Compiling an Honest but Curious Protocol
|
|
- Joy Mason
- 5 years ago
- Views:
Transcription
1 6.876/18.46: Advanced Cryptography May 7, 003 Lecture 1: Copiling an Honest but Curious Protocol Scribed by: Jonathan Derryberry 1 Review In previous lectures, the notion of secure ultiparty coputing was developed. The setting is that there are parties, each of which has a private input x 1,...,x. The goal is to copute fx 1,...,x,R) securely, where R is rando coins and securely eans that no party obtains any ore knowledge about other parties private inputs than could be obtained if all coputation were done through a trusted third party. The setting for this proble can be thought of as coputers on a network; personal coputation is private but all interparty counication is up for grabs. In previous lectures, Honest but Curious HBC) security was introduced. In the HBC setting, every party is obliged to follow the protocol, but cannot intentionally forget knowledge that it learns during the execution of the protocol. In other words, all parties are curious, in that they try to find out as uch as possible about the other inputs despite following the protocol. A protocol is secure in the HBC sense if and only if all parties have no new knowledge at the end of the protocol above what they would have learned fro the output of f. Recall the HBC 4 ) oblivious transfer OT) protocol: 1 A p B A R;x 1,x,px 3 ),x 4 x i {0,1} n B [ R p 1 i )] s i i=1,,3,4 A B, where p is a trapdoor perutation, R is a rando n-bit vector, denotes the dot product, i is either x i or px i ) depending on what B sent in the second step of the protocol, and s i represents four different secret bits known to A of which B has selected one to learn. In this case, because B applied p to x 3, B learns the value of s 3. Extending HBC In this lecture, HBC security will be extended to create protocols that are secure even if soe subset of the parties are corrupt as discussed in [GMW87]). In studying the security of these protocols we assue the following 3-1
2 each party has full knowledge of A 1,...,A, the algoriths that parties 1,..., are supposed to use during the coputation of fx 1,...,x,R) good guys only have prior knowledge of their own inputs no bad guy has prior knowledge of any good guy s input or rando coins, which are assued to coe fro nature and to be secret bad guys ay collude as uch as they want between each other, including sharing their inputs Now, to create a protocol that is secure against alicious parties, our strategy has several steps n) 1. Define HBC solution n private). Produce HBC solution see last lecture) 4 ) 3. Produce coputationally HBC OT see the review) 1 4. Copile HBC protocol into a protocol that is secure against alicious adversaries To accoplish the last step, we first observe that each party in the protocol only gets to see the essages that each A i gets and its answers a to the essages. 3 Enforcing Honest Tape Use in a Malicious Environent The first difficulty that arises during copilation is that it is hard to deterine whether each participant is actually using a rando tape, or soe cooked up rando tape that could potentially allow the extraction of extra knowledge. To guard against this, we could add an opening round of counication in which each A i broadcasts coitents Cb A i ),CbA i 1 ),CbA i 3 ),... to the bits on its rando tape. This prevents each A i fro changing its rando tape as the protocol progresses because everyone is coited to their rando tapes and each player knows how the other is supposed to act, given the contents of the tapes. At this point, we note that although this prevents the changing of the rando tape, it does not ensure that the tape is rando to begin with. 3.1 Ensuring the Rando Tape s Randoness To solve this proble, the other parties coit to rando guesses about what the contents of the other parties rando tapes are. For exaple, after A 1 akes coitents 1 ),Cb A 1 Cb A 1 ),... to its rando tape, A akes rando guesses Cg A ),Cg A 1 ),... regarding the contents of A 1 s rando tape, and A 3,...,A follow suit. Next, all of the guesses for each bit are revealed, and the actual value of A 1 s rando tape s first bit is declared to be b 1 g g. Note that if at least one eber of the protocol is honest and akes a rando guess then the first bit of the rando tape is indeed rando. Moreover, note that A 1 has not revealed b 1,so A 1 is the only party to know the value of its 3-
3 rando tape at this point if A 1 is honest. Also, A 1 can provide a ZKP that it is behaving in a anner that corresponds to the coitted rando bits without revealing what they are. One potential proble with this schee for generating the contents of the parties rando tapes is that it ay be possible for a cheating party to old its coitent to correlate to the other coitents. This is a proble. For exaple, if A is able to coit to b A 1 g A g A then the first bit of A 1 s tape could be set to 0 presuably A 1 would have to collude with A for A to be able to reveal). However, there are various solutions to this proble. One solution is to siply have the parties reveal their coitents in the reverse order that they broadcasted their coitents. Thus, a correlating cheater would be unable to decoit because it would not know the value of the bit to which it coitted. Another solution to the proble is to use utually independent coitents, which were addressed in a previous lecture, so that such correlation is coputationally infeasible. 3. Coitting to other Tapes Siilarly, everyone can coit to their inputs and work tapes, so that cheating parties cannot decide to change their inputs idway through the protocol or start with a work tape that is not blank. Also, each party sends a coitent to the final state of its worktape. Note that at this point, all of each participant s coputation has been coitted to. Thus, at the end, if each party A i provides a ZKP that if the other parties guessed the private key to its coitents, then they would be able to verify that A i behaved honestly according to the prespecified algoriths, protocol, and the coitted contents of the tapes assuing starting with the blank tape). Because this is clearly an NP stateent, such a ZKP can be given. 