Results 1 
7 of
7
Verifiable Random Functions from Weaker Assumptions?
"... Abstract. The construction of a verifiable random function (VRF) with large input space and full adaptive security from a static, noninteractive complexity assumption, like decisional DiffieHellman, has proven to be a challenging task. To date it is not even clear that such a VRF exists. Most kn ..."
Abstract

Cited by 4 (1 self)
 Add to MetaCart
(Show Context)
Abstract. The construction of a verifiable random function (VRF) with large input space and full adaptive security from a static, noninteractive complexity assumption, like decisional DiffieHellman, has proven to be a challenging task. To date it is not even clear that such a VRF exists. Most known constructions either allow only a small input space of polynomiallybounded size, or do not achieve full adaptive security under a static, noninteractive complexity assumption. The only known constructions without these restrictions are based on nonstatic, socalled “qtype ” assumptions, which are parametrized by an integer q. Since qtype assumptions get stronger with larger q, it is desirable to have q as small as possible. In current constructions, q is either a polynomial (e.g., Hohenberger and Waters, Eurocrypt 2010) or at least linear (e.g., Boneh et al., CCS 2010) in the security parameter. We show that it is possible to construct relatively simple and efficient verifiable random functions with full adaptive security and large input space from noninteractive qtype assumptions, where q is only logarithmic in the security parameter. Interestingly, our VRF is essentially identical to the verifiable unpredictable function (VUF) by Lysyanskaya (Crypto 2002), but very different from Lysyanskaya’s VRF from the same paper. Thus, our result can also be viewed as a new, direct VRFsecurity proof for Lysyanskaya’s VUF. As a technical tool, we introduce and construct balanced admissible hash functions. 1
Bilinear Entropy Expansion from the Decisional Linear Assumption
"... We develop a technique inspired by pseudorandom functions that allows us to increase the entropy available for proving the security of dual system encryption schemes under the Decisional Linear Assumption. We show an application of the tool to AttributeBased Encryption by presenting a KeyPolicy AB ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
We develop a technique inspired by pseudorandom functions that allows us to increase the entropy available for proving the security of dual system encryption schemes under the Decisional Linear Assumption. We show an application of the tool to AttributeBased Encryption by presenting a KeyPolicy ABE scheme that exhibits a significant improvement over the state of the art schemes in public parameter size in terms of the number of attributeuses allowed in the policy while remaining fully secure under the Decisional Linear Assumption. 1
Déjà Q All Over Again: Tighter and Broader Reductions of qType Assumptions
"... Abstract In this paper, we demonstrate that various cryptographic constructions including ones for broadcast, attributebased, and hierarchical identitybased encryption can rely for security on only the static subgroup hiding assumption when instantiated in compositeorder bilinear groups, as op ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract In this paper, we demonstrate that various cryptographic constructions including ones for broadcast, attributebased, and hierarchical identitybased encryption can rely for security on only the static subgroup hiding assumption when instantiated in compositeorder bilinear groups, as opposed to the dynamic qtype assumptions on which their security previously was based. This specific goal is accomplished by more generally extending the recent Déjà Q framework (Chase and Meiklejohn, Eurocrypt 2014) in two main directions. First, by teasing out common properties of existing reductions, we expand the qtype assumptions that can be covered by the framework; i.e., we demonstrate broader classes of assumptions that can be reduced to subgroup hiding. Second, while the original framework applied only to asymmetric compositeorder bilinear groups, we provide a reduction to subgroup hiding that works in symmetric (as well as asymmetric) compositeorder groups. As a bonus, our new reduction achieves a tightness of log(q) rather than q.
License Creative Commons BY 3.0 Unported license
, 2014
"... Increasingly, modern cryptography (crypto) has moved beyond the problem of secure communication to a broader consideration of securing computation. The past thirty years have seen a steady progression of both theoretical and practical advances in designing cryptographic protocols for problems such ..."
