• Publications
  • Influence
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack
A new public key cryptosystem is proposed and analyzed. The scheme is quite practical, and is provably secure against adaptive chosen ciphertext attack under standard intractability assumptions.Expand
Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption
A general framework that allows one to construct secure encryption schemes in a generic fashion from language membership problems that satisfy certain technical requirements is introduced, as does the Cramer-Shoup scheme based on the Decision Diffie-Hellman assumption. Expand
Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack
A new public-key encryption scheme, along with several variants, is proposed and analyzed that appear to be the first public- key encryption schemes in the literature that are simultaneously practical and provably secure. Expand
Practical Threshold Signatures
  • V. Shoup
  • Computer Science, Mathematics
  • 14 May 2000
An RSA threshold signature scheme that is unforgeable and robust in the random oracle model, assuming the RSA problem is hard and the size of an individual signature share is bounded by a constant times thesize of the RSA modulus. Expand
Lower Bounds for Discrete Logarithms and Related Problems
  • V. Shoup
  • Mathematics, Computer Science
  • 11 May 1997
Lower bounds on the complexity of the discrete logarithm and related problems are proved that match the known upper bounds: any generic algorithm must perform Ω(p1/2) group operations, where p is the largest prime dividing the order of the group. Expand
Algorithms in HElib
Some of the algorithms and optimization techniques that are used in HElib for data movement, linear algebra, and other operations over this “platform” are described. Expand
Optimistic fair exchange of digital signatures
We present a new protocol that allows two players to exchange digital signatures over the Internet in a fair way, so that either each player gets the other's signature, or neither player does. TheExpand
Sequences of games: a tool for taming complexity in security proofs
  • V. Shoup
  • Computer Science
  • IACR Cryptol. ePrint Arch.
  • 2004
This paper is brief tutorial on a technique for structuring security proofs as sequences games.
Asynchronous protocols for optimistic fair exchange
A set of optimistic fair exchange protocols which tolerate temporary failures in the communication channels to the third party, and a central feature of the protocols is that either player can asynchronously and unilaterally bring a protocol run to completion. Expand
The Twin Diffie–Hellman Problem and Applications
This work shows how to build a certain “trapdoor test” that allows us to effectively answer decision oracle queries for the twin Diffie–Hellman problem without knowing any of the corresponding discrete logarithms, and presents a new variant of ElGamal encryption with very short ciphertexts, and with a very simple and tight security proof, in the random oracle model, under the assumption that the ordinary Diffie-Hell man problem is hard. Expand