-
Chapter and Conference Paper
Crowdsourced Bayesian Auctions
We investigate the problem of optimal mechanism design, where an auctioneer wants to sell a set of goods to buyers, in order to maximize revenue. In a Bayesian setting the buyers’ valuations for the goods are ...
-
Chapter and Conference Paper
Purely Rational Secret Sharing (Extended Abstract)
Rational secret sharing is a problem at the intersection of cryptography and game theory. In essence, a dealer wishes to engineer a communication game that, when rationally played, guarantees that each of the ...
-
Chapter and Conference Paper
Verifiably Secure Devices
We put forward the notion of a verifiably secure device, in essence a stronger notion of secure computation, and achieve it in the ballot-box model. Verifiably secure devices
-
Chapter and Conference Paper
Online-Untransferable Signatures
Non-transferability of digital signatures is an important security concern, traditionally achieved via interactive verification protocols. Such protocols, however, are vulnerable to “online transfer attacks” —...
-
Chapter and Conference Paper
Independent Zero-Knowledge Sets
We define and construct Independent Zero-Knowledge Sets (ZKS) protocols. In a ZKS protocols, a Prover commits to a set S, and for any x, proves non-interactively to a Verifier if x ∈S or x ∉S without revealing an...
-
Chapter and Conference Paper
Fair-Zero Knowledge
We introduce Fair Zero-Knowledge, a multi-verifier ZK system where every proof is guaranteed to be “zero-knowledge for all verifiers.” That is, if an honest verifier accepts a fair zero-knowledge proof, then he i...
-
Chapter and Conference Paper
Optimal Error Correction Against Computationally Bounded Noise
For computationally bounded adversarial models of error, we construct appealingly simple, efficient, cryptographic encoding and unique decoding schemes whose error-correction capability is much greater than cl...
-
Chapter and Conference Paper
Algorithmic Tamper-Proof (ATP) Security: Theoretical Foundations for Security against Hardware Tampering
Traditionally, secure cryptographic algorithms provide security against an adversary who has only black-box access to the secret information of honest parties. However, such models are not always adequate. In par...
-
Chapter and Conference Paper
Sequential Aggregate Signatures from Trapdoor Permutations
An aggregate signature scheme (recently proposed by Boneh, Gentry, Lynn, and Shacham) is a method for combining n signatures from n different signers on n different messages into one signature of unit length. We ...
-
Chapter and Conference Paper
Physically Observable Cryptography
Complexity-theoretic cryptography considers only abstract notions of computation, and hence cannot protect against attacks that exploit the information leakage (via electromagnetic fields, power consumption, e...
-
Chapter and Conference Paper
Fractal Merkle Tree Representation and Traversal
We introduce a technique for traversal of Merkle trees, and propose an efficient algorithm that generates a sequence of leaves along with their associated authentication paths. For one choice of parameters, an...
-
Chapter and Conference Paper
Plaintext Awareness via Key Registration
In this paper, we reconsider the notion of plaintext awareness. We present a new model for plaintext-aware encryption that is both natural and useful. We achieve plaintext-aware encryption without random oracl...
-
Article
Improving the exact security of digital signature schemes
We put forward a new method of constructing Fiat-Shamir-like signature schemes that yields better “exact security” than the original Fiat-Shamir method. (We also point out, however, that such tight security do...
-
Chapter and Conference Paper
Transitive Signature Schemes
We introduce and provide the first example of a transitive digital signature scheme. Informally, this is a way to digitally sign vertices and edges of a dynamically growing, transitively closed, graph G so as to ...
-
Chapter and Conference Paper
Amortized E-Cash
We present an e-cash scheme which provides a trade-off between anonymity and efficiency, by amortizing the cost of zero-knowledge and signature computation in the cash generation phase.
-
Chapter and Conference Paper
Micropayments Revisited
We present new micropayment schemes that are more efficient and user friendly than previous ones.
-
Chapter and Conference Paper
Identification Protocols Secure against Reset Attacks
We provide identification protocols that are secure even when the adversary can reset the internal state and/or randomization source of the user identifying itself, and when executed in an asynchronous environ...
-
Chapter and Conference Paper
Soundness in the Public-Key Model
The public-key model for interactive proofs has proved to be quite effective in improving protocol efficiency [CGGM00]. We argue, however, that its soundness notion is more subtle and complex than in the classica...
-
Chapter and Conference Paper
Mutually Independent Commitments
We study the two-party commitment problem, where two players have secret values they wish to commit to each other. Traditional commitment schemes cannot be used here because they do not guarantee independence ...
-
Chapter and Conference Paper
Min-round Resettable Zero-Knowledge in the Public-Key Model
In STOC 2000, Canetti, Goldreich, Goldwasser, and Micali put forward the strongest notion of zero-knowledge to date, resettable zero-knowledge (RZK) and implemented it in constant rounds in a new model, where the...
