[{"oa_version":"Published Version","file":[{"relation":"main_file","file_id":"7897","checksum":"b39e2e1c376f5819b823fb7077491c64","date_created":"2020-05-26T14:08:13Z","date_updated":"2020-07-14T12:48:04Z","access_level":"open_access","file_name":"2020_Thesis_Kamath.pdf","file_size":1622742,"content_type":"application/pdf","creator":"dernst"},{"access_level":"closed","file_name":"Thesis_Kamath.zip","creator":"dernst","content_type":"application/x-zip-compressed","file_size":15301529,"file_id":"7898","relation":"source_file","checksum":"8b26ba729c1a85ac6bea775f5d73cdc7","date_updated":"2020-07-14T12:48:04Z","date_created":"2020-05-26T14:08:23Z"}],"status":"public","ddc":["000"],"title":"On the average-case hardness of total search problems","_id":"7896","user_id":"c635000d-4b10-11ee-a964-aac5a93f6ac1","abstract":[{"lang":"eng","text":"A search problem lies in the complexity class FNP if a solution to the given instance of the problem can be verified efficiently. The complexity class TFNP consists of all search problems in FNP that are total in the sense that a solution is guaranteed to exist. TFNP contains a host of interesting problems from fields such as algorithmic game theory, computational topology, number theory and combinatorics. Since TFNP is a semantic class, it is unlikely to have a complete problem. Instead, one studies its syntactic subclasses which are defined based on the combinatorial principle used to argue totality. Of particular interest is the subclass PPAD, which contains important problems\r\nlike computing Nash equilibrium for bimatrix games and computational counterparts of several fixed-point theorems as complete. In the thesis, we undertake the study of averagecase hardness of TFNP, and in particular its subclass PPAD.\r\nAlmost nothing was known about average-case hardness of PPAD before a series of recent results showed how to achieve it using a cryptographic primitive called program obfuscation.\r\nHowever, it is currently not known how to construct program obfuscation from standard cryptographic assumptions. Therefore, it is desirable to relax the assumption under which average-case hardness of PPAD can be shown. In the thesis we take a step in this direction. First, we show that assuming the (average-case) hardness of a numbertheoretic\r\nproblem related to factoring of integers, which we call Iterated-Squaring, PPAD is hard-on-average in the random-oracle model. Then we strengthen this result to show that the average-case hardness of PPAD reduces to the (adaptive) soundness of the Fiat-Shamir Transform, a well-known technique used to compile a public-coin interactive protocol into a non-interactive one. As a corollary, we obtain average-case hardness for PPAD in the random-oracle model assuming the worst-case hardness of #SAT. Moreover, the above results can all be strengthened to obtain average-case hardness for the class CLS ⊆ PPAD.\r\nOur main technical contribution is constructing incrementally-verifiable procedures for computing Iterated-Squaring and #SAT. By incrementally-verifiable, we mean that every intermediate state of the computation includes a proof of its correctness, and the proof can be updated and verified in polynomial time. Previous constructions of such procedures relied on strong, non-standard assumptions. Instead, we introduce a technique called recursive proof-merging to obtain the same from weaker assumptions. "}],"alternative_title":["ISTA Thesis"],"type":"dissertation","date_published":"2020-05-25T00:00:00Z","page":"126","citation":{"short":"C. Kamath Hosdurg, On the Average-Case Hardness of Total Search Problems, Institute of Science and Technology Austria, 2020.","mla":"Kamath Hosdurg, Chethan. On the Average-Case Hardness of Total Search Problems. Institute of Science and Technology Austria, 2020, doi:10.15479/AT:ISTA:7896.","chicago":"Kamath Hosdurg, Chethan. “On the Average-Case Hardness of Total Search Problems.” Institute of Science and Technology Austria, 2020. https://doi.org/10.15479/AT:ISTA:7896.","ama":"Kamath Hosdurg C. On the average-case hardness of total search problems. 2020. doi:10.15479/AT:ISTA:7896","apa":"Kamath Hosdurg, C. (2020). On the average-case hardness of total search problems. Institute of Science and Technology Austria. https://doi.org/10.15479/AT:ISTA:7896","ieee":"C. Kamath Hosdurg, “On the average-case hardness of total search problems,” Institute of Science and Technology Austria, 2020.","ista":"Kamath Hosdurg C. 2020. On the average-case hardness of total search problems. Institute of Science and Technology Austria."},"has_accepted_license":"1","article_processing_charge":"No","day":"25","date_created":"2020-05-26T14:08:55Z","date_updated":"2023-09-07T13:15:55Z","related_material":{"record":[{"status":"public","relation":"part_of_dissertation","id":"6677"}]},"author":[{"id":"4BD3F30E-F248-11E8-B48F-1D18A9856A87","first_name":"Chethan","last_name":"Kamath Hosdurg","full_name":"Kamath Hosdurg, Chethan"}],"publisher":"Institute of Science and Technology Austria","department":[{"_id":"KrPi"}],"publication_status":"published","year":"2020","license":"https://creativecommons.org/licenses/by/4.0/","ec_funded":1,"file_date_updated":"2020-07-14T12:48:04Z","language":[{"iso":"eng"}],"supervisor":[{"full_name":"Pietrzak, Krzysztof Z","id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87","orcid":"0000-0002-9139-1654","first_name":"Krzysztof Z","last_name":"Pietrzak"}],"degree_awarded":"PhD","doi":"10.15479/AT:ISTA:7896","project":[{"call_identifier":"FP7","name":"Provable Security for Physical Cryptography","_id":"258C570E-B435-11E9-9278-68D0E5697425","grant_number":"259668"},{"_id":"258AA5B2-B435-11E9-9278-68D0E5697425","grant_number":"682815","call_identifier":"H2020","name":"Teaching Old Crypto New Tricks"}],"tmp":{"name":"Creative Commons Attribution 4.0 International Public License (CC-BY 4.0)","legal_code_url":"https://creativecommons.org/licenses/by/4.0/legalcode","short":"CC BY (4.0)","image":"/images/cc_by.png"},"oa":1,"publication_identifier":{"issn":["2663-337X"]},"month":"05"},{"user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","_id":"5887","intvolume":" 27","title":"Per-session security: Password-based cryptography revisited","status":"public","oa_version":"Preprint","type":"journal_article","issue":"1","abstract":[{"text":"Cryptographic security is usually defined as a guarantee that holds except when a bad event with negligible probability occurs, and nothing is guaranteed in that bad case. However, in settings where such failure can happen with substantial probability, one needs to provide guarantees even for the bad case. A typical example is where a (possibly weak) password is used instead of a secure cryptographic key to protect a session, the bad event being that the adversary correctly guesses the password. In a situation with multiple such sessions, a per-session guarantee is desired: any session for which the password has not been guessed remains secure, independently of whether other sessions have been compromised. A new formalism for stating such gracefully degrading security guarantees is introduced and applied to analyze the examples of password-based message authentication and password-based encryption. While a natural per-message guarantee is achieved for authentication, the situation of password-based encryption is more delicate: a per-session confidentiality guarantee only holds against attackers for which the distribution of password-guessing effort over the sessions is known in advance. In contrast, for more general attackers without such a restriction, a strong, composable notion of security cannot be achieved.","lang":"eng"}],"citation":{"mla":"Demay, Gregory, et al. “Per-Session Security: Password-Based Cryptography Revisited.” Journal of Computer Security, vol. 27, no. 1, IOS Press, 2019, pp. 75–111, doi:10.3233/JCS-181131.","short":"G. Demay, P. Gazi, U. Maurer, B. Tackmann, Journal of Computer Security 27 (2019) 75–111.","chicago":"Demay, Gregory, Peter Gazi, Ueli Maurer, and Bjorn Tackmann. “Per-Session Security: Password-Based Cryptography Revisited.” Journal of Computer Security. IOS Press, 2019. https://doi.org/10.3233/JCS-181131.","ama":"Demay G, Gazi P, Maurer U, Tackmann B. Per-session security: Password-based cryptography revisited. Journal of Computer Security. 2019;27(1):75-111. doi:10.3233/JCS-181131","ista":"Demay G, Gazi P, Maurer U, Tackmann B. 2019. Per-session security: Password-based cryptography revisited. Journal of Computer Security. 27(1), 75–111.","apa":"Demay, G., Gazi, P., Maurer, U., & Tackmann, B. (2019). Per-session security: Password-based cryptography revisited. Journal of Computer Security. IOS Press. https://doi.org/10.3233/JCS-181131","ieee":"G. Demay, P. Gazi, U. Maurer, and B. Tackmann, “Per-session security: Password-based cryptography revisited,” Journal of Computer Security, vol. 27, no. 1. IOS Press, pp. 75–111, 2019."},"publication":"Journal of Computer Security","page":"75-111","article_type":"original","date_published":"2019-01-01T00:00:00Z","scopus_import":"1","article_processing_charge":"No","day":"1","year":"2019","publisher":"IOS Press","department":[{"_id":"KrPi"}],"publication_status":"published","author":[{"first_name":"Gregory","last_name":"Demay","full_name":"Demay, Gregory"},{"id":"3E0BFE38-F248-11E8-B48F-1D18A9856A87","first_name":"Peter","last_name":"Gazi","full_name":"Gazi, Peter"},{"last_name":"Maurer","first_name":"Ueli","full_name":"Maurer, Ueli"},{"full_name":"Tackmann, Bjorn","first_name":"Bjorn","last_name":"Tackmann"}],"volume":27,"date_updated":"2021-01-12T08:05:08Z","date_created":"2019-01-27T22:59:10Z","ec_funded":1,"main_file_link":[{"url":"https://eprint.iacr.org/2016/166","open_access":"1"}],"oa":1,"project":[{"grant_number":"682815","_id":"258AA5B2-B435-11E9-9278-68D0E5697425","call_identifier":"H2020","name":"Teaching Old Crypto New Tricks"}],"quality_controlled":"1","doi":"10.3233/JCS-181131","language":[{"iso":"eng"}],"publication_identifier":{"issn":["0926227X"]},"month":"01"},{"language":[{"iso":"eng"}],"conference":{"name":"ITCS 2019: Innovations in Theoretical Computer Science","location":"San Diego, CA, United States","start_date":"2019-01-10","end_date":"2019-01-12"},"doi":"10.4230/LIPICS.ITCS.2019.60","quality_controlled":"1","project":[{"grant_number":"682815","_id":"258AA5B2-B435-11E9-9278-68D0E5697425","call_identifier":"H2020","name":"Teaching Old Crypto New Tricks"}],"tmp":{"name":"Creative Commons Attribution 4.0 International Public License (CC-BY 4.0)","legal_code_url":"https://creativecommons.org/licenses/by/4.0/legalcode","short":"CC BY (4.0)","image":"/images/cc_by.png"},"oa":1,"main_file_link":[{"url":"https://eprint.iacr.org/2018/627","open_access":"1"}],"month":"01","publication_identifier":{"isbn":["978-3-95977-095-8"],"issn":["1868-8969"]},"date_created":"2019-06-06T14:12:36Z","date_updated":"2021-01-12T08:07:53Z","volume":124,"author":[{"id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87","orcid":"0000-0002-9139-1654","first_name":"Krzysztof Z","last_name":"Pietrzak","full_name":"Pietrzak, Krzysztof Z"}],"publication_status":"published","publisher":"Schloss Dagstuhl - Leibniz-Zentrum für Informatik","department":[{"_id":"KrPi"}],"year":"2019","file_date_updated":"2020-07-14T12:47:33Z","ec_funded":1,"article_number":"60","date_published":"2019-01-10T00:00:00Z","publication":"10th Innovations in Theoretical Computer Science Conference","citation":{"ama":"Pietrzak KZ. Simple verifiable delay functions. In: 10th Innovations in Theoretical Computer Science Conference. Vol 124. Schloss Dagstuhl - Leibniz-Zentrum für Informatik; 2019. doi:10.4230/LIPICS.ITCS.2019.60","apa":"Pietrzak, K. Z. (2019). Simple verifiable delay functions. In 10th Innovations in Theoretical Computer Science Conference (Vol. 124). San Diego, CA, United States: Schloss Dagstuhl - Leibniz-Zentrum für Informatik. https://doi.org/10.4230/LIPICS.ITCS.2019.60","ieee":"K. Z. Pietrzak, “Simple verifiable delay functions,” in 10th Innovations in Theoretical Computer Science Conference, San Diego, CA, United States, 2019, vol. 124.","ista":"Pietrzak KZ. 2019. Simple verifiable delay functions. 