Silvio Micali

Bio: Silvio Micali is an academic researcher from Massachusetts Institute of Technology. The author has contributed to research in topics: Common value auction & Digital signature. The author has an hindex of 84, co-authored 236 publications receiving 45550 citations. Previous affiliations of Silvio Micali include Polaroid Corporation & University of California.

The knowledge complexity of interactive proof-systems

Abstract: Usually, a proof of a theorem contains more knowledge than the mere fact that the theorem is true. For instance, to prove that a graph is Hamiltonian it suffices to exhibit a Hamiltonian tour in it; however, this seems to contain more knowledge than the single bit Hamiltonian/non-Hamiltonian.In this paper a computational complexity theory of the “knowledge” contained in a proof is developed. Zero-knowledge proofs are defined as those proofs that convey no additional knowledge other than the correctness of the proposition in question. Examples of zero-knowledge proof systems are given for the languages of quadratic residuosity and 'quadratic nonresiduosity. These are the first examples of zero-knowledge proofs for languages not known to be efficiently recognizable.

Verifiable secret sharing and achieving simultaneity in the presence of faults

Abstract: Verifiable secret sharing is a cryptographic protocol that allows one to break a secret in 11 pieccs and publicly distribute thcln to 11 people so that tile secret is reconstructible given only sufficiently many pieces. 'rhe novelty is that everyone can verify that all received a "valid" piece of the secret without having any idea of what the secret is. One application of this tool is the simulation of simultaneous-broadcast networks on semi-synchronous broadcast networks.

The round complexity of secure protocols

Abstract: Assume we have a network of three or more players, each player in possession of some private input The players want to compute some function of these private inputs, but in a way which protects the privacy of each participant's contribution Not all of the players can be trusted to do as they are instructed The resources the players are given to accomplish their goal are communication--the ability to privately send messages to one another, or to broadcast messages to the community as a whole--and local computation Many insightful protocols have been proposed for solving this problem of multiparty secure function evaluation Building on Yao's protocol for the case of two players (Ya86), Goldreich, Micali and Wigderson (GMW87) offered the first general protocol for this problem, and they provided the paradigm on which a large body of successive work was based Despite enormous progress, research on secure function evaluation has suffered from some serious shortcomings First, though many protocols have been devised for solving the problem, what, exactly, these protocols accomplish has not been fully understood In fact, no rigorously specified and generally accepted definitions have been proposed in this field Second, protocols for multiparty secure function evaluation could be extremely inefficient, the main cause being that they required an unbounded (and usually large) number of communication rounds We address both of these points, carefully crafting definitions which satisfactorily deal with the myriad of issues lurking here, and offering a new protocol for multiparty secure function evaluation--one which categorically improves the complexity requirements for this task The new protocol completely divorces the computational complexity of the function being collaboratively computed from the round complexity of the protocol that evaluates it Using this approach, we show that a rigorously-specified and extremely strong notion of secure function evaluation can be achieved by a protocol which requires only a fixed constant number of rounds of interaction This result assumes only the existence of a one-way function and that the majority of the participants to the protocol behave correctly (Copies available exclusively from MIT Libraries, Rm 14-0551, Cambridge, MA 02139-4307 Ph 617-253-5668; Fax 617-253-1690)

Computationally private information retrieval with polylogarithmic communication

Abstract: We present a single-database computationally private information retrieval scheme with polylogarithmic communication complexity. Our construction is based on a new, but reasonable intractability assumption, which we call the φ-Hiding Assumption (φHA): essentially the difficulty of deciding whether a small prime divides φ(m), where m is a composite integer of unknown factorization.

I and i

Abstract: There is, I think, something ethereal about i —the square root of minus one. I remember first hearing about it at school. It seemed an odd beast at that time—an intruder hovering on the edge of reality. Usually familiarity dulls this sense of the bizarre, but in the case of i it was the reverse: over the years the sense of its surreal nature intensified. It seemed that it was impossible to write mathematics that described the real world in …

Handbook of Applied Cryptography

Abstract: From the Publisher: A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols; more than 200 tables and figures; more than 1,000 numbered definitions, facts, examples, notes, and remarks; and over 1,250 significant references, including brief comments on each paper.

Principles of Neural Science

Abstract: I have developed "tennis elbow" from lugging this book around the past four weeks, but it is worth the pain, the effort, and the aspirin. It is also worth the (relatively speaking) bargain price. Including appendixes, this book contains 894 pages of text. The entire panorama of the neural sciences is surveyed and examined, and it is comprehensive in its scope, from genomes to social behaviors. The editors explicitly state that the book is designed as "an introductory text for students of biology, behavior, and medicine," but it is hard to imagine any audience, interested in any fragment of neuroscience at any level of sophistication, that would not enjoy this book. The editors have done a masterful job of weaving together the biologic, the behavioral, and the clinical sciences into a single tapestry in which everyone from the molecular biologist to the practicing psychiatrist can find and appreciate his or

Identity-Based Encryption from the Weil Pairing

Abstract: We propose a fully functional identity-based encryption scheme (IBE). The scheme has chosen ciphertext security in the random oracle model assuming an elliptic curve variant of the computational Diffie-Hellman problem. Our system is based on the Weil pairing. We give precise definitions for secure identity based encryption schemes and give several applications for such systems.

Secure spread spectrum watermarking for multimedia

Abstract: This paper presents a secure (tamper-resistant) algorithm for watermarking images, and a methodology for digital watermarking that may be generalized to audio, video, and multimedia data. We advocate that a watermark should be constructed as an independent and identically distributed (i.i.d.) Gaussian random vector that is imperceptibly inserted in a spread-spectrum-like fashion into the perceptually most significant spectral components of the data. We argue that insertion of a watermark under this regime makes the watermark robust to signal processing operations (such as lossy compression, filtering, digital-analog and analog-digital conversion, requantization, etc.), and common geometric transformations (such as cropping, scaling, translation, and rotation) provided that the original image is available and that it can be successfully registered against the transformed watermarked image. In these cases, the watermark detector unambiguously identifies the owner. Further, the use of Gaussian noise, ensures strong resilience to multiple-document, or collusional, attacks. Experimental results are provided to support these claims, along with an exposition of pending open problems.