Jump to Content

Moti Yung

Moti Yung is a Security and Privacy Research Scientist with Google and an Adjunct Research Faculty at the Computer Science Dep., Columbia University. He got his PhD from Columbia University in 1988. Previously, he was with IBM Research, Certco/ Bankers Trust, RSA Laboratories (EMC), and Snap. Yung is a fellow of the IEEE, the Association for Computing Machinery (ACM), the International Association for Cryptologic Research (IACR), and the European Association for Theoretical Computer Science (EATCS). In 2018 he received the IEEE Computer Society W.W. McDowell award for innovative contributions to computer and network security, predicting, both attack scenarios and design needs in this important evolving area. In 2010 he gave the IACR Distinguished Lecture. He is also the recipient of the 2014 ACM’s SIGSAC Outstanding Innovation award, the 2014 ESORICS (European Symposium on Research in Computer Security) Outstanding Research award, an IBM Outstanding Innovation award, a Google OC award, and a Google founders’ award. Yung’s main professional interests are in Security, Privacy, and Cryptography. His contributions to research and development treat science and technology holistically: from the theoretical mathematical foundations, via conceptual mechanisms which typify computer science, to participation in the design and development of industrial products. His published work (articles, patents, a book, and edited books) includes collaborations with more than 300 highly appreciated co-authors. Yung’s work has been predicting future needs of secure systems, and analyzing coming threats. These led to basic theoretical and applied notions, like: ransomware attacks, cryptosystems subversion, concurrent sessions in authentication protocols, strong (chosen ciphertext) secure encryption, and digital signatures from simplified cryptography. His industrial work gave rise to new diversified mechanisms, some of which are in extensive use. These include: public-key based second factor (resulting in U2F); new factors for user identification; distributed signing methods; secure large scale distributed computation protocol for privacy preserving data analytics; and various very large scale encryption systems, such as Google encryption within the Advertisement Exchange system and Snap's secure end-to-end encryption.
Authored Publications
Google Publications
Other Publications
Sort By
  • Title
  • Title, descending
  • Year
  • Year, descending
    Eddystone-EID: Secure and Private Infrastructural Protocol for BLE Beacons
    Liron David
    Alon Ziv
    IEEE Transactions on Information Forensics and Security (2022)
    Preview abstract Beacons are small devices which are playing an important role in the Internet of Things (IoT), connecting “things” without IP connection to the Internet via Bluetooth Low Energy (BLE) communication. In this paper we present the first private end-to-end encryption protocol called the Eddystone-Ephemeral-ID (Eddystone-EID) protocol. This protocol enables connectivity from any beacon to its remote owner, while supporting beacon’s privacy and security, and essentially preserving the beacon’s low power consumption. We describe the Eddystone-EID development goals, discuss the design decisions, show the cryptographic solution, and analyse its privacy, security, and performance. Finally, we present three secure IoT applications built on Eddystone-EID, demonstrating its utility as a security and privacy infrastructure in the IoT domain. Further, Eddystone-EID is a prototypical example of security design for an asymmetric system in which on one side there are small power-deficient elements (the beacons) and on the other side there is a powerful computing engine (a cloud). The crux of the design strategy is based on: (1) transferring work from the beacon to the cloud, and then (2) building a trade-off between cloud online work against cloud offline work, in order to enable fast real-time reaction of the cloud. These two principles seem to be generic and can be used for other problems in the IoT domain. View details
    Preview abstract “Exposure Notification (EN) Systems” which have been envisioned by a number of academic and industry groups, are useful in aiding health authorities worldwide to fight the COVID-19 pandemic spread via contact tracing. Among these systems, many rely on the BLE based Google-Apple Exposure Notification (GAEN) API (for iPhones and Android systems). We assert that it is now the time to investigate how to deal with scale issues, assuming the next pandemic/ variant will be more extensive. To this end, we present two modular enhancements to scale up the GAEN API by improving performance and suggesting a better performance-privacy tradeoff. Our modifications have the advantage of affecting only the GAEN API modules and do not require any change to the systems built on top of it, therefore it can be easily adopted upon emerging needs. The techniques we suggest in this paper (called “dice and splice” and “forest from the PRF-tree”) are general and applicable to scenarios of searching values within anonymous pseudo-randomly generated sequences. View details
    Two-Sided Malicious Security for Private Intersection-Sum with Cardinality
    Peihan Miao
    Sarvar Patel
    Advances in Cryptology – CRYPTO 2020 (2020), pp. 3-33
    Preview abstract Private intersection-sum with cardinality allows two parties, where each party holds a private set and one of the parties additionally holds a private integer value associated with each element in her set, to jointly compute the cardinality of the intersection of the two sets as well as the sum of the associated integer values for all the elements in the intersection, and nothing beyond that. We present a new construction for private intersection sum with cardinality that provides malicious security with abort and guarantees that both parties receive the output upon successful completion of the protocol. A central building block for our constructions is a primitive called shuffled distributed oblivious PRF (DOPRF), which is a PRF that offers oblivious evaluation using a secret key shared between two parties, and in addition to this allows obliviously permuting the PRF outputs of several parallel oblivious evaluations. We present the first construction for shuffled DOPRF with malicious security. We further present several new sigma proof protocols for relations across Pedersen commitments, ElGamal encryptions, and Camenisch-Shoup encryptions that we use in our main construction, for which we develop new batching techniques to reduce communication. We implement and evaluate the efficiency of our protocol and show that we can achieve communication cost that is only 4-5 times greater than the most efficient semi-honest protocol. When measuring monetary cost of executing the protocol in the cloud, our protocol is 25 times more expensive than the semi-honest protocol. Our construction also allows for different parameter regimes that enable trade-offs between communication and computation. View details
    Private Intersection-Sum Protocols with Applications to Attributing Aggregate Ad Conversions
    Mihaela Ion
    Benjamin Kreuter
    Erhan Nergiz
    Sarvar Patel
    Shobhit Saxena
    David Shanahan
    2020 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 370-389
