Results 1  10
of
33
Failstop Signatures and their Application
, 1991
"... . The unforgeability of conventional digital signatures is necessarily based on complexity theoretic assumptions, i.e. even the most secure schemes can be broken by an adversary with unexpected computing abilities. Thus we introduce failstop signatures: They are as unforgeable as the best conventio ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
. The unforgeability of conventional digital signatures is necessarily based on complexity theoretic assumptions, i.e. even the most secure schemes can be broken by an adversary with unexpected computing abilities. Thus we introduce failstop signatures: They are as unforgeable as the best
Failstop Signatures; Principles and Applications
 Proceedings of COMPUSEC ’91, Eighth World Conference on Computer Security, Audit, and Control, Elsevier Science Publishers
, 1991
"... Digital signatures are necessary wherever legal certainty is to be achieved for digital message exchange. However, the unforgeability of conventional digital signatures is necessarily based on complexity theoretic assumptions. That is, even the most secure schemes can be broken by an adversary with ..."
Abstract

Cited by 6 (2 self)
 Add to MetaCart
with unexpected computing abilities, e.g., one who can factor unexpectedly large numbers. Failstop signatures improve upon this: They are as unforgeable as the best conventional signatures; but if someone nevertheless succeeds in forging a signature, this can be proved by the supposed signer. Thus one can
Factorizationbased FailStop Signatures Revisited
, 2004
"... Failstop signature (FSS) schemes are important primitives because in a failstop signature scheme the signer is protected against unlimited powerful adversaries as follows: Even if an adversary breaks the scheme's underlying computational hard problem and hence forges a signature, then with ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
Failstop signature (FSS) schemes are important primitives because in a failstop signature scheme the signer is protected against unlimited powerful adversaries as follows: Even if an adversary breaks the scheme's underlying computational hard problem and hence forges a signature
Factorizationbased FailStop Signatures Revisited
"... Failstop signature (FSS) schemes are important primitives because in a failstop signature scheme the signer is protected against unlimited powerful adversaries as follows: Even if an adversary breaks the scheme’s underlying computational hard problem and hence forges a signature, then with overw ..."
Abstract
 Add to MetaCart
Failstop signature (FSS) schemes are important primitives because in a failstop signature scheme the signer is protected against unlimited powerful adversaries as follows: Even if an adversary breaks the scheme’s underlying computational hard problem and hence forges a signature
Mathematical Systems Theory ©1993 SpringerVerlag New York Inc. A Partial Equivalence Between SharedMemory and MessagePassing in an Asynchronous FailStop Distributed Environment*
"... Abstract. This paper presents a schematic algorithm for distributed systems. This schematic algorithm uses a "blackbox " procedure for communication, the output of which must meet two requirements: a globalorder requirement and a deadlockfree requirement. This algorithm is valid ..."
Abstract
 Add to MetaCart
and Herlihy [AH] in the sharedmemory model. This solution is the fastest known randomized algorithm that solves the consensus problem against a strong failstop adversary with onehalf resiliency. Second,
Perfectly Reliable and Secure Communication in Directed Networks Tolerating Mixed Adversary
"... In this paper we study the problem of Perfectly Reliable Message Transmission (PRMT) and Perfectly Secure Message Transmission (PSMT) between two nodes S and R in a synchronous network, where S and R are connected by some vertex disjoint paths called wires such that each wire acts as a oneway channe ..."
Abstract
 Add to MetaCart
channel facilitating communication either from S to R or viceversa. Some of these wires may be corrupted by a mixed adversary (tb, tf), having unbounded computing power, who can corrupt tb, tf wires in Byzantine and failstop fashion respectively. In spite of the presence of such an adversary, S wants
On the BlackBox Complexity of OptimallyFair Coin Tossing
"... Abstract. A fair twoparty coin tossing protocol is one in which both parties output the same bit that is almost uniformly distributed (i.e., it equals 0 and 1 with probability that is at most negligibly far from one half). It is well known that it is impossible to achieve fair coin tossing even in ..."
Abstract

Cited by 14 (6 self)
 Add to MetaCart
in the presence of failstop adversaries (Cleve, FOCS 1986). In fact, Cleve showed that for every coin tossing protocol running for r rounds, an efficient failstop adversary can bias the output by Ω(1/r). Since this is the best possible, a protocol that limits the bias of any adversary to O(1/r) is called
Beyond FailStop: WaitFree Serializability and Resiliency in the Presence of SlowDown Failures
, 1990
"... Historically, database researchers have dealt with two kinds of process failures: failstop failures and malicious failures. Under the failstop assumption, processes fail by halting. Such failures are easily detectable. Under the malicious (or Byzantine) failure assumption, processes fail by beh ..."
Abstract
 Add to MetaCart
by behaving unpredictably, perhaps as adversaries. Such failures are not necessarily detectable. When system designers discuss fault tolerance, they typically restrict themselves to the problem of handling failstop failures only. This paper proposes an intermediate failure model and presents a practical
TopologyHiding Computation
, 2015
"... Secure Multiparty Computation (MPC) is one of the foundational achievements of modern cryptography, allowing multiple, distrusting, parties to jointly compute a function of their inputs, while revealing nothing but the output of the function. Following the seminal works of Yao and Goldreich, Mical ..."
Abstract
 Add to MetaCart
for failstop adversaries, there are some strong impossibility results. Despite this, we show that protocols for topologyhiding computation can be constructed in the semihonest and failstop models, if we somewhat restrict the set of nodes the adversary may corrupt.
A Full Characterization of Functions that Imply Fair Coin Tossing and Ramifications to Fairness ∗
, 2013
"... It is well known that it is impossible for two parties to toss a coin fairly (Cleve, STOC 1986). This result implies that it is impossible to securely compute with fairness any function that can be used to toss a coin fairly. In this paper, we focus on the class of deterministic Boolean functions wi ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
by the impossibility result of Cleve (which is the only known impossibility result for fairness). In addition to the above, we draw corollaries to the feasibility of achieving fairness in two possible failstop models. Keywords: Fairness, coin tossing, secure computation, malicious and failstop adversaries
Results 1  10
of
33