[{"oa":1,"project":[{"_id":"258C570E-B435-11E9-9278-68D0E5697425","grant_number":"259668","name":"Provable Security for Physical Cryptography","call_identifier":"FP7"}],"quality_controlled":"1","doi":"10.1007/978-3-662-48797-6_6","conference":{"end_date":"2015-12-03","location":"Auckland, New Zealand","start_date":"2015-11-29","name":"ASIACRYPT: Theory and Application of Cryptology and Information Security"},"language":[{"iso":"eng"}],"month":"01","year":"2016","publisher":"Springer","department":[{"_id":"KrPi"}],"publication_status":"published","author":[{"first_name":"Tatsuaki","last_name":"Okamoto","full_name":"Okamoto, Tatsuaki"},{"full_name":"Pietrzak, Krzysztof Z","orcid":"0000-0002-9139-1654","id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87","last_name":"Pietrzak","first_name":"Krzysztof Z"},{"last_name":"Waters","first_name":"Brent","full_name":"Waters, Brent"},{"full_name":"Wichs, Daniel","last_name":"Wichs","first_name":"Daniel"}],"volume":9452,"date_created":"2018-12-11T11:53:16Z","date_updated":"2021-01-12T06:52:16Z","ec_funded":1,"publist_id":"5497","file_date_updated":"2020-07-14T12:45:08Z","citation":{"ama":"Okamoto T, Pietrzak KZ, Waters B, Wichs D. New realizations of somewhere statistically binding hashing and positional accumulators. In: Vol 9452. Springer; 2016:121-145. doi:10.1007/978-3-662-48797-6_6","ista":"Okamoto T, Pietrzak KZ, Waters B, Wichs D. 2016. New realizations of somewhere statistically binding hashing and positional accumulators. ASIACRYPT: Theory and Application of Cryptology and Information Security, LNCS, vol. 9452, 121–145.","apa":"Okamoto, T., Pietrzak, K. Z., Waters, B., & Wichs, D. (2016). New realizations of somewhere statistically binding hashing and positional accumulators (Vol. 9452, pp. 121–145). Presented at the ASIACRYPT: Theory and Application of Cryptology and Information Security, Auckland, New Zealand: Springer. https://doi.org/10.1007/978-3-662-48797-6_6","ieee":"T. Okamoto, K. Z. Pietrzak, B. Waters, and D. Wichs, “New realizations of somewhere statistically binding hashing and positional accumulators,” presented at the ASIACRYPT: Theory and Application of Cryptology and Information Security, Auckland, New Zealand, 2016, vol. 9452, pp. 121–145.","mla":"Okamoto, Tatsuaki, et al. New Realizations of Somewhere Statistically Binding Hashing and Positional Accumulators. Vol. 9452, Springer, 2016, pp. 121–45, doi:10.1007/978-3-662-48797-6_6.","short":"T. Okamoto, K.Z. Pietrzak, B. Waters, D. Wichs, in:, Springer, 2016, pp. 121–145.","chicago":"Okamoto, Tatsuaki, Krzysztof Z Pietrzak, Brent Waters, and Daniel Wichs. “New Realizations of Somewhere Statistically Binding Hashing and Positional Accumulators,” 9452:121–45. Springer, 2016. https://doi.org/10.1007/978-3-662-48797-6_6."},"page":"121 - 145","date_published":"2016-01-08T00:00:00Z","scopus_import":1,"has_accepted_license":"1","day":"08","_id":"1653","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","intvolume":" 9452","status":"public","ddc":["000"],"title":"New realizations of somewhere statistically binding hashing and positional accumulators","pubrep_id":"677","file":[{"relation":"main_file","file_id":"4923","date_created":"2018-12-12T10:12:05Z","date_updated":"2020-07-14T12:45:08Z","checksum":"a57711cb660c5b17b42bb47275a00180","file_name":"IST-2016-677-v1+1_869.pdf","access_level":"open_access","file_size":580088,"content_type":"application/pdf","creator":"system"}],"oa_version":"Submitted Version","type":"conference","alternative_title":["LNCS"],"abstract":[{"text":"A somewhere statistically binding (SSB) hash, introduced by Hubáček and Wichs (ITCS ’15), can be used to hash a long string x to a short digest y = H hk (x) using a public hashing-key hk. Furthermore, there is a way to set up the hash key hk to make it statistically binding on some arbitrary hidden position i, meaning that: (1) the digest y completely determines the i’th bit (or symbol) of x so that all pre-images of y have the same value in the i’th position, (2) it is computationally infeasible to distinguish the position i on which hk is statistically binding from any other position i’. Lastly, the hash should have a local opening property analogous to Merkle-Tree hashing, meaning that given x and y = H hk (x) it should be possible to create a short proof π that certifies the value of the i’th bit (or symbol) of x without having to provide the entire input x. A similar primitive called a positional accumulator, introduced by Koppula, Lewko and Waters (STOC ’15) further supports dynamic updates of the hashed value. These tools, which are interesting in their own right, also serve as one of the main technical components in several recent works building advanced applications from indistinguishability obfuscation (iO).\r\n\r\nThe prior constructions of SSB hashing and positional accumulators required fully homomorphic encryption (FHE) and iO respectively. In this work, we give new constructions of these tools based on well studied number-theoretic assumptions such as DDH, Phi-Hiding and DCR, as well as a general construction from lossy/injective functions.","lang":"eng"}]},{"month":"09","language":[{"iso":"eng"}],"doi":"10.1007/s00037-015-0120-9","quality_controlled":"1","project":[{"grant_number":"259668","_id":"258C570E-B435-11E9-9278-68D0E5697425","call_identifier":"FP7","name":"Provable Security for Physical Cryptography"}],"oa":1,"tmp":{"name":"Creative Commons Attribution 4.0 International Public License (CC-BY 4.0)","legal_code_url":"https://creativecommons.org/licenses/by/4.0/legalcode","short":"CC BY (4.0)","image":"/images/cc_by.png"},"license":"https://creativecommons.org/licenses/by/4.0/","file_date_updated":"2020-07-14T12:44:56Z","publist_id":"5715","ec_funded":1,"date_created":"2018-12-11T11:52:16Z","date_updated":"2023-02-23T11:05:09Z","volume":25,"author":[{"full_name":"Krenn, Stephan","id":"329FCCF0-F248-11E8-B48F-1D18A9856A87","orcid":"0000-0003-2835-9093","first_name":"Stephan","last_name":"Krenn"},{"last_name":"Pietrzak","first_name":"Krzysztof Z","orcid":"0000-0002-9139-1654","id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87","full_name":"Pietrzak, Krzysztof Z"},{"full_name":"Wadia, Akshay","last_name":"Wadia","first_name":"Akshay"},{"first_name":"Daniel","last_name":"Wichs","full_name":"Wichs, Daniel"}],"related_material":{"record":[{"id":"2940","status":"public","relation":"earlier_version"}]},"publication_status":"published","department":[{"_id":"KrPi"}],"publisher":"Springer","acknowledgement":"This work was partly funded by the European Research Council under ERC Starting Grant 259668-PSPC and ERC Advanced Grant 321310-PERCY.