Learn More
We consider the problem of extending oblivious transfers: Given a small number of oblivious transfers " for free, " can one implement a large number of oblivious transfers? Beaver has shown how to extend oblivious transfers given a one-way function. However, this protocol is inefficient in practice, in part due to its non-black-box use of the underlying(More)
Reference-counting is traditionally considered unsuitable for multiprocessor systems. According to conventional wisdom, the update of reference slots and reference-counts requires atomic or synchronized operations. In this work we demonstrate this is not the case by presenting a novel reference-counting algorithm suitable for a multiprocessor system that(More)
The Cipher Block Chaining (CBC) Message Authentication Code (MAC) is an authentication method which is widely used in practice. It is well known that the naive use of CBC MAC for variable length messages is not secure, and a few rules of thumb for the correct use of CBC MAC are known by folklore. The rst rigorous proof of the security of CBC MAC, when used(More)
An <italic>on-the-fly garbage collector</italic> does not stop the program threads to perform the collection. Instead, the collector executes in a separate thread (or process) in parallel to the program. On-the-fly collectors are useful for multi-threaded applications running on multiprocessor servers, where it is important to fully utilize all processors(More)
SUMMARY We propose the use of generations with modern reference counting. A reference counting collector is well suited to collect the old generation, containing a large fraction of live objects that are modified infrequently. Such a collector can be combined with a tracing collector to collect the young generation, typically containing a small fraction of(More)
A proof is concurrent zero-knowledge if it remains zero-knowledge when many copies of the proof are run in an asynchronous environment, such as the Internet. Richardson and Kilian have shown that there exists a concurrent zero-knowledge proof for any language in NP, but with round complexity <italic>polynomial</italic> in the maximum number of concurrent(More)
We consider noninteractive zero-knowledge proofs in the shared random string model proposed by Blum, Feldman and Micali BFM88]. Until recently there was a sizable polynomial gap between the most eecient noninteractive proofs for NP based on general complexity assumptions FLS90] versus those based on speciic algebraic assumptions Dam92]. Recently, this gap(More)