3.3 Ipleenting Counication When counication is to be broadcast to everyone, there is no proble because there is no concern about who overhears it. However, one useful for of counication in the HBC setting is the ability to whisper to other parties so that only one other person hears what you say. This has a natural ipleentation in the alicious setting. Everyone siply announces their public key at the beginning of the protocol. Thus, if A 1 wants to send A a essage in secret, A 1 broadcasts E A ) to everyone. Note that this has two desirable effects. First, A and only A understands what is said. Second, everyone else receives a coitent to the essage, which can be verified as the correct essage using a ZKP. 4 Worries At this point, let us suarize our worries about why this copilation of an HBC protocol ight not work: 1. Are different bits of the tape rando? as long as one player is honest and coits to a rando bit, the XOR akes the bit rando 3-3
4 . Parties ay be able to correlate coitents to their tapes. Could reveal backwards, use utually independent coitents, or require a proof of knowledge of the value coitted to 3. The agree on a rando bit proble. In a coin-toss-over-the-phone schee one person knows the value of the rando bit before the other, and can abort if they do not like the value. This last worry has not been addressed directly. One solution to it is to legislate that aborting the protocol is not allowed. However, this ay pose a proble what if you are on different planets?). 4.1 Dividing the Secret into Shares Another solution to this proble is to divide the secret value of the rando coin into shares so that any group of less than parties has no inforation about what the coin is, but any group of ore than parties does have enough inforation to deterine what the secret is. Shair proposed one way of doing this[s79]. The idea is to create a polynoial of the for 1 Qx) = a x + a 1x + + a 1 x + a 0, where the value of Qx) is taken odulo a prie p >,and a i {0, 1,...,p 1}. Now, let each party A 1,...,A have a secret defined as s 1 = Q1),...,s = Q). Note that knowing of the secrets yields no knowledge about the reaining values because there is one ore degree of freedo in the polynoial. However, note that knowing just one ore secret allows the full reconstruction of the polynoial because there are only + 1 degrees of freedo for the for of the polynoial. How can this schee be used to help us transfor an HBC protocol? Each party sends each other party a share of its own private key at the beginning of the protocol[cgma85]. In other words, party A i sends E A1 Q1)),...,E A Q)), where Q represents the value of A i s private key. Note that this allows each party to decrypt exactly one share of A 1 s private key. Also, note that the correctness of the shares ust also be verified in the beginning of the protocol via any zero knowledge proofs e.g. the NP ZKP: you could guess a private key that corresponds to the public key, and your share would be the share that you received). At the end of the protocol, if soe coalition tries to cheat, all of the good guys get together and break the coalition s private keys by sharing the secrets that they received. Note that this ethod is only effective against coalitions of size or saller, otherwise the coalition can crack the private keys of all of the honest players. References [GMW87] O. Goldreich, S. Micali, and A. Wigderson. How to Play any Mental Gae - A Copleteness There for Protocols with Honest Majority. STOC [S79] A. Shair. How to Share a Secret. Counications of the ACM. Noveber, pp
5 [CGMA85] Chor, Goldwasser, Micali, and Awerbuch. Verifiable Secret Sharing and Achieving Siultaneity in the Presence of faults. Proceedings of FOCS 85. pp
An Almost-Optimally Fair Three-Party Coin-Flipping Protocol
An Alost-Optially Fair Three-Party Coin-Flipping Protocol [Extended Abstract] ABSTRACT Iftach Haitner School of Coputer Science Tel Aviv University Israel iftachh@cs.tau.ac.il In a ultiparty fair coin-flipping
More informationPrivacy-preserving String-Matching With PRAM Algorithms
Privacy-preserving String-Matching With PRAM Algoriths Report in MTAT.07.022 Research Seinar in Cryptography, Fall 2014 Author: Sander Sii Supervisor: Peeter Laud Deceber 14, 2014 Abstract In this report,
More informationParallel Coin-Tossing and Constant-Round Secure Two-Party Computation
Parallel Coin-Tossing and Constant-Round Secure Two-Party Computation Yehuda Lindell Department of Computer Science and Applied Math, Weizmann Institute of Science, Rehovot, Israel. lindell@wisdom.weizmann.ac.il
More informationSecure Multiparty Computation: Introduction. Ran Cohen (Tel Aviv University)
Secure Multiparty Computation: Introduction Ran Cohen (Tel Aviv University) Scenario 1: Private Dating Alice and Bob meet at a pub If both of them want to date together they will find out If Alice doesn
More informationIntroduction to Secure Multi-Party Computation
Introduction to Secure Multi-Party Computation Many thanks to Vitaly Shmatikov of the University of Texas, Austin for providing these slides. slide 1 Motivation General framework for describing computation
More informationIntroduction to Secure Multi-Party Computation
CS 380S Introduction to Secure Multi-Party Computation Vitaly Shmatikov slide 1 Motivation General framework for describing computation between parties who do not trust each other Example: elections N
More informationNotes for Lecture 24
U.C. Berkeley CS276: Cryptography Handout N24 Luca Trevisan April 21, 2009 Notes for Lecture 24 Scribed by Milosh Drezgich, posted May 11, 2009 Summary Today we introduce the notion of zero knowledge proof
More informationA Novel Fast Constructive Algorithm for Neural Classifier
A Novel Fast Constructive Algorith for Neural Classifier Xudong Jiang Centre for Signal Processing, School of Electrical and Electronic Engineering Nanyang Technological University Nanyang Avenue, Singapore
More information1 A Tale of Two Lovers
CS 120/ E-177: Introduction to Cryptography Salil Vadhan and Alon Rosen Dec. 12, 2006 Lecture Notes 19 (expanded): Secure Two-Party Computation Recommended Reading. Goldreich Volume II 7.2.2, 7.3.2, 7.3.3.