\r\n","year":"2016","day":"01","has_accepted_license":"1","scopus_import":1,"date_published":"2016-09-01T00:00:00Z","page":"567 - 605","publication":"Computational Complexity","citation":{"short":"S. Krenn, K.Z. Pietrzak, A. Wadia, D. Wichs, Computational Complexity 25 (2016) 567–605.","mla":"Krenn, Stephan, et al. “A Counterexample to the Chain Rule for Conditional HILL Entropy.” Computational Complexity, vol. 25, no. 3, Springer, 2016, pp. 567–605, doi:10.1007/s00037-015-0120-9.","chicago":"Krenn, Stephan, Krzysztof Z Pietrzak, Akshay Wadia, and Daniel Wichs. “A Counterexample to the Chain Rule for Conditional HILL Entropy.” Computational Complexity. Springer, 2016. https://doi.org/10.1007/s00037-015-0120-9.","ama":"Krenn S, Pietrzak KZ, Wadia A, Wichs D. A counterexample to the chain rule for conditional HILL entropy. Computational Complexity. 2016;25(3):567-605. doi:10.1007/s00037-015-0120-9","apa":"Krenn, S., Pietrzak, K. Z., Wadia, A., & Wichs, D. (2016). A counterexample to the chain rule for conditional HILL entropy. Computational Complexity. Springer. https://doi.org/10.1007/s00037-015-0120-9","ieee":"S. Krenn, K. Z. Pietrzak, A. Wadia, and D. Wichs, “A counterexample to the chain rule for conditional HILL entropy,” Computational Complexity, vol. 25, no. 3. Springer, pp. 567–605, 2016.","ista":"Krenn S, Pietrzak KZ, Wadia A, Wichs D. 2016. A counterexample to the chain rule for conditional HILL entropy. Computational Complexity. 25(3), 567–605."},"abstract":[{"text":"Most entropy notions H(.) like Shannon or min-entropy satisfy a chain rule stating that for random variables X,Z, and A we have H(X|Z,A)≥H(X|Z)−|A|. That is, by conditioning on A the entropy of X can decrease by at most the bitlength |A| of A. Such chain rules are known to hold for some computational entropy notions like Yao’s and unpredictability-entropy. For HILL entropy, the computational analogue of min-entropy, the chain rule is of special interest and has found many applications, including leakage-resilient cryptography, deterministic encryption, and memory delegation. These applications rely on restricted special cases of the chain rule. Whether the chain rule for conditional HILL entropy holds in general was an open problem for which we give a strong negative answer: we construct joint distributions (X,Z,A), where A is a distribution over a single bit, such that the HILL entropy H HILL (X|Z) is large but H HILL (X|Z,A) is basically zero.\r\n\r\nOur counterexample just makes the minimal assumption that NP⊈P/poly. Under the stronger assumption that injective one-way function exist, we can make all the distributions efficiently samplable.\r\n\r\nFinally, we show that some more sophisticated cryptographic objects like lossy functions can be used to sample a distribution constituting a counterexample to the chain rule making only a single invocation to the underlying object.","lang":"eng"}],"issue":"3","type":"journal_article","file":[{"content_type":"application/pdf","file_size":483258,"creator":"system","file_name":"IST-2017-766-v1+1_678.pdf","access_level":"open_access","date_updated":"2020-07-14T12:44:56Z","date_created":"2018-12-12T10:13:29Z","checksum":"7659296174fa75f5f0364f31f46f4bcf","relation":"main_file","file_id":"5012"}],"oa_version":"Submitted Version","pubrep_id":"766","title":"A counterexample to the chain rule for conditional HILL entropy","status":"public","ddc":["004"],"intvolume":" 25","_id":"1479","user_id":"3E5EF7F0-F248-11E8-B48F-1D18A9856A87"},{"abstract":[{"lang":"eng","text":"Witness encryption (WE) was introduced by Garg et al. [GGSW13]. A WE scheme is defined for some NP language L and lets a sender encrypt messages relative to instances x. A ciphertext for x can be decrypted using w witnessing x ∈ L, but hides the message if x ∈ L. Garg et al. construct WE from multilinear maps and give another construction [GGH+13b] using indistinguishability obfuscation (iO) for circuits. Due to the reliance on such heavy tools, WE can cur- rently hardly be implemented on powerful hardware and will unlikely be realizable on constrained devices like smart cards any time soon. We construct a WE scheme where encryption is done by simply computing a Naor-Yung ciphertext (two CPA encryptions and a NIZK proof). To achieve this, our scheme has a setup phase, which outputs public parameters containing an obfuscated circuit (only required for decryption), two encryption keys and a common reference string (used for encryption). This setup need only be run once, and the parame- ters can be used for arbitrary many encryptions. Our scheme can also be turned into a functional WE scheme, where a message is encrypted w.r.t. a statement and a function f, and decryption with a witness w yields f (m, w). Our construction is inspired by the functional encryption scheme by Garg et al. and we prove (selective) security assuming iO and statistically simulation-sound NIZK. We give a construction of the latter in bilinear groups and combining it with ElGamal encryption, our ciphertexts are of size 1.3 kB at a 128-bit security level and can be computed on a smart card."