Add to ORKGAbstract. Strong security notions often introduce strong constraints on the construction of cryptographic schemes: semantic security implies probabilistic encryption, while the resistance to existential forgeries re-quires redundancy in signature schemes. Some paddings have thus been designed in order to provide these minimal requirements to each of them, in order to achieve secure primitives. A few years ago, Coron et al. suggested the design of a common construc-tion, a universal padding, which one could apply for both encryption and signature. As a consequence, such a padding has to introduce both ran-domness and redundancy, which does not lead to an optimal encryption nor an optimal signature. In this paper, we refine this notion of uni...
Given an arbitrary k-bit to k-bit trapdoor permutation f and a hash function, we exhibit an encrypti...
Given an arbitrary k-bit to k-bit trapdoor permutation f and a hash function, we exhibit an encrypti...
This paper considers arbitrary-length chosen-ciphertext secure asymmetric encryption, thus addressi...
Strong security notions often introduce strong constraints on the construction of cryptographic sch...
Abstract. The OAEP construction is already 10 years old and well-established in many practical appli...
Strong security notions often introduce strong constraints on the construction of cryptographic sche...
Since the appearance of public-key cryptography in Diffie-Hellman seminal paper, many schemes have b...
The question of how to construct optimally efficient secure protocols is a central question in crypt...
A cryptographic scheme is \provably secure " if an attack onthescheme implies an attack on ...
This paper considers arbitrary-length chosen-ciphertext secure asymmetric encryption, thus addressi...
Abstract. Recent advances in block-cipher theory deliver security analyses in models where one or mo...
We propose several highly-practical and optimized constructions for joint signature and encryption p...
In the bounded-storage model for information-theoretically secure encryption and key-agreement one c...
Abstract. In this paper, we formally prove that padding the plaintext with a random bit-string provi...
Abstract. In this paper, we formally prove that padding the plaintext with a random bit-string provi...
Given an arbitrary k-bit to k-bit trapdoor permutation f and a hash function, we exhibit an encrypti...
Given an arbitrary k-bit to k-bit trapdoor permutation f and a hash function, we exhibit an encrypti...
This paper considers arbitrary-length chosen-ciphertext secure asymmetric encryption, thus addressi...
Strong security notions often introduce strong constraints on the construction of cryptographic sch...
Abstract. The OAEP construction is already 10 years old and well-established in many practical appli...
Strong security notions often introduce strong constraints on the construction of cryptographic sche...
Since the appearance of public-key cryptography in Diffie-Hellman seminal paper, many schemes have b...
The question of how to construct optimally efficient secure protocols is a central question in crypt...
A cryptographic scheme is \provably secure " if an attack onthescheme implies an attack on ...
This paper considers arbitrary-length chosen-ciphertext secure asymmetric encryption, thus addressi...
Abstract. Recent advances in block-cipher theory deliver security analyses in models where one or mo...
We propose several highly-practical and optimized constructions for joint signature and encryption p...
In the bounded-storage model for information-theoretically secure encryption and key-agreement one c...
Abstract. In this paper, we formally prove that padding the plaintext with a random bit-string provi...
Abstract. In this paper, we formally prove that padding the plaintext with a random bit-string provi...
Given an arbitrary k-bit to k-bit trapdoor permutation f and a hash function, we exhibit an encrypti...
Given an arbitrary k-bit to k-bit trapdoor permutation f and a hash function, we exhibit an encrypti...
This paper considers arbitrary-length chosen-ciphertext secure asymmetric encryption, thus addressi...