    Preview abstract In this work, we discuss our successful efforts for industry deployment of a cryptographic secure computation protocol. The problem we consider is privately computing aggregate conversion rate of advertising campaigns. This underlying functionality can be abstracted as Private Intersection-Sum (PI-Sum) with Cardinality. In this setting two parties hold datasets containing user identifiers, and one of the parties additionally has an integer value associated with each of its user identifiers. The parties want to learn the number of identifiers they have in common and the sum of the integer values associated with these users without revealing any more information about their private inputs. We identify the major properties and enabling factors which make the deployment of a cryptographic protocol possible, practical, and uniquely positioned as a solution for the task at hand. We describe our deployment setting and the most relevant efficiency measure, which in our setting is communication overhead rather than computation. We also present a monetary cost model that can be used as a unifying cost measure and the computation model which reflect out use-case: a low-priority batch computing. We present three PI-Sum with cardinality protocols: our currently deployed protocol, which relies on a Diffie-Hellman style double masking, and two new protocols which leverage more recent techniques for private set intersection (PSI) that use Random Oblivious Transfer and encrypted Bloom filters. We compare the later two protocol with our original solution when instantiated with different additively homomorphic encryption schemes. We implement our constructions and compare their costs. We also compare with recent generic approaches for computing on the intersection of two datasets and show that our best protocol has monetary cost that is 20× less than the best known generic approach. View details
    Preview abstract Bluetooth Smart (also known as Bluetooth Low Energy) beacons broadcast their presence in order to enable proximity-based applications by observer devices. This results in a privacy and security exposure: broadcast devices are typically susceptible to tracking and spoofing based on the IDs used by the beacons. We introduce a scheme consisting of cloud-based Ephemeral Identifiers (EID) which allows only authorized parties to properly identify the beacons broadcast; it mitigates the basic tracking and security threats while keeping high utility. We outline a formal model of privacy which is obtained with our scheme, present its implementation, and discuss possible extensions. The proposal outlined here is the basis for Google’s Eddystone standard, supported by some thirty industry partners. We supply an open source implementation for all the components of the system. View details
    Non-interactive CCA-Secure threshold cryptosystems with adaptive security: new framework and constructions
    Benoit Libert
    Proceedings of the 9th international conference on Theory of Cryptography, Springer-Verlag, Berlin, Heidelberg (2012), pp. 75-93
    Preview abstract In threshold cryptography, private keys are divided into n shares, each one of which is given to a di fferent server in order to avoid single points of failure. In the case of threshold public-key encryption, at least t ≤ n servers need to contribute to the decryption process. A threshold primitive is said robust if no coalition of t malicious servers can prevent remaining honest servers from successfully completing private key operations. So far, most practical non-interactive threshold cryptosystems, where no interactive conversation is required among decryption servers, were only proved secure against static corruptions. In the adaptive corruption scenario (where the adversary can corrupt servers at any time, based on its complete view), all existing robust threshold encryption schemes that also resist chosen-ciphertext attacks (CCA) till recently require interaction in the decryption phase. A specific method (in composite order groups) for getting rid of interaction was recently suggested, leaving the question of more generic frameworks and constructions with better security and better exibility (i.e., compatibility with distributed key generation). This paper describes a general construction of adaptively secure robust non-interactive threshold cryptosystems with chosen-ciphertext security. We de ne the notion of all-but-one perfectly sound threshold hash proof systems that can be seen as (threshold) hash proof systems with publicly verifi able and simulation-sound proofs. We show that this notion generically implies threshold cryptosystems combining the aforementioned properties. Then, we provide ecient instantiations under well-studied assumptions in bilinear groups (e.g., in such groups of prime order). These instantiations have a tighter security proof and are indeed compatible with distributed key generation protocols. View details
    Contextual OTP: Mitigating Emerging Man-in-the-Middle Attacks with Wireless Hardware Tokens
    Assaf Ben-David
    Omer Berkman
    Sarvar Patel
    Cem Paya
    Applied Cryptography and Network Security - 10th International Conference, ACNS 2012, Springer, pp. 30-47
    Preview
    Scalable group signatures with revocation
    Benoit Libert
    Thomas Peters
    Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques, Springer-Verlag, Berlin, Heidelberg (2012), pp. 609-627
    Preview
    Efficient Traceable Signatures in the Standard Model
    Benoît Libert
    Pairing '09: Proceedings of the 3rd International Conference Palo Alto on Pairing-Based Cryptography, Springer-Verlag, Berlin, Heidelberg (2009), pp. 187-205
    Preview
    A New Randomness Extraction Paradigm for Hybrid Encryption
    Eike Kiltz
    Krzysztof Pietrzak
    Martijn Stam
    EUROCRYPT '09: Proceedings of the 28th Annual International Conference on Advances in Cryptology, Springer-Verlag, Berlin, Heidelberg (2009), pp. 590-609
    Preview
    Efficient and secure authenticated key exchange using weak passwords
    Jonathan Katz
    Rafail Ostrovsky
    J. ACM, vol. 57 (2009), pp. 1-39
    Preview
    Key Evolution Systems in Untrusted Update Environments
    Benoît Libert
    Jean-Jacques Quisquater
    Information Security and Cryptology, Springer-Verlag, Berlin, Heidelberg (2009), pp. 12-21
    Preview
    The Kurosawa--Desmedt key encapsulation is not chosen-ciphertext secure
    Seung Geol Choi
    Javier Herranz
    Dennis Hofheinz
    Jung Yeon Hwang
    Eike Kiltz
    Dong Hoon Lee
    Inf. Process. Lett., vol. 109 (2009), pp. 897-901
    Preview
    Expecting the Unexpected: Towards Robust Credential Infrastructure
    Shouhuai Xu
    Financial Cryptography and Data Security, Springer-Verlag, Berlin, Heidelberg (2009), pp. 201-221
    Preview
    Constructing Variable-Length PRPs and SPRPs from Fixed-Length PRPs
    Debra L. Cook
    Angelos Keromytis
    Information Security and Cryptology, Springer-Verlag, Berlin, Heidelberg (2009), pp. 157-180
    Preview
    Efficient Robust Private Set Intersection
    Dana Dachman-Soled
    Tal Malkin
    Mariana Raykova
    ACNS '09: Proceedings of the 7th International Conference on Applied Cryptography and Network Security, Springer-Verlag, Berlin, Heidelberg (2009), pp. 125-142
    Preview
    A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks
    François-Xavier Standaert
    Tal G. Malkin
    EUROCRYPT '09: Proceedings of the 28th Annual International Conference on Advances in Cryptology, Springer-Verlag, Berlin, Heidelberg (2009), pp. 443-461
    Preview
    Secure Function Collection with Sublinear Storage
    Maged H. Ibrahim
    Aggelos Kiayias
    Hong-Sheng Zhou
    ICALP '09: Proceedings of the 36th Internatilonal Collogquium on Automata, Languages and Programming, Springer-Verlag, Berlin, Heidelberg (2009), pp. 534-545
    Preview
    Elastic block ciphers: method, security and instantiations
    Debra L. Cook
    Angelos D. Keromytis
    Int. J. Inf. Secur., vol. 8 (2009), pp. 211-231
    Preview
    Privacy-Preserving Information Markets for Computing Statistical Data
    Aggelos Kiayias
    Bülent Yener
    Financial Cryptography and Data Security, Springer-Verlag, Berlin, Heidelberg (2009), pp. 32-50
    Preview
    On the Portability of Generalized Schnorr Proofs
    Jan Camenisch
    Aggelos Kiayias
    EUROCRYPT '09: Proceedings of the 28th Annual International Conference on Advances in Cryptology, Springer-Verlag, Berlin, Heidelberg (2009), pp. 425-442
    Preview
    Real Electronic Cash Versus Academic Electronic Cash Versus Paper Cash (Panel Report)
    Jon Callas
    Yvo Desmedt
    Daniel Nagy
    Akira Otsuka
    Jean-Jacques Quisquater
    Financial Cryptography and Data Security, Springer-Verlag, Berlin, Heidelberg (2008), pp. 307-313
    Preview
    Privacy Preserving Data Mining within Anonymous Credential Systems
    Aggelos Kiayias
    Shouhuai Xu
    SCN '08: Proceedings of the 6th international conference on Security and Cryptography for Networks, Springer-Verlag, Berlin, Heidelberg (2008), pp. 57-76
    Preview
    A block cipher based pseudo random number generator secure against side-channel key recovery
    Christophe Petit
    François-Xavier Standaert
    Olivier Pereira
    Tal G. Malkin
    ASIACCS '08: Proceedings of the 2008 ACM symposium on Information, computer and communications security, ACM, New York, NY, USA, pp. 56-65
    Preview
    Public-key traitor tracing from efficient decoding and unbounded enrollment: extended abstract
    Aggelos Kiayias
    DRM '08: Proceedings of the 8th ACM workshop on Digital rights management, ACM, New York, NY, USA (2008), pp. 9-18
    Preview
    Fair Traceable Multi-Group Signatures
    Vicente Benjumea
    Seung Geol Choi
    Javier Lopez
    Financial Cryptography, Springer-Verlag, Berlin, Heidelberg (2008), pp. 231-246
    Preview
    On the Evolution of User Authentication: Non-bilateral Factors
    Information Security and Cryptology, Third SKLOIS Conference, Inscrypt 2007, Springer-Verlag, Berlin, Heidelberg (2008), pp. 5-10
    Preview
    Does Physical Security of Cryptographic Devices Need a Formal Study? (Invited Talk)
    François-Xavier Standaert
    Tal G. Malkin
    ICITS '08: Proceedings of the 3rd international conference on Information Theoretic Security, Springer-Verlag, Berlin, Heidelberg (2008), pp. 70-70
    Preview
    Methods for Linear and Differential Cryptanalysis of Elastic Block Ciphers
    Debra L. Cook
    Angelos D. Keromytis
    ACISP '08: Proceedings of the 13th Australasian conference on Information Security and Privacy, Springer-Verlag, Berlin, Heidelberg (2008), pp. 187-202
    Preview
    Universal forgery of the identity-based sequential aggregate signature scheme
    Jung Yeon Hwang
    Dong Hoon Lee
    ASIACCS '09: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ACM, New York, NY, USA (2009), pp. 157-160
    A Timing-Resistant Elliptic Curve Backdoor in RSA
    Adam L. Young
    Information Security and Cryptology, Third SKLOIS Conference, Inscrypt 2007, Springer-Verlag, Berlin, Heidelberg (2008), pp. 427-441
    Cryptanalyzing the polynomial-reconstruction based public-key system under optimal parameter choice
    Aggelos Kiayias
    Des. Codes Cryptography, vol. 43 (2007), pp. 61-78
    Generic and Practical Resettable Zero-Knowledge in the Bare Public-Key Model
    Yunlei Zhao
    EUROCRYPT '07: Proceedings of the 26th annual international conference on Advances in Cryptology, Springer-Verlag, Berlin, Heidelberg (2007), pp. 129-147
    Elastic block ciphers: the basic design
    Debra Cook
    Angelos Keromytis
    ASIACCS '07: Proceedings of the 2nd ACM symposium on Information, computer and communications security, ACM, New York, NY, USA (2007), pp. 350-352
    Scalable Protocols for Authenticated Group Key Exchange
    Jonathan Katz
    J. Cryptol., vol. 20 (2007), pp. 85-113
    The Security of Elastic Block Ciphers Against Key-Recovery Attacks
    Debra L. Cook
    Angelos D. Keromytis
    ISC '07: Proceedings of the 10th international conference on Information Security, Springer-Verlag, Berlin, Heidelberg (2007), pp. 89-103
    Decoding interleaved Reed-Solomon codes over noisy channels
    Daniel Bleichenbacher
    Aggelos Kiayias
    Theor. Comput. Sci., vol. 379 (2007), pp. 348-360
    Forward-secure signatures in untrusted update environments: efficient and generic constructions
    Benoît Libert
    Jean-Jacques Quisquater
    CCS '07: Proceedings of the 14th ACM conference on Computer and communications security, ACM, New York, NY, USA (2007), pp. 266-275
    Public Key Cryptography - PKC 2006: 9th International Conference on Theory and Practice in Public-Key Cryptography, New York, NY, USA, April 24-26, 2006. ... (Lecture Notes in Computer Science)
    Yevgeniy Dodis
    Aggelos Kiayias
    Tal Malkin
    Springer-Verlag New York, Inc., Secaucus, NJ, USA (2006)
    Information Security and Cryptology: Second SKLOIS Conference, Inscrypt 2006Beijing, China, November 29 - December 1, 2006Proceedings (Lecture Notes in Computer Science)
    Helger Lipmaa
    Donghai Lin
    Springer-Verlag New York, Inc., Secaucus, NJ, USA (2006)
    Fourth-factor authentication: somebody you know
    John Brainard
    Ari Juels
    Ronald L. Rivest
    Michael Szydlo
    CCS '06: Proceedings of the 13th ACM conference on Computer and communications security, ACM, New York, NY, USA (2006), pp. 168-178
    Information Security and Cryptology: First SKLOIS Conference, CISC 2005, Beijing, China, December 15-17, 2005, Proceedings (Lecture Notes in Computer Science)
    Dengguo Feng
    Dongdai Lin
    Springer-Verlag New York, Inc., Secaucus, NJ, USA (2006)
    Security and Cryptography for Networks: 5th International Conference, SCN 2006, Maiori, Italy, September 6-8, 2006, Proceedings (Lecture Notes in Computer Science)
    Roberto De Prisco
    Springer-Verlag New York, Inc., Secaucus, NJ, USA (2006)
    Digital Rights Management: Technologies, Issues, Challenges and Systems (Lecture Notes in Computer Science)
    Reihaneh Safavi-Naini
    Springer-Verlag New York, Inc., Secaucus, NJ, USA (2006)
    Characterization of Security Notions for Probabilistic Private-Key Encryption
    Jonathan Katz
    J. Cryptol., vol. 19 (2006), pp. 67-95
    Applied Cryptography and Network Security: 4th International Conference, ACNS 2006, Singapore, June 6-9, 2006, Proceedings (Lecture Notes in Computer Science)
    Jianying Zhou
    Feng Bao
    Springer-Verlag New York, Inc., Secaucus, NJ, USA (2006)
    Secure scalable group signature with dynamic joins and separable authorities
    Aggelos Kiayias
    Int. J. Secur. Netw., vol. 1 (2006), pp. 24-45