}],"type":"conference","alternative_title":["LNCS"],"pubrep_id":"765","oa_version":"Submitted Version","file":[{"creator":"system","content_type":"application/pdf","file_size":515000,"access_level":"open_access","file_name":"IST-2017-765-v1+1_838.pdf","checksum":"34fa9ce681da845a1ba945ba3dc57867","date_updated":"2020-07-14T12:44:39Z","date_created":"2018-12-12T10:17:20Z","file_id":"5273","relation":"main_file"}],"_id":"1229","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","intvolume":" 9696","ddc":["005","600"],"status":"public","title":"Offline witness encryption","has_accepted_license":"1","day":"09","scopus_import":1,"date_published":"2016-06-09T00:00:00Z","citation":{"short":"H.M. Abusalah, G. Fuchsbauer, K.Z. Pietrzak, in:, Springer, 2016, pp. 285–303.","mla":"Abusalah, Hamza M., et al. Offline Witness Encryption. Vol. 9696, Springer, 2016, pp. 285–303, doi:10.1007/978-3-319-39555-5_16.","chicago":"Abusalah, Hamza M, Georg Fuchsbauer, and Krzysztof Z Pietrzak. “Offline Witness Encryption,” 9696:285–303. Springer, 2016. https://doi.org/10.1007/978-3-319-39555-5_16.","ama":"Abusalah HM, Fuchsbauer G, Pietrzak KZ. Offline witness encryption. In: Vol 9696. Springer; 2016:285-303. doi:10.1007/978-3-319-39555-5_16","apa":"Abusalah, H. M., Fuchsbauer, G., & Pietrzak, K. Z. (2016). Offline witness encryption (Vol. 9696, pp. 285–303). Presented at the ACNS: Applied Cryptography and Network Security, Guildford, UK: Springer. https://doi.org/10.1007/978-3-319-39555-5_16","ieee":"H. M. Abusalah, G. Fuchsbauer, and K. Z. Pietrzak, “Offline witness encryption,” presented at the ACNS: Applied Cryptography and Network Security, Guildford, UK, 2016, vol. 9696, pp. 285–303.","ista":"Abusalah HM, Fuchsbauer G, Pietrzak KZ. 2016. Offline witness encryption. ACNS: Applied Cryptography and Network Security, LNCS, vol. 9696, 285–303."},"page":"285 - 303","publist_id":"6105","ec_funded":1,"file_date_updated":"2020-07-14T12:44:39Z","related_material":{"record":[{"id":"83","status":"public","relation":"dissertation_contains"}]},"author":[{"full_name":"Abusalah, Hamza M","last_name":"Abusalah","first_name":"Hamza M","id":"40297222-F248-11E8-B48F-1D18A9856A87"},{"first_name":"Georg","last_name":"Fuchsbauer","id":"46B4C3EE-F248-11E8-B48F-1D18A9856A87","full_name":"Fuchsbauer, Georg"},{"full_name":"Pietrzak, Krzysztof Z","id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87","orcid":"0000-0002-9139-1654","first_name":"Krzysztof Z","last_name":"Pietrzak"}],"volume":9696,"date_updated":"2023-09-07T12:30:22Z","date_created":"2018-12-11T11:50:50Z","acknowledgement":"Research supported by the European Research Council, ERC starting grant (259668-PSPC) and ERC consolidator grant (682815 - TOCNeT).","year":"2016","department":[{"_id":"KrPi"}],"publisher":"Springer","publication_status":"published","month":"06","doi":"10.1007/978-3-319-39555-5_16","conference":{"name":"ACNS: Applied Cryptography and Network Security","location":"Guildford, UK","start_date":"2016-06-19","end_date":"2016-06-22"},"language":[{"iso":"eng"}],"oa":1,"project":[{"name":"Provable Security for Physical Cryptography","call_identifier":"FP7","_id":"258C570E-B435-11E9-9278-68D0E5697425","grant_number":"259668"},{"grant_number":"682815","_id":"258AA5B2-B435-11E9-9278-68D0E5697425","call_identifier":"H2020","name":"Teaching Old Crypto New Tricks"}],"quality_controlled":"1"},{"scopus_import":1,"day":"02","has_accepted_license":"1","page":"413 - 428","citation":{"mla":"Abusalah, Hamza M., et al. Constrained PRFs for Unbounded Inputs. Vol. 9610, Springer, 2016, pp. 413–28, doi:10.1007/978-3-319-29485-8_24.","short":"H.M. Abusalah, G. Fuchsbauer, K.Z. Pietrzak, in:, Springer, 2016, pp. 413–428.","chicago":"Abusalah, Hamza M, Georg Fuchsbauer, and Krzysztof Z Pietrzak. “Constrained PRFs for Unbounded Inputs,” 9610:413–28. Springer, 2016. https://doi.org/10.1007/978-3-319-29485-8_24.","ama":"Abusalah HM, Fuchsbauer G, Pietrzak KZ. Constrained PRFs for unbounded inputs. In: Vol 9610. Springer; 2016:413-428. doi:10.1007/978-3-319-29485-8_24","ista":"Abusalah HM, Fuchsbauer G, Pietrzak KZ. 2016. Constrained PRFs for unbounded inputs. CT-RSA: Topics in Cryptology, LNCS, vol. 9610, 413–428.","apa":"Abusalah, H. M., Fuchsbauer, G., & Pietrzak, K. Z. (2016). Constrained PRFs for unbounded inputs (Vol. 9610, pp. 413–428). Presented at the CT-RSA: Topics in Cryptology, San Francisco, CA, USA: Springer. https://doi.org/10.1007/978-3-319-29485-8_24","ieee":"H. M. Abusalah, G. Fuchsbauer, and K. Z. Pietrzak, “Constrained PRFs for unbounded inputs,” presented at the CT-RSA: Topics in Cryptology, San Francisco, CA, USA, 2016, vol. 9610, pp. 413–428."},"date_published":"2016-02-02T00:00:00Z","alternative_title":["LNCS"],"type":"conference","abstract":[{"lang":"eng","text":"A constrained pseudorandom function F: K × X → Y for a family T ⊆ 2X of subsets of X is a function where for any key k ∈ K and set S ∈ T one can efficiently compute a constrained key kS which allows to evaluate F (k, ·) on all inputs x ∈ S, while even given this key, the outputs on all inputs x ∉ S look random. At Asiacrypt’13 Boneh and Waters gave a construction which supports the most general set family so far. Its keys kc are defined for sets decided by boolean circuits C and enable evaluation of the PRF on any x ∈ X where C(x) = 1. In their construction the PRF input length and the size of the circuits C for which constrained keys can be computed must be fixed beforehand during key generation. We construct a constrained PRF that has an unbounded input length and whose constrained keys can be defined for any set recognized by a Turing machine. The only a priori bound we make is on the description size of the machines. We prove our construction secure assuming publiccoin differing-input obfuscation. As applications of our constrained PRF we build a broadcast encryption scheme where the number of potential receivers need not be fixed at setup (in particular, the length of the keys is independent of the number of parties) and the first identity-based non-interactive key exchange protocol with no bound on the number of parties that can agree on a shared key."