Kamara Lectures 6 + 7 : Zero - Leakage Solutions
نویسنده
چکیده
In the first lecture we covered—at a high level—several ways to search on encrypted data. We also mentioned that for all solutions, there is a tradeoff between efficiency, security and expressiveness. Here we will cover one extreme of the solution space: the zero-leakage or leakage-free solutions. Note that by zero-leakage we do not mean that nothing is leaked. Rather, what we mean is that what is leaked can be derived efficiently from the security parameter. We can build zero-leakage solutions from a primitive called oblivious RAM (ORAM). There are several ways to design ORAMs. The first is based fully-homomorphic encryption (FHE) and the second is based only on symmetric-key encryption (SKE). SKE-based ORAMs have received a lot of attention and there are many different constructions that achieve different levels of efficiency. In these notes we will discuss the FHE-based ORAM construction and the first and simplest SKE-based ORAM called the square-root solution. Then we will see how to use ORAM for encrypted search.
منابع مشابه
Leakage-Resilient Identification Schemes from Zero-Knowledge Proofs of Storage
We provide a framework for constructing leakage-resilient identification (ID) protocols in the bounded retrieval model (BRM) from proofs of storage (PoS) that hide partial information about the file. More precisely, we describe a generic transformation from any zero-knowledge PoS to a leakage-resilient ID protocol in the BRM. We then describe a ZK-PoS based on RSA which, under our transformatio...
متن کاملKamara Lectures 2 + 3 : Provable Security
The design of cryptographic algorithms presents certain unique challenges. Over time, we have learned that our intuition about what is secure and what is not is very poor. The history of cryptography is filled with examples of cryptosystems that were thought to be highly-secure but turned out to be completely broken. In addition, unlike other areas of computer science, we have no way of testing...
متن کاملOscillations and irregular persistent firing patterns in a homogeneous network of excitatory stochastic neurons with gap junctions in the mean-field limit
We study systematically a recently developed mathematical model for networks of excitatory stochastic point spiking neurons in the mean-field limit. The neurons are leaky and connected by uniform connectivity strengths of both passive electrical (gap junctions) and chemical synapses, and they emit a spike with a firing rate probability that depends on their actual membrane potential. This allow...
متن کاملX iv : s ol v - in t / 9 70 10 02 v 1 3 0 D ec 1 99 6 Painlevé equations in terms of entire functions ∗
In these lectures we discuss how the Painlevé equations can be written in terms of entire functions, and then in the Hirota bilinear (or multilinear) form. Hirota’s method, which has been so useful in soliton theory, is reviewed and connections from soliton equations to Painlevé equations through similarity reductions are discussed from this point of view. In the main part we discuss how singul...
متن کاملTwistor Theory Lectures: solutions to selected exercises
U+ = {[λ1̇ : λ2̇]|λ1̇ 6= 0}, φ+ : [λ1̇ : λ2̇] 7→ λ2̇ λ1̇ = λ+, U− = {[λ1̇ : λ2̇]|λ2̇ 6= 0}, φ− : [λ1̇ : λ2̇] 7→ λ1̇ λ2̇ = λ−. We can immediately see that on the overlap U+ ∩U− we have that λ+ = λ−1 − . We can immediately compute that the map ψ+− = φ+ ◦ φ−1 − : φ−(U+ ∩ U−)→ φ+(U+ ∩ U−) satisfies ψ+−(λ−) = φ+ ◦ φ−1 − ◦ φ−([λ1̇ : λ2̇]) = φ0([λ1̇ : λ2̇]) = λ+. (1.2) To understand the bundle O(−1) we consider the two...
متن کامل