Results 1  10
of
24,205
D.: Nonmalleable codes
 In: ICS (2010
"... We introduce the notion of “nonmalleable codes ” which relaxes the notion of errorcorrection and errordetection. Informally, a code is nonmalleable if the message contained in a modified codeword is either the original message, or a completely unrelated value. In contrast to errorcorrection and ..."
Abstract

Cited by 45 (6 self)
 Add to MetaCart
correction and errordetection, nonmalleability can be achieved for very rich classes of modifications. We construct an efficient code that is nonmalleable with respect to modifications that effect each bit of the codeword arbitrarily (i.e. leave it untouched, flip it or set it to either 0 or 1), but independently
Capacity of nonmalleable codes
, 2013
"... Nonmalleable codes, introduced by Dziembowski, Pietrzak and Wichs (ICS 2010), encode messages s in a manner so that tampering the codeword causes the decoder to either output s or a message that is independent of s. While this is an impossible goal to achieve against unrestricted tampering function ..."
Abstract

Cited by 6 (2 self)
 Add to MetaCart
model which has received some attention recently) equals 1/2. We also give an efficient Monte Carlo construction of codes of rate close to 1 with polynomial time encoding and decoding that is nonmalleable against any fixed c> 0 and family F of size 2nc, in particular tampering functions with say
Leakageresilient nonmalleable codes
, 2014
"... A recent trend in cryptography is to construct cryptosystems that are secure against physical attacks. Such attacks are usually divided into two classes: the leakage attacks in which the adversary obtains some information about the internal state of the machine, and the tampering attacks where the a ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
the adversary can modify this state. One of the popular tools used to provide tamperresistance are the nonmalleable codes introduced by Dziembowski, Pietrzak and Wichs (ICS 2010). These codes can be defined in several variants, but arguably the most natural of them are the informationtheoretically secure
NonMalleable Extractors with Shorter Seeds and Privacy Amplication
"... Abstract. Motivated by the problem of how to communicate over a public channel with an active adversary, Dodis and Wichs [DW09] introduced the notion of a nonmalleable extractor. A nonmalleable extractor nmExt: {0, 1}n × {0, 1}d → {0, 1}m takes two inputs, a weaklyrandom W and a uniformly random ..."
Abstract
 Add to MetaCart
parameters including the seed length. Then we present an improved explicit construction of nonmalleable extractors, where the seed length is shorter than that by Cohen, Raz and Segev [CCC12]. More precisely, we construct an explicit (1016, 1 2) − 1−nonmalleable extractor nmExt: {0, 1}210 × {0, 1}d → {0
An Algebraic Approach to NonMalleability
"... In their seminal work on nonmalleable cryptography, Dolev, Dwork and Naor, showed how to construct a nonmalleable commitment with logarithmicallymany "rounds"/"slots", the idea being that any adversary may successfully maul in some slots but would fail in at least one. Since t ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
us to construct a nonmalleable protocol with only a single slot", and to improve in at least one aspect over each of the previously proposed protocols. Two direct byproducts of our new ideas are a four round nonmalleable commitment and a four round nonmalleable zeroknowledge argument
NonMalleable Extractors, TwoSource Extractors and Privacy Amplification
, 2012
"... Dodis and Wichs [DW09] introduced the notion of a nonmalleable extractor to study the problem of privacy amplification with an active adversary. A nonmalleable extractor is a much stronger version of a strong extractor. Given a weaklyrandom string x and a uniformly random seed y as the inputs, th ..."
Abstract

Cited by 12 (2 self)
 Add to MetaCart
two known constructions of nonmalleable extractors [DLWZ11, CRS12]. Both constructions only work for (n,k)sources with k> n/2. Interestingly, both constructions are also twosource extractors. In this paper, we present a strong connection between nonmalleable extractors and twosource extractors
NonMalleable Obfuscation
"... Existing definitions of program obfuscation do not rule out malleability attacks, where an adversary that sees an obfuscated program is able to generate another (potentially obfuscated) program that is related to the original one in some way. We formulate two natural flavors of nonmalleability requ ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Existing definitions of program obfuscation do not rule out malleability attacks, where an adversary that sees an obfuscated program is able to generate another (potentially obfuscated) program that is related to the original one in some way. We formulate two natural flavors of nonmalleability
Nonmalleable codes from twosource extractors. Unpublished manuscript
, 2013
"... Abstract. We construct an efficient informationtheoretically nonmalleable code in the splitstate model for onebit messages. Nonmalleable codes were introduced recently by Dziembowski, Pietrzak and Wichs (ICS 2010), as a general tool for storing messages securely on hardware that can be subject t ..."
Abstract

Cited by 21 (3 self)
 Add to MetaCart
/4 of the length of the codeword. Our code is based on the innerproduct twosource extractor, but in general it can be instantiated by any twosource extractor that has large output and has the property of being flexible, which is a new notion that we define. We also show that the nonmalleable codes for one
New and improved constructions of nonmalleable cryptographic protocols
 In 37th Annual ACM Symposium on Theory of Computing
, 2005
"... We present a new constant round protocol for nonmalleable zeroknowledge. Using this protocol as a subroutine, we obtain a new constantround protocol for nonmalleable commitments. Our constructions rely on the existence of (standard) collision resistant hash functions. Previous constructions eith ..."
Abstract

Cited by 54 (18 self)
 Add to MetaCart
We present a new constant round protocol for nonmalleable zeroknowledge. Using this protocol as a subroutine, we obtain a new constantround protocol for nonmalleable commitments. Our constructions rely on the existence of (standard) collision resistant hash functions. Previous constructions
Nonmalleable Codes from Additive Combinatorics
, 2013
"... Nonmalleable codes provide a useful and meaningful security guarantee in situations where traditional errorcorrection (and even errordetection) is impossible; for example, when the attacker can completely overwrite the encoded message. Informally, a code is nonmalleable if the message contained ..."
Abstract

Cited by 19 (5 self)
 Add to MetaCart
, motivating the question of designing efficient nonmalleable codes in this model. Prior to this work, nonmalleable codes in the splitstate model received considerable attention in the literature, but were constructed either (1) in the random oracle model [14], or (2) relied on advanced cryptographic
Results 1  10
of
24,205