10th Innovations in Theoretical Computer Science Conference. ITCS 2019: Innovations in Theoretical Computer Science, LIPIcs, vol. 124, 60.","short":"K.Z. Pietrzak, in:, 10th Innovations in Theoretical Computer Science Conference, Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 2019.","mla":"Pietrzak, Krzysztof Z. “Simple Verifiable Delay Functions.” 10th Innovations in Theoretical Computer Science Conference, vol. 124, 60, Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 2019, doi:10.4230/LIPICS.ITCS.2019.60.","chicago":"Pietrzak, Krzysztof Z. “Simple Verifiable Delay Functions.” In 10th Innovations in Theoretical Computer Science Conference, Vol. 124. Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 2019. https://doi.org/10.4230/LIPICS.ITCS.2019.60."},"day":"10","has_accepted_license":"1","article_processing_charge":"No","scopus_import":1,"file":[{"checksum":"f0ae1bb161431d9db3dea5ace082bfb5","date_created":"2019-06-06T14:22:04Z","date_updated":"2020-07-14T12:47:33Z","relation":"main_file","file_id":"6529","file_size":558770,"content_type":"application/pdf","creator":"dernst","access_level":"open_access","file_name":"2019_LIPIcs_Pietrzak.pdf"}],"oa_version":"Published Version","ddc":["000"],"title":"Simple verifiable delay functions","status":"public","intvolume":" 124","_id":"6528","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","abstract":[{"lang":"eng","text":"We construct a verifiable delay function (VDF) by showing how the Rivest-Shamir-Wagner time-lock puzzle can be made publicly verifiable. Concretely, we give a statistically sound public-coin protocol to prove that a tuple (N,x,T,y) satisfies y=x2T (mod N) where the prover doesn’t know the factorization of N and its running time is dominated by solving the puzzle, that is, compute x2T, which is conjectured to require T sequential squarings. To get a VDF we make this protocol non-interactive using the Fiat-Shamir heuristic.The motivation for this work comes from the Chia blockchain design, which uses a VDF as akey ingredient. For typical parameters (T≤2 40, N= 2048), our proofs are of size around 10K B, verification cost around three RSA exponentiations and computing the proof is 8000 times faster than solving the puzzle even without any parallelism."}],"alternative_title":["LIPIcs"],"type":"conference"},{"ec_funded":1,"place":"Cham","date_created":"2019-07-29T12:25:31Z","date_updated":"2023-02-23T12:50:15Z","volume":11627,"author":[{"id":"488F98B0-F248-11E8-B48F-1D18A9856A87","orcid":"0000-0003-3186-2482","first_name":"Michael","last_name":"Walter","full_name":"Walter, Michael"}],"publication_status":"published","department":[{"_id":"KrPi"}],"editor":[{"first_name":"J","last_name":"Buchmann","full_name":"Buchmann, J"},{"full_name":"Nitaj, A","last_name":"Nitaj","first_name":"A"},{"first_name":"T","last_name":"Rachidi","full_name":"Rachidi, T"}],"publisher":"Springer Nature","year":"2019","month":"06","publication_identifier":{"issn":["0302-9743","1611-3349"],"eisbn":["978-3-0302-3696-0"],"isbn":["978-3-0302-3695-3"]},"language":[{"iso":"eng"}],"conference":{"end_date":"2019-07-11","location":"Rabat, Morocco","start_date":"2019-07-09","name":"AFRICACRYPT: International Conference on Cryptology in Africa"},"doi":"10.1007/978-3-030-23696-0_9","quality_controlled":"1","project":[{"call_identifier":"H2020","name":"Teaching Old Crypto New Tricks","grant_number":"682815","_id":"258AA5B2-B435-11E9-9278-68D0E5697425"}],"main_file_link":[{"url":"https://eprint.iacr.org/2019/068","open_access":"1"}],"oa":1,"abstract":[{"lang":"eng","text":"Randomness is an essential part of any secure cryptosystem, but many constructions rely on distributions that are not uniform. This is particularly true for lattice based cryptosystems, which more often than not make use of discrete Gaussian distributions over the integers. For practical purposes it is crucial to evaluate the impact that approximation errors have on the security of a scheme to provide the best possible trade-off between security and performance. Recent years have seen surprising results allowing to use relatively low precision while maintaining high levels of security. A key insight in these results is that sampling a distribution with low relative error can provide very strong security guarantees. Since floating point numbers provide guarantees on the relative approximation error, they seem a suitable tool in this setting, but it is not obvious which sampling algorithms can actually profit from them. While previous works have shown that inversion sampling can be adapted to provide a low relative error (Pöppelmann et al., CHES 2014; Prest, ASIACRYPT 2017), other works have called into question if this is possible for other sampling techniques (Zheng et al., Eprint report 2018/309). In this work, we consider all sampling algorithms that are popular in the cryptographic setting and analyze the relationship of floating point precision and the resulting relative error. We show that all of the algorithms either natively achieve a low relative error or can be adapted to do so."