Showing papers by "Moni Naor published in 1997"

Number-theoretic constructions of efficient pseudo-random functions

Abstract: We describe efficient constructions for various cryptographic primitives (both in private-key and in public-key cryptography). We show these constructions to be at least as secure as the decisional version of the Diffie-Hellman assumption or as the assumption that factoring is hard. Our major result is a new construction of pseudo-random functions such that computing their value at any given point involves two multiple products. This is much more efficient than previous proposals. Furthermore, these functions have the advantage of being in TC/sup 0/ (the class of functions computable by constant depth circuits consisting of a polynomial number of threshold gates) which has several interesting applications. The simple algebraic structure of the functions implies additional features. In particular, we show a zero-knowledge proof for statements of the form "y=f/sub s/(x)" and "y/spl ne/f(x)" given a commitment to a key s of a pseudo-random function f/sub s/.

Number-Theoretic Constructions of Efficient Pseudo-Random Functions (Extended Abstract)

Abstract: We describe efficient constructions for various cryptographic primitives (both in private-key and in publickey cryptography). We show these constructions to be at least as secure as the decisional version of the DiffieHellman assumption or as the assumption that factoring is hard. Our major result is a new construction of pseudo-random functions such that computing their value at any given point involves two multiple products. This is much more efficient than previous proposals. Furthermore, these functions have the advantage of being in TCo (the class of functions computable by constant depth circuits consisting of a polynomial number of threshold gates) which has several interesting applications. The simple algebraic structure of the functions implies additional features. In particular, we show a zero-knowledge proof for statements of the form “y = fs(x)” and “y # fs(z)” given a commitment to a key s of a pseudc-random function fs.

Visual Authentication and Identification

Abstract: The problems of authentication and identification have received wide interest in cryptographic research. However, there has been no satisfactory solution for the problem of authentication by a human recipient who does not use any trusted computational device, which arises for example in the context of smartcard-human interaction, in particular in the context of electronic wallets. The problem of identification is ubiquitous in communication over insecure networks.

Visual authentication and identification

Abstract: The problems of authentication and identification have received wide interest in cryptographic research. However, there has been no satisfactory solution for the problem of authentication by a human recipient who does not use any trusted computational device, which arises for example in the context of smartcard-human interaction, in particular in the context of electronic wallets. The problem of identification is ubiquitous in communication over insecure networks. This paper introduces visual authentication and visual identification methods, which are authentication and identification methods for human users based on visual cryptography. These methods are very natural and easy to use, and can be implemented using very common low tech technology. The methods we suggest are efficient in the sense that a single transparency can be used for several authentications or for several identifications. The security of these methods is rigorously analyzed.

Does parallel repetition lower the error in computationally sound protocols

Abstract: Whether or not parallel repetition lowers the error has been a fundamental question in the theory of protocols, with applications in many different areas. It is well known that parallel repetition reduces the error at an exponential rate in interactive proofs and Arthur-Merlin games. It seems to have been taken for granted that the same is true in arguments, or other proofs where the soundness only holds with respect to computationally bounded parties. We show that this is not the case. Surprisingly, parallel repetition can actually fail in this setting. We present four-round protocols whose error does not decrease under parallel repetition. This holds for any (polynomial) number of repetitions. These protocols exploit non-malleable encryption and can be based on any trapdoor permutation. On the other hand we show that for three-round protocols the error does go down exponentially fast. The question of parallel error reduction is particularly important when the protocol is used in cryptographic settings like identification, and the error represents the probability that an intruder succeeds.

On the construction of pseudo-random permutations: Luby-Rackoff revisited (extended abstract)

Abstract: Luby and Rackoff [21] showed a method for constructing a pseudo-random permutation from a pseudorandom function. The method is based on composing four (or three for weakened security) so called Feistel permutations, each of which requires the evaluation of a pseudo-random function. We reduce somewhat the complexity of the construction and simplify its proof of security by showing that two Feistel permutations are sufficient together with initial and final pair-wise independent permutations. The revised construction and proof provide a framework in which similar constructions may be brought up and their security can be easily proved. We demonstrate this by presenting some additional adjustments of the construction that achieve the following: ● Reduce the success probability of the adversary. ● Provide a construction of pseudo-random permutations with large input size using pseudo-random functions with small input size. ●A full version of this paper is available as Theory of C~yptography Library: Record 96-11 at: http: //theory.lcs .m.it. edul tcryptol/homepage .html f Incumbent of the Morris and Rose Goldman Career Development Chair, Dept. of Applied Mathematics and Computer Science, Weizmann Institute of Science, Rehovot 76100, Israel. Research supported by grant no. 356/94 from the Israel Science Foundation administered by the Israeli Academy of Sciences. E-mail: naor@wisdom.weizmann .ac.iL tDePt, of Applied Mathematics and Computer Science, Weizmann Institute of Science, Rehovot 76100, Israel. Part of this research was supported by a Clore Scholars award. E-mail: reingold@wisdom .weiznmnn.ac.il. Permission 10 make digil;llhml copies offlll or pall o~lhis nl:llcriitl Ibr person:lIor Atssroom uw is grmlcli wilhwlt Fecprnvidcd th:ll Ihe copies are nrrl made or dislrilwled Iiw prolil or Lwnmcrcin I adinnl:Ige. Ihe copy ri@ notice. Ihc Ii[lc ol’lhc p(lhlicnli(m and ils dnlc nppc~l-.and noliw is given Ilmt copyright IS by permission oflhc ;\CA1. [nc, T(I copv olhwwiw. to rqwhlish. 10 posl (m scrww (Ir II) rcdwlril>lllc 10 Iisls. rcqllir.x yrwilic permissim mxVor Lx SW)( ‘ 97 1;11’:1s0, ‘1’cxwI is,\ Copyrighl I 997 .A(.’hl O-W791 -88 X-(197:(J5 S3 S(J ● 1 Provide a construction of a pseudo-random permutation using a single pseud~random function.

Machine-readable checks

Abstract: A machine-readable check comprising a check and a machine-readable image block printed on the check. Preferably, the image block is a two-dimensional print code.