Oded Goldreich. On the foundations of modern cryptography. In B. Kaliski, editor, Advances in Cryptology -- CRYPTO '97, volume 1294 of Lecture Notes in Computer Science, pages 46--74. Springer-Verlag, 1997.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....useful about the exchanged data. Designing a good encryption scheme is a very challenging task. There are basically two criteria to compare the performances of encryption schemes: efficiency and security. Security is measured as the ability to resist attacks in a given adversarial model [1, 8]. The standard security notion is IND CCA2 security, i.e. indistinguishability under adaptive chosen ciphertext attacks (cf. Section 2) Usually, an (asymmetric) encryption scheme is proven secure by exhibiting a reduction: if an adversary can break the IND CCA2 security then the same adversary ....

Oded Goldreich. On the foundations of modern cryptography. In B. Kaliski, editor, Advances in Cryptology -- CRYPTO '97, volume 1294 of Lecture Notes in Computer Science, pages 46--74. Springer-Verlag, 1997.

....is evaluated as the latter s ability to resist attacks in a given adversarial model. It is very challenging to guess the strategy the adversary will follow in an attempt to break the system. So, the only assumptions made by modern cryptography refer to the computational abilities of the adversary [6]. Loosely speaking, a cryptosystem is then said secure if there is no polynomial time adversary able to gain more useful information than a honest user by deviating from the prescribed behavior. In [9, 11] Kocher et al. launched a new class of attacks: the so called sidechannel attacks. In ....

Oded Goldreich. On the foundations of modern cryptography. In B. Kaliski, editor, Science, pages 46--74. Springer-Verlag, 1997.

.... Hence, while the trend of the 1980 s was to establish general plausibility results, the trend of the 1990 s is to consider solutions which are both provably secure and efficiently implementable in practical applications (for a more general discussion on this topic see surveys by Goldreich [13] and Goldwasser [16, 15] This is the case of the current work as well here we show how with the help of service providers one can maintain the user s privacy while retrieving information from a remote database with almost the same total communication cost to from the user as if we do not ....

O. Goldreich. On the foundations of modern cryptography. In Proc. of CRYPTO'97, pages 46--74, 1997.

....of a computing device the battery powered Turing Machine is required [LV92] Within such a model, we can reason about and maximise security and fault tolerance per Joule. In cryptography, the strength of a cipher is most realistically measured in terms of its security parameter k [Gol97] Bel98] Within this model, ciphers and protocols are shown to require at least g(k) work to break by the adversary (where a protocol is considered secure iff g is super polynomial in k) In 4 other words, the probability of the attacker to break the system in one particular instance is ....

Goldreich, O. On the foundations of modern cryptography. In CRYPTO '97 (Santa Barbara, CA, USA, 1997), B. S. K. Jr. (Ed.), LNCS 1294, Springer.

....present work, their protocol does not require public parameters. Unfortunately, their construction requires a non constant number of rounds and also requires techniques from generic multi party computation [18] Thus, their scheme serves as a general plausibility result (a terminology coined in [16]) but is much too inefficient for practical use. Finally, as pointed out by the authors themselves, the solution of [17] does not allow for concurrent executions of the protocol between parties using the same password. 1.4 Our Contribution Security validation via proofs in the random oracle and ....

O. Goldreich. On the Foundations of Modern Cryptography. Crypto '97.

....present work, their protocol does not require public parameters. Unfortunately, their construction requires a non constant number of rounds and also requires techniques from generic multi party computation [18] Thus, their scheme serves as a general plausibility result (a terminology coined in [16]) but is much too ine cient for practical use. Finally, as pointed out by the authors themselves, the solution of [17] does not allow for concurrent executions of the protocol between parties using the same password. 1.4 Our Contribution Security validation via proofs in the random oracle and ....

O. Goldreich. On the Foundations of Modern Cryptography. Crypto '97.

....security, distributed trust, and flexible management (i.e. adding and deleting trustees) of crucial functions like certification authorities and consortium signatures. A major efficiency difference between a general compiler protocol (which should be thought of as a plausibility result see [Gr97]) and a function sharing protocol is due to the fact that the communication complexity of the former depends linearly on the actual size of the circuit computing the cryptographic functions, while the communication complexity of the latter is independent of the circuit size (and is typically a ....

