Results 1  10
of
26,265
NonMalleable Cryptography
 SIAM Journal on Computing
, 2000
"... The notion of nonmalleable cryptography, an extension of semantically secure cryptography, is defined. Informally, in the context of encryption the additional requirement is that given the ciphertext it is impossible to generate a different ciphertext so that the respective plaintexts are related. ..."
Abstract

Cited by 490 (21 self)
 Add to MetaCart
The notion of nonmalleable cryptography, an extension of semantically secure cryptography, is defined. Informally, in the context of encryption the additional requirement is that given the ciphertext it is impossible to generate a different ciphertext so that the respective plaintexts are related
NonMalleable Extractors with Shorter Seeds and Privacy Amplication
"... Abstract. Motivated by the problem of how to communicate over a public channel with an active adversary, Dodis and Wichs [DW09] introduced the notion of a nonmalleable extractor. A nonmalleable extractor nmExt: {0, 1}n × {0, 1}d → {0, 1}m takes two inputs, a weaklyrandom W and a uniformly random ..."
Abstract
 Add to MetaCart
parameters including the seed length. Then we present an improved explicit construction of nonmalleable extractors, where the seed length is shorter than that by Cohen, Raz and Segev [CCC12]. More precisely, we construct an explicit (1016, 1 2) − 1−nonmalleable extractor nmExt: {0, 1}210 × {0, 1}d → {0
New and improved constructions of nonmalleable cryptographic protocols
 In 37th Annual ACM Symposium on Theory of Computing
, 2005
"... We present a new constant round protocol for nonmalleable zeroknowledge. Using this protocol as a subroutine, we obtain a new constantround protocol for nonmalleable commitments. Our constructions rely on the existence of (standard) collision resistant hash functions. Previous constructions eith ..."
Abstract

Cited by 54 (18 self)
 Add to MetaCart
We present a new constant round protocol for nonmalleable zeroknowledge. Using this protocol as a subroutine, we obtain a new constantround protocol for nonmalleable commitments. Our constructions rely on the existence of (standard) collision resistant hash functions. Previous constructions
Nonmalleable extractors and symmetric key cryptography from weak secrets
 In Proceedings of the 41stACM Symposium on the Theory of Computing
, 2009
"... We study the question of basing symmetric key cryptography on weak secrets. In this setting, Alice and Bob share an nbit secret W, which might not be uniformly random, but the adversary has at least k bits of uncertainty about it (formalized using conditional minentropy). Since standard symmetrick ..."
Abstract

Cited by 38 (12 self)
 Add to MetaCart
round (challengeresponse) protocol extracting nearly k random bits. This dramatically improves the previous construction of Renner and Wolf [RW03], which requires Θ(λ + log(n)) rounds where λ is the security parameter. Our solution takes a new approach by studying and constructing “nonmalleable” seeded
Nonmalleable codes from twosource extractors. Unpublished manuscript
, 2013
"... Abstract. We construct an efficient informationtheoretically nonmalleable code in the splitstate model for onebit messages. Nonmalleable codes were introduced recently by Dziembowski, Pietrzak and Wichs (ICS 2010), as a general tool for storing messages securely on hardware that can be subject t ..."
Abstract

Cited by 21 (3 self)
 Add to MetaCart
Abstract. We construct an efficient informationtheoretically nonmalleable code in the splitstate model for onebit messages. Nonmalleable codes were introduced recently by Dziembowski, Pietrzak and Wichs (ICS 2010), as a general tool for storing messages securely on hardware that can be subject
Concurrent NonMalleable Zero Knowledge
 In Proceedings of the 47th Annual IEEE Symposium on Foundations of Computer Science
, 2006
"... We provide the first construction of a concurrent and nonmalleable zero knowledge argument for every language inNP. We stress that our construction is in the plain model with no common random string, trusted parties, or superpolynomial simulation. That is, we construct a zero knowledge protocol Π ..."
Abstract

Cited by 12 (0 self)
 Add to MetaCart
We provide the first construction of a concurrent and nonmalleable zero knowledge argument for every language inNP. We stress that our construction is in the plain model with no common random string, trusted parties, or superpolynomial simulation. That is, we construct a zero knowledge protocol
Leakageresilient nonmalleable codes
, 2014
"... A recent trend in cryptography is to construct cryptosystems that are secure against physical attacks. Such attacks are usually divided into two classes: the leakage attacks in which the adversary obtains some information about the internal state of the machine, and the tampering attacks where the a ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
the adversary can modify this state. One of the popular tools used to provide tamperresistance are the nonmalleable codes introduced by Dziembowski, Pietrzak and Wichs (ICS 2010). These codes can be defined in several variants, but arguably the most natural of them are the informationtheoretically secure
Completely nonmalleable encryption revisited
 PKC 2008, LNCS
, 2008
"... Abstract. Several security notions for publickey encryption schemes have been proposed so far, in particular considering the powerful adversary that can play a so called “maninthemiddle ” attack. In this paper we extend the notion of completely nonmalleable encryption introduced in [Fischlin, ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
, ICALP 05]. This notion immunizes a scheme from adversaries that can generate related ciphertexts under new public keys. This notion is motivated by its powerful features when encryption schemes are used as subprotocols. While in [Fischlin, ICALP 05] the only notion of simulationbased completely nonmalleable
Capacity of nonmalleable codes
, 2013
"... Nonmalleable codes, introduced by Dziembowski, Pietrzak and Wichs (ICS 2010), encode messages s in a manner so that tampering the codeword causes the decoder to either output s or a message that is independent of s. While this is an impossible goal to achieve against unrestricted tampering function ..."
Abstract

Cited by 6 (2 self)
 Add to MetaCart
w.h.p. by a randomized construction). • We show the existence of families of size exp(n O(1) 2 αn) against which there is no nonmalleable code of rate 1 − α (in fact this is the case w.h.p for a random family of this size). • We also show that 1 − α is the best achievable rate for the family
A New Family of Practical NonMalleable Protocols
, 2011
"... Nowadays, achieving cryptosystems secure in an asynchronous network like the Internet is demanded to be necessary, where concurrent nonmalleable proofofknowledge and universal composability are among the most powerful and fundamental security properties. But, when achieving more and more complex ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Nowadays, achieving cryptosystems secure in an asynchronous network like the Internet is demanded to be necessary, where concurrent nonmalleable proofofknowledge and universal composability are among the most powerful and fundamental security properties. But, when achieving more and more complex
Results 1  10
of
26,265