Leakage-Resilient Coin Tossing

  title={Leakage-Resilient Coin Tossing},
  author={Elette Boyle and Shafi Goldwasser and Yael Tauman Kalai},
The ability to collectively toss a common coin among n parties in the presence of faults is an important primitive in the arsenal of randomized distributed protocols. In the case of dishonest majority, it was shown to be impossible to achieve less than 1/r bias in O(r) rounds (Cleve STOC '86). In the case of honest majority, in contrast, unconditionally secure O(1)-round protocols for generating common unbiased coins follow from general completeness theorems on multi-party secure protocols in… 
4 Citations
Continual Leakage-Resilient Dynamic Secret Sharing in the Split-State Model
This paper proposes continual leakage-resilient dynamic secret sharing under split-state model, which can provide the security for secret share under continual leakage model while at the same time allowing the users to join and quit the scheme dynamically.
Leakage-Resilient Zero-Knowledge Proofs of Knowledge for NP
This paper presents a constructions of leakage-resilient zero-knowledge proofs of knowledge for HC (Hamiltonian Cycle) problem.


Adaptively secure multi-party computation
This work proposes a novel property of encryption protocols and shows that if an encryption protocol enjoying this property is used, instead of a standard encryption scheme, then known constructions become adaptively secure.
Multiparty computation secure against continual memory leakage
We construct a multiparty computation (MPC) protocol that is secure even if a malicious adversary, in addition to corrupting 1-ε fraction of all parties for an arbitrarily small constant ε >0, can
Leakage-Resilient Zero Knowledge
A meaningful definition of leakage-resilient zero knowledge (LR-ZK) proof system, that intuitively guarantees that the protocol does not yield anything beyond the validity of the statement and the leakage obtained by the verifier, and a construction of a universally composable multiparty computation protocol in the leaky token model.
Public-Key Cryptosystems Resilient to Key Leakage
A generic construction of a public-key encryption scheme that is resilient to key leakage from any universal hash proof system is presented, and variants of the Cramer-Shoup cryptosystem are proved to be CCA1-secure with any leakage of L/4 bits, and CCA2- secure with any leaking of L / polylog(L) bits.
Overcoming the Hole in the Bucket: Public-Key Cryptography Resilient to Continual Memory Leakage
This work constructs public-key encryption schemes, digital signatures, and identity-based encryption schemes that remain secure even if an attacker can leak a constant fraction of the secret memory in each time period between key updates.
Leakage-Resilient Cryptography
A stream-cipher S is constructed whose implementation is secure even if a bounded amount of arbitrary (adversarially chosen) information on the internal state of S is leaked during computation, and a lemma is proved that the output of any PRG has high HILLpseudoentropy even if arbitrary information about the seed is leaked.
Distributed public key schemes secure against continual leakage
Distributed public key encryption (DPKE) and distributed identity based encryption (DIBE) schemes that are secure against continual memory leakage, under the Bilinear Decisional Diffie-Hellman and $2-linear assumptions.
Network Extractor Protocols
We design efficient protocols for processors to extract private randomness over a network with Byzantine faults, when each processor has access to an independent weakly-random n-bit source of
Leakage-Tolerant Interactive Protocols
A variant of the UC theorem is proved that enables modular design and analysis of protocols even in face of general, non-modular leakage.
Cryptography against Continuous Memory Attacks
This work constructs a variety of practical CLR schemes, including CLR one-way relations, CLR signatures, CLR identification schemes, and CLR authenticated key agreement protocols, and shows how to instantiate them efficiently using a well established assumption on bilinear groups, called the K-Linear assumption.