This paper considers the model where interaction is allowed in the common key computation phase and shows a gap between the models by exhibiting a one-round interactive scheme in which the user's information is only k + t −1 times the size of the commonKey.Expand

We show how to construct a public-key cryptosystem (as originally defined by DiNe and Hellman) secure against chosen ciphertezt attacks, given a public-key cryptosystern secure against passive… Expand

In order to guarantee the availability and integrity of the secret, this work provides mechanisms to detect maliciously (or accidentally) corrupted shares, as well as mechanisms to secretly recover the correct shares when modification is detected.Expand

The main contribution is the first scalable protocol for authenticated group key exchange along with a rigorous proof of security in the standard model under the DDH assumption, which uses a constant number of rounds and requires only O(1) modular exponentiations per user (for key derivation).Expand

A Universal One-Way Hash Function family is defined, a new primitive which enables the compression of elements in the function domain and it is proved constructively that universal one- way hash functions exist if any 1-1 one-way functions exist.Expand

A framework for the analysis of cryptographic implementations that includes a theoretical model and an application methodology, based on commonly accepted hypotheses about side-channels, that allows quantifying the effect of practically relevant leakage functions with a combination of information theoretic and security metrics.Expand

This work shows an efficient, 3-round, password-authenticated key exchange protocol with human-memorable passwords which is provably secure under the Decisional Diffie-Hellman assumption, yet requires only (roughly) 8 times more computation than "standard" Diffie -Hellman key exchange (which provides no authentication at all).Expand

This paper considers the model where interaction is allowed in the common key computation phase, and shows a gap between the models by exhibiting an interactive scheme in which the user's information is only k + t - 1 times the size of the commonKey.Expand

These are the first algorithms for secure communication in a general network to achieve simultaneously the goals of perfect secrecy, perfect resiliency, and a worst case time which is linear in the diameter of the network.Expand

These are the first algorithms for secure communication in a general network to simultaneously achieve the three goals of perfect secrecy, perfect resiliency, and worst-case time linear in the diameter of the network.Expand