Nonmalleable cryptography

SIAM Journal on Computing

Volumn 30, Issue 2, 2000, Pages 391-437

  Dolev, Danny ^a   Dwork, Cynthia ^b   Naor, Moni ^c  

^a HEBREW UNIVERSITY OF JERUSALEM   (Israel)

^b IBM ALMADEN RESEARCH CENTER   (United States)

^c WEIZMANN INSTITUTE OF SCIENCE   (Israel)

Author keywords

Auction protocols; Authentication; Chosen ciphertext security; Commitment schemes; Cryptanalysis; Cryptography; Encryption; Nonmalleability; Randomized algorithms; Zero knowledge

Indexed keywords

ALGORITHMS; KNOWLEDGE ACQUISITION; PROBLEM SOLVING; SECURITY OF DATA; SEMANTICS; TEXT PROCESSING;

NONMALLEABLE CRYPTOGRAPHY;

CRYPTOGRAPHY;

EID: 0343337504     PISSN: 00975397     EISSN: None     Source Type: Journal    
DOI: 10.1137/S0097539795291562     Document Type: Article

References (67)

1. M. AJTAI AND C. DWORK, A public-key cryptosystem with worst-case/average-case equivalence, in Proceedings 29th Annual ACM Symposium on the Theory of Computing, El Paso, TX, 1997, pp. 284-293.
2. W. ALEXI, B. CHOR, O. GOLDREICH, AND C. SCHNORR, RSA and Rabin functions: Certain parts are as hard as the whole, SIAM J. Comput., 17 (1988), pp. 194-209.
3. M. BELLARE, A. DESAI, D. POINTCHEVAL, AND P. ROGAWAY, Relations among notions of security for public-key encryption schemes, in Advances in Cryptology - Crypto '98, Lecture Notes in Comput. Sci. 1462, Springer-Verlag, New York, 1998, pp. 26-45.
4. M. BELLARE, R. IMPAGLIAZZO, AND M. NAOR, Does parallel repetition lower the error in computationally sound protocols?, in Proceedings 38th Annual IEEE Symposium on Foundations of Computer Science, Miami Beach, FL, 1997, pp. 374-383.
5. M. BELLARE AND S. MICALI, How to sign given any trapdoor function, J. ACM, 39 (1992), pp. 214-233.
6. M. BELLARE AND P. ROGAWAY, Random oracles are practical: A paradigm for designing efficient protocols, in Proceedings 1st ACM Conference on Computer and Communications Security, Fairfax, VA, 1993, pp. 62-73.
7. M. BELLARE AND P. ROGAWAY, Optimal asymmetric encryption - How to encrypt with RSA, in Advances in Cryptology - Eurocrypt '94, Lecture Notes in Comput. Sci. 950, Springer-Verlag, New York, 1994, pp. 92-111.
8. M. BELLARE AND P. ROGAWAY, Entity authentication and key distribution, in Advances in Cryptology - Crypto '93, Lecture Notes in Comput. Sci. 773, Springer-Verlag, New York, 1994, pp. 232-249.
9. M. BELLARE AND P. ROGAWAY, Provably secure session key distribution: The three party case, in Proceedings 27th Annual ACM Symposium on the Theory of Computing, Las Vegas, NV, 1995, pp. 57-66.
10. M. BLAZE, J. FEIGENBAUM, AND M. NAOR, A formal treatment of remotely keyed encryption, in Advances in Cryptology - Eurocrypt '98, Lecture Notes in Comput. Sci. 1403, Springer-Verlag, New York, 1998, pp. 251-265.
11. D. BLEICHENBACHER, Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS #1, in Advances in Cryptology - Crypto '98, Lecture Notes in Comput. Sci. 1462, Springer-Verlag, New York, 1998, pp. 1-12.
12. M. BLUM, P. FELDMAN, AND S. MICALI, Noninteractive zero-knowledge proof systems, in Proceedings 20th ACM Symposium on the Theory of Computing, Chicago, IL, 1988, pp. 103-112.
13. M. BLUM, A. DE SANTIS, S. MICALI, AND G. PERSIANO, Noninteractive zero-knowledge, SIAM J. Comput., 20 (1991), pp. 1084-1118.
