Rafail Ostrovsky, Ramarathnam Venkatesan, and Moti Yung. Fair games against an all-powerful adversary. AMS DIMACS Series in Discrete Mathematics and Theoretical Computer Science, pages 155--169, 1993.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....they share a random string and that Alice has a public key for which she is guaranteed to know the private key. This is a realistic model, which is also used elsewhere (e.g. 10] These results seem essentially optimal because one round of communication is needed to implement oblivious transfer [20]. Securing Autonomous Mobile Agents. One round secure computation has been recognized as the solution for keeping the privacy of mobile code intact [24] Here, a code originator O sends one message containing a protected description of the mobile code to host H, which runs the program and sends ....

R. Ostrovsky, R. Venkatesan, and M. Yung, "Fair games against an all-powerful adversary," in Advances in Computational Complexity Theory, AMS, 1993.

....they share a random string and that Alice has a public key for which she is guaranteed to know the private key. This is a realistic model, which is also used elsewhere (e.g. 11] These results seem essentially optimal because one round of communication is needed to implement oblivious transfer [22]. Securing Autonomous Mobile Agents. One round secure computation has been recognized as the solution for keeping the privacy of mobile code intact [26] Here, a code originator O sends one message containing a protected description of the mobile code to host H , which runs the program and ....

R. Ostrovsky, R. Venkatesan, and M. Yung, \Fair games against an all-powerful adversary," in Advances in Computational Complexity Theory, vol. 13 of DIMACS Series in Discrete Mathematics and Theoretical Computer Science, AMS, 1993.

....he proves that Oblivious Transfer can be implemented from a black box for securely computing F if and only if F possess an imbedded OR, i.e. that there exists i 0 ; i 1 ; j 0 ; j 1 ; x 0 ; x 1 such that for all a; b 2 f0; 1g, F (i a ; i b ) x ab . Ostrovsky, Venkatesan, and Yung [120] consider the problem of sufficient conditions for various asymmetric two party protocols, i.e. protocols in which one player is polynomially bounded while the other player is computationally unbounded. In particular, they show that Oblivious Transfer is possible, in either direction, assuming ....

R. Ostrovsky, R. Venkatesan, and M. Yung, "Fair games against an all-powerful adversary," Sequences Workshop, Positano, Italy, July 1991.

....is the first non interactive implementation of Oblivious Transfer that does not require a trusted center or some distributed fault tolerant computation and is secure against receivers with unlimited computing power. Our implementation is essentially optimal. Indeed, a result of Ostrovsky and Yung [40] shows that it is not possible to achieve a non interactive Oblivious Transfer from scratch. We give the first implementation of non interactive nature for Perfect Zero Knowledge Arguments for all NP languages. Our result uses our non interactive implementation of Oblivious Transfer. However, we ....

R. Ostrovsky, R. Venkatesan, and M. Yung, Fair Games Against an All-Powerful Adversary, in Sequences II: Methods in Communication, Security and Computer Science, R. Capocelli, A. De Santis, and U. Vaccaro Eds., Springer-Verlag, 1993, pp. 418--429.

No context found.

R. Ostrovsky, R. Venkatesan, and M. Yung. Fair games against an all-powerful adversary. AMS DIMACS Series in Discrete Mathematics and Theoretical Computer Science, Vol. 13 pp. 155-169, 1993.

No context found.

R. Ostrovsky, R. Venkatesan, and M. Yung. Fair games against an all-powerful adversary. Presented at DIMACS Complexity and Cryptography workshop, October 1990.

....the zero knowledge property of a statistically or computatlonally secure protocol was first proposed in [BMO] based on Discrte Logarithm problem. In this paper, we show how such a compiler conld be constructed based on any one way permutation using our recent method of interactive hashing [OVY 90, NOVY]. This applies to both statistically and computationally secure protocols, preserving their respective security. Our result allows us to utilize DES like permutations for such a cotnpi]er. I Introduction An interactive proof involves two communicating parties, a prover and a verifier. The ....

....JILL, Ha 90, NY, Ro, OWl. Such efforts, not only develop the theoretical foundations of cryptography, but also enable the primitive implementations to be based on a larger possible concrete choices of underlying functions, thus making them more plausible. The recent method of interactive hashing [OVY 90, NOVY] has been applied to various cryptographic primitives, to information theoretically secure Oblivious Transfer protocols [OVY 90] and then to zero knowledge arguments [NOVY] as well as to commitments by to powerful non polynomial parties [OVY 92] Here we show an extended use of this method ....

[Article contains additional citation context not shown here]

R. Ostrovsky, R. Venkatesan, and M. Yung. "Fair Games Against an All-Powerful Adversary", SEQUENCES '91, Positano, June, 1991.

