Results 1  10
of
265,645
NonMalleable Cryptography
 SIAM Journal on Computing
, 2000
"... The notion of nonmalleable cryptography, an extension of semantically secure cryptography, is defined. Informally, in the context of encryption the additional requirement is that given the ciphertext it is impossible to generate a different ciphertext so that the respective plaintexts are related. ..."
Abstract

Cited by 490 (21 self)
 Add to MetaCart
. The same concept makes sense in the contexts of string commitment and zeroknowledge proofs of possession of knowledge. Nonmalleable schemes for each of these three problems are presented. The schemes do not assume a trusted center; a user need not know anything about the number or identity of other
Concurrent nonmalleable commitments
 In FOCS
, 2005
"... We present a nonmalleable commitment scheme that retains its security properties even when concurrently executed a polynomial number of times. That is, a maninthemiddle adversary who is simultaneously participating in multiple concurrent commitment phases of our scheme, both as a sender and as a ..."
Abstract

Cited by 42 (14 self)
 Add to MetaCart
We present a nonmalleable commitment scheme that retains its security properties even when concurrently executed a polynomial number of times. That is, a maninthemiddle adversary who is simultaneously participating in multiple concurrent commitment phases of our scheme, both as a sender
NonMalleability Amplification
 In 41st STOC
, 2009
"... We show a technique for amplifying commitment schemes that are nonmalleable with respect to identities of length t, into ones that are nonmalleable with respect to identities of length Ω(2 t), while only incurring a constant overhead in roundcomplexity. As a result we obtain a construction of O(1 ..."
Abstract

Cited by 17 (9 self)
 Add to MetaCart
We show a technique for amplifying commitment schemes that are nonmalleable with respect to identities of length t, into ones that are nonmalleable with respect to identities of length Ω(2 t), while only incurring a constant overhead in roundcomplexity. As a result we obtain a construction of O
D.: Nonmalleable codes
 In: ICS (2010
"... We introduce the notion of “nonmalleable codes ” which relaxes the notion of errorcorrection and errordetection. Informally, a code is nonmalleable if the message contained in a modified codeword is either the original message, or a completely unrelated value. In contrast to errorcorrection and ..."
Abstract

Cited by 45 (6 self)
 Add to MetaCart
We introduce the notion of “nonmalleable codes ” which relaxes the notion of errorcorrection and errordetection. Informally, a code is nonmalleable if the message contained in a modified codeword is either the original message, or a completely unrelated value. In contrast to error
An Algebraic Approach to NonMalleability
"... In their seminal work on nonmalleable cryptography, Dolev, Dwork and Naor, showed how to construct a nonmalleable commitment with logarithmicallymany "rounds"/"slots", the idea being that any adversary may successfully maul in some slots but would fail in at least one. Since t ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
In their seminal work on nonmalleable cryptography, Dolev, Dwork and Naor, showed how to construct a nonmalleable commitment with logarithmicallymany "rounds"/"slots", the idea being that any adversary may successfully maul in some slots but would fail in at least one. Since
Completely nonmalleable encryption revisited
 PKC 2008, LNCS
, 2008
"... Abstract. Several security notions for publickey encryption schemes have been proposed so far, in particular considering the powerful adversary that can play a so called “maninthemiddle ” attack. In this paper we extend the notion of completely nonmalleable encryption introduced in [Fischlin, ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
, the simplest notion we introduce (i.e., NMCPA*) in several cases suffices for the main application that motivated the introduction of the notion of NMCCA2 * security, i.e., the design of nonmalleable commitment schemes. Further the gamebased definition of NMCPA* security actually implies the simulation
Efficient and NonInteractive NonMalleable Commitment
, 2001
"... . We present new constructions of nonmalleable commitment schemes, in the public parameter model (where a trusted party makes parameters available to all parties), based on the discrete logarithm or RSA assumptions. The main features of our schemes are: they achieve nearoptimal communication f ..."
Abstract

Cited by 69 (9 self)
 Add to MetaCart
for arbitrarilylarge messages and are noninteractive. Previous schemes either required (several rounds of) interaction or focused on achieving nonmalleable commitment based on general assumptions and were thus efficient only when committing to a single bit. Although our main constructions are for the case
Noninteractive and Reusable NonMalleable Commitment Schemes
 In proceedings of STOC ’03
, 2003
"... We consider nonmalleable (NM) and universally composable (UC) commitment schemes in the common reference string (CRS) model. ..."
Abstract

Cited by 52 (6 self)
 Add to MetaCart
We consider nonmalleable (NM) and universally composable (UC) commitment schemes in the common reference string (CRS) model.
Textbook NonMalleable Commitments
"... We present a new nonmalleable commitment protocol. Our protocol has the following features: • The protocol has only three rounds of interaction. Pass (TCC 2013) showed an impossibility result for a tworound nonmalleable commitment scheme w.r.t. a blackbox reduction to any “standard" intract ..."
Abstract
 Add to MetaCart
We present a new nonmalleable commitment protocol. Our protocol has the following features: • The protocol has only three rounds of interaction. Pass (TCC 2013) showed an impossibility result for a tworound nonmalleable commitment scheme w.r.t. a blackbox reduction to any “standard
Results 1  10
of
265,645