#### Filter Results:

#### Publication Year

2011

2015

#### Publication Type

#### Co-author

#### Key Phrase

#### Publication Venue

Learn More

We propose a general multiparty computation protocol secure against an active adversary corrupting up to n−1 of the n players. The protocol may be used to compute securely arithmetic circuits over any finite field F p k. Our protocol consists of a preprocessing phase that is both independent of the function to be computed and of the inputs, and a much more… (More)

SPDZ (pronounced " Speedz ") is the nickname of the MPC protocol of Damgård et al. from Crypto 2012. SPDZ provided various efficiency innovations on both the theoretical and practical sides compared to previous work in the preprocessing model. In this paper we both resolve a number of open problems with SPDZ; and present several theoretical and practical… (More)

We study the task of verifiable delegation of computation on encrypted data. We improve previous definitions in order to tolerate adversaries that learn whether or not clients accept the result of a delegated computation. In this strong model, we construct a scheme for arbitrary computations and highly efficient schemes for delegation of various classes of… (More)

We present a protocol that allows to prove in zero-knowledge that committed values where the values are taken from a finite field. For error probability 2 −u the size of the proof is linear in u and only logarithmic in l. Therefore, for any fixed error probability, the amortized complexity vanishes as we increase l. In particular, when the committed values… (More)

We study robust secret sharing schemes in which between one third and one half of the players are corrupted. In this scenario, robust secret sharing is possible only with a share size larger than the secrets, and allowing a positive probability of reconstructing the wrong secret. In the standard model, it is known that at least m+k bits per share are needed… (More)

In a tout of -n robust secret sharing scheme, a secret message is shared among n parties who can reconstruct the message by combining their shares. An adversary can adaptively corrupt up to t of the parties, get their shares, and modify them arbitrarily. The scheme should satisfy privacy, meaning that the adversary cannot learn anything about the shared… (More)

- Valerio Pastro
- 2013

- ‹
- 1
- ›