---
_id: '6430'
abstract:
- lang: eng
text: "A proxy re-encryption (PRE) scheme is a public-key encryption scheme that
allows the holder of a key pk to derive a re-encryption key for any other key
\U0001D45D\U0001D458′. This re-encryption key lets anyone transform ciphertexts
under pk into ciphertexts under \U0001D45D\U0001D458′ without having to know the
underlying message, while transformations from \U0001D45D\U0001D458′ to pk should
not be possible (unidirectional). Security is defined in a multi-user setting
against an adversary that gets the users’ public keys and can ask for re-encryption
keys and can corrupt users by requesting their secret keys. Any ciphertext that
the adversary cannot trivially decrypt given the obtained secret and re-encryption
keys should be secure.\r\n\r\nAll existing security proofs for PRE only show selective
security, where the adversary must first declare the users it wants to corrupt.
This can be lifted to more meaningful adaptive security by guessing the set of
corrupted users among the n users, which loses a factor exponential in Open image
in new window , rendering the result meaningless already for moderate Open image
in new window .\r\n\r\nJafargholi et al. (CRYPTO’17) proposed a framework that
in some cases allows to give adaptive security proofs for schemes which were previously
only known to be selectively secure, while avoiding the exponential loss that
results from guessing the adaptive choices made by an adversary. We apply their
framework to PREs that satisfy some natural additional properties. Concretely,
we give a more fine-grained reduction for several unidirectional PREs, proving
adaptive security at a much smaller loss. The loss depends on the graph of users
whose edges represent the re-encryption keys queried by the adversary. For trees
and chains the loss is quasi-polynomial in the size and for general graphs it
is exponential in their depth and indegree (instead of their size as for previous
reductions). Fortunately, trees and low-depth graphs cover many, if not most,
interesting applications.\r\n\r\nOur results apply e.g. to the bilinear-map based
PRE schemes by Ateniese et al. (NDSS’05 and CT-RSA’09), Gentry’s FHE-based scheme
(STOC’09) and the LWE-based scheme by Chandran et al. (PKC’14)."
alternative_title:
- LNCS
article_processing_charge: No
author:
- first_name: Georg
full_name: Fuchsbauer, Georg
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
- first_name: Chethan
full_name: Kamath Hosdurg, Chethan
id: 4BD3F30E-F248-11E8-B48F-1D18A9856A87
last_name: Kamath Hosdurg
- first_name: Karen
full_name: Klein, Karen
id: 3E83A2F8-F248-11E8-B48F-1D18A9856A87
last_name: Klein
- first_name: Krzysztof Z
full_name: Pietrzak, Krzysztof Z
id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87
last_name: Pietrzak
orcid: 0000-0002-9139-1654
citation:
ama: 'Fuchsbauer G, Kamath Hosdurg C, Klein K, Pietrzak KZ. Adaptively secure proxy
re-encryption. In: Vol 11443. Springer Nature; 2019:317-346. doi:10.1007/978-3-030-17259-6_11'
apa: 'Fuchsbauer, G., Kamath Hosdurg, C., Klein, K., & Pietrzak, K. Z. (2019).
Adaptively secure proxy re-encryption (Vol. 11443, pp. 317–346). Presented at
the PKC: Public-Key Cryptograhy, Beijing, China: Springer Nature. https://doi.org/10.1007/978-3-030-17259-6_11'
chicago: Fuchsbauer, Georg, Chethan Kamath Hosdurg, Karen Klein, and Krzysztof Z
Pietrzak. “Adaptively Secure Proxy Re-Encryption,” 11443:317–46. Springer Nature,
2019. https://doi.org/10.1007/978-3-030-17259-6_11.
ieee: 'G. Fuchsbauer, C. Kamath Hosdurg, K. Klein, and K. Z. Pietrzak, “Adaptively
secure proxy re-encryption,” presented at the PKC: Public-Key Cryptograhy, Beijing,
China, 2019, vol. 11443, pp. 317–346.'
ista: 'Fuchsbauer G, Kamath Hosdurg C, Klein K, Pietrzak KZ. 2019. Adaptively secure
proxy re-encryption. PKC: Public-Key Cryptograhy, LNCS, vol. 11443, 317–346.'
mla: Fuchsbauer, Georg, et al. Adaptively Secure Proxy Re-Encryption. Vol.
11443, Springer Nature, 2019, pp. 317–46, doi:10.1007/978-3-030-17259-6_11.
short: G. Fuchsbauer, C. Kamath Hosdurg, K. Klein, K.Z. Pietrzak, in:, Springer
Nature, 2019, pp. 317–346.
conference:
end_date: 2019-04-17
location: Beijing, China
name: 'PKC: Public-Key Cryptograhy'
start_date: 2019-04-14
date_created: 2019-05-13T08:13:46Z
date_published: 2019-04-06T00:00:00Z
date_updated: 2023-09-08T11:33:20Z
day: '06'
department:
- _id: KrPi
doi: 10.1007/978-3-030-17259-6_11
ec_funded: 1
intvolume: ' 11443'
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://eprint.iacr.org/2018/426
month: '04'
oa: 1
oa_version: Preprint
page: 317-346
project:
- _id: 258AA5B2-B435-11E9-9278-68D0E5697425
call_identifier: H2020
grant_number: '682815'
name: Teaching Old Crypto New Tricks
publication_identifier:
eissn:
- '16113349'
isbn:
- '9783030172589'
issn:
- '03029743'
publication_status: published
publisher: Springer Nature
quality_controlled: '1'
related_material:
record:
- id: '10035'
relation: dissertation_contains
status: public
scopus_import: '1'
status: public
title: Adaptively secure proxy re-encryption
type: conference
user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1
volume: 11443
year: '2019'
...
---
_id: '6941'
abstract:
- lang: eng
text: "Bitcoin has become the most successful cryptocurrency ever deployed, and
its most distinctive feature is that it is decentralized. Its underlying protocol
(Nakamoto consensus) achieves this by using proof of work, which has the drawback
that it causes the consumption of vast amounts of energy to maintain the ledger.
Moreover, Bitcoin mining dynamics have become less distributed over time.\r\n\r\nTowards
addressing these issues, we propose SpaceMint, a cryptocurrency based on proofs
of space instead of proofs of work. Miners in SpaceMint dedicate disk space rather
than computation. We argue that SpaceMint’s design solves or alleviates several
of Bitcoin’s issues: most notably, its large energy consumption. SpaceMint also
rewards smaller miners fairly according to their contribution to the network,
thus incentivizing more distributed participation.\r\n\r\nThis paper adapts proof
of space to enable its use in cryptocurrency, studies the attacks that can arise
against a Bitcoin-like blockchain that uses proof of space, and proposes a new
blockchain format and transaction types to address these attacks. Our prototype
shows that initializing 1 TB for mining takes about a day (a one-off setup cost),
and miners spend on average just a fraction of a second per block mined. Finally,
we provide a game-theoretic analysis modeling SpaceMint as an extensive game (the
canonical game-theoretic notion for games that take place over time) and show
that this stylized game satisfies a strong equilibrium notion, thereby arguing
for SpaceMint ’s stability and consensus."
alternative_title:
- LNCS
article_processing_charge: No
author:
- first_name: Sunoo
full_name: Park, Sunoo
last_name: Park
- first_name: Albert
full_name: Kwon, Albert
last_name: Kwon
- first_name: Georg
full_name: Fuchsbauer, Georg
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
- first_name: Peter
full_name: Gazi, Peter
id: 3E0BFE38-F248-11E8-B48F-1D18A9856A87
last_name: Gazi
- first_name: Joel F
full_name: Alwen, Joel F
id: 2A8DFA8C-F248-11E8-B48F-1D18A9856A87
last_name: Alwen
- first_name: Krzysztof Z
full_name: Pietrzak, Krzysztof Z
id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87
last_name: Pietrzak
orcid: 0000-0002-9139-1654
citation:
ama: 'Park S, Kwon A, Fuchsbauer G, Gazi P, Alwen JF, Pietrzak KZ. SpaceMint: A
cryptocurrency based on proofs of space. In: 22nd International Conference
on Financial Cryptography and Data Security. Vol 10957. Springer Nature; 2018:480-499.
doi:10.1007/978-3-662-58387-6_26'
apa: 'Park, S., Kwon, A., Fuchsbauer, G., Gazi, P., Alwen, J. F., & Pietrzak,
K. Z. (2018). SpaceMint: A cryptocurrency based on proofs of space. In 22nd
International Conference on Financial Cryptography and Data Security (Vol.
10957, pp. 480–499). Nieuwpoort, Curacao: Springer Nature. https://doi.org/10.1007/978-3-662-58387-6_26'
chicago: 'Park, Sunoo, Albert Kwon, Georg Fuchsbauer, Peter Gazi, Joel F Alwen,
and Krzysztof Z Pietrzak. “SpaceMint: A Cryptocurrency Based on Proofs of Space.”
In 22nd International Conference on Financial Cryptography and Data Security,
10957:480–99. Springer Nature, 2018. https://doi.org/10.1007/978-3-662-58387-6_26.'
ieee: 'S. Park, A. Kwon, G. Fuchsbauer, P. Gazi, J. F. Alwen, and K. Z. Pietrzak,
“SpaceMint: A cryptocurrency based on proofs of space,” in 22nd International
Conference on Financial Cryptography and Data Security, Nieuwpoort, Curacao,
2018, vol. 10957, pp. 480–499.'
ista: 'Park S, Kwon A, Fuchsbauer G, Gazi P, Alwen JF, Pietrzak KZ. 2018. SpaceMint:
A cryptocurrency based on proofs of space. 22nd International Conference on Financial
Cryptography and Data Security. FC: Financial Cryptography and Data Security,
LNCS, vol. 10957, 480–499.'
mla: 'Park, Sunoo, et al. “SpaceMint: A Cryptocurrency Based on Proofs of Space.”
22nd International Conference on Financial Cryptography and Data Security,
vol. 10957, Springer Nature, 2018, pp. 480–99, doi:10.1007/978-3-662-58387-6_26.'
short: S. Park, A. Kwon, G. Fuchsbauer, P. Gazi, J.F. Alwen, K.Z. Pietrzak, in:,
22nd International Conference on Financial Cryptography and Data Security, Springer
Nature, 2018, pp. 480–499.
conference:
end_date: 2018-03-02
location: Nieuwpoort, Curacao
name: 'FC: Financial Cryptography and Data Security'
start_date: 2018-02-26
date_created: 2019-10-14T06:35:38Z
date_published: 2018-12-07T00:00:00Z
date_updated: 2023-09-19T15:02:13Z
day: '07'
department:
- _id: KrPi
doi: 10.1007/978-3-662-58387-6_26
ec_funded: 1
external_id:
isi:
- '000540656400026'
intvolume: ' 10957'
isi: 1
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://eprint.iacr.org/2015/528
month: '12'
oa: 1
oa_version: Submitted Version
page: 480-499
project:
- _id: 258AA5B2-B435-11E9-9278-68D0E5697425
call_identifier: H2020
grant_number: '682815'
name: Teaching Old Crypto New Tricks
publication: 22nd International Conference on Financial Cryptography and Data Security
publication_identifier:
eissn:
- 1611-3349
isbn:
- '9783662583869'
- '9783662583876'
issn:
- 0302-9743
publication_status: published
publisher: Springer Nature
quality_controlled: '1'
scopus_import: '1'
status: public
title: 'SpaceMint: A cryptocurrency based on proofs of space'
type: conference
user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1
volume: 10957
year: '2018'
...
