#### Filter Results:

#### Publication Year

2000

2016

#### Publication Type

#### Co-author

#### Publication Venue

#### Key Phrases

Learn More

In a ciphertext policy attribute based encryption system, a user's private key is associated with a set of attributes (describing the user) and an encrypted ciphertext will specify an access policy over attributes. A user will be able to decrypt if and only if his attributes satisfy the ciphertext's policy. In this work, we present the first construction of… (More)

Fully homomorphic encryption (FHE) enables secure computation over the encrypted data of a single party. We explore how to extend this to multiple parties, using threshold fully homo-morphic encryption (TFHE). In such scheme, the parties jointly generate a common FHE public key along with a secret key that is shared among them; they can later cooperatively… (More)

- Shafi Goldwasser, S. Dov Gordon, Vipul Goyal, Abhishek Jain, Jonathan Katz, Feng-Hao Liu +3 others
- EUROCRYPT
- 2013

Functional encryption (FE) is a powerful primitive enabling fine-grained access to encrypted data. In an FE scheme, secret keys (" tokens ") correspond to functions; a user in possession of a ciphertext ct = Enc(x) and a token TK f for the function f can compute f (x) but learn nothing else about x. An active area of research over the past few years has… (More)

We construct efficient authentication protocols and message authentication codes (MACs) whose security can be reduced to the learning parity with noise (LPN) problem. Despite a large body of work—starting with the $${\mathsf {HB}}$$ HB protocol of Hopper and Blum in 2001—until now it was not even known how to construct an efficient authentication protocol… (More)

We show a hardness-preserving construction of a PRF from any length doubling PRG which improves upon known constructions whenever we can put a non-trivial upper bound q on the number of queries to the PRF. Our construction requires only O(log q) invocations to the underlying PRG with each query. In comparison, the number of invocations by the best previous… (More)

Until recently, the design of packet dropping adversary identification protocols that are robust to <i>both</i> benign packet loss <i>and</i> malicious behavior has proven to be surprisingly elusive. In this paper, we propose a <i>secure</i> and <i>practical</i> packet-dropping adversary localization scheme that is robust and achieves a high detection rate… (More)

In this work, we present the first definitions and constructions for functional encryption supporting randomized functionalities. The setting of randomized functionalities require us to revisit functional encryption definitions by, for the first time, explicitly adding security requirements for dishonest encryptors, to ensure that they cannot improperly… (More)

We construct a perfectly binding string commitment scheme whose security is based on the learning parity with noise (LPN) assumption , or equivalently, the hardness of decoding random linear codes. Our scheme not only allows for a simple and efficient zero-knowledge proof of knowledge for committed values (essentially a Σ-protocol), but also for such proofs… (More)

If a cryptographic primitive remains secure even if bits about the secret key are leaked to the adversary, one would expect that at least one of n independent instantiations of the scheme remains secure given n· bits of leakage. This intuition has been proven true for schemes satisfying some special information-theoretic properties by Alwen et al.… (More)

This work attempts to clarify to what extent simulation-based security (SIM-security) is achievable for functional encryption (FE) and its relation to the weaker indistinguishability-based security (IND-security). Our main result is a compiler that transforms any FE scheme for the general circuit functionality (which we denote by Circuit-FE) meeting… (More)