How to Shuffle in Public

Adida, Ben; Wikström, Douglas

doi:10.1007/978-3-540-70936-7_30

Cited by 56 publications

(64 citation statements)

References 34 publications

(43 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We show that this is the case as long as t = O (1). However, when t = ω(1), major (and seemingly inherent) difficulties rise.…”

Section: Our Techniquesmentioning

confidence: 69%

“…Here VGB comes to our aid when t = ω (1). That is, having limited oracle access to the point programs and sufficient power to compute the distinguishing elements allows performing the required simulation.…”

Section: Our Techniquesmentioning

confidence: 99%

“…-( Virtual Black Box) 1 For any PPT adversary A and polynomial p there is a PPT simulator S such that for all sufficiently large n ∈ N and C ∈ C n : …”

Section: Definition 21 (Obfuscator [3] ) a Ppt O Is A Vbb Obfuscatomentioning

confidence: 99%

“…The INDO (BPO) definition is 1 As noted by [3] the above can be replaced with the equivalent requirement that…”

Section: Definition 22 (Indistinguishability Obfuscation [3]) O Is mentioning

confidence: 99%

“…Another relaxation requires the obfuscation to be secure only when the program is sampled from some adequate distribution (rather than requiring security for any program in the family). This was done in the context of perfect one-way hashing [11] , point proximity testing [14], re-encryption [22] and more [1,21,18]. However, in some scenarios such a relaxation does not capture the security properties we would expect from an obfuscation.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

On Strong Simulation and Composable Point Obfuscation

Bitansky

Canetti

2010

Advances in Cryptology – CRYPTO 2010

View full text Add to dashboard Cite

Abstract. The Virtual Black Box (VBB) property for program obfuscators provides a strong guarantee: Anything computable by an efficient adversary given the obfuscated program can also be computed by an efficient simulator with only oracle access to the program. However, we know how to achieve this notion only for very restricted classes of programs.This work studies a simple relaxation of VBB: Allow the simulator unbounded computation time, while still allowing only polynomially many queries to the oracle. We then demonstrate the viability of this relaxed notion, which we call Virtual Grey Box (VGB), in the context of fully composable obfuscators for point programs: It is known that, w.r.t. VBB, if such obfuscators exist then there exist multi-bit point obfuscators (aka "digital lockers") and subsequently also very strong variants of encryption that are resilient to various attacks, such as key leakage and keydependent-messages. However, no composable VBB-obfuscators for point programs have been shown. We show fully composable VGB-obfuscators for point programs under a strong variant of the Decision Diffie Hellman assumption. We show they suffice for the above applications and even for extensions to the public key setting as well as for encryption schemes with resistance to certain related key attacks (RKA).

show abstract

“…We show that this is the case as long as t = O (1). However, when t = ω(1), major (and seemingly inherent) difficulties rise.…”

Section: Our Techniquesmentioning

confidence: 69%

Section: Our Techniquesmentioning

confidence: 99%

“…-( Virtual Black Box) 1 For any PPT adversary A and polynomial p there is a PPT simulator S such that for all sufficiently large n ∈ N and C ∈ C n : …”

Section: Definition 21 (Obfuscator [3] ) a Ppt O Is A Vbb Obfuscatomentioning

confidence: 99%

“…The INDO (BPO) definition is 1 As noted by [3] the above can be replaced with the equivalent requirement that…”

Section: Definition 22 (Indistinguishability Obfuscation [3]) O Is mentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

On Strong Simulation and Composable Point Obfuscation

Bitansky

Canetti

2010

Advances in Cryptology – CRYPTO 2010

View full text Add to dashboard Cite

show abstract

A Verifiable and Practical Lattice-Based Decryption Mix Net with External Auditing

Boyen

Haines

Müller

2020

Computer Security – ESORICS 2020

View full text Add to dashboard Cite

Mix nets are often used to provide privacy in modern security protocols, through shuffling. Some of the most important applications, such as secure electronic voting, require mix nets that are verifiable. In the literature, numerous techniques have been proposed to make mix nets verifiable. Some of them have also been employed for securing real political elections. With the looming possibility of quantum computers and their threat to cryptosystems based on classical hardness assumptions, there is significant pressure to migrate mix nets to post-quantum alternatives. At present, no verifiable and practical post-quantum mix net with external auditing is available as a drop-in replacement of existing constructions. In this paper, we give the first such construction. We propose a verifiable decryption mix net which solely employs practical lattice-based primitives. We formally prove that our mix net provides a high level of verifiability, and even accountability which guarantees that misbehaving mix servers can also be identified. Verification is executed by a (temporarily trusted) public auditor whose role can easily be distributed. We have implemented our completely lattice-based mix net from the bottom up, and provide detailed benchmarks which demonstrate its practicality for real-world post-quantum-secure e-voting.

show abstract

Non-Interactive Anonymous Router

Shi

2021

Lecture Notes in Computer Science

View full text Add to dashboard Cite

How to Shuffle in Public

Cited by 56 publications

References 34 publications

On Strong Simulation and Composable Point Obfuscation

On Strong Simulation and Composable Point Obfuscation

A Verifiable and Practical Lattice-Based Decryption Mix Net with External Auditing

Non-Interactive Anonymous Router

Contact Info

Product

Resources

About