Adaptive Security in Broadcast Encryption Systems (2009)
We present new techniques for achieving adaptive security in broadcast encryption systems. Previous work on fully collusion resistant broadcast encryption with short ciphertexts was limited to...
Dan Boneh, Ben Lynn, Craig Gentry, Hovav Shacham
An aggregate signature scheme is a digital signature that supports aggregation: Given n signatures on n distinct messages from n distinct users, it is possible to aggregate all these signatures into...
Dan Boneh, Ben Lynn, Craig Gentry, Hovav Shacham
An aggregate signature scheme is a digital signature that supports aggregation: Given n signatures on n distinct messages from n distinct users, it is possible to aggregate all these signatures into...
Eliminating Random Permutation Oracles in the Even-Mansour Cipher (2008)
Abstract. Even and Mansour [EM97] proposed a block cipher construction that takes a publicly computable random permutation oracle P and XORs different keys prior to and after applying P: C = k2 ⊕ P...
Dan Boneh, Ben Lynn, Craig Gentry, Hovav Shacham
We survey two recent signature constructions that support signature aggregation: Given n signatures on n distinct messages from n distinct users, it is possible to aggregate all these signatures into...
ABSTRACT Secure Distributed Human Computation (2008)
This paper is a preliminary exploration of secure distributed human computation. We consider the general paradigm of using large-scale distributed computation to solve difficult problems, but where...
Craig Gentry, Zulfikar Ramzan, Symantec Inc
A family of subsets C of [n] def = {1,..., n} is (r, t)exclusive if for every S ⊂ [n] of size at least n − r, there exist S1,..., St ∈ C with S = S1∪S2∪ · · · ∪St. These families, also...
Dan Boneh, Ben Lynn, Craig Gentry, Hovav Shacham
An aggregate signature scheme is a digital signature that supports aggregation: Given n signatures on n distinct messages from n distinct users, it is possible to aggregate all these signatures into...
Craig Gentry, Chris Peikert, Vinod Vaikuntanathan
We show how to construct a variety of “trapdoor ” cryptographic tools assuming the worstcase hardness of standard lattice problems (such as approximating the length of the shortest nonzero vector...
Craig Gentry, Chris Peikert, Vinod Vaikuntanathan
We show how to construct a variety of “trapdoor ” cryptographic tools assuming the worstcase hardness of standard lattice problems (such as approximating the length of the shortest nonzero vector...
How to Use a Short Basis: Trapdoors for Hard Lattices and New Cryptographic Constructions (2008)
Craig Gentry, Vinod Vaikuntanathan, Chris Peikert
We show how to construct a variety of “trapdoor ” cryptographic tools assuming the worst-case hardness of standard lattice problems (such as approximating the length of the shortest nonzero...
Craig Gentry, Jakob Jonsson, Jacques Stern, Michael Szydlo, Key Recovery, Cyclotomic Integer
Abstract. In 1996, a new cryptosystem called NTRU was introduced, related to the hardness of nding short vectors in specic lattices. At Eurocrypt 2001, the NTRU Signature Scheme (NSS), a signature...
Aggregate and Veriably Encrypted Signatures from Bilinear Maps (2007)
Dan Boneh, Craig Gentry, Ben Lynn, Hovav Shacham
An aggregate signature scheme is a digital signature that supports aggregation: Given n signatures on n distinct messages from n distinct users, it is possible to aggregate all these signatures into...
Aggregate and Veriably Encrypted Signatures from Bilinear Maps (2007)
Dan Boneh, Craig Gentry, Ben Lynn, Hovav Shacham
An aggregate signature scheme is a digital signature that supports aggregation: Given n signatures on n distinct messages from n distinct users, it is possible to aggregate all these signatures into...
Dan Boneh, Ben Lynn, Craig Gentry, Hovav Shacham
An aggregate signature scheme is a digital signature that supports aggregation: Given n signatures on n distinct messages from n distinct users, it is possible to aggregate all these signatures into...
Craig Gentry, Alice Silverberg
Abstract. We present hierarchical identity-based encryption schemes and signature schemes that have total collusion resistance on an arbitrary number of levels and that have chosen ciphertext...
Trapdoors for Hard Lattices and New Cryptographic Constructions (2007)
Craig Gentry, Chris Peikert, Vinod Vaikuntanathan
We show how to construct a variety of “trapdoor ” cryptographic tools assuming the worstcase hardness of standard lattice problems (such as approximating the shortest nonzero vector to within...
Space-efficient identity based encryption without pairings (2007)
Dan Boneh, Craig Gentry, Michael Hamburg
Identity Based Encryption (IBE) systems are often constructed using bilinear maps (a.k.a. pairings) on elliptic curves. One exception is an elegant system due to Cocks which builds an IBE based on...
Space-efficient identity based encryption without pairings (2007)
Dan Boneh, Craig Gentry, Michael Hamburg
Identity Based Encryption (IBE) systems are often constructed using bilinear maps (a.k.a. pairings) on elliptic curves. One exception is an elegant system due to Cocks which builds an IBE based on...
Craig Gentry, Chris Peikert, Vinod Vaikuntanathan
We show how to construct a variety of “trapdoor ” cryptographic tools assuming the worstcase hardness of standard lattice problems (such as approximating the shortest nonzero vector to within...
Craig Gentry, Philip Mackenzie, Zulfikar Ramzan
We present a revised version of the of the PAK-Z protocol, called the PAK-Z+ protocol, and give a complete proof of security. The PAK-Z+ protocol is being considered for inclusion in the IEEE P1363.2...
Single-Database Private Information Retrieval with Constant Communication Rate (2005)
Abstract. We present a single-database private information retrieval (PIR) scheme with communication complexity O(k +d), where k ≥ log n is a security parameter that depends on the database size n...
Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys (2005)
Dan Boneh, Craig Gentry, Brent Waters
We describe two new public key broadcast encryption systems for stateless receivers. Both systems are fully secure against any number of colluders. In our first construction both ciphertexts and...
Secure Distributed Human Computation (2005)
Craig Gentry Zulfikar, Craig Gentry, Zulfikar Ramzan, Stuart Stubblebine
We suggest a general paradigm of using large-scale distributed computation to solve di#cult problems, but where humans can act as agents and provide candidate solutions. We are especially motivated...
Collusion resistant broadcast encryption with short ciphertexts and private keys (2005)
Dan Boneh, Craig Gentry, Brent Waters
We describe two new public key broadcast encryption systems for stateless receivers. Both systems are fully secure against any number of colluders. In our first construction both ciphertexts and...
How to compress rabin ciphertexts and signatures (and more (2004)
Abstract. Ordinarily, RSA and Rabin ciphertexts and signatures are log N bits, where N is a composite modulus; here, we describe how to “compress ” Rabin ciphertexts and signatures (among other...
A survey of two signature aggregation techniques (2003)
Dan Boneh, Craig Gentry, Ben Lynn, Hovav Shacham
We survey two recent signature constructions that support signature aggregation: Given n signatures on n distinct messages from n distinct users, it is possible to aggregate all these signatures into...
Certificate-Based Encryption and the Certificate Revocation Problem (2003)
We introduce the notion of certificate-based encryption. In this model, a certificate -- or, more generally, a signature -- acts not only as a certificate but also as a decryption key. To decrypt a...
A Survey of Two Signature Aggregation Techniques (2003)
Dan Boneh, Craig Gentry, Ben Lynn, Hovav Shacham
We survey two recent signature constructions that support signature aggregation: Given n signatures on n distinct messages from n distinct users, it is possible to aggregate all these signatures into...
Aggregate and verifiably encrypted signatures from bilinear maps (2003)
Dan Boneh, Craig Gentry, Ben Lynn, Hovav Shacham
Abstract. An aggregate signature scheme is a digital signature that supports aggregation: Given n signatures on n distinct messages from n distinct users, it is possible to aggregate all these...
Cryptanalysis of the Revised NTRU signature scheme (2002)
Abstract. In this paper, we describe a three-stage attack against Revised NSS, an NTRU-based signature scheme proposed at the Eurocrypt 2001 conference as an enhancement of the (broken) proceedings...
Cryptanalysis of the Revised NTRU signature scheme (2002)
Abstract. In this paper, we describe a three-stage attack against Revised NSS, an NTRU-based signature scheme proposed at the Eurocrypt 2001 conference as an enhancement of the (broken) proceedings...
Hierarchical ID-Based Cryptography (2002)
Craig Gentry, Alice Silverberg
Abstract. We present hierarchical identity-based encryption schemes and signature schemes that have total collusion resistance on an arbitrary number of levels and that have chosen ciphertext...
Cryptanalysis of the Revised NTRU signature scheme (2002)
Abstract. In this paper, we describe a three-stage attack against Revised NSS, an NTRU-based signature scheme proposed at the Eurocrypt 2001 conference as an enhancement of the (broken) proceedings...
Hierarchical ID-Based Cryptography (2002)
Craig Gentry, Alice Silverberg
Abstract. We present hierarchical identity-based encryption schemes and signature schemes that have total collusion resistance on an arbitrary number of levels and that have chosen ciphertext...
Key Recovery and Message Attacks on NTRU-Composite (2001)
Abstract. NTRU is a fast public key cryptosystem presented in 1996 by Hoffstein, Pipher and Silverman of Brown University. It operates in the ring of polynomials Z[X]/(X N − 1), where the domain...
Cryptanalysis of the NTRU signature scheme (2001)
Craig Gentry, Jakob Jonsson, Jacques Stern, Mike Szydlo
Abstract. In 1996, a new cryptosystem called NTRU was introduced, related to the hardness of finding short vectors in specific lattices. At Eurocrypt 2001, the NTRU Signature Scheme (NSS), a...