Last update:
Tue Aug 20 06:36:51 MDT 2024
E. F. Brickell Editorial . . . . . . . . . . . . . . . 1--2
Burton S. Kaliski, Jr. and
Ronald L. Rivest and
Alan T. Sherman Is the Data Encryption Standard a Group?
(Results of Cycling Experiments on DES) 3--36
D. R. Stinson Some Constructions and Bounds for
Authentication Codes . . . . . . . . . . 37--52 (or 37--51??)
Pierre Beauchemin and
Gilles Brassard and
Claude Crépeau and
Claude Goutier and
Carl Pomerance The Generation of Random Numbers that
Are Probably Prime . . . . . . . . . . . 53--64
David Chaum The Dining Cryptographers Problem:
Unconditional Sender and Recipient
Untraceability . . . . . . . . . . . . . 65--75
Uriel Feige and
Amos Fiat and
Adi Shamir Zero-knowledge proofs of identity . . . 77--94
Kevin S. McCurley A key distribution system equivalent to
factoring . . . . . . . . . . . . . . . 95--105
Johannes Buchmann and
H. C. Williams A key-exchange system based on imaginary
quadratic fields . . . . . . . . . . . . 107--118
D. R. Stinson A construction for
authentication/secrecy codes from
certain combinatorial designs . . . . . 119--127
Pierre Beauchemin and
Gilles Brassard Generalization of Hellman's extension to
Shannon's approach to cryptography . . . 129--131
Martin Tompa and
Heather Woll How to share a secret with cheaters . . 133--138
Neal Koblitz Hyperelliptic cryptosystems . . . . . . 139--150
Michael Luby and
Charles Rackoff A study of password security . . . . . . 151--158
Willi Meier and
Othmar Staffelbach Fast correlation attacks on certain
stream ciphers . . . . . . . . . . . . . 159--176
Joan Boyar Inferring sequences produced by a linear
congruential generator missing low-order
bits . . . . . . . . . . . . . . . . . . 177--184
Fred Piper and
Michael Walker Linear ciphers and spreads . . . . . . . 185--188
Martin Abadi and
Joan Feigenbaum Secure circuit evaluation. A protocol
based on hiding information from an
oracle . . . . . . . . . . . . . . . . . 1--12
Kazuo Nishimura and
Masaaki Sibuya Probability to meet in the middle . . . 13--22
D. R. Stinson The combinatorics of authentication and
secrecy codes . . . . . . . . . . . . . 23--49
Li Gong and
David J. Wheeler A matrix key-distribution scheme . . . . 51--59
Joan F. Boyar and
Stuart A. Kurtz and
Mark W. Krentel Discrete logarithm implementation of
perfect zero-knowledge blobs . . . . . . 63--76
Gustavus J. Simmons Cartesian product construction for
unconditionally secure authentication
codes that permit arbitration . . . . . 77--104
Harald Niederreiter Combinatorial approach to probabilistic
results on the linear-complexity profile
of random sequences . . . . . . . . . . 105--112
Réjane Forré Methods and instruments for designing
$S$-boxes . . . . . . . . . . . . . . . 115--130
Michael Walker Information-theoretic bounds for
authentication schemes . . . . . . . . . 131--143
Sean Murphy The cryptanalysis of FEAL-$4$ with 20
chosen plaintexts . . . . . . . . . . . 145--154
Chris Mitchell Enumerating Boolean functions of
cryptographic significance . . . . . . . 155--170
Philippe Godlewski and
Chris Mitchell Key-minimal cryptosystems for
unconditional secrecy . . . . . . . . . 1--25
Carlisle Adams and
Stafford Tavares Structured design of cryptographically
good $S$-boxes . . . . . . . . . . . . . 27--41
Ralph C. Merkle A fast software one-way hash function 43--58
T. A. Berson and
R. A. Rueppel Guest Editor's Introduction . . . . . . 61--62
G. B. Agnew and
R. C. Mullin and
I. M. Onyszchuk and
S. A. Vanstone An implementation for a fast public-key
cryptosystem . . . . . . . . . . . . . . 63--79
Klaus Gaarder and
Einar Snekkenes Applying a formal analysis technique to
the CCITT X.509 strong two-way
authentication protocol . . . . . . . . 81--98
Stuart Haber and
W. Scott Stornetta How to time-stamp a digital document . . 99--111
Stephen M. Matyas Key processing with control vectors . . 113--136
Jose Pastor CRYPTOPOST. A cryptographic application
to mail processing . . . . . . . . . . . 137--146
H. W. Lenstra, Jr. On the Chor--Rivest knapsack
cryptosystem . . . . . . . . . . . . . . 149--155
S. Micali and
C. P. Schnorr Efficient, perfect polynomial random
number generators . . . . . . . . . . . 157--172
Marijke De Soete New bounds and constructions for
authentication/secrecy codes with
splitting . . . . . . . . . . . . . . . 173--186
Burton S. Kaliski, Jr. One-way permutations on elliptic curves 187--199
Jovan Dj. Goli\'c and
Miodrag J. Mihaljevi\'c Generalized correlation attack on a
class of stream ciphers based on the
Levenshtein distance . . . . . . . . . . 201--212
E. F. Brickell Editorial Introduction . . . . . . . . . 1--2
Eli Biham and
Adi Shamir Differential cryptanalysis of DES-like
cryptosystems . . . . . . . . . . . . . 3--72
J. Feigenbaum Guest Editor's Introduction . . . . . . 73--73
D. Beaver Secure Multiparty Protocols and
Zero-Knowledge Proof Systems Tolerating
a Faulty Minority . . . . . . . . . . . 75--122
E. F. Brickell and
D. M. Davenport On the Classification of Ideal Secret
Sharing Schemes . . . . . . . . . . . . 123--134
U. M. Maurer and
J. L. Massey Local Randomness in Pseudorandom
Sequences . . . . . . . . . . . . . . . 135--149
M. Naor Bit Commitment Using Pseudorandomness 151--158
C.-P. Schnorr Efficient Signature Generation by Smart
Cards . . . . . . . . . . . . . . . . . 161--174
C. Goutier S. Bengio, G. Brassard, Y. G. Desmedt and
J.-J. Quisquater Secure Implementations of Identification
Systems . . . . . . . . . . . . . . . . 175--183
Joan Boyar and
Katalin Friedl and
Carsten Lund Practical Zero-Knowledge Proofs: Giving
Hints and Using Deficiencies . . . . . . 185--206
Neal Koblitz Elliptic Curve Implementations of
Zero-Knowledge Blobs . . . . . . . . . . 207--213
I. B. Damgård Preface . . . . . . . . . . . . . . . . 1--1
Charles Bennett, H. and
François Bessette and
Gilles Brassard and
Louis Salvail Experimental quantum cryptography . . . 3--28
Ernest F. Brickell and
Kevin S. McCurley Interactive identification scheme based
on discrete logarithms and factoring . . 29--39
Jan-Hendrik Evertse and
Eug\`ene van Heyst Which new RSA-signatures can be computed
from certain given RSA-signatures? . . . 41--52
Ueli M. Maurer Conditionally-perfect secrecy and a
provably-secure randomized cipher . . . 53--66
Willi Meier and
Othmar Staffelbach Correlation properties of combiners with
memory in stream ciphers . . . . . . . . 67--86
Ueli M. Maurer A universal statistical test for random
bit generators . . . . . . . . . . . . . 89--105
Sheelagh Lloyd Counting binary functions with certain
cryptographic properties . . . . . . . . 107--131
Jean Georgiades Some remarks on the security of the
identification scheme based on permuted
kernels . . . . . . . . . . . . . . . . 133--137
J. H. Loxton and
David S. P. Khoo and
Gregory J. Bird and
Jennifer Seberry A cubic RSA code equivalent to
factorization . . . . . . . . . . . . . 139--150
E. F. Brickell and
D. R. Stinson Some improved bounds on the information
rate of perfect secret sharing schemes 153--166
Spyros S. Magliveras and
Nasir D. Memon Algebraic properties of cryptosystem PGM 167--183
Steven J. Phillips and
Nicholas C. Phillips Strongly ideal secret sharing schemes 185--191
Zong Duo Dai Binary sequences derived from
ML-sequences over rings I: Periods and
minimal polynomials . . . . . . . . . . 193--207
G. Brassard Editor's Note . . . . . . . . . . . . . 1--1
G. B. Agnew and
T. Beth and
R. C. Mullin and
S. A. Vanstone Arithmetic operations in $ {\rm
GF}(2^m)$ . . . . . . . . . . . . . . . 3--13
Mitsuru Ito and
Akira Saito and
Takao Nishizeki Multiple assignment scheme for sharing
secret . . . . . . . . . . . . . . . . . 15--20
Oded Goldreich Uniform-Complexity Treatment of
Encryption and Zero-Knowledge . . . . . 21--53
Ueli M. Maurer and
James L. Massey Cascade ciphers: The importance of being
first . . . . . . . . . . . . . . . . . 55--61
Joan Boyar and
Carsten Lund and
René Peralta On the communication complexity of
zero-knowledge proofs . . . . . . . . . 65--85
Benny Chor and
Eyal Kushilevitz Secret sharing over infinite domains . . 87--95
Oded Goldreich and
Eyal Kushilevitz A Perfect Zero-knowledge Proof System
for a Problem Equivalent to the Discrete
Algorithm . . . . . . . . . . . . . . . 97--116
A. W. Schrift and
A. Shamir Universal tests for nonuniform
distributions . . . . . . . . . . . . . 119--133
Ute Rosenbaum Lower bound on authentication after
having observed a sequence of messages 135--156
R. M. Capocelli and
A. De Santis and
L. Gargano and
U. Vaccaro On the size of shares for secret sharing
schemes . . . . . . . . . . . . . . . . 157--167
Don Coppersmith Modifications to the number field sieve 169--180
Glenn Orton and
Lloyd Peppard and
Stafford Tavares Design of a fast pipelined modular
multiplier based on a diminished-radix
algorithm . . . . . . . . . . . . . . . 183--208
Alfred J. Menezes and
Scott A. Vanstone Elliptic curve cryptosystems and their
implementation . . . . . . . . . . . . . 209--224
Arjen K. Lenstra and
Yacov Yacobi User impersonation in key certification
schemes . . . . . . . . . . . . . . . . 225--232
Oded Goldreich and
Yair Oren Definitions and Properties of
Zero-Knowledge Proof Systems . . . . . . 1--32
Andrew Klapper The Vulnerability of Geometric Sequences
Based on Fields of Odd Characteristic 33--51
Benny Chor and
Mihaly Gereb-Graus and
Eyal Kushilevitz On the Structure of the Privacy
Hierarchy . . . . . . . . . . . . . . . 53--60
Sean Murphy and
Kenneth Paterson and
Peter Wild A Weak Cipher that Generates the
Symmetric Group . . . . . . . . . . . . 61--65
G. J. Simmons Proof of soundness (integrity) of
cryptographic protocols . . . . . . . . 69--77
R. Kemmerer and
C. Meadows and
J. Millen Three systems for cryptographic protocol
analysis . . . . . . . . . . . . . . . . 79--130
Luke O'Connor An Analysis of a Class of Algorithms for
$S$-Box Construction . . . . . . . . . . 133--151
Shang-Hua Teng Functional Inversion and Communication
Complexity . . . . . . . . . . . . . . . 153--170
Renate Scheidler and
Johannes A. Buchmann and
Hugh C. Williams A Key-Exchange Protocol Using Real
Quadratic Fields . . . . . . . . . . . . 171--199
Ming Hua Qu and
S. A. Vanstone Factorizations in the Elementary Abelian
$p$-Group and Their Cryptographic
Significance . . . . . . . . . . . . . . 201--212
Luke O'Connor and
Andrew Klapper Algebraic Nonlinearity and Its
Applications to Cryptography . . . . . . 213--227
E. Biham New Types of Cryptanalytic Attacks Using
Related Keys . . . . . . . . . . . . . . 229
D. Davies and
S. Murphy Pairs and Triplets of DES $S$-Boxes . . 1
Kaisa Nyberg and
Lars Ramkilde Knudsen Provable Security Against a Differential
Attack . . . . . . . . . . . . . . . . . 27--37
C. Blundo and
A. De Santis and
D. R. Stinson and
U. Vaccaro Graph Decompositions and Secret Sharing
Schemes . . . . . . . . . . . . . . . . 39--64
L. O'Connor On the Distribution of Characteristics
in Bijective Mappings . . . . . . . . . 67
Alexander Russell Necessary and Sufficient Conditions for
Collision-Free Hashing . . . . . . . . . 87--99
S. A. Vanstone and
R. J. Zuccherato Short RSA Keys and Their Generation . . 101
Yi Xian Yang and
Bao An Guo Further Enumerating Boolean Functions of
Cryptographic Parameters . . . . . . . . 115--122
Ueli M. Maurer Fast Generation of Prime Numbers and
Secure Public-Key Cryptographic
Parameters . . . . . . . . . . . . . . . 123--155
Simon Blackburn and
Sean Murphy and
Jacques Stern The Cryptanalysis of a Public-Key
Implementation of Finite Group Mappings 157--166
D. R. Stinson and
J. L. Massey An Infinite Class of Counterexamples to
a Conjecture Concerning Nonlinear
Resilient Functions . . . . . . . . . . 167--173
Ding Yi Pei Information-Theoretic Bounds for
Authentication Codes and Block Designs 177--188
Martin Dyer and
Trevor Fenner and
Alan Frieze and
Andrew Thomason On Key Storage in Secure Networks . . . 189
I. B. Damgård Practical and Provably Secure Release of
a Secret and Exchange of Signatures . . 201
Howard M. Heys and
Stafford E. Tavares Substitution-Permutation Networks
Resistant to Differential and Linear
Cryptanalysis . . . . . . . . . . . . . 1--19
Ishai Ben-Aroya and
Eli Biham Differential Cryptanalysis of Lucifer 21--34
Shimon Even and
Oded Goldreich and
Silvio Micali On-Line/Off-Line Digital Signatures . . 35--67
Michael J. Fischer and
Rebecca N. Wright Bounds on Secret Key Exchange Using a
Random Deal of Cards . . . . . . . . . . 71--99
Toshiya Itoh and
Masafumi Hoshi and
Shigeo Tsujii A Low Communication Competitive
Interactive Proof System for Promised
Quadratic Residuosity . . . . . . . . . 101--109
Jovan Dj. Golic Correlation Properties of a General
Binary Combiner with Memory . . . . . . 111--126
Claude Crépeau Guest Editor's Introduction . . . . . . 127--128
Alfredo De Santis and
Giuseppe Persiano The Power of Preprocessing in
Zero-Knowledge Proofs of Knowledge . . . 129--148
Mihir Bellare and
Moti Yung Certifying Permutations: Noninteractive
Zero-Knowledge Based on Any Trapdoor
Permutation . . . . . . . . . . . . . . 149--166
Oded Goldreich and
Ariel Kahan How To Construct Constant-Round
Zero-Knowledge Proof Systems for NP . . 167--189
M. J. Fischer and
S. Micali and
C. Rackoff A Secure Protocol for the Oblivious
Transfer (Extended Abstract) . . . . . . 191--195
Russell Impagliazzo and
Moni Naor Efficient Cryptographic Schemes Provably
as Secure as Subset Sum . . . . . . . . 199--216
Matthew Franklin and
Stuart Haber Joint Encryption and Message-Efficient
Secure Computation . . . . . . . . . . . 217--232
Wen-Ai Jackson and
Keith M. Martin and
Christine M. O'Keefe Ideal Secret Sharing Schemes with
Multiple Secrets . . . . . . . . . . . . 233--250
Yenjo Han and
Lane A. Hemaspaandra Pseudorandom Generators and the
Frequency of Simplicity . . . . . . . . 251--261
Peter de Rooij On Schnorr's Preprocessing for Digital
Signature Schemes . . . . . . . . . . . 1--16
D. Beaver and
J. Feigenbaum and
J. Kilian and
P. Rogaway Locally Random Reductions: Improvements
and Applications . . . . . . . . . . . . 17--36
Toshiya Itoh and
Yuji Ohta and
Hiroki Shizuya A Language-Dependent Cryptographic
Primitive . . . . . . . . . . . . . . . 37--49
H. Dobbertin RIPEMD with Two-Round Compress Function
Is Not Collision-Free . . . . . . . . . 51--69
B. S. Kaliski A Chosen Message Attack on Demytko's
Elliptic Curve Cryptosystem . . . . . . 71--72
A. Fiat Batch RSA . . . . . . . . . . . . . . . 75--88
Y. Yacobi and
M. J. Beller Batch Diffie--Hellman Key Agreement
Systems . . . . . . . . . . . . . . . . 89--96
C. Cachin and
U. M. Maurer Linking Information Reconciliation and
Privacy Amplification . . . . . . . . . 97--110
Andrew Klapper and
Mark Goresky Feedback Shift Registers, $2$-Adic Span,
and Combiners with Memory . . . . . . . 111--147
Shimon Even and
Yishay Mansour A Construction of a Cipher from a Single
Pseudorandom Permutation . . . . . . . . 151--161
Ivan B. Damgård and
Torben P. Pedersen and
Birgit Pfitzmann On the Existence of Statistically Hiding
Bit Commitment Schemes and Fail-Stop
Signatures . . . . . . . . . . . . . . . 163--194
Eli Biham and
Alex Biryukov An Improvement of Davies' Attack on DES 195--205
Don Coppersmith and
Jacques Stern and
Serge Vaudenay The Security of the Birational
Permutation Signature Schemes . . . . . 207--221
László Csirmaz The Size of a Share Must Be Large . . . 223--231
Don Coppersmith Small Solutions to Polynomial Equations,
and Low Exponent RSA Vulnerabilities . . 233--260
Wen-Ai Jackson and
Keith M. Martin and
Christine M. O'Keefe Mutually Trusted Authority-Free Secret
Sharing Schemes . . . . . . . . . . . . 261--289
Joe Kilian and
Erez Petrank An Efficient Noninteractive
Zero-Knowledge Proof System for NP with
General Assumptions . . . . . . . . . . 1--27
Kouichi Sakurai and
Hiroki Shizuya A Structural Comparison of the
Computational Difficulty of Breaking
Discrete Log Cryptosystems . . . . . . . 29--43
Eli Biham Cryptanalysis of Multiple Modes of
Operation . . . . . . . . . . . . . . . 45--58
Lars R. Knudsen and
Xuejia Lai and
Bart Preneel Attacks on Fast Double Block Length Hash
Functions . . . . . . . . . . . . . . . 59--72
Jovan Dj. Goli\'c On Matroid Characterization of Ideal
Secret Sharing Schemes . . . . . . . . . 75--86
Moni Naor and
Rafail Ostrovsky and
Ramarathnam Venkatesan and
Moti Yung Perfect Zero-Knowledge Arguments for NP
Using Any One-Way Permutation . . . . . 87--108
R. Scheidler A Public-Key Cryptosystem Using Purely
Cubic Fields . . . . . . . . . . . . . . 109--124
Claus Peter Schnorr and
Serge Vaudenay The Black-Box Model for Cryptographic
Primitives . . . . . . . . . . . . . . . 125--140
R. Balasubramanian and
Neal Koblitz The Improbability That an Elliptic Curve
Has Subexponential Discrete Log Problem
under the Menezes-Okamoto-Vanstone
Algorithm . . . . . . . . . . . . . . . 141--145
Jòrgen Brandt and
Ivan Damgård and
Peter Landrock and
Torben Pedersen Zero-Knowledge Authentication Scheme
with Secret Key Exchange . . . . . . . . 147--159
Antoine Joux and
Jacques Stern Lattice Reduction: a Toolbox for the
Cryptanalyst . . . . . . . . . . . . . . 161--185
Cynthia Dwork and
Moni Naor An Efficient Existentially Unforgeable
Signature Scheme and Its Applications 187--208
Ivan B. Damgård and
Lars R. Knudsen Two-Key Triple Encryption . . . . . . . 209--218
Volker Müller Fast Multiplication on Elliptic Curves
over Small Fields of Characteristic Two 219--234
Sean Murphy An Analysis of SAFER . . . . . . . . . . 235--251
Hans Dobbertin Cryptanalysis of MD4 . . . . . . . . . . 253--271
Phillip Rogaway and
Don Coppersmith A Software-Optimized Encryption
Algorithm . . . . . . . . . . . . . . . 273--287
Paul C. van Oorschot and
Michael J. Wiener Parallel Collision Search with
Cryptanalytic Applications . . . . . . . 1--28
Moni Naor and
Omer Reingold On the Construction of Pseudorandom
Permutations: Luby-Rackoff Revisited . . 29--66
N. P. Smart and
S. Siksek A Fast Diffie--Hellman Protocol in Genus
2 . . . . . . . . . . . . . . . . . . . 67--73
Shai Halevi Efficient Commitment Schemes with
Bounded Sender and Unbounded Receiver 77--89
Phillip Rogaway Bucket Hashing and Its Application to
Fast Message Authentication . . . . . . 91--115
Mihir Bellare and
Ronald L. Rivest Translucent Cryptography --- An
Alternative to Key Escrow, and Its
Implementation via Fractional Oblivious
Transfer . . . . . . . . . . . . . . . . 117--139
N. P. Smart Elliptic Curve Cryptosystems over Small
Fields of Odd Characteristic . . . . . . 141--151
Carlo Blundo and
Alfredo De Santis and
Kaoru Kurosawa and
Wakaha Ogata On a Fallacious Bound for Authentication
Codes . . . . . . . . . . . . . . . . . 155--159
Eli Biham Cryptanalysis of Triple Modes of
Operation . . . . . . . . . . . . . . . 161--184
Daniel J. Bernstein How to Stretch Random Functions: The
Security of Protected Counter Sums . . . 185--192
N. P. Smart The Discrete Logarithm Problem on
Elliptic Curves of Trace One . . . . . . 193--196
Mike Burmester and
Yvo G. Desmedt and
Toshiya Itoh and
Kouichi Sakurai and
Hiroki Shizuya Divertible and Subliminal-Free
Zero-Knowledge Proofs for Languages . . 197--223
Kathleen A. S. Quinn Bounds for Key Distribution Patterns . . 227--239
Marc Joye and
Arjen K. Lenstra and
Jean-Jacques Quisquater Chinese Remaindering Based Cryptosystems
in the Presence of Faults . . . . . . . 241--245
Victor Shoup On the Security of a Practical
Identification Scheme . . . . . . . . . 247--260
Carlo Blundo and
Alfredo De Santis and
Douglas R. Stinson On the Contrast in Visual Cryptography
Schemes . . . . . . . . . . . . . . . . 261--289
Oded Goldreich Preface . . . . . . . . . . . . . . . . 1--7
Matthew Franklin and
Rebecca N. Wright Secure Communication in Minimal
Connectivity Models . . . . . . . . . . 9--30
Martin Hirt and
Ueli Maurer Player Simulation and General Adversary
Structures in Perfect Multiparty
Computation . . . . . . . . . . . . . . 31--60
Ran Canetti and
Shai Halevi and
Amir Herzberg Maintaining Authenticated Communication
in the Presence of Break-Ins . . . . . . 61--105
Ran Canetti and
Eyal Kushilevitz and
Rafail Ostrovsky and
Adi Rosén Randomness versus Fault-Tolerance . . . 107--142
Ran Canetti Security and Composition of Multiparty
Cryptographic Protocols . . . . . . . . 143--202
H. Zbinden and
N. Gisin and
B. Huttner and
A. Muller and
W. Tittel Practical Aspects of Quantum
Cryptographic Key Distribution . . . . . 207--220
R. Fischlin and
C. P. Schnorr Stronger Security Proofs for RSA and
Rabin Bits . . . . . . . . . . . . . . . 221--244
Jovan Dj. Golic and
Mahmoud Salmasizadeh and
Ed Dawson Fast Correlation Attacks on the
Summation Generator . . . . . . . . . . 245--262
Sachar Paulus and
Tsuyoshi Takagi A New Public-Key Cryptosystem over a
Quadratic Order with Quadratic
Decryption Time . . . . . . . . . . . . 263--272
Rosario Gennaro and
Tal Rabin and
Stanislav Jarecki and
Hugo Krawczyk Robust and Efficient Sharing of RSA
Functions . . . . . . . . . . . . . . . 273--300
Muxiang Zhang Maximum Correlation Analysis of
Nonlinear Combining Functions in Stream
Ciphers . . . . . . . . . . . . . . . . 301--314
Erez Petrank and
Charles Rackoff CBC MAC for Real-Time Data Sources . . . 315--338
Don Coppersmith and
Igor Shparlinski On Polynomial Approximation of the
Discrete Logarithm and the
Diffie--Hellman Mapping . . . . . . . . 339--360
David Pointcheval and
Jacques Stern Security Arguments for Digital
Signatures and Blind Signatures . . . . 361--396
Rosario Gennaro and
Tal Rabin and
Hugo Krawczyk RSA-Based Undeniable Signatures . . . . 397--416
Lars R. Knudsen A Detailed Analysis of SAFER K . . . . . 417--436
J. M. Pollard Kangaroos, Monopoly and Discrete
Logarithms . . . . . . . . . . . . . . . 437--447
Joan Boyar and
Ivan Damgård and
René Peralta Short Non-Interactive Cryptographic
Proofs . . . . . . . . . . . . . . . . . 449--472
Michael J. Jacobson, Jr. Computing Discrete Logarithms in
Quadratic Orders . . . . . . . . . . . . 473--492
Andrew Klapper On the Existence of Secure Keystream
Generators . . . . . . . . . . . . . . . 1--15
Joe Kilian and
Phillip Rogaway How to Protect DES Against Exhaustive
Key Search (an Analysis of DESX) . . . . 17--35
Giovanni Di Crescenzo and
Yuval Ishai and
Rafail Ostrovsky Universal Service-Providers for Private
Information Retrieval . . . . . . . . . 37--74
Don Coppersmith Weakness in Quaternion Signatures . . . 77--85
Serge Vaudenay Cryptanalysis of the Chor--Rivest
Cryptosystem . . . . . . . . . . . . . . 87--100
Dan Boneh and
Richard A. DeMillo and
Richard J. Lipton On the Importance of Eliminating Errors
in Cryptographic Computations . . . . . 101--119
Yongge Wang and
Yvo Desmedt Secure Communication in Multicast
Channels: The Answer to Franklin and
Wright's Question . . . . . . . . . . . 121--135
Dingfeng Ye and
Zongduo Dai and
Kwok-Yan Lam Decomposing Attacks on Asymmetric
Cryptography Based on Mapping
Compositions . . . . . . . . . . . . . . 137--150
Daniel V. Bailey and
Christof Paar Efficient Arithmetic in Finite Field
Extensions with Application in Elliptic
Curve Cryptography . . . . . . . . . . . 153--176
Mikael Goldmann and
Mats Näslund and
Alexander Russell Complexity Bounds on General Hard-Core
Predicates . . . . . . . . . . . . . . . 177--195
Thomas Jakobsen and
Lars R. Knudsen Attacks on Block Ciphers of Low
Algebraic Degree . . . . . . . . . . . . 197--210
Amos Fiat and
Tamir Tassa Dynamic Traitor Tracing . . . . . . . . 211--223
Thomas Scanlon Public Key Cryptosystems Based on
Drinfeld Modules Are Insecure . . . . . 225--230
Kaoru Kurosawa and
Thomas Johansson and
Douglas R. Stinson Almost $k$-Wise Independent Sample
Spaces and Their Cryptologic
Applications . . . . . . . . . . . . . . 231--253
Arjen K. Lenstra and
Eric R. Verheul Selecting Cryptographic Key Sizes . . . 255--293
Silvio Micali and
Leonid Reyzin Improving the Exact Security of Digital
Signature Schemes . . . . . . . . . . . 1--18
P. Gaudry and
F. Hess and
N. P. Smart Constructive and Destructive Facets of
Weil Descent on Elliptic Curves . . . . 19--46
Eli Biham and
Lars R. Knudsen Cryptanalysis of the ANSI X9.52 CBCM
Mode . . . . . . . . . . . . . . . . . . 47--59
A. A. Moldovyan and
N. A. Moldovyan A Cipher Based on Data-Dependent
Permutations . . . . . . . . . . . . . . 61--72
Victor Shoup and
Rosario Gennaro Securing Threshold Cryptosystems against
Chosen Ciphertext Attack . . . . . . . . 75--96
Moni Naor and
Omer Reingold Constructing Pseudo-Random Permutations
with a Prescribed Structure . . . . . . 97--102
Martín Abadi and
Phillip Rogaway Reconciling Two Views of Cryptography
(The Computational Soundness of Formal
Encryption) . . . . . . . . . . . . . . 103--127
Steven D. Galbraith Elliptic Curve Paillier Schemes . . . . 129--138
Anna M. Johnston and
Peter S. Gemmell Authenticated Key Exchange Provably
Secure Against the Man-in-the-Middle
Attack . . . . . . . . . . . . . . . . . 139--148
Phong Q. Nguyen and
Igor E. Shparlinski The Insecurity of the Digital Signature
Algorithm with Partially Known Nonces 151--176
Yehuda Lindell and
Benny Pinkas Privacy Preserving Data Mining . . . . . 177--206
Lars R. Knudsen The Security of Feistel Ciphers with Six
Rounds or Less . . . . . . . . . . . . . 207--222
Victor Shoup OAEP Reconsidered . . . . . . . . . . . 223--249
Dario Catalano and
Rosario Gennaro and
Nick Howgrave-Graham Paillier's Trapdoor Function Hides up to
$O(n)$ Bits . . . . . . . . . . . . . . 251--269
Mihir Bellare A Note on Negligible Functions . . . . . 271--284
S. S. Magliveras and
D. R. Stinson and
Tran van Trung New Approaches to Designing Public Key
Cryptosystems Using One-Way Functions
and Trapdoors in Finite Groups . . . . . 285--297
Steven Myers Efficient Amplification of the Security
of Weak Pseudo-Random Function
Generators . . . . . . . . . . . . . . . 1--24
Amos Beimel and
Shlomi Dolev Buses for Anonymous Message Delivery . . 25--39
Jovan Dj. Golic and
Renato Menicocci Edit Probability Correlation Attacks on
Stop/Go Clocked Keystream Generators . . 41--68
Oded Goldreich and
Vered Rosen On the Security of Modular
Exponentiation with Application to the
Construction of Pseudorandom Generators 71--93
Michael Ben-Or and
Dan Gutfreund Trading Help for Interaction in
Statistical Zero-Knowledge Proofs . . . 95--116
Siguna Müller A Probable Prime Test with Very High
Confidence for $n L 3 \bmod 4$ . . . . . 117--139
Yehuda Lindell Parallel Coin-Tossing and Constant-Round
Secure Two-Party Computation . . . . . . 143--184
M. Bellare and
C. Namprempre and
D. Pointcheval and
M. Semanko The One-More-RSA-Inversion Problems and
the Security of Chaum's Blind Signature
Scheme . . . . . . . . . . . . . . . . . 185--215
Gilles Brassard and
Claude Crépeau and
Stefan Wolf Oblivious Transfers and Privacy
Amplification . . . . . . . . . . . . . 219--237
Antoine Joux and
Kim Nguyen Separating Decision Diffie--Hellman from
Computational Diffie--Hellman in
Cryptographic Groups . . . . . . . . . . 239--247
Serge Vaudenay Decorrelation: a Theory for Block Cipher
Security . . . . . . . . . . . . . . . . 249--286
Adam Kalai Generating Random Factored Numbers,
Easily . . . . . . . . . . . . . . . . . 287--289
Oded Goldreich Preface . . . . . . . . . . . . . . . . 1--3
Stefan Dziembowski and
Ueli Maurer Optimal Randomizer Efficiency in the
Bounded-Storage Model . . . . . . . . . 5--26
Chi-Jen Lu Encryption against Storage-Bounded
Adversaries from On-Line Strong
Extractors . . . . . . . . . . . . . . . 27--42
Salil P. Vadhan Constructing Locally Computable
Extractors and Cryptosystems in the
Bounded-Storage Model . . . . . . . . . 43--77
Eiichiro Fujisaki and
Tatsuaki Okamoto and
David Pointcheval and
Jacques Stern RSA-OAEP Is Secure under the RSA
Assumption . . . . . . . . . . . . . . . 81--104
Michael J. Wiener The Full Cost of Cryptanalytic Attacks 105--124
Amos Beimel and
Yuval Ishai and
Tal Malkin Reducing the Servers --- Computation in
Private Information Retrieval: PIR with
Preprocessing . . . . . . . . . . . . . 125--151
Ran Canetti and
Ivan Damgård and
Stefan Dziembowski and
Yuval Ishai and
Tal Malkin Adaptive versus Non-Adaptive Security of
Multi-Party Protocols . . . . . . . . . 153--207
Gustav Hast Nearly One-Sided Tests and the
Goldreich--Levin Predicate . . . . . . . 209--229
Arjen K. Lenstra Preface . . . . . . . . . . . . . . . . 233--233
Victor S. Miller The Weil Pairing, and Its Efficient
Calculation . . . . . . . . . . . . . . 235--261
Antoine Joux A One Round Protocol for Tripartite
Diffie--Hellman . . . . . . . . . . . . 263--276
Eric R. Verheul Evidence that XTR Is More Secure than
Supersingular Elliptic Curve
Cryptosystems . . . . . . . . . . . . . 277--296
Dan Boneh and
Ben Lynn and
Hovav Shacham Short Signatures from the Weil Pairing 297--319
Paulo S. L. M. Barreto and
Ben Lynn and
Michael Scott Efficient Implementation of
Pairing-Based Cryptosystems . . . . . . 321--334
Moni Naor and
Benny Pinkas Computationally Secure Oblivious
Transfer . . . . . . . . . . . . . . . . 1--35
Matthias Fitzi and
Juan A. Garay and
Ueli Maurer and
others Minimal Complete Primitives for Secure
Multi-Party Computation . . . . . . . . 37--61
Henri Cohen Analysis of the Sliding Window Powering
Algorithm . . . . . . . . . . . . . . . 63--76
Régis Dupont and
Andreas Enge and
François Morain Building Curves with Arbitrary Small MOV
Degree over Finite Prime Fields . . . . 79--89
Rosario Gennaro An Improved Pseudo-Random Generator
Based on the Discrete Logarithm Problem 91--110
John Black and
Phillip Rogaway CBC MACs for Arbitrary-Length Messages:
The Three-Key Constructions . . . . . . 111--131
Hoi-Kwong Lo and
H. F. Chau and
M. Ardehali Efficient Quantum Key Distribution
Scheme and a Proof of Its Unconditional
Security . . . . . . . . . . . . . . . . 133--165
Tamir Tassa Low Bandwidth Dynamic Traitor Tracing
Schemes . . . . . . . . . . . . . . . . 167--183
Ran Canetti Preface . . . . . . . . . . . . . . . . 187--189
Jeffrey Considine and
Matthias Fitzi and
Matthew Franklin and
Leonid A. Levin and
Ueli Maurer and
David Metcalf Byzantine Agreement Given Partial
Broadcast . . . . . . . . . . . . . . . 191--217
Christian Cachin and
Klaus Kursawe and
Victor Shoup Random Oracles in Constantinople:
Practical Asynchronous Byzantine
Agreement Using Cryptography . . . . . . 219--246
Shafi Goldwasser and
Yehuda Lindell Secure Multi-Party Computation without
Agreement . . . . . . . . . . . . . . . 247--287
Eli Biham and
Alex Biryukov and
Adi Shamir Cryptanalysis of Skipjack Reduced to
$31$ Rounds Using Impossible
Differentials . . . . . . . . . . . . . 291--311
Adrian Kent Secure Classical Bit Commitment Using
Fixed Capacity Communication Channels 313--335
Joachim von zur Gathen and
Michael Nöcker Polynomial and Normal Bases for Finite
Fields . . . . . . . . . . . . . . . . . 337--355
Roberto M. Avanzi The Complexity of Certain
Multi-Exponentiation Techniques in
Cryptography . . . . . . . . . . . . . . 357--373
Lars R. Knudsen and
Chris J. Mitchell Partial Key Recovery Attack Against RMAC 375--389
Carlo Blundo and
Paolo D'Arco Analysis and Design of Distributed Key
Distribution Centers . . . . . . . . . . 391--414
Jan Denef and
Frederik Vercauteren An Extension of Kedlaya's Algorithm to
Hyperelliptic Curves in Characteristic
$2$ . . . . . . . . . . . . . . . . . . 1--25
Philip MacKenzie and
Thomas Shrimpton and
Markus Jakobsson Threshold Password-Authenticated Key
Exchange . . . . . . . . . . . . . . . . 27--66
Jonathan Katz and
Moti Yung Characterization of Security Notions for
Probabilistic Private-Key Encryption . . 67--95
Yan-Cheng Chang and
Chun-Yuan Hsiao and
Chi-Jen Lu The Impossibility of Basing One-Way
Permutations on Central Cryptographic
Primitives . . . . . . . . . . . . . . . 97--114
Edlyn Teske An Elliptic Curve Trapdoor System . . . 115--133
Ran Canetti and
Eyal Kushilevitz and
Yehuda Lindell On the Limitations of Universally
Composable Two-Party Computation Without
Set-Up Assumptions . . . . . . . . . . . 135--167
Juan A. Garay and
Philip MacKenzie and
Ke Yang Strengthening Zero-Knowledge Protocols
Using Signatures . . . . . . . . . . . . 169--209
Michael J. Jacobson and
Renate Scheidler and
Hugh C. Williams An Improved Real-Quadratic-Field-Based
Key Exchange Procedure . . . . . . . . . 211--239
Oded Goldreich and
Yehuda Lindell Session-Key Generation Using Human
Passwords Only . . . . . . . . . . . . . 241--340
Markus Bläser and
Andreas Jakoby and
Maciej Liskiewicz and
Bodo Manthey Private Computation: $k$-Connected
versus $1$-Connected Networks . . . . . 341--357
Yehuda Lindell A Simpler Construction of CCA2-Secure
Public-Key Encryption under General
Assumptions . . . . . . . . . . . . . . 359--377
Eli Biham and
Michel Boyer and
P. Oscar Boykin and
Tal Mor and
Vwani Roychowdhury A Proof of the Security of Quantum Key
Distribution . . . . . . . . . . . . . . 381--439
Deukjo Hong and
Seokhie Hong and
Wonil Lee and
Sangjin Lee and
Jongin Lim and
Jaechul Sung and
Okyeon Yi Known-IV, Known-in-Advance-IV, and
Replayed-and-Known-IV Attacks on
Multiple Modes of Operation of Block
Ciphers . . . . . . . . . . . . . . . . 441--462
Marc Girault and
Guillaume Poupard and
Jacques Stern On the Fly Authentication and Signature
Schemes Based on Groups of Unknown Order 463--487
Ivan Bjerre Damgard and
Gudmund Skovbjerg Frandsen An Extended Quadratic Frobenius
Primality Test with Average- and
Worst-Case Error Estimate . . . . . . . 489--520
Danny Harnik and
Moni Naor and
Omer Reingold and
Alon Rosen Completeness in Two-Party Secure
Computation: a Computational View . . . 521--552
Florian Luca and
Igor E. Shparlinski Elliptic Curves with Low Embedding
Degree . . . . . . . . . . . . . . . . . 553--562
Anonymous Editor's Note . . . . . . . . . . . . . 1--1
Neal Koblitz and
Alfred J. Menezes Another Look at ``Provable Security'' 3--37
Jean-Sebastien Coron and
Alexander May Deterministic Polynomial-Time
Equivalence of Computing the RSA Secret
Key and Factoring . . . . . . . . . . . 39--50
Rosario Gennaro and
Stanislaw Jarecki and
Hugo Krawczyk and
Tal Rabin Secure Distributed Key Generation for
Discrete-Log Based Cryptosystems . . . . 51--83
Jonathan Katz and
Moti Yung Scalable Protocols for Authenticated
Group Key Exchange . . . . . . . . . . . 85--113
Dario Catalano and
David Pointcheval and
Thomas Pornin Trapdoor Hard-to-Invert Group
Isomorphisms and Their Application to
Password-Based Authentication . . . . . 115--149
Johan Håstad The Security of the IAPM and IACBC Modes 153--163
Yan Zong Ding and
Danny Harnik and
Alon Rosen and
Ronen Shaltiel Constant-Round Oblivious Transfer in the
Bounded Storage Model . . . . . . . . . 165--202
Joonsang Baek and
Ron Steinfeld and
Yuliang Zheng Formal Proofs for the Security of
Signcryption . . . . . . . . . . . . . . 203--235
Tamir Tassa Hierarchical Threshold Secret Sharing 237--264
Ran Canetti and
Shai Halevi and
Jonathan Katz A Forward-Secure Public-Key Encryption
Scheme . . . . . . . . . . . . . . . . . 265--294
Amos Beimel and
Yoav Stahl Robust Information-Theoretic Private
Information Retrieval . . . . . . . . . 295--321
Carlo Blundo and
Paolo D'Arco and
Alfredo De Santis and
Douglas Stinson On Unconditionally Secure Distributed
Oblivious Transfer . . . . . . . . . . . 323--373
Qi Cheng Primality Proving via One Round in ECPP
and One Iteration in AKS . . . . . . . . 375--387
Boaz Tsaban Theoretical Cryptanalysis of the
Klimov--Shamir Number Generator TF-1 . . 389--392
Rosario Gennaro and
Tal Rabin and
Stanislav Jarecki and
Hugo Krawczyk Robust and Efficient Sharing of RSA
Functions . . . . . . . . . . . . . . . 393--393
Rosario Gennaro and
Tal Rabin and
Hugo Krawczyk RSA-Based Undeniable Signatures . . . . 394--394
Martin Abadi and
Phillip Rogaway Reconciling Two Views of Cryptography
(The Computational Soundness of Formal
Encryption) . . . . . . . . . . . . . . 395--395
Rafail Ostrovsky and
William E. Skeith Private Searching on Streaming Data . . 397--430
Yael Tauman Kalai and
Yehuda Lindell and
Manoj Prabhakaran Concurrent Composition of Secure
Protocols in the Timing Model . . . . . 431--492
Eu-Jin Goh and
Stanislaw Jarecki and
Jonathan Katz and
Nan Wang Efficient Signature Schemes with Tight
Reductions to the Diffie--Hellman
Problems . . . . . . . . . . . . . . . . 493--514
Johan Håstad and
Mats Näslund Practical Construction and Analysis of
Pseudo-Randomness Primitives . . . . . . 1--26
D. Coppersmith and
J. S. Coron and
F. Grieu and
S. Halevi and
C. Jutla and
D. Naccache and
J. P. Stern Cryptanalysis of ISO/IEC 9796-1 . . . . 27--51
Minh-Huyen Nguyen and
Salil Vadhan Simpler Session-Key Generation from
Short Random Passwords . . . . . . . . . 52--96
Masayuki Abe and
Rosario Gennaro and
Kaoru Kurosawa Tag-KEM/DEM: a New Framework for Hybrid
Encryption . . . . . . . . . . . . . . . 97--130
Ali Aydìn Selçuk On Probability of Success in Linear and
Differential Cryptanalysis . . . . . . . 131--147
Dan Boneh and
Xavier Boyen Short Signatures Without Random Oracles
and the SDH Assumption in Bilinear
Groups . . . . . . . . . . . . . . . . . 149--177
K. Bentahar and
P. Farshim and
J. Malone-Lee and
N. P. Smart Generic Constructions of Identity-Based
and Certificateless KEMs . . . . . . . . 178--199
Yehuda Lindell Lower Bounds and Impossibility Results
for Concurrent Self Composition . . . . 200--249
Jérôme Renault and
Tristan Tomala Probabilistic Reliability and Privacy of
Communication Using Multicast in General
Neighbor Networks . . . . . . . . . . . 250--279
R. Overbeck Structural Attacks for Public Key
Cryptosystems based on Gabidulin Codes 280--301
Jonathan Katz and
Yehuda Lindell Handling Expected Polynomial-Time
Strategies in Simulation-Based Security
Proofs . . . . . . . . . . . . . . . . . 303--349
Michel Abdalla and
Mihir Bellare and
Dario Catalano and
Eike Kiltz and
Tadayoshi Kohno and
Tanja Lange and
John Malone-Lee and
Gregory Neven and
Pascal Paillier and
Haixia Shi Searchable Encryption Revisited:
Consistency Properties, Relation to
Anonymous IBE, and Extensions . . . . . 350--391
Elad Barkan and
Eli Biham and
Nathan Keller Instant Ciphertext-Only Cryptanalysis of
GSM Encrypted Communication . . . . . . 392--429
Yi Lu and
Serge Vaudenay Cryptanalysis of an E0-like Combiner
with Memory . . . . . . . . . . . . . . 430--457
Francesco Matucci Cryptanalysis of the Shpilrain--Ushakov
Protocol for Thompson's Group . . . . . 458--468
Mihir Bellare and
Chanathip Namprempre Authenticated Encryption: Relations
among Notions and Analysis of the
Generic Composition Paradigm . . . . . . 469--491
Ralf Küsters and
Anupam Datta and
John C. Mitchell and
Ajith Ramanathan On the Relationships between Notions of
Simulation-Based Security . . . . . . . 492--546
Charanjit S. Jutla Encryption Modes with Almost Free
Message Integrity . . . . . . . . . . . 547--578
Rahul Jain New Binding-Concealing Trade-Offs for
Quantum String Commitment . . . . . . . 579--592
Claus Diem and
Emmanuel Thomé Index Calculus in Class Groups of
Non-hyperelliptic Curves of Genus Three 593--611
Mihir Bellare and
Chanathip Namprempre and
Gregory Neven Security Proofs for Identity-Based
Identification and Signature Schemes . . 1--61
Wolfgang Lempken and
Trung van Tran and
Spyros S. Magliveras and
Wandi Wei A Public Key Cryptosystem Based on
Non-abelian Finite Groups . . . . . . . 62--74
Russell Impagliazzo and
Ragesh Jaiswal and
Valentine Kabanets Chernoff-Type Direct Product Theorems 75--92
Denis X. Charles and
Kristin E. Lauter and
Eyal Z. Goren Cryptographic Hash Functions from
Expander Graphs . . . . . . . . . . . . 93--113
Adam Bender and
Jonathan Katz and
Ruggero Morselli Ring Signatures: Stronger Definitions,
and Constructions without Random Oracles 114--138
Phong Q. Nguyen and
Oded Regev Learning a Parallelepiped: Cryptanalysis
of GGH and NTRU Signatures . . . . . . . 139--160
Yehuda Lindell and
Benny Pinkas A Proof of Security of Yao's Protocol
for Two-Party Computation . . . . . . . 161--188
Tal Moran and
Ronen Shaltiel and
Amnon Ta-Shma Non-interactive Timestamping in the
Bounded-Storage Model . . . . . . . . . 189--226
Tamir Tassa and
Nira Dyn Multipartite Secret Sharing by Bivariate
Interpolation . . . . . . . . . . . . . 227--258
M. Barbosa and
A. Moss and
D. Page Constructive and Destructive Use of
Compilers in Elliptic Curve Cryptography 259--281
Iftach Haitner and
Omer Horvitz and
Jonathan Katz and
Chiu-Yuen Koo and
Ruggero Morselli and
others Reducing Complexity Assumptions for
Statistically-Hiding Commitment . . . . 283--310
J. Black and
M. Cochran and
T. Shrimpton On the Impossibility of Highly-Efficient
Blockcipher-Based Hash Functions . . . . 311--329
K. Rubin and
A. Silverberg Using Abelian Varieties to Improve
Pairing-Based Cryptography . . . . . . . 330--364
Nenad Dedi\'c and
Gene Itkis and
Leonid Reyzin and
Scott Russell Upper and Lower Bounds on Black-Box
Steganography . . . . . . . . . . . . . 365--394
Yehuda Lindell General Composition and Universal
Composability in Secure Multiparty
Computation . . . . . . . . . . . . . . 395--428
Benny Applebaum and
Yuval Ishai and
Eyal Kushilevitz Cryptography with Constant Input
Locality . . . . . . . . . . . . . . . . 429--469
David Cash and
Eike Kiltz and
Victor Shoup The Twin Diffie--Hellman Problem and
Applications . . . . . . . . . . . . . . 470--504
Benjamin Smith Isogenies and the Discrete Logarithm
Problem in Jacobians of Genus $3$
Hyperelliptic Curves . . . . . . . . . . 505--529
Marc Fischlin and
Roger Fischlin Efficient Non-malleable Commitment
Schemes . . . . . . . . . . . . . . . . 530--571
Mario Di Raimondo and
Rosario Gennaro New Approaches for Deniable
Authentication . . . . . . . . . . . . . 572--615
Oded Goldreich On Expected Probabilistic
Polynomial-Time Adversaries: a
Suggestion for Restricted Definitions
and Their Benefits . . . . . . . . . . . 1--36
Eran Tromer and
Dag Arne Osvik and
Adi Shamir Efficient Cache Attacks on AES, and
Countermeasures . . . . . . . . . . . . 37--71
Lars R. Knudsen and
John Erik Mathiassen and
Frédéric Muller and
Sòren S. Thomsen Cryptanalysis of MD2 . . . . . . . . . . 72--90
Yvo Desmedt and
Rosario Gennaro and
Kaoru Kurosawa and
Victor Shoup A New and Improved Paradigm for Hybrid
Encryption Secure Against
Chosen-Ciphertext Attack . . . . . . . . 91--120
Dennis Hofheinz and
John Malone-Lee and
Martijn Stam Obfuscation for Cryptographic Purposes 121--168
Daniele Micciancio The RSA Group is Pseudo-Free . . . . . . 169--186
P. Morrissey and
N. P. Smart and
B. Warinschi The TLS Handshake Protocol: a Modular
Analysis . . . . . . . . . . . . . . . . 187--223
David Freeman and
Michael Scott and
Edlyn Teske A Taxonomy of Pairing-Friendly Elliptic
Curves . . . . . . . . . . . . . . . . . 224--280
Yonatan Aumann and
Yehuda Lindell Security Against Covert Adversaries:
Efficient Protocols for Realistic
Adversaries . . . . . . . . . . . . . . 281--343
Amos Beimel and
Tal Malkin and
Kobbi Nissim and
Enav Weinreb How Should We Solve Search Problems
Privately? . . . . . . . . . . . . . . . 344--371
Gagan Aggarwal and
Nina Mishra and
Benny Pinkas Secure Computation of the Median (and
Other Elements of Specified Ranks) . . . 373--401
Jonathan Katz and
Ji Sun Shin and
Adam Smith Parallel and Concurrent Security of the
HB and HB$^+$ Protocols . . . . . . . . 402--421
Carmit Hazay and
Yehuda Lindell Efficient Protocols for Set Intersection
and Pattern Matching with Security
Against Malicious and Covert Adversaries 422--456
Jung Hee Cheon Discrete Logarithm Problems with
Auxiliary Inputs . . . . . . . . . . . . 457--476
Elisavet Konstantinou and
Aristides Kontogeorgis and
Yannis C. Stamatiou and
Christos Zaroliagis On the Efficient Generation of
Prime-Order Elliptic Curves . . . . . . 477--503
Alex Biryukov and
Adi Shamir Structural Cryptanalysis of SASAS . . . 505--518
J. Black and
P. Rogaway and
T. Shrimpton and
M. Stam An Analysis of the Blockcipher--Based
Hash Functions from PGV . . . . . . . . 519--545
Jens Groth A Verifiable Secret Shuffle of
Homomorphic Encryptions . . . . . . . . 546--579
Omer Barkol and
Yuval Ishai and
Enav Weinreb On $d$-Multiplicative Secret Sharing . . 580--593
Jörn Müller-Quade and
Dominique Unruh Long-Term Security and Universal
Composability . . . . . . . . . . . . . 594--671
Sebastiaan Indesteege and
Bart Preneel Practical Collisions for EnRUPT . . . . 1--23
Andreas Enge and
Pierrick Gaudry and
Emmanuel Thomé An $L(1/3)$ Discrete Logarithm Algorithm
for Low Degree Curves . . . . . . . . . 24--41
Michel Abdalla and
James Birkett and
Dario Catalano and
Alexander W. Dent and
John Malone-Lee and
Gregory Neven and
Jacob C. N. Schuldt and
Nigel P. Smart Wildcarded Identity-Based Encryption . . 42--82
Ran Canetti and
Jonathan Herzog Universally Composable Symbolic Security
Analysis . . . . . . . . . . . . . . . . 83--147
Markus Grassl and
Ivana Ili\'c and
Spyros Magliveras and
Rainer Steinwandt Cryptanalysis of the Tillich--Zémor Hash
Function . . . . . . . . . . . . . . . . 148--156
Gilad Asharov and
Yehuda Lindell Utility Dependence in Correct and Fair
Rational Secret Sharing . . . . . . . . 157--202
Marc Fischlin and
Roger Fischlin Efficient Non-Malleable Commitment
Schemes . . . . . . . . . . . . . . . . 203--244
Christof Paar and
Jean-Jacques Quisquater and
Berk Sunar Guest Editorial . . . . . . . . . . . . 245--246
G. Canivet and
P. Maistri and
R. Leveugle and
J. Clédi\`ere and
F. Valette and
M. Renaudin Glitch and Laser Fault Attacks onto a
Secure AES Implementation on a
SRAM-Based FPGA . . . . . . . . . . . . 247--268
Lejla Batina and
Benedikt Gierlichs and
Emmanuel Prouff and
Matthieu Rivain and
François-Xavier Standaert and
Nicolas Veyrat-Charvillon Mutual Information Analysis: a
Comprehensive Study . . . . . . . . . . 269--291
Svetla Nikova and
Vincent Rijmen and
Martin Schläffer Secure Hardware Implementation of
Nonlinear Functions in the Presence of
Glitches . . . . . . . . . . . . . . . . 292--321
Axel Poschmann and
Amir Moradi and
Khoongming Khoo and
Chu-Wee Lim and
Huaxiong Wang and
San Ling Side-Channel Resistant Crypto for Less
than 2,300 GE . . . . . . . . . . . . . 322--345
Agustin Dominguez-Oviedo and
M. Anwar Hasan and
Bijan Ansari Fault-Based Attack on Montgomery's
Ladder Algorithm . . . . . . . . . . . . 346--374
Abhranil Maiti and
Patrick Schaumont Improved Ring Oscillator PUF: An
FPGA-friendly Secure Primitive . . . . . 375--397
Mathieu Baudet and
David Lubicz and
Julien Micolod and
André Tassiaux On the Security of Oscillator-Based
Random Number Generators . . . . . . . . 398--425
Martin Hell and
Thomas Johansson Breaking the Stream Ciphers F-FCSR-H and
F-FCSR-16 in Real Time . . . . . . . . . 427--445
Steven D. Galbraith and
Xibin Lin and
Michael Scott Endomorphisms for Faster Elliptic Curve
Cryptography on a Large Class of Curves 446--469
Dennis Hofheinz Possibility and Impossibility Results
for Selective Decommitments . . . . . . 470--516
Dafna Kidron and
Yehuda Lindell Impossibility Results for Universal
Composability in Public-Key Models and
with Fixed Inputs . . . . . . . . . . . 517--544
Jean Monnerat and
Serge Vaudenay Short Undeniable Signatures Based on
Group Homomorphisms . . . . . . . . . . 545--587
Moses Liskov and
Ronald L. Rivest and
David Wagner Tweakable Block Ciphers . . . . . . . . 588--613
Juan A. Garay and
Philip MacKenzie and
Manoj Prabhakaran and
Ke Yang Resource Fairness and Composability of
Cryptographic Protocols . . . . . . . . 615--658
Dan Boneh and
Xavier Boyen Efficient Selective Identity-Based
Encryption Without Random Oracles . . . 659--693
Susan Hohenberger and
Guy N. Rothblum and
Abhi Shelat and
Vinod Vaikuntanathan Securely Obfuscating Re-Encryption . . . 694--719
Boaz Barak and
Ran Canetti and
Yehuda Lindell and
Rafael Pass and
Tal Rabin Secure Computation Without
Authentication . . . . . . . . . . . . . 720--760
Yehuda Lindell and
Hila Zarosim Adaptive Zero-Knowledge Proofs and
Adaptively Secure Oblivious Transfer . . 761--799
Rahul Jain Resource Requirements of Private Quantum
Channels and Consequences for Oblivious
Remote State Preparation . . . . . . . . 1--13
S. Dov Gordon and
Jonathan Katz Partial Fairness in Secure Two-Party
Computation . . . . . . . . . . . . . . 14--40
Jonathan Katz Which Languages Have 4-Round
Zero-Knowledge Proofs? . . . . . . . . . 41--56
Alexandra Boldyreva and
Adriana Palacio and
Bogdan Warinschi Secure Proxy Signature Schemes for
Delegation of Signing Rights . . . . . . 57--115
Krzysztof Pietrzak and
Douglas Wikström Parallel Repetition of Computationally
Sound Protocols Revisited . . . . . . . 116--135
Wim Aerts and
Eli Biham and
Dieter De Moitié and
Elke De Mulder and
Orr Dunkelman and
Sebastiaan Indesteege and
Nathan Keller and
Bart Preneel and
Guy A. E. Vandenbosch and
Ingrid Verbauwhede A Practical Attack on KeeLoq . . . . . . 136--157
Shai Halevi and
Yael Tauman Kalai Smooth Projective Hashing and
Two-Message Oblivious Transfer . . . . . 158--193
Jung Hee Cheon and
Jin Hong and
Minkyu Kim Accelerating Pollard's Rho Algorithm on
Finite Fields . . . . . . . . . . . . . 195--242
Giuseppe Ateniese and
Alfredo De Santis and
Anna Lisa Ferrara and
Barbara Masucci Provably-Secure Time-Bound Hierarchical
Key Assignment Schemes . . . . . . . . . 243--270
Shoichi Hirose and
Je Hong Park and
Aaram Yun A Simple Variant of the Merkle--Damgård
Scheme with a Permutation . . . . . . . 271--309
Tom Roeder and
Rafael Pass and
Fred B. Schneider Multi-Verifier Signatures . . . . . . . 310--348
Lorenz Minder and
Alistair Sinclair The Extended $k$-tree Algorithm . . . . 349--382
Carmit Hazay and
Kobbi Nissim Efficient Set Operations in the Presence
of Malicious Adversaries . . . . . . . . 383--433
Oriol Farr\`as and
Jaume Martí-Farré and
Carles Padró Ideal Multipartite Secret Sharing
Schemes . . . . . . . . . . . . . . . . 434--463
Stanislav V. Smyshlyaev Perfectly Balanced Boolean Functions and
Goli\'c Conjecture . . . . . . . . . . . 464--483
Dennis Hofheinz and
Eike Kiltz Programmable Hash Functions and Their
Applications . . . . . . . . . . . . . . 484--527
Akinori Kawachi and
Takeshi Koshiba and
Harumichi Nishimura and
Tomoyuki Yamakami Computational Indistinguishability
Between Quantum States and Its
Cryptographic Application . . . . . . . 528--555
Yvo Desmedt and
Josef Pieprzyk and
Ron Steinfeld and
Xiaoming Sun and
Christophe Tartary and
Huaxiong Wang and
Andrew Chi-Chih Yao Graph Coloring Applied to Secure
Computation in Non-Abelian Groups . . . 557--600
David Cash and
Dennis Hofheinz and
Eike Kiltz and
Chris Peikert Bonsai Trees, or How to Delegate a
Lattice Basis . . . . . . . . . . . . . 601--639
M. Bellare and
A. Boldyreva and
L. Knudsen and
C. Namprempre On-line Ciphers and the Hash-CBC
Constructions . . . . . . . . . . . . . 640--679
Yehuda Lindell and
Benny Pinkas Secure Two--Party Computation via
Cut-and-Choose Oblivious Transfer . . . 680--722
Jan Camenisch and
Susan Hohenberger and
Michael Òstergaard Pedersen Batch Verification of Short Signatures 723--747
Praveen Gauravaram and
Lars R. Knudsen Security Analysis of
Randomize-Hash-then-Sign Digital
Signatures . . . . . . . . . . . . . . . 748--779
Rafael Pass and
Alon Rosen and
Wei-Lung Dustin Tseng Public-Coin Parallel Zero--Knowledge for
NP . . . . . . . . . . . . . . . . . . . 1--10
Julia Borghoff and
Lars R. Knudsen and
Gregor Leander and
Sòren S. Thomsen Slender-Set Differential Cryptanalysis 11--38
David Mandell Freeman and
Oded Goldreich and
Eike Kiltz and
Alon Rosen and
Gil Segev More Constructions of Lossy and
Correlation-Secure Trapdoor Functions 39--74
Hossein Ghodosi Analysis of an Unconditionally Secure
Distributed Oblivious Transfer . . . . . 75--79
Eiichiro Fujisaki and
Tatsuaki Okamoto Secure Integration of Asymmetric and
Symmetric Encryption Schemes . . . . . . 80--101
Dennis Hofheinz and
Eike Kiltz and
Victor Shoup Practical Chosen Ciphertext Secure
Encryption from Factoring . . . . . . . 102--118
Antoine Joux and
Vanessa Vitse Elliptic Curve Discrete Logarithm
Problem over Small Degree Extension
Fields . . . . . . . . . . . . . . . . . 119--143
Andrej Bogdanov and
Alon Rosen Input Locality and Hardness
Amplification . . . . . . . . . . . . . 144--171
Takanori Isobe A Single-Key Attack on the Full GOST
Block Cipher . . . . . . . . . . . . . . 172--189
Jonathan Katz and
Amit Sahai and
Brent Waters Predicate Encryption Supporting
Disjunctions, Polynomial Equations, and
Inner Products . . . . . . . . . . . . . 191--224
Tibor Jager and
Jörg Schwenk On the Analysis of Cryptographic
Assumptions in the Generic Ring Model 225--245
Jean-Sébastien Coron and
Alexey Kirichenko and
Mehdi Tibouchi A Note on the Bivariate Coppersmith
Theorem . . . . . . . . . . . . . . . . 246--250
Melissa Chase and
Alexander Healy and
Anna Lysyanskaya and
Tal Malkin and
Leonid Reyzin Mercurial Commitments with Applications
to Zero-Knowledge Sets . . . . . . . . . 251--279
Joan Boyar and
Philip Matthews and
René Peralta Logic Minimization Techniques with
Applications to Cryptology . . . . . . . 280--312
Jean-Philippe Aumasson and
Luca Henzen and
Willi Meier and
María Naya-Plasencia \sc Quark: a Lightweight Hash . . . . . 313--339
Steve Lu and
Rafail Ostrovsky and
Amit Sahai and
Hovav Shacham and
Brent Waters Sequential Aggregate Signatures,
Multisignatures, and Verifiably
Encrypted Signatures Without Random
Oracles . . . . . . . . . . . . . . . . 340--373
Dennis Hofheinz and
Dominique Unruh and
Jörn Müller-Quade Polynomial Runtime and Composability . . 375--441
Hovav Shacham and
Brent Waters Compact Proofs of Retrievability . . . . 442--483
Oded Goldreich and
Ron D. Rothblum Enhancements of Trapdoor Permutations 484--512
Elette Boyle and
Gil Segev and
Daniel Wichs Fully Leakage-Resilient Signatures . . . 513--558
Jin Hong and
Sunghwan Moon A Comparison of Cryptanalytic Tradeoff
Algorithms . . . . . . . . . . . . . . . 559--637
Yehuda Lindell A Note on Constant-Round Zero-Knowledge
Proofs of Knowledge . . . . . . . . . . 638--654
Marten van Dijk and
Ari Juels and
Alina Oprea and
Ronald L. Rivest FlipIt: The Game of ``Stealthy
Takeover'' . . . . . . . . . . . . . . . 655--713
Jonathan Katz and
Vinod Vaikuntanathan Round-Optimal Password-Based
Authenticated Key Exchange . . . . . . . 714--743
Paul Stankovski and
Martin Hell and
Thomas Johansson An Efficient State Recovery Attack on
the X-FCSR Family of Stream Ciphers . . 1--22
Aggelos Kiayias and
Yona Raekow and
Alexander Russell A One-Time Stegosystem and Applications
to Efficient Covert Communication . . . 23--44
Rafael Pass and
Wei-Lung Dustin Tseng Concurrent Zero Knowledge, Revisited . . 45--66
Sourav Sen Gupta and
Subhamoy Maitra and
Goutam Paul and
Santanu Sarkar (Non-)Random Sequences from (Non-)Random
Permutations --- Analysis of RC4 Stream
Cipher . . . . . . . . . . . . . . . . . 67--108
Iftach Haitner and
Omer Reingold A New Interactive Hashing Theorem . . . 109--138
James Birkett and
Alexander W. Dent Security Models and Proof Strategies for
Plaintext-Aware Encryption . . . . . . . 139--180
Jin Hong and
Sunghwan Moon Erratum to: \booktitleA Comparison of
Cryptanalytic Tradeoff Algorithms . . . 181--181
Itai Dinur and
Orr Dunkelman and
Adi Shamir Improved Practical Attacks on
Round-Reduced Keccak . . . . . . . . . . 183--209
Zvika Brakerski and
Gil Segev Better Security for Deterministic
Public-Key Encryption: The
Auxiliary-Input Setting . . . . . . . . 210--247
Patrick Longa and
Francesco Sica Four-Dimensional
Gallant--Lambert--Vanstone Scalar
Multiplication . . . . . . . . . . . . . 248--283
Ronald Cramer and
Ivan Damgård and
Marcel Keller On the Amortized Complexity of
Zero-Knowledge Protocols . . . . . . . . 284--316
Nir Bitansky and
Ran Canetti On Strong Simulation and Composable
Point Obfuscation . . . . . . . . . . . 317--357
Carmit Hazay and
Tomas Toft Computationally Secure Pattern Matching
in the Presence of Malicious Adversaries 358--395
Marc Fischlin and
Anja Lehmann and
Krzysztof Pietrzak Robust Multi-Property Combiners for Hash
Functions . . . . . . . . . . . . . . . 397--428
Benny Applebaum Key-Dependent Message Security: Generic
Amplification and Completeness . . . . . 429--451
Dmitry Khovratovich and
Ivica Nikoli\'c and
Christian Rechberger Rotational Rebound Attacks on Reduced
Skein . . . . . . . . . . . . . . . . . 452--479
Shafi Goldwasser and
Guy N. Rothblum On Best-Possible Obfuscation . . . . . . 480--505
Jens Groth and
Rafail Ostrovsky Cryptography in the Multi-string Model 506--543
Michel Abdalla and
Dario Catalano and
Dario Fiore Verifiable Random Functions: Relations
to Identity-Based Key Encapsulation and
New Constructions . . . . . . . . . . . 544--593
Jean-Charles Faug\`ere and
Pierrick Gaudry and
Louise Huot and
Guénaël Renault Using Symmetries in the Index Calculus
for Elliptic Curves Discrete Logarithm 595--635
Yair Amir and
Paul Bunn and
Rafail Ostrovsky Authenticated Adversarial Routing . . . 636--771
Jérémy Jean and
María Naya-Plasencia and
Thomas Peyrin Improved Cryptanalysis of \tt AES-like
Permutations . . . . . . . . . . . . . . 772--798
Mihir Bellare and
Todor Ristov A Characterization of Chameleon Hash
Functions and New, Efficient Designs . . 799--823
Orr Dunkelman and
Nathan Keller and
Adi Shamir A Practical-Time Related-Key Attack on
the KASUMI Cryptosystem Used in GSM and
3G Telephony . . . . . . . . . . . . . . 824--849
Orr Dunkelman and
Nathan Keller and
Adi Shamir Slidex Attacks on the Even--Mansour
Encryption Scheme . . . . . . . . . . . 1--28
Mihir Bellare and
Dennis Hofheinz and
Eike Kiltz Subtleties in the Definition of
IND--CCA: When and How Should Challenge
Decryption Be Disallowed? . . . . . . . 29--48
Arpita Patra and
Ashish Choudhury and
C. Pandu Rangan Efficient Asynchronous Verifiable Secret
Sharing and Multiparty Computation . . . 49--109
Eli Biham and
Rafi Chen and
Antoine Joux Cryptanalysis of SHA-0 and Reduced SHA-1 110--160
Ämin Baumeler and
Anne Broadbent Quantum Private Information Retrieval
has Linear Communication Complexity . . 161--175
Florian Böhl and
Dennis Hofheinz and
Tibor Jager and
Jessica Koch and
Christoph Striecks Confined Guessing: New Signatures From
Standard Assumptions . . . . . . . . . . 176--208
Eli Biham and
Orr Dunkelman and
Nathan Keller and
Adi Shamir New Attacks on IDEA with at Least 6
Rounds . . . . . . . . . . . . . . . . . 209--239
Mahdi Sajadieh and
Mohammad Dakhilalian and
Hamid Mala and
Pouyan Sepehrdad Efficient Recursive Diffusion Layers for
Block Ciphers and Hash Functions . . . . 240--256
Mario Lamberger and
Florian Mendel and
Martin Schläffer and
Christian Rechberger and
Vincent Rijmen The Rebound Attack and Subspace
Distinguishers: Application to Whirlpool 257--296
Itay Berman and
Iftach Haitner From Non-adaptive to Adaptive
Pseudorandom Functions . . . . . . . . . 297--311
Yehuda Lindell and
Benny Pinkas An Efficient Protocol for Secure
Two-Party Computation in the Presence of
Malicious Adversaries . . . . . . . . . 312--350
Jae Hyun Ahn and
Dan Boneh and
Jan Camenisch and
Susan Hohenberger and
Abhi Shelat and
Brent Waters Computing on Authenticated Data . . . . 351--395
Orr Dunkelman and
Nathan Keller and
Adi Shamir Improved Single-Key Attacks on $8$-Round
AES-192 and AES-256 . . . . . . . . . . 397--422
Dennis Hofheinz and
Victor Shoup GNUC: A New Universal Composability
Framework . . . . . . . . . . . . . . . 423--508
Eric Miles and
Emanuele Viola On the Complexity of Constructing
Pseudorandom Functions (Especially when
They Don't Exist) . . . . . . . . . . . 509--532
Lior Malka How to Achieve Perfect Simulation and a
Complete Problem for Non-interactive
Perfect Zero-Knowledge . . . . . . . . . 533--550
Amos Beimel and
Eran Omri and
Ilan Orlov Protocols for Multiparty Coin Toss with
a Dishonest Majority . . . . . . . . . . 551--600
Boaz Tsaban Polynomial-Time Solutions of
Computational Problems in
Noncommutative-Algebraic Cryptography 601--622
Ron Berman and
Amos Fiat and
Marcin Gomulkiewicz and
Marek Klonowski Provable Unlinkability Against Traffic
Analysis with Low Message Overhead . . . 623--640
Sven Schäge Tight Security for Signature Schemes
Without Random Oracles . . . . . . . . . 641--670
Benjamin Fuller and
Adam O'Neill and
Leonid Reyzin A Unified Approach to Deterministic
Encryption: New Constructions and a
Connection to Computational Entropy . . 671--717
Hadi Soleimany and
Céline Blondeau and
Xiaoli Yu and
Wenling Wu Reflection Cryptanalysis of PRINCE-Like
Ciphers . . . . . . . . . . . . . . . . 718--744
Nishanth Chandran and
Juan A. Garay and
Rafail Ostrovsky Almost-Everywhere Secure Computation
with Edge Corruptions . . . . . . . . . 745--768
Gordon Procter and
Carlos Cid On Weak Keys and Forgery Attacks Against
Polynomial-Based MAC Schemes . . . . . . 769--795
James Aspnes and
Zoë Diamadi and
Aleksandr Yampolskiy and
Kristian Gjòsteen Spreading Alerts Quietly and the
Subgroup Escape Problem . . . . . . . . 796--819
Craig Gentry and
Jens Groth and
Yuval Ishai and
Chris Peikert and
Amit Sahai Using Fully Homomorphic Hybrid
Encryption to Minimize Non-interactive
Zero-Knowledge Proofs . . . . . . . . . 820--843
Mihir Bellare New Proofs for NMAC and HMAC: Security
without Collision Resistance . . . . . . 844--878
Thomas Peyrin Collision Attack on \tt Grindahl . . . . 879--898
Marco Baldi and
Marco Bianchi and
Franco Chiaraluce and
Joachim Rosenthal Enhanced Public Key Security for the
McEliece Cryptosystem . . . . . . . . . 1--27
Joppe W. Bos and
Craig Costello and
Huseyin Hisil and
Kristin Lauter Fast Cryptography in Genus $2$ . . . . . 28--60
Jean-Sébastien Coron and
Thomas Holenstein and
Robin Künzler How to Build an Ideal Cipher: The
Indifferentiability of the Feistel
Construction . . . . . . . . . . . . . . 61--114
Michael J. Freedman and
Carmit Hazay and
Kobbi Nissim and
Benny Pinkas Efficient Set Intersection with
Simulation-Based Security . . . . . . . 115--155
Andrew Chi-Chih Yao and
Moti Yung and
Yunlei Zhao Concurrent Knowledge Extraction in
Public-Key Models . . . . . . . . . . . 156--219
Daniel R. L. Brown Breaking RSA May Be As Difficult As
Factoring . . . . . . . . . . . . . . . 220--241
Rosario Gennaro and
Carmit Hazay and
Jeffrey S. Sorensen Automata Evaluation and Text Search
Protocols with Simulation-Based Security 243--282
Iftach Haitner and
Eran Omri and
Hila Zarosim Limits on the Usefulness of Random
Oracles . . . . . . . . . . . . . . . . 283--335
Amos Beimel and
Oriol Farr\`as and
Yuval Mintz Secret-Sharing Schemes for Very Dense
Graphs . . . . . . . . . . . . . . . . . 336--362
Masayuki Abe and
Georg Fuchsbauer and
Jens Groth and
Kristiyan Haralambiev and
Miyako Ohkubo Structure-Preserving Signatures and
Commitments to Group Elements . . . . . 363--421
Sebastian Faust and
Carmit Hazay and
Jesper Buus Nielsen and
Peter Sebastian Nordholt and
Angela Zottarel Signature Schemes Secure Against
Hard-to-Invert Leakage . . . . . . . . . 422--455
Yehuda Lindell Fast Cut-and-Choose-Based Protocols for
Malicious and Covert Adversaries . . . . 456--490
Tal Moran and
Moni Naor and
Gil Segev An Optimally Fair Coin Toss . . . . . . 491--513
Carmit Hazay and
Adriana López-Alt and
Hoeteck Wee and
Daniel Wichs Leakage-Resilient Cryptography from
Minimal Assumptions . . . . . . . . . . 514--551
Benny Applebaum Garbling XOR Gates ''For Free'' in the
Standard Model . . . . . . . . . . . . . 552--576
Benny Applebaum and
Andrej Bogdanov and
Alon Rosen A Dichotomy for Local Small-Bias
Generators . . . . . . . . . . . . . . . 577--596
Michel Abdalla and
Pierre-Alain Fouque and
Vadim Lyubashevsky and
Mehdi Tibouchi Tightly Secure Signatures From Lossy
Identification Schemes . . . . . . . . . 597--631
Jean-Sébastien Coron and
David Naccache and
Mehdi Tibouchi and
Ralf-Philipp Weinmann Practical Cryptanalysis of ISO 9796-2
and EMV Signatures . . . . . . . . . . . 632--656
Elena Andreeva and
Charles Bouillaguet and
Orr Dunkelman and
Pierre-Alain Fouque and
Jonathan Hoch and
John Kelsey and
Adi Shamir and
Sébastien Zimmer New Second-Preimage Attacks on Hash
Functions . . . . . . . . . . . . . . . 657--696
Itai Dinur and
Orr Dunkelman and
Nathan Keller and
Adi Shamir Key Recovery Attacks on Iterated
Even--Mansour Encryption Schemes . . . . 697--728
Xavier Boyen Unconditionally Anonymous Ring and Mesh
Signatures . . . . . . . . . . . . . . . 729--774
Eli Biham and
Yaniv Carmeli and
Adi Shamir Bug Attacks . . . . . . . . . . . . . . 775--805
Benjamin Smith The $ \mathbb {Q}$-curve Construction
for Endomorphism-Accelerated Elliptic
Curves . . . . . . . . . . . . . . . . . 806--832
Masayuki Abe and
Melissa Chase and
Bernardo David and
Markulf Kohlweiss and
Ryo Nishimaki and
Miyako Ohkubo Constant-Size Structure-Preserving
Signatures: Generic Constructions and
Simple Assumptions . . . . . . . . . . . 833--878
Gilad Asharov and
Ran Canetti and
Carmit Hazay Toward a Game Theoretic View of Secure
Computation . . . . . . . . . . . . . . 879--926
Franck Landelle and
Thomas Peyrin Cryptanalysis of Full RIPEMD-128 . . . . 927--951
Andreas Winter Weak Locking Capacity of Quantum
Channels Can be Much Larger Than Private
Capacity . . . . . . . . . . . . . . . . 1--21
David Cash and
Alptekin Küpçü and
Daniel Wichs Dynamic Proofs of Retrievability Via
Oblivious RAM . . . . . . . . . . . . . 22--57
Gilad Asharov and
Yehuda Lindell A Full Proof of the BGW Protocol for
Perfectly Secure Multiparty Computation 58--151
Ivan Damgård and
Sebastian Faust and
Pratyay Mukherjee and
Daniele Venturi Bounded Tamper Resilience: How to Go
Beyond the Algebraic Barrier . . . . . . 152--190
Mahdi Cheraghchi and
Venkatesan Guruswami Non-malleable Coding Against Bit-Wise
and Split-State Tampering . . . . . . . 191--241
Alex Escala and
Gottfried Herold and
Eike Kiltz and
Carla R\`afols and
Jorge Villar An Algebraic Framework for
Diffie--Hellman Assumptions . . . . . . 242--288
Zvika Brakerski and
Guy N. Rothblum Obfuscating Conjunctions . . . . . . . . 289--320
Carmit Hazay and
Arpita Patra Efficient One-Sided Adaptively Secure
Computation . . . . . . . . . . . . . . 321--371
Naofumi Homma and
Yu-ichi Hayashi and
Noriyuki Miura and
Daisuke Fujimoto and
Makoto Nagata and
Takafumi Aoki Design Methodology and Validity
Verification for a Reactive
Countermeasure Against EM Attacks . . . 373--391
Daniel Genkin and
Adi Shamir and
Eran Tromer Acoustic Cryptanalysis . . . . . . . . . 392--443
Ilan Komargodski and
Moni Naor and
Eylon Yogev Secret-Sharing for NP . . . . . . . . . 444--469
Dominique Schröder and
Dominique Unruh Security of Blind Signatures Revisited 470--494
Jooyoung Lee and
Martijn Stam and
John Steinberger The Security of Tandem--DM in the Ideal
Cipher Model . . . . . . . . . . . . . . 495--518
Fabrice Benhamouda and
Javier Herranz and
Marc Joye and
Beno\^\it Libert Efficient Cryptosystems From $
\mathbf{2}^{\vec{k}} $-th Power Residue
Symbols . . . . . . . . . . . . . . . . 519--549
Shahin Tajik and
Enrico Dietz and
Sven Frohmann and
Helmar Dittrich and
Dmitry Nedospasov and
Clemens Helfmeier and
Jean-Pierre Seifert and
Christian Boit and
Heinz-Wilhelm Hübers Photonic Side-Channel Analysis of
Arbiter PUFs . . . . . . . . . . . . . . 550--571
Huseyin Hisil and
Craig Costello Jacobian Coordinates on Genus $2$ Curves 572--600
Manoj Prabhakaran and
Mike Rosulek Reconciling Non-malleability with
Homomorphic Encryption . . . . . . . . . 601--671
Benny Applebaum and
Yoni Moses Locally Computable UOWHF with Linear
Shrinkage . . . . . . . . . . . . . . . 672--698
Boaz Barak and
Mohammad Mahmoody Merkle's Key Agreement Protocol is
Optimal: An $ O(n^2) $ Attack on Any Key
Agreement from Random Oracles . . . . . 699--734
Jae Hong Seo Short Signatures from Diffie--Hellman:
Realizing Almost Compact Public Key . . 735--759
H. W. Lenstra, Jr. and
A. Silverberg Lattices with Symmetry . . . . . . . . . 760--804
Gilad Asharov and
Yehuda Lindell and
Thomas Schneider and
Michael Zohner More Efficient Oblivious Transfer
Extensions . . . . . . . . . . . . . . . 805--858
Céline Blondeau and
Gregor Leander and
Kaisa Nyberg Differential--Linear Cryptanalysis
Revisited . . . . . . . . . . . . . . . 859--888
Eike Kiltz and
Adam O'Neill and
Adam Smith Instantiability of RSA--OAEP Under
Chosen--Plaintext Attack . . . . . . . . 889--919
Yosuke Todo Integral Cryptanalysis on Full MISTY1 920--959
Benny Applebaum and
Pavel Raykov From Private Simultaneous Messages to
Zero--Information Arthur--Merlin
Protocols and Back . . . . . . . . . . . 961--988
Nir Bitansky and
Ran Canetti and
Alessandro Chiesa and
Shafi Goldwasser and
Huijia Lin and
Aviad Rubinstein and
Eran Tromer The Hunting of the SNARK . . . . . . . . 989--1066
Sune K. Jakobsen Information Theoretical Cryptogenography 1067--1115
Charanjit S. Jutla and
Arnab Roy Shorter Quasi-Adaptive NIZK Proofs for
Linear Subspaces . . . . . . . . . . . . 1116--1156
Ran Cohen and
Yehuda Lindell Fairness Versus Guaranteed Output
Delivery in Secure Multiparty
Computation . . . . . . . . . . . . . . 1157--1186
Mohammad Hajiabadi and
Bruce M. Kapron Reproducible Circularly Secure Bit
Encryption: Applications and
Realizations . . . . . . . . . . . . . . 1187--1237
Eike Kiltz and
Krzysztof Pietrzak and
Daniele Venturi and
David Cash and
Abhishek Jain Efficient Authentication from Hard
Learning Problems . . . . . . . . . . . 1238--1275
Tibor Jager and
Florian Kohlar and
Sven Schäge and
Jörg Schwenk Authenticated Confidential Channel
Establishment and the Security of
TLS--DHE . . . . . . . . . . . . . . . . 1276--1324
Benny Applebaum and
Yuval Ishai and
Eyal Kushilevitz Minimizing Locality of One-Way Functions
via Semi-private Randomized Encodings 1--22
Dario Catalano and
Dario Fiore Practical Homomorphic Message
Authenticators for Arithmetic Circuits 23--59
Ilan Komargodski and
Gil Segev and
Eylon Yogev Functional Encryption for Randomized
Functionalities in the Private-Key
Setting from Minimal Assumptions . . . . 60--100
Christina Boura and
Virginie Lallemand and
María Naya-Plasencia and
Valentin Suder Making the Impossible Possible . . . . . 101--133
Ilya Mironov and
Omkant Pandey and
Omer Reingold and
Gil Segev Incremental Deterministic Public-Key
Encryption . . . . . . . . . . . . . . . 134--161
Shoni Gilboa and
Shay Gueron and
Ben Morris How Many Queries are Needed to
Distinguish a Truncated Random
Permutation from a Random Function? . . 162--171
Seung Geol Choi and
Dana Dachman-Soled and
Tal Malkin and
Hoeteck Wee A Black-Box Construction of
Non-malleable Encryption from
Semantically Secure Encryption . . . . . 172--201
Zvika Brakerski and
Gil Segev Function-Private Functional Encryption
in the Private--Key Setting . . . . . . 202--225
Eiichiro Fujisaki All-But-Many Encryption . . . . . . . . 226--275
Saqib A. Kakvi and
Eike Kiltz Optimal Security Proofs for Full Domain
Hash, Revisited . . . . . . . . . . . . 276--306
Michel Abdalla and
Mihir Bellare and
Gregory Neven Robust Encryption . . . . . . . . . . . 307--350
Nicolas Bruneau and
Sylvain Guilley and
Zakaria Najm and
Yannick Teglia Multivariate High-Order Attacks of
Shuffled Tables Recomputation . . . . . 351--393
Bin Zhang and
Chao Xu and
Dengguo Feng Practical Cryptanalysis of Bluetooth
Encryption with Condition Masking . . . 394--433
Zvika Brakerski and
Ilan Komargodski and
Gil Segev Multi-input Functional Encryption in the
Private-Key Setting: Stronger Security
from Weaker Assumptions . . . . . . . . 434--520
Ben Morris and
Phillip Rogaway and
Till Stegers Deterministic Encryption with the Thorp
Shuffle . . . . . . . . . . . . . . . . 521--536
Carmit Hazay Oblivious Polynomial Evaluation and
Secure Set-Intersection from Algebraic
PRFs . . . . . . . . . . . . . . . . . . 537--586
Ran Cohen and
Iftach Haitner and
Eran Omri and
Lior Rotem Characterization of Secure Multiparty
Computation Without Broadcast . . . . . 587--609
Shi Bai and
Tancr\`ede Lepoint and
Adeline Roux-Langlois and
Amin Sakzad and
Damien Stehlé and
Ron Steinfeld Improved Security Proofs in
Lattice-Based Cryptography: Using the
Rényi Divergence Rather than the
Statistical Distance . . . . . . . . . . 610--640
Achiya Bar-On and
Eli Biham and
Orr Dunkelman and
Nathan Keller Efficient Slide Attacks . . . . . . . . 641--670
Yehuda Lindell and
Eran Omri and
Hila Zarosim Completeness for Symmetric Two-Party
Functionalities: Revisited . . . . . . . 671--697
Gilad Asharov and
Gil Segev On Constructing One-Way Permutations
from Indistinguishability Obfuscation 698--736
Yehuda Lindell and
Hila Zarosim On the Feasibility of Extending
Oblivious Transfer . . . . . . . . . . . 737--773
Vadim Lyubashevsky and
Daniele Micciancio Asymptotically Efficient Lattice-Based
Digital Signatures . . . . . . . . . . . 774--797
Shay Gueron and
Yehuda Lindell and
Ariel Nof and
Benny Pinkas Fast Garbling of Circuits Under Standard
Assumptions . . . . . . . . . . . . . . 798--844
Brice Minaud and
Patrick Derbez and
Pierre-Alain Fouque and
Pierre Karpman Key-Recovery Attacks on ASASA . . . . . 845--884
Anne Canteaut and
Sergiu Carpov and
Caroline Fontaine and
Tancr\`ede Lepoint and
María Naya-Plasencia and
Pascal Paillier and
Renaud Sirdey Stream Ciphers: A Practical Solution for
Efficient Homomorphic-Ciphertext
Compression . . . . . . . . . . . . . . 885--916
Michel Abdalla and
Fabrice Benhamouda and
Alain Passel\`egue and
Kenneth G. Paterson Related-Key Security for Pseudorandom
Functions Beyond the Linear Barrier . . 917--964
Dominique Unruh Everlasting Multi-party Computation . . 965--1011
Ananth Raghunathan and
Gil Segev and
Salil Vadhan Deterministic Public-Key Encryption for
Adaptively-Chosen Plaintext
Distributions . . . . . . . . . . . . . 1012--1063
Shan Chen and
Rodolphe Lampe and
Jooyoung Lee and
Yannick Seurin and
John Steinberger Minimizing the Two-Round Even-Mansour
Cipher . . . . . . . . . . . . . . . . . 1064--1119
Dennis Hofheinz and
Jörn Müller-Quade and
Dominique Unruh On the (Im-)Possibility of Extending
Coin Toss . . . . . . . . . . . . . . . 1120--1163
Michael Hutter and
Erich Wenger Fast Multi-precision Multiplication for
Public-Key Cryptography on Embedded
Microprocessors . . . . . . . . . . . . 1164--1182
Miia Hermelin and
Joo Yeon Cho and
Kaisa Nyberg Multidimensional Linear Cryptanalysis 1--34
Shi Bai and
Steven D. Galbraith and
Liangze Li and
Daniel Sheffield Improved Combinatorial Algorithms for
the Inhomogeneous Short Integer Solution
Problem . . . . . . . . . . . . . . . . 35--83
Michel Abdalla and
Fabrice Benhamouda and
David Pointcheval On the Tightness of Forward-Secure
Signature Reductions . . . . . . . . . . 84--150
Alexandre Duc and
Stefan Dziembowski and
Sebastian Faust Unifying Leakage Models: From Probing
Attacks to Noisy Leakage . . . . . . . . 151--177
Susumu Kiyoshima Round-Efficient Black-Box Construction
of Composable Multi-Party Computation 178--238
Masayuki Abe and
Jan Camenisch and
Rafael Dowsley and
Maria Dubovitskaya On the Impossibility of
Structure-Preserving Deterministic
Primitives . . . . . . . . . . . . . . . 239--264
Carmit Hazay and
Gert Læssòe Mikkelsen and
Tal Rabin and
Tomas Toft and
Angelo Agatino Nicolosi Efficient RSA Key Generation and
Threshold Paillier in the Two-Party
Setting . . . . . . . . . . . . . . . . 265--323
Gilles Barthe and
Edvard Fagerholm and
Dario Fiore and
John Mitchell and
Andre Scedrov and
Benedikt Schmidt Automated Analysis of Cryptographic
Assumptions in Generic Group Models . . 324--360
Itay Berman and
Iftach Haitner and
Ilan Komargodski and
Moni Naor Hardness-Preserving Reductions via
Cuckoo Hashing . . . . . . . . . . . . . 361--392
Susumu Kiyoshima Non-black-box Simulation in the Fully
Concurrent Setting, Revisited . . . . . 393--434
Florent Bernard and
Patrick Haddad and
Viktor Fischer and
Jean Nicolai From Physical to Stochastic Modeling of
a TERO-Based TRNG . . . . . . . . . . . 435--458
Seung Geol Choi and
Jonathan Katz and
Dominique Schrögder and
Arkady Yerukhimovich and
Hong-Sheng Zhou (Efficient) Universally Composable
Oblivious Transfer Using a Minimal
Number of Stateless Tokens . . . . . . . 459--497
Georg Fuchsbauer and
Christian Hanser and
Daniel Slamanig Structure-Preserving Signatures on
Equivalence Classes and Constant-Size
Anonymous Credentials . . . . . . . . . 498--546
Jung Hee Cheon and
Kyoohyung Han and
Changmin Lee and
Hansol Ryu and
Damien Stehlé Cryptanalysis of the CLT13 Multilinear
Map . . . . . . . . . . . . . . . . . . 547--565
Nils Fleischhacker and
Tibor Jager and
Dominique Schröder On Tight Security Proofs for Schnorr
Signatures . . . . . . . . . . . . . . . 566--599
Gilles Brassard and
Peter Hòyer and
Kassem Kalach and
Marc Kaplan and
Sophie Laplante and
Louis Salvail Key Establishment \`a la Merkle in a
Quantum World . . . . . . . . . . . . . 601--634
Carmit Hazay and
Muthuramakrishnan Venkitasubramaniam On Black-Box Complexity of Universally
Composable Security in the CRS Model . . 635--689
Ran Cohen and
Sandro Coretti and
Juan Garay and
Vassilis Zikas Probabilistic Termination and
Composability of Cryptographic Protocols 690--741
Dana Dachman-Soled and
S. Dov Gordon and
Feng-Hao Liu and
Adam O'Neill and
Hong-Sheng Zhou Leakage Resilience from Program
Obfuscation . . . . . . . . . . . . . . 742--824
Mark Zhandry The Magic of ELFs . . . . . . . . . . . 825--866
Thomaz Oliveira and
Julio López and
Daniel Cervantes-Vázquez and
Francisco Rodr\'ìguez-Henr\'ìquez Koblitz Curves over Quadratic Fields . . 867--894
Philipp Jovanovic and
Atul Luykx and
Bart Mennink and
Yu Sasaki and
Kan Yasuda Beyond Conventional Security in
Sponge-Based Authenticated Encryption
Modes . . . . . . . . . . . . . . . . . 895--940
Dana Dachman-Soled and
Chang Liu and
Charalampos Papamanthou and
Elaine Shi and
Uzi Vishkin Oblivious Network RAM and Leveraging
Parallelism to Achieve Obliviousness . . 941--972
Masayuki Abe and
Jens Groth and
Markulf Kohlweiss and
Miyako Ohkubo and
Mehdi Tibouchi Efficient Fully Structure-Preserving
Signatures and Shrinking Commitments . . 973--1025
Yehuda Lindell and
Benny Pinkas and
Nigel P. Smart and
Avishay Yanai Efficient Constant-Round Multi-party
Computation Combining BMR and SPDZ . . . 1026--1069
Felipe G. Lacerda and
Joseph M. Renes and
Renato Renner Classical Leakage Resilience from
Fault-Tolerant Quantum Computation . . . 1071--1094
Estuardo Alpirez Bock and
Joppe W. Bos and
Chris Brzuska and
Charles Hubain and
Wil Michiels and
Cristofaro Mune and
Eloi Sanfelix Gonzalez and
Philippe Teuwen and
Alexander Treff White-Box Cryptography: Don't Forget
About Grey-Box Attacks . . . . . . . . . 1095--1143
Carmit Hazay and
Avishay Yanai Constant-Round Maliciously Secure
Two-Party Computation in the RAM Model 1144--1199
Carmit Hazay and
Muthuramakrishnan Venkitasubramaniam What Security Can We Achieve Within 4
Rounds? . . . . . . . . . . . . . . . . 1200--1262
Alexandre Duc and
Sebastian Faust and
François-Xavier Standaert Making Masking Security Proofs Concrete
(Or How to Evaluate the Security of Any
Leaking Device), Extended Version . . . 1263--1297
Razvan Barbulescu and
Sylvain Duquesne Updating Key Size Estimations for
Pairings . . . . . . . . . . . . . . . . 1298--1336
Atsushi Takayasu and
Yao Lu and
Liqiang Peng Small CRT-Exponent RSA Revisited . . . . 1337--1382
Yosuke Todo and
Gregor Leander and
Yu Sasaki Nonlinear Invariant Attack: Practical
Attack on Full SCREAM, iSCREAM, and
Midori64 . . . . . . . . . . . . . . . . 1383--1422
Colin Chaigneau and
Thomas Fuhr and
Henri Gilbert and
Jérémy Jean and
Jean-René Reinhard Cryptanalysis of NORX v2.0 . . . . . . . 1423--1447
Itai Dinur and
Orr Dunkelman and
Nathan Keller and
Adi Shamir Efficient Dissection of Bicomposite
Problems with Cryptanalytic Applications 1448--1490
Tatsuaki Okamoto and
Katsuyuki Takashima Fully Secure Functional Encryption with
a Large Class of Relations from the
Decisional Linear Assumption . . . . . . 1491--1573
Qian Guo and
Thomas Johansson and
Carl Löndahl Solving LPN Using Covering Codes . . . . 1--33
Ilaria Chillotti and
Nicolas Gama and
Mariya Georgieva and
Malika Izabach\`ene TFHE: Fast Fully Homomorphic Encryption
Over the Torus . . . . . . . . . . . . . 34--91
Sabyasachi Karati and
Palash Sarkar Kummer for Genus One Over Prime-Order
Fields . . . . . . . . . . . . . . . . . 92--129
Steven D. Galbraith and
Christophe Petit and
Javier Silva Identification Protocols and Signature
Schemes Based on Supersingular Isogeny
Problems . . . . . . . . . . . . . . . . 130--175
Adi Akavia and
Rio LaVigne and
Tal Moran Topology-Hiding Computation on All
Graphs . . . . . . . . . . . . . . . . . 176--227
Jian Guo and
Guohong Liao and
Guozhen Liu and
Meicheng Liu and
Kexin Qiao and
Ling Song Practical Collision Attacks against
Round-Reduced SHA-3 . . . . . . . . . . 228--270
Carmit Hazay and
Muthuramakrishnan Venkitasubramaniam On the Power of Secure Two-Party
Computation . . . . . . . . . . . . . . 271--318
Dana Dachman-Soled and
Feng-Hao Liu and
Elaine Shi and
Hong-Sheng Zhou Locally Decodable and Updatable
Non-malleable Codes and Their
Applications . . . . . . . . . . . . . . 319--355
Nir Bitansky and
Ryo Nishimaki and
Alain Passel\`egue and
Daniel Wichs From Cryptomania to Obfustopia Through
Secret-Key Functional Encryption . . . . 357--405
Ilan Komargodski and
Gil Segev From Minicrypt to Obfustopia via
Private-Key Functional Encryption . . . 406--458
Nir Bitansky Verifiable Random Functions from
Non-interactive
Witness-Indistinguishable Proofs . . . . 459--493
David A. Basin and
Andreas Lochbihler and
S. Reza Sefidgar CryptHOL: Game-Based Proofs in
Higher-Order Logic . . . . . . . . . . . 494--566
Tomer Ashur and
Tim Beyne and
Vincent Rijmen Revisiting the Wrong-Key-Randomization
Hypothesis . . . . . . . . . . . . . . . 567--594
Dana Dachman-Soled and
Nils Fleischhacker and
Jonathan Katz and
Anna Lysyanskaya and
Dominique Schröder Feasibility and Infeasibility of Secure
Computation with Malicious PUFs . . . . 595--617
Sam Kim and
David J. Wu Multi-theorem Preprocessing NIZKs from
Lattices . . . . . . . . . . . . . . . . 619--702
Avik Chakraborti and
Tetsu Iwata and
Kazuhiko Minematsu and
Mridul Nandi Blockcipher-Based Authenticated
Encryption: How Small Can We Go? . . . . 703--741
Zhenzhen Bao and
Itai Dinur and
Jian Guo and
Gaëtan Leurent and
Lei Wang Generic Attacks on Hash Combiners . . . 742--823
Itai Dinur and
Nathan Keller and
Ohad Klein An Optimal Distributed Discrete Log
Protocol with Applications to
Homomorphic Secret Sharing . . . . . . . 824--873
Itai Dinur Cryptanalytic Time--Memory--Data
Trade-offs for FX-Constructions and the
Affine Equivalence Problem . . . . . . . 874--909
Orr Dunkelman and
Nathan Keller and
Eran Lambooij and
Yu Sasaki A Practical Forgery Attack on
Lilliput--AE . . . . . . . . . . . . . . 910--916
Benny Applebaum and
Thomas Holenstein and
Manoj Mishra and
Ofer Shayevitz The Communication Complexity of Private
Simultaneous Messages, Revisited . . . . 917--953
Lucas Kowalczyk and
Hoeteck Wee Compact Adaptively Secure ABE for $
\mathsf{NC}^1 $ from $k$-Lin . . . . . . 954--1002
Achiya Bar-On and
Orr Dunkelman and
Nathan Keller and
Eyal Ronen and
Adi Shamir Improved Key Recovery Attacks on
Reduced-Round AES with Practical Data
and Memory Complexities . . . . . . . . 1003--1043
Bhavana Kanukurthi and
Sai Lakshmi Bhavana Obbattu and
Sruthi Sekar Four-State Non-malleable Codes with
Explicit Constant Rate . . . . . . . . . 1044--1079
Martin R. Albrecht and
Pooya Farshim and
Shuai Han and
Dennis Hofheinz and
Enrique Larraia and
Kenneth G. Paterson Multilinear Maps from Obfuscation . . . 1080--1113
Felix Wegener and
Lauren De Meyer and
Amir Moradi Spin Me Right Round Rotational Symmetry
for FPGA-Specific AES: Extended Version 1114--1155
Tim Beyne Block Cipher Invariants as Eigenvectors
of Correlation Matrices . . . . . . . . 1156--1183
Patrick Derbez and
Léo Perrin Meet-in-the-Middle Attacks and
Structural Analysis of Round-Reduced
PRINCE . . . . . . . . . . . . . . . . . 1184--1215
Masaud Y. Alhassan and
Daniel Günther and
Ágnes Kiss and
Thomas Schneider Efficient and Scalable Universal
Circuits . . . . . . . . . . . . . . . . 1216--1271
Ashwin Jha and
Mridul Nandi Tight Security of Cascaded LRW2 . . . . 1272--1317
Susumu Kiyoshima Statistical Concurrent Non-Malleable
Zero-Knowledge from One-Way Functions 1318--1361
Paul Bunn and
Rafail Ostrovsky Oblivious Sampling with Applications to
Two-Party $k$-Means Clustering . . . . . 1362--1403
Beno\^\it Libert and
Moti Yung Adaptively Secure Non-interactive
CCA-Secure Threshold Cryptosystems:
Generic Framework and Constructions . . 1405--1441
Michael Hutter and
Erich Wenger Fast Multi-precision Multiplication for
Public-Key Cryptography on Embedded
Microprocessors . . . . . . . . . . . . 1442--1460
Ralf Küsters and
Max Tuengerthal and
Daniel Rausch The IITM Model: A Simple and Expressive
Model for Universal Composability . . . 1461--1584
Ralf Küsters and
Max Tuengerthal and
Daniel Rausch Joint State Composition Theorems for
Public-Key Encryption and Digital
Signature Functionalities with Local
Computation . . . . . . . . . . . . . . 1585--1658
Amos Beimel and
Yehuda Lindell and
Eran Omri and
Ilan Orlov $ \vec {1 / p}$-Secure Multiparty
Computation without an Honest Majority
and the Best of Both Worlds . . . . . . 1659--1731
Carmit Hazay and
Peter Scholl and
Eduardo Soria-Vazquez Low Cost Constant Round MPC Combining
BMR and Oblivious Transfer . . . . . . . 1732--1786
Roman Langrehr and
Jiaxin Pan Tightly Secure Hierarchical
Identity-Based Encryption . . . . . . . 1787--1821
Jonathan Bootle and
Andrea Cerulli and
Pyrros Chaidos and
Essam Ghadafi and
Jens Groth Foundations of Fully Dynamic Group
Signatures . . . . . . . . . . . . . . . 1822--1870
Akiko Inoue and
Tetsu Iwata and
Kazuhiko Minematsu and
Bertram Poettering Cryptanalysis of OCB2: Attacks on
Authenticity and Confidentiality . . . . 1871--1913
Katriel Cohn-Gordon and
Cas Cremers and
Benjamin Dowling and
Luke Garratt and
Douglas Stebila A Formal Security Analysis of the Signal
Messaging Protocol . . . . . . . . . . . 1914--1983
Sandro Coretti and
Yevgeniy Dodis and
Ueli Maurer and
Björn Tackmann and
Daniele Venturi Non-malleable Encryption: Simpler,
Shorter, Stronger . . . . . . . . . . . 1984--2033
Sebastian Faust and
Pratyay Mukherjee and
Jesper Buus Nielsen and
Daniele Venturi Continuously Non-malleable Codes in the
Split-State Model . . . . . . . . . . . 2034--2077
Jonathan Ullman and
Salil Vadhan PCPs and the Hardness of Generating
Synthetic Data . . . . . . . . . . . . . 2078--2112
Benjamin Wesolowski Efficient Verifiable Delay Functions . . 2113--2147
Alon Rosen and
Gil Segev and
Ido Shahaf Can PPAD Hardness be Based on Standard
Cryptographic Assumptions? . . . . . . . ??
Shai Halevi and
Victor Shoup Bootstrapping for HElib . . . . . . . . ??
Mark Zhandry Quantum Lightning Never Strikes the Same
State Twice. Or: Quantum Money from
Cryptographic Assumptions . . . . . . . ??
Shuichi Katsumata and
Shota Yamada and
Takashi Yamakawa Tighter Security Proofs for GPV--IBE in
the Quantum Random Oracle Model . . . . ??
Christian Kaspers and
Yue Zhou The Number of Almost Perfect Nonlinear
Functions Grows Exponentially . . . . . ??
Ron D. Rothblum and
Adam Sealfon and
Katerina Sotiraki Toward Non-interactive Zero-Knowledge
Proofs for NP from LWE . . . . . . . . . ??
Ran Canetti and
Benjamin Fuller and
Omer Paneth and
Leonid Reyzin and
Adam Smith Reusable Fuzzy Extractors for
Low-Entropy Distributions . . . . . . . ??
Léo Ducas and
Yang Yu Learning Strikes Again: The Case of the
DRS Signature Scheme . . . . . . . . . . ??
Benny Applebaum and
Zvika Brakerski Obfuscating Circuits Via Composite-Order
Graded Encoding . . . . . . . . . . . . ??
David Derler and
Kai Gellert and
Tibor Jager and
Daniel Slamanig and
Christoph Striecks Bloom Filter Encryption and Applications
to Efficient Forward-Secret 0-RTT Key
Exchange . . . . . . . . . . . . . . . . ??
Ran Cohen and
Sandro Coretti and
Juan Garay and
Vassilis Zikas Round-Preserving Parallel Composition of
Probabilistic-Termination Cryptographic
Protocols . . . . . . . . . . . . . . . ??
Benny Applebaum and
Prashant Nalini Vasudevan Placing Conditional Disclosure of
Secrets in the Communication Complexity
Universe . . . . . . . . . . . . . . . . ??
Fabrice Benhamouda and
Akshay Degwekar and
Yuval Ishai and
Tal Rabin On the Local Leakage Resilience of
Linear Secret Sharing Schemes . . . . . ??
Gilad Asharov and
Gil Segev and
Ido Shahaf Tight Tradeoffs in Searchable Symmetric
Encryption . . . . . . . . . . . . . . . ??
Behzad Abdolmaleki and
Helger Lipmaa and
Janno Siim and
Micha\l Zajac On Subversion-Resistant SNARKs . . . . . ??
Giuseppe Ateniese and
Danilo Francati and
David Nuñez and
Daniele Venturi Match Me if You Can: Matchmaking
Encryption and Its Applications . . . . ??
Rijmen Vincent Editorial . . . . . . . . . . . . . . . ??
Antonio Flórez-Gutiérrez and
Gaëtan Leurent and
María Naya-Plasencia and
Léo Perrin and
André Schrottenloher and
Ferdinand Sibleyras Internal Symmetries and Linear
Properties: Full-permutation
Distinguishers and Improved Collisions
on Gimli . . . . . . . . . . . . . . . . ??
Yehuda Lindell Fast Secure Two-Party ECDSA Signing . . ??
Amir Jafari and
Shahram Khazaei On Abelian and Homomorphic Secret
Sharing Schemes . . . . . . . . . . . . ??
Shuichi Katsumata and
Ryo Nishimaki and
Shota Yamada and
Takashi Yamakawa Compact Designated Verifier NIZKs from
the CDH Assumption Without Pairings . . ??
Vincent Rijmen Correction to: Editorial . . . . . . . . ??
Arpita Patra and
Divya Ravi On the Exact Round Complexity of Secure
Three--Party Computation . . . . . . . . ??
Lior Rotem and
Gil Segev Injective Trapdoor Functions via
Derandomization: How Strong is Rudich's
Black-Box Barrier? . . . . . . . . . . . ??
Andrej Bogdanov and
Yuval Ishai and
Akshayaram Srinivasan Unconditionally Secure Computation
Against Low-Complexity Leakage . . . . . ??
Benjamin Dowling and
Marc Fischlin and
Felix Günther and
Douglas Stebila A Cryptographic Analysis of the TLS 1.3
Handshake Protocol . . . . . . . . . . . ??
Ted Krovetz and
Phillip Rogaway The Design and Evolution of OCB . . . . ??
Dragos Rotaru and
Nigel P. Smart and
Titouan Tanguy and
Frederik Vercauteren and
Tim Wood Actively Secure Setup for SPDZ . . . . . ??
Ran Cohen and
Iftach Haitner and
Eran Omri and
Lior Rotem From Fairness to Full Security in
Multiparty Computation . . . . . . . . . ??
Marek Sýs and
Lubomír Obrátil and
Vashek Matyás and
Dusan Klinec A Bad Day to Die Hard: Correcting the
Dieharder Battery . . . . . . . . . . . ??
Andrej Bogdanov and
Yuval Ishai and
Akshayaram Srinivasan Correction to: Unconditionally Secure
Computation Against Low-Complexity
Leakage . . . . . . . . . . . . . . . . ??
Siyao Guo and
Pritish Kamath and
Alon Rosen and
Katerina Sotiraki Limits on the Efficiency of (Ring)
LWE--Based Non-interactive Key Exchange ??
Roy Radian and
Or Sattath Semi-quantum Money . . . . . . . . . . . ??
Andrej Bogdanov and
Yuval Ishai and
Akshayaram Srinivasan Correction to: Unconditionally Secure
Computation Against Low--Complexity
Leakage . . . . . . . . . . . . . . . . ??
Gilad Asharov and
T.-H. Hubert Chan and
Kartik Nayak and
Rafael Pass and
Ling Ren and
Elaine Shi Locality-Preserving Oblivious RAM . . . ??
Fuyuki Kitagawa and
Ryo Nishimaki and
Keisuke Tanaka Obfustopia Built on Secret-Key
Functional Encryption . . . . . . . . . ??
Nir Bitansky and
Vinod Vaikuntanathan A Note on Perfect Correctness by
Derandomization . . . . . . . . . . . . ??
Keitaro Hashimoto and
Shuichi Katsumata and
Thomas Prest An Efficient and Generic Construction
for Signal's Handshake (X3DH):
Post-quantum, State Leakage Secure, and
Deniable . . . . . . . . . . . . . . . . ??
Susumu Kiyoshima Constant-Round Leakage-Resilient
Zero-Knowledge from Collision Resistance ??
Nir Bitansky and
Alessandro Chiesa and
Omer Paneth Succinct Non-Interactive Arguments via
Linear Interactive Proofs . . . . . . . ??
Fuyuki Kitagawa and
Ryo Nishimaki and
Keisuke Tanaka Obfustopia Built on Secret-Key
Functional Encryption . . . . . . . . . ??
Bernardo Magri and
Giulio Malavolta and
Dominique Unruh Everlasting UC Commitments from Fully
Malicious PUFs . . . . . . . . . . . . . ??
Gilad Asharov and
Ilan Komargodski and
Naomi Sirkin On the Complexity of Compressing
Obfuscation . . . . . . . . . . . . . . ??
Charles Grover and
Andrew Mendelsohn and
Roope Vehkalahti Non-commutative Ring Learning with
Errors from Cyclic Algebras . . . . . . ??
Carmit Hazay and
Muthuramakrishnan Venkitasubramaniam and
Mor Weiss ZK-PCPs from Leakage-Resilient Secret
Sharing . . . . . . . . . . . . . . . . ??
Katharina Boudgoust and
Corentin Jeudy and
Adeline Roux-Langlois and
Weiqiang Wen On the Hardness of Module Learning with
Errors with Short Distributions . . . . ??
Navid Alamati and
Hart Montgomery and
Sikhar Patranabis and
Arnab Roy Minicrypt Primitives with Algebraic
Structure and Applications . . . . . . . ??
Yunwen Liu and
Zhongfeng Niu and
Siwei Sun and
Chao Li and
Lei Hu Rotational Differential--Linear
Cryptanalysis Revisited . . . . . . . . ??
David Pointcheval and
Nigel Paul Smart Topical Collection on Computing on
Encrypted Data . . . . . . . . . . . . . ??
Benny Applebaum and
Yoni Moses Correction: Locally Computable UOWHF
with Linear Shrinkage . . . . . . . . . ??
Pratish Datta and
Ilan Komargodski and
Brent Waters Decentralized Multi-authority ABE for $
{\sf NC}^1 $ from BDH . . . . . . . . . ??
Gilad Asharov and
Ilan Komargodski and
Wei-Kai Lin and
Elaine Shi Oblivious RAM with Worst-Case
Logarithmic Overhead . . . . . . . . . . ??
Jonathan Takeshita and
Ryan Karl and
Ting Gong and
Taeho Jung SLAP: Simpler, Improved Private Stream
Aggregation from Ring Learning with
Errors . . . . . . . . . . . . . . . . . ??
Susumu Kiyoshima No-Signaling Linear PCPs . . . . . . . . ??
Christian Mouchet and
Elliott Bertrand and
Jean-Pierre Hubaux An Efficient Threshold Access-Structure
for RLWE-Based Multiparty Homomorphic
Encryption . . . . . . . . . . . . . . . ??
Ran Cohen and
Abhi Shelat and
Daniel Wichs Adaptively Secure MPC with Sublinear
Communication Complexity . . . . . . . . ??
Robin Geelen and
Frederik Vercauteren Bootstrapping for BGV and BFV Revisited ??
Ashish Choudhury and
Arpita Patra On the Communication Efficiency of
Statistically Secure Asynchronous MPC
with Optimal Resilience . . . . . . . . ??
Fuyuki Kitagawa and
Takahiro Matsuda and
Takashi Yamakawa NIZK from SNARGs . . . . . . . . . . . . ??
Koji Chida and
Koki Hamada and
Dai Ikarashi and
Ryo Kikuchi and
Daniel Genkin and
Yehuda Lindell and
Ariel Nof Fast Large-Scale Honest-Majority MPC for
Malicious Adversaries . . . . . . . . . ??
Ananya Appan and
Anirudh Chandramouli and
Ashish Choudhury Revisiting the Efficiency of
Asynchronous MPC with Optimal Resilience
Against General Adversaries . . . . . . ??
Cyril Bouvier and
Guilhem Castagnos and
Laurent Imbert and
Fabien Laguillaumie I Want to Ride My BICYCL: BICYCL
Implements CryptographY in CLass Groups ??
Murilo Coutinho and
Iago Passos and
Juan C. Grados Vásquez and
Santanu Sarkar and
Fábio L. L. de Mendonça and
Rafael T. de Sousa and
Fábio Borges Latin Dances Reloaded: Improved
Cryptanalysis Against Salsa and ChaCha,
and the Proposal of Forró . . . . . . . . ??
Sayandeep Saha and
Manaar Alam and
Arnab Bag and
Debdeep Mukhopadhyay and
Pallab Dasgupta Learn from Your Faults: Leakage
Assessment in Fault Attacks Using Deep
Learning . . . . . . . . . . . . . . . . ??
Elette Boyle and
Ran Cohen and
Deepesh Data and
Pavel Hubá\vcek Must the Communication Graph of MPC
Protocols be an Expander? . . . . . . . ??
Jun Furukawa and
Yehuda Lindell and
Ariel Nof and
Or Weinstein High-Throughput Secure Three-Party
Computation with an Honest Majority . . ??
Nishat Koti and
Shravani Patil and
Arpita Patra and
Ajith Suresh MPClan: Protocol Suite for
Privacy-Conscious Computations . . . . . ??
Beno\^\it Libert and
San Ling and
Khoa Nguyen and
Huaxiong Wang Zero-Knowledge Arguments for
Lattice-Based Accumulators:
Logarithmic-Size Ring Signatures and
Group Signatures Without Trapdoors . . . ??
Bar Alon and
Eran Omri Almost-Optimally Fair Multiparty
Coin-Tossing with Nearly Three-Quarters
Malicious . . . . . . . . . . . . . . . ??
Bar Alon and
Ran Cohen and
Eran Omri and
Tom Suad On the Power of an Honest Majority in
Three-Party Computation Without
Broadcast . . . . . . . . . . . . . . . ??
Carmit Hazay and
Yuval Ishai and
Muthuramakrishnan Venkitasubramaniam Actively Secure Garbled Circuits with
Constant Communication Overhead in the
Plain Model . . . . . . . . . . . . . . ??
Zvika Brakerski and
Nico Döttling and
Sanjam Garg and
Giulio Malavolta Candidate iO from Homomorphic Encryption
Schemes . . . . . . . . . . . . . . . . ??
Loris Bergerat and
Anas Boudi and
Quentin Bourgerie and
Ilaria Chillotti and
Damien Ligier and
Jean-Baptiste Orfila and
Samuel Tap Parameter Optimization and Larger
Precision for (T)FHE . . . . . . . . . . ??
Uddipana Dowerah and
Subhranil Dutta and
Aikaterini Mitrokotsa and
Sayantan Mukherjee and
Tapas Pal Unbounded Predicate Inner Product
Functional Encryption from Pairings . . ??
Arpita Patra and
Divya Ravi Beyond Honest Majority: The Round
Complexity of Fair and Robust
Multi-party Computation . . . . . . . . ??
Mariya Georgieva Belorgey and
Sergiu Carpov and
Kevin Deforth and
Dimitar Jetchev and
Abson Sae-Tang and
Marius Vuille and
Nicolas Gama and
Jon Katz and
Iraklis Leontiadis and
Mohsen Mohammadi Manticore: A Framework for Efficient
Multiparty Computation Supporting Real
Number and Boolean Arithmetic . . . . . ??
Song Tian Cover Attacks for Elliptic Curves over
Cubic Extension Fields . . . . . . . . . ??
Yuval Ishai and
Alexis Korb and
Paul Lou and
Amit Sahai Beyond the Csiszár--Körner Bound:
Best--Possible Wiretap Coding via
Obfuscation . . . . . . . . . . . . . . ??
Elette Boyle and
Ran Cohen and
Aarushi Goel Breaking the $ O(\sqrt {n}) $-Bit
Barrier: Byzantine Agreement with
Polylog Bits Per Party . . . . . . . . . ??
Nir Drucker and
Guy Moshkowich and
Tomer Pelleg and
Hayim Shaul BLEACH: Cleaning Errors in Discrete
Computations Over CKKS . . . . . . . . . ??
Jiang Zhang and
Yu Chen and
Zhenfeng Zhang Lattice-Based Programmable Hash
Functions and Applications . . . . . . . ??
Gilles Barthe and
Sonia Bela\"\id and
Thomas Espitau and
Pierre-Alain Fouque and
Benjamin Grégoire and
Mélissa Rossi and
Mehdi Tibouchi Masking the GLP Lattice-Based Signature
Scheme at Any Order . . . . . . . . . . ??
Gabrielle De Micheli and
Pierrick Gaudry and
Cécile Pierrot Lattice Enumeration and Automorphisms
for Tower NFS: a 521-Bit Discrete
Logarithm Computation . . . . . . . . . ??
Daniel J. Bernstein Cryptographic Competitions . . . . . . . ??
Valerio Cini and
Sebastian Ramacher and
Daniel Slamanig and
Christoph Striecks and
Erkan Tairi (Inner-Product) Functional Encryption
with Updatable Ciphertexts . . . . . . . ??
Marc Fischlin and
Felix Günther and
Christian Janson Robust Channels: Handling Unreliable
Networks in the Record Layers of QUIC
and DTLS 1.3 . . . . . . . . . . . . . . ??
Akshima and
Siyao Guo and
Qipeng Liu Time-Space Lower Bounds for Finding
Collisions in Merkle--Damgård Hash
Functions . . . . . . . . . . . . . . . ??
Dmitrii Koshelev Hashing to Elliptic Curves Through
Cipolla--Lehmer--Müller's Square Root
Algorithm . . . . . . . . . . . . . . . ??
Dennis Hofheinz and
Jessica Koch and
Christoph Striecks Identity-Based Encryption with (Almost)
Tight Security in the Multi-instance,
Multi-ciphertext Setting . . . . . . . . ??
David Lubicz and
Viktor Fischer Entropy Computation for Oscillator-based
Physical Random Number Generators . . . ??
Ron D. Rothblum and
Prashant Nalini Vasudevan Collision Resistance from
Multi-collision Resistance . . . . . . . ??
Elena Andreeva and
Andrey Bogdanov and
Nilanjan Datta and
Atul Luykx and
Bart Mennink and
Mridul Nandi and
Elmar Tischhauser and
Kan Yasuda The COLM Authenticated Encryption Scheme ??
Jeremiah Blocki and
Peiyuan Liu and
Ling Ren and
Samson Zhou Bandwidth-Hard Functions: Reductions and
Lower Bounds . . . . . . . . . . . . . . ??
Aggelos Kiayias and
Feng-Hao Liu and
Yiannis Tselekounis (Continuous) Non-malleable Codes for
Partial Functions with Manipulation
Detection and Light Updates . . . . . . ??
Christian Badertscher and
Ueli Maurer and
Daniel Tschudi and
Vassilis Zikas Bitcoin as a Transaction Ledger: a
Composable Treatment . . . . . . . . . . ??
Qianqian Yang and
Ling Song and
Nana Zhang and
Danping Shi and
Libo Wang and
Jiahao Zhao and
Lei Hu and
Jian Weng Optimizing Rectangle and Boomerang
Attacks: a Unified and Generic Framework
for Key Recovery . . . . . . . . . . . . ??
Morten Òygarden and
Patrick Felke and
Håvard Raddum Analysis of Multivariate Encryption
Schemes: Application to Dob and $ C^* $ ??
Mihir Bellare and
Anna Lysyanskaya Symmetric and Dual PRFs from Standard
Assumptions: a Generic Validation of a
Prevailing Assumption . . . . . . . . . ??