}],"title":"Constrained PRFs for unbounded inputs","ddc":["005","600"],"status":"public","intvolume":" 9610","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","_id":"1236","oa_version":"Submitted Version","file":[{"creator":"system","content_type":"application/pdf","file_size":495176,"file_name":"IST-2017-764-v1+1_279.pdf","access_level":"open_access","date_created":"2018-12-12T10:08:05Z","date_updated":"2020-07-14T12:44:41Z","checksum":"3851cee49933ae13b1272e516f213e13","file_id":"4664","relation":"main_file"}],"pubrep_id":"764","month":"02","quality_controlled":"1","project":[{"grant_number":"259668","_id":"258C570E-B435-11E9-9278-68D0E5697425","name":"Provable Security for Physical Cryptography","call_identifier":"FP7"}],"oa":1,"language":[{"iso":"eng"}],"conference":{"end_date":"2016-03-04","location":"San Francisco, CA, USA","start_date":"2016-02-29","name":"CT-RSA: Topics in Cryptology"},"doi":"10.1007/978-3-319-29485-8_24","file_date_updated":"2020-07-14T12:44:41Z","ec_funded":1,"publist_id":"6097","publication_status":"published","department":[{"_id":"KrPi"}],"publisher":"Springer","year":"2016","acknowledgement":"Supported by the European Research Council, ERC Starting Grant (259668-PSPC).","date_updated":"2023-09-07T12:30:22Z","date_created":"2018-12-11T11:50:52Z","volume":9610,"author":[{"full_name":"Abusalah, Hamza M","id":"40297222-F248-11E8-B48F-1D18A9856A87","last_name":"Abusalah","first_name":"Hamza M"},{"full_name":"Fuchsbauer, Georg","first_name":"Georg","last_name":"Fuchsbauer","id":"46B4C3EE-F248-11E8-B48F-1D18A9856A87"},{"orcid":"0000-0002-9139-1654","id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87","last_name":"Pietrzak","first_name":"Krzysztof Z","full_name":"Pietrzak, Krzysztof Z"}],"related_material":{"record":[{"relation":"dissertation_contains","status":"public","id":"83"}]}},{"day":"01","scopus_import":1,"date_published":"2016-01-01T00:00:00Z","citation":{"ista":"Abusalah HM, Fuchsbauer G. 2016. Constrained PRFs for unbounded inputs with short keys. ACNS: Applied Cryptography and Network Security, LNCS, vol. 9696, 445–463.","apa":"Abusalah, H. M., & Fuchsbauer, G. (2016). Constrained PRFs for unbounded inputs with short keys (Vol. 9696, pp. 445–463). Presented at the ACNS: Applied Cryptography and Network Security, Guildford, UK: Springer. https://doi.org/10.1007/978-3-319-39555-5_24","ieee":"H. M. Abusalah and G. Fuchsbauer, “Constrained PRFs for unbounded inputs with short keys,” presented at the ACNS: Applied Cryptography and Network Security, Guildford, UK, 2016, vol. 9696, pp. 445–463.","ama":"Abusalah HM, Fuchsbauer G. Constrained PRFs for unbounded inputs with short keys. In: Vol 9696. Springer; 2016:445-463. doi:10.1007/978-3-319-39555-5_24","chicago":"Abusalah, Hamza M, and Georg Fuchsbauer. “Constrained PRFs for Unbounded Inputs with Short Keys,” 9696:445–63. Springer, 2016. https://doi.org/10.1007/978-3-319-39555-5_24.","mla":"Abusalah, Hamza M., and Georg Fuchsbauer. Constrained PRFs for Unbounded Inputs with Short Keys. Vol. 9696, Springer, 2016, pp. 445–63, doi:10.1007/978-3-319-39555-5_24.","short":"H.M. Abusalah, G. Fuchsbauer, in:, Springer, 2016, pp. 445–463."},"page":"445 - 463","abstract":[{"lang":"eng","text":"A constrained pseudorandom function (CPRF) F: K×X → Y for a family T of subsets of χ is a function where for any key k ∈ K and set S ∈ T one can efficiently compute a short constrained key kS, which allows to evaluate F(k, ·) on all inputs x ∈ S, while the outputs on all inputs x /∈ S look random even given kS. Abusalah et al. recently constructed the first constrained PRF for inputs of arbitrary length whose sets S are decided by Turing machines. They use their CPRF to build broadcast encryption and the first ID-based non-interactive key exchange for an unbounded number of users. Their constrained keys are obfuscated circuits and are therefore large. In this work we drastically reduce the key size and define a constrained key for a Turing machine M as a short signature on M. For this, we introduce a new signature primitive with constrained signing keys that let one only sign certain messages, while forging a signature on others is hard even when knowing the coins for key generation."}],"type":"conference","alternative_title":["LNCS"],"oa_version":"Submitted Version","user_id":"3E5EF7F0-F248-11E8-B48F-1D18A9856A87","_id":"1235","status":"public","title":"Constrained PRFs for unbounded inputs with short keys","intvolume":" 9696","month":"01","conference":{"name":"ACNS: Applied Cryptography and Network Security","location":"Guildford, UK","start_date":"2016-06-19","end_date":"2016-06-22"},"doi":"10.1007/978-3-319-39555-5_24","language":[{"iso":"eng"}],"oa":1,"main_file_link":[{"url":"https://eprint.iacr.org/2016/279.pdf","open_access":"1"}],"quality_controlled":"1","project":[{"name":"Provable Security for Physical Cryptography","call_identifier":"FP7","grant_number":"259668","_id":"258C570E-B435-11E9-9278-68D0E5697425"},{"grant_number":"682815","_id":"258AA5B2-B435-11E9-9278-68D0E5697425","name":"Teaching Old Crypto New Tricks","call_identifier":"H2020"}],"ec_funded":1,"publist_id":"6098","author":[{"full_name":"Abusalah, Hamza M","first_name":"Hamza M","last_name":"Abusalah","id":"40297222-F248-11E8-B48F-1D18A9856A87"},{"full_name":"Fuchsbauer, Georg","first_name":"Georg","last_name":"Fuchsbauer","id":"46B4C3EE-F248-11E8-B48F-1D18A9856A87"}],"related_material":{"record":[{"status":"public","relation":"dissertation_contains","id":"83"}]},"date_created":"2018-12-11T11:50:52Z","date_updated":"2023-09-07T12:30:22Z","volume":9696,"acknowledgement":"H. Abusalah—Research