scispace - formally typeset
Search or ask a question
Author

Moni Naor

Other affiliations: IBM, Stanford University, University of California, Berkeley  ...read more
Bio: Moni Naor is an academic researcher from Weizmann Institute of Science. The author has contributed to research in topics: Encryption & Cryptography. The author has an hindex of 102, co-authored 338 publications receiving 47090 citations. Previous affiliations of Moni Naor include IBM & Stanford University.


Papers
More filters
Proceedings ArticleDOI
09 Jan 2001
TL;DR: In this article, the authors show how to construct pseudo-random permutations that satisfy a finite-time cycle restriction, for example that the permutation be cyclic (consisting of one cycle containing all the elements) or an involution (a self-inverse permutation) with no fixed points.
Abstract: We show how to construct pseudo-random permutations that satisfy a cer- tain cycle restriction, for example that the permutation be cyclic (consisting of one cycle containing all the elements) or an involution (a self-inverse permutation) with no fixed points The construction can be based on any (unrestricted) pseudo-random permuta- tion The resulting permutations are defined succinctly and their evaluation at a given point is efficient Furthermore, they enjoy a fast forward property, ie it is possible to iterate them at a very small cost

27 citations

Journal ArticleDOI
01 Apr 1998
TL;DR: This work presents schemes that measure the amount of service requested from servers by clients by clients that are secure and efficient and provide a short proof for the metered data.
Abstract: The majority of Internet revenues come from connectivity and advertisement fees, yet there are almost no means to secure the accounting processes which determine these fees from fraudulent behavior, e.g. a scheme to provide reliable usage information regarding a Web site. There is an enormous financial incentive for the Web site to inflate this data, and therefore measurement schemes should be secure against malicious behavior of the site. Measurement schemes which are based on sampling are relatively protected from corrupt behavior of Web sites but do not provide meaningful data about small and medium scale sites. We present schemes that measure the amount of service requested from servers by clients. The schemes are secure and efficient and provide a short proof for the metered data. Immediate applications are a secure measurement of visits to a Web site and a secure usage based accounting mechanism between networks.

26 citations

Proceedings ArticleDOI
01 Sep 1991
TL;DR: The authors study the direct sum problem with respect to communication complexity and give a general lower bound on the amortized communication complexity of any function f in terms of its communication complexity C(f).
Abstract: The authors study the direct sum problem with respect to communication complexity: Consider a function f: D to (0, 1), where D contained in (0, 1)/sup n/*(0, 1)/sup n/. The amortized communication complexity of f, i.e. the communication complexity of simultaneously computing f on l instances, divided by l is studied. The authors present, both in the deterministic and the randomized model, functions with communication complexity Theta (log n) and amortized communication complexity O(1). They also give a general lower bound on the amortized communication complexity of any function f in terms of its communication complexity C(f). >

26 citations

Posted Content
TL;DR: In this article, the power of interactive proofs with a distributed verifier was explored, where the verifier consists of a single entity that communicates with all nodes by short messages, and the goal is to verify that the graph $G$ belongs to some language in a small number of rounds, and with small communication bound.
Abstract: We explore the power of interactive proofs with a distributed verifier. In this setting, the verifier consists of $n$ nodes and a graph $G$ that defines their communication pattern. The prover is a single entity that communicates with all nodes by short messages. The goal is to verify that the graph $G$ belongs to some language in a small number of rounds, and with small communication bound, i.e., the proof size. This interactive model was introduced by Kol, Oshman and Saxena (PODC 2018) as a generalization of non-interactive distributed proofs. They demonstrated the power of interaction in this setting by constructing protocols for problems as Graph Symmetry and Graph Non-Isomorphism -- both of which require proofs of $\Omega(n^2)$-bits without interaction. In this work, we provide a new general framework for distributed interactive proofs that allows one to translate standard interactive protocols to ones where the verifier is distributed with short proof size. We show the following: * Every (centralized) computation that can be performed in time $O(n)$ can be translated into three-round distributed interactive protocol with $O(\log n)$ proof size. This implies that many graph problems for sparse graphs have succinct proofs. * Every (centralized) computation implemented by either a small space or by uniform NC circuit can be translated into a distributed protocol with $O(1)$ rounds and $O(\log n)$ bits proof size for the low space case and $polylog(n)$ many rounds and proof size for NC. * We show that for Graph Non-Isomorphism, there is a 4-round protocol with $O(\log n)$ proof size, improving upon the $O(n \log n)$ proof size of Kol et al. * For many problems we show how to reduce proof size below the naturally seeming barrier of $\log n$. We get a 5-round protocols with proof size $O(\log \log n)$ for a family of problems.

