Learn More
We present a Hierarchical Identity Based Encryption (HIBE) system where the ciphertext consists of just three group elements and decryption requires only two bilinear map computations , regardless of the hierarchy depth. Encryption is as efficient as in other HIBE systems. We prove that the scheme is selective-ID secure in the standard model and fully(More)
Address-space randomization is a technique used to fortify systems against buffer overflow attacks. The idea is to introduce artificial diversity by randomizing the memory location of certain system components. This mechanism is available for both Linux (via PaX ASLR) and OpenBSD. We study the effectiveness of address-space randomization and find that its(More)
This paper presents SiRiUS, a secure file system designed to be layered over insecure network and P2P file systems such as NFS, CIFS, OceanStore, and Yahoo! Briefcase. SiRiUS assumes the network storage is un-trusted and provides its own read-write cryptographic access control for file level sharing. Key management and revocation is simple with minimal(More)
A secure index is a data structure that allows a querier with a " trapdoor " for a word x to test in O(1) time only if the index contains x; The index reveals no information about its contents without valid trapdoors, and trapdoors can only be generated with a secret key. Secure indexes are a natural extension of the problem of constructing data structures(More)
We show a signature scheme whose security is tightly related to the Computational Diffie-Hellman (CDH) assumption in the Random Oracle Model. Existing discrete-log based signature schemes, such as ElGamal, DSS, and Schnorr signatures, either require non-standard assumptions, or their security is only loosely related to the discrete logarithm (DL) assumption(More)
Privacy-preserving protocols allow multiple parties with private inputs to perform joint computation while preserving the privacy of their respective inputs. An important cryptographic primitive for designing privacy-preserving protocols is secure function evaluation (SFE). The classic solution for SFE by Yao uses a gate representation of the function that(More)
1 Summary There are currently three solutions: Searchable Symmetric Key Encryption (SSKE) [3], Searchable Public Key Encryption (SPKE) [1], and Secure Indexing [2]. SSKE and SPKE are encryption schemes that induce structure onto ciphertext so that a user can, given a trapdoor for a word, search the ciphertext for that word. Note that the user cannot deduce(More)
We propose and analyze two efficient signature schemes whose security is tightly related to the Diffie-Hellman problems in the random oracle model. Security of our first scheme relies on the hardness of the computational Diffie-Hellman problem; security of our second scheme — which is more efficient than the first — is based on the hardness of the(More)
Acknowledgements This thesis would have been impossible without the unstinting support and mentoring of my advisor, Dan Boneh, and also the members of both the Applied Crypto and the Security Group at Stanford; Abstract Encryption schemes are designed to provide data confidentiality and are a fundamental cryptographic primitive with many applications in(More)