Results 1  10
of
22
Visual Cryptography for General Access Structures
, 1996
"... A visual cryptography scheme for a set P of n participants is a method to encode a secret image SI into n shadow images called shares, where each participant in P receives one share. Certain qualified subsets of participants can "visually" recover the secret image, but other, forbidden, sets of part ..."
Abstract

Cited by 71 (9 self)
 Add to MetaCart
A visual cryptography scheme for a set P of n participants is a method to encode a secret image SI into n shadow images called shares, where each participant in P receives one share. Certain qualified subsets of participants can "visually" recover the secret image, but other, forbidden, sets of participants have no information (in an informationtheoretic sense) on SI . A "visual" recovery for a set X ` P consists of xeroxing the shares given to the participants in X onto transparencies, and then stacking them. The participants in a qualified set X will be able to see the secret image without any knowledge of Cryptography and without performing any cryptographic computation. In this paper we propose two techniques to construct visual cryptography schemes for general access structures. We analyze the structure of visual cryptography schemes and we prove bounds on the size of the shares distributed to the participants in the scheme. We provide a novel technique to realize k out of n thre...
On Some Methods for Unconditionally Secure Key Distribution and Broadcast Encryption
 Designs, Codes and Cryptography
, 1996
"... This paper provides an exposition of methods by which a trusted authority can distribute keys and/or broadcast a message over a network, so that each member of a privileged subset of users can compute a specified key or decrypt the broadcast message. Moreover, this is done in such a way that no coal ..."
Abstract

Cited by 50 (8 self)
 Add to MetaCart
This paper provides an exposition of methods by which a trusted authority can distribute keys and/or broadcast a message over a network, so that each member of a privileged subset of users can compute a specified key or decrypt the broadcast message. Moreover, this is done in such a way that no coalition is able to recover any information on a key or broadcast message they are not supposed to know. The problems are studied using the tools of information theory, so the security provided is unconditional (i.e., not based on any computational assumption). We begin by surveying some useful schemes schemes for key distribution that have been presented in the literature, giving background and examples (but not too many proofs). In particular, we look more closely at the attractive concept of key distribution patterns, and present a new method for making these schemes more efficient through the use of resilient functions. Then we present a general approach to the construction of broadcast sch...
Secure Frameproof Codes, Key Distribution Patterns, Group Testing Algorithms and Related Structures
 Journal of Statistical Planning and Inference
, 1997
"... Frameproof codes were introduced by Boneh and Shaw as a method of "digital fingerprinting" which prevents a coalition of a specified size c from framing a user not in the coalition. Stinson and Wei then gave a combinatorial formulation of the problem in terms of certain types of extremal set sytems. ..."
Abstract

Cited by 46 (11 self)
 Add to MetaCart
Frameproof codes were introduced by Boneh and Shaw as a method of "digital fingerprinting" which prevents a coalition of a specified size c from framing a user not in the coalition. Stinson and Wei then gave a combinatorial formulation of the problem in terms of certain types of extremal set sytems. In this paper, we study frameproof codes that provide a certain (weak) form of traceability. We extend our combinatorial formulation to address this stronger requirement, and show that the problem is solved by using (i; j)separating systems, as defined by Friedman, Graham and Ullman. Using constructions based on perfect hash families, we give the first efficient explicit constructions for these objects for general values of i and j. We also review nonconstructive existence results that are based on probabilistic arguments. Then we look at two other, related concepts, namely key distribution patterns and nonadaptive group testing algorithms. We again approach these problems from the point...
Private Searching On Streaming Data
, 2007
"... In this paper, we consider the problem of private searching on streaming data, where we can efficiently implement searching for documents that satisfy a secret criteria (such as presence or absence of a hidden combination of hidden keywords) under various cryptographic assumptions. Our results can b ..."
Abstract

Cited by 34 (1 self)
 Add to MetaCart
In this paper, we consider the problem of private searching on streaming data, where we can efficiently implement searching for documents that satisfy a secret criteria (such as presence or absence of a hidden combination of hidden keywords) under various cryptographic assumptions. Our results can be viewed in a variety of ways: as a generalization of the notion of Private Information Retrieval (to more general queries and to a streaming environment); as positive results on privacypreserving datamining; and as a delegation of hidden program computation to other machines.
Order preserving minimal perfect hash functions and information retrieval
 ACM TRANSACTIONS ON INFORMATION SYSTEMS
, 1991
"... Rapid access to information is essential for a wide variety of retrieval systems and applications. Hashing has long been used when the fastest possible direct search is desired, but is generally not appropriate when sequential or range searches are also required. This paper describes a hashing metho ..."
Abstract

Cited by 27 (2 self)
 Add to MetaCart
Rapid access to information is essential for a wide variety of retrieval systems and applications. Hashing has long been used when the fastest possible direct search is desired, but is generally not appropriate when sequential or range searches are also required. This paper describes a hashing method, developed for collections that are relatively static, that supports both direct and sequential access. Indeed, the algorithm described gives hash functions that are optimal in terms of time and hash table space utilization, and that preserve any a priori ordering desired. Furthermore, the resulting order preserving minimal perfect hash functions (OPMPHFs) can be
On Universal Classes of Extremely Random Constant Time Hash Functions and Their TimeSpace Tradeoff
"... A family of functions F that map [0; n] 7! [0; n], is said to be hwise independent if any h points in [0; n] have an image, for randomly selected f 2 F , that is uniformly distributed. This paper gives both probabilistic and explicit randomized constructions of n ffl wise independent functions, ..."
Abstract