14. M. BLUM AND S. GOLDWASSER, An efficient probabilistic public-key encryption that hides all partial information, in Advances in Cryptology - Crypto '84, Lecture Notes in Comput. Sci. 196, Springer-Verlag, New York, 1985, pp. 289-299.
15. D. BONEH AND R. LIPTON, Algorithms for black-box fields and their application to cryptography, in Advances in Cryptology - Crypto '96, Lecture Notes in Comput. Sci. 1109, Springer-Verlag, New York, 1996, pp. 283-297.
16. M. BURROWS, M. ABADI, AND R. NEEDHAM, A logic of authentication, ACM Trans. Comput. Systems, 8 (1990), pp. 18-36.
17. R. CANETTI, Towards realizing random oracles: Hash functions that hide all partial information, in Advances in Cryptology - Crypto '97, Lecture Notes in Comput. Sci. 1294, Springer-Verlag, New York, 1997, pp. 455-469.
18. R. CANETTI, O. GOLDREICH, AND S. HALEVI, The random oracle methodology, in Proceedings 30th Annual ACM Symposium on the Theory of Computing, Dallas, TX, 1998, pp. 209-218.
19. R. CANETTI, D. MICCIANCIO, AND O. REINGOLD, Perfectly one-way probabilistic hashing, in Proceedings 30th Annual ACM Symposium on the Theory of Computing, Dallas, TX, 1998, pp. 131-140.
20. B. CHOR, S. GOLDWASSER, S. MICALI, AND B. AWERBUCH, Verifiable secret sharing in the presence of faults, in Proceedings 26th IEEE Symposium on Foundations of Computer Science, Portland, OR, 1985, pp. 383-395.
21. B. CHOR AND M. RABIN, Achieving independence in logarithmic number of rounds, in Proceedings 6th ACM Symposium on Principles of Distributed Computing, Vancouver, British Columbia, Canada, 1987, pp. 260-268.
22. R. CRAMER AND I. DAMGARD, New generation of secure and practical RSA-based signatures, in Advances in Cryptology - Crypto '96, Lecture Notes in Comput. Sci. 1109, Springer-Verlag, New York, 1996, pp. 137-185.
23. R. CRAMER AND V. SHOUP, A practical public key cryptosystem provable secure against adaptive chosen ciphertext attack, in Advances in Cryptology - Crypto '98, Lecture Notes in Comput. Sci. 1462, Springer-Verlag, New York, 1998, pp. 13-25.
24. Y. DESMET, C. GOUTIER, AND S. BENGIO, Special uses and abuses of the Fiat-Shamir passport protocol, in Advances in Cryptology - Crypto '87, Lecture Notes in Comput. Sci. 293, Springer-Verlag, New York, 1988, pp. 21-39.
25. A. DE SANTIS AND G. PERSIANO, Noninteractive zero-knowledge proof of knowledge, in Proceedings 33rd IEEE Symposium on the Foundation of Computer Science, Pittsburgh, PA, 1992, pp. 427-436.
26. G. DI CRESCENZO, Y. ISHAI, AND R. OSTROVSKY, Noninteractive and nonmalleable commitment, in Proceedings 30th Annual ACM Symposium on the Theory of Computing, Dallas, TX, 1998, pp. 141-150.
27. C. DWORK AND M. NAOR, An efficient existentially unforgeable signature scheme and its applications, J. Cryptology, 11 (1998), pp. 187-208.
28. C. DWORK AND M. NAOR, Method for Message Authentication from Nonmalleable Crypto Systems, US Patent 05539826, issued August 29, 1996.
29. C. DWORK, M. NAOR, AND A. SAHAI, Concurrent zero-knowledge, in Proceedings 30th Annual ACM Symposium on the Theory of Computing, Dallas, TX, 1998, pp. 409-418.
30. U. FEIGE AND A. SHAMIR, Witness hiding and witness indistinguishability, in Proceedings 22nd Annual ACM Symposium on the Theory of Computing, Baltimore, MD, 1990, pp. 416-426.
