125 research outputs found
Nonlinear complexity of the Naor-Reingold pseudo-random function
This is a preprint of a book chapter published in Lecture Notes in Computer Science,1787, Springer-Verlag, Berlin (2000). The original publication is available at www.springerlink.com.We obtain an exponential lower bound on the non-linear complexity of the new pseudo-random function, introduced recently by M. Naor and O. Reingold. This bound is an extension of the lower bound on the linear complexity of this function that has been obtained by F. Griffin and I. E. Shparlinski
Subliminal Hash Channels
Due to their nature, subliminal channels are mostly regarded as being malicious, but due to recent legislation efforts users\u27 perception might change. Such channels can be used to subvert digital signature protocols without degrading the security of the underlying primitive. Thus, it is natural to find countermeasures and devise subliminal-free signatures. In this paper we discuss state-of-the-art countermeasures and introduce a generic method to bypass them
Functionally Private Approximations of Negligibly-Biased Estimators
We study functionally private approximations.
An approximation function is {em functionally private} with respect to
if, for any input , reveals no more information about than
.
Our main result states that a function admits an efficiently-computable
functionally private approximation if there exists an efficiently-computable
and negligibly-biased estimator for .
Contrary to previous generic results, our theorem is more general and
has a wider application reach.We provide two distinct applications of the above result to demonstrate its flexibility.
In the data stream model, we provide a functionally private approximation to the
-norm estimation problem, a quintessential application in streaming, using only
polylogarithmic space in the input size.
The privacy guarantees rely on the use of pseudo-random {em
functions} (PRF) (a stronger cryptographic notion than pseudo-random
generators) of which can be based on common cryptographic assumptions.The application of PRFs in this context appears to be novel and we expect other results to follow suit.Moreover, this is the first known functionally private streaming result for {em any} problem.
Our second application result states that every problem in some subclasses of SP of
hard counting problems admit efficient and functionally private approximation protocols.
This result is based on a functionally private approximation for the SDNF
problem (or estimating the number of satisfiable truth assignments to a
Boolean formula in disjunctive normal form), which is an application of our
main theorem and previously known results
Finding Safety in Numbers with Secure Allegation Escrows
For fear of retribution, the victim of a crime may be willing to report it
only if other victims of the same perpetrator also step forward. Common
examples include 1) identifying oneself as the victim of sexual harassment,
especially by a person in a position of authority or 2) accusing an influential
politician, an authoritarian government, or ones own employer of corruption. To
handle such situations, legal literature has proposed the concept of an
allegation escrow: a neutral third-party that collects allegations anonymously,
matches them against each other, and de-anonymizes allegers only after
de-anonymity thresholds (in terms of number of co-allegers), pre-specified by
the allegers, are reached.
An allegation escrow can be realized as a single trusted third party;
however, this party must be trusted to keep the identity of the alleger and
content of the allegation private. To address this problem, this paper
introduces Secure Allegation Escrows (SAE, pronounced "say"). A SAE is a group
of parties with independent interests and motives, acting jointly as an escrow
for collecting allegations from individuals, matching the allegations, and
de-anonymizing the allegations when designated thresholds are reached. By
design, SAEs provide a very strong property: No less than a majority of parties
constituting a SAE can de-anonymize or disclose the content of an allegation
without a sufficient number of matching allegations (even in collusion with any
number of other allegers). Once a sufficient number of matching allegations
exist, the join escrow discloses the allegation with the allegers' identities.
We describe how SAEs can be constructed using a novel authentication protocol
and a novel allegation matching and bucketing algorithm, provide formal proofs
of the security of our constructions, and evaluate a prototype implementation,
demonstrating feasibility in practice.Comment: To appear in NDSS 2020. New version includes improvements to writing
and proof. The protocol is unchange
- …