6.2.3 Insecurity of HomSig ,
147 6.3.1 Definition of Functional Signatures ,
,
, SNARKs with Data Privacy, vol.167
, 170 7.1.1 Ensuring Correctness of Privacy-Preserving Computation, vol.170
174 7.3.3 SNARK for Bivariate Polynomial (Partial) Evaluation, p.175 ,
,
181 7.5.2 Succinct Proof of Simultaneous Evaluations in a Point k, p.182 ,
, Proof Systems for Arithmetic Function Evaluation over Polynomial Rings
Insecurity of HomSig ,
, , pp.162-133
, 1.1 Ensuring Correctness of Privacy-Preserving Computation, p.170
, 174 7.3.3 SNARK for Bivariate Polynomial (Partial) Evaluation, p.175
,
181 7.5.2 Succinct Proof of Simultaneous Evaluations in a Point k, p.182 ,
, Proof Systems for Arithmetic Function Evaluation over Polynomial Rings
190 P ? Z q [X, Y ] in some random point k ? Z q . Our scheme is based on an algebraic property of polynomials. We remark that (X ? k) perfectly divides the polynomial ,
2: g := g ? , h := h ? , g := g ? 3: g ij := g s i t j , g ij := g s i t j ? i < d, j < 4: g 1 := g s , h 1 := h s 5: return crs as in Equation (7.2): crs = ck ,
, = w 2: W := P ? Q /(X ? k) 3: (D, ?) ? Biv.Com(W ) 4:g := h 1 /h k , x, y ?$ Z q 5: U := e(h xgy , g) 6: e ? RO(u, D, U) 7: ? = x ? (? ? ?)e mod q 8: ? = y ? ?e mod q, vol.9
= ? 2: (c, c) := C, ) := C , (d, d) := D 3: b 1 ? Biv.ComVer(C) 4: b 2 ? Biv.ComVer(C ) 5: b 3 ? Biv.ComVer(D) 6: A = e, vol.1 ,
On input a security parameter ? ? N and a NP relation R := {(u = ({P j } j , k) ,
, P j (k) = p j }, define the associated relation
, ) := j=0 P j Y j , Q(Y ) := j=0 p j Y j . Output the common reference string by running crs ? P
Given crs, the instance u and the witness w, the prover defines new bi-variate polynomials P (X, Y ) := j=0 P j Y j , Q(y) := j=0 p j Y j and compute the proof ? for those: ? ? P.Prove(crs ,
Ver(crs, u, ?) ? b: Same algorithm as for partial-evaluation P.SNARK ,
, MultiCom as follows: Write W j = d i=0 w ij X i , then running Uni.Com(ck, {W j } j ) gives the same output (D, ?) as running Biv
SNARK is a public coin argument of knowledge of openings of C and C to a set of polynomials {P j } j ? Z q [X] and a set of scalars {p j } j ? Z q such that P j (k) = p j ?0 ? j < ,
From the output of this extended machine B * we can further extract {P j := d i=0 p ij X i } j , {p j := q j } j , W j := d i=0 w ij X i } j just by reading the respective coefficients p ij , q j , w ij from the bivariate polynomials P = d, i,j=0 p ij X i Y j , Q = j=0 q j Y j, We first build a knowledge-extractor. This knowledge extractor directly follows from Lemma ,
there exists an extended machine A * that runs the aggregate machine B * under its output and further returns the same statement and proof as A toghether with an extended witness wit = ({P j } j , ?, {p j } j , ? , {W j }, ?; ?, ?), where P j , W j ? Z q ,
Suppose there exists an adversary A against the soundness of M.SNARK, with the corresponding associated extended machine A * that outputs a cheating proof ? * that passes the verification check with non-negligible probability. We then build an efficient adversary B against P.SNARK that runs the machine A * to break the protocol with non-negligible probability. B runs A * that outputs the corresponding tuple proof-statement-witness u = (C, C , k), ? * = (D, e, ?, ? ), wit = ({P j } j , ?, {p j } j , ? , {W j }, ?; ?, ?). Then, we can define some corresponding bivariate polynomials as follows and build an extractor for B: We have the corresponding polynomials P ? Z q, Soundness. We reduce the soundness of M.SNARK to the soundness of P.SNARK ,
