• Publications
  • Influence
On Private Scalar Product Computation for Privacy-Preserving Data Mining
We show that two of the private scalar product protocols, one of which was proposed in a leading data mining conference, are insecure and improve its efficiency so that it can be used on massive datasets. Expand
An Oblivious Transfer Protocol with Log-Squared Communication
  • H. Lipmaa
  • Computer Science
  • ISC
  • 20 September 2005
We propose a one-round 1-out-of-n computationally-private information retrieval protocol for l-bit strings with low-degree polylogarithmic receiver-computation, linear sender-Computation and communication Θ(klog2n+llogn), where k is a possibly non-constant security parameter. Expand
Efficient Algorithms for Computing Differential Properties of Addition
We systematically study the differential properties of addition modulo 2n. Expand
Comments to NIST concerning AES Modes of Operations: CTR-Mode Encryption
We suggest that NIST, in standardizing AES modes of operation, should include CTR-mode encryption as one possibility for the next reasons. Expand
Secure Equality and Greater-Than Tests with Sublinear Online Complexity
We propose two equality tests for l-bit values with O(1) online communication that require O(l) respectively O(κ) total work, where κ is a correctness parameter. Expand
On Diophantine Complexity and Statistical Zero-Knowledge Arguments
  • H. Lipmaa
  • Mathematics, Computer Science
  • 30 November 2003
We show how to construct practical honest-verifier statistical zero-knowledge Diophantine arguments of knowledge (HVSZK AoK) that a committed tuple of integers belongs to an arbitrary language in bounded arithmetic. Expand
Secure Vickrey Auctions without Threshold Trust
We propose two new Vickrey auction schemes that involve, apart from the bidders and the seller S, an auction authority A so that unless S and A collude the outcome of auctions will be correct, and moreover, S will not get any information about the bids, while A will learn bid statistics. Expand
Designated Verifier Signature Schemes: Attacks, New Security Notions and a New Construction
We show that the signer can abuse the disavowal protocol in the Jakobsson-Sako-Impagliazzo designated-verifier signature scheme, and propose a new efficient conventional signature scheme that is provably unforgeable under a tight reduction to the Decisional Diffie-Hellman problem in the non-programmable random oracle plus common reference string model. Expand
Cryptographically private support vector machines
We propose private protocols implementing the Kernel Adatron and Kernel Perceptron learning algorithms, give private classification protocols and private polynomial kernel computation protocols. Expand
Accountable certificate management using undeniable attestations
This paper initiates a study of accountable certificate management methods, necessary to support long-term authenticity of digital documents. Expand