....application of Merkle trees (with additional machinery to enforce consistency) is to proving consistency of queries to a committed database. The topic of commitment protocols (especially efficient ones, has received a lot of attention in the literature, and we build upon that previous work [20, 22, 23, 15, 21, 8, 17, 18, 27, 14, 16, 6, 10, 7]) Especially relevant to our work is the notion of consistent query commitment protocol, originally proposed by Micali and Rabin [18] and, subsequently, by Kilian [16] for membership queries on a single (key, value) pairs database: suppose there is a server who hosts a very large database ....

R. Ostrovsky, R. Venkatesan, and M. Yung. Fair games against an all-powerful adversary. Sequences 91 workshop. (see also AMS DIMACS Series in Discrete Mathematics and Theoretical Computer Science, Vol. 13 Distributed Computing and Cryptography, Jin-Yi Cai, editor, pp. 155-169. AMS, 1993.)

....application [15] it may also depend on assumptions regarding the computational power of the participants. For example, in many protocols certain commitments are never opened; information theoretic privacy ensures that the committed data will remain hidden indefinitely (for further discussion, see [23, 21]) Commitment size is an important parameter, particularly when committing to a very large message such as the contents of a database. Unfortunately, standard commitment schemes (even malleable ones) require commitment size at least M (log k) where M is the message size and k is the security ....

R. Ostrovsky, R. Venkatesan, and M. Yung. Fair games against an all-powerful adversary. AMS DIMACS Series in Discrete Mathematics and Theoretical Computer Science, Vol. 13 pp. 155-169, 1993.

....application [15] it may also depend on assumptions regarding the computational power of the participants. For example, in many protocols certain commitments are never opened; information theoretic privacy ensures that the committed data will remain hidden inde nitely (for further discussion, see [23, 21]) Commitment size is an important parameter, particularly when committing to a very large message such as the contents of a database. Unfortunately, standard commitment schemes (even malleable ones) require commitment size at least M (log k) where M is the message size and k is the security ....

R. Ostrovsky, R. Venkatesan, and M. Yung. Fair games against an all-powerful adversary. AMS DIMACS Series in Discrete Mathematics and Theoretical Computer Science, Vol. 13 pp. 155-169, 1993.

No context found.

R. Ostrovsky, R. Venkatesan, M. Yung, Fair Games Against an All-Powerful Adversary, Sequences 91. (Also presented in Dimacs workshop on complexity and cryptography).

....non negligible probability without them. But why use low knowledge complexity protocols when one can use zero knowledge ones (see, GMW 86, GMW 87] The reason is that the non zero knowledge protocols may be more efficient and or may require weaker computational assumptions (see, for example, OVY 91] Remarks A remark concerning two definitions. Throughout the paper, SKC(k( Delta) and PKC(k( Delta) denote the classes of knowledge complexity with respect to the honest verifier. Note that the Main Theorem is only strengthen by this, whereas the transformation (mentioned above) is indeed ....

R. Ostrovsky, R. Venkatesan and M. Yung. Fair Games Against an All-Powerful Adversary. AMS DIMACS Series in Discrete Mathematics and Theoretical Computer Science. Vol 13. (Jin-Yi Cai ed.) pp. 155169. 22

.... oe f0; 1g n a ; tr (Alice 0 (xA) Bob(xB ) oe) Alice 0 (oe; xA ; tr) q(xA ; xB ) i Prob h oe f0; 1g n a : M(oe; xA) q(xA ; xB ) i : Notice that here we are defining the security against a possibly cheating Bob even if he is infinitely powerful (requirement 2) similar to [25]. In the sequel, we will also consider security with respect to a honest but curious Bob, meaning that Bob follows his program, but at the end may arbitrarily try to distinguish random variables X 0 and X 1 . We also note that a definition suitable for the public key setting can be easily obtained ....

R. Ostrovsky, R. Venkatesan, and M. Yung, Fair Games Against an All-Powerful Adversary, in Proc. of SEQUENCES 91, Positano, Italy. Final version in AMS DIMACS Series in Discrete Mathematics and Theoretical Computer Science, vol. 13, pp. 155--169, 1993.

No context found.

R. Ostrovsky, R. Venkatesan and M. Yung. Fair Games Against an All-Powerful Adversary. AMS DIMACS Series in Discrete Mathematics and Theoretical Computer Science. Vol 13. (Jin-Yi Cai ed.) pp. 155-169.

....two stages. First, we show how to design an information theoretically secure bit commitment between two polynomial time parties based on any one way permutation (we employ a technique that can be called interactive hashing introduced initially in a different model involving an all powerful party [OVY1]) Moreover, we do it in such a way that the conversations in the commitment protocol are simulatable (i.e. by an expected polynomial time algorithm) Then, we apply the reduction of perfectly secure simulatable bit commitment to perfect ZK argument . A general scheme connecting various ....

