Our Publications on IACR ePrint
Marshall Ball
- Uniform Black-Box Separations via Non-Malleable Extractors
- Secure Stateful Aggregation: A Practical Protocol with Applications in Differentially-Private Federated Learning
- Towards Permissionless Consensus in the Standard Model via Fine-Grained Complexity
- Kolmogorov Comes to Cryptomania: On Interactive Kolmogorov Complexity and Key-Agreement
- Immunizing Backdoored PRGs
- Towards Topology-Hiding Computation from Oblivious Transfer
- New Ways to Garble Arithmetic Circuits
- Survey: Non-malleable code in the split-state model
- (Nondeterministic) Hardness vs. Non-Malleability
- Topology-Hiding Communication from Minimal Assumptions.
- Cryptography from Information Loss
- Non-Malleability against Polynomial Tampering
- New Techniques for Zero-Knowledge: Leveraging Inefficient Provers to Reduce Assumptions and Interaction
- Is Information-Theoretic Topology-Hiding Computation Possible?
- Limits to Non-Malleability
- Non-Malleable Codes for Decision Trees
- Garbled Neural Networks are Practical
- Non-Malleable Codes Against Bounded Polynomial Time Tampering
- Proofs of Work from Worst-Case Assumptions
- Non-Malleable Codes for Small-Depth Circuits
- Non-Malleable Codes from Average-Case Hardness: AC0, Decision Trees, and Streaming Space-Bounded Tampering
- Proofs of Useful Work
- Average-Case Fine-Grained Hardness
- Garbling Gadgets for Boolean and Arithmetic Circuits
- Non-Malleable Codes for Bounded Depth, Bounded Fan-in Circuits
Nir Bitansky
- Shuffling is Universal: Statistical Additive Randomized Encodings for All Functions
- Additive Randomized Encodings from Public Key Encryption
- Succinct Randomized Encodings from Laconic Function Evaluation, Faster and Simpler
- Dot-Product Proofs and Their Applications
- Robust Additive Randomized Encodings from IO and Pseudo-Non-linear Codes
- Amplification of Non-Interactive Zero Knowledge, Revisited
- Bootstrapping Homomorphic Encryption via Functional Encryption
- Batch Proofs are Statistically Hiding
- Non-interactive Universal Arguments
- PPAD is as Hard as LWE and Iterated Squaring
- Constructive Post-Quantum Reductions
- Statistically Sender-Private OT from LPN and Derandomization
- Classical Binding for Quantum Commitments
- Non-malleable Commitments against Quantum Attacks
- Post-quantum Resettably-Sound Zero Knowledge
- Weakly Extractable One-Way Functions
- Characterizing Deterministic-Prover Zero Knowledge
- On the Cryptographic Hardness of Local Search
- On Oblivious Amplification of Coin-Tossing Protocols
- Post-quantum Zero Knowledge in Constant Rounds
- On the Complexity of Collision Resistant Hash Functions: New and Old Black-Box Separations
- On Round Optimal Statistical Zero Knowledge Arguments
- Distributional Collision Resistance Beyond One-Way Functions
- Weak Zero-Knowledge Beyond the Black-Box Barrier
- One-Message Zero Knowledge and Non-Malleable Commitments
- Multi-Collision Resistance: A Paradigm for Keyless Hash Functions
- Verifiable Random Functions from Non-Interactive Witness-Indistinguishable Proofs
- On Removing Graded Encodings from Functional Encryption
- Structure vs Hardness through the Obfuscation Lens
- From Cryptomania to Obfustopia through Secret-Key Functional Encryption
- 3-Message Zero Knowledge Against Human Ignorance
- A Note on Perfect Correctness by Derandomization
- Indistinguishability Obfuscation: from Approximate to Exact
- Time-Lock Puzzles from Randomized Encodings
- On Non-Black-Box Simulation and the Impossibility of Approximate Obfuscation
- Succinct Randomized Encodings and their Applications
