Results 1  10
of
122,825
NonMalleable Extractors, TwoSource Extractors and Privacy Amplification
, 2012
"... Dodis and Wichs [DW09] introduced the notion of a nonmalleable extractor to study the problem of privacy amplification with an active adversary. A nonmalleable extractor is a much stronger version of a strong extractor. Given a weaklyrandom string x and a uniformly random seed y as the inputs, th ..."
Abstract

Cited by 12 (2 self)
 Add to MetaCart
. The first part of the connection shows that nonmalleable extractors can be used to construct twosource extractors. If the nonmalleable extractor works for small minentropy and has a short seed length with respect to the error, then the resulted twosource
NonMalleable Cryptography
 SIAM Journal on Computing
, 2000
"... The notion of nonmalleable cryptography, an extension of semantically secure cryptography, is defined. Informally, in the context of encryption the additional requirement is that given the ciphertext it is impossible to generate a different ciphertext so that the respective plaintexts are related. ..."
Abstract

Cited by 490 (21 self)
 Add to MetaCart
The notion of nonmalleable cryptography, an extension of semantically secure cryptography, is defined. Informally, in the context of encryption the additional requirement is that given the ciphertext it is impossible to generate a different ciphertext so that the respective plaintexts are related
Nonmalleable codes from twosource extractors. Unpublished manuscript
, 2013
"... Abstract. We construct an efficient informationtheoretically nonmalleable code in the splitstate model for onebit messages. Nonmalleable codes were introduced recently by Dziembowski, Pietrzak and Wichs (ICS 2010), as a general tool for storing messages securely on hardware that can be subject t ..."
Abstract

Cited by 21 (3 self)
 Add to MetaCart
/4 of the length of the codeword. Our code is based on the innerproduct twosource extractor, but in general it can be instantiated by any twosource extractor that has large output and has the property of being flexible, which is a new notion that we define. We also show that the nonmalleable codes for one
NonMalleable Extractors with Shorter Seeds and Privacy Amplication
"... Abstract. Motivated by the problem of how to communicate over a public channel with an active adversary, Dodis and Wichs [DW09] introduced the notion of a nonmalleable extractor. A nonmalleable extractor nmExt: {0, 1}n × {0, 1}d → {0, 1}m takes two inputs, a weaklyrandom W and a uniformly random ..."
Abstract
 Add to MetaCart
random seed S, and outputs a string which is nearly uniform, given S as well as nmExt(W,A(S)), for an arbitrary function A with A(S) ̸ = S. In this paper, we improve the error estimation of Raz’s extractor, which plays an extremely important role in the constraints of the nonmalleable extractor
NonMalleable Extractors with Short Seeds and Applications to Privacy Amplification
"... Motivated by the classical problem of privacy amplification, Dodis and Wichs (STOC ’09) introduced the notion of a nonmalleable extractor, significantly strengthening the notion of a strong extractor. A nonmalleable extractor is a function nmExt: {0, 1} n × {0, 1} d → {0, 1} m that takes two input ..."
Abstract

Cited by 16 (1 self)
 Add to MetaCart
was recently provided by Li, Wooley and Zuckerman (arXiv:1102.5415 ’11). Their extractor works for any weak source with minentropy rate 1/2 + δ, where δ> 0 is an arbitrary constant, and outputs up to a linear number of bits, but suffers from two drawbacks. First, the length of its seed is linear
Nonmalleable extractors and symmetric key cryptography from weak secrets
 In Proceedings of the 41stACM Symposium on the Theory of Computing
, 2009
"... We study the question of basing symmetric key cryptography on weak secrets. In this setting, Alice and Bob share an nbit secret W, which might not be uniformly random, but the adversary has at least k bits of uncertainty about it (formalized using conditional minentropy). Since standard symmetrick ..."
Abstract

Cited by 38 (12 self)
 Add to MetaCart
in the information theoretic setting where the attacker is computationally unbounded. We show that singleround (i.e. one message) protocols do not work when k ≤ n 2, and require poor parameters even when n 2 < k ≪ n. On the other hand, for arbitrary values of k, we design a communication efficient two
Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. Technical Report 2003/235, Cryptology ePrint archive, http://eprint.iacr.org, 2006. Previous version appeared at EUROCRYPT 2004
 34 [DRS07] [DS05] [EHMS00] [FJ01] Yevgeniy Dodis, Leonid Reyzin, and Adam
, 2004
"... We provide formal definitions and efficient secure techniques for • turning noisy information into keys usable for any cryptographic application, and, in particular, • reliably and securely authenticating biometric data. Our techniques apply not just to biometric information, but to any keying mater ..."
Abstract

Cited by 532 (38 self)
 Add to MetaCart
material that, unlike traditional cryptographic keys, is (1) not reproducible precisely and (2) not distributed uniformly. We propose two primitives: a fuzzy extractor reliably extracts nearly uniform randomness R from its input; the extraction is errortolerant in the sense that R will be the same even
Fuzzy extractors
 In Security with Noisy Data
, 2007
"... This chapter presents a general approach for handling secret biometric data in cryptographic applications. The generality manifests itself in two ways: we attempt to minimize the assumptions we make about the data, and to present techniques that are broadly applicable wherever biometric inputs are u ..."
Abstract

Cited by 5 (2 self)
 Add to MetaCart
are used. Because biometric data comes from a variety of sources that are mostly outside of anyone’s control, it is prudent to assume as little as possible about how they are distributed; in particular, an adversary may know more about a distribution than a system’s designers and users. Of course, one may
An Algebraic Approach to NonMalleability
"... In their seminal work on nonmalleable cryptography, Dolev, Dwork and Naor, showed how to construct a nonmalleable commitment with logarithmicallymany "rounds"/"slots", the idea being that any adversary may successfully maul in some slots but would fail in at least one. Since t ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
then new ideas have been introduced, ultimately resulting in constantround protocols based on any oneway function. Yet, in spite of this remarkable progress, each of the known constructions of nonmalleable commitments leaves something to be desired. In this paper we propose a new technique that allows
Results 1  10
of
122,825