---
_id: '1233'
abstract:
- lang: eng
text: About three decades ago it was realized that implementing private channels
between parties which can be adaptively corrupted requires an encryption scheme
that is secure against selective opening attacks. Whether standard (IND-CPA) security
implies security against selective opening attacks has been a major open question
since. The only known reduction from selective opening to IND-CPA security loses
an exponential factor. A polynomial reduction is only known for the very special
case where the distribution considered in the selective opening security experiment
is a product distribution, i.e., the messages are sampled independently from each
other. In this paper we give a reduction whose loss is quantified via the dependence
graph (where message dependencies correspond to edges) of the underlying message
distribution. In particular, for some concrete distributions including Markov
distributions, our reduction is polynomial.
acknowledgement: G. Fuchsbauer and K. Pietrzak are supported by the European Research
Council, ERC Starting Grant (259668-PSPC). F. Heuer is funded by a Sofja Kovalevskaja
Award of the Alexander von Humboldt Foundation and DFG SPP 1736, Algorithms for
BIG DATA. E. Kiltz is supported by a Sofja Kovalevskaja Award of the Alexander von
Humboldt Foundation, the German Israel Foundation, and ERC Project ERCC (FP7/615074).
alternative_title:
- LNCS
author:
- first_name: Georg
full_name: Fuchsbauer, Georg
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
- first_name: Felix
full_name: Heuer, Felix
last_name: Heuer
- first_name: Eike
full_name: Kiltz, Eike
last_name: Kiltz
- first_name: Krzysztof Z
full_name: Pietrzak, Krzysztof Z
id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87
last_name: Pietrzak
orcid: 0000-0002-9139-1654
citation:
ama: 'Fuchsbauer G, Heuer F, Kiltz E, Pietrzak KZ. Standard security does imply
security against selective opening for markov distributions. In: Vol 9562. Springer;
2016:282-305. doi:10.1007/978-3-662-49096-9_12'
apa: 'Fuchsbauer, G., Heuer, F., Kiltz, E., & Pietrzak, K. Z. (2016). Standard
security does imply security against selective opening for markov distributions
(Vol. 9562, pp. 282–305). Presented at the TCC: Theory of Cryptography Conference,
Tel Aviv, Israel: Springer. https://doi.org/10.1007/978-3-662-49096-9_12'
chicago: Fuchsbauer, Georg, Felix Heuer, Eike Kiltz, and Krzysztof Z Pietrzak. “Standard
Security Does Imply Security against Selective Opening for Markov Distributions,”
9562:282–305. Springer, 2016. https://doi.org/10.1007/978-3-662-49096-9_12.
ieee: 'G. Fuchsbauer, F. Heuer, E. Kiltz, and K. Z. Pietrzak, “Standard security
does imply security against selective opening for markov distributions,” presented
at the TCC: Theory of Cryptography Conference, Tel Aviv, Israel, 2016, vol. 9562,
pp. 282–305.'
ista: 'Fuchsbauer G, Heuer F, Kiltz E, Pietrzak KZ. 2016. Standard security does
imply security against selective opening for markov distributions. TCC: Theory
of Cryptography Conference, LNCS, vol. 9562, 282–305.'
mla: Fuchsbauer, Georg, et al. Standard Security Does Imply Security against
Selective Opening for Markov Distributions. Vol. 9562, Springer, 2016, pp.
282–305, doi:10.1007/978-3-662-49096-9_12.
short: G. Fuchsbauer, F. Heuer, E. Kiltz, K.Z. Pietrzak, in:, Springer, 2016, pp.
282–305.
conference:
end_date: 2016-01-13
location: Tel Aviv, Israel
name: 'TCC: Theory of Cryptography Conference'
start_date: 2016-01-10
date_created: 2018-12-11T11:50:51Z
date_published: 2016-01-01T00:00:00Z
date_updated: 2021-01-12T06:49:16Z
day: '01'
department:
- _id: KrPi
doi: 10.1007/978-3-662-49096-9_12
ec_funded: 1
intvolume: ' 9562'
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://eprint.iacr.org/2015/853
month: '01'
oa: 1
oa_version: Submitted Version
page: 282 - 305
project:
- _id: 258C570E-B435-11E9-9278-68D0E5697425
call_identifier: FP7
grant_number: '259668'
name: Provable Security for Physical Cryptography
publication_status: published
publisher: Springer
publist_id: '6100'
quality_controlled: '1'
scopus_import: 1
status: public
title: Standard security does imply security against selective opening for markov
distributions
type: conference
user_id: 3E5EF7F0-F248-11E8-B48F-1D18A9856A87
volume: 9562
year: '2016'
...
---
_id: '1592'
abstract:
- lang: eng
text: A modular approach to constructing cryptographic protocols leads to simple
designs but often inefficient instantiations. On the other hand, ad hoc constructions
may yield efficient protocols at the cost of losing conceptual simplicity. We
suggest a new design paradigm, structure-preserving cryptography, that provides
a way to construct modular protocols with reasonable efficiency while retaining
conceptual simplicity. A cryptographic scheme over a bilinear group is called
structure-preserving if its public inputs and outputs consist of elements from
the bilinear groups and their consistency can be verified by evaluating pairing-product
equations. As structure-preserving schemes smoothly interoperate with each other,
they are useful as building blocks in modular design of cryptographic applications.
This paper introduces structure-preserving commitment and signature schemes over
bilinear groups with several desirable properties. The commitment schemes include
homomorphic, trapdoor and length-reducing commitments to group elements, and the
structure-preserving signature schemes are the first ones that yield constant-size
signatures on multiple group elements. A structure-preserving signature scheme
is called automorphic if the public keys lie in the message space, which cannot
be achieved by compressing inputs via a cryptographic hash function, as this would
destroy the mathematical structure we are trying to preserve. Automorphic signatures
can be used for building certification chains underlying privacy-preserving protocols.
Among a vast number of applications of structure-preserving protocols, we present
an efficient round-optimal blind-signature scheme and a group signature scheme
with an efficient and concurrently secure protocol for enrolling new members.
acknowledgement: The authors would like to thank the anonymous reviewers of this paper.
We also would like to express our appreciation to the program committee and the
anonymous reviewers for CRYPTO 2010. The first author thanks Sherman S. M. Chow
for his comment on group signatures in Sect. 7.1.
author:
- first_name: Masayuki
full_name: Abe, Masayuki
last_name: Abe
- first_name: Georg
full_name: Fuchsbauer, Georg
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
- first_name: Jens
full_name: Groth, Jens
last_name: Groth
- first_name: Kristiyan
full_name: Haralambiev, Kristiyan
last_name: Haralambiev
- first_name: Miyako
full_name: Ohkubo, Miyako
last_name: Ohkubo
citation:
ama: Abe M, Fuchsbauer G, Groth J, Haralambiev K, Ohkubo M. Structure preserving
signatures and commitments to group elements. Journal of Cryptology. 2016;29(2):363-421.
doi:10.1007/s00145-014-9196-7
apa: Abe, M., Fuchsbauer, G., Groth, J., Haralambiev, K., & Ohkubo, M. (2016).
Structure preserving signatures and commitments to group elements. Journal
of Cryptology. Springer. https://doi.org/10.1007/s00145-014-9196-7
chicago: Abe, Masayuki, Georg Fuchsbauer, Jens Groth, Kristiyan Haralambiev, and
Miyako Ohkubo. “Structure Preserving Signatures and Commitments to Group Elements.”
Journal of Cryptology. Springer, 2016. https://doi.org/10.1007/s00145-014-9196-7.
ieee: M. Abe, G. Fuchsbauer, J. Groth, K. Haralambiev, and M. Ohkubo, “Structure
preserving signatures and commitments to group elements,” Journal of Cryptology,
vol. 29, no. 2. Springer, pp. 363–421, 2016.
ista: Abe M, Fuchsbauer G, Groth J, Haralambiev K, Ohkubo M. 2016. Structure preserving
signatures and commitments to group elements. Journal of Cryptology. 29(2), 363–421.
mla: Abe, Masayuki, et al. “Structure Preserving Signatures and Commitments to Group
Elements.” Journal of Cryptology, vol. 29, no. 2, Springer, 2016, pp. 363–421,
doi:10.1007/s00145-014-9196-7.
short: M. Abe, G. Fuchsbauer, J. Groth, K. Haralambiev, M. Ohkubo, Journal of Cryptology
29 (2016) 363–421.
date_created: 2018-12-11T11:52:54Z
date_published: 2016-04-01T00:00:00Z
date_updated: 2021-01-12T06:51:49Z
day: '01'
department:
- _id: KrPi
doi: 10.1007/s00145-014-9196-7
intvolume: ' 29'
issue: '2'
language:
- iso: eng
month: '04'
oa_version: None
page: 363 - 421
publication: Journal of Cryptology
publication_status: published
publisher: Springer
publist_id: '5579'
quality_controlled: '1'
scopus_import: 1
status: public
title: Structure preserving signatures and commitments to group elements
type: journal_article
user_id: 3E5EF7F0-F248-11E8-B48F-1D18A9856A87
volume: 29
year: '2016'
...
---
_id: '1225'
abstract:
- lang: eng
text: At Crypto 2015 Fuchsbauer, Hanser and Slamanig (FHS) presented the first standard-model
construction of efficient roundoptimal blind signatures that does not require
complexity leveraging. It is conceptually simple and builds on the primitive of
structure-preserving signatures on equivalence classes (SPS-EQ). FHS prove the
unforgeability of their scheme assuming EUF-CMA security of the SPS-EQ scheme
and hardness of a version of the DH inversion problem. Blindness under adversarially
chosen keys is proven under an interactive variant of the DDH assumption. We propose
a variant of their scheme whose blindness can be proven under a non-interactive
assumption, namely a variant of the bilinear DDH assumption. We moreover prove
its unforgeability assuming only unforgeability of the underlying SPS-EQ but no
additional assumptions as needed for the FHS scheme.
alternative_title:
- LNCS
author:
- first_name: Georg
full_name: Fuchsbauer, Georg
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
- first_name: Christian
full_name: Hanser, Christian
last_name: Hanser
- first_name: Chethan
full_name: Kamath Hosdurg, Chethan
id: 4BD3F30E-F248-11E8-B48F-1D18A9856A87
last_name: Kamath Hosdurg
- first_name: Daniel
full_name: Slamanig, Daniel
last_name: Slamanig
citation:
ama: 'Fuchsbauer G, Hanser C, Kamath Hosdurg C, Slamanig D. Practical round-optimal
blind signatures in the standard model from weaker assumptions. In: Vol 9841.
Springer; 2016:391-408. doi:10.1007/978-3-319-44618-9_21'
apa: 'Fuchsbauer, G., Hanser, C., Kamath Hosdurg, C., & Slamanig, D. (2016).
