A Greater Tel-Aviv Area Seminar

Yehuda Lindell @BIU on: The IPS Compiler: Optimizations, Variants and Concrete Efficiency

Abstract: In recent work, Ishai, Prabhakaran and Sahai (CRYPTO 2008) presented a new compiler (hereafter the IPS compiler) for constructing protocols that are secure in the presence of malicious adversaries without an honest majority from protocols that are only secure in the presence of semi-honest adversaries.

11/01/2012 - 11:30

Yuval Ishai@BIU on: Share conversion and private information retrieval


Private Information Retrieval (PIR) protocols allow a client to access a remote database without revealing what it is after. In the so-called "information-theoretic" setting for PIR, the client interacts with several servers which hold copies of the database, and the client's choices remain unconditionally hidden from each individual server.

18/01/2012 - 11:30

Itay Berman@BIU on: From Non-Adaptive to Adaptive Pseudorandom Functions

Unlike the standard notion of pseudorandom functions (PRF), a non-adaptive PRF is only required to be indistinguishable from random in the eyes of a non-adaptive distinguisher (i.e., one that prepares its oracle calls in advance). A recent line of research has studied the possibility of a direct construction of adaptive PRFs from non-adaptive ones, where direct means that the constructed adaptive PRF uses only few (ideally, constant number of) calls to the underlying non-adaptive PRF.

01/02/2012 - 10:30

Gilad Asharov@TAU on: Multiparty Computation with Low Communication, Computation and Interaction via Threshold FHE

Fully homomorphic encryption (FHE) provides a simple template for secure computation between two parties (Alice and Bob) where: (I) Alice encrypts her input under her key, (II) Bob homomorphically evaluates the desired function on Alice's ciphertext and his own input, and sends the encrypted output to Alice.

28/03/2012 - 11:30

Ilan Orlov@TAU on: 1/p-Secure Multiparty Computation without Honest Majority and the Best of Both Worlds

A protocol for computing a functionality is secure if an adversary in this protocol cannot cause more harm than in an ideal computation,
where parties give their inputs to a trusted party which returns the output of the functionality to all parties.
In particular, in the ideal model such computation is fair -- if the corrupt parties get the output, then the honest parties get the output.
Cleve (STOC 1986) proved that, in general, fairness is not possible without an honest majority.

08/02/2012 - 11:30

Ivan Damgård @ BIU on: Secure Computation in the Preprocessing Model

Secure Multiparty Computation for the case of dishonest majority
has previously been known as the case where no efficient solution
was possible, since here one cannot avoid using expensive public-key
machinery. However, in a recent of line of research it has been shown
that all the hard work can be pushed into a preprocessing phase
that is independent of the function to be computed. Then, in an
on-line phase, one can compute the function very efficiently
using only cheap information theoretic primitives.

13/02/2012 - 11:30

Daniel Wichs@ BIU on :Separating Succinct Non-Interactive Arguments From All Falsifiable Assumptions

Abstract: Succinct non-interactive arguments (or SNARGs) are
computationally sound proofs whose communication complexity is
polylogarithmic the instance and witness sizes. Unfortunately, we
currently do not know of any construction of SNARGs with a formal
proof of security under any simple assumption. My talk will give a
broad black-box separation result, showing that the security of SNARGs
cannot be proven via a black-box reduction from any falsifiable
cryptographic assumption. This includes essentially all common

29/02/2012 - 11:30

Amos Beimel @ BIU: Secret-Sharing: A Survey

A secret-sharing scheme is a method by which a dealer distributes shares to parties such that only authorized subsets of parties can reconstruct the secret. Secret-sharing schemes are an important tool in cryptography and they are used as a building box in many secure protocols, e.g., general protocol for multiparty computation, Byzantine agreement, threshold cryptography, access control, attribute-based encryption, and generalized oblivious transfer.

14/03/2012 - 11:30