More informationStructural Balance in Networks. An Optimizational Approach. Andrej Mrvar. Faculty of Social Sciences. University of Ljubljana. Kardeljeva pl.
Structural Balance in Networks An Optiizational Approach Andrej Mrvar Faculty of Social Sciences University of Ljubljana Kardeljeva pl. 5 61109 Ljubljana March 23 1994 Contents 1 Balanced and clusterable
More informationLecture 9: Zero-Knowledge Proofs
Great Ideas in Theoretical Computer Science Summer 2013 Lecture 9: Zero-Knowledge Proofs Lecturer: Kurt Mehlhorn & He Sun A zero-knowledge proof is an interactive protocol (game) between two parties, a
More informationImprove Peer Cooperation using Social Networks
Iprove Peer Cooperation using Social Networks Victor Ponce, Jie Wu, and Xiuqi Li Departent of Coputer Science and Engineering Florida Atlantic University Boca Raton, FL 33431 Noveber 5, 2007 Corresponding
More informationSecure Multi-Party Computation. Lecture 13
Secure Multi-Party Computation Lecture 13 Must We Trust? Can we have an auction without an auctioneer?! Declared winning bid should be correct Only the winner and winning bid should be revealed Using data
More informationAn Architecture for a Distributed Deductive Database System
IEEE TENCON '93 / B eih An Architecture for a Distributed Deductive Database Syste M. K. Mohania N. L. Sarda bept. of Coputer Science and Engineering, Indian Institute of Technology, Bobay 400 076, INDIA
More informationSecure Wireless Multihop Transmissions by Intentional Collisions with Noise Wireless Signals
Int'l Conf. Wireless etworks ICW'16 51 Secure Wireless Multihop Transissions by Intentional Collisions with oise Wireless Signals Isau Shiada 1 and Hiroaki Higaki 1 1 Tokyo Denki University, Japan Abstract
More informationGuillotine subdivisions approximate polygonal subdivisions: Part III { Faster polynomial-time approximation schemes for
Guillotine subdivisions approxiate polygonal subdivisions: Part III { Faster polynoial-tie approxiation schees for geoetric network optiization Joseph S. B. Mitchell y April 19, 1997; Last revision: May
More informationMAPPING THE DATA FLOW MODEL OF COMPUTATION INTO AN ENHANCED VON NEUMANN PROCESSOR * Peter M. Maurer
MAPPING THE DATA FLOW MODEL OF COMPUTATION INTO AN ENHANCED VON NEUMANN PROCESSOR * Peter M. Maurer Departent of Coputer Science and Engineering University of South Florida Tapa, FL 33620 Abstract -- The
More informationλ-harmonious Graph Colouring Lauren DeDieu
λ-haronious Graph Colouring Lauren DeDieu June 12, 2012 ABSTRACT In 198, Hopcroft and Krishnaoorthy defined a new type of graph colouring called haronious colouring. Haronious colouring is a proper vertex
More informationLecture 6: ZK Continued and Proofs of Knowledge
600.641 Special Topics in Theoretical Cryptography 02/06/06 Lecture 6: ZK Continued and Proofs of Knowledge Instructor: Susan Hohenberger Scribe: Kevin Snow 1 Review / Clarification At the end of last
More informationA Measurement-Based Model for Parallel Real-Time Tasks
A Measureent-Based Model for Parallel Real-Tie Tasks Kunal Agrawal 1 Washington University in St. Louis St. Louis, MO, USA kunal@wustl.edu https://orcid.org/0000-0001-5882-6647 Sanjoy Baruah 2 Washington
More informationDifferent criteria of dynamic routing
Procedia Coputer Science Volue 66, 2015, Pages 166 173 YSC 2015. 4th International Young Scientists Conference on Coputational Science Different criteria of dynaic routing Kurochkin 1*, Grinberg 1 1 Kharkevich
More informationSecure Multiparty Computation
CS573 Data Privacy and Security Secure Multiparty Computation Problem and security definitions Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation
More informationGromov-Hausdorff Distance Between Metric Graphs
Groov-Hausdorff Distance Between Metric Graphs Jiwon Choi St Mark s School January, 019 Abstract In this paper we study the Groov-Hausdorff distance between two etric graphs We copute the precise value
More informationResearch Statement. Yehuda Lindell. Dept. of Computer Science Bar-Ilan University, Israel.