supported by the European Research Council, ERC starting grant (259668-PSPC) and ERC consolidator grant (682815 - TOCNeT).","year":"2016","publication_status":"published","publisher":"Springer","department":[{"_id":"KrPi"}]},{"article_processing_charge":"No","month":"09","day":"04","oa":1,"citation":{"chicago":"Ferrara, Anna, Georg Fuchsbauer, Bin Liu, and Bogdan Warinschi. “Policy Privacy in Cryptographic Access Control,” 46–60. IEEE, 2015. https://doi.org/10.1109/CSF.2015.11.","mla":"Ferrara, Anna, et al. Policy Privacy in Cryptographic Access Control. IEEE, 2015, pp. 46–60, doi:10.1109/CSF.2015.11.","short":"A. Ferrara, G. Fuchsbauer, B. Liu, B. Warinschi, in:, IEEE, 2015, pp. 46–60.","ista":"Ferrara A, Fuchsbauer G, Liu B, Warinschi B. 2015. Policy privacy in cryptographic access control. CSF: Computer Security Foundations, 46–60.","ieee":"A. Ferrara, G. Fuchsbauer, B. Liu, and B. Warinschi, “Policy privacy in cryptographic access control,” presented at the CSF: Computer Security Foundations, Verona, Italy, 2015, pp. 46–60.","apa":"Ferrara, A., Fuchsbauer, G., Liu, B., & Warinschi, B. (2015). Policy privacy in cryptographic access control (pp. 46–60). Presented at the CSF: Computer Security Foundations, Verona, Italy: IEEE. https://doi.org/10.1109/CSF.2015.11","ama":"Ferrara A, Fuchsbauer G, Liu B, Warinschi B. Policy privacy in cryptographic access control. In: IEEE; 2015:46-60. doi:10.1109/CSF.2015.11"},"main_file_link":[{"url":"http://epubs.surrey.ac.uk/808055/","open_access":"1"}],"project":[{"call_identifier":"FP7","name":"Provable Security for Physical Cryptography","_id":"258C570E-B435-11E9-9278-68D0E5697425","grant_number":"259668"}],"page":"46-60","quality_controlled":"1","date_published":"2015-09-04T00:00:00Z","doi":"10.1109/CSF.2015.11","conference":{"end_date":"2015-07-17","location":"Verona, Italy","start_date":"2015-07-13","name":"CSF: Computer Security Foundations"},"language":[{"iso":"eng"}],"type":"conference","ec_funded":1,"publist_id":"5722","abstract":[{"lang":"eng","text":"Cryptographic access control offers selective access to encrypted data via a combination of key management and functionality-rich cryptographic schemes, such as attribute-based encryption. Using this approach, publicly available meta-data may inadvertently leak information on the access policy that is enforced by cryptography, which renders cryptographic access control unusable in settings where this information is highly sensitive. We begin to address this problem by presenting rigorous definitions for policy privacy in cryptographic access control. For concreteness we set our results in the model of Role-Based Access Control (RBAC), where we identify and formalize several different flavors of privacy, however, our framework should serve as inspiration for other models of access control. Based on our insights we propose a new system which significantly improves on the privacy properties of state-of-the-art constructions. Our design is based on a novel type of privacy-preserving attribute-based encryption, which we introduce and show how to instantiate. We present our results in the context of a cryptographic RBAC system by Ferrara et al. (CSF'13), which uses cryptography to control read access to files, while write access is still delegated to trusted monitors. We give an extension of the construction that permits cryptographic control over write access. Our construction assumes that key management uses out-of-band channels between the policy enforcer and the users but eliminates completely the need for monitoring read/write access to the data."}],"_id":"1474","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","year":"2015","publisher":"IEEE","department":[{"_id":"KrPi"}],"status":"public","publication_status":"published","title":"Policy privacy in cryptographic access control","author":[{"full_name":"Ferrara, Anna","first_name":"Anna","last_name":"Ferrara"},{"full_name":"Fuchsbauer, Georg","last_name":"Fuchsbauer","first_name":"Georg","id":"46B4C3EE-F248-11E8-B48F-1D18A9856A87"},{"full_name":"Liu, Bin","last_name":"Liu","first_name":"Bin"},{"first_name":"Bogdan","last_name":"Warinschi","full_name":"Warinschi, Bogdan"}],"oa_version":"Submitted Version","date_updated":"2021-01-12T06:50:59Z","date_created":"2018-12-11T11:52:14Z"},{"year":"2015","publisher":"Springer Nature","department":[{"_id":"KrPi"}],"publication_status":"published","author":[{"first_name":"Abishek","last_name":"Banerjee","full_name":"Banerjee, Abishek"},{"id":"46B4C3EE-F248-11E8-B48F-1D18A9856A87","first_name":"Georg","last_name":"Fuchsbauer","full_name":"Fuchsbauer, Georg"},{"full_name":"Peikert, Chris","last_name":"Peikert","first_name":"Chris"},{"full_name":"Pietrzak, Krzysztof Z","orcid":"0000-0002-9139-1654","id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87","last_name":"Pietrzak","first_name":"Krzysztof Z"},{"last_name":"Stevens","first_name":"Sophie","full_name":"Stevens, Sophie"}],"volume":9015,"date_updated":"2022-02-03T08:41:46Z","date_created":"2018-12-11T11:53:14Z","publist_id":"5505","ec_funded":1,"file_date_updated":"2020-07-14T12:45:08Z","main_file_link":[{"url":"https://eprint.iacr.org/2015/180","open_access":"1"}],"oa":1,"project":[{"name":"Provable Security for Physical Cryptography","call_identifier":"FP7","_id":"258C570E-B435-11E9-9278-68D0E5697425","grant_number":"259668"}],"quality_controlled":"1","doi":"10.1007/978-3-662-46497-7_2","conference":{"end_date":"2015-03-25","start_date":"2015-03-23","location":"Warsaw, Poland","name":"TCC: Theory of Cryptography Conference"},"language":[{"iso":"eng"}],"publication_identifier":{"isbn":["978-3-662-46496-0"]},"month":"03","_id":"1646","user_id":"8b945eb4-e2f2-11eb-945a-df72226e66a9","intvolume":" 9015","title":"Key-homomorphic constrained