G22.3033-013 Exposure-resilient Cryptography
نویسنده
چکیده
We continue our discussion of Verifiable Secret Sharing, giving two instantiations of the general schema from the last lecture. First, using Commit(x) = g: Feldman VSS, which leaks nothing but g and is perfect binding. Second, using Perdersen’s commitment Commit(x; r) = gh: Pedersen VSS. Next, we turn to the problem of adaptive security. We describe an adaptively secure Feldman VSS using trapdoor commitments and discuss adaptive security of Pedersen VSS (which is already based on a trapdoor commitment). We give a protocol for generating the trapdoor base h.
منابع مشابه
G22.3033-013 Exposure-resilient Cryptography 2 Proactive Security
Today, we will conclude our discussion of threshold schemes, describing some results from Dodis & Katz (2005). We define proactive security and share refreshing, giving examples for discrete-log based cryptosystems. We describe generic threshhold signature and encryption schemes. We explore Multiple-CCA (MCCA) security and failure of sequential or parallel encryption to acheive it. We give one ...
متن کاملDeterministic Extractors for Bit-Fixing Sources and Exposure-Resilient Cryptography
We give an efficient deterministic algorithm that extracts Ω(n2γ) almost-random bits from sources where n 1 2 +γ of the n bits are uniformly random and the rest are fixed in advance. This improves upon previous constructions, which required that at least n/2 of the bits be random in order to extract many bits. Our construction also has applications in exposure-resilient cryptography, giving exp...
متن کاملA new security proof for FMNV continuous non-malleable encoding scheme
A non-malleable code is a variant of an encoding scheme which is resilient to tampering attacks. The main idea behind non-malleable coding is that the adversary should not be able to obtain any valuable information about the message. Non-malleable codes are used in tamper-resilient cryptography and protecting memories against tampering attacks. Many different types of non-malleability have alre...
متن کاملExposure-resilient cryptography
We develop the notion of Exposure-Resilient Cryptography. While standard cryptographic definitions and constructions do not guarantee any security even if a tiny fraction of the secret entity (e.g., cryptographic key) is compromised, the objective of Exposure-Resilient Cryptography is to build information structures such that almost complete (intentional or unintentional) exposure of such a str...
متن کاملOn Extractors and Exposure-Resilient Functions for Sublogarithmic Entropy
We study deterministic extractors for bit-fixing sources (a.k.a. resilient functions) and exposure-resilient functions for small min-entropy. That is, of the n bits given as input to the function, k n bits are uniformly random and unknown to the adversary. We show that a random function is a resilient function with high probability if and only if k is at least roughly logn. In contrast, we show...
متن کامل