### Citations

663 | Fully homomorphic encryption using ideal lattices
- Gentry
- 2009
(Show Context)
Citation Context ... We target organizations moving to the cloud, or outsourcing their services, that wish to access or allocate virtual resources anonymously. Cryptographic systems, such as fully homomorphic encryption =-=[11]-=-, do not solve the oblivious assignment problem. Homomorphic encryption allows clients to perform computation over encrypted data ensuring that sensitive information remain inaccessible to the cloud p... |

400 |
A public key cryptosystem and a signature scheme based on discrete logarithms
- Gamal
- 1985
(Show Context)
Citation Context ...y slots. Invalid tickets help prevent leakage of information on actual assignments. At the beginning of each round, the coordinator picks one ticket, encrypts the request token via ElGamal encryption =-=[10]-=-, and forwards the token to the next process in the ring. Upon the receipt of the token, a process pi picks a ticket, re-encrypts the token to make it indistinguishable, and forwards it to the next pr... |

282 |
Foundations of Cryptography: Volume 2 – Basic Applications
- Goldreich
- 2004
(Show Context)
Citation Context ...ot rj assigned to pi. To release the slot rj, pi invokes a release() operation. Processes do not crash. We assume the existence of a coalition C (with 1 ≤ |C| ≤ n − 2) of honest-but-curious processes =-=[12]-=-. Such processes act according to their algorithm but they can collaborate to acquire and share information about others processes. Processes not belonging to the coalition C are said to be honest, th... |

237 | The decisional diffie-hellman problem.
- Boneh
- 1998
(Show Context)
Citation Context ...is a random element uniformly selected from a set S. In the following, we will assume to have a cyclic subgroup G of prime order q and generator g where the Decisional Diffie-Hellman (DDH) assumption =-=[7]-=- holds. Informally, the DDH assumption states that given a triple (gx, gy , gxy ) with x, y u ←−Zq it can be distinguished from a triple in the form (gx, gy , gz ), with z u ←−Zq, by using a probabili... |

185 | An optimal algorithm for mutual exclusion in computer networks,”
- Ricart, Agrawala
- 1981
(Show Context)
Citation Context ...Work Defining distributed algorithms for accessing resources in mutual exclusion has been a mainstream field of research in the eighties [18] and several efficient algorithms have been devised (e.g., =-=[19]-=-, [21], [16] just 1to cite a few). To facilitate fault tolerance without assuming failure detection, the general mutual exclusion problem has been extended to the k-mutual exclusion one [17], where a... |

169 |
Distributed Computing, Fundamentals, Simulations, and Advanced Topics.
- Attiya, Welch
- 1998
(Show Context)
Citation Context ...e final objective is to select unique identifiers from a smaller name space. Combining together renaming and k-exclusion, a more general specification, called k-assignment with m slots can be defined =-=[4]-=-. Informally, such a problem requires that at most k processes access concurrently one of the m distinct available slots. All these existing algorithms do not mask the assignment between slots and com... |

139 |
Algorithms for mutual exclusion
- Raynal
- 1986
(Show Context)
Citation Context ... omitted in the text and can be found in Appendix A. 2 Related Work Defining distributed algorithms for accessing resources in mutual exclusion has been a mainstream field of research in the eighties =-=[18]-=- and several efficient algorithms have been devised (e.g., [19], [21], [16] just 1to cite a few). To facilitate fault tolerance without assuming failure detection, the general mutual exclusion proble... |

118 |
Distributed systems, towards a formal approach. IFIP Congress,
- Lann
- 1977
(Show Context)
Citation Context ...ion are ([14],[16],[17],[18]). A class of algorithms that satisfies the necessary condition of Lemma 1 is the one based on a rotating coordinator approach (also called perpetual circulating token [5],=-=[15]-=-) as shown in the next section. 5 A Rotating Token Algorithm for Solving O-mA 5.1 Ruling out trivial perpetual circulating token algorithms Let us consider a trivial token circulating algorithm, namel... |

113 |
Renaming in an asynchronous environment.
- Attiya, Bar-Noy, et al.
- 1990
(Show Context)
Citation Context ...y be requested by n processes and the authors shown that the problem can be solved in an asynchronous distributed system, as long as at most k/2 processes can fail. Similarly, in the renaming problem =-=[3]-=-, each participating process is initially associated to a unique identifier from a large name space and the final objective is to select unique identifiers from a smaller name space. Combining togethe... |