26 citations

Journal ArticleDOI
TL;DR: Nonoblivious hashing, where information gathered from unsuccessful probes is used to modify subsequent probe strategy, is introduced and used to obtain the following results for static lookup on full tables: an almost sure O-time probabilistic worst-case scheme, which uses no additional memory and improves upon previously logarithmic time requirements.
Abstract: Nonoblivious hashing, where information gathered from unsuccessful probes is used to modify subsequent probe strategy, is introduced and used to obtain the following results for static lookup on full tables: (1) An O(1)-time worst-case scheme that uses only logarithmic additional memory, (and no memory when the domain size is linear in the table size), which improves upon previously linear space requirements.(2) An almost sure O(1)-time probabilistic worst-case scheme, which uses no additional memory and which improves upon previously logarithmic time requirements.(3) Enhancements to hashing: (1) and (2) are solved for multikey recors, where search can be performed under any key in time O(1); these schemes also permit properties, such as nearest neighbor and rank, to be determined in logarithmic time.

26 citations


Cited by
More filters
Journal ArticleDOI

[...]

08 Dec 2001-BMJ
TL;DR: There is, I think, something ethereal about i —the square root of minus one, which seems an odd beast at that time—an intruder hovering on the edge of reality.
Abstract: There is, I think, something ethereal about i —the square root of minus one. I remember first hearing about it at school. It seemed an odd beast at that time—an intruder hovering on the edge of reality. Usually familiarity dulls this sense of the bizarre, but in the case of i it was the reverse: over the years the sense of its surreal nature intensified. It seemed that it was impossible to write mathematics that described the real world in …

33,785 citations

Book
01 Jan 1996
TL;DR: A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols.
Abstract: From the Publisher: A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols; more than 200 tables and figures; more than 1,000 numbered definitions, facts, examples, notes, and remarks; and over 1,250 significant references, including brief comments on each paper.

13,597 citations

Patent
30 Sep 2010
TL;DR: In this article, the authors proposed a secure content distribution method for a configurable general-purpose electronic commercial transaction/distribution control system, which includes a process for encapsulating digital information in one or more digital containers, a process of encrypting at least a portion of digital information, a protocol for associating at least partially secure control information for managing interactions with encrypted digital information and/or digital container, and a process that delivering one or multiple digital containers to a digital information user.
Abstract: PROBLEM TO BE SOLVED: To solve the problem, wherein it is impossible for an electronic content information provider to provide commercially secure and effective method, for a configurable general-purpose electronic commercial transaction/distribution control system. SOLUTION: In this system, having at least one protected processing environment for safely controlling at least one portion of decoding of digital information, a secure content distribution method comprises a process for encapsulating digital information in one or more digital containers; a process for encrypting at least a portion of digital information; a process for associating at least partially secure control information for managing interactions with encrypted digital information and/or digital container; a process for delivering one or more digital containers to a digital information user; and a process for using a protected processing environment, for safely controlling at least a portion of the decoding of the digital information. COPYRIGHT: (C)2006,JPO&NCIPI

7,643 citations

Proceedings ArticleDOI
22 Jan 2006
TL;DR: Some of the major results in random graphs and some of the more challenging open problems are reviewed, including those related to the WWW.
Abstract: We will review some of the major results in random graphs and some of the more challenging open problems. We will cover algorithmic and structural questions. We will touch on newer models, including those related to the WWW.

7,116 citations

Book ChapterDOI
19 Aug 2001
TL;DR: This work proposes a fully functional identity-based encryption scheme (IBE) based on the Weil pairing that has chosen ciphertext security in the random oracle model assuming an elliptic curve variant of the computational Diffie-Hellman problem.
Abstract: We propose a fully functional identity-based encryption scheme (IBE). The scheme has chosen ciphertext security in the random oracle model assuming an elliptic curve variant of the computational Diffie-Hellman problem. Our system is based on the Weil pairing. We give precise definitions for secure identity based encryption schemes and give several applications for such systems.

7,083 citations