Cited by 26 (0 self)
 Add to MetaCart
A family of functions F that map [0; n] 7! [0; n], is said to be hwise independent if any h points in [0; n] have an image, for randomly selected f 2 F , that is uniformly distributed. This paper gives both probabilistic and explicit randomized constructions of n ffl wise independent functions, ffl ! 1, that can be evaluated in constant time for the standard random access model of computation. Simple extensions give comparable behavior for larger domains. As a consequence, many probabilistic algorithms can for the first time be shown to achieve their expected asymptotic performance for a feasible model of computation. This paper also establishes a tight tradeoff in the number of random seeds that must be precomputed for a random function that runs in time T and is hwise independent. Categories and Subject Descriptors: E.2 [Data Storage Representation]: Hashtable representation; F.1.2 [Modes of Computation]: Probabilistic Computation; F2.3 [Tradepffs among Computational Measures]...
Isolation, Matching, and Counting: Uniform and Nonuniform Upper Bounds
 Journal of Computer and System Sciences
, 1998
"... We show that the perfect matching problem is in the complexity class SPL (in the nonuniform setting). This provides a better upper bound on the complexity of the matching problem, as well as providing motivation for studying the complexity class SPL. Using similar techniques, we show that counting t ..."
Abstract

Cited by 22 (4 self)
 Add to MetaCart
We show that the perfect matching problem is in the complexity class SPL (in the nonuniform setting). This provides a better upper bound on the complexity of the matching problem, as well as providing motivation for studying the complexity class SPL. Using similar techniques, we show that counting the number of accepting paths of a nondeterministic logspace machine can be done in NL/poly, if the number of paths is small. This clarifies the complexity of the class LogFew (defined and studied in [BDHM91]). Using derandomization techniques, we then improve this to show that this counting problem is in NL. Determining if our other theorems hold in the uniform setting remains an The material in this paper appeared in preliminary form in papers in the Proceedings of the IEEE Conference on Computational Complexity, 1998, and in the Proceedings of the Workshop on Randomized Algorithms, Brno, 1998. y Supported in part by NSF grants CCR9509603 and CCR9734918. z Supported in part by the ...
Some Recursive Constructions for Perfect Hash Families
 JOURNAL OF COMBINATORIAL DESIGNS
, 1996
"... An (n; m;w)perfect hash family is a set of functions F such that f : f1; : : : ; ng ! f1; : : : ; mg for each f 2 F , and for any X ` f1; : : : ; ng such that jX j = w, there exists at least one f 2 F such that f j X is onetoone. Perfect hash families have been extensively studied by computer s ..."
Abstract

Cited by 21 (10 self)
 Add to MetaCart
An (n; m;w)perfect hash family is a set of functions F such that f : f1; : : : ; ng ! f1; : : : ; mg for each f 2 F , and for any X ` f1; : : : ; ng such that jX j = w, there exists at least one f 2 F such that f j X is onetoone. Perfect hash families have been extensively studied by computer scientists for over 15 years, mainly due to their applications in database management. In particular, much attention has been given to finding efficient algorithms to construct perfect hash families. In this paper, we study perfect hash families from a combinatorial viewpoint, and describe some new recursive constructions for these objects.
Monotone Minimal Perfect Hashing: Searching a Sorted Table with O(1) Accesses
"... A minimal perfect hash function maps a set S of n keys into the set { 0, 1,..., n − 1} bijectively. Classical results state that minimal perfect hashing is possible in constant time using a structure occupying space close to the lower bound of log e bits per element. Here we consider the problem of ..."
Abstract

Cited by 20 (8 self)
 Add to MetaCart
A minimal perfect hash function maps a set S of n keys into the set { 0, 1,..., n − 1} bijectively. Classical results state that minimal perfect hashing is possible in constant time using a structure occupying space close to the lower bound of log e bits per element. Here we consider the problem of monotone minimal perfect hashing, in which the bijection is required to preserve the lexicographical ordering of the keys. A monotone minimal perfect hash function can be seen as a very weak form of index that provides ranking just on the set S (and answers randomly outside of S). Our goal is to minimise the description size of the hash function: we show that, for a set S of n elements out of a universe of 2 w elements, O(n log log w) bits are sufficient to hash monotonically with evaluation time O(log w). Alternatively, we can get space O(n log w) bits with O(1) query time. Both of these data structures improve a straightforward construction with O(n log w) space and O(log w) query time. As a consequence, it is possible to search a sorted table with O(1) accesses to the table (using additional O(n log log w) bits). Our results are based on a structure (of independent interest) that represents a trie in a very compact way, but admits errors. As a further application of the same structure, we show how to compute the predecessor (in the sorted order of S) of an arbitrary element, using O(1) accesses in expectation and an index of O(n log w) bits, improving the trivial result of O(nw) bits. This implies an efficient index for searching a blocked memory.