- Indistinguishability Obfuscation from Functional Encryption
- Perfect Structure on the Edge of Chaos
- On the Cryptographic Hardness of Finding a Nash Equilibrium
- Succinct Randomized Encodings and their Applications
- The Hunting of the SNARK
- On Virtual Grey Box Obfuscation for General Circuits
- On the Existence of Extractable One-Way Functions
- ZAPs and Non-Interactive Witness Indistinguishability from Indistinguishability Obfuscation
- More on the Impossibility of Virtual-Black-Box Obfuscation with Auxiliary Input
- Obfuscation for Evasive Functions
- Indistinguishability Obfuscation vs. Auxiliary-Input Extractable Functions: One Must Fall
- How To Construct Extractable One-Way Functions Against Uniform Adversaries
- On the Impossibility of Approximate Obfuscation and Applications to Resettable Cryptography
- Succinct Non-Interactive Arguments via Linear Interactive Proofs
- Why "Fiat-Shamir for Proofs" Lacks a Proof
- Succinct Arguments from Multi-Prover Interactive Proofs and their Efficiency Benefits
- Recursive Composition and Bootstrapping for SNARKs and Proof-Carrying Data
- Program Obfuscation with Leaky Hardware
- From Point Obfuscation To 3-round Zero-Knowledge
- From Extractable Collision Resistance to Succinct Non-Interactive Arguments of Knowledge, and Back Again
- Leakage Tolerant Interactive Protocols
- On Strong Simulation and Composable Point Obfuscation
Joseph Bonneau
- NOPE: Strengthening domain authentication with succinct proofs
- Merkle Mountain Ranges are Optimal: On Witness Update Frequency for Cryptographic Accumulators
- SoK: Trusted setups for powers-of-tau strings
- Fair Signature Exchange
- How Much Public Randomness Do Modern Consensus Protocols Need?
- Good Things Come to Those Who Wait: Dishonest-Majority Coin-Flipping Requires Delay Functions
- Atomic and Fair Data Exchange via Blockchain
- NOTRY: deniable messaging with retroactive avowal
- Cornucopia: Distributed randomness beacons at scale
- Cicada: A framework for private non-interactive on-chain auctions and voting
- Naysayer proofs
- Riggs: Decentralized Sealed-Bid Auctions
- Zombie: Middleboxes that Don’t Snoop
- SoK: Distributed Randomness Beacons
- Bicorn: An optimistically efficient distributed randomness beacon
- Powers-of-Tau to the People: Decentralizing Setup Ceremonies
- Limits on revocable proof systems, with applications to stateless blockchains
- Short-lived zero-knowledge proofs and signatures
- Zero-Knowledge Middleboxes
- VeRSA: Verifiable Registries with Efficient Client Audits from RSA Authenticated Dictionaries
- Coda: Decentralized Cryptocurrency at Scale
- Proof of Necessary Work: Succinct State Verification with Fairness Guarantees
- Verifiable Delay Functions
- Differentially Private Password Frequency Lists
- On Bitcoin as a public randomness source
- Provisions: Privacy-preserving proofs of solvency for Bitcoin exchanges
- Cracking-Resistant Password Vaults using Natural Language Encoders
- Research Perspectives and Challenges for Bitcoin and Cryptocurrencies
- CONIKS: Bringing Key Transparency to End Users
- Mixcoin: Anonymity for Bitcoin with accountable mixes
- Robust Final-Round Cache-Trace Attacks Against AES
Benedikt Bünz
- Linear-Time Accumulation Schemes
- Need for zkSpeed: Accelerating HyperPlonk for Zero-Knowledge Proofs
- Context-Dependent Threshold Decryption and its Applications
- KZH-Fold: Accountable Voting from Sublinear Accumulation
- DewTwo: a transparent PCS with quasi-linear prover, logarithmic verifier and 4.5KB proofs from falsifiable assumptions
- How Much Public Randomness Do Modern Consensus Protocols Need?
- Arc: Accumulation for Reed--Solomon Codes
- Good Things Come to Those Who Wait: Dishonest-Majority Coin-Flipping Requires Delay Functions
- The Espresso Sequencing Network: HotShot Consensus, Tiramisu Data-Availability, and Builder-Exchange
- Accumulation without Homomorphism
- Proofs for Deep Thought: Accumulation for large memories and deterministic computations
- ProtoStar: Generic Efficient Accumulation/Folding for Special Sound Protocols
- HyperPlonk: Plonk with Linear-Time Prover and High-Degree Custom Gates
- VERI-ZEXE: Decentralized Private Computation with Universal Setup
- Multilinear Schwartz-Zippel mod N with Applications to Succinct Arguments
- Non-Interactive Differentially Anonymous Router
- Proof-Carrying Data without Succinct Arguments
- Proof-Carrying Data from Accumulation Schemes
- Transparent SNARKs from DARK Compilers
- Proofs for Inner Pairing Products and Applications
- Flyclient: Super-Light Clients for Cryptocurrencies
- Zether: Towards Privacy in a Smart Contract World
- Batching Techniques for Accumulators with Applications to IOPs and Stateless Blockchains
- A Survey of Two Verifiable Delay Functions
- Verifiable Delay Functions
- Bulletproofs: Short Proofs for Confidential Transactions and More
Yevgeniy Dodis
- Guarding the Signal: Secure Messaging with Reverse Firewalls
- Random Oracle Combiners: Merkle-Damgård Style
- Anamorphic-Resistant Encryption; Or Why the Encryption Debate is Still Alive
- HELP: Everlasting Privacy through Server-Aided Randomness
- Triple Ratchet: A Bandwidth Efficient Hybrid-Secure Signal Protocol
- Compact Key Storage in the Standard Model
- Ideal Pseudorandom Codes
- Interval Key-Encapsulation Mechanism
- Compact Key Storage: A Modern Approach to Key Backup and Delegation
- End-to-End Encrypted Zoom Meetings: Proving Security and Strengthening Liveness
- Immunizing Backdoored PRGs
- Security with Functional Re-Encryption from CPA
- Random Oracle Combiners: Breaking the Concatenation Barrier for Collision-Resistance
- Rotatable Zero Knowledge Sets: Post Compromise Secure Auditable Dictionaries with application to Key Transparency
- On the Worst-Case Inefficiency of CGKA
- Forward-Secure Encryption with Fast Forwarding
- Authentication in the Bounded Storage Model
- On Seedless PRNGs and Premature Next
- Encapsulated Search Index: Public-Key, Sub-linear, Distributed, and Delegatable
- Small-Box Cryptography
- Updatable Public Key Encryption in the Standard Model
- Multicast Key Agreement, Revisited
- Speak Much, Remember Little: Cryptography in the Bounded Storage Model, Revisited
- Modular Design of Secure Group Messaging Protocols and the Security of MLS
- Online Linear Extractors for Independent Sources
- Doubly-Affine Extractors, and their Applications
- No Time to Hash: On Super Efficient Entropy Accumulation
- T5: Hashing Five Inputs with Three Compression Calls
- Forward Secret Encrypted RAM: Lower Bounds and Applications
- Towards Defeating Backdoored Random Oracles: Indifferentiability with Bounded Adaptivity
- On the Price of Concurrency in Group Ratcheting Protocols
- Extracting Randomness from Extractor-Dependent Sources
- Security Analysis and Improvements for the IETF MLS Standard for Group Messaging
- Seedless Fruit is the Sweetest: Random Number Generation, Revisited
- Fast Message Franking: From Invisible Salamanders to Encryptment
- The Double Ratchet: Security Notions, Proofs, and Modularization for the Signal Protocol
- Reusable Non-Interactive Secure Computation
- Non-Uniform Bounds in the Random-Permutation, Ideal-Cipher, and Generic-Group Models
- Random Oracles and Non-Uniformity
- A New Distribution-Sensitive Secure Sketch and Popularity-Proportional Hashing
- Unilaterally-Authenticated Key Exchange
- Provable Security of Substitution-Permutation Networks
- A Formal Treatment of Backdoored Pseudorandom Generators
- Spooky Encryption and its Applications
- Non-Malleable Encryption: Simpler, Shorter, Stronger
- Indifferentiability of Confusion-Diffusion Networks
- Message Transmission with Reverse Firewalls---Secure Communication on Corrupted Machines
- Self-Destruct Non-Malleability
- Interactive Coding for Interactive Proofs
- Non-malleable Reductions and Applications
- Privacy with Imperfect Randomness
- How to Eat Your Entropy and Have it Too -- Optimal Recovery Strategies for Compromised RNGs
- Interactive Encryption and Message Authentication
- Amplifying Privacy in Privacy Amplification
- Key Derivation Without Entropy Waste
- To Hash or Not to Hash Again? (In)differentiability Results for H^2 and HMAC
- Security Analysis of Pseudo-Random Number Generators with Input: /dev/random is not Robust
- Non-malleable Codes from Additive Combinatorics
- On the Indifferentiability of Key-Alternating Ciphers
- Differential Privacy with Imperfect Randomness
- On Continual Leakage of Discrete Log Representations
- Message Authentication, Revisited
- Beating Shannon requires BOTH efficient adversaries AND non-zero advantage
- Counterexamples to Hardness Amplification Beyond Negligible
- Storing Secrets on Continually Leaky Devices
- Leftover Hash Lemma, Revisited
- On the Instantiability of Hash-and-Sign RSA Signatures
- Robust Fuzzy Extractors and Authenticated Key Agreement from Close Secrets
- Cryptography Against Continuous Memory Attacks
- Efficient Public-Key Cryptography in the Presence of Key Leakage
- Public-Key Encryption in the Bounded-Retrieval Model
- A Domain Extender for the Ideal Cipher
- Salvaging Merkle-Damgard for Practical Applications
- Leakage-Resilient Public-Key Cryptography in the Bounded-Retrieval Model
- Proofs of Retrievability via Hardness Amplification
- Non-Malleable Extractors and Symmetric Key Cryptography from Weak Secrets
- Detection of Algebraic Manipulation with Applications to Robust Secret Sharing and Fuzzy Extractors
- Optimistic Fair Exchange in a Multi-user Setting
- Universally Composable Security with Global Setup
- Does Privacy Require True Randomness?
- Verifiable Random Permutations
- Threshold and Proactive Pseudo-Random Permutations
- Minimal Assumptions for Efficient Mercurial Commitments
- A Verifiable Random Function With Short Proofs and Keys
- Entropic Security and the Encryption of High Entropy Messages
- ID-Based Encryption for Complex Hierarchies with Applications to Forward Security and Broadcast Encryption
- Scalable Public-Key Tracing and Revoking
- Optimal Signcryption from Any Trapdoor Permutation
- Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data
- Breaking and Repairing Optimistic Fair Exchange from PODC 2003
- Public Key Trace and Revoke Scheme Secure against Adaptive Chosen Ciphertext Attack
- Concealment and its Applications to Authenticated Encryption
- Parallel Signcryption with OAEP, PSS-R, and other Feistel Paddings
- Efficient Construction of (Distributed) Verifiable Random Functions
- On the Power of Claw-Free Permutations
- Key-Insulated Public-Key Cryptosystems
- On the Security of Joint Signature and Encryption
Fermi Ma
- How to Construct Random Unitaries
- A one-query lower bound for unitary synthesis and breaking quantum cryptography
- Commitments to Quantum States
- Succinct Classical Verification of Quantum Computation
- Post-Quantum Zero Knowledge, Revisited (or: How to do Quantum Rewinding Undetectably)
- On the Security of Doubly Efficient PIR
- Post-Quantum Succinct Arguments: Breaking the Quantum Rewinding Barrier
- One-Way Functions Imply Secure Computation in a Quantum World
- On The Round Complexity of Secure Quantum Computation
- Does Fiat-Shamir Require a Cryptographic Hash Function?
