We describe the first domain extender for ideal ciphers, i.e. we show a construction that is indifferentiable from a 2n-bit ideal cipher, given a n-bit ideal cipher. Our construction is based on a 3round Feistel, and is more efficient than first building a n-bit random oracle from a n-bit ideal cipher (as in [6]) and then a 2n-bit ideal cipher from a n-bit random oracle (as in [7], using a 6-ro...

Public-key encryption schemes with non-interactive opening (PKENO) allow a receiver who received a ciphertext c to non-interactively convince third parties that the decryption of c is what he has claimed, without compromising the scheme’s security. In this work, we present a generic construction from identity-based encryption scheme, which is secure against selective-ID and chosen plaintext att...

Garg, Gentry and Halevi (GGH) described the first candidate multilinear maps using ideal lattices. However, Hu and Jia presented an efficient attack on GGH map, which breaks the GGH-based applications of multipartite key exchange (MPKE) and witness encryption (WE) based on the hardness of 3-exact cover problem. We describe a new construction of multilinear map using random matrix, which support...

We prove that the 5-round iterated Even-Mansour (IEM) construction with a non-idealized key-schedule (such as the trivial keyschedule, where all round keys are equal) is indifferentiable from an ideal cipher. In a separate result, we also prove that five rounds are necessary by describing an attack against the corresponding 4-round construction. This closes the gap regarding the exact number of...

We study an adaptive variant of oblivious transfer in which a sender has N messages, of which a receiver can adaptively choose to receive k one-after-the-other, in such a way that (a) the sender learns nothing about the receiver’s selections, and (b) the receiver only learns about the k requested messages. We propose two practical protocols for this primitive that achieve a stronger security no...

We have shown how, at a cost of about 2 calls to the MD5 compression function, for any two target messages m1 and m2, values b1 and b2 can be constructed such that the concatenated values m1‖b1 and m2‖b2 collide under MD5. Although the practical attack potential of this construction of target collisions is limited, it is of greater concern than random collisions for MD5. In this note we sketch ...

The construction industry’s high demand for natural resources, combined with the waste generated by agriculture, creates an opportunity circular economy. This experiment used CaCO3 found in scallop shells as ingredient manufacture of fire-resistant materials, replacing gypsum compositions 40% and 50% weight. mechanical compressive strength was estimated both freeze-thaw cycles acid sulfate atta...

background: previous literatures have shown a transient ischemic attack  (tia) mimic rate  of 9-31%. we aimed  to ascertain the proportion of stroke mimics amongst suspected tia patients. methods: a prospective observational study was performed in   ghaem   hospital,   mashhad,   iran   during   2012-2013. consecutive tia patients  were identified in a stroke center. the  initial diagnosis  of ...

The blades of wind turbines are the most important parts in producing power output. In this study, a section of a 660 KW wind turbine blade will be installed in Iran in near future was tested in a wind tunnel. In addition to steady tests, various unsteady tests including the effects of reduced frequency, mean angle of attack, and amplitudes were carried out. The preliminary results show strong ...

cerebrovascular attack (cva) and transient ischemic attack (tia) are major causes of emergency department visits around the globe. a significant number of these patients may experience repeat attacks if left untreated. several risk stratifying scoring systems have been developed in recent years to point out the high risk patients. abcd 2 is based on age, blood pressure, clinical status, diabete...