}],"type":"book_chapter","oa_version":"Preprint","title":"Sampling the integers with low relative error","status":"public","intvolume":" 11627","user_id":"8b945eb4-e2f2-11eb-945a-df72226e66a9","_id":"6726","day":"29","article_processing_charge":"No","series_title":"LNCS","scopus_import":"1","date_published":"2019-06-29T00:00:00Z","page":"157-180","publication":"Progress in Cryptology – AFRICACRYPT 2019","citation":{"mla":"Walter, Michael. “Sampling the Integers with Low Relative Error.” Progress in Cryptology – AFRICACRYPT 2019, edited by J Buchmann et al., vol. 11627, Springer Nature, 2019, pp. 157–80, doi:10.1007/978-3-030-23696-0_9.","short":"M. Walter, in:, J. Buchmann, A. Nitaj, T. Rachidi (Eds.), Progress in Cryptology – AFRICACRYPT 2019, Springer Nature, Cham, 2019, pp. 157–180.","chicago":"Walter, Michael. “Sampling the Integers with Low Relative Error.” In Progress in Cryptology – AFRICACRYPT 2019, edited by J Buchmann, A Nitaj, and T Rachidi, 11627:157–80. LNCS. Cham: Springer Nature, 2019. https://doi.org/10.1007/978-3-030-23696-0_9.","ama":"Walter M. Sampling the integers with low relative error. In: Buchmann J, Nitaj A, Rachidi T, eds. Progress in Cryptology – AFRICACRYPT 2019. Vol 11627. LNCS. Cham: Springer Nature; 2019:157-180. doi:10.1007/978-3-030-23696-0_9","ista":"Walter M. 2019.Sampling the integers with low relative error. In: Progress in Cryptology – AFRICACRYPT 2019. vol. 11627, 157–180.","apa":"Walter, M. (2019). Sampling the integers with low relative error. In J. Buchmann, A. Nitaj, & T. Rachidi (Eds.), Progress in Cryptology – AFRICACRYPT 2019 (Vol. 11627, pp. 157–180). Cham: Springer Nature. https://doi.org/10.1007/978-3-030-23696-0_9","ieee":"M. Walter, “Sampling the integers with low relative error,” in Progress in Cryptology – AFRICACRYPT 2019, vol. 11627, J. Buchmann, A. Nitaj, and T. Rachidi, Eds. Cham: Springer Nature, 2019, pp. 157–180."}},{"publication_identifier":{"isbn":["9781538692912"]},"month":"07","language":[{"iso":"eng"}],"doi":"10.1109/isit.2019.8849240","conference":{"location":"Paris, France","start_date":"2019-07-07","end_date":"2019-07-12","name":"ISIT: International Symposium on Information Theory"},"isi":1,"quality_controlled":"1","main_file_link":[{"open_access":"1","url":"https://arxiv.org/abs/1702.08476"}],"oa":1,"external_id":{"isi":["000489100301043"],"arxiv":["1702.08476"]},"article_number":"8849240","date_created":"2019-11-28T10:19:21Z","date_updated":"2023-09-06T11:15:41Z","author":[{"id":"EC09FA6A-02D0-11E9-8223-86B7C91467DD","last_name":"Skórski","first_name":"Maciej","full_name":"Skórski, Maciej"}],"department":[{"_id":"KrPi"}],"publisher":"IEEE","publication_status":"published","year":"2019","article_processing_charge":"No","day":"01","scopus_import":"1","date_published":"2019-07-01T00:00:00Z","citation":{"ama":"Skórski M. Strong chain rules for min-entropy under few bits spoiled. In: 2019 IEEE International Symposium on Information Theory. IEEE; 2019. doi:10.1109/isit.2019.8849240","ista":"Skórski M. 2019. Strong chain rules for min-entropy under few bits spoiled. 2019 IEEE International Symposium on Information Theory. ISIT: International Symposium on Information Theory, 8849240.","apa":"Skórski, M. (2019). Strong chain rules for min-entropy under few bits spoiled. In 2019 IEEE International Symposium on Information Theory. Paris, France: IEEE. https://doi.org/10.1109/isit.2019.8849240","ieee":"M. Skórski, “Strong chain rules for min-entropy under few bits spoiled,” in 2019 IEEE International Symposium on Information Theory, Paris, France, 2019.","mla":"Skórski, Maciej. “Strong Chain Rules for Min-Entropy under Few Bits Spoiled.” 2019 IEEE International Symposium on Information Theory, 8849240, IEEE, 2019, doi:10.1109/isit.2019.8849240.","short":"M. Skórski, in:, 2019 IEEE International Symposium on Information Theory, IEEE, 2019.","chicago":"Skórski, Maciej. “Strong Chain Rules for Min-Entropy under Few Bits Spoiled.” In 2019 IEEE International Symposium on Information Theory. IEEE, 2019. https://doi.org/10.1109/isit.2019.8849240."},"publication":"2019 IEEE International Symposium on Information Theory","abstract":[{"text":"It is well established that the notion of min-entropy fails to satisfy the \\emph{chain rule} of the form H(X,Y)=H(X|Y)+H(Y), known for Shannon Entropy. Such a property would help to analyze how min-entropy is split among smaller blocks. Problems of this kind arise for example when constructing extractors and dispersers.\r\nWe show that any sequence of variables exhibits a very strong strong block-source structure (conditional distributions of blocks are nearly flat) when we \\emph{spoil few correlated bits}. This implies, conditioned on the spoiled bits, that \\emph{splitting-recombination properties} hold. In particular, we have many nice properties that min-entropy doesn't obey in general, for example strong chain rules, \"information can't hurt\" inequalities, equivalences of average and worst-case conditional entropy definitions and others. Quantitatively, for any sequence X1,…,Xt of random variables over an alphabet X we prove that, when conditioned on m=t⋅O(loglog|X|+loglog(1/ϵ)+logt) bits of auxiliary information, all conditional distributions of the form Xi|XAdvances in Cryptology – EUROCRYPT 2019, 11477:277–91. Springer International Publishing, 2019. https://doi.org/10.1007/978-3-030-17656-3_10.","short":"H.M. Abusalah, C. Kamath Hosdurg, K. Klein, K.Z. Pietrzak, M. Walter, in:, Advances in Cryptology – EUROCRYPT 2019, Springer International Publishing, 2019, pp. 277–291.","mla":"Abusalah, Hamza M., et al. “Reversible Proofs of Sequential Work.” Advances in Cryptology – EUROCRYPT 2019, vol. 11477, Springer International Publishing, 2019, pp. 277–91, doi:10.1007/978-3-030-17656-3_10.","ieee":"H. M. Abusalah, C. Kamath Hosdurg, K. Klein, K. Z. Pietrzak, and M. Walter, “Reversible proofs of sequential work,” in Advances in Cryptology – EUROCRYPT 2019, Darmstadt, Germany, 2019, vol. 11477, pp. 277–291.","apa":"Abusalah, H. M., Kamath Hosdurg, C., Klein, K., Pietrzak, K. Z., & Walter, M. (2019). Reversible proofs of sequential work. In Advances in Cryptology – EUROCRYPT 2019 (Vol. 11477, pp. 277–291). Darmstadt, Germany: Springer International Publishing. https://doi.org/10.1007/978-3-030-17656-3_10","ista":"Abusalah HM, Kamath Hosdurg C, Klein K, Pietrzak KZ, Walter M. 2019. Reversible proofs of sequential work. Advances in Cryptology – EUROCRYPT 2019. International Conference on the Theory and Applications of Cryptographic Techniques, LNCS, vol. 11477, 277–291.","ama":"Abusalah HM, Kamath Hosdurg C, Klein K, Pietrzak KZ, Walter M. Reversible proofs of sequential work. In: Advances in Cryptology – EUROCRYPT 2019. Vol 11477. Springer International Publishing; 2019:277-291. doi:10.1007/978-3-030-17656-3_10"},"page":"277-291","day":"24","article_processing_charge":"No","scopus_import":"1","author":[{"first_name":"Hamza M","last_name":"Abusalah","id":"40297222-F248-11E8-B48F-1D18A9856A87","full_name":"Abusalah, Hamza M"},{"first_name":"Chethan","last_name":"Kamath Hosdurg","id":"4BD3F30E-F248-11E8-B48F-1D18A9856A87","full_name":"Kamath Hosdurg, Chethan"},{"full_name":"Klein, Karen","first_name":"Karen","last_name":"Klein","id":"3E83A2F8-F248-11E8-B48F-1D18A9856A87"},{"full_name":"Pietrzak, Krzysztof Z","first_name":"Krzysztof Z","last_name":"Pietrzak","id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87","orcid":"0000-0002-9139-1654"},{"full_name":"Walter, Michael","last_name":"Walter","first_name":"Michael","orcid":"0000-0003-3186-2482","id":"488F98B0-F248-11E8-B48F-1D18A9856A87"}],"date_created":"2020-01-30T09:26:14Z","date_updated":"2023-09-06T15:26:06Z","volume":11477,"year":"2019","publication_status":"published","department":[{"_id":"KrPi"}],"publisher":"Springer International Publishing","ec_funded":1,"conference":{"end_date":"2019-05-23","location":"Darmstadt, Germany","start_date":"2019-05-19","name":"International Conference on the Theory and Applications of Cryptographic Techniques"},"doi":"10.1007/978-3-030-17656-3_10","language":[{"iso":"eng"}],"main_file_link":[{"url":"https://eprint.iacr.org/2019/252","open_access":"1"}],"external_id":{"isi":["000483516200010"]},"oa":1,"quality_controlled":"1","isi":1,"project":[{"name":"Teaching Old Crypto New Tricks","call_identifier":"H2020","grant_number":"682815","_id":"258AA5B2-B435-11E9-9278-68D0E5697425"}],"month":"04","publication_identifier":{"eissn":["1611-3349"],"isbn":["9783030176556","9783030176563"],"issn":["0302-9743"]}},{"related_material":{"record":[{"status":"public","relation":"dissertation_contains","id":"7896"}]},"author":[{"full_name":"Choudhuri, Arka Rai","last_name":"Choudhuri","first_name":"Arka Rai"},{"last_name":"Hubáček","first_name":"Pavel","full_name":"Hubáček, Pavel"},{"full_name":"Kamath Hosdurg, Chethan","last_name":"Kamath Hosdurg","first_name":"Chethan","id":"4BD3F30E-F248-11E8-B48F-1D18A9856A87"},{"full_name":"Pietrzak, Krzysztof Z","first_name":"Krzysztof Z","last_name":"Pietrzak","id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87","orcid":"0000-0002-9139-1654"},{"full_name":"Rosen, Alon","first_name":"Alon","last_name":"Rosen"},{"last_name":"Rothblum","first_name":"Guy N.","full_name":"Rothblum, Guy N."}],"date_updated":"2023-09-07T13:15:55Z","date_created":"2019-07-24T09:20:53Z","year":"2019","publisher":"ACM Press","department":[{"_id":"KrPi"}],"publication_status":"published","ec_funded":1,"doi":"10.1145/3313276.3316400","conference":{"start_date":"2019-06-23","location":"Phoenix, AZ, United States","end_date":"2019-06-26","name":"STOC: Symposium on Theory of Computing"},"language":[{"iso":"eng"}],"external_id":{"isi":["000523199100100"]},"main_file_link":[{"url":"https://eprint.iacr.org/2019/549","open_access":"1"}],"oa":1,"project":[{"name":"Teaching Old Crypto New Tricks","call_identifier":"H2020","_id":"258AA5B2-B435-11E9-9278-68D0E5697425","grant_number":"682815"}],"quality_controlled":"1","isi":1,"publication_identifier":{"isbn":["9781450367059"]},"month":"06","oa_version":"Preprint","user_id":"4359f0d1-fa6c-11eb-b949-802e58b17ae8","_id":"6677","title":"Finding a Nash equilibrium is no easier than breaking Fiat-Shamir","status":"public","abstract":[{"lang":"eng","text":"The Fiat-Shamir heuristic transforms a public-coin interactive proof into a non-interactive argument, by replacing the verifier with a cryptographic hash function that is applied to the protocol’s transcript. Constructing hash functions for which this transformation is sound is a central and long-standing open question in cryptography.\r\n\r\nWe show that solving the END−OF−METERED−LINE problem is no easier than breaking the soundness of the Fiat-Shamir transformation when applied to the sumcheck protocol. In particular, if the transformed protocol is sound, then any hard problem in #P gives rise to a hard distribution in the class CLS, which is contained in PPAD. Our result opens up the possibility of sampling moderately-sized games for which it is hard to find a Nash equilibrium, by reducing the inversion of appropriately chosen one-way functions to #SAT.\r\n\r\nOur main technical contribution is a stateful incrementally verifiable procedure that, given a SAT instance over n variables, counts the number of satisfying assignments. This is accomplished via an exponential sequence of small steps, each computable in time poly(n). Incremental verifiability means that each intermediate state includes a sumcheck-based proof of its correctness, and the proof can be updated and verified in time poly(n)."}],"type":"conference","date_published":"2019-06-01T00:00:00Z","citation":{"ama":"Choudhuri AR, Hubáček P, Kamath Hosdurg C, Pietrzak KZ, Rosen A, Rothblum GN. Finding a Nash equilibrium is no easier than breaking Fiat-Shamir. In: Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing - STOC 2019. ACM Press; 2019:1103-1114. doi:10.1145/3313276.3316400","ista":"Choudhuri AR, Hubáček P, Kamath Hosdurg C, Pietrzak KZ, Rosen A, Rothblum GN. 2019. Finding a Nash equilibrium is no easier than breaking Fiat-Shamir. Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing - STOC 2019. STOC: Symposium on Theory of Computing, 1103–1114.","ieee":"A. R. Choudhuri, P. Hubáček, C. Kamath Hosdurg, K. Z. Pietrzak, A. Rosen, and G. N. Rothblum, “Finding a Nash equilibrium is no easier than breaking Fiat-Shamir,” in Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing - STOC 2019, Phoenix, AZ, United States, 2019, pp. 1103–1114.","apa":"Choudhuri, A. R., Hubáček, P., Kamath Hosdurg, C., Pietrzak, K. Z., Rosen, A., & Rothblum, G. N. (2019). Finding a Nash equilibrium is no easier than breaking Fiat-Shamir. In Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing - STOC 2019 (pp. 1103–1114). Phoenix, AZ, United States: ACM Press. https://doi.org/10.1145/3313276.3316400","mla":"Choudhuri, Arka Rai, et al. “Finding a Nash Equilibrium Is No Easier than Breaking Fiat-Shamir.” Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing - STOC 2019, ACM Press, 2019, pp. 1103–14, doi:10.1145/3313276.3316400.","short":"A.R. Choudhuri, P. Hubáček, C. Kamath Hosdurg, K.Z. Pietrzak, A. Rosen, G.N. Rothblum, in:, Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing - STOC 2019, ACM Press, 2019, pp. 1103–1114.","chicago":"Choudhuri, Arka Rai, Pavel Hubáček, Chethan Kamath Hosdurg, Krzysztof Z Pietrzak, Alon Rosen, and Guy N. Rothblum. “Finding a Nash Equilibrium Is No Easier than Breaking Fiat-Shamir.” In Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing - STOC 2019, 1103–14. ACM Press, 2019. https://doi.org/10.1145/3313276.3316400."},"publication":"Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing - STOC 2019","page":"1103-1114","article_processing_charge":"No","day":"01","scopus_import":"1"},{"title":"Adaptively secure proxy re-encryption","status":"public","intvolume":" 11443","user_id":"c635000d-4b10-11ee-a964-aac5a93f6ac1","_id":"6430","oa_version":"Preprint","alternative_title":["LNCS"],"type":"conference","abstract":[{"text":"A proxy re-encryption (PRE) scheme is a public-key encryption scheme that allows the holder of a key pk to derive a re-encryption key for any other key 𝑝𝑘′. This re-encryption key lets anyone transform ciphertexts under pk into ciphertexts under 𝑝𝑘′ without having to know the underlying message, while transformations from 𝑝𝑘′ to pk should not be possible (unidirectional). Security is defined in a multi-user setting against an adversary that gets the users’ public keys and can ask for re-encryption keys and can corrupt users by requesting their secret keys. Any ciphertext that the adversary cannot trivially decrypt given the obtained secret and re-encryption keys should be secure.\r\n\r\nAll existing security proofs for PRE only show selective security, where the adversary must first declare the users it wants to corrupt. This can be lifted to more meaningful adaptive security by guessing the set of corrupted users among the n users, which loses a factor exponential in Open image in new window , rendering the result meaningless already for moderate Open image in new window .\r\n\r\nJafargholi et al. (CRYPTO’17) proposed a framework that in some cases allows to give adaptive security proofs for schemes which were previously only known to be selectively secure, while avoiding the exponential loss that results from guessing the adaptive choices made by an adversary. We apply their framework to PREs that satisfy some natural additional properties. Concretely, we give a more fine-grained reduction for several unidirectional PREs, proving adaptive security at a much smaller loss. The loss depends on the graph of users whose edges represent the re-encryption keys queried by the adversary. For trees and chains the loss is quasi-polynomial in the size and for general graphs it is exponential in their depth and indegree (instead of their size as for previous reductions). Fortunately, trees and low-depth graphs cover many, if not most, interesting applications.\r\n\r\nOur results apply e.g. to the bilinear-map based PRE schemes by Ateniese et al. (NDSS’05 and CT-RSA’09), Gentry’s FHE-based scheme (STOC’09) and the LWE-based scheme by Chandran et al. (PKC’14).","lang":"eng"}],"page":"317-346","citation":{"ama":"Fuchsbauer G, Kamath Hosdurg C, Klein K, Pietrzak KZ. Adaptively secure proxy re-encryption. In: Vol 11443. Springer Nature; 2019:317-346. doi:10.1007/978-3-030-17259-6_11","ista":"Fuchsbauer G, Kamath Hosdurg C, Klein K, Pietrzak KZ. 2019. Adaptively secure proxy re-encryption. PKC: Public-Key Cryptograhy, LNCS, vol. 11443, 317–346.","apa":"Fuchsbauer, G., Kamath Hosdurg, C., Klein, K., & Pietrzak, K. Z. (2019). Adaptively secure proxy re-encryption (Vol. 11443, pp. 317–346). Presented at the PKC: Public-Key Cryptograhy, Beijing, China: Springer Nature. https://doi.org/10.1007/978-3-030-17259-6_11","ieee":"G. Fuchsbauer, C. Kamath Hosdurg, K. Klein, and K. Z. Pietrzak, “Adaptively secure proxy re-encryption,” presented at the PKC: Public-Key Cryptograhy, Beijing, China, 2019, vol. 11443, pp. 317–346.","mla":"Fuchsbauer, Georg, et al. Adaptively Secure Proxy Re-Encryption. Vol. 11443, Springer Nature, 2019, pp. 317–46, doi:10.1007/978-3-030-17259-6_11.","short":"G. Fuchsbauer, C. Kamath Hosdurg, K. Klein, K.Z. Pietrzak, in:, Springer Nature, 2019, pp. 317–346.","chicago":"Fuchsbauer, Georg, Chethan Kamath Hosdurg, Karen Klein, and Krzysztof Z Pietrzak. “Adaptively Secure Proxy Re-Encryption,” 11443:317–46. Springer Nature, 2019. https://doi.org/10.1007/978-3-030-17259-6_11."