@inbook{22057,
abstract = {We construct more efficient cryptosystems with provable
security against adaptive attacks, based on simple and natural hardness
assumptions in the standard model. Concretely, we describe:
– An adaptively-secure variant of the efficient, selectively-secure LWE-
based identity-based encryption (IBE) scheme of Agrawal, Boneh,
and Boyen (EUROCRYPT 2010). In comparison to the previously
most efficient such scheme by Yamada (CRYPTO 2017) we achieve
smaller lattice parameters and shorter public keys of size O(log λ),
where λ is the security parameter.
– Adaptively-secure variants of two efficient selectively-secure pairing-
based IBEs of Boneh and Boyen (EUROCRYPT 2004). One is based
on the DBDH assumption, has the same ciphertext size as the cor-
responding BB04 scheme, and achieves full adaptive security with
public parameters of size only O(log λ). The other is based on a q-
type assumption and has public key size O(λ), but a ciphertext is
only a single group element and the security reduction is quadrat-
ically tighter than the corresponding scheme by Jager and Kurek
(ASIACRYPT 2018).
– A very efficient adaptively-secure verifiable random function where
proofs, public keys, and secret keys have size O(log λ).
As a technical contribution we introduce blockwise partitioning, which
leverages the assumption that a cryptographic hash function is weak
near-collision resistant to prove full adaptive security of cryptosystems.},
author = {Jager, Tibor and Kurek, Rafael and Niehues, David},
booktitle = {Public-Key Cryptography – PKC 2021},
isbn = {9783030752446},
issn = {0302-9743},
title = {{Efficient Adaptively-Secure IB-KEMs and VRFs via Near-Collision Resistance}},
doi = {10.1007/978-3-030-75245-3_22},
year = {2021},
}
@inbook{22059,
abstract = {Verifiable random functions (VRFs), introduced by Micali,
Rabin and Vadhan (FOCS’99), are the public-key equivalent of pseudo-
random functions. A public verification key and proofs accompanying the
output enable all parties to verify the correctness of the output. How-
ever, all known standard model VRFs have a reduction loss that is much
worse than what one would expect from known optimal constructions of
closely related primitives like unique signatures. We show that:
1. Every security proof for a VRF that relies on a non-interactive
assumption has to lose a factor of Q, where Q is the number of adver-
sarial queries. To that end, we extend the meta-reduction technique
of Bader et al. (EUROCRYPT’16) to also cover VRFs.
2. This raises the question: Is this bound optimal? We answer this ques-
tion in the affirmative by presenting the first VRF with a reduction
from the non-interactive qDBDHI assumption to the security of VRF
that achieves this optimal loss.
We thus paint a complete picture of the achievability of tight verifiable
random functions: We show that a security loss of Q is unavoidable and
present the first construction that achieves this bound.},
author = {Niehues, David},
booktitle = {Public-Key Cryptography – PKC 2021},
isbn = {9783030752477},
issn = {0302-9743},
title = {{Verifiable Random Functions with Optimal Tightness}},
doi = {10.1007/978-3-030-75248-4_3},
year = {2021},
}
@inbook{21396,
abstract = {Verifiable random functions (VRFs) are essentially digital signatures with additional properties, namely verifiable uniqueness and pseudorandomness, which make VRFs a useful tool, e.g., to prevent enumeration in DNSSEC Authenticated Denial of Existence and the CONIKS key management system, or in the random committee selection of the Algorand blockchain.
Most standard-model VRFs rely on admissible hash functions (AHFs) to achieve security against adaptive attacks in the standard model. Known AHF constructions are based on error-correcting codes, which yield asymptotically efficient constructions. However, previous works do not clarify how the code should be instantiated concretely in the real world. The rate and the minimal distance of the selected code have significant impact on the efficiency of the resulting cryptosystem, therefore it is unclear if and how the aforementioned constructions can be used in practice.
