• Publications
  • Influence
Random oracles are practical: a paradigm for designing efficient protocols
TLDR
It is argued that the random oracles model—where all parties have access to a public random oracle—provides a bridge between cryptographic theory and cryptographic practice, and yields protocols much more efficient than standard ones while retaining many of the advantages of provable security.
Entity Authentication and Key Distribution
TLDR
This work provides the first formal treatment of entity authentication and authenticated key distribution appropriate to the distributed environment and presents a definition, protocol, and proof that the protocol meets its goal, assuming only the existence of a pseudorandom function.
Keying Hash Functions for Message Authentication
TLDR
Two new, simple, and practical constructions of message authentication schemes based on a cryptographic hash function, NMAC and HMAC, are proven to be secure as long as the underlying hash function has some reasonable cryptographic strengths.
HMAC: Keyed-Hashing for Message Authentication
This document describes HMAC, a mechanism for message authentication using cryptographic hash functions. HMAC can be used with any iterative cryptographic hash function, e.g., MD5, SHA-1, in
Authenticated Key Exchange Secure against Dictionary Attacks
TLDR
Correctness for the idea at the center of the Encrypted Key-Exchange protocol of Bellovin and Merritt is proved: it is proved security, in an ideal-cipher model, of the two-flow protocol at the core of EKE.
Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm
TLDR
This work considers two possible notions of authenticity for authenticated encryption schemes, namely integrity of plaintexts and integrity of ciphertexts, and relates them to the standard notions of privacy IND-CCA and NM-CPA by presenting implications and separations between all notions considered.
Relations among Notions of Security for Public-Key Encryption Schemes
TLDR
The goals of privacy and non-malleability are considered, each under chosen plaintext attack and two kinds of chosen ciphertext attack, and a new definition of non-Malleability is proposed which the author believes is simpler than the previous one.
DupLESS: Server-Aided Encryption for Deduplicated Storage
TLDR
It is shown that encryption for deduplicated storage can achieve performance and space savings close to that of using the storage service with plaintext data.
Message-Locked Encryption and Secure Deduplication
TLDR
The work shows that MLE is a primitive of both practical and theoretical interest, and makes connections with deterministic encryption, hash functions secure on correlated inputs and the sample-then-extract paradigm to deliver schemes under different assumptions and for different classes of message sources.
OCB: a block-cipher mode of operation for efficient authenticated encryption
TLDR
It is proved OCB secure, quantifying the adversary's ability to violate the mode's privacy or authenticity in terms of the quality of its block cipher as a pseudorandom permutation (PRP) or as a strong PRP, respectively.
...
...