    Digital Signatures (Advances in Information Security)
    Jonathan Katz
    Springer-Verlag New York, Inc., Secaucus, NJ, USA (2005)
    Secure Hypergraphs: Privacy from Partial Broadcast
    Matthew Franklin
    SIAM J. Discret. Math., vol. 18 (2005), pp. 437-450
    Applied Cryptography and Network Security: Third International Conference, ACNS 2005, New York, NY, USA, June 7-10, 2005, Proceedings (Lecture Notes in Computer Science)
    John Ioannidis
    Angelos Keromytis
    Springer-Verlag New York, Inc., Secaucus, NJ, USA (2005)
    Scalable public-key tracing and revoking
    Yevgeniy Dodis
    Nelly Fazio
    Aggelos Kiayias
    Distrib. Comput., vol. 17 (2005), pp. 323-347
    Malicious Cryptography: Exposing Cryptovirology
    Adam Young
    John Wiley \& Sons (2004)
    The dual receiver cryptosystem and its applications
    Theodore Diament
    Homin K. Lee
    Angelos D. Keromytis
    CCS '04: Proceedings of the 11th ACM conference on Computer and communications security, ACM, New York, NY, USA (2004), pp. 330-343
    Information Security Applications: 4th International Workshop, Wisa 2003, Jeju Island, Korea, August 2003: Revised Papers (Lecture Notes in Computer Science, 2908)
    Kijoon Chae
    SpringerVerlag (2004)
    /k/-anonymous secret handshakes with reusable credentials
    Shouhuai Xu
    CCS '04: Proceedings of the 11th ACM conference on Computer and communications security, ACM, New York, NY, USA (2004), pp. 158-167
    Applied Cryptography and Network Security: Second International Conference, ACNS 2004, Yellow Mountain, China, June 8-11, 2004. Proceedings (Lecture Notes in Computer Science)
    Markus Jakobsson
    Jianying Zhou
    Springer-Verlag New York, Inc., Secaucus, NJ, USA (2004)
    Strong Key-Insulated Signature Schemes
    Yevgeniy Dodis
    Jonathan Katz
    Shouhuai Xu
    PKC '03: Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography, Springer-Verlag, London, UK (2003), pp. 130-144
    Applied Cryptography and Network Security: First International Conference, Acns 2003, Kunming, China, October 16-19, 2003: Proceedings (Lecture Notes in Computer Science, 2846)
    Jianying Zhou
    Yongfei Han
    SpringerVerlag (2003)
    Scalable public-key tracing and revoking
    Yevgeniy Dodis
    Nelly Fazio
    Aggelos Kiayias
    PODC '03: Proceedings of the twenty-second annual symposium on Principles of distributed computing, ACM, New York, NY, USA (2003), pp. 190-199
    Cryptographic Hardness Based on the Decoding of Reed-Solomon Codes
    Aggelos Kiayias
    ICALP '02: Proceedings of the 29th International Colloquium on Automata, Languages and Programming, Springer-Verlag, London, UK (2002), pp. 232-243
    Observability Analysis - Detecting When Improved Cryptosystems Fail
    Marc Joye
    Jean-Jacques Quisquater
    Sung-Ming Yen
    CT-RSA '02: Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology, Springer-Verlag, London, UK (2002), pp. 17-29
    Adaptively secure distributed public-key systems
    Yair Frankel
    Theor. Comput. Sci., vol. 287 (2002), pp. 535-561
    Self-Stabilizing Symmetry Breaking in Constant Space
    Alain Mayer
    Rafail Ostrovsky
    Yoram Ofek
    SIAM J. Comput., vol. 31 (2002), pp. 1571-1595
    The Business of Electronic Voting
    Ed Gerck
    C. Andrew Neff
    Ronald L. Rivest
    Aviel D. Rubin
    FC '01: Proceedings of the 5th International Conference on Financial Cryptography, Springer-Verlag, London, UK (2002), pp. 243-268
    Self-tallying Elections and Perfect Ballot Secrecy
    Aggelos Kiayias
    PKC '02: Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems, Springer-Verlag, London, UK (2002), pp. 141-158
    Traitor Tracing with Constant Transmission Rate
    Aggelos Kiayias
    EUROCRYPT '02: Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques, Springer-Verlag, London, UK (2002), pp. 450-465
    Threshold Cryptosystems Based on Factoring
    Jonathan Katz
    ASIACRYPT '02: Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security, Springer-Verlag, London, UK (2002), pp. 192-205
    Incremental Unforgeable Encryption
    Enrico Buonanno
    Jonathan Katz
    FSE '01: Revised Papers from the 8th International Workshop on Fast Software Encryption, Springer-Verlag, London, UK (2002), pp. 109-124
    Privacy against Piracy: Protecting Two-Level Revocable P-K Traitor Tracing
    Hyun-Jeong Kim
    Dong Hoon Lee
    ACISP '02: Proceedings of the 7th Australian Conference on Information Security and Privacy, Springer-Verlag, London, UK (2002), pp. 482-496
    On Crafty Pirates and Foxy Tracers
    Aggelos Kiayias
    DRM '01: Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management, Springer-Verlag, London, UK (2002), pp. 22-39
    Key-Insulated Public Key Cryptosystems
    Yevgeniy Dodis
    Jonathan Katz
    Shouhuai Xu
    EUROCRYPT '02: Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques, Springer-Verlag, London, UK (2002), pp. 65-82
    Exposure-Resilience for Free: The Hierarchical ID-based Encryption Case
    Yevgeniy Dodis
    SISW '02: Proceedings of the First International IEEE Security in Storage Workshop, IEEE Computer Society, Washington, DC, USA (2002), pp. 45
    Hash to the Rescue: Space Minimization for PKI Directories
    Adam Young
    ICISC '00: Proceedings of the Third International Conference on Information Security and Cryptology, Springer-Verlag, London, UK (2001), pp. 235-245
    Friendly observers ease off-line e-cash
    Shouhuai Xu
    Gendu Zhang
    Proceedings of the fourth working conference on smart card research and advanced applications on Smart card research and advanced applications, Kluwer Academic Publishers, Norwell, MA, USA (2001), pp. 3-18
    Polynomial Reconstruction Based Cryptography
    Aggelos Kiayias
    SAC '01: Revised Papers from the 8th Annual International Workshop on Selected Areas in Cryptography, Springer-Verlag, London, UK (2001), pp. 129-133
    On the Power of Misbehaving Adversaries and Security Analysis of the Original EPOC
    Marc Joye
    Jean-Jacques Quisquater
    CT-RSA 2001: Proceedings of the 2001 Conference on Topics in Cryptology, Springer-Verlag, London, UK, pp. 208-222
    DISSECT: DIStribution for SECurity Tool
    Enriquillo Valdez
    ISC '01: Proceedings of the 4th International Conference on Information Security, Springer-Verlag, London, UK (2001), pp. 125-143
    Bandwidth-Optimal Kleptographic Attacks
    Adam Young
    CHES '01: Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems, Springer-Verlag, London, UK (2001), pp. 235-250
    Self Protecting Pirates and Black-Box Traitor Tracing
    Aggelos Kiayias
    CRYPTO '01: Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, Springer-Verlag, London, UK (2001), pp. 63-79
    Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords
    Jonathan Katz
    Rafail Ostrovsky
    EUROCRYPT '01: Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques, Springer-Verlag, London, UK (2001), pp. 475-494
    Unforgeable Encryption and Chosen Ciphertext Secure Modes of Operation
    Jonathan Katz
    FSE '00: Proceedings of the 7th International Workshop on Fast Software Encryption, Springer-Verlag, London, UK (2001), pp. 284-299
    Secure Games with Polynomial Expressions
    Aggelos Kiayias
    ICALP '01: Proceedings of the 28th International Colloquium on Automata, Languages and Programming,, Springer-Verlag, London, UK (2001), pp. 939-950