....by an expected polynomial time algorithm) Then, we apply the reduction of perfectly secure simulatable bit commitment to perfect ZK argument . A general scheme connecting various commitments to various ZK systems was given in e.g. IY] and can be used) We note that this work differs from [OVY1] in that there the sender must be able to invert one way functions, whereas here the sender is efficient (this is the traditional cryptographic model) In [OVY1] we deal with oblivious transfer and any technique succeeding in allowing a weak sender there, would be quite significant since it would ....

[Article contains additional citation context not shown here]

R. Ostrovsky, R. Venkatesan, M. Yung, Fair Games Against an All-Powerful Adversary, Sequences 91, (to appear).

....non negligible probability without them. But why use low knowledge complexity protocols when one can use zero knowledge ones (see, GMW 86, GMW 87] The reason is that the non zero knowledge protocols may be more efficient and or may require weaker computational assumptions (see, for example, OVY 91] Remarks A remark concerning two definitions. Throughout the paper, SKC(k( Delta) and PKC(k( Delta) denote the classes of knowledge complexity with respect to the honest verifier. Note that the Main Theorem is only strengthen by this, whereas the transformation (mentioned above) is indeed ....

R. Ostrovsky, R. Venkatesan and M. Yung. Fair Games Against an AllPowerful Adversary. AMS DIMACS Series in Discrete Mathematics and Theoretical Computer Science. Vol 13. (Jin-Yi Cai ed.) pp. 155-169.

.... receiver cannot gain information regarding the bit committed, but the polynomial time commiter cannot change the value of the commitment if a complexity assumption holds. In [26] it is also shown, based on an oblivious transfer protocols among unequal power players introduced in [25], that given any one way function, there is a (Weak to Strong) BC from a polynomial time Commiter to a (PSPACE) Receiver (and if the receiver is NP, the same holds under a one way permutation) In contrast, in this paper, we assume polynomial time parties and do not use nonpolynomial time ....

R. Ostrovsky, R. Venkatesan, M. Yung, Fair Games Against an All-Powerful Adversary, Sequences 91. (Also presented in Dimacs workshop on complexity and cryptography).

....possible for secure distributed computation. This section will survey what is known about reductions and complexity results for this problem, i.e. what is just as hard as, and what is impossible for, secure distributed computation. 7. 1 Reductions Among Primitives Ostrovsky, Venkatesan, and Yung [64] consider the problem of sufficient conditions for various asymmetric two party protocols, i.e. protocols in which one player is polynomially bounded while the other player is computationally unbounded. In particular, they show that Oblivious Transfer is possible, in either direction, assuming ....

R. Ostrovsky, R. Venkatesan, and M. Yung, "Fair games against an all-powerful adversary," Sequences Workshop, Positano, Italy, July 1991.

....he proves that Oblivious Transfer can be implemented from a black box for securely computing F if and only if F possess an imbedded OR, i.e. that there exists i 0 ; i 1 ; j 0 ; j 1 ; x 0 ; x 1 such that for all a; b 2 f0; 1g, F (i a ; i b ) x ab . Ostrovsky, Venkatesan, and Yung [81] consider the problem of sufficient conditions for various asymmetric two party protocols, i.e. protocols in which one player is polynomially bounded while the other player is computationally unbounded. In particular, they show that Oblivious Transfer is possible, in either direction, assuming ....

R. Ostrovsky, R. Venkatesan, and M. Yung, "Fair games against an all-powerful adversary," Sequences Workshop, Positano, Italy, July 1991.

No context found.

Rafail Ostrovsky, Ramarathnam Venkatesan, and Moti Yung. Fair games against an all-powerful adversary. AMS DIMACS Series in Discrete Mathematics and Theoretical Computer Science, pages 155--169, 1993.

No context found.

R. Ostrovsky, R. Venkatesan, M. Yung, Fair Games Against an All-Powerful Adversary, Sequences 91, (to appear).

No context found.

R. Ostrovsky, R. Venkatesan, and M. Yung. Fair games against an all-powerful adversary. In DIMACS Series in Discrete Mathematics and Theoretical Computer Science, volume 13, 1993.

No context found.

R. Ostrovsky, R. Venkatesan and M. Yung. Fair Games Against an All-Powerful Adversary. AMS DIMACS Series in Discrete Mathematics and Theoretical Computer Science. Vol 13. (Jin-Yi Cai ed.) pp. 155-169.

No context found.

R. Ostrovsky, R. Venkatesan and M. Yung. Fair Games Against an All-Powerful Adversary. AMS DIMACS Series in Discrete Mathematics and Theoretical Computer Science. Vol 13. (Jin-Yi Cai ed.) pp. 155-169.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC