• Publications
  • Influence
Physically Uncloneable Functions in the Universal Composition Framework
TLDR
We use Canetti's universal composition (UC) framework to model hardware tokens and to derive schemes with strong security guarantees in the UC framework. Expand
  • 117
  • 23
  • PDF
Security of Sanitizable Signatures Revisited
Sanitizable signature schemes, as defined by Ateniese et al. (ESORICS 2005), allow a signer to partly delegate signing rights to another party, called the sanitizer. That is, the sanitizer is able toExpand
  • 123
  • 20
  • PDF
Redactable Signatures for Tree-Structured Data: Definitions and Constructions
TLDR
Kundu and Bertino (VLDB 2008) recently introduced the idea of structural signatures for trees which support public redaction of subtrees (by third-party distributors) while pertaining the integrity of the remaining parts. Expand
  • 103
  • 16
  • PDF
Composability of bellare-rogaway key exchange protocols
TLDR
We show that key exchange protocols secure in the prevalent model of Bellare and Rogaway can be composed with arbitrary protocols that require symmetrically distributed keys. Expand
  • 59
  • 7
  • PDF
Safely Exporting Keys from Secure Channels - On the Security of EAP-TLS and TLS Key Exporters
TLDR
We investigate how to safely export additional cryptographic keys from secure channel protocols, modelled with the authenticated and confidential channel establishment ACCE security notion, and show that the result is a secure AKE protocol in the Bellare---Rogaway model. Expand
  • 17
  • 6
  • PDF
Unlinkability of Sanitizable Signatures
TLDR
Sanitizable signatures allow a designated party, called the sanitizer, to modify parts of signed data such that the immutable parts can still be verified. Expand
  • 78
  • 5
  • PDF
Downgrade Resilience in Key-Exchange Protocols
TLDR
We study the causes of downgrade attacks by dissecting and classifying known and novel attacks against widely used protocols. Expand
  • 35
  • 5
  • PDF
Santizable Signatures: How to Partially Delegate Control for Authenticated Data
TLDR
Sanitizable signatures have been introduced by Ateniese et al. and allow an authorized party, the sanitizer, to modify a predetermined part of a signed message without invalidating the signature. Expand
  • 29
  • 4
  • PDF
On Statistically Secure Obfuscation with Approximate Correctness
TLDR
We show that statistical indistinguishability obfuscation iO cannot exist if the obfuscator must maintain perfect correctness under a widely believed complexity theoretic assumption. Expand
  • 7
  • 3
  • PDF
Indistinguishability Obfuscation and UCEs: The Case of Computationally Unpredictable Sources
TLDR
We introduced a new abstraction called Universal Computational Extractors (UCEs), and showed that they suffice to securely replace random oracles in a number of prominent applications, including all those mentioned above, without suffering the aforementioned uninstantiability result. Expand
  • 41
  • 2
  • PDF