, ? , R f ) ? crs 1: gk ? G(1 ? ), Gen, issue.1
2: g := g ? , h := h ? , g := g ? , g 1 := g s , h 1 := h s 3: g i0 := g s i , g i0 := g s i ? 0 ? i ? ? 4: g ij := g s i t j , g ij := g s i t j ? 0 ? i ? d, 1 ? j ? 5: crs C := ck ,
6: t = T (k), p j = P j (k), k) 9: ? C ? M.Prove(crs C , u C , w C ), 10: ? ? ?(crs , u = (C , p, r), w ) 11: returns ? =, vol.5 ,
Efficient lattice (H)IBE in the standard model, EUROCRYPT 2010, vol.6110, pp.553-572, 2010. ,
A subversion-resistant SNARK, LNCS, pp.3-33, 2017. ,
Algebraic algorithms for LWE. Cryptology ePrint Archive, 1018. ,
URL : https://hal.archives-ouvertes.fr/hal-01072721
Robust password-protected secret sharing, ESORICS 2016, Part II, vol.9879, pp.61-79, 2016. ,
URL : https://hal.archives-ouvertes.fr/hal-01380730
Fast cryptographic primitives and circular-secure encryption based on hard learning problems, LNCS, vol.5677, pp.595-618, 2009. ,
Perfect NIZK with adaptive soundness, LNCS, vol.4392, pp.118-136, 2007. ,
, , 2007.
On the efficacy of solving LWE by reduction to unique-SVP, LNCS, vol.13, pp.293-310, 2014. ,
On hiding information from an oracle (extended abstract), 19th ACM STOC, pp.195-203, 1987. ,
New algorithms for learning in presence of errors, ICALP 2011, Part I, vol.6755, pp.403-415, 2011. ,
Simultaneous hardcore bits and cryptography against memory attacks, LNCS, vol.5444, pp.474-495, 2009. ,
Multiparty computation with low communication, computation and interaction via threshold FHE, ACM CCS 17, vol.7237, pp.483-501, 2012. ,
Generating hard instances of lattice problems ,
, STOC, pp.99-108, 1996.
On dual lattice attacks against small-secret LWE and parameter choices in HElib and SEAL, Part, vol.II, pp.103-129, 2017. ,
Proof verification and the hardness of approximation problems, J. ACM, vol.45, issue.3, pp.501-555, 1998. ,
Faster bootstrapping with polynomial error, CRYPTO 2014, Part I, vol.8616, pp.297-314, 2014. ,
On the concrete hardness of learning with errors, Cryptology ePrint Archive, 2015. ,
On the concrete hardness of learning with errors, Journal of Mathematical Cryptology, vol.9, issue.3, pp.169-203, 2015. ,
Probabilistic checking of proofs; A new characterization of NP, 33rd FOCS, pp.2-13, 1992. ,
Fast probabilistic algorithms for hamiltonian circuits and matchings, STOC, pp.30-41, 1977. ,
Trading group theory for randomness, 17th ACM STOC, pp.421-429, 1985. ,
Inequalities for convex bodies and polar reciprocal lattices inr n. Discrete & Computational Geometry, vol.13, pp.217-231, 1995. ,
How to go beyond the black-box simulation barrier, 42nd FOCS, pp.106-115, 2001. ,
Short signatures without random oracles and the SDH assumption in bilinear groups, Journal of Cryptology, vol.21, issue.2, pp.149-177, 2008. ,
Sub-linear lattice-based zero-knowledge arguments for arithmetic circuits, Lecture Notes in Computer Science, vol.10992, issue.2, pp.669-699, 2018. ,
ADSNARK: Nearly practical and privacy-preserving proofs on authenticated data, 2015 IEEE Symposium on Security and Privacy, pp.271-286, 2015. ,
Hierarchical identity based encryption with constant size ciphertext, LNCS, vol.3494, pp.440-456, 2005. ,
