[PDF] Top 20 Las NTICS y los proyectos grupales: trabajo colaborativo de docentes y estudiantes

... In the context of threshold cryptography, adaptive security has been addressed in a large body of work [20,31,44,48,1,6]. These techniques, however, require interaction (except in some cases in which all players always ... See full document

... need distributed decryption to implement our MPC ...UC secure multiparty computation protocol for the common reference string model to implement the above ...the distributed decryption and its ... See full document

... constrained PRFs with polynomial time reductions ...security from indistinguishability obfuscation for a special type of constrained PRFs called puncturable ...queries adaptively, before ... See full document

... t-puncturable PRFs have numerous cryptographic ...ness from indistinguishability obfuscation may be useful ...an adaptively-secure constrained PRF in the standard ... See full document

... Nas50] from game theory, in order to take any symmetric, adaptively secure protocol and convert it to a new protocol which is strongly adaptively ...of distributed multiparty ... See full document

... the LWE modulus p was achieved by a different BPR variant due to D¨ottling and Schr¨oder in [DS15], via a technique called on-the-fly adap- ...tightly secure PRFs, but it also makes schemes easier to ... See full document

... fully adaptively secure MPC that re- quires only sublinear communication ...techniques from the recent work on Laconic Function Evaluation (LFE) [85] (that can be instantiated under a natural variant ... See full document

... round distributed PRFs, and they can be the basis of a symmetric-key proxy re-encryption ...homomorphic PRFs were only proven secure in the random oracle ...provably secure key ... See full document

... Why subgroup-hiding needed? One may wonder why we need the subgroup hiding assumption as an extra assumption though we rely on IO, which is already a significantly strong assumption. We give two reasons for this below. ... See full document

... Our final MAC constructions are from signature schemes. Recall, any signature scheme trivially gives a MAC which “unnecessarily” supports public verification. This suggests that such construc- tions might be ... See full document

... In our main construction we will use as a building block adaptively secure one-bounded secure functional encryption schemes. These are functional encryption schemes in which the attacker is allowed ... See full document

... be adaptively corrupted during the course of the entire protocol execution [BH92] and, in particular, the adversary can determine which parties to corrupt based on what messages have been sent in the protocol thus ... See full document

... simulation-based adaptively strongly partially-hiding PE (PHPE) scheme for predicates computing arithmetic branching programs (ABP) on public attributes, followed by an inner-product predicate on private ...proven ... See full document

... However, we are still left with the third issue, namely that in order to use iO, we need to ensure that secret keys for users in S ∗ do not even exist (since such keys correspond to inputs that can decrypt the ... See full document

... Why Garbled RAM fails? To garble the step circuits and the database D, we could hope to use ideas from the garbled RAM literature [LO13, GHL + 14, GLOS15, GLO15]. 5 This would have given us a garbling scheme based ... See full document

... inputs.) From the earliest works on adaptive security [BH92] with erasures, it has been a major design goal to reduce the amount of erasures ...(even from backup facilities, as backup facilities could also ... See full document

... inspired from the key-homomorphic functional encryption scheme for circuits of [BGG + 14]: indeed key generation in functional encryption can generically be used as a signature that will inherit the se- curity of ... See full document

... We show that, in some circumstances, one can upgrade an RKA-wPRF into distinct non- adaptive RKA PRF (dna-RKA), which in turn can be upgraded to non-adaptive RKA security. In more detail, our first transformation maps an ... See full document

... Abstract. We construct a lattice-based predicate encryption scheme for multi-dimensional range and multi- dimensional subset queries. Our scheme is selectively secure and weakly attribute-hiding, and its security ... See full document

... SKFE from a garbling scheme in Section ...an adaptively indistinguishable garbling scheme with online communication complexity 2n + poly(log |C|, λ) and online computational complexity O(n) + poly(log |C|, ... See full document