Coppersmith, Franklin, Patarin, and Reiter show that given two RSA cryptograms xe mod N and (ax + b)e mod N for known constants a, b ∈ ZN , one can compute x in O(e log2 e) ZN -o...
Abstract. We consider the problem of password-authenticated key exchange (PAK) also known as session-key generation using passwords: constructing session-key generation protocols t...
The existing unconditional security definitions of quantum key distribution (QKD) do not apply to joint attacks over QKD and the subsequent use of the resulting key. In this paper...
Michael Ben-Or, Michal Horodecki, Debbie W. Leung,...
Definition of security under the framework of Environmental Security (a.k.a Network-Aware Security or Universally Composable Security) typically requires “extractability” of t...
Adaptively-secure encryption schemes ensure secrecy even in the presence of an adversary who can corrupt parties in an adaptive manner based on public keys, ciphertexts, and secret...