Minimum disclosure proofs of knowledge, J. Comput. Syst. Sci, vol.37, issue.2, pp.156-189, 1988. ,
The hunting of the SNARK. Cryptology ePrint Archive, vol.580, 2014. ,
From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again, pp.326-349, 2012. ,
Recursive composition and bootstrapping for SNARKS and proof-carrying data, 45th ACM STOC, pp.111-120, 2013. ,
SNARKs for C: Verifying program executions succinctly and in zero knowledge, CRYPTO 2013, Part II, vol.8043, pp.90-108, 2013. ,
Zerocash: Decentralized anonymous payments from bitcoin, 2014 IEEE Symposium on Security and Privacy, pp.459-474, 2014. ,
Succinct non-interactive arguments via linear interactive proofs, LNCS, vol.7785, pp.315-333, 2013. ,
On the existence of extractable one-way functions, 46th ACM STOC, pp.505-514, 2014. ,
, Why "Fiat-Shamir for proofs" lacks a proof, LNCS, vol.7785, pp.182-201, 2013.
Short non-interactive cryptographic proofs, Journal of Cryptology, vol.13, issue.4, pp.449-472, 2000. ,
Diverse modules and zero-knowledge. Theses, 2016. ,
URL : https://hal.archives-ouvertes.fr/tel-01399476
Identity-based encryption from the Weil pairing, LNCS, vol.2139, pp.213-229, 2001. ,
Homomorphic signatures for polynomial functions, LNCS, vol.6632, pp.149-168, 2011. ,
Linearly homomorphic signatures over binary fields and new tools for lattice-based signatures, LNCS, vol.6571, pp.1-16, 2011. ,
Signing a linear subspace: Signature schemes for network coding, Cryptology ePrint Archive, 2008. ,
Non-interactive zero-knowledge and its applications (extended abstract), 20th ACM STOC, pp.103-112, 1988. ,
NIZKs with an untrusted CRS: Security in the face of parameter subversion, ASIACRYPT 2016, Part II, vol.10032, pp.777-804, 2016. ,
URL : https://hal.archives-ouvertes.fr/hal-01384384
Universal arguments and their applications, SIAM Journal on Computing, vol.38, issue.5, pp.1661-1694, 2008. ,
Lattice decoding attacks on binary LWE, LNCS, vol.14, pp.322-337, 2014. ,
Functional signatures and pseudorandom functions, LNCS, vol.8383, pp.501-519, 2014. ,
Aggregate and verifiably encrypted signatures from bilinear maps. Cryptology ePrint Archive, 2002. ,
Evaluating 2-DNF formulas on ciphertexts, LNCS, vol.3378, pp.325-341, 2005. ,
Leveled) fully homomorphic encryption without bootstrapping, pp.309-325, 2012. ,
Does co-np have short interactive proofs?, Information Processing Letters, vol.25, issue.2, pp.127-132, 1987. ,
Lattice-based SNARGs and their application to more efficient obfuscation, Part III, vol.10212, pp.247-277, 2017. ,
Quasi-optimal snargs via linear multi-prover interactive proofs, Cryptology ePrint Archive, vol.133, 2018. ,
On the correct use of the negation map in the pollard rho method, LNCS, vol.6571, pp.128-146, 2011. ,
Lower bounds for non-blackbox zero knowledge, 44th FOCS, pp.384-393, 2003. ,
How to generate cryptographically strong sequences of pseudo random bits, 23rd FOCS, pp.112-117, 1982. ,
Limits of extractability assumptions with distributional auxiliary input, Cryptology ePrint Archive, 2013. ,
Limits of extractability assumptions with distributional auxiliary input, ASIACRYPT 2015, Part II, vol.9453, pp.236-261, 2015. ,
Pseudorandom functions and lattices, EURO-CRYPT 2012, vol.7237, pp.719-737, 2012. ,
Random oracles are practical: A paradigm for designing efficient protocols, ACM CCS 93, pp.62-73, 1993. ,