31. U. FEIGE, A. FIAT, AND A. SHAMIR, Zero knowledge proofs of identity, J. Cryptology, 1 (1988), pp. 77-94.
32. U. FEIGE, D. LAPIDOT, AND A. SHAMIR, Multiple noninteractive zero-knowledge proofs based on a single random string, in Proceedings 31st IEEE Symposium on Foundations of Computer Science, St. Louis, MO, 1990, pp. 308-317.
33. M. J. FISCHER AND N. A. LYNCH, A lower bound for the time to assure interactive consistency, Inform. Process Lett., 14 (1982), pp. 183-186.
34. Z. GALIL, S. HABER, AND M. YUNG, Interactive public-key cryptosystems, symmetric public-key encryption, in Advances in Cryptology - Crypto '85, Lecture Notes in Comput. Sci. 218, Springer-Verlag, New York, 1986, pp. 128-137.
35. O. GOLDREICH, Foundations of Cryptography, 1995, also available online from http://www. eccc.uni-trier.de/eccc/info/ECCC-Books/eccc-books.html (Electronic Colloquium on Computational Complexity).
36. O. GOLDREICH, A Uniform Complexity Encryption of Zero-Knowledge, Technion CS-TR 570, June 1989.
37. O. GOLDREICH, S. GOLDWASSER, AND S. MICALI, How to construct random functions, J. ACM, 33 (1986), pp. 792-807.
38. O. GOLDREICH AND H. KRAWCZYK, On the composition of zero-knowledge proof systems, SIAM J. Comput., 25 (1996), pp. 169-192.
39. O. GOLDREICH AND L. LEVIN, A hard predicate for all one-way functions, in Proceedings 21st Annual ACM Symposium on the Theory of Computing, Seattle, WA, 1989, pp. 25-32.
40. O. GOLDREICH, S. MICALI, AND A. WIGDERSON, Proofs that yield nothing but their validity, and a methodology of cryptographic protocol design, J. ACM, 38 (1991), pp. 691-729.
41. O. GOLDREICH AND Y. OREN, Definitions and properties of zero-knowledge proof systems, J. Cryptology, 6 (1993), pp. 1-32.
42. O. GOLDREICH AND E. PETRANK, Quantifying knowledge complexity, in Proceedings 32nd IEEE Symposium on Foundations of Computer Science, San Juan, Puerto Rico, 1991, pp. 59-68.
43. S. GOLDWASSER AND S. MICALI, Probabilistic encryption, J. Comput. System Sci., 28 (1984), pp. 270-299.
44. S. GOLDWASSER, S. MICALI, AND C. RACKOFF, The knowledge complexity of interactive proofsystems, SIAM J. Comput., 18 (1989), pp. 186-208.
45. S. GOLDWASSER, S. MICALI, AND R. RIVEST, A digital signature scheme secure against adaptive chosen-message attacks, SIAM J. Comput., 17 (1988), pp. 281-308.
46. S. GOLDWASSER, S. MICALI, AND P. TONG, Why and how to establish a private code on a public network, in Proceedings 23rd IEEE Symposium on the Foundation of Computer Science, Chicago, IL, 1982, pp. 134-144.
47. R. IMPAGLIAZZO AND M. LUBY, One-way functions are essential to computational based cryptography, in Proceedings 30th IEEE Symposium on the Foundation of Computer Science, Research Triangle Park, NC, 1989, pp. 230-235.
48. R. IMPAGLIAZZO, L. LEVIN, AND M. LUBY, Pseudo-random generation from one-way functions, in Proceedings 21st ACM Symposium on Theory of Computing, Seattle, WA, 1989, pp. 12-24.
49. J. KILIAN, On the complexity of bounded-interaction and non-interactive zero-knowledge proofs, in Proceedings 35th IEEE Symposium on the Foundation of Computer Science, Santa Fe, NM, 1994, pp. 466-477.