pseudorandom functions","ddc":["000","004"],"status":"public","pubrep_id":"679","file":[{"date_created":"2018-12-12T10:15:17Z","date_updated":"2020-07-14T12:45:08Z","checksum":"3c5093bda5783c89beaacabf1aa0e60e","file_id":"5136","relation":"main_file","creator":"system","file_size":450665,"content_type":"application/pdf","file_name":"IST-2016-679-v1+1_180.pdf","access_level":"open_access"}],"oa_version":"Submitted Version","type":"conference","alternative_title":["LNCS"],"abstract":[{"lang":"eng","text":"A pseudorandom function (PRF) is a keyed function F : K × X → Y where, for a random key k ∈ K, the function F(k, ·) is indistinguishable from a uniformly random function, given black-box access. A key-homomorphic PRF has the additional feature that for any keys k, k' and any input x, we have F(k+k', x) = F(k, x)⊕F(k', x) for some group operations +,⊕ on K and Y, respectively. A constrained PRF for a family of setsS ⊆ P(X) has the property that, given any key k and set S ∈ S, one can efficiently compute a “constrained” key kS that enables evaluation of F(k, x) on all inputs x ∈ S, while the values F(k, x) for x /∈ S remain pseudorandom even given kS. In this paper we construct PRFs that are simultaneously constrained and key homomorphic, where the homomorphic property holds even for constrained keys. We first show that the multilinear map-based bit-fixing and circuit-constrained PRFs of Boneh and Waters (Asiacrypt 2013) can be modified to also be keyhomomorphic. We then show that the LWE-based key-homomorphic PRFs of Banerjee and Peikert (Crypto 2014) are essentially already prefix-constrained PRFs, using a (non-obvious) definition of constrained keys and associated group operation. Moreover, the constrained keys themselves are pseudorandom, and the constraining and evaluation functions can all be computed in low depth. As an application of key-homomorphic constrained PRFs,we construct a proxy re-encryption schemewith fine-grained access control. This scheme allows storing encrypted data on an untrusted server, where each file can be encrypted relative to some attributes, so that only parties whose constrained keys match the attributes can decrypt. Moreover, the server can re-key (arbitrary subsets of) the ciphertexts without learning anything about the plaintexts, thus permitting efficient and finegrained revocation."}],"citation":{"short":"A. Banerjee, G. Fuchsbauer, C. Peikert, K.Z. Pietrzak, S. Stevens, in:, 12th Theory of Cryptography Conference, Springer Nature, 2015, pp. 31–60.","mla":"Banerjee, Abishek, et al. “Key-Homomorphic Constrained Pseudorandom Functions.” 12th Theory of Cryptography Conference, vol. 9015, Springer Nature, 2015, pp. 31–60, doi:10.1007/978-3-662-46497-7_2.","chicago":"Banerjee, Abishek, Georg Fuchsbauer, Chris Peikert, Krzysztof Z Pietrzak, and Sophie Stevens. “Key-Homomorphic Constrained Pseudorandom Functions.” In 12th Theory of Cryptography Conference, 9015:31–60. Springer Nature, 2015. https://doi.org/10.1007/978-3-662-46497-7_2.","ama":"Banerjee A, Fuchsbauer G, Peikert C, Pietrzak KZ, Stevens S. Key-homomorphic constrained pseudorandom functions. In: 12th Theory of Cryptography Conference. Vol 9015. Springer Nature; 2015:31-60. doi:10.1007/978-3-662-46497-7_2","apa":"Banerjee, A., Fuchsbauer, G., Peikert, C., Pietrzak, K. Z., & Stevens, S. (2015). Key-homomorphic constrained pseudorandom functions. In 12th Theory of Cryptography Conference (Vol. 9015, pp. 31–60). Warsaw, Poland: Springer Nature. https://doi.org/10.1007/978-3-662-46497-7_2","ieee":"A. Banerjee, G. Fuchsbauer, C. Peikert, K. Z. Pietrzak, and S. Stevens, “Key-homomorphic constrained pseudorandom functions,” in 12th Theory of Cryptography Conference, Warsaw, Poland, 2015, vol. 9015, pp. 31–60.","ista":"Banerjee A, Fuchsbauer G, Peikert C, Pietrzak KZ, Stevens S. 2015. Key-homomorphic constrained pseudorandom functions. 12th Theory of Cryptography Conference. TCC: Theory of Cryptography Conference, LNCS, vol. 9015, 31–60."},"publication":"12th Theory of Cryptography Conference","page":"31 - 60","date_published":"2015-03-01T00:00:00Z","scopus_import":"1","article_processing_charge":"No","has_accepted_license":"1","day":"01"},{"intvolume":" 9215","status":"public","ddc":["004"],"title":"A quasipolynomial reduction for generalized selective decryption on trees","_id":"1648","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","file":[{"date_created":"2018-12-12T10:13:31Z","date_updated":"2020-07-14T12:45:08Z","checksum":"99b76b3263d5082554d0a9cbdeca3a22","file_id":"5015","relation":"main_file","creator":"system","file_size":505618,"content_type":"application/pdf","file_name":"IST-2016-674-v1+1_389.pdf","access_level":"open_access"}],"oa_version":"Submitted Version","pubrep_id":"674","alternative_title":["LNCS"],"type":"conference","abstract":[{"text":"Generalized Selective Decryption (GSD), introduced by Panjwani [TCC’07], is a game for a symmetric encryption scheme Enc that captures the difficulty of proving adaptive security of certain protocols, most notably the Logical Key Hierarchy (LKH) multicast encryption protocol. In the GSD game there are n keys k1,..., kn, which the adversary may adaptively corrupt (learn); moreover, it can ask for encryptions Encki (kj) of keys under other keys. The adversary’s task is to distinguish keys (which it cannot trivially compute) from random. Proving the hardness of GSD assuming only IND-CPA security of Enc is surprisingly hard. Using “complexity leveraging” loses a factor exponential in n, which makes the proof practically meaningless. We can think of the GSD game as building a graph on n vertices, where we add an edge i → j when the adversary asks for an encryption of kj under ki. If restricted to graphs of depth ℓ, Panjwani gave a reduction that loses only a factor exponential in ℓ (not n). To date, this is the only non-trivial result