Learn More
We give direct constructions of pseudorandom function (PRF) families based on conjectured hard lattice problems and learning problems. Our constructions are asymptotically efficient and highly parallelizable in a practical sense, i.e., they can be computed by simple, relatively small low-depth arithmetic or boolean circuits (e.g., in NC or even TC). In(More)
We show that every language in NP has a (black-box) concurrent zero-knowledge proof system using Õ(log n) rounds of interaction. The number of rounds in our protocol is optimal, in the sense that any language outside BPP requires at least Ω̃(log n) rounds of interaction in order to be proved in black-box concurrent zero-knowledge. The zeroknowledge property(More)
We propose SWIFFT, a collection of compression functions that are highly parallelizable and admit very efficient implementations on modern microprocessors. The main technique underlying our functions is a novel use of the Fast Fourier Transform (FFT) to achieve “diffusion,” together with a linear combination to achieve compression and “confusion.” We(More)
We present the first constant-round protocol for Oblivious Transfer in Maurer's bounded storage model. In this model, a long random string R is initially transmitted and each of the parties stores only a small portion of R. Even though the portions stored by the honest parties are small, security is guaranteed against any malicious party that remembers(More)
By allowing routers to randomly mix the information content in packets before forwarding them, network coding can maximize network throughput in a distributed manner with low complexity. However, such mixing also renders the transmission vulnerable to pollution attacks, where a malicious node injects corrupted packets into the information flow. In a worst(More)
We initiate the study of one-wayness under correlated products. We are interested in identifying necessary and sufficient conditions for a function f and a distribution on inputs (x1, . . . , xk), so that the function (f(x1), . . . , f(xk)) is one-way. The main motivation of this study is the construction of public-key encryption schemes that are secure(More)
We present a non-malleable commitment scheme that retains its security properties even when concurrently executed a polynomial number of times. That is, a man-in-the-middle adversary who is simultaneously participating in multiple concurrent commitment phases of our scheme, both as a sender and as a receiver cannot make the values he commits to depend on(More)
We propose new and improved instantiations of lossy trapdoor functions (Peikert and Waters in STOC’08, pp. 187–196, 2008), and correlation-secure trapdoor functions (Rosen and Segev in TCC’09, LNCS, vol. 5444, pp. 419–436, 2009). Our constructions widen the set of number-theoretic assumptions upon which these primitives can be based, and are summarized as(More)
The generalized knapsack function is defined as fa(x) = P i ai · xi, where a = (a1, . . . , am) consists of m elements from some ring R, and x = (x1, . . . , xm) consists of m coefficients from a specified subset S ⊆ R. Micciancio (FOCS 2002) proposed a specific choice of the ring R and subset S for which inverting this function (for random a,x) is at least(More)