First, we explain inherent limitations of code-based AHFs. Concretely, we assume that even if we were given codes that achieve the well-known Gilbert-Varshamov or McEliece-Rodemich-Rumsey-Welch bounds, existing AHF-based constructions of verifiable random functions (VRFs) can only be instantiated quite inefficiently. Then we introduce and construct computational AHFs (cAHFs). While classical AHFs are information-theoretic, and therefore work even in presence of computationally unbounded adversaries, cAHFs provide only security against computationally bounded adversaries. However, we show that cAHFs can be instantiated significantly more efficiently. Finally, we use our cAHF to construct the currently most efficient verifiable random function with full adaptive security in the standard model.},
author = {Jager, Tibor and Niehues, David},
booktitle = {Lecture Notes in Computer Science},
isbn = {9783030384708},
issn = {0302-9743},
keyword = {Admissible hash functions, Verifiable random functions, Error-correcting codes, Provable security},
location = {Waterloo, Canada},
title = {{On the Real-World Instantiability of Admissible Hash Functions and Efficient Verifiable Random Functions}},
doi = {10.1007/978-3-030-38471-5_13},
year = {2020},
}
@inproceedings{3105,
author = {Derler, David and Jager, Tibor and Slamanig, Daniel and Striecks, Christoph},
booktitle = {Advances in Cryptology - EUROCRYPT 2018 - 37th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tel Aviv, Israel, April 29 - May 3, 2018 Proceedings, Part III},
pages = {425----455},
title = {{Bloom Filter Encryption and Applications to Efficient Forward-Secret 0-RTT Key Exchange}},
doi = {10.1007/978-3-319-78372-7_14},
year = {2018},
}
@inproceedings{5442,
author = {Jager, Tibor and Kakvi, Saqib and May, Alexander},
booktitle = {Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security - CCS '18},
isbn = {9781450356930},
publisher = {ACM Press},
title = {{On the Security of the PKCS#1 v1.5 Signature Scheme}},
doi = {10.1145/3243734.3243798},
year = {2018},
}
@inproceedings{5861,
author = {Jager, Tibor and Kurek, Rafael},
booktitle = {Advances in Cryptology - ASIACRYPT 2018 - 24th International Conference on the Theory and Application of Cryptology and Information Security, Brisbane, QLD, Australia, December 2-6, 2018, Proceedings, Part II},
pages = {221--250},
title = {{Short Digital Signatures and ID-KEMs via Truncation Collision Resistance}},
doi = {10.1007/978-3-030-03329-3_8},
year = {2018},
}
@inproceedings{5862,
author = {Jager, Tibor and Kurek, Rafael and Pan, Jiaxin},
booktitle = {Advances in Cryptology - ASIACRYPT 2018 - 24th International Conference on the Theory and Application of Cryptology and Information Security, Brisbane, QLD, Australia, December 2-6, 2018, Proceedings, Part III},
pages = {490--518},
title = {{Simple and More Efficient PRFs with Tight Security from LWE and Matrix-DDH}},
doi = {10.1007/978-3-030-03332-3_18},
year = {2018},
}
@inproceedings{5438,
author = {Gjøsteen, Kristian and Jager, Tibor},
booktitle = {Advances in Cryptology - CRYPTO 2018 - 38th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2018, Proceedings, Part II},
title = {{Practical and Tightly-Secure Digital Signatures and Authenticated Key Exchange}},
doi = {10.1007/978-3-319-96881-0_4},
year = {2018},
}
@article{9606,
author = {Liu, Jia and Jager, Tibor and Kakvi, Saqib and Warinschi, Bogdan},
issn = {0925-1022},
journal = {Designs, Codes and Cryptography},
pages = {2549--2586},
title = {{How to build time-lock encryption}},
doi = {10.1007/s10623-018-0461-x},
year = {2018},
}
@article{3108,
author = {Jager, Tibor and Kohlar, Florian and Schäge, Sven and Schwenk, Jörg},
