Results 1  10
of
976,508
Continuous NonMalleable Key Derivation and Its Application to RelatedKey Security?
"... Abstract. RelatedKey Attacks (RKAs) allow an adversary to observe the outcomes of a cryptographic primitive under not only its original secret key e.g., s, but also a sequence of modified keys φ(s), where φ is specified by the adversary from a class Φ of socalled RelatedKey Derivation (RKD) funct ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
) functions. This paper extends the notion of nonmalleable Key Derivation Functions (nmKDFs), introduced by Faust et al. (EUROCRYPT’14), to continuous nmKDFs. Continuous nmKDFs have the ability to protect against any apriori unbounded number of RKA queries, instead of just a single time tampering attack
SelfDestruct NonMalleability
, 2014
"... We introduce a new security notion for publickey encryption (PKE) that we dub nonmalleability under (chosenciphertext) selfdestruct attacks (NMSDA), which appears to be the strongest natural PKE security notion below fullblown chosenciphertext (INDCCA) security. In this notion, the adversa ..."
Abstract
 Add to MetaCart
We introduce a new security notion for publickey encryption (PKE) that we dub nonmalleability under (chosenciphertext) selfdestruct attacks (NMSDA), which appears to be the strongest natural PKE security notion below fullblown chosenciphertext (INDCCA) security. In this no
An Algebraic Approach to NonMalleability
"... In their seminal work on nonmalleable cryptography, Dolev, Dwork and Naor, showed how to construct a nonmalleable commitment with logarithmicallymany "rounds"/"slots", the idea being that any adversary may successfully maul in some slots but would fail in at least one. Since t ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
In their seminal work on nonmalleable cryptography, Dolev, Dwork and Naor, showed how to construct a nonmalleable commitment with logarithmicallymany "rounds"/"slots", the idea being that any adversary may successfully maul in some slots but would fail in at least one. Since
NonMalleable Obfuscation
"... Existing definitions of program obfuscation do not rule out malleability attacks, where an adversary that sees an obfuscated program is able to generate another (potentially obfuscated) program that is related to the original one in some way. We formulate two natural flavors of nonmalleability requ ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Existing definitions of program obfuscation do not rule out malleability attacks, where an adversary that sees an obfuscated program is able to generate another (potentially obfuscated) program that is related to the original one in some way. We formulate two natural flavors of nonmalleability
Concurrent NonMalleable Witness Indistinguishability and Its Applications
, 2006
"... One of the central questions in Cryptography today is proving security of the protocols "on the Internet", i.e., in a concurrent setting where there are multiple interactions between players, and where the adversary can play so called "maninthemiddle" attacks, forwarding an ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
and modifying messages between two or more unsuspecting players. Indeed, the main challenge in this setting is to provide security with respect to adaptive concurrent composition of protocols and also the nonmalleability property, where the "maninthemiddle" attacks are prevented. Despite much
Tamper Detection and Continuous NonMalleable Codes
, 2014
"... We consider a public and keyless code (Enc,Dec) which is used to encode a message m and derive a codeword c = Enc(m). The codeword can be adversarially tampered via a function f ∈ F from some “tampering function family ” F, resulting in a tampered value c ′ = f(c). We study the different types of s ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
also be made efficient when F  = 2poly(n). For example, F can be the family of all lowdegree polynomials excluding constant and identity polynomials. Such tamperdetection codes generalize the algebraic manipulation detection (AMD) codes of Cramer et al. (EUROCRYPT ’08). Next, we revisit nonmalleable
A New Family of Practical NonMalleable Protocols
, 2011
"... Nowadays, achieving cryptosystems secure in an asynchronous network like the Internet is demanded to be necessary, where concurrent nonmalleable proofofknowledge and universal composability are among the most powerful and fundamental security properties. But, when achieving more and more complex ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Nowadays, achieving cryptosystems secure in an asynchronous network like the Internet is demanded to be necessary, where concurrent nonmalleable proofofknowledge and universal composability are among the most powerful and fundamental security properties. But, when achieving more and more complex
Foundations of nonmalleable hash and oneway functions
 In ASIACRYPT
, 2009
"... Nonmalleability is an interesting and useful property which ensures that a cryptographic protocol preserves the independence of the underlying values: given for example an encryption E(m) of some unknown message m, it should be hard to transform this ciphertext into some encryption E(m ∗ ) of a rel ..."
Abstract

Cited by 11 (1 self)
 Add to MetaCart
(which our construction bypasses due to the “nonblackbox ” NIZKPoK). We exemplify the usefulness of our definition in cryptographic applications by showing that nonmalleability is necessary and sufficient to securely replace one of the two random oracles
NonMalleable Encryption: Simpler, Shorter, Stronger
"... In a seminal paper, Dolev et al. [15] introduced the notion of nonmalleable encryption (NMCPA). This notion is very intriguing since it suffices for many applications of chosenciphertext secure encryption (INDCCA), and, yet, can be generically built from semantically secure (INDCPA) encryption ..."
Abstract
 Add to MetaCart
In a seminal paper, Dolev et al. [15] introduced the notion of nonmalleable encryption (NMCPA). This notion is very intriguing since it suffices for many applications of chosenciphertext secure encryption (INDCCA), and, yet, can be generically built from semantically secure (IND
Results 1  10
of
976,508