Let f : {0, 1}n {0, 1}l be a one-way function. A function h : {0, 1}n {0, 1}m is called a hard-core function for f if, when given f(x) for a (secret) x drawn uniformly from {0, 1}n...
Abstract. We study the problem of broadcasting confidential information to a collection of n devices while providing the ability to revoke an arbitrary subset of those devices (and...
Michael T. Goodrich, Jonathan Z. Sun, Roberto Tama...
Pairing-based cryptosystems rely on bilinear non-degenerate maps called pairings, such as the Tate and Weil pairings defined over certain elliptic curve groups. In this paper we s...
We study cryptographic attacks on random Feistel schemes. We denote by m the number of plaintext/ciphertext pairs, and by k the number of rounds. In their famous paper [3], M. Luby...
The most common method for computing exponentiation of random elements in Abelian groups are sliding window schemes, which enhance the efficiency of the binary method at the expens...
Katsuyuki Okeya, Katja Schmidt-Samoa, Christian Sp...
A timestamping scheme is non-interactive if a stamper can stamp a document without communicating with any other player. The only communication done is at validation time. Non-Inte...
Abstract. In this paper we propose a new key recovery attack on irregular clocked keystream generators where the stream is filtered by a nonlinear Boolean function. We show that t...
In this paper, we show that a key encapsulation mechanism (KEM) does not have to be IND-CCA secure in the construction of hybrid encryption schemes, as was previously believed. Tha...
Abstract. We consider the central cryptographic task of secure twoparty computation, where two parties wish to compute some function of their private inputs (each receiving possibl...