Research Statement Yehuda Lindell Dept. of Computer Science Bar-Ilan University, Israel. lindell@cs.biu.ac.il www.cs.biu.ac.il/ lindell July 11, 2005 The main focus of my research is the theoretical foundations
More informationOPTIMAL COMPLEX SERVICES COMPOSITION IN SOA SYSTEMS
Key words SOA, optial, coplex service, coposition, Quality of Service Piotr RYGIELSKI*, Paweł ŚWIĄTEK* OPTIMAL COMPLEX SERVICES COMPOSITION IN SOA SYSTEMS One of the ost iportant tasks in service oriented
More informationHomework 1. An Introduction to Neural Networks
Hoework An Introduction to Neural Networks -785: Introduction to Deep Learning Spring 09 OUT: January 4, 09 DUE: February 6, 09, :59 PM Start Here Collaboration policy: You are expected to coply with the
More informationDeterministic Voting in Distributed Systems Using Error-Correcting Codes
IEEE TRASACTIOS O PARALLEL AD DISTRIBUTED SYSTEMS, VOL. 9, O. 8, AUGUST 1998 813 Deterinistic Voting in Distributed Systes Using Error-Correcting Codes Lihao Xu and Jehoshua Bruck, Senior Meber, IEEE Abstract
More informationSecure Multi-Party Computation
Secure Multi-Party Computation A Short Tutorial By no means a survey! Manoj Prabhakaran :: University of Illinois at Urbana-Champaign Secure Multi-Party Computation A Short Tutorial Part I Must We Trust?
More informationUniversally Composable Two-Party and Multi-Party Secure Computation
Universally Composable Two-Party and Multi-Party Secure Computation Ran Canetti Yehuda Lindell Rafail Ostrovsky Amit Sahai July 14, 2003 Abstract We show how to securely realize any two-party and multi-party
More informationMAC schemes - Fixed-assignment schemes
MAC schees - Fixed-assignent schees M. Veeraraghavan, April 6, 04 Mediu Access Control (MAC) schees are echaniss for sharing a single link. MAC schees are essentially ultiplexing schees. For exaple, on
More informationCS 361 Meeting 8 9/24/18
CS 36 Meeting 8 9/4/8 Announceents. Hoework 3 due Friday. Review. The closure properties of regular languages provide a way to describe regular languages by building the out of sipler regular languages
More informationLeveraging Relevance Cues for Improved Spoken Document Retrieval
Leveraging Relevance Cues for Iproved Spoken Docuent Retrieval Pei-Ning Chen 1, Kuan-Yu Chen 2 and Berlin Chen 1 National Taiwan Noral University, Taiwan 1 Institute of Inforation Science, Acadeia Sinica,
More informationReal-Time Detection of Invisible Spreaders
Real-Tie Detection of Invisible Spreaders MyungKeun Yoon Shigang Chen Departent of Coputer & Inforation Science & Engineering University of Florida, Gainesville, FL 3, USA {yoon, sgchen}@cise.ufl.edu Abstract
More informationA Low-Cost Multi-Failure Resilient Replication Scheme for High Data Availability in Cloud Storage
216 IEEE 23rd International Conference on High Perforance Coputing A Low-Cost Multi-Failure Resilient Replication Schee for High Data Availability in Cloud Storage Jinwei Liu* and Haiying Shen *Departent
More informationA CRYPTANALYTIC ATTACK ON RC4 STREAM CIPHER
A CRYPTANALYTIC ATTACK ON RC4 STREAM CIPHER VIOLETA TOMAŠEVIĆ, SLOBODAN BOJANIĆ 2 and OCTAVIO NIETO-TALADRIZ 2 The Mihajlo Pupin Institute, Volgina 5, 000 Belgrade, SERBIA AND MONTENEGRO 2 Technical University
More informationDefining Multi-Party Computation
2 Defining Multi-Party Computation In this chapter, we introduce notations and conventions we will use throughout, define some basic cryptographic primitives, and provide a security definition for multi-party
More informationLecture 10, Zero Knowledge Proofs, Secure Computation
CS 4501-6501 Topics in Cryptography 30 Mar 2018 Lecture 10, Zero Knowledge Proofs, Secure Computation Lecturer: Mahmoody Scribe: Bella Vice-Van Heyde, Derrick Blakely, Bobby Andris 1 Introduction Last
More informationGeometry. The Method of the Center of Mass (mass points): Solving problems using the Law of Lever (mass points). Menelaus theorem. Pappus theorem.