The security of triple encryption and a framework for code-based game-playing proofs, Lecture Notes in Computer Science, vol.4004, pp.409-426, 2006. ,
Scalable, transparent, and post-quantum secure computational integrity. Cryptology ePrint Archive, 2018. ,
Targeted malleability: homomorphic encryption for restricted computations, pp.350-366, 2012. ,
Efficient fully homomorphic encryption from (standard) LWE, editor, 52nd FOCS, pp.97-106, 2011. ,
Fully homomorphic encryption from ring-LWE and security for key dependent messages, LNCS, vol.6841, pp.505-524, 2011. ,
Lattice-based FHE as secure as PKE, ITCS 2014, pp.1-12, 2014. ,
Fiat-shamir from simpler assumptions, IACR Cryptology ePrint Archive, p.1004, 2018. ,
Fiat-Shamir and correlation intractability from strong KDM-secure encryption, Cryptology ePrint Archive, 2018. ,
Towards a theory of extractable functions, LNCS, vol.5444, pp.595-613, 2009. ,
Proofs of partial knowledge and simplified design of witness hiding protocols, LNCS, vol.839, pp.174-187, 1994. ,
Practical homomorphic MACs for arithmetic circuits, EURO-CRYPT 2013, vol.7881, pp.336-352, 2013. ,
Geppetto: Versatile verifiable computation, 2015 IEEE Symposium on Security and Privacy, pp.253-270, 2015. ,
Homomorphic signatures with efficient verification for polynomial functions, CRYPTO 2014, Part I, vol.8616, pp.371-389, 2014. ,
Faster fully homomorphic encryption: Bootstrapping in less than 0.1 seconds, ASIACRYPT 2016, Part I, vol.10031, pp.3-33, 2016. ,
URL : https://hal.archives-ouvertes.fr/cea-01832762
Faster packed homomorphic operations and efficient circuit bootstrapping for TFHE, ASIACRYPT 2017, Part I, pp.377-408, 2017. ,
URL : https://hal.archives-ouvertes.fr/cea-01832760
The random oracle methodology, revisited (preliminary version), 30th ACM STOC, pp.209-218, 1998. ,
Bonsai trees, or how to delegate a lattice basis, Journal of Cryptology, vol.25, issue.4, pp.601-639, 2012. ,
Succinct np proofs from an extractability assumption, Lecture Notes in Computer Science, vol.5028, pp.175-185, 2008. ,
Non-interactive zero knowledge and correlation intractability from circular-secure fhe, IACR Cryptology ePrint Archive, p.1248, 2018. ,
Computationally private information retrieval with polylogarithmic communication, Lecture Notes in Computer Science, vol.1592, pp.402-414, 1999. ,
Practical verified computation with streaming interactive proofs, pp.90-112, 2012. ,
Zero-Knowledge Proofs for Secure Computation. Theses, 2018. ,
URL : https://hal.archives-ouvertes.fr/tel-01668125
Time-bounded random access machines, STOC, pp.73-80, 1972. ,
Towards practical public key systems secure against chosen ciphertext attacks, CRYPTO'91, vol.576, pp.445-456, 1992. ,
Non-interactive circuit based proofs and non-interactive perfect zero-knowledge with proprocessing, EURO-CRYPT'92, vol.658, pp.341-355, 1993. ,
Efficient concurrent zero-knowledge in the auxiliary string model, LNCS, vol.1807, pp.418-430, 2000. ,
Diffie-hillman is as strong as discrete log for certain primes, Lecture Notes in Computer Science, vol.403, pp.530-539, 1988. ,
Square span programs with applications to succinct NIZK arguments, ASIACRYPT 2014, Part I, vol.8873, pp.532-550, 2014. ,
Secure two-party computation with low communication, LNCS, vol.7194, pp.54-74, 2012. ,
Public-key encryption schemes with auxiliary inputs, TCC 2010, vol.5978, pp.361-381 ,
, , 2010.