known for GSD. In this paper we give almost-polynomial reductions for large classes of graphs. Most importantly, we prove the security of the GSD game restricted to trees losing only a quasi-polynomial factor n3 log n+5. Trees are an important special case capturing real-world protocols like the LKH protocol. Our new bound improves upon Panjwani’s on some LKH variants proposed in the literature where the underlying tree is not balanced. Our proof builds on ideas from the “nested hybrids” technique recently introduced by Fuchsbauer et al. [Asiacrypt’14] for proving the adaptive security of constrained PRFs.","lang":"eng"}],"page":"601 - 620","citation":{"ama":"Fuchsbauer G, Jafargholi Z, Pietrzak KZ. A quasipolynomial reduction for generalized selective decryption on trees. In: Vol 9215. Springer; 2015:601-620. doi:10.1007/978-3-662-47989-6_29","ista":"Fuchsbauer G, Jafargholi Z, Pietrzak KZ. 2015. A quasipolynomial reduction for generalized selective decryption on trees. CRYPTO: International Cryptology Conference, LNCS, vol. 9215, 601–620.","ieee":"G. Fuchsbauer, Z. Jafargholi, and K. Z. Pietrzak, “A quasipolynomial reduction for generalized selective decryption on trees,” presented at the CRYPTO: International Cryptology Conference, Santa Barbara, CA, USA, 2015, vol. 9215, pp. 601–620.","apa":"Fuchsbauer, G., Jafargholi, Z., & Pietrzak, K. Z. (2015). A quasipolynomial reduction for generalized selective decryption on trees (Vol. 9215, pp. 601–620). Presented at the CRYPTO: International Cryptology Conference, Santa Barbara, CA, USA: Springer. https://doi.org/10.1007/978-3-662-47989-6_29","mla":"Fuchsbauer, Georg, et al. A Quasipolynomial Reduction for Generalized Selective Decryption on Trees. Vol. 9215, Springer, 2015, pp. 601–20, doi:10.1007/978-3-662-47989-6_29.","short":"G. Fuchsbauer, Z. Jafargholi, K.Z. Pietrzak, in:, Springer, 2015, pp. 601–620.","chicago":"Fuchsbauer, Georg, Zahra Jafargholi, and Krzysztof Z Pietrzak. “A Quasipolynomial Reduction for Generalized Selective Decryption on Trees,” 9215:601–20. Springer, 2015. https://doi.org/10.1007/978-3-662-47989-6_29."},"date_published":"2015-08-01T00:00:00Z","scopus_import":1,"has_accepted_license":"1","day":"01","department":[{"_id":"KrPi"}],"publisher":"Springer","publication_status":"published","year":"2015","volume":9215,"date_created":"2018-12-11T11:53:14Z","date_updated":"2021-01-12T06:52:14Z","author":[{"full_name":"Fuchsbauer, Georg","first_name":"Georg","last_name":"Fuchsbauer","id":"46B4C3EE-F248-11E8-B48F-1D18A9856A87"},{"full_name":"Jafargholi, Zahra","first_name":"Zahra","last_name":"Jafargholi"},{"orcid":"0000-0002-9139-1654","id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87","last_name":"Pietrzak","first_name":"Krzysztof Z","full_name":"Pietrzak, Krzysztof Z"}],"ec_funded":1,"publist_id":"5502","file_date_updated":"2020-07-14T12:45:08Z","project":[{"grant_number":"259668","_id":"258C570E-B435-11E9-9278-68D0E5697425","name":"Provable Security for Physical Cryptography","call_identifier":"FP7"}],"quality_controlled":"1","tmp":{"name":"Creative Commons Attribution 4.0 International Public License (CC-BY 4.0)","legal_code_url":"https://creativecommons.org/licenses/by/4.0/legalcode","short":"CC BY (4.0)","image":"/images/cc_by.png"},"oa":1,"language":[{"iso":"eng"}],"doi":"10.1007/978-3-662-47989-6_29","conference":{"end_date":"2015-08-20","location":"Santa Barbara, CA, USA","start_date":"2015-08-16","name":"CRYPTO: International Cryptology Conference"},"month":"08"},{"month":"01","language":[{"iso":"eng"}],"doi":"10.1007/978-3-319-24174-6_16","conference":{"name":"ESORICS: European Symposium on Research in Computer Security","end_date":"2015-09-25","location":"Vienna, Austria","start_date":"2015-09-21"},"project":[{"name":"Provable Security for Physical Cryptography","call_identifier":"FP7","grant_number":"259668","_id":"258C570E-B435-11E9-9278-68D0E5697425"}],"quality_controlled":"1","tmp":{"name":"Creative Commons Attribution-NonCommercial 4.0 International (CC BY-NC 4.0)","legal_code_url":"https://creativecommons.org/licenses/by-nc/4.0/legalcode","image":"/images/cc_by_nc.png","short":"CC BY-NC (4.0)"},"oa":1,"license":"https://creativecommons.org/licenses/by-nc/4.0/","ec_funded":1,"publist_id":"5501","file_date_updated":"2020-07-14T12:45:08Z","volume":9326,"date_updated":"2021-01-12T06:52:14Z","date_created":"2018-12-11T11:53:15Z","author":[{"last_name":"Benhamouda","first_name":"Fabrice","full_name":"Benhamouda, Fabrice"},{"full_name":"Krenn, Stephan","last_name":"Krenn","first_name":"Stephan"},{"first_name":"Vadim","last_name":"Lyubashevsky","full_name":"Lyubashevsky, Vadim"},{"first_name":"Krzysztof Z","last_name":"Pietrzak","id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87","orcid":"0000-0002-9139-1654","full_name":"Pietrzak, Krzysztof Z"}],"publisher":"Springer","department":[{"_id":"KrPi"}],"publication_status":"published","year":"2015","has_accepted_license":"1","day":"01","series_title":"Lecture Notes in Computer Science","scopus_import":1,"date_published":"2015-01-01T00:00:00Z","page":"305 - 325","citation":{"mla":"Benhamouda, Fabrice, et al. Efficient Zero-Knowledge Proofs for Commitments from Learning with Errors over Rings. Vol. 9326, Springer, 2015, pp. 305–25, doi:10.1007/978-3-319-24174-6_16.","short":"F. Benhamouda, S. Krenn, V. Lyubashevsky, K.Z. Pietrzak, 9326 (2015) 305–325.","chicago":"Benhamouda, Fabrice, Stephan Krenn, Vadim Lyubashevsky, and Krzysztof Z Pietrzak. “Efficient Zero-Knowledge Proofs for Commitments from Learning with Errors over Rings.” Lecture Notes in Computer Science. Springer, 2015. https://doi.org/10.1007/978-3-319-24174-6_16.","ama":"Benhamouda F, Krenn S, Lyubashevsky V, Pietrzak KZ. Efficient zero-knowledge proofs for commitments from learning with errors over rings. 