A. Beimel, T. Malkin, S. Micali. The All-or-Nothing Nature of Two-Party Secure Computation. In Proc. of CRYPTO 99, 1999.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....transfer (OT) Rab81] is complete for two party computation in the presence of an active adversary. A complete characterization of complete functions for two party computation, for both active and passive adversaries, was given in [Kil00] based on [Kil91] and results by Beimel, Micali, and Malkin [BMM99] These results are stated with respect to asymmetric multi party computation in the sense that the result of the function is provided to one single (prede ned) player. A rst generalization of completeness results to the more general n party case was made by Kilian, Kushilevitz, Micali, and ....

....who may corrupt up to t of the players; i.e. the adversary may make the corrupted players deviate from the 3 protocol in an arbitrarily malicious way, and no assumptions are made about his computational power. In contrast to the treatment of two party computation (e.g. Kil91,Kil00] and [BMM99] where only one prede ned player receives the nal result of the computation, our model allows every player to receive his own (in general, di erent) result which corresponds to the general notion of multi party computation in [Yao82,CCD88,BGW88] Similarly, our de nition of a primitive, as ....

[Article contains additional citation context not shown here]

A. Beimel, T. Malkin, and S. Micali. The all-or-nothing nature of two-party secure computation. In Advances in Cryptology | CRYPTO '99, volume 1666 of LNCS, pp. 80-97. Springer-Verlag, 1999.

....transfer (OT) Rab81] is complete for two party computation in the presence of an active adversary. A complete characterization of complete functions for two party computation, for both active and passive adversaries, was given in [Kil00] based on [Kil91] and results by Beimel, Micali, and Malkin [BMM99] These results are stated with respect to asymmetric multi party computation in the sense that the result of the function is provided to one single (predefined) player. A first generalization of completeness results to the more general n party case was made by Kilian, Kushilevitz, Micali, and ....

....who may corrupt up to t of the players; i.e. the adversary may make the corrupted players deviate from the protocol in an arbitrarily malicious way, and no assumptions are made about his computational power. In contrast to the treatment of two party computation (e.g. Kil91, Kil00] and [BMM99] where only one predefined player receives the final result of the computation, our model allows every player to receive his own (in general, different) result which corresponds to the general notion of multi party computation in [Yao82, CCD88, BGW88] Similarly, our definition of a ....

[Article contains additional citation context not shown here]

A. Beimel, T. Malkin, and S. Micali. The all-or-nothing nature of two-party secure computation. In Advances in Cryptology --- CRYPTO '99, volume 1666 of LNCS, pp. 80--97. Springer-Verlag, 1999.

....transfer (OT) Rab81] is complete for two party computation in the presence of an active adversary. A complete characterization of complete functions for two party computation, for both active and passive adversaries, was given in [Kil00] based on [Kil91] and results by Beimel, Micali, and Malkin [BMM99] These results are stated with respect to asymmetric multi party computation in the sense that the result of the function is provided to one single (predefined) player. A first generalization of completeness results to the more general n party case was made by Kilian, Kushilevitz, Micali, and ....

....adversary who may corrupt up to t of the players; i.e. the adversary may make the corrupted players deviate from the protocol in an arbitrarily malicious way, and no assumptions are made about his computational power. In contrast to the treatment of two party computation (e.g. Kil91,Kil00] and [BMM99] where only one predefined player receives the final result of the computation, our model allows every player to receive his own (in general, different) result which corresponds to the general notion of multi party computation in [Yao82,CCD88,BGW88] Similarly, our definition of a ....

[Article contains additional citation context not shown here]

A. Beimel, T. Malkin, and S. Micali. The all-or-nothing nature of two-party secure computation. In Advances in Cryptology --- CRYPTO '99, volume 1666 of LNCS, pp. 80--97. Springer-Verlag, 1999.

No context found.

A. Beimel, T. Malkin, S. Micali. The All-or-Nothing Nature of Two-Party Secure Computation. In Proc. of CRYPTO 99, 1999.

No context found.

A. Beimel, T. Malkin, S. Micali. The All-or-Nothing Nature of Two-Party Secure Computation. In Proc. of CRYPTO 99, 1999.

No context found.

A. Beimel, T. Malkin, and S. Micali. The all-or-nothing nature of two-party secure computation. In Michael Wiener, editor, Advances in Cryptology--- CRYPTO '99, volume 1666 of Lecture Notes in Computer Science, pages 80--97. Springer-Verlag, 15--19 August 1999.

....A ; r B ) We use the symbol in place of r A and r B in the above notation to denote the distribution induced on the transcripts, views and outputs when r A or r B is selected at random. Thus, for example, TRANS A;B (1 k ; a; b; is a 4 We borrow much of our protocol notation from [BMM99] and [GMR85] probability space of transcripts, with probabilities induced by selecting r A and r B at random and executing (A; B) on (1 k ; a; b; r A ; r B ) The output of each party is, of course, computed based solely on that party s view. Therefore, we denote by OUTA (1 k ; a; r A ; t) ....