Practical round-optimal blind signatures in the standard model from weaker assumptions
(Vol. 9841, pp. 391–408). Presented at the SCN: Security and Cryptography for
Networks, Amalfi, Italy: Springer. https://doi.org/10.1007/978-3-319-44618-9_21'
chicago: Fuchsbauer, Georg, Christian Hanser, Chethan Kamath Hosdurg, and Daniel
Slamanig. “Practical Round-Optimal Blind Signatures in the Standard Model from
Weaker Assumptions,” 9841:391–408. Springer, 2016. https://doi.org/10.1007/978-3-319-44618-9_21.
ieee: 'G. Fuchsbauer, C. Hanser, C. Kamath Hosdurg, and D. Slamanig, “Practical
round-optimal blind signatures in the standard model from weaker assumptions,”
presented at the SCN: Security and Cryptography for Networks, Amalfi, Italy, 2016,
vol. 9841, pp. 391–408.'
ista: 'Fuchsbauer G, Hanser C, Kamath Hosdurg C, Slamanig D. 2016. Practical round-optimal
blind signatures in the standard model from weaker assumptions. SCN: Security
and Cryptography for Networks, LNCS, vol. 9841, 391–408.'
mla: Fuchsbauer, Georg, et al. Practical Round-Optimal Blind Signatures in the
Standard Model from Weaker Assumptions. Vol. 9841, Springer, 2016, pp. 391–408,
doi:10.1007/978-3-319-44618-9_21.
short: G. Fuchsbauer, C. Hanser, C. Kamath Hosdurg, D. Slamanig, in:, Springer,
2016, pp. 391–408.
conference:
end_date: 2016-09-02
location: Amalfi, Italy
name: 'SCN: Security and Cryptography for Networks'
start_date: 2016-08-31
date_created: 2018-12-11T11:50:49Z
date_published: 2016-08-11T00:00:00Z
date_updated: 2023-02-23T10:08:16Z
day: '11'
department:
- _id: KrPi
doi: 10.1007/978-3-319-44618-9_21
ec_funded: 1
intvolume: ' 9841'
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://eprint.iacr.org/2016/662
month: '08'
oa: 1
oa_version: Submitted Version
page: 391 - 408
project:
- _id: 258C570E-B435-11E9-9278-68D0E5697425
call_identifier: FP7
grant_number: '259668'
name: Provable Security for Physical Cryptography
- _id: 258AA5B2-B435-11E9-9278-68D0E5697425
call_identifier: H2020
grant_number: '682815'
name: Teaching Old Crypto New Tricks
publication_status: published
publisher: Springer
publist_id: '6109'
quality_controlled: '1'
related_material:
record:
- id: '1647'
relation: earlier_version
status: public
scopus_import: 1
status: public
title: Practical round-optimal blind signatures in the standard model from weaker
assumptions
type: conference
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
volume: 9841
year: '2016'
...
---
_id: '1229'
abstract:
- lang: eng
text: Witness encryption (WE) was introduced by Garg et al. [GGSW13]. A WE scheme
is defined for some NP language L and lets a sender encrypt messages relative
to instances x. A ciphertext for x can be decrypted using w witnessing x ∈ L,
but hides the message if x ∈ L. Garg et al. construct WE from multilinear maps
and give another construction [GGH+13b] using indistinguishability obfuscation
(iO) for circuits. Due to the reliance on such heavy tools, WE can cur- rently
hardly be implemented on powerful hardware and will unlikely be realizable on
constrained devices like smart cards any time soon. We construct a WE scheme where
encryption is done by simply computing a Naor-Yung ciphertext (two CPA encryptions
and a NIZK proof). To achieve this, our scheme has a setup phase, which outputs
public parameters containing an obfuscated circuit (only required for decryption),
two encryption keys and a common reference string (used for encryption). This
setup need only be run once, and the parame- ters can be used for arbitrary many
encryptions. Our scheme can also be turned into a functional WE scheme, where
a message is encrypted w.r.t. a statement and a function f, and decryption with
a witness w yields f (m, w). Our construction is inspired by the functional encryption
scheme by Garg et al. and we prove (selective) security assuming iO and statistically
simulation-sound NIZK. We give a construction of the latter in bilinear groups
and combining it with ElGamal encryption, our ciphertexts are of size 1.3 kB at
a 128-bit security level and can be computed on a smart card.
acknowledgement: Research supported by the European Research Council, ERC starting grant
(259668-PSPC) and ERC consolidator grant (682815 - TOCNeT).
alternative_title:
- LNCS
author:
- first_name: Hamza M
full_name: Abusalah, Hamza M
id: 40297222-F248-11E8-B48F-1D18A9856A87
last_name: Abusalah
- first_name: Georg
full_name: Fuchsbauer, Georg
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
- first_name: Krzysztof Z
full_name: Pietrzak, Krzysztof Z
id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87
last_name: Pietrzak
orcid: 0000-0002-9139-1654
citation:
ama: 'Abusalah HM, Fuchsbauer G, Pietrzak KZ. Offline witness encryption. In: Vol
9696. Springer; 2016:285-303. doi:10.1007/978-3-319-39555-5_16'
apa: 'Abusalah, H. M., Fuchsbauer, G., & Pietrzak, K. Z. (2016). Offline witness
encryption (Vol. 9696, pp. 285–303). Presented at the ACNS: Applied Cryptography
and Network Security, Guildford, UK: Springer. https://doi.org/10.1007/978-3-319-39555-5_16'
chicago: Abusalah, Hamza M, Georg Fuchsbauer, and Krzysztof Z Pietrzak. “Offline
Witness Encryption,” 9696:285–303. Springer, 2016. https://doi.org/10.1007/978-3-319-39555-5_16.
ieee: 'H. M. Abusalah, G. Fuchsbauer, and K. Z. Pietrzak, “Offline witness encryption,”
presented at the ACNS: Applied Cryptography and Network Security, Guildford, UK,
2016, vol. 9696, pp. 285–303.'
ista: 'Abusalah HM, Fuchsbauer G, Pietrzak KZ. 2016. Offline witness encryption.
ACNS: Applied Cryptography and Network Security, LNCS, vol. 9696, 285–303.'
mla: Abusalah, Hamza M., et al. Offline Witness Encryption. Vol. 9696, Springer,
2016, pp. 285–303, doi:10.1007/978-3-319-39555-5_16.
short: H.M. Abusalah, G. Fuchsbauer, K.Z. Pietrzak, in:, Springer, 2016, pp. 285–303.
conference:
end_date: 2016-06-22
location: Guildford, UK
name: 'ACNS: Applied Cryptography and Network Security'
start_date: 2016-06-19
date_created: 2018-12-11T11:50:50Z
date_published: 2016-06-09T00:00:00Z
date_updated: 2023-09-07T12:30:22Z
day: '09'
ddc:
- '005'
- '600'
department:
- _id: KrPi
doi: 10.1007/978-3-319-39555-5_16
ec_funded: 1
file:
- access_level: open_access
checksum: 34fa9ce681da845a1ba945ba3dc57867
content_type: application/pdf
creator: system
date_created: 2018-12-12T10:17:20Z
date_updated: 2020-07-14T12:44:39Z
file_id: '5273'
file_name: IST-2017-765-v1+1_838.pdf
file_size: 515000
relation: main_file
file_date_updated: 2020-07-14T12:44:39Z
has_accepted_license: '1'
intvolume: ' 9696'
language:
- iso: eng
month: '06'
oa: 1
oa_version: Submitted Version
page: 285 - 303
project:
- _id: 258C570E-B435-11E9-9278-68D0E5697425
call_identifier: FP7
grant_number: '259668'
name: Provable Security for Physical Cryptography
- _id: 258AA5B2-B435-11E9-9278-68D0E5697425
call_identifier: H2020
grant_number: '682815'
name: Teaching Old Crypto New Tricks
publication_status: published
publisher: Springer
publist_id: '6105'
pubrep_id: '765'
quality_controlled: '1'
related_material:
record:
- id: '83'
relation: dissertation_contains
status: public
scopus_import: 1
status: public
title: Offline witness encryption
type: conference
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
volume: 9696
year: '2016'
...
---
_id: '1236'
abstract:
- lang: eng
text: 'A constrained pseudorandom function F: K × X → Y for a family T ⊆ 2X of subsets
of X is a function where for any key k ∈ K and set S ∈ T one can efficiently compute
a constrained key kS which allows to evaluate F (k, ·) on all inputs x ∈ S, while
even given this key, the outputs on all inputs x ∉ S look random. At Asiacrypt’13
Boneh and Waters gave a construction which supports the most general set family
so far. Its keys kc are defined for sets decided by boolean circuits C and enable
evaluation of the PRF on any x ∈ X where C(x) = 1. In their construction the PRF
input length and the size of the circuits C for which constrained keys can be
computed must be fixed beforehand during key generation. We construct a constrained
PRF that has an unbounded input length and whose constrained keys can be defined
for any set recognized by a Turing machine. The only a priori bound we make is
on the description size of the machines. We prove our construction secure assuming
publiccoin differing-input obfuscation. As applications of our constrained PRF
we build a broadcast encryption scheme where the number of potential receivers
need not be fixed at setup (in particular, the length of the keys is independent
of the number of parties) and the first identity-based non-interactive key exchange
protocol with no bound on the number of parties that can agree on a shared key.'
acknowledgement: Supported by the European Research Council, ERC Starting Grant (259668-PSPC).
alternative_title:
- LNCS
author:
- first_name: Hamza M
full_name: Abusalah, Hamza M
id: 40297222-F248-11E8-B48F-1D18A9856A87
last_name: Abusalah
- first_name: Georg
full_name: Fuchsbauer, Georg
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
- first_name: Krzysztof Z
full_name: Pietrzak, Krzysztof Z
id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87
last_name: Pietrzak
orcid: 0000-0002-9139-1654
citation:
ama: 'Abusalah HM, Fuchsbauer G, Pietrzak KZ. Constrained PRFs for unbounded inputs.
In: Vol 9610. Springer; 2016:413-428. doi:10.1007/978-3-319-29485-8_24'
apa: 'Abusalah, H. M., Fuchsbauer, G., & Pietrzak, K. Z. (2016). Constrained
PRFs for unbounded inputs (Vol. 9610, pp. 413–428). Presented at the CT-RSA: Topics
in Cryptology, San Francisco, CA, USA: Springer. https://doi.org/10.1007/978-3-319-29485-8_24'
chicago: Abusalah, Hamza M, Georg Fuchsbauer, and Krzysztof Z Pietrzak. “Constrained
PRFs for Unbounded Inputs,” 9610:413–28. Springer, 2016. https://doi.org/10.1007/978-3-319-29485-8_24.
ieee: 'H. M. Abusalah, G. Fuchsbauer, and K. Z. Pietrzak, “Constrained PRFs for
unbounded inputs,” presented at the CT-RSA: Topics in Cryptology, San Francisco,
CA, USA, 2016, vol. 9610, pp. 413–428.'
ista: 'Abusalah HM, Fuchsbauer G, Pietrzak KZ. 2016. Constrained PRFs for unbounded
inputs. CT-RSA: Topics in Cryptology, LNCS, vol. 9610, 413–428.'
mla: Abusalah, Hamza M., et al. Constrained PRFs for Unbounded Inputs. Vol.
9610, Springer, 2016, pp. 413–28, doi:10.1007/978-3-319-29485-8_24.
short: H.M. Abusalah, G. Fuchsbauer, K.Z. Pietrzak, in:, Springer, 2016, pp. 413–428.
conference:
end_date: 2016-03-04
location: San Francisco, CA, USA
name: 'CT-RSA: Topics in Cryptology'
start_date: 2016-02-29
date_created: 2018-12-11T11:50:52Z
date_published: 2016-02-02T00:00:00Z
date_updated: 2023-09-07T12:30:22Z
day: '02'
ddc:
- '005'
- '600'
department:
- _id: KrPi
doi: 10.1007/978-3-319-29485-8_24
ec_funded: 1
file:
- access_level: open_access
checksum: 3851cee49933ae13b1272e516f213e13
content_type: application/pdf
creator: system
date_created: 2018-12-12T10:08:05Z
date_updated: 2020-07-14T12:44:41Z
file_id: '4664'
file_name: IST-2017-764-v1+1_279.pdf
file_size: 495176
relation: main_file
file_date_updated: 2020-07-14T12:44:41Z
has_accepted_license: '1'
intvolume: ' 9610'
language:
- iso: eng
month: '02'
oa: 1
oa_version: Submitted Version
page: 413 - 428
project:
- _id: 258C570E-B435-11E9-9278-68D0E5697425
call_identifier: FP7
grant_number: '259668'
name: Provable Security for Physical Cryptography
publication_status: published
publisher: Springer
publist_id: '6097'
pubrep_id: '764'
quality_controlled: '1'
related_material:
record:
- id: '83'
relation: dissertation_contains
status: public
scopus_import: 1
status: public
title: Constrained PRFs for unbounded inputs
type: conference
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
volume: 9610
year: '2016'
...