    Adaptive Security for the Additive-Sharing Based Proactive RSA
    Yair Frankel
    PKC '01: Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography, Springer-Verlag, London, UK (2001), pp. 240-263
    Blind, Auditable Membership Proofs
    Tomas Sander
    Amnon Ta-Shma
    FC '00: Proceedings of the 4th International Conference on Financial Cryptography, Springer-Verlag, London, UK (2001), pp. 53-71
    Local and congestion-driven fairness algorithm in arbitrary topology networks
    Alain Mayer
    Yoram Ofek
    IEEE/ACM Trans. Netw., vol. 8 (2000), pp. 362-372
    Complete characterization of security notions for probabilistic private-key encryption
    Jonathan Katz
    STOC '00: Proceedings of the thirty-second annual ACM symposium on Theory of computing, ACM, New York, NY, USA (2000), pp. 245-254
    RSA-Based Auto-recoverable Cryptosystems
    Adam Young
    PKC '00: Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography, Springer-Verlag, London, UK (2000), pp. 326-341
    On Threshold RSA-Signing with no Dealer
    Shingo Miyazaki
    Kouichi Sakurai
    ICISC '99: Proceedings of the Second International Conference on Information Security and Cryptology, Springer-Verlag, London, UK (2000), pp. 197-207
    Eavesdropping games: a graph-theoretic approach to privacy in distributed systems
    Matthew Franklin
    Zvi Galil
    J. ACM, vol. 47 (2000), pp. 225-243
    How to Say \"YES\" with Smart Cards
    Yair Frankel
    CARDIS '98: Proceedings of the The International Conference on Smart Card Research and Applications, Springer-Verlag, London, UK (2000), pp. 203-212
    Combined asynchronous/synchronous packet switching architecture: QoS guarantees for integrated parallel computing and real-time traffic
    Yoram Ofek
    J. Parallel Distrib. Comput., vol. 60 (2000), pp. 275-295
    Funkspiel schemes: an alternative to conventional tamper resistance
    Johan H{\aa}stad
    Jakob Jonsson
    Ari Juels
    CCS '00: Proceedings of the 7th ACM conference on Computer and communications security, ACM, New York, NY, USA (2000), pp. 125-133
    Software DisEngineering: Program Hiding Architecture and Experiments
    Enriquillo Valdez
    IH '99: Proceedings of the Third International Workshop on Information Hiding, Springer-Verlag, London, UK (2000), pp. 379-394
    Design Validations for Discrete Logarithm Based Signature Schemes
    Ernest F. Brickell
    David Pointcheval
    Serge Vaudenay
    PKC '00: Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography, Springer-Verlag, London, UK (2000), pp. 276-292
    "Psyeudorandom Intermixing": A Tool for Shared Cryptography
    Yair Frankel
    PKC '00: Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography, Springer-Verlag, London, UK (2000), pp. 306-325
    Self-Escrowed Public-Key Infrastructures
    Pascal Paillier
    ICISC '99: Proceedings of the Second International Conference on Information Security and Cryptology, Springer-Verlag, London, UK (2000), pp. 257-268
    On zero-knowledge proofs (extended abstract): ``from membership to decision''
    Giovanni Di Crescenzo
    Kouichi Sakurai
    STOC '00: Proceedings of the thirty-second annual ACM symposium on Theory of computing, ACM, New York, NY, USA (2000), pp. 255-264
    Towards Signature-Only Signature Schemes
    Adam Young
    ASIACRYPT '00: Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security, Springer-Verlag, London, UK (2000), pp. 97-115
    Cryptosystems Robust against "Dynamic Faults" Meet Enterprise Needs for Organizational "Change Control"
    Yair Frankel
    FC '99: Proceedings of the Third International Conference on Financial Cryptography, Springer-Verlag, London, UK (1999), pp. 241-252
    Scramble All, Encrypt Small
    Markus Jakobsson
    Julien P. Stern
    FSE '99: Proceedings of the 6th International Workshop on Fast Software Encryption, Springer-Verlag, London, UK (1999), pp. 95-111
    Money Conservation via Atomicity in Fair Off-Line E-Cash
    Shouhuai Xu
    Gendu Zhang
    Hong Zhu
    ISW '99: Proceedings of the Second International Workshop on Information Security, Springer-Verlag, London, UK (1999), pp. 14-31
    Auto-Recoverable Cryptosystems with Faster Initialization and the Escrow Hierarchy
    Adam Young
    PKC '99: Proceedings of the Second International Workshop on Practice and Theory in Public Key Cryptography, Springer-Verlag, London, UK (1999), pp. 306-314
    Non-Interactive CryptoComputing For NC1
    Tomas Sander
    Adam Young
    FOCS '99: Proceedings of the 40th Annual Symposium on Foundations of Computer Science, IEEE Computer Society, Washington, DC, USA (1999), pp. 554
    Secure protocol transformation via ``expansion'': from two-party to groups
    Alain Mayer
    CCS '99: Proceedings of the 6th ACM conference on Computer and communications security, ACM, New York, NY, USA (1999), pp. 83-92
    Adaptively-Secure Distributed Public-Key Systems
    Yair Frankel
    ESA '99: Proceedings of the 7th Annual European Symposium on Algorithms, Springer-Verlag, London, UK (1999), pp. 4-27
    Self-Testing/Correcting Protocols (Extended Abstract)
    Matthew K. Franklin
    Juan A. Garay
    Proceedings of the 13th International Symposium on Distributed Computing, Springer-Verlag, London, UK (1999), pp. 269-283
    Electronic Payments: Where Do We Go from Here?
    Markus Jakobsson
    David M'Ra\"{\i}hi
    Yiannis Tsiounis
    Proceedings of the International Exhibition and Congress on Secure Networking - CQRE (Secure) '99, Springer-Verlag, London, UK (1999), pp. 43-63
    Decision Oracles are Equivalent to Matching Oracles
    Helena Handschuh
    Yiannis Tsiounis
    PKC '99: Proceedings of the Second International Workshop on Practice and Theory in Public Key Cryptography, Springer-Verlag, London, UK (1999), pp. 276-289
    Adaptively-Secure Optimal-Resilience Proactive RSA
    Yair Frankel
    ASIACRYPT '99: Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security, Springer-Verlag, London, UK (1999), pp. 180-194
    Auto-recoverable Auto-certifiable Cryptosystems (A Survey)
    Adam Young
    Proceedings of the International Exhibition and Congress on Secure Networking - CQRE (Secure) '99, Springer-Verlag, London, UK (1999), pp. 204-218
    On Assurance Structures for WWW Commerce
    Markus Jakobsson
    FC '98: Proceedings of the Second International Conference on Financial Cryptography, Springer-Verlag, London, UK (1998), pp. 141-157
    Robust efficient distributed RSA-key generation
    Yair Frankel
    STOC '98: Proceedings of the thirtieth annual ACM symposium on Theory of computing, ACM, New York, NY, USA (1998), pp. 663-672
    Finding Length-3 Positive Cunningham Chains
    Adam Young
    ANTS-III: Proceedings of the Third International Symposium on Algorithmic Number Theory, Springer-Verlag, London, UK (1998), pp. 289-298
    VarietyCash: a multi-purpose electronic payment system
    M. Bellare
    J. Garay
    C. Jutla
    WOEC'98: Proceedings of the 3rd conference on USENIX Workshop on Electronic Commerce, USENIX Association, Berkeley, CA, USA (1998), pp. 2-2
    Fair Off-Line e-cash Made Easy
    Yair Frankel
    Yiannis Tsiounis
    ASIACRYPT '98: Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security, Springer-Verlag, London, UK (1998), pp. 257-270
    Result-Indistinguishable Zero-Knowledge Proofs: Increased Power and Constant-Round Protocols
    Giovanni Di Crescenzo
    Kouichi Sakurai
    STACS '98: Proceedings of the 15th Annual Symposium on Theoretical Aspects of Computer Science, Springer-Verlag, London, UK (1998), pp. 511-521
    Image Density is Complete for Non-Interactive-SZK (Extended Abstract)
    Alfredo De Santis
    Giovanni Di Crescenzo
    Giuseppe Persiano
    ICALP '98: Proceedings of the 25th International Colloquium on Automata, Languages and Programming, Springer-Verlag, London, UK (1998), pp. 784-795
    Robust efficient distributed RSA-key generation
    Yair Frankel
    PODC '98: Proceedings of the seventeenth annual ACM symposium on Principles of distributed computing, ACM, New York, NY, USA (1998), pp. 320
    Checking Programs Discreetly: Demonstrating Result-Correctness Efficiently while Concealing it
    Giovanni Di Crescenzo
    Kouichi Sakurai
    ISAAC '98: Proceedings of the 9th International Symposium on Algorithms and Computation, Springer-Verlag, London, UK (1998), pp. 59-68
    On the Security of ElGamal Based Encryption
    Yiannis Tsiounis
    PKC '98: Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography, Springer-Verlag, London, UK (1998), pp. 117-134
    ``Dynamic-fault-prone BSP'': a paradigm for robust computations in changing environments
    Spyros C. Kontogiannis
    Grammati E. Pantziou
    Paul G. Spirakis
    SPAA '98: Proceedings of the tenth annual ACM symposium on Parallel algorithms and architectures, ACM, New York, NY, USA (1998), pp. 37-46
    Monkey: Black-Box Symmetric Ciphers Designed for MONopolizing KEYs
    Adam Young
    FSE '98: Proceedings of the 5th International Workshop on Fast Software Encryption, Springer-Verlag, London, UK (1998), pp. 122-133
    Distributed Public Key Cryptosystems
    Yair Frankel
    PKC '98: Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography, Springer-Verlag, London, UK (1998), pp. 1-13
    Beyond Identity: Warranty-Based Digital Signature Transactions
    Yair Frankel
    David W. Kravitz
    Charles T. Montgomery
    FC '98: Proceedings of the Second International Conference on Financial Cryptography, Springer-Verlag, London, UK (1998), pp. 241-253
    Combinatorial design of congestion-free networks
    Bülent Yener
    Yoram Ofek
    IEEE/ACM Trans. Netw., vol. 5 (1997), pp. 989-1000
    Keeping the SZK-Verifier Honest Unconditionally
    Giovanni Di Crescenzo
    Tatsuaki Okamoto
    CRYPTO '97: Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology, Springer-Verlag, London, UK (1997), pp. 31-45
    Applying Anti-Trust Policies to Increase Trust in a Versatile E-Money System
    Markus Jakobsson
    FC '97: Proceedings of the First International Conference on Financial Cryptography, Springer-Verlag, London, UK (1997), pp. 217-238
    Proactive RSA
    Yair Frankel
    Peter Gemmell
    CRYPTO '97: Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology, Springer-Verlag, London, UK (1997), pp. 440-454
    Anonymity Control in E-Cash Systems
    George I. Davida
    Yair Frankel
    Yiannis Tsiounis
    FC '97: Proceedings of the First International Conference on Financial Cryptography, Springer-Verlag, London, UK (1997), pp. 1-16
    Concurrent Asynchronous Broadcast on the MetaNet
    Yoram Ofek
    Bülent Yener
    IEEE Trans. Comput., vol. 46 (1997), pp. 737-748
    Efficient on-line call control algorithms
    Juan A. Garay
    Inder S. Gopal
    Shay Kutten
    Yishay Mansour
    J. Algorithms, vol. 23 (1997), pp. 180-194
    Proactive public key and signature systems
    Amir Herzberg
    Markus Jakobsson
    Stanisl\law Jarecki
    Hugo Krawczyk
    CCS '97: Proceedings of the 4th ACM conference on Computer and communications security, ACM, New York, NY, USA (1997), pp. 100-110
    Deniable password snatching: on the possibility of evasive electronic espionage
    A. Young
    SP '97: Proceedings of the 1997 IEEE Symposium on Security and Privacy, IEEE Computer Society, Washington, DC, USA, pp. 224
    Fault-tolerant convergence routing
    Bülent Yener
    Inderpal Bhandari
    Yoram Ofek
    J. Parallel Distrib. Comput., vol. 42 (1997), pp. 173-183
    The local detection paradigm and its applications to self-stabilization
    Yehuda Afek
    Shay Kutten
    Theor. Comput. Sci., vol. 186 (1997), pp. 199-229
    The Prevalence of Kleptographic Attacks on Discrete-Log Based Cryptosystems
    Adam Young
    CRYPTO '97: Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology, Springer-Verlag, London, UK (1997), pp. 264-276
    Optimal-resilience proactive public-key cryptosystems
    Y. Frankel
    P. Gemmell
    P. D. MacKenzie
    FOCS '97: Proceedings of the 38th Annual Symposium on Foundations of Computer Science, IEEE Computer Society, Washington, DC, USA (1997), pp. 384
    Zero-knowledge proofs of decision power: new protocols and optimal round-complexity
    Giovanni Di Crescenzo
    Kouichi Sakurai
    ICICS '97: Proceedings of the First International Conference on Information and Communication Security, Springer-Verlag, London, UK (1997), pp. 17-27
    Scheduling task-trees with additive scales on parallel/distributed machines
    Xiangdong Yu
    Theor. Comput. Sci., vol. 181 (1997), pp. 357-378
    On Characterization of Escrow Encryption Schemes
    Yair Frankel
    ICALP '97: Proceedings of the 24th International Colloquium on Automata, Languages and Programming, Springer-Verlag, London, UK (1997), pp. 705-715
    Sliding Encryption: A Cryptographic Tool for Mobile Agents
    Adam Young
    FSE '97: Proceedings of the 4th International Workshop on Fast Software Encryption, Springer-Verlag, London, UK (1997), pp. 230-241
    Distributed Computing in Asynchronous Networks with Byzantine Edges
    Vasant Shanbhogue
    COCOON '96: Proceedings of the Second Annual International Conference on Computing and Combinatorics, Springer-Verlag, London, UK (1996), pp. 352-360
    Cryptovirology: Extortion-Based Security Threats and Countermeasures
    Adam Young
    SP '96: Proceedings of the 1996 IEEE Symposium on Security and Privacy, IEEE Computer Society, Washington, DC, USA, pp. 129
    Agent Rendezvous: A Dynamic Symmetry-Breaking Problem
    Xiangdong Yu
    ICALP '96: Proceedings of the 23rd International Colloquium on Automata, Languages and Programming, Springer-Verlag, London, UK (1996), pp. 610-621
    Witness-based cryptographic program checking and applications (an announcement)
    Yair Frankel
    Peter Gemmell
    PODC '96: Proceedings of the fifteenth annual ACM symposium on Principles of distributed computing, ACM, New York, NY, USA (1996), pp. 211
    Revokable and versatile electronic money (extended abstract)
    Markus Jakobsson
    CCS '96: Proceedings of the 3rd ACM conference on Computer and communications security, ACM, New York, NY, USA (1996), pp. 76-87
    Self-stabilizing algorithms for synchronous unidirectional rings
    Alain Mayer
    Rafail Ostrovsky
    SODA '96: Proceedings of the seventh annual ACM-SIAM symposium on Discrete algorithms, Society for Industrial and Applied Mathematics, Philadelphia, PA, USA (1996), pp. 564-573
    "Indirect Discourse Proof": Achieving Efficient Fair Off-Line E-cash
    Yair Frankel
    Yiannis Tsiounis
    ASIACRYPT '96: Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security, Springer-Verlag, London, UK (1996), pp. 286-300
    The Dark Side of "Black-Box" Cryptography, or: Should We Trust Capstone?