New directions in cryptography, IEEE Transactions on Information Theory, vol.22, issue.6, pp.644-654, 1976. ,
FHEW: Bootstrapping homomorphic encryption in less than a second, EUROCRYPT 2015, Part I, vol.9056, pp.617-640 ,
, , 2015.
Non-interactive zero-knowledge with preprocessing, LNCS, vol.88, pp.269-282, 1990. ,
A public key cryptosystem and a signature scheme based on discrete logarithms, LNCS, vol.84, pp.10-18, 1984. ,
A public key cryptosystem and a signature scheme based on discrete logarithms, IEEE Transactions on Information Theory, vol.31, pp.469-472, 1985. ,
Can quantum-mechanical description of physical reality be considered complete?, Phys. Rev, vol.47, issue.10, pp.777-780, 1935. ,
Cryptography and Computer Privacy, Scientific American, 1973. ,
Efficiently verifiable computation on encrypted data, ACM CCS 14, pp.844-855, 2014. ,
Multiple non-interactive zero knowledge proofs based on a single random string (extended abstract), 31st FOCS, pp.308-317, 1990. ,
On the (in)security of SNARKs in the presence of oracles, TCC 2016-B, Part I, vol.9985, pp.108-138, 2016. ,
URL : https://hal.archives-ouvertes.fr/hal-01378013
Boosting verifiable computation on encrypted data, 2018. ,
How to prove yourself: Practical solutions to identification and signature problems, LNCS, vol.86, pp.186-194, 1987. ,
Subversion-zero-knowledge snarks, IACR International Workshop on Public Key Cryptography, pp.315-347, 2018. ,
URL : https://hal.archives-ouvertes.fr/hal-01869978
Sophie's World: A Novel about the History of Philosophy, 1996. ,
Space-efficient variants of cryptosystems based on learning with errors. preprint, 2013. ,
Fully homomorphic encryption using ideal lattices, 41st ACM STOC, pp.169-178, 2009. ,
Non-interactive verifiable computing: Outsourcing computation to untrusted workers, CRYPTO 2010, vol.6223, pp.465-482, 2010. ,
Quadratic span programs and succinct NIZKs without PCPs, LNCS, vol.7881, pp.626-645, 2013. ,
On the complexity of interactive proofs with bounded communication, Information Processing Letters, vol.67, issue.4, pp.205-214, 1998. ,
Homomorphic evaluation of the AES circuit, LNCS, vol.7417, pp.850-867, 2012. ,
Coded-BKW: Solving LWE using lattice codes, CRYPTO 2015, Part I, vol.9215, pp.23-42, 2015. ,
On the (in)security of the Fiat-Shamir paradigm, 44th FOCS, pp.102-115, 2003. ,
How to run turing machines on encrypted data, CRYPTO 2013, Part II, vol.8043, pp.536-553, 2013. ,
Chris Peikert, and Vinod Vaikuntanathan. Robustness of the learning with errors assumption, ICS 2010, pp.230-240, 2010. ,
Delegating computation: interactive proofs for muggles, 40th ACM STOC, pp.113-122, 2008. ,
Delegation of computation without rejection problem from designated verifier CS-Proofs. Cryptology ePrint Archive, 2011. ,
Probabilistic encryption and how to play mental poker keeping secret all partial information, 14th ACM STOC, pp.365-377, 1982. ,
Probabilistic encryption, Journal of Computer and System Sciences, vol.28, issue.2, pp.270-299, 1984. ,
Snarky signatures: Minimal signatures of knowledge from simulation-extractable SNARKs, LNCS, pp.581-612, 2017. ,
Latticebased zk-snarks from square span programs, ACM Conference on Computer and Communications Security, pp.556-573, 2018. ,
URL : https://hal.archives-ouvertes.fr/hal-01743360
The knowledge complexity of interactive proof-systems (extended abstract), 17th ACM STOC, pp.291-304, 1985. ,
A digital signature scheme secure against adaptive chosen-message attacks, SIAM Journal on Computing, vol.17, issue.2, pp.281-308, 1988. ,
The knowledge complexity of interactive proof systems, SIAM Journal on Computing, vol.18, issue.1, pp.186-208, 1989. ,
Proofs that yield nothing but their validity and a methodology of cryptographic protocol design, 27th FOCS, pp.174-187, 1986. ,
On signatures and authentication, CRYPTO'82, pp.211-215, 1982. ,
Predicting lattice reduction, LNCS, vol.4965, pp.31-51, 2008. ,
, , 2008.