journal = {J. Cryptology},
number = {4},
pages = {1276----1324},
title = {{Authenticated Confidential Channel Establishment and the Security of TLS-DHE}},
doi = {10.1007/s00145-016-9248-2},
year = {2017},
}
@inproceedings{3110,
author = {Günther, Felix and Hale, Britta and Jager, Tibor and Lauer, Sebastian},
booktitle = {Advances in Cryptology - EUROCRYPT 2017 - 36th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Paris, France, April 30 - May 4, 2017, Proceedings, Part III},
pages = {519----548},
title = {{0-RTT Key Exchange with Full Forward Secrecy}},
doi = {10.1007/978-3-319-56617-7_18},
year = {2017},
}
@inproceedings{3109,
author = {Hale, Britta and Jager, Tibor and Lauer, Sebastian and Schwenk, Jörg},
booktitle = {Applied Cryptography and Network Security - 15th International Conference, ACNS 2017, Kanazawa, Japan, July 10-12, 2017, Proceedings},
pages = {20----38},
title = {{Simple Security Definitions for and Constructions of 0-RTT Key Exchange}},
doi = {10.1007/978-3-319-61204-1_2},
year = {2017},
}
@inproceedings{3111,
author = {Jager, Tibor and Stam, Martijn and Stanley-Oakes, Ryan and Warinschi, Bogdan},
booktitle = {Theory of Cryptography - 15th International Conference, TCC 2017, Baltimore, MD, USA, November 12-15, 2017, Proceedings, Part I},
pages = {409----441},
title = {{Multi-key Authenticated Encryption with Corruptions: Reductions Are Lossy}},
doi = {10.1007/978-3-319-70500-2_14},
year = {2017},
}
@article{9607,
author = {Kakvi, Saqib and Kiltz, Eike},
issn = {0933-2790},
journal = {Journal of Cryptology},
pages = {276--306},
title = {{Optimal Security Proofs for Full Domain Hash, Revisited}},
doi = {10.1007/s00145-017-9257-9},
year = {2017},
}
@article{3112,
author = {Hofheinz, Dennis and Jager, Tibor},
journal = {Des. Codes Cryptography},
number = {1},
pages = {29----61},
title = {{Tightly secure signatures and public-key encryption}},
doi = {10.1007/s10623-015-0062-x},
year = {2016},
}
@inproceedings{3117,
author = {Bader, Christoph and Jager, Tibor and Li, Yong and Schäge, Sven},
booktitle = {Advances in Cryptology - EUROCRYPT 2016 - 35th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Vienna, Austria, May 8-12, 2016, Proceedings, Part II},
pages = {273----304},
title = {{On the Impossibility of Tight Cryptographic Reductions}},
doi = {10.1007/978-3-662-49896-5_10},
year = {2016},
}
@article{3113,
author = {Heuer, Felix and Jager, Tibor and Schäge, Sven and Kiltz, Eike},
journal = {IET Information Security},
number = {6},
pages = {304----318},
title = {{Selective opening security of practical public-key encryption schemes}},
doi = {10.1049/iet-ifs.2015.0507},
year = {2016},
}
@inproceedings{3118,
author = {Hofheinz, Dennis and Jager, Tibor and Rupp, Andy},
booktitle = {Theory of Cryptography - 14th International Conference, TCC 2016-B, Beijing, China, October 31 - November 3, 2016, Proceedings, Part II},
pages = {146----168},
title = {{Public-Key Encryption with Simulation-Based Selective-Opening Security and Compact Ciphertexts}},
doi = {10.1007/978-3-662-53644-5_6},
year = {2016},
}
@article{3114,
author = {Jager, Tibor and Rupp, Andy},
journal = {PoPETs},
number = {3},
pages = {62----82},
title = {{Black-Box Accumulation: Collecting Incentives in a Privacy-Preserving Way}},
year = {2016},
}
@inproceedings{3119,
author = {Hofheinz, Dennis and Jager, Tibor},
booktitle = {Theory of Cryptography - 13th International Conference, TCC 2016-A, Tel Aviv, Israel, January 10-13, 2016, Proceedings, Part I},
pages = {336----362},
title = {{Verifiable Random Functions from Standard Assumptions}},
doi = {10.1007/978-3-662-49096-9_14},
year = {2016},
}