Abstract
 Add to MetaCart
Increasingly, modern cryptography (crypto) has moved beyond the problem of secure communication to a broader consideration of securing computation. The past thirty years have seen a steady progression of both theoretical and practical advances in designing cryptographic protocols for problems such as secure multiparty computation, searching and computing on encrypted data, verifiable storage and computation, statistical data privacy, and more. More recently, the programminglanguages (PL) community has begun to tackle the same set of problems, but from a different perspective, focusing on issues such as language design (e.g., new features or type systems), formal methods (e.g., model checking, deductive verification, static and dynamic analysis), compiler optimizations, and analyses of sidechannel attacks and information leakage. This seminar helped to crossfertilize ideas between the PL and crypto communities, exploiting the synergies for advancing the development of secure computing, broadly speaking, and fostering new research directions in and across both communities.
unknown title
"... Abstract. We present an identitybased encryption (IBE) scheme in compositeorder bilinear groups with essentially optimal parameters: the ciphertext overhead and the secret key are one group element each and decryption requires only one pairing. Our scheme achieves adaptive security and anonymity u ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. We present an identitybased encryption (IBE) scheme in compositeorder bilinear groups with essentially optimal parameters: the ciphertext overhead and the secret key are one group element each and decryption requires only one pairing. Our scheme achieves adaptive security and anonymity under standard decisional subgroup assumptions as used in Lewko and Waters (TCC ’10). Our construction relies on a novel extension to the Deja Q framework of Chase andMeiklejohn (Eurocrypt ’14). 1
Efficient Pseudorandom Functions via OntheFly Adaptation
"... Abstract. Pseudorandom functions (PRFs) are one of the most fundamental building blocks in cryptography with numerous applications such as message authentication codes and private key encryption. In this work, we propose a new framework to construct PRFs with the overall goal to build efficient PRF ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. Pseudorandom functions (PRFs) are one of the most fundamental building blocks in cryptography with numerous applications such as message authentication codes and private key encryption. In this work, we propose a new framework to construct PRFs with the overall goal to build efficient PRFs from standard assumptions with an almost tight proof of security. The main idea of our framework is to start from a PRF for any small domain (i.e. polysized domain) and turn it into an `bounded pseudorandom function, i.e., into a PRF whose outputs are pseudorandom for the first ` distinct queries to F. In the second step, we apply a novel technique which we call onthefly adaptation that turns any bounded PRF into a fullyfledged (large domain) PRF. Both steps of our framework have a tight security reduction, meaning that any successful attacker can be turned into an efficient algorithm for the underlying hard computational problem without any significant increase in the running time or loss of success probability. Instantiating our framework with specific number theoretic assumptions, we construct a PRF based on kLIN (and thus DDH) that is faster than all known constructions, which reduces almost tightly to the underlying problem, and which has shorter keys. Instantiating our framework with general assumptions, we construct a PRF with very flat circuits whose security tightly reduces to the security of some small domain PRF.
Almost Optimal Short Adaptive NonInteractive Zero Knowledge First eprint version, May 30, 2014
"... Abstract. Several recent short NIZK arguments are constructed in a modular way from a small number of basic arguments like the product argument or the shift argument. The main technical novelty of the current work is a significantly more efficient version of the product argument. Based on this, we p ..."
Abstract
 Add to MetaCart
Abstract. Several recent short NIZK arguments are constructed in a modular way from a small number of basic arguments like the product argument or the shift argument. The main technical novelty of the current work is a significantly more efficient version of the product argument. Based on this, we propose an adaptive NIZK range argument with almost optimal complexity: constant communication (in group elements), constant verifier’s computational complexity (in cryptographic operations), and Θ(n logn) [resp., Θ(n)] prover’s computational complexity (in noncryptographic [resp., cryptographic] operations). The latter can be compared to n logω(1) n in the most efficient published short adaptive noninteractive range argument, or Θ(n log2 n) [resp., Θ(n logn)] that is achievable when following QAPbased framework from Eurocrypt 2013. Here, n is the logarithm of the range length. The new product argument can be used to construct efficient adaptive NIZK arguments for many other languages, including several that are NPcomplete like SubsetSum. Importantly, for all such languages, new adaptive arguments achieve better prover’s computation than the QAPbased framework.