Definitions and properties of zero-knowledge proof systems, Journal of Cryptology, vol.7, issue.1, pp.1-32, 1994. ,
Foundations of cryptography (fragments of a book), Electronic Colloquium on Computational Complexity, 1995. ,
Probabilistic proof systems: A primer, Foundations and Trends® in Theoretical Computer Science, vol.3, issue.1, pp.1-91, 2008. ,
Non-interactive zaps and new techniques for NIZK, LNCS, vol.4117, pp.97-111, 2006. ,
Perfect non-interactive zero knowledge for NP, LNCS, vol.4004, pp.339-358, 2006. ,
Trapdoors for hard lattices and new cryptographic constructions. Cryptology ePrint Archive, 2007. ,
Single-database private information retrieval with constant communication rate, Luís Caires, Giuseppe F. Italiano, Luís Monteiro, Catuscia Palamidessi, and Moti Yung, vol.3580, pp.803-815, 2005. ,
Short pairing-based non-interactive zero-knowledge arguments, ASIACRYPT 2010, vol.6477, pp.321-340, 2010. ,
On the size of pairing-based non-interactive arguments, EUROCRYPT 2016, Part II, vol.9666, pp.305-326, 2016. ,
Efficient non-interactive proof systems for bilinear groups, 2007. ,
Efficient non-interactive proof systems for bilinear groups, LNCS, vol.4965, pp.415-432, 2008. ,
Homomorphic encryption from learning with errors: Conceptually-simpler, asymptotically-faster, attributebased, CRYPTO 2013, Part I, vol.8042, pp.75-92, 2013. ,
The GNU Multiple Precision Arithmetic Library, 2012. ,
On interactive proofs with a laconic prover, computational complexity, vol.11, issue.1-2, pp.1-53, 2002. ,
Leveled fully homomorphic signatures from standard lattices, 47th ACM STOC, pp.469-477, 2015. ,
Separating succinct non-interactive arguments from all falsifiable assumptions, 43rd ACM STOC, pp.99-108, 2011. ,
Fully homomorphic message authenticators, ASIACRYPT 2013, Part II, vol.8270, pp.301-320, 2013. ,
Packing messages and optimizing bootstrapping in GSW-FHE, LNCS, vol.9020, pp.699-715, 2015. ,
A pseudorandom generator from any one-way function, SIAM Journal on Computing, vol.28, issue.4, pp.1364-1396, 1999. ,
FLINT: Fast Library for Number Theory, 2013. ,
Universal signature aggregators, EURO-CRYPT 2015, Part II, vol.9057, pp.3-34, 2015. ,
Cryptographic hashing from strong one-way functions, Cryptology ePrint Archive, vol.385, 2018. ,
Ntru: A ring-based public key cryptosystem, Lecture Notes in Computer Science, vol.1423, pp.267-288, 1998. ,
An Introduction to Mathematical Cryptography, Undergraduate Texts in Mathematics, 2008. ,
On the existence of 3-round zero-knowledge protocols, LNCS, vol.98, pp.408-423, 1998. ,
Evaluating branching programs on encrypted data, LNCS, vol.4392, pp.575-594, 2007. ,
Password authentication using multiple servers, LNCS, vol.2020, pp.344-360, 2001. ,
The Codebreakers. The Macmillan Company, 1967. ,
La cryptographie militaire, Journal des Sciences Militaires, pp.161-191, 1883. ,
A note on efficient zero-knowledge proofs and arguments (extended abstract), 24th ACM STOC, pp.723-732, 1992. ,
An efficient noninteractive zero-knowledge proof system for NP with general assumptions, Journal of Cryptology, vol.11, issue.1, pp.1-27, 1998. ,
How to protect des against exhaustive key search (an analysis of desx), J. Cryptology, vol.14, issue.1, pp.17-35, 2001. ,
From obfuscation to the security of Fiat-Shamir for proofs, LNCS, pp.224-251, 2017. ,
Multi-bit cryptosystems based on lattice problems, LNCS, vol.4450, pp.315-329, 2007. ,
On span programs, Proc. of the 8th IEEE Structure in Complexity Theory, pp.102-111, 1993. ,
Multi-theorem preprocessing nizks from lattices, Lecture Notes in Computer Science, vol.10992, issue.2, pp.733-765, 2018. ,
Constant-size commitments to polynomials and their applications, ASIACRYPT 2010, vol.6477, pp.177-194, 2010. ,
Constructing digital signatures from a one-way function, 1979. ,
An oblivious transfer protocol with log-squared communication, LNCS, vol.3650, pp.314-328, 2005. ,
Progression-free sets and sublinear pairing-based noninteractive zero-knowledge arguments, LNCS, vol.7194, pp.169-189, 2012. ,
Succinct non-interactive zero knowledge arguments from span programs and linear error-correcting codes, ASIACRYPT 2013, Part I, vol.8269, pp.41-60 ,
, , 2013.
Prover-efficient commit-and-prove zero-knowledge SNARKs, AFRICACRYPT, vol.16, pp.185-206, 2016. ,
Lattice-based zero-knowledge arguments for integer relations, Lecture Notes in Computer Science, vol.10992, issue.2, pp.700-732, 2018. ,
URL : https://hal.archives-ouvertes.fr/hal-01911886
Better key sizes (and attacks) for LWEbased encryption, LNCS, vol.6558, pp.319-339, 2011. ,
On ideal lattices and learning with errors over rings, Lecture Notes in Computer Science, vol.6110, pp.1-23, 2010. ,
URL : https://hal.archives-ouvertes.fr/hal-00921792
On ideal lattices and learning with errors over rings, EUROCRYPT 2010, vol.6110, pp.1-23, 2010. ,
URL : https://hal.archives-ouvertes.fr/hal-00921792
Why proving HIBE systems secure is difficult, LNCS, vol.8441, pp.58-76, 2014. ,
Towards the equivalence of breaking the diffie-hellman protocol and computing discrete algorithms, Lecture Notes in Computer Science, vol.839, pp.271-281, 1994. ,
Abstract models of computation in cryptography, 10th IMA International Conference on Cryptography and Coding, vol.3796, pp.1-12, 2005. ,
A public-key cryptosystem based on algebraic coding theory, vol.42, pp.114-116, 1978. ,
Secrecy, authentication and public key systems, 1979. ,
Complexity of Lattice Problems: a cryptographic perspective, The Kluwer International Series in Engineering and Computer Science, vol.671, 2002. ,
CS proofs (extended abstracts), 35th FOCS, pp.436-453, 1994. ,
Computationally sound proofs, SIAM Journal on Computing, vol.30, issue.4, pp.1253-1298, 2000. ,
A first glimpse of cryptography's holy grail, Commun. ACM, vol.53, issue.3, p.96, 2010. ,
Worst-case to average-case reductions based on Gaussian measures, 45th FOCS, pp.372-381, 2004. ,
On cryptographic assumptions and challenges, Lecture Notes in Computer Science, vol.2729, pp.96-109, 2003. ,
On cryptographic assumptions and challenges (invited talk), LNCS, vol.2729, pp.96-109, 2003. ,
, , 2003.
