Cryptographic protocol design in a two-party setting has often ignored the possibility of simulta... more Cryptographic protocol design in a two-party setting has often ignored the possibility of simultaneous message transmission by each of the two parties (i.e., using a duplex channel). In particular, most protocols for two-party key exchange have been designed assuming that parties alternate sending their messages (i.e., assuming a bidirectional half-duplex channel). However, by taking advantage of the communication characteristics of
A central focus of modern cryptography is the construction of ecien t, \high-level" cryptogr... more A central focus of modern cryptography is the construction of ecien t, \high-level" cryptographic tools (e.g., encryption schemes) from weaker, \low-level" cryptographic primitives (e.g., one-way functions). Of interest are both the existence of such construc- tions, and also their eciency . Here, we show essentially-tight lower bounds on the best possible eciency that can be achieved by any black-box construction
Proceedings of the thirty-fifth ACM symposium on Theory of computing - STOC '03, 2003
... Rosario Gennaro IBM TJ Watson Research Center Yorktown Heights, NY rosario@watson.ibm. com ..... more ... Rosario Gennaro IBM TJ Watson Research Center Yorktown Heights, NY rosario@watson.ibm. com ... To summa-rize, PRGs making “few” black-box oracle queries exist only if PRGs exist unconditionally (ie, without making any ora-cle calls) something we do not currently know ...
We describe efficient protocols for non-malleable (interac- tive) proofs of plaintext knowledge f... more We describe efficient protocols for non-malleable (interac- tive) proofs of plaintext knowledge for the RSA, Rabin, Paillier, and El Gamal encryption schemes. We also highlight some important applica- tions of these protocols: - Chosen-ciphertext-secure, interactive encryption. In settings where both parties are on-line, an interactive encryption protocol may be used. We construct chosen-ciphertext-secure interactive encryption schemes based on any of
Cryptographic protocol design in a two-party setting has often ignored the possibility of simulta... more Cryptographic protocol design in a two-party setting has often ignored the possibility of simultaneous message transmission by each of the two parties (i.e., using a duplex channel). In particular, most protocols for two-party key exchange have been designed assuming that parties alternate sending their messages (i.e., assuming a bidirectional half-duplex channel). However, by taking advantage of the communication characteristics of
A central focus of modern cryptography is the construction of ecien t, \high-level" cryptogr... more A central focus of modern cryptography is the construction of ecien t, \high-level" cryptographic tools (e.g., encryption schemes) from weaker, \low-level" cryptographic primitives (e.g., one-way functions). Of interest are both the existence of such construc- tions, and also their eciency . Here, we show essentially-tight lower bounds on the best possible eciency that can be achieved by any black-box construction
Proceedings of the thirty-fifth ACM symposium on Theory of computing - STOC '03, 2003
... Rosario Gennaro IBM TJ Watson Research Center Yorktown Heights, NY rosario@watson.ibm. com ..... more ... Rosario Gennaro IBM TJ Watson Research Center Yorktown Heights, NY rosario@watson.ibm. com ... To summa-rize, PRGs making “few” black-box oracle queries exist only if PRGs exist unconditionally (ie, without making any ora-cle calls) something we do not currently know ...
We describe efficient protocols for non-malleable (interac- tive) proofs of plaintext knowledge f... more We describe efficient protocols for non-malleable (interac- tive) proofs of plaintext knowledge for the RSA, Rabin, Paillier, and El Gamal encryption schemes. We also highlight some important applica- tions of these protocols: - Chosen-ciphertext-secure, interactive encryption. In settings where both parties are on-line, an interactive encryption protocol may be used. We construct chosen-ciphertext-secure interactive encryption schemes based on any of
Uploads
Papers by Jonathan Katz