TY - GEN
T1 - Handling expected polynomial-time strategies in simulation-based security proofs
AU - Katz, Jonathan
AU - Lindell, Yehuda
PY - 2005
Y1 - 2005
N2 - The standard class of adversaries considered in cryptography is that of strict polynomial-time probabilistic machines (or circuits). However, expected polynomial-time machines are often also considered. For example, there are many zero-knowledge protocols for which the only simulation techniques known run in expected (and not strict) polynomial-time. In addition, it has been shown that expected polynomial-time simulation is essential for achieving constant-round black-box zero-knowledge protocols. This reliance on expected polynomial-time simulation introduces a number of conceptual and technical difficulties. In this paper, we develop techniques for dealing with expected polynomial-time adversaries in the context of simulation-based security proofs.
AB - The standard class of adversaries considered in cryptography is that of strict polynomial-time probabilistic machines (or circuits). However, expected polynomial-time machines are often also considered. For example, there are many zero-knowledge protocols for which the only simulation techniques known run in expected (and not strict) polynomial-time. In addition, it has been shown that expected polynomial-time simulation is essential for achieving constant-round black-box zero-knowledge protocols. This reliance on expected polynomial-time simulation introduces a number of conceptual and technical difficulties. In this paper, we develop techniques for dealing with expected polynomial-time adversaries in the context of simulation-based security proofs.
UR - https://www.scopus.com/pages/publications/24144458878
U2 - 10.1007/978-3-540-30576-7_8
DO - 10.1007/978-3-540-30576-7_8
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:24144458878
T3 - Lecture Notes in Computer Science
SP - 128
EP - 149
BT - Theory of Cryptography - Second Theory of Cryptography Conference, TCC 2005
PB - Springer Verlag
T2 - 2nd Theory of Cryptography Conference, TCC 2005
Y2 - 10 February 2005 through 12 February 2005
ER -