Noveber 13, 2016 Geoetry. The Method of the enter of Mass (ass points): Solving probles using the Law of Lever (ass points). Menelaus theore. Pappus theore. M d Theore (Law of Lever). Masses (weights)
More informationFair Resource Allocation for Heterogeneous Tasks
Fair Resource Allocation for Heterogeneous Tasks Koyel Mukherjee, Partha utta, Gurulingesh Raravi, Thangaraj Balasubraania, Koustuv asgupta, Atul Singh Xerox Research Center India, Bangalore, India 560105
More informationMulti-Theorem Preprocessing NIZKs from Lattices
Multi-Theorem Preprocessing NIZKs from Lattices Sam Kim and David J. Wu Stanford University Soundness: x L, P Pr P, V (x) = accept = 0 No prover can convince honest verifier of false statement Proof Systems
More informationLecture 19 - Oblivious Transfer (OT) and Private Information Retrieval (PIR)
Lecture 19 - Oblivious Transfer (OT) and Private Information Retrieval (PIR) Boaz Barak November 29, 2007 Oblivious Transfer We are thinking of the following situation: we have a server and a client (or
More informationLecture 22 - Oblivious Transfer (OT) and Private Information Retrieval (PIR)
Lecture 22 - Oblivious Transfer (OT) and Private Information Retrieval (PIR) Boaz Barak December 8, 2005 Oblivious Transfer We are thinking of the following situation: we have a server and a client (or
More informationClosing The Performance Gap between Causal Consistency and Eventual Consistency
Closing The Perforance Gap between Causal Consistency and Eventual Consistency Jiaqing Du Călin Iorgulescu Aitabha Roy Willy Zwaenepoel EPFL ABSTRACT It is well known that causal consistency is ore expensive
More informationData Caching for Enhancing Anonymity
Data Caching for Enhancing Anonyity Rajiv Bagai and Bin Tang Departent of Electrical Engineering and Coputer Science Wichita State University Wichita, Kansas 67260 0083, USA Eail: {rajiv.bagai, bin.tang}@wichita.edu
More informationDetection of Outliers and Reduction of their Undesirable Effects for Improving the Accuracy of K-means Clustering Algorithm
Detection of Outliers and Reduction of their Undesirable Effects for Iproving the Accuracy of K-eans Clustering Algorith Bahan Askari Departent of Coputer Science and Research Branch, Islaic Azad University,
More informationSecure Multi-Party Computation Without Agreement
Secure Multi-Party Computation Without Agreement Shafi Goldwasser Department of Computer Science The Weizmann Institute of Science Rehovot 76100, Israel. shafi@wisdom.weizmann.ac.il Yehuda Lindell IBM
More informationCS573 Data Privacy and Security. Cryptographic Primitives and Secure Multiparty Computation. Li Xiong
CS573 Data Privacy and Security Cryptographic Primitives and Secure Multiparty Computation Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation
More informationHow Secure are. BGP Security Protocols? Sharon Goldberg Microsoft Research & Boston University. Michael Schapira. Pete Hummon AT&T Research
How Secure are NANOG 49, San Francisco Tuesday June 15 2010 BGP Security Protocols? Sharon Goldberg Microsoft Research & Boston University Michael Schapira Princeton University Yale & Berkeley Pete Huon
More informationDefining and Surveying Wireless Link Virtualization and Wireless Network Virtualization
1 Defining and Surveying Wireless Link Virtualization and Wireless Network Virtualization Jonathan van de Belt, Haed Ahadi, and Linda E. Doyle The Centre for Future Networks and Counications - CONNECT,
More informationModeling Parallel Applications Performance on Heterogeneous Systems
Modeling Parallel Applications Perforance on Heterogeneous Systes Jaeela Al-Jaroodi, Nader Mohaed, Hong Jiang and David Swanson Departent of Coputer Science and Engineering University of Nebraska Lincoln
More informationHeterogeneous Radial Basis Function Networks
Proceedings of the International Conference on Neural Networks (ICNN ), vol. 2, pp. 23-2, June. Heterogeneous Radial Basis Function Networks D. Randall Wilson, Tony R. Martinez e-ail: randy@axon.cs.byu.edu,
More informationEUROPEAN ETS TELECOMMUNICATION August 1995 STANDARD
EUROPEAN ETS 300 428 TELECOMMUNICATION August 1995 STANDARD Source: ETSI TC-NA Reference: DE/NA-052619 ICS: 33.040 Key words: B-ISDN, ATM Broadband Integrated Services Digital Network (B-ISDN); Asynchronous
More informationQoS and Sensible Routing Decisions
QoS and Sensible Routing Decisions Erol Gelenbe Dept. of Electrical & Electronic Engineering Iperial College London SW7 2BT e.gelenbe@iperial.ac.uk Abstract Network Quality of Service (QoS) criteria of
More informationOn the Computation and Application of Prototype Point Patterns