Universal one-way hash functions and their cryptographic applications, 21st ACM STOC, pp.33-43, 1989. ,
Public-key cryptosystems based on composite degree residuosity classes, LNCS, vol.99, pp.223-238, 1999. ,
Public-key cryptosystems from the worst-case shortest vector problem, Cryptology ePrint Archive, 2008. ,
A decade of lattice cryptography, Cryptology ePrint Archive, vol.939, 2015. ,
Pinocchio: Nearly practical verifiable computation, 2013 IEEE Symposium on Security and Privacy, pp.238-252, 2013. ,
Monte Carlo methods for index computation mod p. Mathematics of Computation, vol.32, pp.918-924, 1978. ,
How to delegate and verify in public: Verifiable computation from attribute-based encryption, LNCS, vol.7194, pp.422-439, 2012. ,
, , 2012.
Security arguments for digital signatures and blind signatures, Journal of Cryptology, vol.13, issue.3, pp.361-396, 2000. ,
A framework for efficient and composable oblivious transfer. Cryptology ePrint Archive, 2007. ,
Lossy trapdoor functions and their applications, 40th ACM STOC, pp.187-196, 2008. ,
On data banks and privacy homomorphisms. Foundations of Secure Computation, pp.169-177, 1978. ,
On lattices, learning with errors, random linear codes, and cryptography, pp.84-93, 2005. ,
On lattices, learning with errors, random linear codes, and cryptography, 37th ACM STOC, pp.84-93, 2005. ,
One-way functions are necessary and sufficient for secure signatures, 22nd ACM STOC, pp.387-394, 1990. ,
Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack, LNCS, vol.576, pp.433-444, 1992. ,
Estimating the security of latticebased cryptosystems, Cryptology ePrint Archive, 2010. ,
A method for obtaining digital signature and public-key cryptosystems, Communications of the Association for Computing Machinery, vol.21, issue.2, pp.120-126, 1978. ,
Efficient identification and signatures for smart cards, LNCS, vol.89, pp.239-252 ,
, , 1990.
Communication theory of secrecy systems, Bell Systems Technical Journal, vol.28, issue.4, pp.656-715, 1949. ,
Class number, a theory of factorization, and genera, of Proceedings of Symposia in Pure Mathematics, vol.20, pp.415-440, 1971. ,
Lower bounds for discrete logarithms and related problems, LNCS, vol.1233, pp.256-266 ,
, , 1997.
Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer, SIAM Review, vol.41, issue.2, pp.303-332, 1999. ,
Oaep reconsidered, J. Cryptology, vol.15, issue.4, pp.223-249, 2002. ,
Faster fully homomorphic encryption, LNCS, vol.6477, pp.377-394, 2010. ,
Efficient public key encryption based on ideal lattices, LNCS, vol.5912, pp.617-635, 2009. ,
Fully homomorphic encryption with relatively small key and ciphertext sizes, PKC 2010, vol.6056, pp.420-443 ,
, , 2010.
Universal circuits (preliminary report), STOC, pp.196-203, 1976. ,
Incrementally verifiable computation or proofs of knowledge imply time/space efficiency, LNCS, vol.4948, pp.1-18, 2008. ,
Fully homomorphic encryption over the integers, EUROCRYPT 2010, vol.6110, pp.24-43, 2010. ,
Privacy and information technology, 2018. ,
Pinocchio-based adaptive zk-SNARKs and secure/correct adaptive function evaluation, AFRICACRYPT 17, pp.21-39 ,
, , 2017.
On round-efficient argument systems, Luís Caires, vol.3580, pp.140-152, 2005. ,
Lower bounds for non-interactive zero-knowledge, Salil P ,
, LNCS, vol.4392, pp.103-117, 2007.
Privacy and Freedom, 1967. ,
Full accounting for verifiable outsourcing, ACM CCS 17, pp.2071-2086, 2017. ,
Doubly-efficient zkSNARKs without trusted setup, 2018 IEEE Symposium on Security and Privacy, pp.926-943, 2018. ,
vSQL: Verifying arbitrary SQL queries over dynamic outsourced databases, 2017 IEEE Symposium on Security and Privacy, pp.863-880, 2017. ,