Zero-Knowledge Proofs for Mix-nets of Secret Shares and a Version of ElGamal with Modular Homomorphism

Mix-nets can be used to shuffle vectors of shared secrets. This operation can be an important building block for solving combinatorial problems where constraints depend on secrets of different participants. A main contribution of this paper is to show how participants in the mix-net can provide Zero-Knowledge proofs to convince each other that they do not tamper with the shuffled secrets, and that inverse permutations are correctly applied at unshu#ing. The approach is related to the proof of knowing an isomorphism between large graphs. We also make a detailed review and comparison with rationales and analysis of Chaum's and Merritt's mix-nets. Anothe

Spotting subsequences matching an HMM using the average observation probability criteria with application to keyword spotting

This paper addresses the problem of detecting keywords in unconstrained speech. The proposed algorithms search for the speech segment maximizing the average observation probability 1 along the most likely path in the hypothesized keyword model. As known, this approach (sometimes referred to as sliding model method) requires a relaxation of the begin/endpoints of the Viterbi matching, as well as a time normalization of the resulting score. This makes solutions 2 L

Privacy for DisCSP-based Modeling in Multi-Agent Planning

Constraint Satisfaction and SAT can model planning problems (Kautz & Selman 1996) and this approach is quite successful. There is an increasing interest in distributed and asynchronous search algorithms for solving distributed constraint satisfaction problems (DisCSP). An important motivation for distributed problem solving is the agents ’ ability to keep their constraints private. Cryptographic techniques (Goldwasser & Bellare 1996) offer a certain protection from several types of attacks. However, when an attack succeeds, no agent can know how much privacy he has lost. We assume that agents enforce their privacy by dropping out of the search process whenever the estimated value of the information that they need to reveal in the future exceeds that attached to a successful solution of the DisCSP. We compare several distributed search algorithms as to how likely they are to terminate prematurely for privacy reasons, and arrange the algorithms in a hierarchy that reflects this relation

Zero-knowledge proofs for mix-nets of secret shares and a version of elgamal with modular homomorphism. Cryptology ePrint Archive, Report 2005/079

Mix-nets can be used to shuffle vectors of shared secrets. This operation can be an important building block for solving combinatorial problems where constraints depend on secrets of different participants. A main contribution of this paper is to show how participants in the mix-net can provide Zero-Knowledge proofs to convince each other that they do not tamper with the shuffled secrets, and that inverse permutations are correctly applied at unshuffling. The approach is related to the proof of knowing an isomorphism between large graphs. We also make a detailed review and comparison with rationales and analysis of Chaum’s and Merritt’s mix-nets. Another contribution is a (+ mod ν, ×)-homomorphic encryption scheme that can be parametrized by a public prime value ν and that is obtained from a version of ElGamal [DGS02]. This cryptosystem allows for guarantees of security in the aforementioned mix-net. A generalization shows how to obtain modular arithmetic homomorphic schemes from other cryptosystems. Mix-nets offer only computational security since participants get encrypted versions of all the shares. Information theoretically secure algorithms can be obtained using secure arithmetic circuit evaluation. The arithmetic circuit previously proposed for shuffling a vector of size k was particularly slow. Here we also propose a new arithmetic circuit for performing the operation in O(k 2) multiplications and requiring k−1 shared random numbers with different domains. Another contribution is to provide more efficient arithmetic circuits for combinatorial optimization problems, exploiting recent secure primitives. Examples are shown of how these techniques can be used in the Secure Multi-party Computation (SMC) language [Sil04b]. SMC’s procedures for generating uniformly distributed random permutations are also detailed.