O. Goldreich, On Foundations of Modern Cryptography, an invited paper, Crypto 97.

....settings. Hence, while the trend of the 1980 s was to establish general plausibility results, the trend of the 1990 s is to consider solutions which are both provably secure and efficiently implementable in practical applications (for more general discussion on this topic see surveys of Goldreich [11] and Goldwasser [13, 12] The current trend of developing practical and provably secure solutions is not only of considerable practical importance, but also poses interesting theoretical questions, since it often requires to consider different, more practically oriented models and to devise ....

O. Goldreich. On the foundations of modern cryptography. In Proc. of CRYPTO'97, pages 46--74, 1997.

....idea of great depth. Complexity based cryptography has been remarkably successful, coming up with definitions for many central cryptographic primitives, and constructions based on minimal assumptions. For a brief introduction to this body of work, refer to the recent survey by Goldreich [16]. In practice The potential for the idea of provable security to impact practice is large. Yet its actual impact had been disappointingly small, in the sense that these ideas were reflected almost not at all in protocols used in practice. Here are some possible reasons. In practice, block ....

O. Goldreich, "On the foundations of modern cryptography," Advances in Cryptology -- Crypto 97 Proceedings, Lecture Notes in Computer Science Vol. 1294, B. Kaliski ed., Springer-Verlag, 1997.

No context found.

Oded Goldreich. On the foundations of modern cryptography. In B. Kaliski, editor, Advances in Cryptology -- CRYPTO '97, volume 1294 of Lecture Notes in Computer Science, pages 46--74. Springer-Verlag, 1997.

No context found.

Oded Goldreich. On the foundations of modern cryptography. In B. Kaliski, editor, Science, pages 46--74. Springer-Verlag, 1997.

No context found.

Oded Goldreich. On the foundations of modern cryptography. In B. Kaliski, editor, Science, pages 46--74. Springer-Verlag, 1997.

No context found.

Oded Goldreich. On the foundations of modern cryptography. In B. Kaliski, editor, Advances in Cryptology -- CRYPTO '97, volume 1294 of Lecture Notes in Computer Science, pages 46--74. Springer-Verlag, 1997.

No context found.

Oded Goldreich. On the foundations of modern cryptography. In B. Kaliski, editor, Science, pages 46--74. Springer-Verlag, 1997.

No context found.

O. Goldreich. On the foundations of modern cryptography. Lecture Notes in Computer Science, 1294:46--74, 1997.

No context found.

Oded Goldreich. On the foundations of modern cryptography. In B. Kaliski, editor, Science, pages 46--74. Springer-Verlag, 1997.

No context found.

Oded Goldreich. On the foundations of modern cryptography. In B. Kaliski, editor, Advances in Cryptology -- CRYPTO '97, volume 1294 of Lecture Notes in Computer Science, pages 46--74. Springer-Verlag, 1997.

No context found.

O. Goldreich. On the foundations of modern cryptography. In Advances in Cryptology - Proceedings of the 17th Annual International Lecture Notes in Computer Science, pages 46--74. Springer, 1997.

No context found.

Oded Goldreich. On the foundations of modern cryptography. In Proc. 17th Annual International Cryptology Conference -- CRYPTO '97, pages 46--74, 1997. 30

No context found.

Oded Goldreich. On the foundations of modern cryptography. In B. Kaliski, editor, Advances in Cryptology -- CRYPTO '97, volume 1294 of Lecture Notes in Computer Science, pages 46--74. Springer-Verlag, 1997.

No context found.

Oded Goldreich. On the foundations of modern cryptography. In B. Kaliski, editor, Science, pages 46--74. Springer-Verlag, 1997.

No context found.

Goldreich, O.: The Foundations of Modern Cryptography. In: Kaliski, B. (ed.): proc. of CRYPTO '97, Santa Barbara, CA, August 17-21, 1997 (LNCS 1294), Springer-Verlag, pp. 46-74, 1997.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC