Kirill Morozov scite author profile

In this paper, we formally prove that padding the plaintext with a random bit-string provides the semantic security against chosen plaintext attack (IND-CPA) for the McEliece (and its dual, the Niederreiter) cryptosystems under the standard assumptions. Such padding has recently been used by Suzuki, Kobara and Imai in the context of RFID security. Our proof relies on the technical result by Katz and Shin from Eurocrypt '05 showing "pseudorandomness" implied by the learning parity with noise (LPN) problem. We do not need the random oracles as opposed to the known generic constructions which, on the other hand, provide a stronger protection as compared to our scheme-against (adaptive) chosen ciphertext attack, i.e., . In order to show that the padded version of the cryptosystem remains practical, we provide some estimates for suitable key sizes together with corresponding workload required for successful attack.

show abstract

Efficient Unconditional Oblivious Transfer from Almost Any Noisy Channel

Crépeau

Morozov

Wolf

2005

View full text Add to dashboard Cite

A Decentralized Marketplace Application on the Ethereum Blockchain

Ranganthan

Dantu

Paul

et al. 2018

View full text Add to dashboard Cite

Achieving Oblivious Transfer Capacity of Generalized Erasure Channels in the Malicious Model

Pinto

Dowsley

Morozov

et al. 2011

IEEE Trans. Inform. Theory

View full text Add to dashboard Cite

Abstract-Information-theoretically secure string oblivious transfer (OT) can be constructed based on discrete memoryless channel (DMC). The oblivious transfer capacity of a channel characterizes -similarly to the (standard) information capacity -how efficiently it can be exploited for secure oblivious transfer of strings. The OT capacity of a Generalized Erasure Channel (GEC) -which is a combination of a (general) DMC with the erasure channel -has been established by Ahlswede and Csizar at ISIT'07 in the case of passive adversaries. In this paper, we present the protocol that achieves this capacity against malicious adversaries for GEC with erasure probability at least 1/2. Our construction is based on the protocol of Crépeau and Savvides from Eurocrypt'06 which uses interactive hashing (IH). We solve an open question posed by the above paper, by basing it upon a constant round IH scheme (previously proposed by Ding et al at TCC'04). As a side result, we show that Ding et al IH protocol can deal with transmission errors.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Kirill Morozov

Semantic security for the McEliece cryptosystem without random oracles

Efficient Unconditional Oblivious Transfer from Almost Any Noisy Channel

A Decentralized Marketplace Application on the Ethereum Blockchain

Achieving Oblivious Transfer Capacity of Generalized Erasure Channels in the Malicious Model

Contact Info

Product

Resources

About