---
_id: '1235'
abstract:
- lang: eng
text: 'A constrained pseudorandom function (CPRF) F: K×X → Y for a family T of subsets
of χ is a function where for any key k ∈ K and set S ∈ T one can efficiently compute
a short constrained key kS, which allows to evaluate F(k, ·) on all inputs x ∈
S, while the outputs on all inputs x /∈ S look random even given kS. Abusalah
et al. recently constructed the first constrained PRF for inputs of arbitrary
length whose sets S are decided by Turing machines. They use their CPRF to build
broadcast encryption and the first ID-based non-interactive key exchange for an
unbounded number of users. Their constrained keys are obfuscated circuits and
are therefore large. In this work we drastically reduce the key size and define
a constrained key for a Turing machine M as a short signature on M. For this,
we introduce a new signature primitive with constrained signing keys that let
one only sign certain messages, while forging a signature on others is hard even
when knowing the coins for key generation.'
acknowledgement: H. Abusalah—Research supported by the European Research Council,
ERC starting grant (259668-PSPC) and ERC consolidator grant (682815 - TOCNeT).
alternative_title:
- LNCS
author:
- first_name: Hamza M
full_name: Abusalah, Hamza M
id: 40297222-F248-11E8-B48F-1D18A9856A87
last_name: Abusalah
- first_name: Georg
full_name: Fuchsbauer, Georg
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
citation:
ama: 'Abusalah HM, Fuchsbauer G. Constrained PRFs for unbounded inputs with short
keys. In: Vol 9696. Springer; 2016:445-463. doi:10.1007/978-3-319-39555-5_24'
apa: 'Abusalah, H. M., & Fuchsbauer, G. (2016). Constrained PRFs for unbounded
inputs with short keys (Vol. 9696, pp. 445–463). Presented at the ACNS: Applied
Cryptography and Network Security, Guildford, UK: Springer. https://doi.org/10.1007/978-3-319-39555-5_24'
chicago: Abusalah, Hamza M, and Georg Fuchsbauer. “Constrained PRFs for Unbounded
Inputs with Short Keys,” 9696:445–63. Springer, 2016. https://doi.org/10.1007/978-3-319-39555-5_24.
ieee: 'H. M. Abusalah and G. Fuchsbauer, “Constrained PRFs for unbounded inputs
with short keys,” presented at the ACNS: Applied Cryptography and Network Security,
Guildford, UK, 2016, vol. 9696, pp. 445–463.'
ista: 'Abusalah HM, Fuchsbauer G. 2016. Constrained PRFs for unbounded inputs with
short keys. ACNS: Applied Cryptography and Network Security, LNCS, vol. 9696,
445–463.'
mla: Abusalah, Hamza M., and Georg Fuchsbauer. Constrained PRFs for Unbounded
Inputs with Short Keys. Vol. 9696, Springer, 2016, pp. 445–63, doi:10.1007/978-3-319-39555-5_24.
short: H.M. Abusalah, G. Fuchsbauer, in:, Springer, 2016, pp. 445–463.
conference:
end_date: 2016-06-22
location: Guildford, UK
name: 'ACNS: Applied Cryptography and Network Security'
start_date: 2016-06-19
date_created: 2018-12-11T11:50:52Z
date_published: 2016-01-01T00:00:00Z
date_updated: 2023-09-07T12:30:22Z
day: '01'
department:
- _id: KrPi
doi: 10.1007/978-3-319-39555-5_24
ec_funded: 1
intvolume: ' 9696'
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://eprint.iacr.org/2016/279.pdf
month: '01'
oa: 1
oa_version: Submitted Version
page: 445 - 463
project:
- _id: 258C570E-B435-11E9-9278-68D0E5697425
call_identifier: FP7
grant_number: '259668'
name: Provable Security for Physical Cryptography
- _id: 258AA5B2-B435-11E9-9278-68D0E5697425
call_identifier: H2020
grant_number: '682815'
name: Teaching Old Crypto New Tricks
publication_status: published
publisher: Springer
publist_id: '6098'
quality_controlled: '1'
related_material:
record:
- id: '83'
relation: dissertation_contains
status: public
scopus_import: 1
status: public
title: Constrained PRFs for unbounded inputs with short keys
type: conference
user_id: 3E5EF7F0-F248-11E8-B48F-1D18A9856A87
volume: 9696
year: '2016'
...
---
_id: '1474'
abstract:
- lang: eng
text: Cryptographic access control offers selective access to encrypted data via
a combination of key management and functionality-rich cryptographic schemes,
such as attribute-based encryption. Using this approach, publicly available meta-data
may inadvertently leak information on the access policy that is enforced by cryptography,
which renders cryptographic access control unusable in settings where this information
is highly sensitive. We begin to address this problem by presenting rigorous definitions
for policy privacy in cryptographic access control. For concreteness we set our
results in the model of Role-Based Access Control (RBAC), where we identify and
formalize several different flavors of privacy, however, our framework should
serve as inspiration for other models of access control. Based on our insights
we propose a new system which significantly improves on the privacy properties
of state-of-the-art constructions. Our design is based on a novel type of privacy-preserving
attribute-based encryption, which we introduce and show how to instantiate. We
present our results in the context of a cryptographic RBAC system by Ferrara et
al. (CSF'13), which uses cryptography to control read access to files, while write
access is still delegated to trusted monitors. We give an extension of the construction
that permits cryptographic control over write access. Our construction assumes
that key management uses out-of-band channels between the policy enforcer and
the users but eliminates completely the need for monitoring read/write access
to the data.
article_processing_charge: No
author:
- first_name: Anna
full_name: Ferrara, Anna
last_name: Ferrara
- first_name: Georg
full_name: Fuchsbauer, Georg
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
- first_name: Bin
full_name: Liu, Bin
last_name: Liu
- first_name: Bogdan
full_name: Warinschi, Bogdan
last_name: Warinschi
citation:
ama: 'Ferrara A, Fuchsbauer G, Liu B, Warinschi B. Policy privacy in cryptographic
access control. In: IEEE; 2015:46-60. doi:10.1109/CSF.2015.11'
apa: 'Ferrara, A., Fuchsbauer, G., Liu, B., & Warinschi, B. (2015). Policy privacy
in cryptographic access control (pp. 46–60). Presented at the CSF: Computer Security
Foundations, Verona, Italy: IEEE. https://doi.org/10.1109/CSF.2015.11'
chicago: Ferrara, Anna, Georg Fuchsbauer, Bin Liu, and Bogdan Warinschi. “Policy
Privacy in Cryptographic Access Control,” 46–60. IEEE, 2015. https://doi.org/10.1109/CSF.2015.11.
ieee: 'A. Ferrara, G. Fuchsbauer, B. Liu, and B. Warinschi, “Policy privacy in cryptographic
access control,” presented at the CSF: Computer Security Foundations, Verona,
Italy, 2015, pp. 46–60.'
ista: 'Ferrara A, Fuchsbauer G, Liu B, Warinschi B. 2015. Policy privacy in cryptographic
access control. CSF: Computer Security Foundations, 46–60.'
mla: Ferrara, Anna, et al. Policy Privacy in Cryptographic Access Control.
IEEE, 2015, pp. 46–60, doi:10.1109/CSF.2015.11.
short: A. Ferrara, G. Fuchsbauer, B. Liu, B. Warinschi, in:, IEEE, 2015, pp. 46–60.
conference:
end_date: 2015-07-17
location: Verona, Italy
name: 'CSF: Computer Security Foundations'
start_date: 2015-07-13
date_created: 2018-12-11T11:52:14Z
date_published: 2015-09-04T00:00:00Z
date_updated: 2021-01-12T06:50:59Z
day: '04'
department:
- _id: KrPi
doi: 10.1109/CSF.2015.11
ec_funded: 1
language:
- iso: eng
main_file_link:
- open_access: '1'
url: http://epubs.surrey.ac.uk/808055/
month: '09'
oa: 1
oa_version: Submitted Version
page: 46-60
project:
- _id: 258C570E-B435-11E9-9278-68D0E5697425
call_identifier: FP7
grant_number: '259668'
name: Provable Security for Physical Cryptography
publication_status: published
publisher: IEEE
publist_id: '5722'
quality_controlled: '1'
status: public
title: Policy privacy in cryptographic access control
type: conference
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
year: '2015'
...
---
_id: '1646'
abstract:
- lang: eng
text: 'A pseudorandom function (PRF) is a keyed function F : K × X → Y where, for
a random key k ∈ K, the function F(k, ·) is indistinguishable from a uniformly
random function, given black-box access. A key-homomorphic PRF has the additional
feature that for any keys k, k'' and any input x, we have F(k+k'', x) = F(k, x)⊕F(k'',
x) for some group operations +,⊕ on K and Y, respectively. A constrained PRF for
a family of setsS ⊆ P(X) has the property that, given any key k and set S ∈ S,
one can efficiently compute a “constrained” key kS that enables evaluation of
F(k, x) on all inputs x ∈ S, while the values F(k, x) for x /∈ S remain pseudorandom
even given kS. In this paper we construct PRFs that are simultaneously constrained
and key homomorphic, where the homomorphic property holds even for constrained
keys. We first show that the multilinear map-based bit-fixing and circuit-constrained
PRFs of Boneh and Waters (Asiacrypt 2013) can be modified to also be keyhomomorphic.
We then show that the LWE-based key-homomorphic PRFs of Banerjee and Peikert (Crypto
2014) are essentially already prefix-constrained PRFs, using a (non-obvious) definition
of constrained keys and associated group operation. Moreover, the constrained
keys themselves are pseudorandom, and the constraining and evaluation functions
can all be computed in low depth. As an application of key-homomorphic constrained
PRFs,we construct a proxy re-encryption schemewith fine-grained access control.
This scheme allows storing encrypted data on an untrusted server, where each file
can be encrypted relative to some attributes, so that only parties whose constrained
keys match the attributes can decrypt. Moreover, the server can re-key (arbitrary
subsets of) the ciphertexts without learning anything about the plaintexts, thus
permitting efficient and finegrained revocation.'
alternative_title:
- LNCS
article_processing_charge: No
author:
- first_name: Abishek
full_name: Banerjee, Abishek
last_name: Banerjee
- first_name: Georg
full_name: Fuchsbauer, Georg
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
- first_name: Chris
full_name: Peikert, Chris
last_name: Peikert
- first_name: Krzysztof Z
full_name: Pietrzak, Krzysztof Z
id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87
last_name: Pietrzak
orcid: 0000-0002-9139-1654
- first_name: Sophie
full_name: Stevens, Sophie
last_name: Stevens
citation:
ama: 'Banerjee A, Fuchsbauer G, Peikert C, Pietrzak KZ, Stevens S. Key-homomorphic
constrained pseudorandom functions. In: 12th Theory of Cryptography Conference.
