[PDF] Top 20 There Is Always an Exception: Controlling Partial Information Leakage in Secure Computation
Has 10000 "There Is Always an Exception: Controlling Partial Information Leakage in Secure Computation" found on our website. Below are the top 20 most common "There Is Always an Exception: Controlling Partial Information Leakage in Secure Computation".
There Is Always an Exception: Controlling Partial Information Leakage in Secure Computation
... the information leakage of her ...some information about the input of Alice such that it remains hidden what was exactly ...sensitive information about the input? We argue that most often ... See full document
18
Secure Computation of MIPS Machine Code
... is secure (in the semi-honest model) with respect to standard definitions of security [Gol04], with one important caveat: our system leaks the total number of instructions executed in a given run of the ...leak ... See full document
26
Leakage-Resilient Certificateless Signature Under Continual Leakage Model
... of leakage-resilient cryptography is that a cryptographic scheme is still secure even if the partial leakage information of the private (or se- cret) keys involved in the scheme is ... See full document
24
Adaptively Secure Computation with Partial Erasures
... for secure computation. Prior work on adaptively secure OT includes [Bea97, CLOS02, Lin09, ...with partial erasures since the statically-corrupted party can always be viewed as the ... See full document
33
Reusable Non-Interactive Secure Computation
... possible secure implement, the receiver samples a random string r, and outputs r if the sender’s input is >, outputs x ⊕ r if the sender’s input is ...party computation protocol under OT hybrid model for ... See full document
54
Unconditionally Secure Computation with Reduced Interaction
... Abstract. We study the question of how much interaction is needed for un- conditionally secure multiparty computation. We first consider the number of messages that need to be sent to compute a Boolean ... See full document
30
Perfect Secure Computation in Two Rounds
... and has effective degree 2. We do this in a sequence of steps. The first step is noticing that we can get a “friendly” MPRE from any protocol for computing f, even one with many rounds. We stress that this will not be ... See full document
30
Maturity and Performance of Programmable Secure Computation
... the secure computation literature handles the case of corrupted com- putation parties, and gives absolute freedom for the input players to choose their inputs, and for the output players to choose the ... See full document
26
Secure Distributed Computation on Private Inputs
... first part might compromise the security. This is the reason which the latter should only be decrypted if the former is different from 1. Note also that the third component of the ciphertext is not used in the decryption ... See full document
9
Verified Implementations for Secure and Verifiable Computation
... The original SFE protocol proposed by Yao has been the subject of renewed interest. On one hand, it is now widely accepted that this generic protocol offers the best performance tradeoff to evalu- ate important classes ... See full document
13
Limits of Practical Sublinear Secure Computation
... sublinear computation protocols from “impractical” ones, by means of a notion of PIR ...protocol computation complexity in the sublinear communication regime: The functionality is natural and convenient to ... See full document
28
Succinct Non-Interactive Secure Computation
... non-interactive secure computation (NISC); however, informal versions of it became popular in connection with Gentry’s breakthrough result on fully homomorphic encryption (FHE) ...some computation to ... See full document
41
Watermark Detection In Compressive Sensing Domain To Preserve Privacy Saranya S, Sangeetha B, Gayathri M
... traditional secure watermark detection ...for secure watermark detection. However, most of the existing secure water-mark detection works assume the watermarked copy are publicly available and focus ... See full document
6
Accumulating Automata and Cascaded Equations Automata for Communicationless Information Theoretically Secure Multi-Party Computation
... Next we demonstrate the scheme with a simple example. Assume provider Peter wants to store a network log file in clouds and user David wants to search the string “attack America” in the file. But Peter does not want to ... See full document
23
On the Message Complexity of Secure Multiparty Computation
... Combining Theorem 4.1 and Theorem 4.3, we get the following corol- lary for message-optimal MPC with correlated randomness setup. Corollary 4.4. Suppose a one-way function exists. Then, any polyno- mial time n-party ... See full document
16
SCORAM: Oblivious RAM for Secure Computation
... In this section, we show the performance of scoram when used in practical applications. We assume Alice holds a sorted array and Bob holds queries. They would like to re- peatedly search for some element over the sorted ... See full document
12
Fully Leakage-Resilient Signatures Revisited: Graceful Degradation, Noisy Leakage, and Construction in the Bounded-Retrieval Model
... bounded leakage model) who introduced a “graceful degradation” property, essentially requiring that an adversary should not be able to produce more forgeries than what he could have leaked via leakage ...of ... See full document
48
Large-Scale Secure Computation
... To subvert this problem, we instead maintain two instantiations of ORAM data structures: One will hold the parties’ inputs (and any state information to be maintained between program executions), and will be of a ... See full document
75
Secure Multiparty Computation between Distrusted Networks Terminals
... local computation can be done without invocations of ...party secure comparison and this results in a communi- cation cost of O(log n log N), a significant reduction from the naive ...can always ... See full document
10
Extending Oblivious Transfer with Low Communication via Key-Homomorphic PRFs
... These protocols are essentially optimal for transferring messages of length ` = Ω(k), but when ` is short (as in bit-OT where ` = 1) there is still an overhead in O(k). Kolesnikov and Kumaresan [KK13] presented a variant ... See full document
30
Related subjects