log in  |  register  |  feedback?  |  help  |  web accessibility
Logo
Practical Non-Malleable Codes from l-more Extractable Hash Functions
Aria Shahverdi - UMD
3400 A.V. Williams Building (AVW)
Friday, September 28, 2018, 1:00-2:00 pm Calendar
  • You are subscribed to this talk through .
  • You are watching this talk through .
  • You are subscribed to this talk. (unsubscribe, watch)
  • You are watching this talk. (unwatch, subscribe)
  • You are not subscribed to this talk. (watch, subscribe)
Abstract
In this work, we significantly improve the efficiency of non-malleable codes in the split state model, by constructing a code with codeword length |s|+O(k), where |s| is the length of the message, and k is the security parameter. This is a substantial improvement over previous constructions, both asymptotically and concretely.
Our construction relies on a new primitive which we define and study, called l-more extractable hash functions. This notion, which may be of independent interest, guarantees that any adversary that is given access to l∈N precomputed hash values v_1,…,v_l, and produces a new valid hash value v~, then it must know a pre-image of v~. This is a stronger notion that the one by Bitansky et al. (Eprint '11) and Goldwasser et al. (ITCS '12, Eprint '14), which considers adversaries that get no access to precomputed hash values prior to producing their own value. By appropriately relaxing the extractability requirement (without hurting the applicability of the primitive) we instantiate l-more extractable hash functions under the same assumptions used for the previous extractable hash functions by Bitansky et al. and Goldwasser et al. (a variant of the Knowledge of Exponent Assumption).
 

 

To read this paper, see: https://eprint.iacr.org/2017/040.pdf
This talk is organized by Huijing Gong