In theoretical cryptography, one formalizes the notion of an adversary's success probability being "too small to matter" by asking that it be a negligible function ...
We put forward a new method of constructing Fiat-Shamir-like signature schemes that yields better "exact security" than the original Fiat-Shamir method. (We also point o...
We present a polynomial-time algorithm that provably recovers the signer's secret DSA key when a few bits of the random nonces k (used at each signature generation) are known ...
We initiate a study of Maurer’s bounded storage model (JoC, 1992) in presence of transmission errors and perhaps other types of errors that cause different parties to have incon...