Vol 9015. Springer Nature; 2015:31-60. doi:10.1007/978-3-662-46497-7_2'
apa: 'Banerjee, A., Fuchsbauer, G., Peikert, C., Pietrzak, K. Z., & Stevens,
S. (2015). Key-homomorphic constrained pseudorandom functions. In 12th Theory
of Cryptography Conference (Vol. 9015, pp. 31–60). Warsaw, Poland: Springer
Nature. https://doi.org/10.1007/978-3-662-46497-7_2'
chicago: Banerjee, Abishek, Georg Fuchsbauer, Chris Peikert, Krzysztof Z Pietrzak,
and Sophie Stevens. “Key-Homomorphic Constrained Pseudorandom Functions.” In 12th
Theory of Cryptography Conference, 9015:31–60. Springer Nature, 2015. https://doi.org/10.1007/978-3-662-46497-7_2.
ieee: A. Banerjee, G. Fuchsbauer, C. Peikert, K. Z. Pietrzak, and S. Stevens, “Key-homomorphic
constrained pseudorandom functions,” in 12th Theory of Cryptography Conference,
Warsaw, Poland, 2015, vol. 9015, pp. 31–60.
ista: 'Banerjee A, Fuchsbauer G, Peikert C, Pietrzak KZ, Stevens S. 2015. Key-homomorphic
constrained pseudorandom functions. 12th Theory of Cryptography Conference. TCC:
Theory of Cryptography Conference, LNCS, vol. 9015, 31–60.'
mla: Banerjee, Abishek, et al. “Key-Homomorphic Constrained Pseudorandom Functions.”
12th Theory of Cryptography Conference, vol. 9015, Springer Nature, 2015,
pp. 31–60, doi:10.1007/978-3-662-46497-7_2.
short: A. Banerjee, G. Fuchsbauer, C. Peikert, K.Z. Pietrzak, S. Stevens, in:, 12th
Theory of Cryptography Conference, Springer Nature, 2015, pp. 31–60.
conference:
end_date: 2015-03-25
location: Warsaw, Poland
name: 'TCC: Theory of Cryptography Conference'
start_date: 2015-03-23
date_created: 2018-12-11T11:53:14Z
date_published: 2015-03-01T00:00:00Z
date_updated: 2022-02-03T08:41:46Z
day: '01'
ddc:
- '000'
- '004'
department:
- _id: KrPi
doi: 10.1007/978-3-662-46497-7_2
ec_funded: 1
file:
- access_level: open_access
checksum: 3c5093bda5783c89beaacabf1aa0e60e
content_type: application/pdf
creator: system
date_created: 2018-12-12T10:15:17Z
date_updated: 2020-07-14T12:45:08Z
file_id: '5136'
file_name: IST-2016-679-v1+1_180.pdf
file_size: 450665
relation: main_file
file_date_updated: 2020-07-14T12:45:08Z
has_accepted_license: '1'
intvolume: ' 9015'
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://eprint.iacr.org/2015/180
month: '03'
oa: 1
oa_version: Submitted Version
page: 31 - 60
project:
- _id: 258C570E-B435-11E9-9278-68D0E5697425
call_identifier: FP7
grant_number: '259668'
name: Provable Security for Physical Cryptography
publication: 12th Theory of Cryptography Conference
publication_identifier:
isbn:
- 978-3-662-46496-0
publication_status: published
publisher: Springer Nature
publist_id: '5505'
pubrep_id: '679'
quality_controlled: '1'
scopus_import: '1'
status: public
title: Key-homomorphic constrained pseudorandom functions
type: conference
user_id: 8b945eb4-e2f2-11eb-945a-df72226e66a9
volume: 9015
year: '2015'
...
---
_id: '1648'
abstract:
- lang: eng
text: Generalized Selective Decryption (GSD), introduced by Panjwani [TCC’07], is
a game for a symmetric encryption scheme Enc that captures the difficulty of proving
adaptive security of certain protocols, most notably the Logical Key Hierarchy
(LKH) multicast encryption protocol. In the GSD game there are n keys k1,...,
kn, which the adversary may adaptively corrupt (learn); moreover, it can ask for
encryptions Encki (kj) of keys under other keys. The adversary’s task is to distinguish
keys (which it cannot trivially compute) from random. Proving the hardness of
GSD assuming only IND-CPA security of Enc is surprisingly hard. Using “complexity
leveraging” loses a factor exponential in n, which makes the proof practically
meaningless. We can think of the GSD game as building a graph on n vertices, where
we add an edge i → j when the adversary asks for an encryption of kj under ki.
If restricted to graphs of depth ℓ, Panjwani gave a reduction that loses only
a factor exponential in ℓ (not n). To date, this is the only non-trivial result
known for GSD. In this paper we give almost-polynomial reductions for large classes
of graphs. Most importantly, we prove the security of the GSD game restricted
to trees losing only a quasi-polynomial factor n3 log n+5. Trees are an important
special case capturing real-world protocols like the LKH protocol. Our new bound
improves upon Panjwani’s on some LKH variants proposed in the literature where
the underlying tree is not balanced. Our proof builds on ideas from the “nested
hybrids” technique recently introduced by Fuchsbauer et al. [Asiacrypt’14] for
proving the adaptive security of constrained PRFs.
alternative_title:
- LNCS
author:
- first_name: Georg
full_name: Fuchsbauer, Georg
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
- first_name: Zahra
full_name: Jafargholi, Zahra
last_name: Jafargholi
- first_name: Krzysztof Z
full_name: Pietrzak, Krzysztof Z
id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87
last_name: Pietrzak
orcid: 0000-0002-9139-1654
citation:
ama: 'Fuchsbauer G, Jafargholi Z, Pietrzak KZ. A quasipolynomial reduction for generalized
selective decryption on trees. In: Vol 9215. Springer; 2015:601-620. doi:10.1007/978-3-662-47989-6_29'
apa: 'Fuchsbauer, G., Jafargholi, Z., & Pietrzak, K. Z. (2015). A quasipolynomial
reduction for generalized selective decryption on trees (Vol. 9215, pp. 601–620).
Presented at the CRYPTO: International Cryptology Conference, Santa Barbara, CA,
USA: Springer. https://doi.org/10.1007/978-3-662-47989-6_29'
chicago: Fuchsbauer, Georg, Zahra Jafargholi, and Krzysztof Z Pietrzak. “A Quasipolynomial
Reduction for Generalized Selective Decryption on Trees,” 9215:601–20. Springer,
2015. https://doi.org/10.1007/978-3-662-47989-6_29.
ieee: 'G. Fuchsbauer, Z. Jafargholi, and K. Z. Pietrzak, “A quasipolynomial reduction
for generalized selective decryption on trees,” presented at the CRYPTO: International
Cryptology Conference, Santa Barbara, CA, USA, 2015, vol. 9215, pp. 601–620.'
ista: 'Fuchsbauer G, Jafargholi Z, Pietrzak KZ. 2015. A quasipolynomial reduction
for generalized selective decryption on trees. CRYPTO: International Cryptology
Conference, LNCS, vol. 9215, 601–620.'
mla: Fuchsbauer, Georg, et al. A Quasipolynomial Reduction for Generalized Selective
Decryption on Trees. Vol. 9215, Springer, 2015, pp. 601–20, doi:10.1007/978-3-662-47989-6_29.
short: G. Fuchsbauer, Z. Jafargholi, K.Z. Pietrzak, in:, Springer, 2015, pp. 601–620.
conference:
end_date: 2015-08-20
location: Santa Barbara, CA, USA
name: 'CRYPTO: International Cryptology Conference'
start_date: 2015-08-16
date_created: 2018-12-11T11:53:14Z
date_published: 2015-08-01T00:00:00Z
date_updated: 2021-01-12T06:52:14Z
day: '01'
ddc:
- '004'
department:
- _id: KrPi
doi: 10.1007/978-3-662-47989-6_29
ec_funded: 1
file:
- access_level: open_access
checksum: 99b76b3263d5082554d0a9cbdeca3a22
content_type: application/pdf
creator: system
date_created: 2018-12-12T10:13:31Z
date_updated: 2020-07-14T12:45:08Z
file_id: '5015'
file_name: IST-2016-674-v1+1_389.pdf
file_size: 505618
relation: main_file
file_date_updated: 2020-07-14T12:45:08Z
has_accepted_license: '1'
intvolume: ' 9215'
language:
- iso: eng
license: https://creativecommons.org/licenses/by/4.0/
month: '08'
oa: 1
oa_version: Submitted Version
page: 601 - 620
project:
- _id: 258C570E-B435-11E9-9278-68D0E5697425
call_identifier: FP7
grant_number: '259668'
name: Provable Security for Physical Cryptography
publication_status: published
publisher: Springer
publist_id: '5502'
pubrep_id: '674'
quality_controlled: '1'
scopus_import: 1
status: public
title: A quasipolynomial reduction for generalized selective decryption on trees
tmp:
image: /images/cc_by.png
legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode
name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0)
short: CC BY (4.0)
type: conference
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
volume: 9215
year: '2015'
...
---
_id: '1647'
abstract:
- lang: eng
text: Round-optimal blind signatures are notoriously hard to construct in the standard
model, especially in the malicious-signer model, where blindness must hold under
adversarially chosen keys. This is substantiated by several impossibility results.
The only construction that can be termed theoretically efficient, by Garg and
Gupta (Eurocrypt’14), requires complexity leveraging, inducing an exponential
security loss. We present a construction of practically efficient round-optimal
blind signatures in the standard model. It is conceptually simple and builds on
the recent structure-preserving signatures on equivalence classes (SPSEQ) from
Asiacrypt’14. While the traditional notion of blindness follows from standard
assumptions, we prove blindness under adversarially chosen keys under an interactive
variant of DDH. However, we neither require non-uniform assumptions nor complexity
leveraging. We then show how to extend our construction to partially blind signatures
and to blind signatures on message vectors, which yield a construction of one-show
anonymous credentials à la “anonymous credentials light” (CCS’13) in the standard
model. Furthermore, we give the first SPS-EQ construction under noninteractive
assumptions and show how SPS-EQ schemes imply conventional structure-preserving
signatures, which allows us to apply optimality results for the latter to SPS-EQ.
alternative_title:
- LNCS
article_processing_charge: No
author:
- first_name: Georg
full_name: Fuchsbauer, Georg
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
- first_name: Christian
full_name: Hanser, Christian
last_name: Hanser
- first_name: Daniel
full_name: Slamanig, Daniel
last_name: Slamanig
citation:
ama: 'Fuchsbauer G, Hanser C, Slamanig D. Practical round-optimal blind signatures
in the standard model. In: Vol 9216. Springer; 2015:233-253. doi:10.1007/978-3-662-48000-7_12'
apa: 'Fuchsbauer, G., Hanser, C., & Slamanig, D. (2015). Practical round-optimal
blind signatures in the standard model (Vol. 9216, pp. 233–253). Presented at
the CRYPTO: International Cryptology Conference, Santa Barbara, CA, United States:
Springer. https://doi.org/10.1007/978-3-662-48000-7_12'
chicago: Fuchsbauer, Georg, Christian Hanser, and Daniel Slamanig. “Practical Round-Optimal
Blind Signatures in the Standard Model,” 9216:233–53. Springer, 2015. https://doi.org/10.1007/978-3-662-48000-7_12.
ieee: 'G. Fuchsbauer, C. Hanser, and D. Slamanig, “Practical round-optimal blind
signatures in the standard model,” presented at the CRYPTO: International Cryptology
Conference, Santa Barbara, CA, United States, 2015, vol. 9216, pp. 233–253.'
ista: 'Fuchsbauer G, Hanser C, Slamanig D. 2015. Practical round-optimal blind signatures
in the standard model. CRYPTO: International Cryptology Conference, LNCS, vol.