- Affine Determinant Programs: A Framework for Obfuscation and Witness Encryption
- Leakage-Resilient Key Exchange and Two-Seed Extractors
- On the (In)security of Kilian-Based SNARGs
- Public-Key Function-Private Hidden Vector Encryption (and More)
- The Distinction Between Fixed and Random Generators in Group-Based Assumptions
- New Techniques for Obfuscating Conjunctions
- Return of GGH15: Provable Security Against Zeroizing Attacks
- The MMap Strikes Back: Obfuscation and New Multilinear Maps Immune to CLT13 Zeroizing Attacks
- Encryptor Combiners: A Unified Approach to Multiparty NIKE, (H)IBE, and Broadcast Encryption
Sunoo Park
- How To Think About End-To-End Encryption and AI: Training, Processing, Disclosure, and Consent
- A Systematization of Voter Registration Security
- The Superlinearity Problem in Post-Quantum Blockchains
- Scan, Shuffle, Rescan: Machine-Assisted Election Audits With Untrusted Scanners
- KeyForge: Mitigating Email Breaches with Forward-Forgeable Signatures
- It wasn't me! Repudiability and Unclaimability of Ring Signatures
- Fully Deniable Interactive Encryption
- AUDIT: Practical Accountability of Secret Processes
- Public Accountability vs. Secret Laws: Can They Coexist?
- How to Subvert Backdoored Encryption: Security Against Adversaries that Decrypt All Ciphertexts
- Static-Memory-Hard Functions, and Modeling the Cost of Space vs. Time
- Towards Secure Quadratic Voting
- SpaceMint: A Cryptocurrency Based on Proofs of Space
- Adaptively Secure Coin-Flipping, Revisited
- How to Incentivize Data-Driven Collaboration Among Competing Parties
- Towards Optimally Efficient Secret-Key Authentication from PRG
- How Practical is Public-Key Encryption Based on LPN and Ring-LPN?
Oded Regev
Michael Walfish
- NOPE: Strengthening domain authentication with succinct proofs
- Zombie: Middleboxes that Don’t Snoop
- Less is more: refinement proofs for probabilistic proofs
- Zero-Knowledge Middleboxes
- Doubly-efficient zkSNARKs without trusted setup
- Full accounting for verifiable outsourcing
- Verifiable ASICs
- Scalable and private media consumption with Popcorn
- Verifiable computation using multiple provers
- Efficient RAM and control flow in verifiable outsourced computation
- Verifying Computations with State (Extended Version)
- Resolving the conflict between generality and plausibility in verified computation
- Taking proof-based verified computation a few steps closer to practicality (extended version)
Jessica Chen
Zachary DeStefano
Saroja Erabelli
Eli Goldin
- A Meta-Complexity Characterization of Quantum Cryptography
- Random Oracle Combiners: Merkle-Damgård Style
- Translating Between the Common Haar Random State Model and the Unitary Model
- Anamorphic-Resistant Encryption; Or Why the Encryption Debate is Still Alive
- CountCrypt: Quantum Cryptography between QCMA and PP
- On Central Primitives for Quantum Cryptography with Classical Communication
- Immunizing Backdoored PRGs
- Random Oracle Combiners: Breaking the Concatenation Barrier for Collision-Resistance
- Rotatable Zero Knowledge Sets: Post Compromise Secure Auditable Dictionaries with application to Key Transparency
- From discrete-log to lattices: maybe the real lessons were our broken schemes along the way?
Noah Golub
Hossein Hafezi
Peter Hall
- A Meta-Complexity Characterization of Quantum Cryptography
- Random Oracle Combiners: Merkle-Damgård Style
- HELP: Everlasting Privacy through Server-Aided Randomness
- Towards Permissionless Consensus in the Standard Model via Fine-Grained Complexity
- Random Oracle Combiners: Breaking the Concatenation Barrier for Collision-Resistance
- Nonmalleable Digital Lockers and Robust Fuzzy Extractors in the Plain Model