STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
Gradual and Verifiable Release of a Secret
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Multiparty Computation with Faulty Majority
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Probabilistic encryption & how to play mental poker keeping secret all partial information
STOC '82 Proceedings of the fourteenth annual ACM symposium on Theory of computing
A logic to reason about likelihood
STOC '83 Proceedings of the fifteenth annual ACM symposium on Theory of computing
STOC '83 Proceedings of the fifteenth annual ACM symposium on Theory of computing
How to generate cryptographically strong sequences of pseudo random bits
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
Protocols for secure computations
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
Theory and application of trapdoor functions
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
How to simultaneously exchange a secret bit by flipping a symmetrically-biased coin
SFCS '83 Proceedings of the 24th Annual Symposium on Foundations of Computer Science
Trapdoor pseudo-random number generators, with applications to protocol design
SFCS '83 Proceedings of the 24th Annual Symposium on Foundations of Computer Science
How to generate and exchange secrets
SFCS '86 Proceedings of the 27th Annual Symposium on Foundations of Computer Science
Information theoretic reductions among disclosure problems
SFCS '86 Proceedings of the 27th Annual Symposium on Foundations of Computer Science
Proofs that yield nothing but their validity and a methodology of cryptographic protocol design
SFCS '86 Proceedings of the 27th Annual Symposium on Foundations of Computer Science
How to simultaneously exchange secrets by general assumptions
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
Comparing information without leaking it
Communications of the ACM
Fair exchange with a semi-trusted third party (extended abstract)
Proceedings of the 4th ACM conference on Computer and communications security
Escrow services and incentives in peer-to-peer networks
Proceedings of the 3rd ACM conference on Electronic Commerce
Evolution of Fair Non-repudiation with TTP
ACISP '99 Proceedings of the 4th Australasian Conference on Information Security and Privacy
Rational secret sharing and multiparty computation: extended abstract
STOC '04 Proceedings of the thirty-sixth annual ACM symposium on Theory of computing
Hi-index | 0.02 |
We construct a protocol that enables a secret bit to be revealed gradually in a very controlled manner. In particular, if Alice possesses a bit S that was generated randomly according to the uniform distribution and 1/2 p1 pm = 1 then, using our protocol with Bob, Alice can achieve the following. The protocol consists of m stages and, after the i-th stage, Bob's best prediction of S, based on all his interactions with Alice, is correct with probability exactly pi (and a reasonable condition is satisfied in the case where S is not initially uniform). Furthermore, under an intractability assumption, our protocol can be made "oblivious" to Alice and "secure" against an Alice or Bob that might try to cheat in various ways. Previously proposed gradual disclosure schemes for single bits release information in a less controlled manner: the probabilities that represent Bob's confidence of his knowledge of S follow a random walk that eventually drifts towards 1, rather than a predetermined sequence of values.Using controlled gradual disclosure schemes, we show how to construct an improved version of the protocol proposed by Luby, Micali and Hackoff for two-party secret bit exchanging ("How to Simultaneously Exchange a Secret Bit by Flipping a Symmetrically-Biased Coin", Proc. 22nd Ann. IEEE Symp. on Foundations of Computer Science, 1983, pp. 11-21) that is secure against additional kinds of attacks that the previous protocol is not secure against. Also, our protocol is more efficient in the number of rounds that it requires to attain a given level of security, and is proven to be asymptotically optimal in this respect.We also show how to use controlled gradual disclosure schemes to improve existing protocols for other cryptographic problems, such as multi-party function evaluation.