9216, 233–253.'
mla: Fuchsbauer, Georg, et al. Practical Round-Optimal Blind Signatures in the
Standard Model. Vol. 9216, Springer, 2015, pp. 233–53, doi:10.1007/978-3-662-48000-7_12.
short: G. Fuchsbauer, C. Hanser, D. Slamanig, in:, Springer, 2015, pp. 233–253.
conference:
end_date: 2015-08-20
location: Santa Barbara, CA, United States
name: 'CRYPTO: International Cryptology Conference'
start_date: 2015-08-16
date_created: 2018-12-11T11:53:14Z
date_published: 2015-08-01T00:00:00Z
date_updated: 2023-02-21T16:44:51Z
day: '01'
department:
- _id: KrPi
doi: 10.1007/978-3-662-48000-7_12
ec_funded: 1
intvolume: ' 9216'
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://eprint.iacr.org/2015/626.pdf
month: '08'
oa: 1
oa_version: Submitted Version
page: 233 - 253
project:
- _id: 258C570E-B435-11E9-9278-68D0E5697425
call_identifier: FP7
grant_number: '259668'
name: Provable Security for Physical Cryptography
publication_status: published
publisher: Springer
publist_id: '5503'
quality_controlled: '1'
related_material:
record:
- id: '1225'
relation: later_version
status: public
scopus_import: 1
status: public
title: Practical round-optimal blind signatures in the standard model
type: conference
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
volume: 9216
year: '2015'
...
---
_id: '1651'
abstract:
- lang: eng
text: Cryptographic e-cash allows off-line electronic transactions between a bank,
users and merchants in a secure and anonymous fashion. A plethora of e-cash constructions
has been proposed in the literature; however, these traditional e-cash schemes
only allow coins to be transferred once between users and merchants. Ideally,
we would like users to be able to transfer coins between each other multiple times
before deposit, as happens with physical cash. “Transferable” e-cash schemes are
the solution to this problem. Unfortunately, the currently proposed schemes are
either completely impractical or do not achieve the desirable anonymity properties
without compromises, such as assuming the existence of a trusted “judge” who can
trace all coins and users in the system. This paper presents the first efficient
and fully anonymous transferable e-cash scheme without any trusted third parties.
We start by revising the security and anonymity properties of transferable e-cash
to capture issues that were previously overlooked. For our construction we use
the recently proposed malleable signatures by Chase et al. to allow the secure
and anonymous transfer of coins, combined with a new efficient double-spending
detection mechanism. Finally, we discuss an instantiation of our construction.
acknowledgement: Work done as an intern in Microsoft Research Redmond and as a student
at Brown University, where supported by NSF grant 0964379. Supported by the European
Research Council, ERC Starting Grant (259668-PSPC).
alternative_title:
- LNCS
article_processing_charge: No
author:
- first_name: Foteini
full_name: Baldimtsi, Foteini
last_name: Baldimtsi
- first_name: Melissa
full_name: Chase, Melissa
last_name: Chase
- first_name: Georg
full_name: Fuchsbauer, Georg
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
- first_name: Markulf
full_name: Kohlweiss, Markulf
last_name: Kohlweiss
citation:
ama: 'Baldimtsi F, Chase M, Fuchsbauer G, Kohlweiss M. Anonymous transferable e-cash.
In: Public-Key Cryptography - PKC 2015. Vol 9020. Springer; 2015:101-124.
doi:10.1007/978-3-662-46447-2_5'
apa: 'Baldimtsi, F., Chase, M., Fuchsbauer, G., & Kohlweiss, M. (2015). Anonymous
transferable e-cash. In Public-Key Cryptography - PKC 2015 (Vol. 9020,
pp. 101–124). Gaithersburg, MD, United States: Springer. https://doi.org/10.1007/978-3-662-46447-2_5'
chicago: Baldimtsi, Foteini, Melissa Chase, Georg Fuchsbauer, and Markulf Kohlweiss.
“Anonymous Transferable E-Cash.” In Public-Key Cryptography - PKC 2015,
9020:101–24. Springer, 2015. https://doi.org/10.1007/978-3-662-46447-2_5.
ieee: F. Baldimtsi, M. Chase, G. Fuchsbauer, and M. Kohlweiss, “Anonymous transferable
e-cash,” in Public-Key Cryptography - PKC 2015, Gaithersburg, MD, United
States, 2015, vol. 9020, pp. 101–124.
ista: 'Baldimtsi F, Chase M, Fuchsbauer G, Kohlweiss M. 2015. Anonymous transferable
e-cash. Public-Key Cryptography - PKC 2015. PKC: Public Key Crypography, LNCS,
vol. 9020, 101–124.'
mla: Baldimtsi, Foteini, et al. “Anonymous Transferable E-Cash.” Public-Key Cryptography
- PKC 2015, vol. 9020, Springer, 2015, pp. 101–24, doi:10.1007/978-3-662-46447-2_5.
short: F. Baldimtsi, M. Chase, G. Fuchsbauer, M. Kohlweiss, in:, Public-Key Cryptography
- PKC 2015, Springer, 2015, pp. 101–124.
conference:
end_date: 2015-04-01
location: Gaithersburg, MD, United States
name: 'PKC: Public Key Crypography'
start_date: 2015-03-30
date_created: 2018-12-11T11:53:15Z
date_published: 2015-03-17T00:00:00Z
date_updated: 2022-05-23T10:08:37Z
day: '17'
department:
- _id: KrPi
doi: 10.1007/978-3-662-46447-2_5
ec_funded: 1
intvolume: ' 9020'
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://doi.org/10.1007/978-3-662-46447-2_5
month: '03'
oa: 1
oa_version: Published Version
page: 101 - 124
project:
- _id: 258C570E-B435-11E9-9278-68D0E5697425
call_identifier: FP7
grant_number: '259668'
name: Provable Security for Physical Cryptography
publication: Public-Key Cryptography - PKC 2015
publication_identifier:
isbn:
- 978-3-662-46446-5
publication_status: published
publisher: Springer
publist_id: '5499'
quality_controlled: '1'
scopus_import: '1'
status: public
title: Anonymous transferable e-cash
type: conference
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
volume: 9020
year: '2015'
...
---
_id: '1643'
abstract:
- lang: eng
text: We extend the notion of verifiable random functions (VRF) to constrained VRFs,
which generalize the concept of constrained pseudorandom functions, put forward
by Boneh and Waters (Asiacrypt’13), and independently by Kiayias et al. (CCS’13)
and Boyle et al. (PKC’14), who call them delegatable PRFs and functional PRFs,
respectively. In a standard VRF the secret key sk allows one to evaluate a pseudorandom
function at any point of its domain; in addition, it enables computation of a
non-interactive proof that the function value was computed correctly. In a constrained
VRF from the key sk one can derive constrained keys skS for subsets S of the domain,
which allow computation of function values and proofs only at points in S. After
formally defining constrained VRFs, we derive instantiations from the multilinear-maps-based
constrained PRFs by Boneh and Waters, yielding a VRF with constrained keys for
any set that can be decided by a polynomial-size circuit. Our VRFs have the same
function values as the Boneh-Waters PRFs and are proved secure under the same
hardness assumption, showing that verifiability comes at no cost. Constrained
(functional) VRFs were stated as an open problem by Boyle et al.
alternative_title:
- LNCS
author:
- first_name: Georg
full_name: Fuchsbauer, Georg
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
citation:
ama: 'Fuchsbauer G. Constrained Verifiable Random Functions . In: Abdalla M, De
Prisco R, eds. SCN 2014. Vol 8642. Springer; 2014:95-114. doi:10.1007/978-3-319-10879-7_7'
apa: 'Fuchsbauer, G. (2014). Constrained Verifiable Random Functions . In M. Abdalla
& R. De Prisco (Eds.), SCN 2014 (Vol. 8642, pp. 95–114). Amalfi, Italy:
Springer. https://doi.org/10.1007/978-3-319-10879-7_7'
chicago: Fuchsbauer, Georg. “Constrained Verifiable Random Functions .” In SCN
2014, edited by Michel Abdalla and Roberto De Prisco, 8642:95–114. Springer,
2014. https://doi.org/10.1007/978-3-319-10879-7_7.
ieee: G. Fuchsbauer, “Constrained Verifiable Random Functions ,” in SCN 2014,
Amalfi, Italy, 2014, vol. 8642, pp. 95–114.
ista: 'Fuchsbauer G. 2014. Constrained Verifiable Random Functions . SCN 2014. SCN:
Security and Cryptography for Networks, LNCS, vol. 8642, 95–114.'
mla: Fuchsbauer, Georg. “Constrained Verifiable Random Functions .” SCN 2014,
edited by Michel Abdalla and Roberto De Prisco, vol. 8642, Springer, 2014, pp.
95–114, doi:10.1007/978-3-319-10879-7_7.
short: G. Fuchsbauer, in:, M. Abdalla, R. De Prisco (Eds.), SCN 2014, Springer,
2014, pp. 95–114.
conference:
end_date: 2014-09-05
location: Amalfi, Italy
name: 'SCN: Security and Cryptography for Networks'
start_date: 2014-09-03
date_created: 2018-12-11T11:53:13Z
date_published: 2014-01-01T00:00:00Z
date_updated: 2021-01-12T06:52:12Z
day: '01'
department:
- _id: KrPi
doi: 10.1007/978-3-319-10879-7_7
ec_funded: 1
editor:
- first_name: Michel
full_name: Abdalla, Michel
last_name: Abdalla
- first_name: Roberto
full_name: De Prisco, Roberto
last_name: De Prisco
intvolume: ' 8642'
language:
- iso: eng
main_file_link:
- open_access: '1'
url: http://eprint.iacr.org/2014/537
month: '01'
oa: 1
oa_version: Submitted Version
page: 95 - 114
project:
- _id: 258C570E-B435-11E9-9278-68D0E5697425
call_identifier: FP7
grant_number: '259668'
name: Provable Security for Physical Cryptography
publication: SCN 2014
publication_status: published
publisher: Springer
publist_id: '5509'
scopus_import: 1
status: public
title: 'Constrained Verifiable Random Functions '
type: conference
user_id: 4435EBFC-F248-11E8-B48F-1D18A9856A87
volume: 8642
year: '2014'
...
---
_id: '1927'
abstract:
- lang: eng
text: Constrained pseudorandom functions have recently been introduced independently
by Boneh and Waters (Asiacrypt’13), Kiayias et al. (CCS’13), and Boyle et al.
(PKC’14). In a standard pseudorandom function (PRF) a key k is used to evaluate
the PRF on all inputs in the domain. Constrained PRFs additionally offer the functionality
to delegate “constrained” keys kS which allow to evaluate the PRF only on a subset
S of the domain. The three above-mentioned papers all show that the classical
GGM construction (J.ACM’86) of a PRF from a pseudorandom generator (PRG) directly
yields a constrained PRF where one can compute constrained keys to evaluate the
PRF on all inputs with a given prefix. This constrained PRF has already found
many interesting applications. Unfortunately, the existing security proofs only
show selective security (by a reduction to the security of the underlying PRG).