On the Coputation and Application of Prototype Point Patterns Katherine E. Tranbarger Freier 1 and Frederic Paik Schoenberg 2 Abstract This work addresses coputational probles related to the ipleentation
More informationCSA E0 312: Secure Computation October 14, Guest Lecture 2-3
CSA E0 312: Secure Computation October 14, 2015 Guest Lecture 2-3 Guest Instructor: C. Pandu Rangan Submitted by: Cressida Hamlet 1 Introduction Till now we have seen only semi-honest parties. From now
More informationIntegrating fast mobility in the OLSR routing protocol
Integrating fast obility in the OLSR routing protocol Mounir BENZAID 1,2, Pascale MINET 1 and Khaldoun AL AGHA 1,2 1 INRIA, Doaine de Voluceau - B.P.105, 78153 Le Chesnay Cedex, FRANCE ounir.benzaid, pascale.inet@inria.fr
More informationMulti Packet Reception and Network Coding
The 2010 Military Counications Conference - Unclassified Progra - etworking Protocols and Perforance Track Multi Packet Reception and etwork Coding Aran Rezaee Research Laboratory of Electronics Massachusetts
More informationControl Message Reduction Techniques in Backward Learning Ad Hoc Routing Protocols
Control Message Reduction Techniques in Backward Learning Ad Hoc Routing Protocols Navodaya Garepalli Kartik Gopalan Ping Yang Coputer Science, Binghaton University (State University of New York) Contact:
More informationWavelets for Computer Graphics: A Primer Part 1
Wavelets for Coputer Graphics: A Prier Part Eric J. Stollnitz Tony D. DeRose David H. Salesin University of Washington Introduction Wavelets are a atheatical tool for hierarchically decoposing functions.
More informationEfficient Learning of Generalized Linear and Single Index Models with Isotonic Regression
Efficient Learning of Generalized Linear and Single Index Models with Isotonic Regression Sha M. Kakade Microsoft Research and Wharton, U Penn skakade@icrosoft.co Varun Kanade SEAS, Harvard University
More informationRational Oblivious Transfer
Rational Oblivious Transfer Xiong Fan xfan@cs.umd.edu Kartik Nayak kartik1507@gmail.com May 14, 2014 Abstract Oblivious transfer is widely used in secure multiparty computation. In this paper, we propose
More informationAn Efficient Approach for Content Delivery in Overlay Networks
An Efficient Approach for Content Delivery in Overlay Networks Mohaad Malli, Chadi Barakat, Walid Dabbous Projet Planète, INRIA-Sophia Antipolis, France E-ail:{alli, cbarakat, dabbous}@sophia.inria.fr
More informationThe Boundary Between Privacy and Utility in Data Publishing
The Boundary Between Privacy and Utility in Data Publishing Vibhor Rastogi Dan Suciu Sungho Hong ABSTRACT We consider the privacy proble in data publishing: given a database instance containing sensitive
More informationMinimax Sensor Location to Monitor a Piecewise Linear Curve
NSF GRANT #040040 NSF PROGRAM NAME: Operations Research Miniax Sensor Location to Monitor a Piecewise Linear Curve To M. Cavalier The Pennsylvania State University University Par, PA 680 Whitney A. Conner
More informationCollection Selection Based on Historical Performance for Efficient Processing
Collection Selection Based on Historical Perforance for Efficient Processing Christopher T. Fallen and Gregory B. Newby Arctic Region Supercoputing Center University of Alaska Fairbanks Fairbanks, Alaska
More informationZERO KNOWLEDGE PROOFS FOR EXACT COVER AND 0-1 KNAPSACK
Proceedings of the 6th Annual ISC Graduate Research Symposium ISC-GRS 01 April 13, 01, Rolla, Missouri ZERO KNOWLEDGE PROOFS FOR EXACT COVER AND 0-1 KNAPSACK ABSTRACT Zero Knowledge Proofs (ZKPs) are interactive
More informationYuval Ishai Technion
Winter School on Bar-Ilan University, Israel 30/1/2011-1/2/2011 Bar-Ilan University Yuval Ishai Technion 1 Zero-knowledge proofs for NP [GMR85,GMW86] Bar-Ilan University Computational MPC with no honest
More informationGrading Results Total 100
University of California, Berkeley College of Engineering Departent of Electrical Engineering and Coputer Sciences Fall 2003 Instructor: Dave Patterson 2003-11-19 v1.9 CS 152 Exa #2 Solutions Personal
More informationPolynomial-Time Isomorphism of 1-L-Complete Sets
journal of coputer and syste sciences 53, 155160 (1996) article no. 0057 Polynoial-Tie Isoorphis of 1-L-Coplete Sets anindra Agrawal* and Soenath Biswas - epartent of Coputer Science and Engineering, Indian
More informationM Software management
M Software anageent This docuent is part of the UCISA Inforation Security Toolkit providing guidance on the policies and processes needed to ipleent an organisational inforation security policy. To use
