While succinct non-interactive zero-knowledge arguments of knowledge (zk-SNARKs) are widely studied, the question of what happens when the CRS has been subverted has received little attention. Inâ€¦ (More)

We propose a new random oracle-less NIZK shuffle argument. It has a simple structure, where the first verification equation ascertains that the prover has committed to a permutation matrix, theâ€¦ (More)

We reinvestigate a notion of one-time programs introduced in the CRYPTO 2008 paper by Goldwasser et al. A one-time program is a device containing a program C, with the property that the program C canâ€¦ (More)

The Bounded Retrieval Model (BRM) was proposed at TCC 2006 (independently by Dziembowski and Di Crescenzo et al.). Essentially, the main idea of this model is to design cryptographic schemes withâ€¦ (More)

In this paper we address the problem of large space consumption for protocols in the Bounded Retrieval Model (BRM), which require users to store large secret keys subject to adversarial leakage. Weâ€¦ (More)

The convolution is a mathematical way of combining two functions to form a third one. It is the single most important technique in digital signal processing because it relates two signals ofâ€¦ (More)