112 | Universal Re-encryption for Mixnets,”
- Golle
- 2004
(Show Context)
Citation Context ...deed, given (gr, tgrY ), it is enough to select r∗ u ←−Zq and compute a new and unlinkable ciphertext (gr+r∗ , tg (r+r∗)Y ). The security of this randomized ElGamal encryption still holds as shown in =-=[13]-=-. 5.4 The Algorithm In this section, we provide the details of the oblivious assignment scheme for our system model. In particular, we first describe the data structures maintained locally by each pro... |

80 |
A distributed mutual exclusion algorithm
- Suzuki, Kasami
- 1985
(Show Context)
Citation Context ...efining distributed algorithms for accessing resources in mutual exclusion has been a mainstream field of research in the eighties [18] and several efficient algorithms have been devised (e.g., [19], =-=[21]-=-, [16] just 1to cite a few). To facilitate fault tolerance without assuming failure detection, the general mutual exclusion problem has been extended to the k-mutual exclusion one [17], where at most... |

47 |
Untraceable RFID tags via insubvertible encryption
- Ateniese, Camenisch, et al.
- 2005
(Show Context)
Citation Context ...t byzantine adversaries. Inevitably, these tools will make our scheme substantially more expensive. In particular, it’s possible to prevent injection of spurious messages via insubvertible encryption =-=[2]-=-, that is, ciphertexts can still be randomized as in our scheme but no adversary can inject ciphertexts not produced by the round leader. At the same time, no existing ciphertext can be corrupted unle... |

46 |
Mental Poker”,
- Shamir, Rivest, et al.
- 1979
(Show Context)
Citation Context ...here exist more efficient alternatives for many functionalities. The one that is more closely related to the oblivious assignment functionality is referred to as mental poker. Mental poker algorithms =-=[20]-=- allow people to play card games over networks without any trusted dealer. The basic idea is to assign cards to players such that cards stay private and can be safely shuffled. In addition, it is poss... |

42 |
The ambiguity of choosing.
- Burns, Peterson
- 1989
(Show Context)
Citation Context ...d to solve this more general problem in an asynchronous message passing system (e.g. [14], [8]). A different generalization of the mutual exclusion problem, namely k-assignment, has been presented in =-=[9]-=-. In k-assignment there are k < n identical, named resources that may be requested by n processes and the authors shown that the problem can be solved in an asynchronous distributed system, as long as... |

23 |
A Distributed Algorithm For Multiple Entries To A Critical Section
- Raymond
(Show Context)
Citation Context ...d (e.g., [19], [21], [16] just 1to cite a few). To facilitate fault tolerance without assuming failure detection, the general mutual exclusion problem has been extended to the k-mutual exclusion one =-=[17]-=-, where at most k different processes can concurrently access the same resource; general strategies working in a failure-free environment have been adapted to solve this more general problem in an asy... |

18 | A distributed k-mutual exclusion algorithm
- Bulgannawar, Vaidya
- 1995
(Show Context)
Citation Context ...currently access the same resource; general strategies working in a failure-free environment have been adapted to solve this more general problem in an asynchronous message passing system (e.g. [14], =-=[8]-=-). A different generalization of the mutual exclusion problem, namely k-assignment, has been presented in [9]. In k-assignment there are k < n identical, named resources that may be requested by n pro... |

13 |
Mental poker revisited.
- Barnett, Smart
- 2003
(Show Context)
Citation Context ... that cards stay private and can be safely shuffled. In addition, it is possible to detect cheaters. While the original scheme [20] represented each card with a large number of bits, more recent work =-=[6]-=- makes card sizes smaller and independent of the number of players. The oblivious assignment problem does not fit completely within the mental poker framework. In our model, we must avoid starvation a... |

8 | A distributed k-mutual exclusion algorithm using k-coterie
- Kakugawa, Fujita, et al.
- 1994
(Show Context)
Citation Context ...an concurrently access the same resource; general strategies working in a failure-free environment have been adapted to solve this more general problem in an asynchronous message passing system (e.g. =-=[14]-=-, [8]). A different generalization of the mutual exclusion problem, namely k-assignment, has been presented in [9]. In k-assignment there are k < n identical, named resources that may be requested by ... |

1 |
A square root n algorithm for mutual exclusion in decentralized systems
- Maekawa
- 1985
(Show Context)
Citation Context ...g distributed algorithms for accessing resources in mutual exclusion has been a mainstream field of research in the eighties [18] and several efficient algorithms have been devised (e.g., [19], [21], =-=[16]-=- just 1to cite a few). To facilitate fault tolerance without assuming failure detection, the general mutual exclusion problem has been extended to the k-mutual exclusion one [17], where at most k dif... |