2015;9326:305-325. doi:10.1007/978-3-319-24174-6_16","ista":"Benhamouda F, Krenn S, Lyubashevsky V, Pietrzak KZ. 2015. Efficient zero-knowledge proofs for commitments from learning with errors over rings. 9326, 305–325.","ieee":"F. Benhamouda, S. Krenn, V. Lyubashevsky, and K. Z. Pietrzak, “Efficient zero-knowledge proofs for commitments from learning with errors over rings,” vol. 9326. Springer, pp. 305–325, 2015.","apa":"Benhamouda, F., Krenn, S., Lyubashevsky, V., & Pietrzak, K. Z. (2015). Efficient zero-knowledge proofs for commitments from learning with errors over rings. Presented at the ESORICS: European Symposium on Research in Computer Security, Vienna, Austria: Springer. https://doi.org/10.1007/978-3-319-24174-6_16"},"abstract":[{"lang":"eng","text":"We extend a commitment scheme based on the learning with errors over rings (RLWE) problem, and present efficient companion zeroknowledge proofs of knowledge. Our scheme maps elements from the ring (or equivalently, n elements from "}],"alternative_title":["LNCS"],"type":"conference","oa_version":"Published Version","file":[{"date_created":"2018-12-12T10:11:28Z","date_updated":"2020-07-14T12:45:08Z","checksum":"6eac4a485b2aa644b2d3f753ed0b280b","relation":"main_file","file_id":"4883","content_type":"application/pdf","file_size":494239,"creator":"system","file_name":"IST-2016-678-v1+1_889.pdf","access_level":"open_access"}],"pubrep_id":"678","intvolume":" 9326","status":"public","ddc":["000","004"],"title":"Efficient zero-knowledge proofs for commitments from learning with errors over rings","_id":"1649","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87"},{"title":"Query-complexity amplification for random oracles","status":"public","intvolume":" 9063","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","_id":"1644","oa_version":"Submitted Version","alternative_title":["LNCS"],"type":"conference","abstract":[{"lang":"eng","text":"Increasing the computational complexity of evaluating a hash function, both for the honest users as well as for an adversary, is a useful technique employed for example in password-based cryptographic schemes to impede brute-force attacks, and also in so-called proofs of work (used in protocols like Bitcoin) to show that a certain amount of computation was performed by a legitimate user. A natural approach to adjust the complexity of a hash function is to iterate it c times, for some parameter c, in the hope that any query to the scheme requires c evaluations of the underlying hash function. However, results by Dodis et al. (Crypto 2012) imply that plain iteration falls short of achieving this goal, and designing schemes which provably have such a desirable property remained an open problem. This paper formalizes explicitly what it means for a given scheme to amplify the query complexity of a hash function. In the random oracle model, the goal of a secure query-complexity amplifier (QCA) scheme is captured as transforming, in the sense of indifferentiability, a random oracle allowing R queries (for the adversary) into one provably allowing only r < R queries. Turned around, this means that making r queries to the scheme requires at least R queries to the actual random oracle. Second, a new scheme, called collision-free iteration, is proposed and proven to achieve c-fold QCA for both the honest parties and the adversary, for any fixed parameter c."}],"page":"159 - 180","citation":{"ieee":"G. Demay, P. Gazi, U. Maurer, and B. Tackmann, “Query-complexity amplification for random oracles,” presented at the ICITS: International Conference on Information Theoretic Security, Lugano, Switzerland, 2015, vol. 9063, pp. 159–180.","apa":"Demay, G., Gazi, P., Maurer, U., & Tackmann, B. (2015). Query-complexity amplification for random oracles (Vol. 9063, pp. 159–180). Presented at the ICITS: International Conference on Information Theoretic Security, Lugano, Switzerland: Springer. https://doi.org/10.1007/978-3-319-17470-9_10","ista":"Demay G, Gazi P, Maurer U, Tackmann B. 2015. Query-complexity amplification for random oracles. ICITS: International Conference on Information Theoretic Security, LNCS, vol. 9063, 159–180.","ama":"Demay G, Gazi P, Maurer U, Tackmann B. Query-complexity amplification for random oracles. In: Vol 9063. Springer; 2015:159-180. doi:10.1007/978-3-319-17470-9_10","chicago":"Demay, Grégory, Peter Gazi, Ueli Maurer, and Björn Tackmann. “Query-Complexity Amplification for Random Oracles,” 9063:159–80. Springer, 2015. https://doi.org/10.1007/978-3-319-17470-9_10.","short":"G. Demay, P. Gazi, U. Maurer, B. Tackmann, in:, Springer, 2015, pp. 159–180.","mla":"Demay, Grégory, et al. Query-Complexity Amplification for Random Oracles. Vol. 9063, Springer, 2015, pp. 159–80, doi:10.1007/978-3-319-17470-9_10."},"date_published":"2015-01-01T00:00:00Z","scopus_import":1,"day":"01","publication_status":"published","department":[{"_id":"KrPi"}],"publisher":"Springer","year":"2015","date_updated":"2021-01-12T06:52:13Z","date_created":"2018-12-11T11:53:13Z","volume":9063,"author":[{"first_name":"Grégory","last_name":"Demay","full_name":"Demay, Grégory"},{"first_name":"Peter","last_name":"Gazi","id":"3E0BFE38-F248-11E8-B48F-1D18A9856A87","full_name":"Gazi, Peter"},{"last_name":"Maurer","first_name":"Ueli","full_name":"Maurer, Ueli"},{"last_name":"Tackmann","first_name":"Björn","full_name":"Tackmann, Björn"}],"publist_id":"5507","ec_funded":1,"quality_controlled":"1","project":[{"grant_number":"259668","_id":"258C570E-B435-11E9-9278-68D0E5697425","call_identifier":"FP7","name":"Provable Security for Physical Cryptography"}],"main_file_link":[{"open_access":"1","url":"http://eprint.iacr.org/2015/315"}],"oa":1,"language":[{"iso":"eng"}],"conference":{"start_date":"2015-05-02","location":"Lugano, Switzerland","end_date":"2015-05-05","name":"ICITS: International Conference on Information Theoretic Security"},"doi":"10.1007/978-3-319-17470-9_10","month":"01"}]