Results 1  10
of
3,122
Threshold Decryption and ZeroKnowledge Proofs for
"... Abstract. We present a variant of Regev’s cryptosystem first presented in [Reg05], but with a new choice of parameters. By a recent classical reduction by Peikert we prove the scheme semantically secure based on the worstcase lattice problem GapSVP. From this we construct a threshold cryptosystem w ..."
Abstract

Cited by 8 (1 self)
 Add to MetaCart
key generation protocol. In the final part of the paper, we show how one can, in zeroknowledge prove knowledge of the plaintext contained in a given ciphertext from Regev’s original cryptosystem or our Cryptography based on lattice problems is one of the most important examples of techniques holding
A LatticeBased Cryptosystem and Proof of Knowledge on Its Secret Key
, 2007
"... We propose a latticebased cryptosystem by modifying the Regev’05 cryptosystem (STOC 2005), and design a proof of secretkey knowledge. Latticebased publickey identification schemes have already been proposed, however, it is unknown that their public keys can be used for the public keys of encrypt ..."
Abstract
 Add to MetaCart
We propose a latticebased cryptosystem by modifying the Regev’05 cryptosystem (STOC 2005), and design a proof of secretkey knowledge. Latticebased publickey identification schemes have already been proposed, however, it is unknown that their public keys can be used for the public keys
Latticebased Cryptography
, 2008
"... In this chapter we describe some of the recent progress in latticebased cryptography. Latticebased cryptographic constructions hold a great promise for postquantum cryptography, as they enjoy very strong security proofs based on worstcase hardness, relatively efficient implementations, as well a ..."
Abstract

Cited by 67 (5 self)
 Add to MetaCart
In this chapter we describe some of the recent progress in latticebased cryptography. Latticebased cryptographic constructions hold a great promise for postquantum cryptography, as they enjoy very strong security proofs based on worstcase hardness, relatively efficient implementations, as well
IdentityBased Encryption from the Weil Pairing
, 2001
"... We propose a fully functional identitybased encryption scheme (IBE). The scheme has chosen ciphertext security in the random oracle model assuming an elliptic curve variant of the computational DiffieHellman problem. Our system is based on bilinear maps between groups. The Weil pairing on elliptic ..."
Abstract

Cited by 1699 (29 self)
 Add to MetaCart
We propose a fully functional identitybased encryption scheme (IBE). The scheme has chosen ciphertext security in the random oracle model assuming an elliptic curve variant of the computational DiffieHellman problem. Our system is based on bilinear maps between groups. The Weil pairing
Short Noninteractive ZeroKnowledge Proofs
, 2010
"... Abstract. We show that probabilistically checkable proofs can be used to shorten noninteractive zeroknowledge proofs. We obtain publicly verifiable noninteractive zeroknowledge proofs for circuit satisfiability with adaptive and unconditional soundness where the size grows quasilinearly in the ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
satisfiability based on the NaccacheStern cryptosystem consisting of a quasilinear number of bits. This yields the shortest known noninteractive zeroknowledge proof for circuit satisfiability. Keywords: Noninteractive zeroknowledge proofs, adaptive soundness, probabilistically checkable proofs, Naccache
Statistical zeroknowledge proofs with efficient provers: Lattice problems and more
 In CRYPTO
, 2003
"... Abstract. We construct several new statistical zeroknowledge proofs with efficient provers, i.e. ones where the prover strategy runs in probabilistic polynomial time given an NP witness for the input string. Our first proof systems are for approximate versions of the Shortest Vector Problem (SVP) a ..."
Abstract

Cited by 50 (10 self)
 Add to MetaCart
) and Closest Vector Problem (CVP), where the witness is simply a short vector in the lattice or a lattice vector close to the target, respectively. Our proof systems are in fact proofs of knowledge, and as a result, we immediately obtain efficient latticebased identification schemes which can be implemented
Lightweight ZeroKnowledge Proofs for CryptoComputing Protocols
"... Abstract Cryptocomputing is a set of wellknown techniques for computing with encrypted data. The security of the corresponding protocols are usually proven in the semihonest model. In this work, we propose a new class of zeroknowledge proofs, which are tailored for cryptocomputing protocols. Fir ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
. First, these proofs directly employ properties of the underlying crypto systems and thus many facts have more concise proofs compared to generic solutions. Second, we show how to achieve universal composability in the trusted setup model where all zeroknowledge proofs share the same system
Improved Zeroknowledge Proofs of Knowledge for the ISIS Problem, and Applications
"... Abstract. In all existing efficient proofs of knowledge of a solution to the infinity norm Inhomogeneous Small Integer Solution (ISIS ∞ ) problem, the knowledge extractor outputs a solution vector that is only guaranteed to be Õ(n) times longer than the witness possessed by the prover. As a conseque ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
proofs of knowledge for the ISIS ∞ problem that remove this gap. Our result yields the potential of relying on weaker security assumptions for various latticebased cryptographic constructions. As applications of our proof system, we introduce a concurrently secure identitybased identification scheme
Cryptographic Limitations on Learning Boolean Formulae and Finite Automata
 PROCEEDINGS OF THE TWENTYFIRST ANNUAL ACM SYMPOSIUM ON THEORY OF COMPUTING
, 1989
"... In this paper we prove the intractability of learning several classes of Boolean functions in the distributionfree model (also called the Probably Approximately Correct or PAC model) of learning from examples. These results are representation independent, in that they hold regardless of the syntact ..."
Abstract

Cited by 347 (15 self)
 Add to MetaCart
depth threshold circuits would have dramatic consequences for cryptography and number theory: in particular, such an algorithm could be used to break the RSA cryptosystem, factor Blum integers (composite numbers equivalent to 3 modulo 4), and detect quadratic residues. The results hold even if the learning
Results 1  10
of
3,122