More informationShortest Path Determination in a Wireless Packet Switch Network System in University of Calabar Using a Modified Dijkstra s Algorithm
International Journal of Engineering and Technical Research (IJETR) ISSN: 31-869 (O) 454-4698 (P), Volue-5, Issue-1, May 16 Shortest Path Deterination in a Wireless Packet Switch Network Syste in University
More informationGeo-activity Recommendations by using Improved Feature Combination
Geo-activity Recoendations by using Iproved Feature Cobination Masoud Sattari Middle East Technical University Ankara, Turkey e76326@ceng.etu.edu.tr Murat Manguoglu Middle East Technical University Ankara,
More informationA GRAPH-PLANARIZATION ALGORITHM AND ITS APPLICATION TO RANDOM GRAPHS
A GRAPH-PLANARIZATION ALGORITHM AND ITS APPLICATION TO RANDOM GRAPHS T. Ozawa and H. Takahashi Departent of Electrical Engineering Faculty of Engineering, Kyoto University Kyoto, Japan 606 Abstract. In
More informationEfficient Dynamic-Resharing Verifiable Secret Sharing Against Mobile Adversary
Efficient Dynamic-Resharing Verifiable Secret Sharing Against Mobile Adversary Noga Alon Zvi Galil Moti Yung March 25, 1995 Abstract We present a novel efficient variant of Verifiable Secret Sharing (VSS)
More informationDesigning High Performance Web-Based Computing Services to Promote Telemedicine Database Management System
Designing High Perforance Web-Based Coputing Services to Proote Teleedicine Database Manageent Syste Isail Hababeh 1, Issa Khalil 2, and Abdallah Khreishah 3 1: Coputer Engineering & Inforation Technology,
More informationScheduling Parallel Real-Time Recurrent Tasks on Multicore Platforms
IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL., NO., NOV 27 Scheduling Parallel Real-Tie Recurrent Tasks on Multicore Platfors Risat Pathan, Petros Voudouris, and Per Stenströ Abstract We
More informationQuantitative Comparison of Sinc-Approximating Kernels for Medical Image Interpolation
Quantitative Coparison of Sinc-Approxiating Kernels for Medical Iage Interpolation Erik H. W. Meijering, Wiro J. Niessen, Josien P. W. Plui, Max A. Viergever Iage Sciences Institute, Utrecht University
More informationAnalysing Real-Time Communications: Controller Area Network (CAN) *
Analysing Real-Tie Counications: Controller Area Network (CAN) * Abstract The increasing use of counication networks in tie critical applications presents engineers with fundaental probles with the deterination
More informationAn Overview of Active Security in Garbled Circuits
An Overview of Active Security in Garbled Circuits Author: Cesar Pereida Garcia Supervisor: Pille Pullonen Department of Mathematics and Computer Science. University of Tartu Tartu, Estonia. December 15,
More informationGrid Minors in Damaged Grids
Grid Minors in Daaged Grids David Eppstein Departent of Coputer Science University of California, Irvine Irvine, California, U.S.A. eppstein@uci.edu Subitted: Nov 7, 2013; Accepted: Jul 24, 2014; Published:
More informationOblivious Routing for Fat-Tree Based System Area Networks with Uncertain Traffic Demands
Oblivious Routing for Fat-Tree Based Syste Area Networks with Uncertain Traffic Deands Xin Yuan Wickus Nienaber Zhenhai Duan Departent of Coputer Science Florida State University Tallahassee, FL 3306 {xyuan,nienaber,duan}@cs.fsu.edu
More informationApproximate String Matching with Reduced Alphabet
Approxiate String Matching with Reduced Alphabet Leena Salela 1 and Jora Tarhio 2 1 University of Helsinki, Departent of Coputer Science leena.salela@cs.helsinki.fi 2 Aalto University Deptartent of Coputer
More informationLecture 14 Alvaro A. Cardenas Kavitha Swaminatha Nicholas Sze. 1 A Note on Adaptively-Secure NIZK. 2 The Random Oracle Model
CMSC 858K Advanced Topics in Cryptography March 11, 2004 Lecturer: Jonathan Katz Lecture 14 Scribe(s): Alvaro A. Cardenas Kavitha Swaminatha Nicholas Sze 1 A Note on Adaptively-Secure NIZK A close look
More informationFairness Versus Guaranteed Output Delivery in Secure Multiparty Computation
Fairness Versus Guaranteed Output Delivery in Secure Multiparty Computation Ran Cohen and Yehuda Lindell Department of Computer Science, Bar-Ilan University, Israel cohenrb@cs.biu.ac.il, lindell@biu.ac.il
More informationBrian Noguchi CS 229 (Fall 05) Project Final Writeup A Hierarchical Application of ICA-based Feature Extraction to Image Classification Brian Noguchi
A Hierarchical Application of ICA-based Feature Etraction to Iage Classification Introduction Iage classification poses one of the greatest challenges in the achine vision and achine learning counities.