A. Beimel, T. Malkin, and S. Micali. The all-or-nothing nature of two-party secure computation. In Michael Wiener, editor, Advances in Cryptology| CRYPTO '99, volume 1666 of Lecture Notes in Computer Science, pages 80-97. Springer-Verlag, 15-19 August 1999.

.... of protocol (P A ; PB ) on input (x; y) and random input (r A ; r B ) we make the following de nitions: The transcript of E consists of the sequence of messages exchanged by A and B, and is denoted by TRANS PA ;P B (x; y; r A ; r B ) 1 We shall use almost verbatim the protocol notation of [3]. 2 Due to the one sidedness of secure computation, only machine PB produces an output. 12 The view of A consists of the triplet (x; r A ; t) where t is E s transcript, and is denoted by VIEW PA ;P B A (x; y; r A ; r B ) The view of B consists of the triplet (y; r B ; t) where t is ....

A. Beimel, T. Malkin, and S. Micali. The All-or-Nothing Nature of Two-Party Secure Computation. In Advances in Cryptology: Crypto '99, 1999.

....speci c to some parts of the thesis, appear within the following chapters as appropriate. In Chapter 3 we study two party secure computation, and prove our results, demonstrating its all ornothing nature. The work presented in this chapter is based on joint work with Amos Beimel and Silvio Micali [BMM99]. In Chapter 4 we introduce the model of private information retrieval, provide formal de nitions for it, and survey previous work. In Chapter 5 we explore the necessary assumptions for computational (single server) PIR. The work presented in this chapter is based on joint works with Amos Beimel, ....

A. Beimel, T. Malkin, and S. Micali. The all-or-nothing nature of twoparty secure computation. In J. Stern, editor, Advances in Cryptology - EUROCRYPT '99, volume 1592 of Lecture Notes in Computer Science. Springer, 1999.

....function. On the other hand there is a class of primitives that probably needs additional assumptions, including, for example, public key cryptosystems, key exchange, oblivious transfer [22] non interactive zero knowledge proofs of knowledge for NP [11] and any non trivial secure two party [4] and multi party function evaluation [25] Single Database Private Information Retrieval has received a lot of attention in the literature, however its place in the above setting was not understood. In this paper we address (and resolve) its position. Private Information Retrieval. A Private ....

....That is, even saving one bit compared to the (information theoretic) trivial protocol of sending the entire database, already requires OT. It is interesting to note that we can also reduce any code for non trivial single database PIR to a code for OT; this is similar to codeto code reductions in [4]. Moreover, our theorem holds even if the communication sent by the user in the given PIR scheme is unbounded, as long as the database sends less than n bits. OT protocol implies the existence of a one way function [21] Single database PIR also implies the existence of a one way function [3] ....

[Article contains additional citation context not shown here]

A. Beimel, T. Malkin, S. Micali. The All-or-Nothing Nature of Two-Party Secure Computation. In Proc. of CRYPTO 99, 1999.

No context found.

A. Beimel, T. Malkin, and S. Micali. The all-or-nothing nature of two-party secure computation. In Advances in Cryptology - Proceedings of the 19th Annual International Cryptology Conference (CRYPTO), volume 1666 of Lecture Notes in Computer Science (LNCS), pages 80--97. Springer, 1999.

No context found.

A. Beimel, T. Malkin, and S. Micali. The all-or-nothing nature of two-party secure computation. In Advances in Cryptology - Proceedings of the 19th Annual International Cryptology Conference (CRYPTO), volume 1666 of Lecture Notes in Computer Science (LNCS), pages 80--97. Springer, 1999.

No context found.

A. Beimel, T. Malkin, and S. Micali. The all-or-nothing nature of two-party secure computation. In Advances in Cryptology - Proceedings of the 19th Annual International Cryptology Conference (CRYPTO), volume 1666 of Lecture Notes in Computer Science (LNCS), pages 80--97. Springer, 1999.

No context found.

A. Beimel, T. Malkin and S. Micali. The All-or-Nothing Nature of Two-Party Secure Computation. In CRYPTO'99, Springer-Verlag (LNCS 1666), pages 80--97, 1999.

No context found.

A. Beimel, T. Malkin, and S. Micali. The all-or-nothing nature of two-party secure computation. In Advances in Cryptology - CRYPTO '99, Lecture Notes in Computer Science, volume 1666, pages 80--97. Springer, 1999.

No context found.

A. Beimel, T. Malkin, and S. Micali. The all-or-nothing nature of two-party secure computation. In Advances in Cryptology - CRYPTO '99, Lecture Notes in Computer Science, volume 1666, pages 80--97. Springer, 1999.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC