Sciweavers

TCC
2005
Springer

Handling Expected Polynomial-Time Strategies in Simulation-Based Security Proofs

14 years 5 months ago
Handling Expected Polynomial-Time Strategies in Simulation-Based Security Proofs
The standard class of adversaries considered in cryptography is that of strict polynomial-time probabilistic machines. However, expected polynomial-time machines are often also considered. For example, there are many zero-knowledge protocols for which the only known simulation techniques run in expected (and not strict) polynomial time. In addition, it has been shown that expected polynomial-time simulation is essential for achieving constant-round black-box zero-knowledge protocols. This reliance on expected polynomial-time simulation introduces a number of conceptual and technical difficulties. In this paper, we develop techniques for dealing with expected polynomial-time adversaries in simulation-based security proofs.
Jonathan Katz, Yehuda Lindell
Added 28 Jun 2010
Updated 28 Jun 2010
Type Conference
Year 2005
Where TCC
Authors Jonathan Katz, Yehuda Lindell
Comments (0)