To achieve full security, one has to use complexity leveraging, which loses an
exponential factor 2N in security, where N is the input length. The first contribution
of this paper is a new reduction that only loses a quasipolynomial factor qlog
N, where q is the number of adversarial queries. For this we develop a new proof
technique which constructs a distinguisher by interleaving simple guessing steps
and hybrid arguments a small number of times. This approach might be of interest
also in other contexts where currently the only technique to achieve full security
is complexity leveraging. Our second contribution is concerned with another constrained
PRF, due to Boneh and Waters, which allows for constrained keys for the more general
class of bit-fixing functions. Their security proof also suffers from a 2N loss,
which we show is inherent. We construct a meta-reduction which shows that any
“simple” reduction of full security from a noninteractive hardness assumption
must incur an exponential security loss.
acknowledgement: We are grateful to Mihir Bellare for his feedback on earlier versions
of this paper. We are indebted to Vanishree Rao for her generous assistance in preparing
this proceedings version.
author:
- first_name: Georg
full_name: Georg Fuchsbauer
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
- first_name: Momchil
full_name: Konstantinov, Momchil
last_name: Konstantinov
- first_name: Krzysztof Z
full_name: Krzysztof Pietrzak
id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87
last_name: Pietrzak
orcid: 0000-0002-9139-1654
- first_name: Vanishree
full_name: Rao, Vanishree
last_name: Rao
citation:
ama: 'Fuchsbauer G, Konstantinov M, Pietrzak KZ, Rao V. Adaptive security of constrained
PRFs. In: Vol 8874. Springer; 2014:173-192. doi:10.1145/2591796.2591825'
apa: Fuchsbauer, G., Konstantinov, M., Pietrzak, K. Z., & Rao, V. (2014). Adaptive
security of constrained PRFs (Vol. 8874, pp. 173–192). Presented at the Lecture
Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence
and Lecture Notes in Bioinformatics), Springer. https://doi.org/10.1145/2591796.2591825
chicago: Fuchsbauer, Georg, Momchil Konstantinov, Krzysztof Z Pietrzak, and Vanishree
Rao. “Adaptive Security of Constrained PRFs,” 8874:173–92. Springer, 2014. https://doi.org/10.1145/2591796.2591825.
ieee: G. Fuchsbauer, M. Konstantinov, K. Z. Pietrzak, and V. Rao, “Adaptive security
of constrained PRFs,” presented at the Lecture Notes in Computer Science (including
subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),
2014, vol. 8874, pp. 173–192.
ista: Fuchsbauer G, Konstantinov M, Pietrzak KZ, Rao V. 2014. Adaptive security
of constrained PRFs. Lecture Notes in Computer Science (including subseries Lecture
Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) vol. 8874,
173–192.
mla: Fuchsbauer, Georg, et al. Adaptive Security of Constrained PRFs. Vol.
8874, Springer, 2014, pp. 173–92, doi:10.1145/2591796.2591825.
short: G. Fuchsbauer, M. Konstantinov, K.Z. Pietrzak, V. Rao, in:, Springer, 2014,
pp. 173–192.
conference:
name: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial
Intelligence and Lecture Notes in Bioinformatics)
date_created: 2018-12-11T11:54:45Z
date_published: 2014-01-01T00:00:00Z
date_updated: 2021-01-12T06:54:08Z
day: '01'
doi: 10.1145/2591796.2591825
extern: 1
intvolume: ' 8874'
main_file_link:
- open_access: '1'
url: http://eprint.iacr.org/2014/416
month: '01'
oa: 1
page: 173 - 192
publication_status: published
publisher: Springer
publist_id: '5167'
quality_controlled: 0
status: public
title: Adaptive security of constrained PRFs
type: conference
volume: 8874
year: '2014'
...
---
_id: '2045'
abstract:
- lang: eng
text: 'We introduce and study a new notion of enhanced chosen-ciphertext security
(ECCA) for public-key encryption. Loosely speaking, in the ECCA security experiment,
the decryption oracle provided to the adversary is augmented to return not only
the output of the decryption algorithm on a queried ciphertext but also of a randomness-recovery
algorithm associated to the scheme. Our results mainly concern the case where
the randomness-recovery algorithm is efficient. We provide constructions of ECCA-secure
encryption from adaptive trapdoor functions as defined by Kiltz et al. (EUROCRYPT
2010), resulting in ECCA encryption from standard number-theoretic assumptions.
We then give two applications of ECCA-secure encryption: (1) We use it as a unifying
concept in showing equivalence of adaptive trapdoor functions and tag-based adaptive
trapdoor functions, resolving an open question of Kiltz et al. (2) We show that
ECCA-secure encryption can be used to securely realize an approach to public-key
encryption with non-interactive opening (PKENO) originally suggested by Damgård
and Thorbek (EUROCRYPT 2007), resulting in new and practical PKENO schemes quite
different from those in prior work. Our results demonstrate that ECCA security
is of both practical and theoretical interest.'
acknowledgement: The second author was supported by EPSRC grant EP/H043454/1.
alternative_title:
- LNCS
author:
- first_name: Dana
full_name: Dachman Soled, Dana
last_name: Dachman Soled
- first_name: Georg
full_name: Fuchsbauer, Georg
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
- first_name: Payman
full_name: Mohassel, Payman
last_name: Mohassel
- first_name: Adam
full_name: O’Neill, Adam
last_name: O’Neill
citation:
ama: 'Dachman Soled D, Fuchsbauer G, Mohassel P, O’Neill A. Enhanced chosen-ciphertext
security and applications. In: Krawczyk H, ed. Lecture Notes in Computer Science
(Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes
in Bioinformatics). Vol 8383. Springer; 2014:329-344. doi:10.1007/978-3-642-54631-0_19'
apa: 'Dachman Soled, D., Fuchsbauer, G., Mohassel, P., & O’Neill, A. (2014).
Enhanced chosen-ciphertext security and applications. In H. Krawczyk (Ed.), Lecture
Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence
and Lecture Notes in Bioinformatics) (Vol. 8383, pp. 329–344). Buenos Aires,
Argentina: Springer. https://doi.org/10.1007/978-3-642-54631-0_19'
chicago: Dachman Soled, Dana, Georg Fuchsbauer, Payman Mohassel, and Adam O’Neill.
“Enhanced Chosen-Ciphertext Security and Applications.” In Lecture Notes in
Computer Science (Including Subseries Lecture Notes in Artificial Intelligence
and Lecture Notes in Bioinformatics), edited by Hugo Krawczyk, 8383:329–44.
Springer, 2014. https://doi.org/10.1007/978-3-642-54631-0_19.
ieee: D. Dachman Soled, G. Fuchsbauer, P. Mohassel, and A. O’Neill, “Enhanced chosen-ciphertext
security and applications,” in Lecture Notes in Computer Science (including
subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),
Buenos Aires, Argentina, 2014, vol. 8383, pp. 329–344.
ista: 'Dachman Soled D, Fuchsbauer G, Mohassel P, O’Neill A. 2014. Enhanced chosen-ciphertext
security and applications. Lecture Notes in Computer Science (including subseries
Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics).
PKC: Public Key Crypography, LNCS, vol. 8383, 329–344.'
mla: Dachman Soled, Dana, et al. “Enhanced Chosen-Ciphertext Security and Applications.”
Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial
Intelligence and Lecture Notes in Bioinformatics), edited by Hugo Krawczyk,
vol. 8383, Springer, 2014, pp. 329–44, doi:10.1007/978-3-642-54631-0_19.
short: D. Dachman Soled, G. Fuchsbauer, P. Mohassel, A. O’Neill, in:, H. Krawczyk
(Ed.), Lecture Notes in Computer Science (Including Subseries Lecture Notes in
Artificial Intelligence and Lecture Notes in Bioinformatics), Springer, 2014,
pp. 329–344.
conference:
end_date: 2014-03-28
location: Buenos Aires, Argentina
name: 'PKC: Public Key Crypography'
start_date: 2014-03-26
date_created: 2018-12-11T11:55:24Z
date_published: 2014-01-01T00:00:00Z
date_updated: 2021-01-12T06:54:57Z
day: '01'
department:
- _id: KrPi
doi: 10.1007/978-3-642-54631-0_19
ec_funded: 1
editor:
- first_name: Hugo
full_name: Krawczyk, Hugo
last_name: Krawczyk
intvolume: ' 8383'
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://eprint.iacr.org/2012/543
month: '01'
oa: 1
oa_version: Submitted Version
page: 329 - 344
project:
- _id: 258C570E-B435-11E9-9278-68D0E5697425
call_identifier: FP7
grant_number: '259668'
name: Provable Security for Physical Cryptography
publication: Lecture Notes in Computer Science (including subseries Lecture Notes
in Artificial Intelligence and Lecture Notes in Bioinformatics)
publication_status: published
publisher: Springer
publist_id: '5006'
quality_controlled: '1'
scopus_import: 1
status: public
title: Enhanced chosen-ciphertext security and applications
type: conference
user_id: 4435EBFC-F248-11E8-B48F-1D18A9856A87
volume: 8383
year: '2014'
...
---
_id: '2046'
abstract:
- lang: eng
text: 'We introduce policy-based signatures (PBS), where a signer can only sign
messages conforming to some authority-specified policy. The main requirements
are unforgeability and privacy, the latter meaning that signatures not reveal
the policy. PBS offers value along two fronts: (1) On the practical side, they
allow a corporation to control what messages its employees can sign under the
corporate key. (2) On the theoretical side, they unify existing work, capturing
other forms of signatures as special cases or allowing them to be easily built.
Our work focuses on definitions of PBS, proofs that this challenging primitive
is realizable for arbitrary policies, efficient constructions for specific policies,
and a few representative applications.'
acknowledgement: Part of his work was done while at Bristol University, supported
by EPSRC grant EP/H043454/1.
alternative_title:
- LNCS
author:
- first_name: Mihir
full_name: Bellare, Mihir
last_name: Bellare
- first_name: Georg
full_name: Fuchsbauer, Georg
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
citation:
ama: 'Bellare M, Fuchsbauer G. Policy-based signatures. In: Krawczyk H, ed. Lecture
Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence
and Lecture Notes in Bioinformatics). Vol 8383. Springer; 2014:520-537. doi:10.1007/978-3-642-54631-0_30'
apa: 'Bellare, M., & Fuchsbauer, G. (2014). Policy-based signatures. In H. Krawczyk
(Ed.), Lecture Notes in Computer Science (including subseries Lecture Notes
in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8383,
pp. 520–537). Buenos Aires, Argentina: Springer. https://doi.org/10.1007/978-3-642-54631-0_30'
chicago: Bellare, Mihir, and Georg Fuchsbauer. “Policy-Based Signatures.” In Lecture
Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence
and Lecture Notes in Bioinformatics), edited by Hugo Krawczyk, 8383:520–37.
Springer, 2014. https://doi.org/10.1007/978-3-642-54631-0_30.
ieee: M. Bellare and G. Fuchsbauer, “Policy-based signatures,” in Lecture Notes
in Computer Science (including subseries Lecture Notes in Artificial Intelligence
and Lecture Notes in Bioinformatics), Buenos Aires, Argentina, 2014, vol.
8383, pp. 520–537.
ista: 'Bellare M, Fuchsbauer G. 2014. Policy-based signatures. Lecture Notes in
Computer Science (including subseries Lecture Notes in Artificial Intelligence
and Lecture Notes in Bioinformatics). PKC: Public Key Crypography, LNCS, vol.
