Learn More
We introduce the notion of abuse-free distributed contract signing, that is, distributed contract signing in which no party ever can prove to a third party that he is capable of choosing whether to validate or invalidate the contract. Assume Alice and Bob are signing a contract. If the contract protocol they use is not abuse-free, then it is possible for(More)
When designing password-authenticated key exchange protocols (as opposed to key exchange protocols authenticated using cryptographically secure keys), one must not allow any information to be leaked that would allow verification of the password (a weak shared key), since an attacker who obtains this information may be able to run an off-line dictionary(More)
We present a simple technique by which a device that performs private key operations (signatures or decryptions) in networked applications and whose local private key is activated with a password or PIN can be immunized to offline dictionary attacks in case the device is captured. Our techniques do not assume tamper resistance of the device but rather(More)
As permeable reactive barriers containing zero-valent iron are becoming more widely used to remediate contaminated groundwaters, there remains much uncertainty in predicting their long-term performance. This study focuses on two factors affecting performance and lifetime of the granular iron media: plugging at the treatment zone entrance and precipitation(More)
Typical protocols for password-based authentication assume a single server which stores all the information (e.g., the password) necessary to authenticate a user. Unfortunately, an inherent limitation of this approach (assuming low-entropy passwords are used) is that the user's password is exposed if this server is ever compromised. To address this issue, a(More)
We introduce new eecient techniques for sharing cryptographic functions in a distributed dynamic fashion. These techniques dynamically and securely transform a distributed function (or secret sharing) representation between tout of -l (polynomial sharing) and tout of -t (additive sharing). We call the techniques poly-to-sum and sum-to-poly, respectively.(More)
We propose and realize a definition of security for password-based key exchange within the framework of universally composable (UC) security, thus providing security guarantees under arbitrary composition with other protocols. In addition, our definition captures some aspects of the problem that were not adequately addressed by most prior notions. For(More)