Moderately Hard Functions: From Complexity to Spam Fighting

  title={Moderately Hard Functions: From Complexity to Spam Fighting},
  author={M. Naor},
  • M. Naor
  • Published in FSTTCS 2003
  • Computer Science
A key idea in cryptography is using hard functions in order to obtain secure schemes. The theory of hard functions (e.g. one-way functions) has been a great success story, and the community has developed a fairly strong understanding of what types of cryptographic primitives can be achieved under which assumption. 
Information Theoretic Security
We present the notion of continuous non-malleable codes along with an instantiation and we show how to use them to securely compute any keyed cryptographic primitive on a computational architectureExpand
Query-Complexity Amplification for Random Oracles
Results by Dodis et al. (Crypto 2012) imply that plain iteration falls short of achieving this goal, and designing schemes which provably have such a desirable property remained an open problem. Expand
A Number Theoretic Memory Bounded Function and Its Applications
  • Qi Cheng, Yu-Hsin Li
  • Computer Science
  • 2008 The 9th International Conference for Young Computer Scientists
  • 2008
A simple number theoretic way of generating memory bounded functions based on exponentiations of sparse polynomials modulo sparse irreducible polynmials over finite fields is proposed. Expand
Moderately Hard Functions: Definition, Instantiations, and Applications
The goal of this work is to provide a (universal) definition that decouples the efforts of designing new moderately hard functions and of building protocols based on them, serving as an interface between the two. Expand
Lossy Chains and Fractional Secret Sharing
The construction of fractional secret sharing schemes is based on the new notion of lossy chains, and it is proved that the construction achieves an optimal asymptotic information rate. Expand
Protocol engineering for protection against denial-of-service attacks
Denial-of-service attacks (DoS) and distributed denial-of-service attacks (DDoS) attempt to temporarily disrupt users or computer resources to cause service un- availability to legitimate users inExpand
Gage MPC: Bypassing Residual Function Leakage for Non-Interactive MPC
A new MPC model, suitable for secure computation with limited-time secrecy, such as auctions, is presented, incorporating smart contracts and arbitrary parties that can be incentivized to perform computation (“bounty hunters,” akin to miners). Expand
Secure random number agreement for peer-to-peer applications
A protocol to securely generate an agreed random value without the use of a central authority is proposed and could be used for generating input into peer-to-peer protocols that require random values, such as group selection. Expand
ForCES protocol design analysis for protection against DoS attacks
  • S. Lakkavalli, H. Khosravi
  • Computer Science
  • Proceedings. 13th International Conference on Computer Communications and Networks (IEEE Cat. No.04EX969)
  • 2004
The design issues along with the experimental results are discussed and the separation scheme consists of separating the congestion aware, control and data transport connections such as TCP connections and gives higher priority for control. Expand


Advances in Cryptology — CRYPTO 2000
  • M. Bellare
  • Computer Science
  • Lecture Notes in Computer Science
  • 2000
This paper introduces the XTR public key system, a new method to represent elements of a subgroup of a multiplicative group of a finite field that leads to substantial savings both in communication and computational overhead without compromising security. Expand
Towards uncheatable benchmarks
The problem of how to make benchmarks resistant to tampering and hence more trustworthy is studied. Some schemes that are based on modern cryptography and complexity theory are proposed to makeExpand
Non-malleable cryptography
Non-malleable schemes for each of the contexts of string commitment and zero-knowledge proofs of possession of knowledge, where a user need not know anything about the number or identity of other system users are presented. Expand
How to exchange (secret) keys
A protocol is presented whereby two adversaries may exchange secrets, although neither trusts the other, and it is shown how each of the two can prove, for each bit delivered, that the bit is good. Expand
New directions in cryptography: twenty some years later (or cryptograpy and complexity theory: a match made in heaven)
  • S. Goldwasser
  • Computer Science
  • Proceedings 38th Annual Symposium on Foundations of Computer Science
  • 1997
Some of the progress made in cryptography during this time is surveyed, focusing on the successful interplay between complexity theory and cryptography, witnessed perhaps most vividly by the developments in interactive and probabilistic proof systems and in pseudo random number generation. Expand
On Memory-Bound Functions for Fighting Spam
In 1992, Dwork and Naor proposed that e-mail messages be accompanied by easy-to-check proofs of computational effort in order to discourage junk e-mail, now known as spam. They proposed specificExpand
Advances in Cryptology — CRYPTO’ 92
  • E. Brickell
  • Computer Science
  • Lecture Notes in Computer Science
  • 2001
A new signature scheme is introduced that combines the strength of the strongest schemes with the efficiency of RSA, and uses the same amount of computation and memory as the widely applied RSA scheme. Expand
Nonmalleable Cryptography
The cryptosystem is the first proven to be secure against a strong type of chosen ciphertext attack proposed by Rackoff and Simon, in which the attacker knows the ciphertext she wishes to break and can query the decryption oracle on any ciphertext other than the target. Expand
Pricing via Processing or Combatting Junk Mail
We present a computational technique for combatting junk mail in particular and controlling access to a shared resource in general. The main idea is to require a user to compute a moderately hard,Expand
A randomized protocol for signing contracts
Randomized protocols for signing contracts, certified mail, and flipping a coin are presented and an implementation of the 1-out-of-2 oblivious transfer, using any public key cryptosystem, is presented. Expand