) (and similarly for W(x) and Y (x)). Since the
"... Abstract. We introduce the notion of multitrapdoor commitments which is a stronger form of trapdoor commitment schemes. We then construct two very efficient instantiations of multitrapdoor commitment schemes, one based on the Strong RSA Assumption and the other on the Strong DiffieHellman Assumpt ..."
Abstract

Cited by 14 (1 self)
 Add to MetaCart
Abstract. We introduce the notion of multitrapdoor commitments which is a stronger form of trapdoor commitment schemes. We then construct two very efficient instantiations of multitrapdoor commitment schemes, one based on the Strong RSA Assumption and the other on the Strong DiffieHellman Assumption. The main application of our new notion is the construction of a compiler that takes any proof of knowledge and transforms it into one which is secure against a concurrent maninthemiddle attack (in the common reference string model). When using our specific implementations, this compiler is very efficient (requires no more than four exponentiations) and maintains the round complexity of the original proof of knowledge. The main practical applications of our results are concurrently secure identification protocols. For these applications our results are the first simple and efficient solutions based on the Strong RSA or DiffieHellman Assumption. 1
Domination analysis of combinatorial optimization algorithms and problems
 In Graph Theory, Combinatorics and Algorithms: Interdisciplinary Applications (M.C. Golumbic and I. BenArroyo
, 2005
"... We provide an overview of an emerging area of domination analysis (DA) of combinatorial optimization algorithms and problems. We consider DA theory and its relevance to computational practice. 1 ..."
Abstract

Cited by 10 (5 self)
 Add to MetaCart
We provide an overview of an emerging area of domination analysis (DA) of combinatorial optimization algorithms and problems. We consider DA theory and its relevance to computational practice. 1
A SublinearTime Parallel Algorithm for Integer Modular Exponentiation
, 1999
"... The modular exponentiation problem is, given integers x; a; m with m ? 0, compute x a mod m. Let n denote the sum of the lengths of x, a, and m in binary. We present a parallel algorithm for this problem that takes O(n= log log n) time on the common CRCW PRAM using O(n 2+ffl ) processors. This ..."
Abstract

Cited by 8 (0 self)
 Add to MetaCart
The modular exponentiation problem is, given integers x; a; m with m ? 0, compute x a mod m. Let n denote the sum of the lengths of x, a, and m in binary. We present a parallel algorithm for this problem that takes O(n= log log n) time on the common CRCW PRAM using O(n 2+ffl ) processors. This algorithm is based on Bernstein's Explicit Chinese Remainder Theorem combined with a fast method for parallel prefix summation. We also present a linear time algorithm for the EREW PRAM. 1 Introduction. In this paper we present a new parallel algorithm for the modular exponentiation problem. This problem is, given integers x; a and a positive integer m, compute x a mod m. Applications for this problem are quite numerous, and include primality testing, integer factoring, the discrete logarithm problem, and cryptographic protocols based on these problems such as RSA. It is not an overstatement to say that modular exponentiation is a fundamentally important problem, and fast algorithms for t...
An analysis of the generalized binary GCD algorithm
 HIGH PRIMES AND MISDEMEANORS, LECTURES IN HONOUR OF HUGH COWIE
, 2007
"... In this paper we analyze a slight modification of Jebelean’s version of the kary GCD algorithm. Jebelean had shown that on nbit inputs, the algorithm runs in O(n²) time. In this paper, we show that the average running time of our modified algorithm is O(n²/ log n). This analysis involves explori ..."
Abstract

Cited by 5 (2 self)
 Add to MetaCart
In this paper we analyze a slight modification of Jebelean’s version of the kary GCD algorithm. Jebelean had shown that on nbit inputs, the algorithm runs in O(n²) time. In this paper, we show that the average running time of our modified algorithm is O(n²/ log n). This analysis involves exploring the behavior of spurious factors introduced during the main loop of the algorithm. We also introduce a Jebeleanstyle leftshift kary GCD algorithm with a similar complexity that performs well in practice.
ACE: The Advanced Cryptographic Engine
 Revised, August
, 2000
"... This document describes the Advanced Cryptographic Engine (ACE). It specifies a public key encryption scheme as well as a digital signature scheme with enough detail to ensure interoperability between different implementations. These schemes are almost as efficient as commercially used schemes, yet ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
This document describes the Advanced Cryptographic Engine (ACE). It specifies a public key encryption scheme as well as a digital signature scheme with enough detail to ensure interoperability between different implementations. These schemes are almost as efficient as commercially used schemes, yet unlike such schemes, can be proven secure under reasonable and welldefined intractability assumptions. A concrete security analysis of both schemes is presented.
Polynomial algorithms for the TSP and the QAP with a factorial domination number
, 1998
"... Glover and Punnen (1997) asked whether there exists a polynomial time algorithm that always produces a tour which is not worse than at least n!=p(n) tours for some polynomial p(n) for every TSP instance on n cities. They conjectured that, unless P=NP, the answer to this question is negative. We prov ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
Glover and Punnen (1997) asked whether there exists a polynomial time algorithm that always produces a tour which is not worse than at least n!=p(n) tours for some polynomial p(n) for every TSP instance on n cities. They conjectured that, unless P=NP, the answer to this question is negative. We prove that the answer to this question is, in fact, positive. A generalization of the TSP, the quadratic assignment problem, is also considered with respect to the analogous question. Probabilistic, graphtheoretical, grouptheoretical and numbertheoretical methods and results are used. Key words: the traveling salesman problem, the quadratic assignment problem, domination analysis, metaheuristics. 1 Introduction The domination number, dom(A; n), of an approximation algorithm for the traveling salesman problem (TSP) is the maximum integer k = k(n) such that, for every instance I of the TSP on n cities, A produces a tour T which is not worse than at least k tours in I including T itself. Glov...