    Adam Young
    CRYPTO '96: Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, Springer-Verlag, London, UK (1996), pp. 89-103
    Proving Without Knowing: On Oblivious, Agnostic and Blindolded Provers
    Markus Jakobsson
    CRYPTO '96: Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, Springer-Verlag, London, UK (1996), pp. 186-200
    Witness-based cryptographic program checking and robust function sharing
    Yair Frankel
    Peter Gemmell
    STOC '96: Proceedings of the twenty-eighth annual ACM symposium on Theory of computing, ACM, New York, NY, USA (1996), pp. 499-508
    A Progress Report on Subliminal-Free Channels
    Mike Burmester
    Yvo Desmedt
    Toshiya Itoh
    Kouichi Sakurai
    Hiroki Shizuya
    Proceedings of the First International Workshop on Information Hiding, Springer-Verlag, London, UK (1996), pp. 157-168
    Local fairness in general-topology networks with convergence routing
    A. Mayer
    Y. Ofek
    INFOCOM '95: Proceedings of the Fourteenth Annual Joint Conference of the IEEE Computer and Communication Societies (Vol. 2)-Volume, IEEE Computer Society, Washington, DC, USA (1995), pp. 891
    Cryptoanalysis of the Immunized LL Public Key Systems
    Yair Frankel
    CRYPTO '95: Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology, Springer-Verlag, London, UK (1995), pp. 287-296
    Scheduling Task-Tree with Additive Scales on Parallel / Distributed Machines
    Xiangdong Yu
    COCOON '95: Proceedings of the First Annual International Conference on Computing and Combinatorics, Springer-Verlag, London, UK (1995), pp. 607-616
    The KryptoKnight family of light-weight protocols for authentication and key distribution
    Ray Bird
    Inder Gopal
    Amir Herzberg
    Phil Janson
    Shay Kutten
    Refik Molva
    IEEE/ACM Trans. Netw., vol. 3 (1995), pp. 31-41
    Escrow Encryption Systems Visited: Attacks, Analysis and Designs
    Yair Frankel
    CRYPTO '95: Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology, Springer-Verlag, London, UK (1995), pp. 222-235
    Efficient Dynamic-Resharing "Verifiable Secret Sharing" Against Mobile Adversary
    Noga Alon
    Zvi Galil
    ESA '95: Proceedings of the Third Annual European Symposium on Algorithms, Springer-Verlag, London, UK (1995), pp. 523-537
    Multi-authority secret-ballot elections with linear work
    Ronald J.F. Cramer
    Matthew Franklin
    L. A.M. Schoenmakers
    CWI (Centre for Mathematics and Computer Science), Amsterdam, The Netherlands, The Netherlands (1995)
    Resolving message complexity of Byzantine Agreement and beyond
    Z. Galil
    A. Mayer
    FOCS '95: Proceedings of the 36th Annual Symposium on Foundations of Computer Science, IEEE Computer Society, Washington, DC, USA (1995), pp. 724
    Secure hypergraphs: privacy from partial broadcast
    Matthew Franklin
    STOC '95: Proceedings of the twenty-seventh annual ACM symposium on Theory of computing, ACM, New York, NY, USA (1995), pp. 36-44
    Stocastic Graphs Have Short Memory: Fully Dynamic Connectivity in Poly-Log Expected Time
    Sotiris E. Nikoletseas
    John H. Reif
    Paul G. Spirakis
    ICALP '95: Proceedings of the 22nd International Colloquium on Automata, Languages and Programming, Springer-Verlag, London, UK (1995), pp. 159-170
    Proactive Secret Sharing Or: How to Cope With Perpetual Leakage
    Amir Herzberg
    Stanislaw Jarecki
    Hugo Krawczyk
    CRYPTO '95: Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology, Springer-Verlag, London, UK (1995), pp. 339-352
    Topological design of loss-free switch-based LANs
    B. Yener
    Y. Ofek
    INFOCOM '95: Proceedings of the Fourteenth Annual Joint Conference of the IEEE Computer and Communication Societies (Vol. 1)-Volume, IEEE Computer Society, Washington, DC, USA (1995), pp. 88
    METANET: principles of an arbitrary topology LAN
    Yoram Ofek
    IEEE/ACM Trans. Netw., vol. 3 (1995), pp. 169-180
    Non-Exploratory Self-Stabilization for Constant-Space Symmetry-Breaking
    Giuseppe Parlati
    ESA '94: Proceedings of the Second Annual European Symposium on Algorithms, Springer-Verlag, London, UK (1994), pp. 183-201
    Time-optimal message-efficient work performance in the presence of faults
    Roberto De Prisco
    Alain Mayer
    PODC '94: Proceedings of the thirteenth annual ACM symposium on Principles of distributed computing, ACM, New York, NY, USA (1994), pp. 161-172
    Interactive hashing simplifies zero-knowledge protocol design
    Rafail Ostrovsky
    Ramarathnam Venkatesan
    EUROCRYPT '93: Workshop on the theory and application of cryptographic techniques on Advances in cryptology, Springer-Verlag New York, Inc., Secaucus, NJ, USA (1994), pp. 267-273
    How to share a function securely
    Alfredo De Santis
    Yvo Desmedt
    Yair Frankel
    STOC '94: Proceedings of the twenty-sixth annual ACM symposium on Theory of computing, ACM, New York, NY, USA (1994), pp. 522-533
    Privacy from partial broadcast
    Matthew Franklin
    CWI (Centre for Mathematics and Computer Science), Amsterdam, The Netherlands, The Netherlands (1994)
    Routing and flow control on the MetaNet: an overview
    Yoram Ofek
    Comput. Netw. ISDN Syst., vol. 26 (1994), pp. 859-872
    Coins, weights and contention in balancing networks
    William Aiello
    Ramarathnam Venkatesan
    PODC '94: Proceedings of the thirteenth annual ACM symposium on Principles of distributed computing, ACM, New York, NY, USA (1994), pp. 193-205
    Short Vertex Disjoint Paths and Multiconnectivity in Random Graphs: Reliable Network Computing
    Sotiris E. Nikoletseas
    Krishna V. Palem
    Paul G. Spirakis
    ICALP '94: Proceedings of the 21st International Colloquium on Automata, Languages and Programming, Springer-Verlag, London, UK (1994), pp. 508-519
    Perfectly secure message transmission
    Danny Dolev
    Cynthia Dwork
    Orli Waarts
    J. ACM, vol. 40 (1993), pp. 17-47
    Certifying Cryptographic Tools: The Case of Trapdoor Permutations
    Mihir Bellare
    CRYPTO '92: Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology, Springer-Verlag, London, UK (1993), pp. 442-460
    Perfectly-Secure Key Distribution for Dynamic Conferences
    Carlo Blundo
    Alfredo De Santis
    Amir Herzberg
    Shay Kutten
    Ugo Vaccaro
    CRYPTO '92: Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology, Springer-Verlag, London, UK (1993), pp. 471-486
    Perfect Zero-Knowledge Arguments for NP Can Be Based on General Complexity Assumptions (Extended Abstract)
    Moni Naor
    Rafail Ostrovsky
    Ramarathnam Venkatesan
    CRYPTO '92: Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology, Springer-Verlag, London, UK (1993), pp. 196-214
    Secure and Efficient Off-Line Digital Money (Extended Abstract)
    Matthew K. Franklin
    ICALP '93: Proceedings of the 20th International Colloquium on Automata, Languages and Programming, Springer-Verlag, London, UK (1993), pp. 265-276
    Systematic Design of Two-Party Authentication Protocols
    Ray Bird
    Inder S. Gopal
    Amir Herzberg
    Philippe A. Janson
    Shay Kutten
    Refik Molva
    CRYPTO '91: Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology, Springer-Verlag, London, UK (1992), pp. 44-61
    Multi-receiver/multi-sender network security: efficient authenticated multicast/feedback
    Yvo Desmedt
    Yair Frankel
    IEEE INFOCOM '92: Proceedings of the eleventh annual joint conference of the IEEE computer and communications societies on One world through communications (Vol. 3), IEEE Computer Society Press, Los Alamitos, CA, USA (1992), pp. 2045-2054
    Self-stabilizing symmetry breaking in constant-space (extended abstract)
    Alain Mayer
    Yoram Ofek
    Rafail Ostrovsky
    STOC '92: Proceedings of the twenty-fourth annual ACM symposium on Theory of computing, ACM, New York, NY, USA (1992), pp. 667-678
    Communication complexity of secure computation (extended abstract)
    Matthew Franklin
    STOC '92: Proceedings of the twenty-fourth annual ACM symposium on Theory of computing, ACM, New York, NY, USA (1992), pp. 699-710
    Criticizing solutions to relaxed models yields powerful admissible heuristics
    Othar Hansson
    Andrew Mayer
    Inf. Sci., vol. 63 (1992), pp. 207-227
    One-Message Statistical Zero-Knowledge Proofs and Space-Bounded Verifier
    Alfredo De Santis
    Giuseppe Persiano
    ICALP '92: Proceedings of the 19th International Colloquium on Automata, Languages and Programming, Springer-Verlag, London, UK (1992), pp. 28-40
    Secure Commitment Against A Powerful Adversary
    Rafail Ostrovsky
    Ramarathnam Venkatesan
    STACS '92: Proceedings of the 9th Annual Symposium on Theoretical Aspects of Computer Science, Springer-Verlag, London, UK (1992), pp. 439-448
    Memory-Efficient Self Stabilizing Protocols for General Networks
    Yehuda Afek
    Shay Kutten
    WDAG '90: Proceedings of the 4th International Workshop on Distributed Algorithms, Springer-Verlag, London, UK (1991), pp. 15-28
    Abritrated Unconditionally Secure Authentication Can Be Unconditionally Protected Against Arbiter's Attacks (Extended Abstract)
    Yvo Desmedt
    CRYPTO '90: Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology, Springer-Verlag, London, UK (1991), pp. 177-188
    Memory-efficient self stabilizing protocols for general networks
    Yehuda Afek
    Shay Kutten
    Proceedings of the 4th international workshop on Distributed algorithms, Springer-Verlag New York, Inc., New York, NY, USA (1991), pp. 15-28
    Efficient mechanism for fairness and deadlock-avoidance in high-speed networks
    Yoram Ofek
    Proceedings of the 4th international workshop on Distributed algorithms, Springer-Verlag New York, Inc., New York, NY, USA (1991), pp. 192-212
    Efficient sequential and parallel algorithms for computing recovery points in trees and paths
    Marek Chrobak
    David Eppstein
    Giuseppe F. Italiano
    SODA '91: Proceedings of the second annual ACM-SIAM symposium on Discrete algorithms, Society for Industrial and Applied Mathematics, Philadelphia, PA, USA (1991), pp. 158-167
    One-Way Group Actions
    Gilles Brassard
    CRYPTO '90: Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology, Springer-Verlag, London, UK (1991), pp. 94-107
    Crptograpic Applications of the Non-Interactive Metaproof and Many-Prover Systems
    Alfredo De Santis
    CRYPTO '90: Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology, Springer-Verlag, London, UK (1991), pp. 366-377
    Constant-round perfect zero-knowledge computationally convincing protocols
    Gilles Brassard
    Claude Cr\'{e}peau
    Theor. Comput. Sci., vol. 84 (1991), pp. 23-52
    Efficient Mechanism for Fairness and Deadlock-Avoidance in High-Speed Networks
    Yoram Ofek
    WDAG '90: Proceedings of the 4th International Workshop on Distributed Algorithms, Springer-Verlag, London, UK (1991), pp. 192-212
    How to withstand mobile virus attacks (extended abstract)
    Rafail Ostrovsky
    PODC '91: Proceedings of the tenth annual ACM symposium on Principles of distributed computing, ACM, New York, NY, USA (1991), pp. 51-59
    On the design of provably-secure cryptographic hash functions
    Alfredo De Santis
    EUROCRYPT '90: Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology, Springer-Verlag New York, Inc., New York, NY, USA (1991), pp. 412-431
    The power of multimedia: combining point-to-point and multiaccess networks
    Y. Afek
    M. Landau
    B. Schieber
    Inf. Comput., vol. 84 (1990), pp. 97-118
    Principle for high speed network control: congestion-and deadlock-freeness, self-routing, and a single buffer per link
    Yoram Ofek
    PODC '90: Proceedings of the ninth annual ACM symposium on Principles of distributed computing, ACM, New York, NY, USA (1990), pp. 161-175
    Zero-knowledge proofs of computational power (extended summary)
    EUROCRYPT '89: Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology, Springer-Verlag New York, Inc., New York, NY, USA (1990), pp. 196-207
    Public-key cryptosystems provably secure against chosen ciphertext attacks
    M. Naor
    STOC '90: Proceedings of the twenty-second annual ACM symposium on Theory of computing, ACM, New York, NY, USA (1990), pp. 427-437
    Everything in NP can be argued in perfect zero-knowledge in a bounded number of rounds (extended abstract)
    Gilles Brassard
    Claude Cr\'{e}peau
    EUROCRYPT '89: Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology, Springer-Verlag New York, Inc., New York, NY, USA (1990), pp. 192-195
    Minimum-knowledge interactive proofs for decision problems
    Zvi Galil
    Stuart Haber
    SIAM J. Comput., vol. 18 (1989), pp. 711-739
    Universal one-way hash functions and their cryptographic applications
    M. Naor
    STOC '89: Proceedings of the twenty-first annual ACM symposium on Theory of computing, ACM, New York, NY, USA (1989), pp. 33-43
    Divide and conquer under global constraints: a solution to the /N/-queens problem
    Bruce Abramson
    J. Parallel Distrib. Comput., vol. 6 (1989), pp. 649-662
    Fast algorithms for edge-coloring planar graphs
    Marek Chrobak
    J. Algorithms, vol. 10 (1989), pp. 35-51
    Direct Minimum-Knowledge Computations
    Russell Impagliazzo
    CRYPTO '87: A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology, Springer-Verlag, London, UK (1988), pp. 40-51
    Fast Parallel and Sequential Algorithms for Edge-Coloring Planar Graphs
    Marek Chrobak
    AWOC '88: Proceedings of the 3rd Aegean Workshop on Computing, Springer-Verlag, London, UK (1988), pp. 11-23
    The power of multimedia: combining point-to point and multi-access networks
    Yehuda Afek
    Gad M. Landau
    Baruch Schieber
    PODC '88: Proceedings of the seventh annual ACM Symposium on Principles of distributed computing, ACM, New York, NY, USA (1988), pp. 90-104
    Fast parallel and sequential algorithms for edge-coloring planar graphs (extended abstract)
    M. Chrobak
    VLSI Algorithms and Architectures, Springer-Verlag, London, UK (1988), pp. 11-23
    Cryptographic Computation: Secure Faut-Tolerant Protocols and the Public-Key Model
    Zvi Galil
    Stuart Haber
    CRYPTO '87: A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology, Springer-Verlag, London, UK (1988), pp. 135-155
    Partitioned encryption and achieving simultaneity by partitioning
    Zvi Galil
    Inf. Process. Lett., vol. 26 (1987), pp. 81-88
    Distributed algorithms in synchronous broadcasting networks
    Z. Galil
    G. M. Landau
    Theor. Comput. Sci., vol. 49 (1987), pp. 178-184
    Symmetric Public-Key Encryption
    Zvi Galil
    Stuart Haber
    CRYPTO '85: Advances in Cryptology, Springer-Verlag, London, UK (1986), pp. 128-137
    Symmetric public-key encryption
    Zvi Galil
    Stuart Haber
    Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85, Springer-Verlag New York, Inc., New York, NY, USA (1986), pp. 128-137
    Distributing the power of a government to enhance the privacy of voters
    Josh C Benaloh
    PODC '86: Proceedings of the fifth annual ACM symposium on Principles of distributed computing, ACM, New York, NY, USA (1986), pp. 52-62