Author
Shafi Goldwasse
Bio: Shafi Goldwasse is an academic researcher from Massachusetts Institute of Technology. The author has contributed to research in topics: Digital signature & Message authentication code. The author has an hindex of 1, co-authored 1 publications receiving 148 citations.
Papers
More filters
20 Aug 1989
TL;DR: Noninteractive zero knowledge proofs in a network which have the property that anyone in the network can individually check correctness while the proof is zero knowledge to any sufficiently small coalition are shown.
Abstract: Using non-interactive zero knowledge proofs we provide a simple new paradigm for digital signing and message authentication secure against adaptive chosen message attack.For digital signatures we require that the non-interactive zero knowledge proofs be publicly verifiable: they should be checkable by anyone rather than directed at a particular verifier. We accordingly show how to implement noninteractive zero knowledge proofs in a network which have the property that anyone in the network can individually check correctness while the proof is zero knowledge to any sufficiently small coalition. This enables us to implement signatures which are history independent.
160 citations
Cited by
More filters
IBM1
TL;DR: This work shows how to construct a public-key cryptosystem (as originally defined by DiNe and Hellman) secure against chosen ciphertezt attacks, given aPublic-Key cryptosystern secure against passive eavesdropping and a noninteractive zero-knowledge proof system in the shared string model.
Abstract: We show how to construct a public-key cryptosystem (as originally defined by DiNe and Hellman) secure against chosen ciphertezt attacks, given a public-key cryptosystern secure against passive eavesdropping and a noninteractive zero-knowledge proof system in the shared string model. No such secure cryptosystems were known before. A concrete implementation can be based on quadratic residuosity intractability.
1,220 citations
11 Aug 1991
TL;DR: A formalization of chosen ciphertext attack is given in the model which is stronger than the "lunchtime attack" considered by Naor and Yung, and it is proved a non-interactive public-key cryptosystem based on non-Interactive zero-knowledge proof of knowledge to be secure against it.
Abstract: The zero-knowledge proof of knowledge, first denned by Fiat, Fiege and Shamir, was used by Galil, Haber and Yung as a means of constructing (out of a trapdoor function) an interactive public-key cryptosystem provably secure against chosen ciphertext attack. We introduce a revised setting which permits the definition of a non-interactive analogue, the non-interactive zero-knowledge proof of knowledge, and show how it may be constructed in that setting from a non-interactive zero-knowledge proof system for NP (of the type introduced by Blum, Feldman and Micali). We give a formalization of chosen ciphertext attack in our model which is stronger than the "lunchtime attack" considered by Naor and Yung, and prove a non-interactive public-key cryptosystem based on non-interactive zero-knowledge proof of knowledge to be secure against it.
1,198 citations
Book•
01 Jan 1990TL;DR: This book gives a broad overview of public-key cryptography - its essence and advantages, various public- key cryptosystems, and protocols - as well as a comprehensive introduction to classical cryptography and cryptoanalysis.
Abstract: Cryptography, secret writing, is enjoying a scientific renaissance following the seminal discovery in 1977 of public-key cryptography and applications in computers and communications. This book gives a broad overview of public-key cryptography - its essence and advantages, various public-key cryptosystems, and protocols - as well as a comprehensive introduction to classical cryptography and cryptoanalysis. The second edition has been revised and enlarged especially in its treatment of cryptographic protocols. From a review of the first edition: "This is a comprehensive review ... there can be no doubt that this will be accepted as a standard text. At the same time, it is clearly and entertainingly written ... and can certainly stand alone." Alex M. Andrew, Kybernetes, March 1992
1,000 citations
21 Jun 1998
TL;DR: This paper surveys the recent applications of DDH as well as known results regarding its security, and describes some open problems in this area.
Abstract: The Decision Diffie-Hellman assumption (ddh) is a gold mine. It enables one to construct efficient cryptographic systems with strong security properties. In this paper we survey the recent applications of DDH as well as known results regarding its security. We describe some open problems in this area.
989 citations
09 May 1994
TL;DR: The technique for authentication can be extended and used as the basis for an authentication scheme which is ‘proven’ secure against any type of attack, provided the Discrete Logarithm problem is intractable.
Abstract: We present practical conference key distribution systems based on public keys, which authenticate the users and which are ‘proven’ secure provided the Diffie-Hellman problem is intractable. A certain number of interactions is needed but the overall cost is low. There is a complexity tradeoff. Depending on the network used, we either have a constant (in the number of conference participants) number of rounds (exchanges) or a constant communication and computation overhead. Our technique for authentication can be extended and used as the basis for an authentication scheme which is ‘proven’ secure against any type of attack, provided the Discrete Logarithm problem is intractable.
875 citations