More informationSecurity Protections for Mobile Agents
Stephen R. Tate Dept. of Computer Science and Engineering University of North Texas Talk describes joint work with Ke Xu and Vandana Gunupudi Research supported by the National Science Foundation class
More informationEffects of Interleaving on RTP Header Compression
Effects of Interleaving on RTP Header Copression Colin Perkins Jon Crowcroft Departent of Coputer Science University College London Gower Street London WCE 6BT Abstract We discuss the use of interleaving
More informationA Beam Search Method to Solve the Problem of Assignment Cells to Switches in a Cellular Mobile Network
A Bea Search Method to Solve the Proble of Assignent Cells to Switches in a Cellular Mobile Networ Cassilda Maria Ribeiro Faculdade de Engenharia de Guaratinguetá - DMA UNESP - São Paulo State University
More informationReconstruction of Time Series using Optimal Ordering of ICA Components
Reconstruction of Tie Series using Optial Ordering of ICA Coponents Ar Goneid and Abear Kael Departent of Coputer Science & Engineering, The Aerican University in Cairo, Cairo, Egypt e-ail: goneid@aucegypt.edu
More informationSecure Multi-party Computation
Secure Multi-party Computation What it is, and why you d care Manoj Prabhakaran University of Illinois, Urbana-Champaign SMC SMC SMC conceived more than 30 years back SMC SMC conceived more than 30 years
More informationI-0 Introduction. I-1 Introduction. Objectives: Quote:
I-0 Introduction Objectives: Explain necessity of parallel/ultithreaded algoriths Describe different fors of parallel processing Present coonly used architectures Introduce a few basic ters Coents: Try
More informationVerifying the structure and behavior in UML/OCL models using satisfiability solvers
IET Cyber-Physical Systes: Theory & Applications Review Article Verifying the structure and behavior in UML/OCL odels using satisfiability solvers ISSN 2398-3396 Received on 20th October 2016 Revised on
More informationOblivious Transfer from Any Non-Trivial Elastic Noisy Channel via Secret Key Agreement
Oblivious Transfer from Any Non-Trivial Elastic Noisy Channel via Secret Key Agreement Ignacio Cascudo 1, Ivan Damgård 2, Felipe Lacerda 2, and Samuel Ranellucci 2 1 Department of Mathematics, Aalborg
More informationOn Performance Bottleneck of Anonymous Communication Networks
On Perforance Bottleneck of Anonyous Counication Networks Ryan Pries, Wei Yu, Steve Graha, and Xinwen Fu Abstract Although a significant aount of effort has been directed at discovering attacks against
More informationCOLLABORATIVE BEAMFORMING FOR WIRELESS AD-HOC NETWORKS
International Journal of Coputer Science and Counication Vol. 3, No. 1, January-June 2012, pp. 181-185 COLLABORATIVE BEAMFORMING FOR WIRELESS AD-HOC NETWORKS A.H. Karode 1, S.R. Suralkar 2, Manoj Bagde
More informationImage Filter Using with Gaussian Curvature and Total Variation Model
IJECT Vo l. 7, Is s u e 3, Ju l y - Se p t 016 ISSN : 30-7109 (Online) ISSN : 30-9543 (Print) Iage Using with Gaussian Curvature and Total Variation Model 1 Deepak Kuar Gour, Sanjay Kuar Shara 1, Dept.
More informationEnhancing Real-Time CAN Communications by the Prioritization of Urgent Messages at the Outgoing Queue
Enhancing Real-Tie CAN Counications by the Prioritization of Urgent Messages at the Outgoing Queue ANTÓNIO J. PIRES (1), JOÃO P. SOUSA (), FRANCISCO VASQUES (3) 1,,3 Faculdade de Engenharia da Universidade
More informationProtocols for Multiparty Coin Toss With Dishonest Majority
Protocols for Multiparty Coin Toss With Dishonest Majority Amos Beimel 1,, Eran Omri 2,, and Ilan Orlov 1, 1 Dept. of Computer Science, Ben Gurion University, Be er Sheva, Israel 2 Dept. of Computer Science,
More informationINSERTION SORT is O(n log n)
INSERTION SORT is On log n) Michael A. Bender Martín Farach-Colton Miguel A. Mosteiro Abstract Traditional INSERTION SORT runs in On 2 ) tie because each insertion takes On) tie. When people run INSERTION
More informationSimple, Black-Box Constructions of Adaptively Secure Protocols
Simple, Black-Box Constructions of Adaptively Secure Protocols Seung Geol Choi 1, Dana Dachman-Soled 1, Tal Malkin 1, and Hoeteck Wee 2 1 Columbia University {sgchoi,dglasner,tal}@cs.columbia.edu 2 Queens
More information