8383, 520–537.'
mla: Bellare, Mihir, and Georg Fuchsbauer. “Policy-Based Signatures.” Lecture
Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence
and Lecture Notes in Bioinformatics), edited by Hugo Krawczyk, vol. 8383,
Springer, 2014, pp. 520–37, doi:10.1007/978-3-642-54631-0_30.
short: M. Bellare, G. Fuchsbauer, in:, H. Krawczyk (Ed.), Lecture Notes in Computer
Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture
Notes in Bioinformatics), Springer, 2014, pp. 520–537.
conference:
end_date: 2014-05-28
location: Buenos Aires, Argentina
name: 'PKC: Public Key Crypography'
start_date: 2014-05-26
date_created: 2018-12-11T11:55:24Z
date_published: 2014-01-01T00:00:00Z
date_updated: 2021-01-12T06:54:57Z
day: '01'
department:
- _id: KrPi
doi: 10.1007/978-3-642-54631-0_30
ec_funded: 1
editor:
- first_name: Hugo
full_name: Krawczyk, Hugo
last_name: Krawczyk
intvolume: ' 8383'
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://eprint.iacr.org/2013/413
month: '01'
oa: 1
oa_version: Submitted Version
page: 520 - 537
project:
- _id: 258C570E-B435-11E9-9278-68D0E5697425
call_identifier: FP7
grant_number: '259668'
name: Provable Security for Physical Cryptography
publication: Lecture Notes in Computer Science (including subseries Lecture Notes
in Artificial Intelligence and Lecture Notes in Bioinformatics)
publication_status: published
publisher: Springer
publist_id: '5005'
quality_controlled: '1'
scopus_import: 1
status: public
title: Policy-based signatures
type: conference
user_id: 4435EBFC-F248-11E8-B48F-1D18A9856A87
volume: 8383
year: '2014'
...
---
_id: '2260'
abstract:
- lang: eng
text: "Direct Anonymous Attestation (DAA) is one of the most complex cryptographic
protocols deployed in practice. It allows an embedded secure processor known as
a Trusted Platform Module (TPM) to attest to the configuration of its host computer
without violating the owner’s privacy. DAA has been standardized by the Trusted
Computing Group and ISO/IEC.\r\n\r\nThe security of the DAA standard and all existing
schemes is analyzed in the random-oracle model. We provide the first constructions
of DAA in the standard model, that is, without relying on random oracles. Our
constructions use new building blocks, including the first efficient signatures
of knowledge in the standard model, which have many applications beyond DAA.\r\n"
alternative_title:
- LNCS
author:
- first_name: David
full_name: Bernhard, David
last_name: Bernhard
- first_name: Georg
full_name: Fuchsbauer, Georg
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
- first_name: Essam
full_name: Ghadafi, Essam
last_name: Ghadafi
citation:
ama: Bernhard D, Fuchsbauer G, Ghadafi E. Efficient signatures of knowledge and
DAA in the standard model. 2013;7954:518-533. doi:10.1007/978-3-642-38980-1_33
apa: 'Bernhard, D., Fuchsbauer, G., & Ghadafi, E. (2013). Efficient signatures
of knowledge and DAA in the standard model. Presented at the ACNS: Applied Cryptography
and Network Security, Banff, AB, Canada: Springer. https://doi.org/10.1007/978-3-642-38980-1_33'
chicago: Bernhard, David, Georg Fuchsbauer, and Essam Ghadafi. “Efficient Signatures
of Knowledge and DAA in the Standard Model.” Lecture Notes in Computer Science.
Springer, 2013. https://doi.org/10.1007/978-3-642-38980-1_33.
ieee: D. Bernhard, G. Fuchsbauer, and E. Ghadafi, “Efficient signatures of knowledge
and DAA in the standard model,” vol. 7954. Springer, pp. 518–533, 2013.
ista: Bernhard D, Fuchsbauer G, Ghadafi E. 2013. Efficient signatures of knowledge
and DAA in the standard model. 7954, 518–533.
mla: Bernhard, David, et al. Efficient Signatures of Knowledge and DAA in the
Standard Model. Vol. 7954, Springer, 2013, pp. 518–33, doi:10.1007/978-3-642-38980-1_33.
short: D. Bernhard, G. Fuchsbauer, E. Ghadafi, 7954 (2013) 518–533.
conference:
end_date: 2013-06-28
location: Banff, AB, Canada
name: 'ACNS: Applied Cryptography and Network Security'
start_date: 2013-06-25
date_created: 2018-12-11T11:56:37Z
date_published: 2013-06-01T00:00:00Z
date_updated: 2020-08-11T10:09:44Z
day: '01'
department:
- _id: KrPi
doi: 10.1007/978-3-642-38980-1_33
intvolume: ' 7954'
language:
- iso: eng
main_file_link:
- open_access: '1'
url: http://eprint.iacr.org/2012/475
month: '06'
oa: 1
oa_version: Submitted Version
page: 518 - 533
publication_status: published
publisher: Springer
publist_id: '4686'
quality_controlled: '1'
scopus_import: 1
series_title: Lecture Notes in Computer Science
status: public
title: Efficient signatures of knowledge and DAA in the standard model
type: conference
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
volume: 7954
year: '2013'
...
---
_id: '2291'
abstract:
- lang: eng
text: "Cryptographic access control promises to offer easily distributed trust and
broader applicability, while reducing reliance on low-level online monitors. Traditional
implementations of cryptographic access control rely on simple cryptographic primitives
whereas recent endeavors employ primitives with richer functionality and security
guarantees. Worryingly, few of the existing cryptographic access-control schemes
come with precise guarantees, the gap between the policy specification and the
implementation being analyzed only informally, if at all. In this paper we begin
addressing this shortcoming. Unlike prior work that targeted ad-hoc policy specification,
we look at the well-established Role-Based Access Control (RBAC) model, as used
in a typical file system. In short, we provide a precise syntax for a computational
version of RBAC, offer rigorous definitions for cryptographic policy enforcement
of a large class of RBAC security policies, and demonstrate that an implementation
based on attribute-based encryption meets our security notions. We view our main
contribution as being at the conceptual level. Although we work with RBAC for
concreteness, our general methodology could guide future research for uses of
cryptography in other access-control models. \r\n"
author:
- first_name: Anna
full_name: Ferrara, Anna
last_name: Ferrara
- first_name: Georg
full_name: Fuchsbauer, Georg
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
- first_name: Bogdan
full_name: Warinschi, Bogdan
last_name: Warinschi
citation:
ama: 'Ferrara A, Fuchsbauer G, Warinschi B. Cryptographically enforced RBAC. In:
IEEE; 2013:115-129. doi:10.1109/CSF.2013.15'
apa: 'Ferrara, A., Fuchsbauer, G., & Warinschi, B. (2013). Cryptographically
enforced RBAC (pp. 115–129). Presented at the CSF: Computer Security Foundations,
New Orleans, LA, United States: IEEE. https://doi.org/10.1109/CSF.2013.15'
chicago: Ferrara, Anna, Georg Fuchsbauer, and Bogdan Warinschi. “Cryptographically
Enforced RBAC,” 115–29. IEEE, 2013. https://doi.org/10.1109/CSF.2013.15.
ieee: 'A. Ferrara, G. Fuchsbauer, and B. Warinschi, “Cryptographically enforced
RBAC,” presented at the CSF: Computer Security Foundations, New Orleans, LA, United
States, 2013, pp. 115–129.'
ista: 'Ferrara A, Fuchsbauer G, Warinschi B. 2013. Cryptographically enforced RBAC.
CSF: Computer Security Foundations, 115–129.'
mla: Ferrara, Anna, et al. Cryptographically Enforced RBAC. IEEE, 2013, pp.
115–29, doi:10.1109/CSF.2013.15.
short: A. Ferrara, G. Fuchsbauer, B. Warinschi, in:, IEEE, 2013, pp. 115–129.
conference:
end_date: 2013-09-28
location: New Orleans, LA, United States
name: 'CSF: Computer Security Foundations'
start_date: 2013-09-26
date_created: 2018-12-11T11:56:48Z
date_published: 2013-09-01T00:00:00Z
date_updated: 2021-01-12T06:56:34Z
day: '01'
department:
- _id: KrPi
doi: 10.1109/CSF.2013.15
language:
- iso: eng
main_file_link:
- open_access: '1'
url: http://eprint.iacr.org/2013/492
month: '09'
oa: 1
oa_version: Submitted Version
page: 115 - 129
publication_status: published
publisher: IEEE
publist_id: '4637'
quality_controlled: '1'
scopus_import: 1
status: public
title: Cryptographically enforced RBAC
type: conference
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
year: '2013'
...
---
_id: '502'
abstract:
- lang: eng
text: 'Blind signatures allow users to obtain signatures on messages hidden from
the signer; moreover, the signer cannot link the resulting message/signature pair
to the signing session. This paper presents blind signature schemes, in which
the number of interactions between the user and the signer is minimal and whose
blind signatures are short. Our schemes are defined over bilinear groups and are
proved secure in the common-reference-string model without random oracles and
under standard assumptions: CDH and the decision-linear assumption. (We also give
variants over asymmetric groups based on similar assumptions.) The blind signatures
are Waters signatures, which consist of 2 group elements. Moreover, we instantiate
partially blind signatures, where the message consists of a part hidden from the
signer and a commonly known public part, and schemes achieving perfect blindness.
We propose new variants of blind signatures, such as signer-friendly partially
blind signatures, where the public part can be chosen by the signer without prior
agreement, 3-party blind signatures, as well as blind signatures on multiple aggregated
messages provided by independent sources. We also extend Waters signatures to
non-binary alphabets by proving a new result on the underlying hash function. '
author:
- first_name: Olivier
full_name: Blazy, Olivier
last_name: Blazy
- first_name: Georg
full_name: Fuchsbauer, Georg
id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87
last_name: Fuchsbauer
- first_name: David
full_name: Pointcheval, David
last_name: Pointcheval
- first_name: Damien
full_name: Vergnaud, Damien
last_name: Vergnaud
citation:
ama: Blazy O, Fuchsbauer G, Pointcheval D, Vergnaud D. Short blind signatures. Journal
of Computer Security. 2013;21(5):627-661. doi:10.3233/JCS-130477
apa: Blazy, O., Fuchsbauer, G., Pointcheval, D., & Vergnaud, D. (2013). Short
blind signatures. Journal of Computer Security. IOS Press. https://doi.org/10.3233/JCS-130477
chicago: Blazy, Olivier, Georg Fuchsbauer, David Pointcheval, and Damien Vergnaud.
“Short Blind Signatures.” Journal of Computer Security. IOS Press, 2013.
https://doi.org/10.3233/JCS-130477.
ieee: O. Blazy, G. Fuchsbauer, D. Pointcheval, and D. Vergnaud, “Short blind signatures,”
Journal of Computer Security, vol. 21, no. 5. IOS Press, pp. 627–661, 2013.
ista: Blazy O, Fuchsbauer G, Pointcheval D, Vergnaud D. 2013. Short blind signatures.
Journal of Computer Security. 21(5), 627–661.
mla: Blazy, Olivier, et al. “Short Blind Signatures.” Journal of Computer Security,
vol. 21, no. 5, IOS Press, 2013, pp. 627–61, doi:10.3233/JCS-130477.
short: O. Blazy, G. Fuchsbauer, D. Pointcheval, D. Vergnaud, Journal of Computer
Security 21 (2013) 627–661.
date_created: 2018-12-11T11:46:50Z
date_published: 2013-11-22T00:00:00Z
date_updated: 2021-01-12T08:01:09Z
day: '22'
department:
- _id: KrPi
doi: 10.3233/JCS-130477
intvolume: ' 21'
issue: '5'
language:
- iso: eng
month: '11'
oa_version: None
page: 627 - 661
publication: Journal of Computer Security
publication_status: published
publisher: IOS Press
publist_id: '7318'
quality_controlled: '1'
scopus_import: 1
status: public
title: Short blind signatures
type: journal_article
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
volume: 21
year: '2013'
...