},"date_published":"2019-04-06T00:00:00Z","scopus_import":"1","day":"06","article_processing_charge":"No","publication_status":"published","department":[{"_id":"KrPi"}],"publisher":"Springer Nature","year":"2019","date_updated":"2023-09-08T11:33:20Z","date_created":"2019-05-13T08:13:46Z","volume":11443,"author":[{"full_name":"Fuchsbauer, Georg","id":"46B4C3EE-F248-11E8-B48F-1D18A9856A87","last_name":"Fuchsbauer","first_name":"Georg"},{"full_name":"Kamath Hosdurg, Chethan","first_name":"Chethan","last_name":"Kamath Hosdurg","id":"4BD3F30E-F248-11E8-B48F-1D18A9856A87"},{"full_name":"Klein, Karen","last_name":"Klein","first_name":"Karen","id":"3E83A2F8-F248-11E8-B48F-1D18A9856A87"},{"orcid":"0000-0002-9139-1654","id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87","last_name":"Pietrzak","first_name":"Krzysztof Z","full_name":"Pietrzak, Krzysztof Z"}],"related_material":{"record":[{"id":"10035","status":"public","relation":"dissertation_contains"}]},"ec_funded":1,"quality_controlled":"1","project":[{"grant_number":"682815","_id":"258AA5B2-B435-11E9-9278-68D0E5697425","call_identifier":"H2020","name":"Teaching Old Crypto New Tricks"}],"oa":1,"main_file_link":[{"open_access":"1","url":"https://eprint.iacr.org/2018/426"}],"language":[{"iso":"eng"}],"conference":{"end_date":"2019-04-17","start_date":"2019-04-14","location":"Beijing, China","name":"PKC: Public-Key Cryptograhy"},"doi":"10.1007/978-3-030-17259-6_11","month":"04","publication_identifier":{"issn":["03029743"],"eissn":["16113349"],"isbn":["9783030172589"]}},{"oa_version":"Published Version","file":[{"relation":"main_file","file_id":"10289","checksum":"b816b848f046c48a8357700d9305dce5","success":1,"date_updated":"2021-11-15T10:27:29Z","date_created":"2021-11-15T10:27:29Z","access_level":"open_access","file_name":"2018_IACR_Allini.pdf","content_type":"application/pdf","file_size":955755,"creator":"cchlebak"}],"title":"Evaluation and monitoring of free running oscillators serving as source of randomness","status":"public","ddc":["000"],"intvolume":" 2018","_id":"10286","user_id":"8b945eb4-e2f2-11eb-945a-df72226e66a9","abstract":[{"lang":"eng","text":"In this paper, we evaluate clock signals generated in ring oscillators and self-timed rings and the way their jitter can be transformed into random numbers. We show that counting the periods of the jittery clock signal produces random numbers of significantly better quality than the methods in which the jittery signal is simply sampled (the case in almost all current methods). Moreover, we use the counter values to characterize and continuously monitor the source of randomness. However, instead of using the widely used statistical variance, we propose to use Allan variance to do so. There are two main advantages: Allan variance is insensitive to low frequency noises such as flicker noise that are known to be autocorrelated and significantly less circuitry is required for its computation than that used to compute commonly used variance. We also show that it is essential to use a differential principle of randomness extraction from the jitter based on the use of two identical oscillators to avoid autocorrelations originating from external and internal global jitter sources and that this fact is valid for both kinds of rings. Last but not least, we propose a method of statistical testing based on high order Markov model to show the reduced dependencies when the proposed randomness extraction is applied."}],"issue":"3","type":"journal_article","date_published":"2018-01-01T00:00:00Z","article_type":"original","page":"214-242","publication":"IACR Transactions on Cryptographic Hardware and Embedded Systems","citation":{"short":"E.N. Allini, M. Skórski, O. Petura, F. Bernard, M. Laban, V. Fischer, IACR Transactions on Cryptographic Hardware and Embedded Systems 2018 (2018) 214–242.","mla":"Allini, Elie Noumon, et al. “Evaluation and Monitoring of Free Running Oscillators Serving as Source of Randomness.” IACR Transactions on Cryptographic Hardware and Embedded Systems, vol. 2018, no. 3, International Association for Cryptologic Research, 2018, pp. 214–42, doi:10.13154/tches.v2018.i3.214-242.","chicago":"Allini, Elie Noumon, Maciej Skórski, Oto Petura, Florent Bernard, Marek Laban, and Viktor Fischer. “Evaluation and Monitoring of Free Running Oscillators Serving as Source of Randomness.” IACR Transactions on Cryptographic Hardware and Embedded Systems. International Association for Cryptologic Research, 2018. https://doi.org/10.13154/tches.v2018.i3.214-242.","ama":"Allini EN, Skórski M, Petura O, Bernard F, Laban M, Fischer V. Evaluation and monitoring of free running oscillators serving as source of randomness. IACR Transactions on Cryptographic Hardware and Embedded Systems. 2018;2018(3):214-242. doi:10.13154/tches.v2018.i3.214-242","ieee":"E. N. Allini, M. Skórski, O. Petura, F. Bernard, M. Laban, and V. Fischer, “Evaluation and monitoring of free running oscillators serving as source of randomness,” IACR Transactions on Cryptographic Hardware and Embedded Systems, vol. 2018, no. 3. International Association for Cryptologic Research, pp. 214–242, 2018.","apa":"Allini, E. N., Skórski, M., Petura, O., Bernard, F., Laban, M., & Fischer, V. (2018). Evaluation and monitoring of free running oscillators serving as source of randomness. IACR Transactions on Cryptographic Hardware and Embedded Systems. International Association for Cryptologic Research. https://doi.org/10.13154/tches.v2018.i3.214-242","ista":"Allini EN, Skórski M, Petura O, Bernard F, Laban M, Fischer V. 2018. Evaluation and monitoring of free running oscillators serving as source of randomness. IACR Transactions on Cryptographic Hardware and Embedded Systems. 2018(3), 214–242."