50. J. KILIAN AND E. PETRANK, An efficient non-interactive zero-knowledge proof system for NP with general assumptions, J. Cryptology, 11 (1998), pp. 1-27.
51. J. KILIAN, E. PETRANK, AND C. RACKOFF, Lower bounds for zero knowledge on the Internet, in Proceedings 39th IEEE Symposium on the Foundation of Computer Science, Palo Alto, CA, 1998, pp. 484-492.
52. M. LUBY, Pseudo-Randomness and Applications, Princeton University Press, Princeton, NJ, 1996.
53. U. MAURER, Towards the equivalence of breaking the Diffie-Hellman protocol and computing discrete algorithms, in Advances in Cryptology - Crypto '94, Lecture Notes in Comput. Sci. 839, Springer-Verlag, New York, 1994, pp. 271-281.
54. S. MICALI, C. RACKOFF, AND R. SLOAN, The notion of security for probabilistic cryptosystems, SIAM J. Comput., 17 (1988), pp. 412-426.
55. M. NAOR, Bit commitment using pseudo-randomness, J. Cryptology, 4 (1991), pp. 151-158.
56. M. NAOR AND O. REINGOLD, Synthesizers and their application to the parallel construction of pseudo-random functions, in Proceedings 36th IEEE Symposium on Foundations of Computer Science, Milwaukee, WI, 1995, pp. 170-181.
57. M. NAOR AND O. REINGOLD, Number-theoretic constructions of efficient pseudo-random functions, in Proceedings 38th IEEE Symposium on the Foundation of Computer Science, Miami Beach, FL, 1997, pp. 458-467.
58. M. NAOR AND O. REINGOLD, From unpredictability to indistinguishability: A simple construction of pseudo-random functions from MACs, in Advances in Cryptology - Crypto '98, Lecture Notes in Comput. Sci. 1462, Springer-Verlag, New York, 1998, pp. 267-282.
59. M. NAOR AND A. WOOL, Access control and signatures via quorum secret sharing, in Proceedings 3rd ACM Conference on Computer and Communications Security, New Delhi, India, 1996, pp. 157-168.
60. M. NAOR AND M. YUNG, Universal one-way hash functions and their cryptographic applications, in Proceedings 21st Annual ACM Symposium on the Theory of Computing, Seattle, WA, 1989, pp. 33-43.
61. M. NAOR AND M. YUNG, Public-key cryptosystems provably secure against chosen ciphertext attacks in Proceedings 22nd Annual ACM Symposium on the Theory of Computing, Baltimore, MD, 1990, pp. 427-437.
62. M. O. RABIN, Randomized Byzantine generals, in Proceedings 24th IEEE Symposium on the Foundation of Computer Science, Tucson, AZ, 1983, pp. 403-409.
63. C. RACKOFF AND D. SIMON, Noninteractive zero-knowledge proof of knowledge and chosen ciphertext attack, in Advances in Cryptology - Crypto '91, Lecture Notes in Comput. Sci. 576, Springer Verlag, New York, 1992, pp. 433-444.
64. R. RIVEST, A. SHAMIR, AND L. ADLEMAN, A method for obtaining digital signature and public key cryptosystems, Comm. ACM, 21 (1978), pp. 120-126.
65. J. ROMPEL, One-way functions are necessary and sufficient for signatures, in Proceedings 22nd Annual ACM Symposium on the Theory of Computing, Baltimore, MD, 1990, pp. 387-394.
66. A. C. YAO, Theory and applications of trapdoor functions, in Proceedings 23rd IEEE Symposium on the Foundation of Computer Science, Chicago, IL, 1982, pp. 80-91.
67. M. YUNG, Cryptoprotocols: Subscription to a public key, the secret blocking and the multiplayer mental poker game, in Advances in Cryptology - Crypto '84, Lecture Notes in Comput. Sci. 196, Springer-Verlag, New York, 1985, pp. 439-453.