#### Filter Results:

- Full text PDF available (228)

#### Publication Year

1988

2017

- This year (1)
- Last 5 years (48)
- Last 10 years (85)

#### Publication Type

#### Co-author

#### Journals and Conferences

#### Key Phrases

Learn More

- Mihir Bellare, Ran Canetti, Hugo Krawczyk
- CRYPTO
- 1996

The use of cryptographic hash functions like MD5 or SHA for message authentication has become a standard approach i n m a n y I n ternet applications and protocols. Though very easy to implement, these mechanisms are usually based on ad hoc techniques that lack a sound security analysis. We present new constructions of message authentication schemes based… (More)

- Mihir Bellare, Phillip Rogaway
- ACM Conference on Computer and Communications…
- 1993

We argue that the random oracle model—where all parties have access to a public random oracle—provides a bridge between cryptographic theory and cryptographic practice. In the paradigm we suggest, a practical protocol <italic>P</italic> is produced by first devising and proving correct a protocol <italic>P<supscrpt>R</supscrpt></italic> for the… (More)

- Mihir Bellare, Phillip Rogaway
- CRYPTO
- 1993

Entity authentication and key distribution are central cryptographic problems in distributed computing|but up until now, they have lacked even a meaningful deenition. One consequence is that incorrect and ineecient protocols have proliferated. This paper provides the rst treatment of these problems in the complexity-theoretic framework of modern… (More)

- Mihir Bellare, Chanathip Namprempre
- Journal of Cryptology
- 2000

An authenticated encryption scheme is a symmetric encryption scheme whose goal is to provide both privacy and integrity. We consider two possible notions of authenticity for such schemes, namely integrity of plaintexts and integrity of ciphertexts, and relate them, when coupled with IND-CPA (indistinguishability under chosen-plaintext attack), to the… (More)

- Mihir Bellare, Sriram Keelveedhi, Thomas Ristenpart
- IACR Cryptology ePrint Archive
- 2012

We formalize a new cryptographic primitive, Message-Locked Encryption (MLE), where the key under which encryption and decryption are performed is itself derived from the message. MLE provides a way to achieve secure deduplication (space-efficient secure outsourced storage), a goal currently targeted by numerous cloud-storage providers. We provide… (More)

- Michel Abdalla, Mihir Bellare, +7 authors Haixia Shi
- Journal of Cryptology
- 2005

We identify and fill some gaps with regard to consistency (the extent to which false positives are produced) for public-key encryption with keyword search (PEKS). We define computational and statistical relaxations of the existing notion of perfect consistency, show that the scheme of Boneh et al. (Advances in Cryptology—EUROCRYPT 2004, ed. by C. Cachin, J.… (More)

- Phillip Rogaway, Mihir Bellare, John Black, Ted Krovetz
- ACM Conference on Computer and Communications…
- 2001

We describe a parallelizable block-cipher mode of operation that simultaneously provides privacy and authenticity. OCB encrypts-and-authenticates a nonempty string <i>M</i> ε {0,1}• using \lceil |M|/n\rceil + 2 block-cipher invocations, where <i>n</i> is the block length of the underlying block cipher. Additional overhead is small. OCB refines a… (More)

- Mihir Bellare, Anand Desai, David Pointcheval, Phillip Rogaway
- CRYPTO
- 1998

We compare the relative strengths of popular notions of security for public-key encryption schemes. We consider the goals of privacy and non-malleability, each under chosen-plaintext attack and two kinds of chosen-ciphertext attack. For each of the resulting pairs of definitions we prove either an implication (every scheme meeting one notion must meet the… (More)

- Mihir Bellare, Joe Kilian, Phillip Rogaway
- J. Comput. Syst. Sci.
- 2000

The Cipher Block Chaining Message Authentication Code (CBC MAC) speciies that a message x = x 1 x m be authenticated among parties who share a secret key a by tagging x with a preex of f (m) a (x) def = f a (f a (f a (f a (x 1)x 2) x m?1)x m) ; where f is some underlying block cipher (e.g., the Data Encryption Standard) and a is its key. This method is a… (More)

- Mihir Bellare, Daniele Micciancio, Bogdan Warinschi
- EUROCRYPT
- 2003

This paper provides theoretical foundations for the group signature primitive. We introduce strong, formal definitions for the core requirements of anonymity and traceability. We then show that these imply the large set of sometimes ambiguous existing informal requirements in the literature, thereby unifying and simplifying the requirements for this… (More)