},"day":"01","has_accepted_license":"1","article_processing_charge":"No","scopus_import":"1","date_updated":"2021-11-15T10:48:49Z","date_created":"2021-11-14T23:01:25Z","volume":2018,"author":[{"first_name":"Elie Noumon","last_name":"Allini","full_name":"Allini, Elie Noumon"},{"full_name":"Skórski, Maciej","id":"EC09FA6A-02D0-11E9-8223-86B7C91467DD","last_name":"Skórski","first_name":"Maciej"},{"first_name":"Oto","last_name":"Petura","full_name":"Petura, Oto"},{"full_name":"Bernard, Florent","last_name":"Bernard","first_name":"Florent"},{"full_name":"Laban, Marek","last_name":"Laban","first_name":"Marek"},{"last_name":"Fischer","first_name":"Viktor","full_name":"Fischer, Viktor"}],"publication_status":"published","publisher":"International Association for Cryptologic Research","department":[{"_id":"KrPi"}],"year":"2018","file_date_updated":"2021-11-15T10:27:29Z","language":[{"iso":"eng"}],"doi":"10.13154/tches.v2018.i3.214-242","quality_controlled":"1","tmp":{"name":"Creative Commons Attribution 4.0 International Public License (CC-BY 4.0)","legal_code_url":"https://creativecommons.org/licenses/by/4.0/legalcode","short":"CC BY (4.0)","image":"/images/cc_by.png"},"oa":1,"month":"01","publication_identifier":{"eissn":["2569-2925"]}},{"abstract":[{"lang":"eng","text":"Proofs of space (PoS) [Dziembowski et al., CRYPTO'15] are proof systems where a prover can convince a verifier that he \"wastes\" disk space. PoS were introduced as a more ecological and economical replacement for proofs of work which are currently used to secure blockchains like Bitcoin. In this work we investigate extensions of PoS which allow the prover to embed useful data into the dedicated space, which later can be recovered. Our first contribution is a security proof for the original PoS from CRYPTO'15 in the random oracle model (the original proof only applied to a restricted class of adversaries which can store a subset of the data an honest prover would store). When this PoS is instantiated with recent constructions of maximally depth robust graphs, our proof implies basically optimal security. As a second contribution we show three different extensions of this PoS where useful data can be embedded into the space required by the prover. Our security proof for the PoS extends (non-trivially) to these constructions. We discuss how some of these variants can be used as proofs of catalytic space (PoCS), a notion we put forward in this work, and which basically is a PoS where most of the space required by the prover can be used to backup useful data. Finally we discuss how one of the extensions is a candidate construction for a proof of replication (PoR), a proof system recently suggested in the Filecoin whitepaper. "}],"type":"conference","alternative_title":["LIPIcs"],"file":[{"checksum":"5cebb7f7849a3beda898f697d755dd96","date_created":"2020-02-04T08:17:52Z","date_updated":"2020-07-14T12:47:57Z","relation":"main_file","file_id":"7443","file_size":822884,"content_type":"application/pdf","creator":"dernst","access_level":"open_access","file_name":"2018_LIPIcs_Pietrzak.pdf"}],"oa_version":"Published Version","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","_id":"7407","intvolume":" 124","status":"public","title":"Proofs of catalytic space","ddc":["000"],"article_processing_charge":"No","has_accepted_license":"1","day":"31","scopus_import":1,"date_published":"2018-12-31T00:00:00Z","citation":{"ieee":"K. Z. Pietrzak, “Proofs of catalytic space,” in 10th Innovations in Theoretical Computer Science Conference (ITCS 2019), San Diego, CA, United States, 2018, vol. 124, p. 59:1-59:25.","apa":"Pietrzak, K. Z. (2018). Proofs of catalytic space. In 10th Innovations in Theoretical Computer Science Conference (ITCS 2019) (Vol. 124, p. 59:1-59:25). San Diego, CA, United States: Schloss Dagstuhl - Leibniz-Zentrum für Informatik. https://doi.org/10.4230/LIPICS.ITCS.2019.59","ista":"Pietrzak KZ. 2018. Proofs of catalytic space. 10th Innovations in Theoretical Computer Science Conference (ITCS 2019). ITCS: Innovations in theoretical Computer Science Conference, LIPIcs, vol. 124, 59:1-59:25.","ama":"Pietrzak KZ. Proofs of catalytic space. In: 10th Innovations in Theoretical Computer Science Conference (ITCS 2019). Vol 124. Schloss Dagstuhl - Leibniz-Zentrum für Informatik; 2018:59:1-59:25. doi:10.4230/LIPICS.ITCS.2019.59","chicago":"Pietrzak, Krzysztof Z. “Proofs of Catalytic Space.” In 10th Innovations in Theoretical Computer Science Conference (ITCS 2019), 124:59:1-59:25. Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 2018. https://doi.org/10.4230/LIPICS.ITCS.2019.59.","short":"K.Z. Pietrzak, in:, 10th Innovations in Theoretical Computer Science Conference (ITCS 2019), Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 2018, p. 59:1-59:25.","mla":"Pietrzak, Krzysztof Z. “Proofs of Catalytic Space.” 10th Innovations in Theoretical Computer Science Conference (ITCS 2019), vol. 124, Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 2018, p. 59:1-59:25, doi:10.4230/LIPICS.ITCS.2019.59."},"publication":"10th Innovations in Theoretical Computer Science Conference (ITCS 2019)","page":"59:1-59:25","ec_funded":1,"file_date_updated":"2020-07-14T12:47:57Z","author":[{"id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87","orcid":"0000-0002-9139-1654","first_name":"Krzysztof Z","last_name":"Pietrzak","full_name":"Pietrzak, Krzysztof Z"}],"volume":124,"date_created":"2020-01-30T09:16:05Z","date_updated":"2021-01-12T08:13:26Z","year":"2018","department":[{"_id":"KrPi"}],"publisher":"Schloss Dagstuhl - Leibniz-Zentrum für Informatik","publication_status":"published","publication_identifier":{"isbn":["978-3-95977-095-8"],"issn":["1868-8969"]},"month":"12","doi":"10.4230/LIPICS.ITCS.2019.59","conference":{"location":"San Diego, CA, United States","start_date":"2019-01-10","end_date":"2019-01-12","name":"ITCS: Innovations in theoretical Computer Science Conference"},"language":[{"iso":"eng"}],"tmp":{"name":"Creative Commons Attribution 4.0 International Public License (CC-BY 4.0)","legal_code_url":"https://creativecommons.org/licenses/by/4.0/legalcode","short":"CC BY (4.0)","image":"/images/cc_by.png"},"main_file_link":[{"open_access":"1","url":"https://eprint.iacr.org/2018/194"}],"oa":1,"project":[{"grant_number":"682815","_id":"258AA5B2-B435-11E9-9278-68D0E5697425","call_identifier":"H2020","name":"Teaching Old Crypto New Tricks"}],"quality_controlled":"1"}]